npm - @0xsequence/wallet-primitives - Versions diffs - 0.0.0-20250520201059 - Mend

@0xsequence/wallet-primitives 0.0.0-20250520201059

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (96) hide show

package/.turbo/turbo-build.log +5 -0
package/CHANGELOG.md +7 -0
package/LICENSE +202 -0
package/dist/address.d.ts +5 -0
package/dist/address.d.ts.map +1 -0
package/dist/address.js +7 -0
package/dist/address.js.map +1 -0
package/dist/attestation.d.ts +24 -0
package/dist/attestation.d.ts.map +1 -0
package/dist/attestation.js +77 -0
package/dist/attestation.js.map +1 -0
package/dist/config.d.ts +85 -0
package/dist/config.d.ts.map +1 -0
package/dist/config.js +381 -0
package/dist/config.js.map +1 -0
package/dist/constants.d.ts +173 -0
package/dist/constants.d.ts.map +1 -0
package/dist/constants.js +31 -0
package/dist/constants.js.map +1 -0
package/dist/context.d.ts +9 -0
package/dist/context.d.ts.map +1 -0
package/dist/context.js +8 -0
package/dist/context.js.map +1 -0
package/dist/erc-6492.d.ts +19 -0
package/dist/erc-6492.d.ts.map +1 -0
package/dist/erc-6492.js +64 -0
package/dist/erc-6492.js.map +1 -0
package/dist/extensions/index.d.ts +9 -0
package/dist/extensions/index.d.ts.map +1 -0
package/dist/extensions/index.js +7 -0
package/dist/extensions/index.js.map +1 -0
package/dist/extensions/passkeys.d.ts +31 -0
package/dist/extensions/passkeys.d.ts.map +1 -0
package/dist/extensions/passkeys.js +224 -0
package/dist/extensions/passkeys.js.map +1 -0
package/dist/extensions/recovery.d.ts +310 -0
package/dist/extensions/recovery.d.ts.map +1 -0
package/dist/extensions/recovery.js +444 -0
package/dist/extensions/recovery.js.map +1 -0
package/dist/generic-tree.d.ts +14 -0
package/dist/generic-tree.d.ts.map +1 -0
package/dist/generic-tree.js +34 -0
package/dist/generic-tree.js.map +1 -0
package/dist/index.d.ts +16 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +16 -0
package/dist/index.js.map +1 -0
package/dist/network.d.ts +15 -0
package/dist/network.d.ts.map +1 -0
package/dist/network.js +24 -0
package/dist/network.js.map +1 -0
package/dist/payload.d.ts +108 -0
package/dist/payload.d.ts.map +1 -0
package/dist/payload.js +627 -0
package/dist/payload.js.map +1 -0
package/dist/permission.d.ts +73 -0
package/dist/permission.d.ts.map +1 -0
package/dist/permission.js +188 -0
package/dist/permission.js.map +1 -0
package/dist/session-config.d.ts +113 -0
package/dist/session-config.d.ts.map +1 -0
package/dist/session-config.js +554 -0
package/dist/session-config.js.map +1 -0
package/dist/session-signature.d.ts +24 -0
package/dist/session-signature.d.ts.map +1 -0
package/dist/session-signature.js +141 -0
package/dist/session-signature.js.map +1 -0
package/dist/signature.d.ts +108 -0
package/dist/signature.d.ts.map +1 -0
package/dist/signature.js +1079 -0
package/dist/signature.js.map +1 -0
package/dist/utils.d.ts +45 -0
package/dist/utils.d.ts.map +1 -0
package/dist/utils.js +100 -0
package/dist/utils.js.map +1 -0
package/eslint.config.mjs +4 -0
package/package.json +27 -0
package/src/address.ts +19 -0
package/src/attestation.ts +114 -0
package/src/config.ts +521 -0
package/src/constants.ts +39 -0
package/src/context.ts +16 -0
package/src/erc-6492.ts +97 -0
package/src/extensions/index.ts +14 -0
package/src/extensions/passkeys.ts +283 -0
package/src/extensions/recovery.ts +542 -0
package/src/generic-tree.ts +55 -0
package/src/index.ts +15 -0
package/src/network.ts +37 -0
package/src/payload.ts +825 -0
package/src/permission.ts +252 -0
package/src/session-config.ts +681 -0
package/src/session-signature.ts +197 -0
package/src/signature.ts +1398 -0
package/src/utils.ts +114 -0
package/tsconfig.json +10 -0

package/src/extensions/index.ts ADDED Viewed

@@ -0,0 +1,14 @@
+import { Address } from 'ox'
+export type Extensions = {
+  passkeys: Address.Address
+  recovery: Address.Address
+}
+export const Dev1: Extensions = {
+  passkeys: '0x8f26281dB84C18aAeEa8a53F94c835393229d296',
+  recovery: '0xd98da48C4FF9c19742eA5856A277424557C863a6',
+}
+export * as Passkeys from './passkeys.js'
+export * as Recovery from './recovery.js'

