npm - @0xbow/privacy-pools-core-sdk - Versions diffs - 1.1.1 → 1.2.0 - Mend

@0xbow/privacy-pools-core-sdk 1.1.1 → 1.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (34) hide show

package/dist/node/index.mjs CHANGED Viewed

@@ -1,4 +1,4 @@
-export { o as AccountError, A as AccountService, B as BlockchainProvider, p as CircuitName, k as Circuits, C as CommitmentService, n as ContractError, l as ContractInteractionsService, a as DEFAULT_LOG_FETCH_CONFIG, D as DataService, E as ErrorCode, I as InvalidRpcUrl, P as PrivacyPoolSDK, m as ProofError, S as SDKError, W as WithdrawalService, f as bigintToHash, i as bigintToHex, j as calculateContext, b as generateDepositSecrets, g as generateMasterKeys, e as generateMerkleProof, c as generateWithdrawalSecrets, d as getCommitment, h as hashPrecommitment } from './index-C3RV9Cri.js';
+export { o as AccountError, A as AccountService, B as BlockchainProvider, p as CircuitName, k as Circuits, C as CommitmentService, n as ContractError, l as ContractInteractionsService, a as DEFAULT_LOG_FETCH_CONFIG, D as DataService, E as ErrorCode, I as InvalidRpcUrl, P as PrivacyPoolSDK, m as ProofError, S as SDKError, W as WithdrawalService, f as bigintToHash, i as bigintToHex, j as calculateContext, b as generateDepositSecrets, g as generateMasterKeys, e as generateMerkleProof, c as generateWithdrawalSecrets, d as getCommitment, h as hashPrecommitment } from './index-b-U_m4Mi.js';
 import 'viem/accounts';
 import 'buffer';
 import 'http';

package/dist/types/circuits/artifactHashes.d.ts ADDED Viewed

@@ -0,0 +1,19 @@
+import { CircuitNameString } from "./circuits.interface.js";
+type ArtifactType = "wasm" | "vkey" | "zkey";
+/**
+ * Expected SHA-256 hex digests for every downloaded circuit artifact.
+ *
+ * vkey and zkey hashes are derived from the trusted-setup ceremony outputs
+ * committed in packages/circuits/trusted-setup/final-keys/.
+ *
+ * wasm hashes are derived from the compiled circuit outputs
+ * in packages/circuits/build/.
+ *
+ * Every artifact downloaded by the SDK MUST have a hash entry here.
+ * verifyArtifactIntegrity throws if a hash is missing — refusing to
+ * load unverified artifacts is the correct security posture.
+ */
+export declare const ARTIFACT_HASHES: Record<CircuitNameString, Partial<Record<ArtifactType, string>>>;
+export declare function sha256Hex(data: Uint8Array): Promise<string>;
+export declare function verifyArtifactIntegrity(circuitName: CircuitNameString, artifactType: ArtifactType, data: Uint8Array): Promise<void>;
+export {};

