hyperledger-identus · patextreme · Jan 8, 2026 · Nov 2, 2025 · Nov 2, 2025 · Nov 2, 2025
@@ -1,4 +1,4 @@
-version = 3.9.6
+version = 3.9.10
 runner.dialect = scala3
 
 maxColumn = 120

@@ -40,7 +40,7 @@ inThisBuild(
 )
 
 lazy val V = new {
-  val munit = "1.2.0" // "0.7.29"
+  val munit = "1.2.1" // "0.7.29"
   val munitZio = "0.4.0"
 
   // https://mvnrepository.com/artifact/dev.zio/zio

@@ -313,7 +313,7 @@ private[castor] trait ProtoModelHelper {
   extension (publicKeyData: node_models.PublicKey.KeyData) {
     def toDomain: Either[String, PublicKeyData] = {
       publicKeyData match {
-        case KeyData.Empty => Left(s"unable to convert KeyData.Emtpy to PublicKeyData")
+        case KeyData.Empty                => Left(s"unable to convert KeyData.Emtpy to PublicKeyData")
         case KeyData.EcKeyData(ecKeyData) =>
           for {
             curve <- EllipticCurve

@@ -50,7 +50,7 @@ object PrismDID extends ProtoModelHelper {
   def buildLongFormFromAtalaOperation(atalaOperation: node_models.AtalaOperation): Either[String, LongFormPrismDID] =
     atalaOperation.operation match {
       case _: Operation.CreateDid => Right(LongFormPrismDID(atalaOperation))
-      case operation =>
+      case operation              =>
         Left(s"Provided initial state of long form Prism DID is ${operation.value}, CreateDid Atala operation expected")
     }
 
@@ -121,7 +121,7 @@ final case class LongFormPrismDID private[did] (atalaOperation: node_models.Atal
     import ProtoModelHelper.*
     atalaOperation.operation match {
       case Operation.CreateDid(op) => op.toDomain
-      case operation =>
+      case operation               =>
         Left(s"Provided initial state of long form Prism DID is ${operation.value}, CreateDid Atala operation expected")
     }
   }

@@ -148,7 +148,7 @@ private[castor] trait W3CModelHelper {
 
     private def secp256k1Repr(pk: PublicKeyData): PublicKeyJwk = {
       val (x, y) = pk match {
-        case PublicKeyData.ECKeyData(_, x, y) => (x, y)
+        case PublicKeyData.ECKeyData(_, x, y)           => (x, y)
         case PublicKeyData.ECCompressedKeyData(_, data) =>
           val point = Apollo.default.secp256k1.publicKeyFromEncoded(data.toByteArray).get.getECPoint
           val x = Base64UrlString.fromByteArray(point.x)

@@ -57,7 +57,7 @@ private class NeoPrismClientImpl(client: Client, config: NeoPrismConfig) extends
         .get(s"api/dids/$did")
       metadataOpt <- resp.status match
         case Status.NotFound => ZIO.none
-        case _ =>
+        case _               =>
           resp.body.asString
             .flatMap { body =>
               ZIO
@@ -126,8 +126,8 @@ private class NeoPrismClientImpl(client: Client, config: NeoPrismConfig) extends
     for
       resp <- baseClient.batched.get(s"api/operations/$operationId")
       found <- resp.status match
-        case Status.Ok       => ZIO.succeed(true)
-        case Status.NotFound => ZIO.succeed(false)
+        case Status.Ok         => ZIO.succeed(true)
+        case Status.NotFound   => ZIO.succeed(false)
         case Status.BadRequest =>
           resp.body.asString.flatMap { body =>
             ZIO.fail(new RuntimeException(s"Invalid operation ID: $body"))

@@ -52,7 +52,7 @@ private class PrismNodeDIDService(didOpValidator: DIDOperationValidator, nodeCli
       operationId <- ZIO.fromEither {
         operationOutput.operationMaybe match {
           case OperationMaybe.OperationId(id) => Right(id.toByteArray)
-          case OperationMaybe.Empty =>
+          case OperationMaybe.Empty           =>
             Left(DIDOperationError.UnexpectedDLTResult("operation result does not contain operation detail"))
           case OperationMaybe.Error(e) =>
             Left(DIDOperationError.UnexpectedDLTResult(s"operation result was not successful: $e"))

