@0xsequence/wallet-core 0.0.0-20250520201059

package/dist/relayer/relayer.d.ts

@@ -0,0 +1,39 @@
+import { Payload } from '@0xsequence/wallet-primitives';
+import { Address, Hex } from 'ox';
+export interface FeeOption {
+    token: Address.Address;
+    to: string;
+    value: string;
+    gasLimit: number;
+}
+export interface FeeQuote {
+    _tag: 'FeeQuote';
+    _quote: unknown;
+}
+export type OperationUknownStatus = {
+    status: 'unknown';
+};
+export type OperationPendingStatus = {
+    status: 'pending';
+};
+export type OperationConfirmedStatus = {
+    status: 'confirmed';
+    transactionHash: Hex.Hex;
+};
+export type OperationFailedStatus = {
+    status: 'failed';
+    reason: string;
+};
+export type OperationStatus = OperationUknownStatus | OperationPendingStatus | OperationConfirmedStatus | OperationFailedStatus;
+export interface Relayer {
+    id: string;
+    feeOptions(wallet: Address.Address, chainId: bigint, calls: Payload.Call[]): Promise<{
+        options: FeeOption[];
+        quote?: FeeQuote;
+    }>;
+    relay(to: Address.Address, data: Hex.Hex, chainId: bigint, quote?: FeeQuote): Promise<{
+        opHash: Hex.Hex;
+    }>;
+    status(opHash: Hex.Hex, chainId: bigint): Promise<OperationStatus>;
+}
+//# sourceMappingURL=relayer.d.ts.map

package/dist/relayer/relayer.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"relayer.d.ts","sourceRoot":"","sources":["../../src/relayer/relayer.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,+BAA+B,CAAA;AACvD,OAAO,EAAE,OAAO,EAAE,GAAG,EAAE,MAAM,IAAI,CAAA;AAEjC,MAAM,WAAW,SAAS;IACxB,KAAK,EAAE,OAAO,CAAC,OAAO,CAAA;IACtB,EAAE,EAAE,MAAM,CAAA;IACV,KAAK,EAAE,MAAM,CAAA;IACb,QAAQ,EAAE,MAAM,CAAA;CACjB;AAED,MAAM,WAAW,QAAQ;IACvB,IAAI,EAAE,UAAU,CAAA;IAChB,MAAM,EAAE,OAAO,CAAA;CAChB;AAED,MAAM,MAAM,qBAAqB,GAAG;IAClC,MAAM,EAAE,SAAS,CAAA;CAClB,CAAA;AAED,MAAM,MAAM,sBAAsB,GAAG;IACnC,MAAM,EAAE,SAAS,CAAA;CAClB,CAAA;AAED,MAAM,MAAM,wBAAwB,GAAG;IACrC,MAAM,EAAE,WAAW,CAAA;IACnB,eAAe,EAAE,GAAG,CAAC,GAAG,CAAA;CACzB,CAAA;AAED,MAAM,MAAM,qBAAqB,GAAG;IAClC,MAAM,EAAE,QAAQ,CAAA;IAChB,MAAM,EAAE,MAAM,CAAA;CACf,CAAA;AAED,MAAM,MAAM,eAAe,GACvB,qBAAqB,GACrB,sBAAsB,GACtB,wBAAwB,GACxB,qBAAqB,CAAA;AAEzB,MAAM,WAAW,OAAO;IACtB,EAAE,EAAE,MAAM,CAAA;IAEV,UAAU,CACR,MAAM,EAAE,OAAO,CAAC,OAAO,EACvB,OAAO,EAAE,MAAM,EACf,KAAK,EAAE,OAAO,CAAC,IAAI,EAAE,GACpB,OAAO,CAAC;QAAE,OAAO,EAAE,SAAS,EAAE,CAAC;QAAC,KAAK,CAAC,EAAE,QAAQ,CAAA;KAAE,CAAC,CAAA;IAEtD,KAAK,CAAC,EAAE,EAAE,OAAO,CAAC,OAAO,EAAE,IAAI,EAAE,GAAG,CAAC,GAAG,EAAE,OAAO,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,QAAQ,GAAG,OAAO,CAAC;QAAE,MAAM,EAAE,GAAG,CAAC,GAAG,CAAA;KAAE,CAAC,CAAA;IAE1G,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,GAAG,EAAE,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,eAAe,CAAC,CAAA;CACnE"}

package/dist/relayer/relayer.js

@@ -0,0 +1 @@
+export {};

package/dist/signers/index.d.ts

@@ -0,0 +1,23 @@
+import { Config, Payload, Signature } from '@0xsequence/wallet-primitives';
+import { Address, Hex } from 'ox';
+import * as State from '../state/index.js';
+export * as Pk from './pk/index.js';
+export * as Passkey from './passkey.js';
+export * as Session from './session/index.js';
+export * from './session-manager.js';
+export interface Signer {
+    readonly address: MaybePromise<Address.Address>;
+    sign: (wallet: Address.Address, chainId: bigint, payload: Payload.Parented) => Config.SignerSignature<Signature.SignatureOfSignerLeaf>;
+}
+export interface SapientSigner {
+    readonly address: MaybePromise<Address.Address>;
+    readonly imageHash: MaybePromise<Hex.Hex | undefined>;
+    signSapient: (wallet: Address.Address, chainId: bigint, payload: Payload.Parented, imageHash: Hex.Hex) => Config.SignerSignature<Signature.SignatureOfSapientSignerLeaf>;
+}
+export interface Witnessable {
+    witness: (stateWriter: State.Writer, wallet: Address.Address, extra?: Object) => Promise<void>;
+}
+type MaybePromise<T> = T | Promise<T>;
+export declare function isSapientSigner(signer: Signer | SapientSigner): signer is SapientSigner;
+export declare function isSigner(signer: Signer | SapientSigner): signer is Signer;
+//# sourceMappingURL=index.d.ts.map