package/dist/types/core/account.service.d.ts CHANGED Viewed

@@ -35,6 +35,22 @@ export declare class AccountService {
      * @throws {AccountError} If account initialization fails
      */
     constructor(dataService: DataService, config: AccountServiceConfig);
+    /**
+     * Initializes a new account from a mnemonic phrase for the legacy account.
+     *
+     * @param mnemonic - The mnemonic phrase to derive keys from
+     * @returns A new PrivacyPoolAccount with derived master keys
+     *
+     * @remarks
+     * This method derives two master keys from the mnemonic:
+     * 1. A master nullifier key from account index 0
+     * 2. A master secret key from account index 1
+     * These keys are used to deterministically generate nullifiers and secrets for deposits and withdrawals.
+     *
+     * @throws {AccountError} If account initialization fails
+     * @private
+     */
+    protected static _initializeLegacyAccount(mnemonic: string): PrivacyPoolAccount;
     /**
      * Initializes a new account from a mnemonic phrase.
      *
@@ -187,6 +203,25 @@ export declare class AccountService {
      * @throws {AccountError} If no account is found for the commitment
      */
     addWithdrawalCommitment(parentCommitment: AccountCommitment, value: bigint, nullifier: Secret, secret: Secret, blockNumber: bigint, txHash: Hex): AccountCommitment;
+    /**
+     * Adds a new commitment to the account after migrate
+     *
+     * @param parentCommitment - The commitment that was spent
+     * @param value - The remaining value after spending
+     * @param nullifier - The nullifier used for migrate
+     * @param secret - The secret used for migrate
+     * @param blockNumber - The block number of the withdrawal
+     * @param txHash - The transaction hash of the withdrawal
+     * @returns The new commitment
+     *
+     * @remarks
+     * This method finds the account containing the parent commitment, creates a new
+     * commitment with the provided parameters, and adds it to the account's children.
+     * The new commitment inherits the label from the parent commitment.
+     *
+     * @throws {AccountError} If no account is found for the commitment
+     */
+    addMigrationCommitment(parentCommitment: AccountCommitment, value: bigint, nullifier: Secret, secret: Secret, blockNumber: bigint, txHash: Hex): AccountCommitment;
     /**
      * Adds a ragequit event to an existing pool account
      *
@@ -277,6 +312,25 @@ export declare class AccountService {
      *
      */
     private _processRagequitEvents;
+    /**
+     * Discovers commitments that were migrated from legacy accounts via 0-value withdrawal.
+     *
+     * @param scope - The scope of the pool
+     * @param legacyAccounts - The legacy pool accounts for this scope
+     * @param withdrawalEvents - The map of withdrawal events (keyed by spentNullifier)
+     *
+     * @remarks
+     * When a legacy account performs a 0-value withdrawal to rotate keys (migration),
+     * the resulting on-chain commitment is created with safe keys. This method finds
+     * those commitments by:
+     * 1. Identifying legacy accounts with the `isMigrated` flag (set by `addMigrationCommitment`)
+     * 2. Computing the expected commitment hash using safe keys at withdrawal index 0
+     * 3. Verifying the hash exists in on-chain withdrawal events
+     * 4. Adding verified commitments as new safe pool accounts
+     *
+     * @private
+     */
+    private _discoverMigratedCommitments;
     /**
      * Initializes an AccountService instance with events for a given set of pools
      *
@@ -304,8 +358,33 @@ export declare class AccountService {
         service: AccountService;
     }, pools: PoolInfo[]): Promise<{
         account: AccountService;
+        legacyAccount?: AccountService;
         errors: PoolEventsError[];
     }>;
+    /**
+     * Fetches and processes events for a set of pools.
+     *
+     * When a legacyAccount is provided, the full migration-aware pipeline runs
+     * for each scope:
+     *   1. Legacy account: process deposits and withdrawals (to detect migrations)
+     *   2. Safe account: discover migrated commitments from the legacy accounts
+     *   3. Safe account (this): process deposits (starting after migrated accounts)
+     *   4. Safe account: process withdrawals (now includes migrated accounts)
+     *   5. Both accounts: process ragequits
+     *
+     * Migration discovery (step 2) must run before safe deposit scanning (step 3)
+     * so that the migrated account count can be used as the starting index.
+     * Post-migration deposits use poolAccounts.length as their index, which
+     * sits right after the migrated slots; scanning from 0 would hit
+     * MAX_CONSECUTIVE_MISSES on the legacy-key indices and never reach them.
+     *
+     * Without a legacyAccount, only steps 3, 4, and 5 run (simple processing).
+     *
+     * Per-scope errors are caught and returned rather than thrown, and any
+     * partial state left by a mid-scope failure is cleaned from both accounts
+     * so that a subsequent retry starts fresh for that scope.
+     */
+    private _processEvents;
     /**
      * @deprecated Use `initializeWithEvents` for instantiating an account with history reconstruction
      * Retrieves the history of deposits and withdrawals for the given pools.

package/dist/types/core/tmp.d.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ export {};

package/dist/types/{fetchArtifacts.esm-DT5RuODl.js → fetchArtifacts.esm-BKxGrC6w.js} RENAMED Viewed

@@ -1,4 +1,4 @@
-import { F as FetchArtifact } from './index-CHy3YamH.js';
+import { F as FetchArtifact } from './index-BwyNuaY0.js';
 import 'viem/accounts';
 import 'buffer';
 import 'http';

package/dist/types/{fetchArtifacts.node-D_iVIPqW.js → fetchArtifacts.node-kXMUDgNn.js} RENAMED Viewed

@@ -1,4 +1,4 @@
-import { F as FetchArtifact } from './index-CHy3YamH.js';
+import { F as FetchArtifact } from './index-BwyNuaY0.js';
 import 'viem/accounts';
 import 'buffer';
 import 'http';