@@ -184,7 +184,7 @@ object AppModule {
       ZIO.serviceWith[AppConfig](_.didNode.neoprism.baseUrl).flatMap { javaUrl =>
         zio.http.URL.fromURI(javaUrl.toURI()) match {
           case Some(url) => ZIO.succeed(NeoPrismConfig(baseUrl = url))
-          case None =>
+          case None      =>
             ZIO.fail(
               new IllegalArgumentException(
                 s"Invalid NeoPrism base URL '$javaUrl': could not convert to zio.http.URL"

@@ -36,7 +36,7 @@ object CustomServerInterceptors {
   def tapirExceptionHandler[F[_]]: ExceptionHandler[F] = ExceptionHandler.pure[F](ctx =>
     ctx.e match
       case UnmanagedFailureException(failure: Failure) => Some(tapirDefectHandler(failure))
-      case e =>
+      case e                                           =>
         Some(
           tapirDefectHandler(
             ErrorResponse(

@@ -50,7 +50,7 @@ trait BackgroundJobsHelper {
         .someOrFail(BackgroundJobError.InvalidState(s"Issuer DID does not exist in the wallet: $did"))
         .flatMap {
           case s @ ManagedDIDState(_, _, PublicationState.Published(_)) => ZIO.succeed(s)
-          case s =>
+          case s                                                        =>
             ZIO.cond(
               allowUnpublishedIssuingDID,
               s,
@@ -236,7 +236,7 @@ trait BackgroundJobsHelper {
 
   def retryStepsFromConfig(topicName: String, jobConfig: ConsumerJobConfig): Seq[RetryStep] = {
     val retryTopics = jobConfig.retryStrategy match
-      case None => Seq.empty
+      case None     => Seq.empty
       case Some(rs) =>
         (1 to rs.maxRetries).map(i =>
           (

@@ -745,7 +745,7 @@ object PresentBackgroundJobs extends BackgroundJobsHelper {
                 mediaType = attachment.media_type,
                 format = attachment.format.map {
                   case PresentCredentialRequestFormat.JWT.name => PresentCredentialFormat.JWT.name
-                  case format =>
+                  case format                                  =>
                     throw throw RuntimeException(
                       s"Unexpected PresentCredentialRequestFormat=$format. Expecting: ${PresentCredentialRequestFormat.JWT.name}"
                     )

@@ -13,9 +13,9 @@ object OrderCodec {
       try {
         val s2 = new String(Base64.getDecoder.decode(s))
         val order = s2.split(".", 2) match {
-          case Array()          => Order.empty
-          case Array(field)     => Order(field)
-          case Array(field, "") => Order(field)
+          case Array()                 => Order.empty
+          case Array(field)            => Order(field)
+          case Array(field, "")        => Order(field)
           case Array(field, direction) =>
             Order(field, Some(Direction.valueOf(direction)))
           case _ => sys.error("impossible")

@@ -125,7 +125,7 @@ object ServiceType {
         castorDomain.ServiceType.Name.fromString(value).map(castorDomain.ServiceType.Single.apply)
       case Multiple(values) =>
         values.toList match {
-          case Nil => Left("serviceType cannot be empty")
+          case Nil          => Left("serviceType cannot be empty")
           case head :: tail =>
             for {
               parsedHead <- castorDomain.ServiceType.Name.fromString(head)

@@ -14,7 +14,7 @@ trait AdminApiKeyAuthenticator extends AuthenticatorWithAuthZ[Entity], EntityAut
   def authenticate(credentials: Credentials): IO[AuthenticationError, Entity] = {
     credentials match {
       case AdminApiKeyCredentials(Some(apiKey)) => authenticate(apiKey)
-      case AdminApiKeyCredentials(None) =>
+      case AdminApiKeyCredentials(None)         =>
         ZIO.logDebug(s"AdminApiKey API authentication is enabled, but `x-admin-api-key` token is empty") *>
           ZIO.fail(AdminApiKeyAuthenticationError.emptyAdminApiKey)
     }

@@ -20,7 +20,7 @@ trait ApiKeyAuthenticator extends AuthenticatorWithAuthZ[Entity], EntityAuthoriz
         case ApiKeyCredentials(apiKey) =>
           apiKey match {
             case Some(value) if value.nonEmpty => authenticate(value)
-            case Some(value) =>
+            case Some(value)                   =>
               ZIO.logDebug(s"ApiKey API authentication is enabled, but `apikey` token is empty") *>
                 ZIO.fail(ApiKeyAuthenticationError.emptyApiKey)
             case None =>