package/dist/signers/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/signers/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,SAAS,EAAE,MAAM,+BAA+B,CAAA;AAC1E,OAAO,EAAE,OAAO,EAAE,GAAG,EAAE,MAAM,IAAI,CAAA;AACjC,OAAO,KAAK,KAAK,MAAM,mBAAmB,CAAA;AAE1C,OAAO,KAAK,EAAE,MAAM,eAAe,CAAA;AACnC,OAAO,KAAK,OAAO,MAAM,cAAc,CAAA;AACvC,OAAO,KAAK,OAAO,MAAM,oBAAoB,CAAA;AAC7C,cAAc,sBAAsB,CAAA;AAEpC,MAAM,WAAW,MAAM;IACrB,QAAQ,CAAC,OAAO,EAAE,YAAY,CAAC,OAAO,CAAC,OAAO,CAAC,CAAA;IAE/C,IAAI,EAAE,CACJ,MAAM,EAAE,OAAO,CAAC,OAAO,EACvB,OAAO,EAAE,MAAM,EACf,OAAO,EAAE,OAAO,CAAC,QAAQ,KACtB,MAAM,CAAC,eAAe,CAAC,SAAS,CAAC,qBAAqB,CAAC,CAAA;CAC7D;AAED,MAAM,WAAW,aAAa;IAC5B,QAAQ,CAAC,OAAO,EAAE,YAAY,CAAC,OAAO,CAAC,OAAO,CAAC,CAAA;IAC/C,QAAQ,CAAC,SAAS,EAAE,YAAY,CAAC,GAAG,CAAC,GAAG,GAAG,SAAS,CAAC,CAAA;IAErD,WAAW,EAAE,CACX,MAAM,EAAE,OAAO,CAAC,OAAO,EACvB,OAAO,EAAE,MAAM,EACf,OAAO,EAAE,OAAO,CAAC,QAAQ,EACzB,SAAS,EAAE,GAAG,CAAC,GAAG,KACf,MAAM,CAAC,eAAe,CAAC,SAAS,CAAC,4BAA4B,CAAC,CAAA;CACpE;AAED,MAAM,WAAW,WAAW;IAC1B,OAAO,EAAE,CAAC,WAAW,EAAE,KAAK,CAAC,MAAM,EAAE,MAAM,EAAE,OAAO,CAAC,OAAO,EAAE,KAAK,CAAC,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,CAAC,CAAA;CAC/F;AAED,KAAK,YAAY,CAAC,CAAC,IAAI,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC,CAAA;AAErC,wBAAgB,eAAe,CAAC,MAAM,EAAE,MAAM,GAAG,aAAa,GAAG,MAAM,IAAI,aAAa,CAEvF;AAED,wBAAgB,QAAQ,CAAC,MAAM,EAAE,MAAM,GAAG,aAAa,GAAG,MAAM,IAAI,MAAM,CAEzE"}

package/dist/signers/index.js

@@ -0,0 +1,10 @@
+export * as Pk from './pk/index.js';
+export * as Passkey from './passkey.js';
+export * as Session from './session/index.js';
+export * from './session-manager.js';
+export function isSapientSigner(signer) {
+    return 'signSapient' in signer;
+}
+export function isSigner(signer) {
+    return 'sign' in signer;
+}

package/dist/signers/passkey.d.ts

@@ -0,0 +1,41 @@
+import { Hex, Address } from 'ox';
+import { Payload, Extensions } from '@0xsequence/wallet-primitives';
+import type { Signature as SignatureTypes } from '@0xsequence/wallet-primitives';
+import { State } from '../index.js';
+import { SapientSigner, Witnessable } from './index.js';
+export type PasskeyOptions = {
+    extensions: Pick<Extensions.Extensions, 'passkeys'>;
+    publicKey: Extensions.Passkeys.PublicKey;
+    credentialId: string;
+    embedMetadata?: boolean;
+    metadata?: Extensions.Passkeys.PasskeyMetadata;
+};
+export type CreaetePasskeyOptions = {
+    stateProvider?: State.Provider;
+    requireUserVerification?: boolean;
+    credentialName?: string;
+    embedMetadata?: boolean;
+};
+export type WitnessMessage = {
+    action: 'consent-to-be-part-of-wallet';
+    wallet: Address.Address;
+    publicKey: Extensions.Passkeys.PublicKey;
+    timestamp: number;
+    metadata?: Extensions.Passkeys.PasskeyMetadata;
+};
+export declare function isWitnessMessage(message: unknown): message is WitnessMessage;
+export declare class Passkey implements SapientSigner, Witnessable {
+    readonly credentialId: string;
+    readonly publicKey: Extensions.Passkeys.PublicKey;
+    readonly address: Address.Address;
+    readonly imageHash: Hex.Hex;
+    readonly embedMetadata: boolean;
+    readonly metadata?: Extensions.Passkeys.PasskeyMetadata;
+    constructor(options: PasskeyOptions);
+    static loadFromWitness(stateReader: State.Reader, extensions: Pick<Extensions.Extensions, 'passkeys'>, wallet: Address.Address, imageHash: Hex.Hex): Promise<Passkey>;
+    static create(extensions: Pick<Extensions.Extensions, 'passkeys'>, options?: CreaetePasskeyOptions): Promise<Passkey>;
+    static find(stateReader: State.Reader, extensions: Pick<Extensions.Extensions, 'passkeys'>): Promise<Passkey | undefined>;
+    signSapient(wallet: Address.Address, chainId: bigint, payload: Payload.Parented, imageHash: Hex.Hex): Promise<SignatureTypes.SignatureOfSapientSignerLeaf>;
+    witness(stateWriter: State.Writer, wallet: Address.Address, extra?: Object): Promise<void>;
+}
+//# sourceMappingURL=passkey.d.ts.map

