A diagnostic tool for [Solid](https://solidproject.org/) pods and the surrounding decentralized-web stack.

**Live:** https://javascriptsolidserver.github.io/doctor/

**LWS / CID v1 profile shape** — drop in a WebID URL, get a green/red checklist of what's structurally there and what's missing for [LWS 1.0](https://www.w3.org/TR/2026/WD-lws10-authn-ssi-cid-20260423/) auth conformance:

- Profile fetches as `application/ld+json`?

- `@context` declares the CID v1 vocabulary (controller, verificationMethod, authentication, …)?

- `controller === @id` (CID v1 self-control contract)?

- `verificationMethod` populated?

- Each entry has `id`, `type`, `controller`, and either `publicKeyJwk` or `publicKeyMultibase`?

- `controller` of each method matches the WebID?

- `id` values unique?

- `authentication` entries point at real verificationMethods?

- `alsoKnownAs` entries are DID URIs?

Read-only — no auth, no mutations, no server roundtrip beyond the GETs.

- **B.0** — Read-only LWS-CID profile validator (this commit)

- **B.1** — Bidirectional `alsoKnownAs` ↔ DID-doc check (resolve `did:nostr:…` and verify the DID points back at this WebID)

- **B.2** — xlogin / NIP-07 sign-in to act as a WebID owner

- **B.3** — PATCH `verificationMethod` (Multikey for Nostr secp256k1) into the signed-in user's profile

- **B.4** — did:key + WebAuthn passkey verification methods

- **B.5** — More diagnostics: ACL inheritance, type-index integrity, OIDC discovery, ActivityPub actor doc, …

This is intentionally not coupled to JSS or any specific Solid server. It runs as a pure browser app against any pod that can serve JSON-LD profile docs.

Vanilla JS. No build step. Single HTML entry point + a couple of modules. Deploys as a static site to GitHub Pages from the `gh-pages` branch.

- [JSS#386](https://github.com/JavaScriptSolidServer/JavaScriptSolidServer/issues/386) — overall convergence tracker for Solid profile-to-key linking

- [JSS#388](https://github.com/JavaScriptSolidServer/JavaScriptSolidServer/pull/388) — Phase A (server-side): pod profiles became CID-document-shaped

- [W3C Controlled Identifiers v1.0](https://www.w3.org/TR/cid-1.0/)

- [LWS 1.0 SSI via CID (FPWD 2026-04-23)](https://www.w3.org/TR/2026/WD-lws10-authn-ssi-cid-20260423/)

- [did:nostr](https://nostrcg.github.io/did-nostr/)

[AGPL-3.0-only](./LICENSE) — matches JSS.

:root {

--bg: #f5f7fa;

--panel: #fff;

--ink: #0f172a;

--muted: #64748b;

--border: #e2e8f0;

--accent: #2563eb;

--pass: #16a34a;

--warn: #ca8a04;

--fail: #dc2626;

--skip: #94a3b8;

}

* { box-sizing: border-box; }

body {

font: 15px/1.55 -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, sans-serif;

background: var(--bg);

color: var(--ink);

margin: 0;

padding: 32px 16px 64px;

}

main {

max-width: 760px;

margin: 0 auto;

}

header h1 {

margin: 0 0 4px;

font-size: 28px;

letter-spacing: -0.02em;

}

header .tagline {

margin: 0 0 28px;

color: var(--muted);

font-size: 14px;

}

.checker {

background: var(--panel);

border: 1px solid var(--border);

border-radius: 12px;

padding: 24px;

box-shadow: 0 1px 3px rgba(15, 23, 42, 0.04);

}

.checker h2 {

margin: 0 0 6px;

font-size: 18px;

}

.checker > p {

margin: 0 0 18px;

color: var(--muted);

font-size: 13px;

}

.checker code {

background: #eef2f7;

padding: 1px 5px;

border-radius: 4px;

font-size: 12px;

}

form label {

display: block;

font-size: 13px;

font-weight: 600;

margin-bottom: 6px;

}

form input[type="url"] {

width: 100%;

padding: 10px 12px;

border: 1px solid var(--border);

border-radius: 8px;

font: inherit;

margin-bottom: 12px;

background: #fff;

}

form input[type="url"]:focus {

outline: none;

border-color: var(--accent);

}

form button {

background: var(--accent);

color: #fff;

border: 0;

padding: 10px 18px;

border-radius: 8px;

font: inherit;

font-weight: 600;

cursor: pointer;

}

form button:hover { background: #1d4ed8; }

form button:disabled {

opacity: 0.6;

cursor: progress;

}

#results {

margin-top: 24px;

padding-top: 20px;

border-top: 1px solid var(--border);

}

#results h3 {

margin: 0 0 12px;

font-size: 16px;

}

.checks {

list-style: none;

padding: 0;

margin: 0;

}

.check {

padding: 10px 12px;

margin-bottom: 6px;

border-radius: 8px;

border: 1px solid var(--border);

background: #fff;

display: flex;

align-items: flex-start;

gap: 10px;

font-size: 14px;