@@ -41,7 +41,7 @@ final class AccessToken private (token: String, claims: JwtClaim, rolesClaimPath
           acc.flatMap(_.asObject).flatMap(_.get(pathSegment))
         }
         rolesJson match {
-          case None => Right(None)
+          case None       => Right(None)
           case Some(json) =>
             json.asArray
               .toRight("Roles claim is not a JSON array of strings.")
@@ -80,7 +80,7 @@ trait KeycloakAuthenticator extends AuthenticatorWithAuthZ[KeycloakEntity] {
     if (isEnabled) {
       credentials match {
         case JwtCredentials(Some(token)) if token.nonEmpty => authenticate(token)
-        case JwtCredentials(Some(_)) =>
+        case JwtCredentials(Some(_))                       =>
           ZIO.logDebug(s"Keycloak authentication is enabled, but bearer token is empty") *>
             ZIO.fail(JwtAuthenticationError.emptyToken)
         case JwtCredentials(None) =>

@@ -52,7 +52,7 @@ class KeycloakAuthenticatorImpl(
         }
         .flatMap {
           case head +: Nil => ZIO.succeed(head)
-          case Nil =>
+          case Nil         =>
             ZIO.fail(AuthenticationError.ResourceNotPermitted("No wallet permissions found."))
           case ls =>
             ZIO.fail(
@@ -79,8 +79,8 @@ class KeycloakAuthenticatorImpl(
         .map(_.role.left.map(AuthenticationError.InvalidCredentials(_)))
         .absolve
       ctx <- role match {
-        case EntityRole.Admin  => ZIO.succeed(WalletAdministrationContext.Admin())
-        case EntityRole.Tenant => selfServiceCtx
+        case EntityRole.Admin         => ZIO.succeed(WalletAdministrationContext.Admin())
+        case EntityRole.Tenant        => selfServiceCtx
         case EntityRole.ExternalParty =>
           ZIO.fail(AuthenticationError.InvalidRole("External party cannot access the wallet."))
       }

@@ -80,7 +80,7 @@ class WalletManagementControllerImpl(
       me: BaseEntity
   )(implicit rc: RequestContext): ZIO[WalletAdministrationContext, ErrorResponse, WalletDetail] = {
     ZIO.serviceWithZIO[WalletAdministrationContext] {
-      case WalletAdministrationContext.Admin() => doCreateWallet(request).map(i => i)
+      case WalletAdministrationContext.Admin()        => doCreateWallet(request).map(i => i)
       case WalletAdministrationContext.SelfService(_) =>
         for {
           wallet <- doCreateWallet(request)

@@ -185,7 +185,7 @@ class CredentialDefinitionControllerImpl(service: CredentialDefinitionService, m
         .someOrFail(ErrorResponse.notFound(detail = Some(s"Issuer DID does not exist in the wallet: $did")))
         .flatMap {
           case s @ ManagedDIDState(_, _, _: PublicationState.Published) => ZIO.succeed(s)
-          case s =>
+          case s                                                        =>
             ZIO.cond(
               allowUnpublishedIssuingDID,
               s,

@@ -214,7 +214,7 @@ class CredentialSchemaControllerImpl(service: CredentialSchemaService, managedDI
         .someOrFail(ErrorResponse.notFound(detail = Some(s"Issuer DID does not exist in the wallet: $did")))
         .flatMap {
           case s @ ManagedDIDState(_, _, _: PublicationState.Published) => ZIO.succeed(s)
-          case s =>
+          case s                                                        =>
             ZIO.cond(
               allowUnpublishedIssuingDID,
               s,

@@ -250,7 +250,7 @@ class PresentProofControllerImpl(
         case "request-reject"      => presentationService.rejectRequestPresentation(didCommId)
         case "presentation-accept" => presentationService.acceptPresentation(didCommId)
         case "presentation-reject" => presentationService.rejectPresentation(didCommId)
-        case a =>
+        case a                     =>
           ZIO.fail(
             ErrorResponse.badRequest(
               detail = Some(