package/dist/signers/passkey.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"passkey.d.ts","sourceRoot":"","sources":["../../src/signers/passkey.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,GAAG,EAAS,OAAO,EAAc,MAAM,IAAI,CAAA;AACpD,OAAO,EAAE,OAAO,EAAE,UAAU,EAAE,MAAM,+BAA+B,CAAA;AACnE,OAAO,KAAK,EAAE,SAAS,IAAI,cAAc,EAAE,MAAM,+BAA+B,CAAA;AAEhF,OAAO,EAAE,KAAK,EAAE,MAAM,aAAa,CAAA;AACnC,OAAO,EAAE,aAAa,EAAE,WAAW,EAAE,MAAM,YAAY,CAAA;AAEvD,MAAM,MAAM,cAAc,GAAG;IAC3B,UAAU,EAAE,IAAI,CAAC,UAAU,CAAC,UAAU,EAAE,UAAU,CAAC,CAAA;IACnD,SAAS,EAAE,UAAU,CAAC,QAAQ,CAAC,SAAS,CAAA;IACxC,YAAY,EAAE,MAAM,CAAA;IACpB,aAAa,CAAC,EAAE,OAAO,CAAA;IACvB,QAAQ,CAAC,EAAE,UAAU,CAAC,QAAQ,CAAC,eAAe,CAAA;CAC/C,CAAA;AAED,MAAM,MAAM,qBAAqB,GAAG;IAClC,aAAa,CAAC,EAAE,KAAK,CAAC,QAAQ,CAAA;IAC9B,uBAAuB,CAAC,EAAE,OAAO,CAAA;IACjC,cAAc,CAAC,EAAE,MAAM,CAAA;IACvB,aAAa,CAAC,EAAE,OAAO,CAAA;CACxB,CAAA;AAED,MAAM,MAAM,cAAc,GAAG;IAC3B,MAAM,EAAE,8BAA8B,CAAA;IACtC,MAAM,EAAE,OAAO,CAAC,OAAO,CAAA;IACvB,SAAS,EAAE,UAAU,CAAC,QAAQ,CAAC,SAAS,CAAA;IACxC,SAAS,EAAE,MAAM,CAAA;IACjB,QAAQ,CAAC,EAAE,UAAU,CAAC,QAAQ,CAAC,eAAe,CAAA;CAC/C,CAAA;AAED,wBAAgB,gBAAgB,CAAC,OAAO,EAAE,OAAO,GAAG,OAAO,IAAI,cAAc,CAO5E;AAED,qBAAa,OAAQ,YAAW,aAAa,EAAE,WAAW;IACxD,SAAgB,YAAY,EAAE,MAAM,CAAA;IAEpC,SAAgB,SAAS,EAAE,UAAU,CAAC,QAAQ,CAAC,SAAS,CAAA;IACxD,SAAgB,OAAO,EAAE,OAAO,CAAC,OAAO,CAAA;IACxC,SAAgB,SAAS,EAAE,GAAG,CAAC,GAAG,CAAA;IAClC,SAAgB,aAAa,EAAE,OAAO,CAAA;IACtC,SAAgB,QAAQ,CAAC,EAAE,UAAU,CAAC,QAAQ,CAAC,eAAe,CAAA;gBAElD,OAAO,EAAE,cAAc;WAStB,eAAe,CAC1B,WAAW,EAAE,KAAK,CAAC,MAAM,EACzB,UAAU,EAAE,IAAI,CAAC,UAAU,CAAC,UAAU,EAAE,UAAU,CAAC,EACnD,MAAM,EAAE,OAAO,CAAC,OAAO,EACvB,SAAS,EAAE,GAAG,CAAC,GAAG;WAkCP,MAAM,CAAC,UAAU,EAAE,IAAI,CAAC,UAAU,CAAC,UAAU,EAAE,UAAU,CAAC,EAAE,OAAO,CAAC,EAAE,qBAAqB;WAoC3F,IAAI,CACf,WAAW,EAAE,KAAK,CAAC,MAAM,EACzB,UAAU,EAAE,IAAI,CAAC,UAAU,CAAC,UAAU,EAAE,UAAU,CAAC,GAClD,OAAO,CAAC,OAAO,GAAG,SAAS,CAAC;IAyFzB,WAAW,CACf,MAAM,EAAE,OAAO,CAAC,OAAO,EACvB,OAAO,EAAE,MAAM,EACf,OAAO,EAAE,OAAO,CAAC,QAAQ,EACzB,SAAS,EAAE,GAAG,CAAC,GAAG,GACjB,OAAO,CAAC,cAAc,CAAC,4BAA4B,CAAC;IAkCjD,OAAO,CAAC,WAAW,EAAE,KAAK,CAAC,MAAM,EAAE,MAAM,EAAE,OAAO,CAAC,OAAO,EAAE,KAAK,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;CAqBjG"}