}

.check .icon {

flex-shrink: 0;

width: 20px;

height: 20px;

border-radius: 50%;

display: inline-flex;

align-items: center;

justify-content: center;

font-size: 12px;

font-weight: 700;

color: #fff;

margin-top: 1px;

}

.check.pass .icon { background: var(--pass); }

.check.warn .icon { background: var(--warn); }

.check.fail .icon { background: var(--fail); }

.check.skip .icon { background: var(--skip); }

.check .body { flex: 1; }

.check .label { font-weight: 600; }

.check .detail {

font-size: 12px;

color: var(--muted);

margin-top: 3px;

word-break: break-word;

}

#raw {

margin-top: 18px;

}

#raw summary {

cursor: pointer;

font-size: 13px;

color: var(--muted);

padding: 4px 0;

}

#raw pre {

background: #0f172a;

color: #cbd5e1;

padding: 14px;

border-radius: 8px;

font-size: 12px;

overflow-x: auto;

margin: 8px 0 0;

white-space: pre-wrap;

word-break: break-word;

}

footer {

margin-top: 28px;

text-align: center;

font-size: 12px;

color: var(--muted);

}

footer a {

color: inherit;

text-decoration: underline;

}

a { color: var(--accent); }

import { runLwsCidChecks } from './lib/lws-cid.js';

const form = document.getElementById('check-form');

const input = document.getElementById('webid');

const button = form.querySelector('button[type="submit"]');

const results = document.getElementById('results');

const checksEl = document.getElementById('checks');

const rawEl = document.getElementById('raw-body');

const params = new URLSearchParams(window.location.search);

if (params.has('webid')) {

input.value = params.get('webid');

form.addEventListener('submit', async (e) => {

e.preventDefault();

const url = input.value.trim();

if (!url) return;

// Reflect the current target in the URL so refreshes / bookmarks survive.

const newParams = new URLSearchParams({ webid: url });

history.replaceState(null, '', `${window.location.pathname}?${newParams.toString()}`);

button.disabled = true;

button.textContent = 'Running…';

checksEl.innerHTML = '';

rawEl.textContent = '';

results.hidden = false;

try {

const checks = await runAll(url);

renderChecks(checks);

} catch (err) {

renderChecks([{

status: 'fail',

label: 'Diagnostics crashed',

detail: String(err?.message || err),

}]);

} finally {

button.disabled = false;

button.textContent = 'Run diagnostics';

}

async function runAll(webIdUrl) {

const checks = [];

// 1. Resolve the document URL — strip the fragment.

let docUrl;

try {

docUrl = new URL(webIdUrl);

docUrl.hash = '';

} catch (err) {

checks.push({ status: 'fail', label: 'WebID is a valid URL', detail: err.message });

return checks;

}

checks.push({ status: 'pass', label: 'WebID is a valid URL', detail: docUrl.toString() });

// 2. Fetch as JSON-LD. We avoid Accept: text/turtle so the conneg layer

// doesn't transform the document — we want to validate the JSON-LD

// representation directly.

let res, body, contentType;

try {

res = await fetch(docUrl.toString(), {

headers: { 'Accept': 'application/ld+json' },

});

contentType = (res.headers.get('content-type') || '').toLowerCase();

} catch (err) {

checks.push({ status: 'fail', label: 'Profile is reachable', detail: err.message });

return checks;

}

if (!res.ok) {

checks.push({

status: 'fail',

label: 'Profile is reachable',

detail: `HTTP ${res.status} from ${docUrl}`,

});

return checks;

}

checks.push({

status: 'pass',

label: 'Profile is reachable',

detail: `${res.status} ${res.statusText}`,

});

if (!contentType.includes('json')) {

checks.push({

status: 'warn',

label: 'Content-Type is JSON-LD',

detail: `Got "${contentType || '(none)'}" — wanted application/ld+json. Server may not honor Accept; we'll try parsing anyway.`,

});

} else {

checks.push({

status: 'pass',

label: 'Content-Type is JSON-LD',

detail: contentType,

});

}

// 3. Parse JSON.

const text = await res.text();

rawEl.textContent = text;

let profile;

try {

profile = JSON.parse(text);

} catch (err) {

checks.push({

status: 'fail',

label: 'Profile parses as JSON',

detail: err.message,

});

return checks;

}

checks.push({ status: 'pass', label: 'Profile parses as JSON' });

// 4. Run LWS-CID structural checks.

for (const c of runLwsCidChecks(profile, { webIdUrl, docUrl: docUrl.toString() })) {

checks.push(c);

}

return checks;

function renderChecks(checks) {

checksEl.innerHTML = '';

for (const c of checks) {

const li = document.createElement('li');

li.className = `check ${c.status}`;

const symbols = { pass: '✓', warn: '!', fail: '✗', skip: '·' };

li.innerHTML = `

li.querySelector('.label').textContent = c.label;

if (c.detail) li.querySelector('.detail').textContent = c.detail;

checksEl.appendChild(li);

}