@@ -51,7 +51,7 @@ object VcVerification {
       maybeParameter: Option[VcVerificationParameter]
   ): IO[ErrorResponse, ServiceVcVerification] = {
     (verification, maybeParameter) match {
-      case (SignatureVerification, None) => ZIO.succeed(ServiceVcVerification.SignatureVerification)
+      case (SignatureVerification, None)                   => ZIO.succeed(ServiceVcVerification.SignatureVerification)
       case (IssuerIdentification, Some(DidParameter(iss))) =>
         ZIO.succeed(ServiceVcVerification.IssuerIdentification(iss))
       case (ExpirationCheck, Some(DateTimeParameter(dateTime))) =>
@@ -66,7 +66,7 @@ object VcVerification {
       case (AlgorithmVerification, None)            => ZIO.succeed(ServiceVcVerification.AlgorithmVerification)
       case (SchemaCheck, None)                      => ZIO.succeed(ServiceVcVerification.SchemaCheck)
       case (SemanticCheckOfClaims, None)            => ZIO.succeed(ServiceVcVerification.SemanticCheckOfClaims)
-      case _ =>
+      case _                                        =>
         ZIO.fail(
           ErrorResponse.badRequest(detail =
             Some(s"Unsupported Verification:$verification and Parameters:$maybeParameter")

@@ -110,7 +110,7 @@ class ManagedDIDServiceImpl private[walletapi] (
         .mapError(PublishManagedDIDError.WalletStorageError.apply)
         .someOrFail(PublishManagedDIDError.DIDNotFound(did))
       outcome <- didState.publicationState match {
-        case PublicationState.Created() => doPublish(didState)
+        case PublicationState.Created()                              => doPublish(didState)
         case PublicationState.PublicationPending(publishOperationId) =>
           ZIO.succeed(ScheduleDIDOperationOutcome(did, didState.createOperation, publishOperationId))
         case PublicationState.Published(publishOperationId) =>

@@ -31,7 +31,7 @@ class WalletManagementServiceImpl(
       _ <- ZIO.serviceWithZIO[WalletAdministrationContext] {
         case WalletAdministrationContext.Admin()                                                   => ZIO.unit
         case WalletAdministrationContext.SelfService(permittedWallets) if permittedWallets.isEmpty => ZIO.unit
-        case WalletAdministrationContext.SelfService(_) =>
+        case WalletAdministrationContext.SelfService(_)                                            =>
           ZIO.fail(TooManyPermittedWallet())
       }
       seed <- seed.fold(

@@ -202,7 +202,7 @@ class JdbcDIDNonSecretStorage(xa: Transactor[ContextAwareTask], xb: Transactor[T
     getManagedDIDState(did)
       .map(_.map(_.didIndex))
       .flatMap {
-        case None => ZIO.none
+        case None           => ZIO.none
         case Some(didIndex) =>
           for {
             keyUsageIndex <- cxnIO.transactWallet(xa)

@@ -109,7 +109,7 @@ class JdbcDIDSecretStorage(xa: Transactor[ContextAwareTask]) extends DIDSecretSt
     cxnIO
       .transactWallet(xa)
       .flatMap {
-        case None => ZIO.none
+        case None      => ZIO.none
         case Some(jwk) =>
           ZIO
             .fromEither(c.from(jwk))

@@ -48,7 +48,7 @@ class JdbcWalletSecretStorage(xa: Transactor[ContextAwareTask]) extends WalletSe
     cxnIO
       .transactWallet(xa)
       .flatMap {
-        case None => ZIO.none
+        case None        => ZIO.none
         case Some(bytes) =>
           ZIO
             .fromEither(WalletSeed.fromByteArray(bytes))