package/dist/signers/passkey.js

@@ -0,0 +1,196 @@
+import { Hex, Bytes, Address, P256, Hash } from 'ox';
+import { Payload, Extensions } from '@0xsequence/wallet-primitives';
+import { WebAuthnP256 } from 'ox';
+export function isWitnessMessage(message) {
+    return (typeof message === 'object' &&
+        message !== null &&
+        'action' in message &&
+        message.action === 'consent-to-be-part-of-wallet');
+}
+export class Passkey {
+    credentialId;
+    publicKey;
+    address;
+    imageHash;
+    embedMetadata;
+    metadata;
+    constructor(options) {
+        this.address = options.extensions.passkeys;
+        this.publicKey = options.publicKey;
+        this.credentialId = options.credentialId;
+        this.embedMetadata = options.embedMetadata ?? false;
+        this.imageHash = Extensions.Passkeys.rootFor(options.publicKey);
+        this.metadata = options.metadata;
+    }
+    static async loadFromWitness(stateReader, extensions, wallet, imageHash) {
+        // In the witness we will find the public key, and may find the credential id
+        const witness = await stateReader.getWitnessForSapient(wallet, extensions.passkeys, imageHash);
+        if (!witness) {
+            throw new Error('Witness for wallet not found');
+        }
+        const payload = witness.payload;
+        if (!Payload.isMessage(payload)) {
+            throw new Error('Witness payload is not a message');
+        }
+        const message = JSON.parse(Hex.toString(payload.message));
+        if (!isWitnessMessage(message)) {
+            throw new Error('Witness payload is not a witness message');
+        }
+        const metadata = message.publicKey.metadata || message.metadata;
+        if (typeof metadata === 'string' || !metadata) {
+            throw new Error('Metadata does not contain credential id');
+        }
+        const decodedSignature = Extensions.Passkeys.decode(Bytes.fromHex(witness.signature.data));
+        return new Passkey({
+            credentialId: metadata.credentialId,
+            extensions,
+            publicKey: message.publicKey,
+            embedMetadata: decodedSignature.embedMetadata,
+            metadata,
+        });
+    }
+    static async create(extensions, options) {
+        const name = options?.credentialName ?? `Sequence (${Date.now()})`;
+        const credential = await WebAuthnP256.createCredential({
+            user: {
+                name,
+            },
+        });
+        const x = Hex.fromNumber(credential.publicKey.x);
+        const y = Hex.fromNumber(credential.publicKey.y);
+        const metadata = {
+            credentialId: credential.id,
+        };
+        const passkey = new Passkey({
+            credentialId: credential.id,
+            extensions,
+            publicKey: {
+                requireUserVerification: options?.requireUserVerification ?? true,
+                x,
+                y,
+                metadata: options?.embedMetadata ? metadata : undefined,
+            },
+            embedMetadata: options?.embedMetadata,
+            metadata,
+        });
+        if (options?.stateProvider) {
+            await options.stateProvider.saveTree(Extensions.Passkeys.toTree(passkey.publicKey));
+        }
+        return passkey;
+    }
+    static async find(stateReader, extensions) {
+        const response = await WebAuthnP256.sign({ challenge: Hex.random(32) });
+        if (!response.raw)
+            throw new Error('No credential returned');
+        const authenticatorDataBytes = Bytes.fromHex(response.metadata.authenticatorData);
+        const clientDataHash = Hash.sha256(Bytes.fromString(response.metadata.clientDataJSON), { as: 'Bytes' });
+        const messageSignedByAuthenticator = Bytes.concat(authenticatorDataBytes, clientDataHash);
+        const messageHash = Hash.sha256(messageSignedByAuthenticator, { as: 'Bytes' }); // Use Bytes output
+        const publicKey1 = P256.recoverPublicKey({
+            payload: messageHash,
+            signature: {
+                r: BigInt(response.signature.r),
+                s: BigInt(response.signature.s),
+                yParity: 0,
+            },
+        });
+        const publicKey2 = P256.recoverPublicKey({
+            payload: messageHash,
+            signature: {
+                r: BigInt(response.signature.r),
+                s: BigInt(response.signature.s),
+                yParity: 1,
+            },
+        });
+        // Compute the imageHash for all public key combinations
+        // - requireUserVerification: true / false
+        // - embedMetadata: true / false
+        const base1 = {
+            x: Hex.fromNumber(publicKey1.x),
+            y: Hex.fromNumber(publicKey1.y),
+        };
+        const base2 = {
+            x: Hex.fromNumber(publicKey2.x),
+            y: Hex.fromNumber(publicKey2.y),
+        };
+        const metadata = {
+            credentialId: response.raw.id,
+        };
+        const imageHashes = [
+            Extensions.Passkeys.rootFor({ ...base1, requireUserVerification: true }),
+            Extensions.Passkeys.rootFor({ ...base1, requireUserVerification: false }),
+            Extensions.Passkeys.rootFor({ ...base1, requireUserVerification: true, metadata }),
+            Extensions.Passkeys.rootFor({ ...base1, requireUserVerification: false, metadata }),
+            Extensions.Passkeys.rootFor({ ...base2, requireUserVerification: true }),
+            Extensions.Passkeys.rootFor({ ...base2, requireUserVerification: false }),
+            Extensions.Passkeys.rootFor({ ...base2, requireUserVerification: true, metadata }),
+            Extensions.Passkeys.rootFor({ ...base2, requireUserVerification: false, metadata }),
+        ];
+        // Find wallets for all possible image hashes
+        const signers = await Promise.all(imageHashes.map(async (imageHash) => {
+            const wallets = await stateReader.getWalletsForSapient(extensions.passkeys, imageHash);
+            return Object.keys(wallets).map((wallet) => ({
+                wallet: Address.from(wallet),
+                imageHash,
+            }));
+        }));
+        // Flatten and remove duplicates
+        const flattened = signers
+            .flat()
+            .filter((v, i, self) => self.findIndex((t) => Address.isEqual(t.wallet, v.wallet) && t.imageHash === v.imageHash) === i);
+        // If there are no signers, return undefined
+        if (flattened.length === 0) {
+            return undefined;
+        }
+        // If there are multiple signers log a warning
+        // but we still return the first one
+        if (flattened.length > 1) {
+            console.warn('Multiple signers found for passkey', flattened);
+        }
+        return Passkey.loadFromWitness(stateReader, extensions, flattened[0].wallet, flattened[0].imageHash);
+    }
+    async signSapient(wallet, chainId, payload, imageHash) {
+        if (this.imageHash !== imageHash) {
+            // TODO: This should never get called, why do we have this?
+            throw new Error('Unexpected image hash');
+        }
+        const challenge = Hex.fromBytes(Payload.hash(wallet, chainId, payload));
+        const response = await WebAuthnP256.sign({
+            challenge,
+            credentialId: this.credentialId,
+            userVerification: this.publicKey.requireUserVerification ? 'required' : 'discouraged',
+        });
+        const authenticatorData = Bytes.fromHex(response.metadata.authenticatorData);
+        const rBytes = Bytes.fromNumber(response.signature.r);
+        const sBytes = Bytes.fromNumber(response.signature.s);
+        const signature = Extensions.Passkeys.encode({
+            publicKey: this.publicKey,
+            r: rBytes,
+            s: sBytes,
+            authenticatorData,
+            clientDataJSON: response.metadata.clientDataJSON,
+            embedMetadata: this.embedMetadata,
+        });
+        return {
+            address: this.address,
+            data: Bytes.toHex(signature),
+            type: 'sapient_compact',
+        };
+    }
+    async witness(stateWriter, wallet, extra) {
+        const payload = Payload.fromMessage(Hex.fromString(JSON.stringify({
+            action: 'consent-to-be-part-of-wallet',
+            wallet,
+            publicKey: this.publicKey,
+            metadata: this.metadata,
+            timestamp: Date.now(),
+            ...extra,
+        })));
+        const signature = await this.signSapient(wallet, 0n, payload, this.imageHash);
+        await stateWriter.saveWitnesses(wallet, 0n, payload, {
+            type: 'unrecovered-signer',
+            weight: 1n,
+            signature,
+        });
+    }
+}

