create-bap-identity

Original🇺🇸 English
Translated

This skill should be used when the user asks to "create BAP identity", "new BAP", "Type42 identity", "Legacy BAP identity", "generate BAP", "set up BAP identity", "initialize BAP", or needs to create Bitcoin Attestation Protocol identities using the bap CLI.

1installs
Sourceb-open-io/bsv-skills
Added on

NPX Install

npx skill4agent add b-open-io/bsv-skills create-bap-identity

Tags

Translated version includes tags in frontmatter
bap-identitykey-derivationmessage-signingencryptioncli-utility

SKILL.md Content

View Translation Comparison →

Create BAP Identity

Create and manage BAP (Bitcoin Attestation Protocol) identities using the 
bsv-bap
library.

Installation

bash
bun add bsv-bap @bsv/sdk

Creating an Identity

typescript
import { BAP } from "bsv-bap";
import { PrivateKey } from "@bsv/sdk";

// Create BAP instance with new key
const privateKey = PrivateKey.fromRandom();
const bap = new BAP({ rootPk: privateKey.toWif() });

// Create identity
const identity = bap.newId("Alice Smith");

console.log("Identity Key:", identity.getIdentityKey());
console.log("Root Address:", identity.rootAddress);
console.log("Signing Address:", identity.getCurrentAddress());

Key Derivation

BAP uses Type42 (BRC-42) key derivation with BRC-43 invoice numbers:
PurposeInvoice NumberSecurity Level
Signing key
1-bap-identity
1 (public protocol)
Friend encryption
2-friend-{sha256(friendBapId)}
2 (user-approved)

Signing Messages

typescript
import { Utils } from "@bsv/sdk";
const { toArray } = Utils;

// Sign a message
const message = toArray("Hello World", "utf8");
const { address, signature } = identity.signMessage(message);

// Verify (on any BAP instance)
const isValid = bap.verifySignature("Hello World", address, signature);

Friend Encryption

Derive friend-specific encryption keys for private communication:
typescript
// Get encryption pubkey for a friend (share in friend requests)
const friendPubKey = identity.getEncryptionPublicKeyWithSeed(friendBapId);

// Encrypt data for friend
const ciphertext = identity.encryptWithSeed("secret message", friendBapId);

// Decrypt data from friend
const plaintext = identity.decryptWithSeed(ciphertext, friendBapId);

Export/Import

typescript
// Export for backup
const backup = bap.exportForBackup("My Identity");
// { ids: "...", createdAt: "...", rootPk: "..." }

// Import from backup
const bap2 = new BAP({ rootPk: backup.rootPk });
bap2.importIds(backup.ids);

CLI Option

For quick operations, the 
bsv-bap
package includes a CLI:
bash
npm install -g bsv-bap

bap create --name "Alice"     # Create identity (~/.bap/identity.json)
bap sign "Hello World"        # Sign message
bap verify "msg" "sig" "addr" # Verify signature
bap info                      # Show identity info
bap friend-pubkey <bapId>     # Get friend encryption pubkey
bap encrypt <data> <bapId>    # Encrypt for friend
bap decrypt <text> <bapId>    # Decrypt from friend
bap export                    # Export backup JSON
bap import <file>             # Import from backup

Next Steps

After creating an identity:
  1. Sign messages for authentication
  2. Share encryption pubkeys in friend requests
  3. Publish identity to blockchain for on-chain reputation
  4. Integrate with Sigma Identity for OAuth (
    @sigma-auth/better-auth-plugin
    )

Related Skills

  • key-derivation
     - Type42 and BRC-43 key derivation patterns
  • message-signing
     - BSM, BRC-77, and Sigma signing protocols
  • encrypt-decrypt-backup
     - bitcoin-backup CLI for .bep encrypted backups