@@ -142,9 +142,9 @@ class OperationFactory(apollo: Apollo) {
             // should be impossible otherwise it's a defect
             ZIO.dieMessage("addKey update DID action must have a generated a key-pair")
         }
-      case UpdateManagedDIDAction.RemoveKey(id)       => ZIO.succeed(UpdateDIDAction.RemoveKey(id))
-      case UpdateManagedDIDAction.AddService(service) => ZIO.succeed(UpdateDIDAction.AddService(service))
-      case UpdateManagedDIDAction.RemoveService(id)   => ZIO.succeed(UpdateDIDAction.RemoveService(id))
+      case UpdateManagedDIDAction.RemoveKey(id)        => ZIO.succeed(UpdateDIDAction.RemoveKey(id))
+      case UpdateManagedDIDAction.AddService(service)  => ZIO.succeed(UpdateDIDAction.AddService(service))
+      case UpdateManagedDIDAction.RemoveService(id)    => ZIO.succeed(UpdateDIDAction.RemoveService(id))
       case UpdateManagedDIDAction.UpdateService(patch) =>
         ZIO.succeed(UpdateDIDAction.UpdateService(patch.id, patch.serviceType, patch.serviceEndpoints))
       case UpdateManagedDIDAction.PatchContext(context) => ZIO.succeed(UpdateDIDAction.PatchContext(context))
@@ -155,7 +155,7 @@ class OperationFactory(apollo: Apollo) {
     ZIO.attempt {
       val (publicKeyData, keyPair) = template.curve match {
         case EllipticCurve.SECP256K1 => throw Exception("secp256k1 key must be derived, not randomly generated")
-        case EllipticCurve.ED25519 =>
+        case EllipticCurve.ED25519   =>
           val kp = apollo.ed25519.generateKeyPair
           toPublicKeyData(kp.publicKey) -> kp
         case EllipticCurve.X25519 =>

@@ -129,7 +129,7 @@ object VaultKVClientImpl {
           status match {
             case 200 => ZIO.some(resp)
             case 404 => ZIO.none
-            case _ =>
+            case _   =>
               ZIO
                 .fail(Exception(s"$message - Got response status code $status, expected 200"))
                 .tapError(_ => ZIO.logError(s"$message - Response status: $status. Response body: $body"))
@@ -146,7 +146,7 @@ object VaultKVClientImpl {
           val body = new String(bytes, StandardCharsets.UTF_8)
           status match {
             case 200 => ZIO.succeed(resp)
-            case _ =>
+            case _   =>
               ZIO
                 .fail(Exception(s"$message - Got response status code $status, expected 200"))
                 .tapError(_ => ZIO.logError(s"$message - Response status: $status. Response body: $body"))

@@ -32,7 +32,7 @@ package object vault {
 
     override def decode(kv: Map[String, String]): Try[WalletSeed] = {
       kv.get("value") match {
-        case None => Failure(Exception("A property 'value' is missing from vault KV data"))
+        case None              => Failure(Exception("A property 'value' is missing from vault KV data"))
         case Some(encodedSeed) =>
           HexString
             .fromString(encodedSeed)

@@ -121,8 +121,8 @@ object MessagingService {
         MessageAndAddress(finalMessage, serviceEndpoint) = auxFinalMessage
         didCommService <- ZIO.service[DidOps]
         to <- finalMessage.to match {
-          case Seq()            => ZIO.fail(SendMessageError(new RuntimeException("Message must have a recipient")))
-          case firstTo +: Seq() => ZIO.succeed(firstTo)
+          case Seq()                => ZIO.fail(SendMessageError(new RuntimeException("Message must have a recipient")))
+          case firstTo +: Seq()     => ZIO.succeed(firstTo)
           case all @ (firstTo +: _) =>
             ZIO.logWarning(s"Message have multi recipients: $all") *> ZIO.succeed(firstTo)
         }

@@ -56,12 +56,12 @@ def json2Map(json: Json): Any = json match {
 
 def mapValueToJson(obj: java.lang.Object): Json = {
   obj match {
-    case null                 => Json.Null
-    case b: java.lang.Boolean => Json.Bool(b)
-    case i: java.lang.Integer => Json.Num(i)
-    case d: java.lang.Double  => Json.Num(d)
-    case l: java.lang.Long    => Json.Num(l)
-    case s: java.lang.String  => Json.Str(String.valueOf(s))
+    case null                                           => Json.Null
+    case b: java.lang.Boolean                           => Json.Bool(b)
+    case i: java.lang.Integer                           => Json.Num(i)
+    case d: java.lang.Double                            => Json.Num(d)
+    case l: java.lang.Long                              => Json.Num(l)
+    case s: java.lang.String                            => Json.Str(String.valueOf(s))
     case array: com.nimbusds.jose.shaded.json.JSONArray => {
       Json.Arr(array.iterator().asScala.map(mapValueToJson).toList: _*)
     }