package/dist/signers/pk/encrypted.d.ts

@@ -0,0 +1,37 @@
+import { Address, PublicKey, Bytes } from 'ox';
+import { PkStore } from './index.js';
+export interface EncryptedData {
+    iv: Uint8Array;
+    data: ArrayBuffer;
+    keyPointer: string;
+    address: Address.Address;
+    publicKey: PublicKey.PublicKey;
+}
+export declare class EncryptedPksDb {
+    private readonly localStorageKeyPrefix;
+    private tableName;
+    private dbName;
+    private dbVersion;
+    constructor(localStorageKeyPrefix?: string, tableName?: string);
+    private openDB;
+    private putData;
+    private getData;
+    private getAllData;
+    generateAndStore(): Promise<EncryptedData>;
+    getEncryptedEntry(address: Address.Address): Promise<EncryptedData | undefined>;
+    getEncryptedPkStore(address: Address.Address): Promise<EncryptedPkStore | undefined>;
+    listAddresses(): Promise<Address.Address[]>;
+    remove(address: Address.Address): Promise<void>;
+}
+export declare class EncryptedPkStore implements PkStore {
+    private readonly encrypted;
+    constructor(encrypted: EncryptedData);
+    address(): Address.Address;
+    publicKey(): PublicKey.PublicKey;
+    signDigest(digest: Bytes.Bytes): Promise<{
+        r: bigint;
+        s: bigint;
+        yParity: number;
+    }>;
+}
+//# sourceMappingURL=encrypted.d.ts.map

package/dist/signers/pk/encrypted.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"encrypted.d.ts","sourceRoot":"","sources":["../../../src/signers/pk/encrypted.ts"],"names":[],"mappings":"AAAA,OAAO,EAAO,OAAO,EAAE,SAAS,EAAa,KAAK,EAAE,MAAM,IAAI,CAAA;AAC9D,OAAO,EAAE,OAAO,EAAE,MAAM,YAAY,CAAA;AAEpC,MAAM,WAAW,aAAa;IAC5B,EAAE,EAAE,UAAU,CAAA;IACd,IAAI,EAAE,WAAW,CAAA;IACjB,UAAU,EAAE,MAAM,CAAA;IAClB,OAAO,EAAE,OAAO,CAAC,OAAO,CAAA;IACxB,SAAS,EAAE,SAAS,CAAC,SAAS,CAAA;CAC/B;AAED,qBAAa,cAAc;IAMvB,OAAO,CAAC,QAAQ,CAAC,qBAAqB;IALxC,OAAO,CAAC,SAAS,CAAQ;IACzB,OAAO,CAAC,MAAM,CAAkB;IAChC,OAAO,CAAC,SAAS,CAAY;gBAGV,qBAAqB,GAAE,MAAoB,EAC5D,SAAS,GAAE,MAAe;IAK5B,OAAO,CAAC,MAAM;YAcA,OAAO;YAWP,OAAO;YAWP,UAAU;IAWlB,gBAAgB,IAAI,OAAO,CAAC,aAAa,CAAC;IAiC1C,iBAAiB,CAAC,OAAO,EAAE,OAAO,CAAC,OAAO,GAAG,OAAO,CAAC,aAAa,GAAG,SAAS,CAAC;IAK/E,mBAAmB,CAAC,OAAO,EAAE,OAAO,CAAC,OAAO,GAAG,OAAO,CAAC,gBAAgB,GAAG,SAAS,CAAC;IAMpF,aAAa,IAAI,OAAO,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;IAK3C,MAAM,CAAC,OAAO,EAAE,OAAO,CAAC,OAAO;CAMtC;AAED,qBAAa,gBAAiB,YAAW,OAAO;IAClC,OAAO,CAAC,QAAQ,CAAC,SAAS;gBAAT,SAAS,EAAE,aAAa;IAErD,OAAO,IAAI,OAAO,CAAC,OAAO;IAI1B,SAAS,IAAI,SAAS,CAAC,SAAS;IAI1B,UAAU,CAAC,MAAM,EAAE,KAAK,CAAC,KAAK,GAAG,OAAO,CAAC;QAAE,CAAC,EAAE,MAAM,CAAC;QAAC,CAAC,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,MAAM,CAAA;KAAE,CAAC;CAc1F"}

package/dist/signers/pk/encrypted.js

@@ -0,0 +1,123 @@
+import { Hex, Address, Secp256k1 } from 'ox';
+export class EncryptedPksDb {
+    localStorageKeyPrefix;
+    tableName;
+    dbName = 'pk-db';
+    dbVersion = 1;
+    constructor(localStorageKeyPrefix = 'e_pk_key_', tableName = 'e_pk') {
+        this.localStorageKeyPrefix = localStorageKeyPrefix;
+        this.tableName = tableName;
+    }
+    openDB() {
+        return new Promise((resolve, reject) => {
+            const request = indexedDB.open(this.dbName, this.dbVersion);
+            request.onupgradeneeded = () => {
+                const db = request.result;
+                if (!db.objectStoreNames.contains(this.tableName)) {
+                    db.createObjectStore(this.tableName);
+                }
+            };
+            request.onsuccess = () => resolve(request.result);
+            request.onerror = () => reject(request.error);
+        });
+    }
+    async putData(key, value) {
+        const db = await this.openDB();
+        return new Promise((resolve, reject) => {
+            const tx = db.transaction(this.tableName, 'readwrite');
+            const store = tx.objectStore(this.tableName);
+            const request = store.put(value, key);
+            request.onsuccess = () => resolve();
+            request.onerror = () => reject(request.error);
+        });
+    }
+    async getData(key) {
+        const db = await this.openDB();
+        return new Promise((resolve, reject) => {
+            const tx = db.transaction(this.tableName, 'readonly');
+            const store = tx.objectStore(this.tableName);
+            const request = store.get(key);
+            request.onsuccess = () => resolve(request.result);
+            request.onerror = () => reject(request.error);
+        });
+    }
+    async getAllData() {
+        const db = await this.openDB();
+        return new Promise((resolve, reject) => {
+            const tx = db.transaction(this.tableName, 'readonly');
+            const store = tx.objectStore(this.tableName);
+            const request = store.getAll();
+            request.onsuccess = () => resolve(request.result);
+            request.onerror = () => reject(request.error);
+        });
+    }
+    async generateAndStore() {
+        const encryptionKey = await window.crypto.subtle.generateKey({ name: 'AES-GCM', length: 256 }, true, [
+            'encrypt',
+            'decrypt',
+        ]);
+        const privateKey = Hex.random(32);
+        const publicKey = Secp256k1.getPublicKey({ privateKey });
+        const address = Address.fromPublicKey(publicKey);
+        const keyPointer = this.localStorageKeyPrefix + address;
+        const exportedKey = await window.crypto.subtle.exportKey('jwk', encryptionKey);
+        window.localStorage.setItem(keyPointer, JSON.stringify(exportedKey));
+        const encoder = new TextEncoder();
+        const encodedPk = encoder.encode(privateKey);
+        const iv = window.crypto.getRandomValues(new Uint8Array(12));
+        const encryptedBuffer = await window.crypto.subtle.encrypt({ name: 'AES-GCM', iv }, encryptionKey, encodedPk);
+        const encrypted = {
+            iv,
+            data: encryptedBuffer,
+            keyPointer,
+            address,
+            publicKey,
+        };
+        const dbKey = `pk_${address}`;
+        await this.putData(dbKey, encrypted);
+        return encrypted;
+    }
+    async getEncryptedEntry(address) {
+        const dbKey = `pk_${address}`;
+        return this.getData(dbKey);
+    }
+    async getEncryptedPkStore(address) {
+        const entry = await this.getEncryptedEntry(address);
+        if (!entry)
+            return;
+        return new EncryptedPkStore(entry);
+    }
+    async listAddresses() {
+        const allEntries = await this.getAllData();
+        return allEntries.map((entry) => entry.address);
+    }
+    async remove(address) {
+        const dbKey = `pk_${address}`;
+        await this.putData(dbKey, undefined);
+        const keyPointer = this.localStorageKeyPrefix + address;
+        window.localStorage.removeItem(keyPointer);
+    }
+}
+export class EncryptedPkStore {
+    encrypted;
+    constructor(encrypted) {
+        this.encrypted = encrypted;
+    }
+    address() {
+        return this.encrypted.address;
+    }
+    publicKey() {
+        return this.encrypted.publicKey;
+    }
+    async signDigest(digest) {
+        const keyJson = window.localStorage.getItem(this.encrypted.keyPointer);
+        if (!keyJson)
+            throw new Error('Encryption key not found in localStorage');
+        const jwk = JSON.parse(keyJson);
+        const encryptionKey = await window.crypto.subtle.importKey('jwk', jwk, { name: 'AES-GCM' }, false, ['decrypt']);
+        const decryptedBuffer = await window.crypto.subtle.decrypt({ name: 'AES-GCM', iv: this.encrypted.iv }, encryptionKey, this.encrypted.data);
+        const decoder = new TextDecoder();
+        const privateKey = decoder.decode(decryptedBuffer);
+        return Secp256k1.sign({ payload: digest, privateKey });
+    }
+}

package/dist/signers/pk/index.d.ts

@@ -0,0 +1,35 @@
+import type { Payload as PayloadTypes, Signature as SignatureTypes } from '@0xsequence/wallet-primitives';
+import { Address, Bytes, Hex, PublicKey } from 'ox';
+import { Signer as SignerInterface, Witnessable } from '../index.js';
+import { State } from '../../index.js';
+export interface PkStore {
+    address(): Address.Address;
+    publicKey(): PublicKey.PublicKey;
+    signDigest(digest: Bytes.Bytes): Promise<{
+        r: bigint;
+        s: bigint;
+        yParity: number;
+    }>;
+}
+export declare class MemoryPkStore implements PkStore {
+    private readonly privateKey;
+    constructor(privateKey: Hex.Hex);
+    address(): Address.Address;
+    publicKey(): PublicKey.PublicKey;
+    signDigest(digest: Bytes.Bytes): Promise<{
+        r: bigint;
+        s: bigint;
+        yParity: number;
+    }>;
+}
+export declare class Pk implements SignerInterface, Witnessable {
+    private readonly privateKey;
+    readonly address: Address.Address;
+    readonly pubKey: PublicKey.PublicKey;
+    constructor(privateKey: Hex.Hex | PkStore);
+    sign(wallet: Address.Address, chainId: bigint, payload: PayloadTypes.Parented): Promise<SignatureTypes.SignatureOfSignerLeaf>;
+    signDigest(digest: Bytes.Bytes): Promise<SignatureTypes.SignatureOfSignerLeaf>;
+    witness(stateWriter: State.Writer, wallet: Address.Address, extra?: Object): Promise<void>;
+}
+export * as Encrypted from './encrypted.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/signers/pk/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/signers/pk/index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,IAAI,YAAY,EAAE,SAAS,IAAI,cAAc,EAAE,MAAM,+BAA+B,CAAA;AAEzG,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,GAAG,EAAE,SAAS,EAAa,MAAM,IAAI,CAAA;AAC9D,OAAO,EAAE,MAAM,IAAI,eAAe,EAAE,WAAW,EAAE,MAAM,aAAa,CAAA;AACpE,OAAO,EAAE,KAAK,EAAE,MAAM,gBAAgB,CAAA;AAEtC,MAAM,WAAW,OAAO;IACtB,OAAO,IAAI,OAAO,CAAC,OAAO,CAAA;IAC1B,SAAS,IAAI,SAAS,CAAC,SAAS,CAAA;IAChC,UAAU,CAAC,MAAM,EAAE,KAAK,CAAC,KAAK,GAAG,OAAO,CAAC;QAAE,CAAC,EAAE,MAAM,CAAC;QAAC,CAAC,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,MAAM,CAAA;KAAE,CAAC,CAAA;CACpF;AAED,qBAAa,aAAc,YAAW,OAAO;IAC/B,OAAO,CAAC,QAAQ,CAAC,UAAU;gBAAV,UAAU,EAAE,GAAG,CAAC,GAAG;IAEhD,OAAO,IAAI,OAAO,CAAC,OAAO;IAI1B,SAAS,IAAI,SAAS,CAAC,SAAS;IAIhC,UAAU,CAAC,MAAM,EAAE,KAAK,CAAC,KAAK,GAAG,OAAO,CAAC;QAAE,CAAC,EAAE,MAAM,CAAC;QAAC,CAAC,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,MAAM,CAAA;KAAE,CAAC;CAGpF;AAED,qBAAa,EAAG,YAAW,eAAe,EAAE,WAAW;IACrD,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAS;IAEpC,SAAgB,OAAO,EAAE,OAAO,CAAC,OAAO,CAAA;IACxC,SAAgB,MAAM,EAAE,SAAS,CAAC,SAAS,CAAA;gBAE/B,UAAU,EAAE,GAAG,CAAC,GAAG,GAAG,OAAO;IAMnC,IAAI,CACR,MAAM,EAAE,OAAO,CAAC,OAAO,EACvB,OAAO,EAAE,MAAM,EACf,OAAO,EAAE,YAAY,CAAC,QAAQ,GAC7B,OAAO,CAAC,cAAc,CAAC,qBAAqB,CAAC;IAK1C,UAAU,CAAC,MAAM,EAAE,KAAK,CAAC,KAAK,GAAG,OAAO,CAAC,cAAc,CAAC,qBAAqB,CAAC;IAK9E,OAAO,CAAC,WAAW,EAAE,KAAK,CAAC,MAAM,EAAE,MAAM,EAAE,OAAO,CAAC,OAAO,EAAE,KAAK,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;CAoBjG;AAED,OAAO,KAAK,SAAS,MAAM,gBAAgB,CAAA"}

package/dist/signers/pk/index.js

@@ -0,0 +1,51 @@
+import { Payload } from '@0xsequence/wallet-primitives';
+import { Address, Hex, Secp256k1 } from 'ox';
+export class MemoryPkStore {
+    privateKey;
+    constructor(privateKey) {
+        this.privateKey = privateKey;
+    }
+    address() {
+        return Address.fromPublicKey(this.publicKey());
+    }
+    publicKey() {
+        return Secp256k1.getPublicKey({ privateKey: this.privateKey });
+    }
+    signDigest(digest) {
+        return Promise.resolve(Secp256k1.sign({ payload: digest, privateKey: this.privateKey }));
+    }
+}
+export class Pk {
+    privateKey;
+    address;
+    pubKey;
+    constructor(privateKey) {
+        this.privateKey = typeof privateKey === 'string' ? new MemoryPkStore(privateKey) : privateKey;
+        this.pubKey = this.privateKey.publicKey();
+        this.address = this.privateKey.address();
+    }
+    async sign(wallet, chainId, payload) {
+        const hash = Payload.hash(wallet, chainId, payload);
+        return this.signDigest(hash);
+    }
+    async signDigest(digest) {
+        const signature = await this.privateKey.signDigest(digest);
+        return { ...signature, type: 'hash' };
+    }
+    async witness(stateWriter, wallet, extra) {
+        const payload = Payload.fromMessage(Hex.fromString(JSON.stringify({
+            action: 'consent-to-be-part-of-wallet',
+            wallet,
+            signer: this.address,
+            timestamp: Date.now(),
+            ...extra,
+        })));
+        const signature = await this.sign(wallet, 0n, payload);
+        await stateWriter.saveWitnesses(wallet, 0n, payload, {
+            type: 'unrecovered-signer',
+            weight: 1n,
+            signature,
+        });
+    }
+}
+export * as Encrypted from './encrypted.js';

package/dist/signers/session/explicit.d.ts

@@ -0,0 +1,18 @@
+import { Payload, Permission, SessionSignature } from '@0xsequence/wallet-primitives';
+import { Address, Hex, Provider } from 'ox';
+import { SessionSigner } from './session.js';
+import { PkStore } from '../pk/index.js';
+export type ExplicitParams = Omit<Permission.SessionPermissions, 'signer'>;
+export declare class Explicit implements SessionSigner {
+    private readonly _privateKey;
+    readonly address: Address.Address;
+    readonly sessionPermissions: Permission.SessionPermissions;
+    constructor(privateKey: Hex.Hex | PkStore, sessionPermissions: ExplicitParams);
+    findSupportedPermission(wallet: Address.Address, _chainId: bigint, call: Payload.Call, provider?: Provider.Provider): Promise<Permission.Permission | undefined>;
+    supportedCall(wallet: Address.Address, chainId: bigint, call: Payload.Call, provider?: Provider.Provider): Promise<boolean>;
+    signCall(wallet: Address.Address, chainId: bigint, call: Payload.Call, nonce: {
+        space: bigint;
+        nonce: bigint;
+    }, provider?: Provider.Provider): Promise<SessionSignature.SessionCallSignature>;
+}
+//# sourceMappingURL=explicit.d.ts.map

package/dist/signers/session/explicit.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"explicit.d.ts","sourceRoot":"","sources":["../../../src/signers/session/explicit.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,UAAU,EAAE,gBAAgB,EAAS,MAAM,+BAA+B,CAAA;AAC5F,OAAO,EAAiB,OAAO,EAAe,GAAG,EAAE,QAAQ,EAAa,MAAM,IAAI,CAAA;AAClF,OAAO,EAAE,aAAa,EAAE,MAAM,cAAc,CAAA;AAC5C,OAAO,EAAiB,OAAO,EAAE,MAAM,gBAAgB,CAAA;AAEvD,MAAM,MAAM,cAAc,GAAG,IAAI,CAAC,UAAU,CAAC,kBAAkB,EAAE,QAAQ,CAAC,CAAA;AAE1E,qBAAa,QAAS,YAAW,aAAa;IAC5C,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAS;IAErC,SAAgB,OAAO,EAAE,OAAO,CAAC,OAAO,CAAA;IACxC,SAAgB,kBAAkB,EAAE,UAAU,CAAC,kBAAkB,CAAA;gBAErD,UAAU,EAAE,GAAG,CAAC,GAAG,GAAG,OAAO,EAAE,kBAAkB,EAAE,cAAc;IASvE,uBAAuB,CAC3B,MAAM,EAAE,OAAO,CAAC,OAAO,EACvB,QAAQ,EAAE,MAAM,EAChB,IAAI,EAAE,OAAO,CAAC,IAAI,EAClB,QAAQ,CAAC,EAAE,QAAQ,CAAC,QAAQ,GAC3B,OAAO,CAAC,UAAU,CAAC,UAAU,GAAG,SAAS,CAAC;IA0CvC,aAAa,CACjB,MAAM,EAAE,OAAO,CAAC,OAAO,EACvB,OAAO,EAAE,MAAM,EACf,IAAI,EAAE,OAAO,CAAC,IAAI,EAClB,QAAQ,CAAC,EAAE,QAAQ,CAAC,QAAQ,GAC3B,OAAO,CAAC,OAAO,CAAC;IASb,QAAQ,CACZ,MAAM,EAAE,OAAO,CAAC,OAAO,EACvB,OAAO,EAAE,MAAM,EACf,IAAI,EAAE,OAAO,CAAC,IAAI,EAClB,KAAK,EAAE;QACL,KAAK,EAAE,MAAM,CAAA;QACb,KAAK,EAAE,MAAM,CAAA;KACd,EACD,QAAQ,CAAC,EAAE,QAAQ,CAAC,QAAQ,GAC3B,OAAO,CAAC,gBAAgB,CAAC,oBAAoB,CAAC;CAoBlD"}