package/src/extensions/passkeys.ts ADDED Viewed

@@ -0,0 +1,283 @@
+import { Bytes, Hex, WebAuthnP256 } from 'ox'
+import * as GenericTree from '../generic-tree.js'
+export type PasskeyMetadata = {
+  credentialId: string
+}
+export type PublicKey = {
+  requireUserVerification: boolean
+  x: Hex.Hex
+  y: Hex.Hex
+  metadata?: PasskeyMetadata | Hex.Hex
+}
+export function metadataTree(metadata: Required<PublicKey>['metadata']): GenericTree.Tree {
+  if (typeof metadata === 'object') {
+    return {
+      type: 'leaf',
+      value: Bytes.fromString(metadata.credentialId),
+    }
+  } else {
+    return metadata
+  }
+}
+export function metadataNode(metadata: Required<PublicKey>['metadata']): GenericTree.Node {
+  return GenericTree.hash(metadataTree(metadata))
+}
+export function toTree(publicKey: PublicKey): GenericTree.Tree {
+  const a = Hex.padLeft(publicKey.x, 32)
+  const b = Hex.padLeft(publicKey.y, 32)
+  const c = Hex.padLeft(publicKey.requireUserVerification ? '0x01' : '0x00', 32)
+  if (publicKey.metadata) {
+    return [
+      [a, b],
+      [c, metadataTree(publicKey.metadata)],
+    ]
+  } else {
+    return [
+      [a, b],
+      [c, Hex.padLeft('0x00', 32)],
+    ]
+  }
+}
+export function fromTree(tree: GenericTree.Tree): PublicKey {
+  if (!GenericTree.isBranch(tree) || tree.length !== 2) {
+    throw new Error('Invalid tree')
+  }
+  const [p1, p2] = tree
+  if (!GenericTree.isBranch(p1) || p1.length !== 2) {
+    throw new Error('Invalid tree for x,y')
+  }
+  const [x, y] = p1
+  if (!GenericTree.isNode(x)) {
+    throw new Error('Invalid x bytes')
+  }
+  if (!GenericTree.isNode(y)) {
+    throw new Error('Invalid y bytes')
+  }
+  let requireUserVerification = false
+  let metadata: PublicKey['metadata']
+  if (GenericTree.isBranch(p2)) {
+    if (p2.length !== 2) {
+      throw new Error('Invalid tree for c,metadata')
+    }
+    const [c, meta] = p2
+    if (!GenericTree.isNode(c) || c.length !== 32) {
+      throw new Error('Invalid c bytes')
+    }
+    const cBytes = Hex.toBytes(c)
+    requireUserVerification = cBytes[31] === 1
+    if (GenericTree.isBranch(meta)) {
+      if (meta.length !== 2) {
+        throw new Error('Invalid metadata tree')
+      }
+      const [credLeaf, sub] = meta
+      if (!GenericTree.isLeaf(credLeaf)) {
+        throw new Error('Invalid credentialId leaf')
+      }
+      const credentialId = new TextDecoder().decode(credLeaf.value)
+      if (!GenericTree.isBranch(sub) || sub.length !== 2) {
+        throw new Error('Invalid sub-branch for name and createdAt')
+      }
+      const [nameLeaf, createdAtLeaf] = sub
+      if (!GenericTree.isLeaf(nameLeaf) || !GenericTree.isLeaf(createdAtLeaf)) {
+        throw new Error('Invalid metadata leaves')
+      }
+      metadata = { credentialId }
+    } else if (GenericTree.isNode(meta) && meta.length === 32) {
+      metadata = meta
+    } else {
+      throw new Error('Invalid metadata node')
+    }
+  } else {
+    if (!GenericTree.isNode(p2) || p2.length !== 32) {
+      throw new Error('Invalid c bytes')
+    }
+    const p2Bytes = Hex.toBytes(p2)
+    requireUserVerification = p2Bytes[31] === 1
+  }
+  return { requireUserVerification, x, y, metadata }
+}
+export function rootFor(publicKey: PublicKey): Hex.Hex {
+  return GenericTree.hash(toTree(publicKey))
+}
+export type DecodedSignature = {
+  publicKey: PublicKey
+  r: Bytes.Bytes
+  s: Bytes.Bytes
+  authenticatorData: Bytes.Bytes
+  clientDataJSON: string
+  embedMetadata?: boolean
+}
+export function encode(decoded: DecodedSignature): Bytes.Bytes {
+  const challengeIndex = decoded.clientDataJSON.indexOf('"challenge"')
+  const typeIndex = decoded.clientDataJSON.indexOf('"type"')
+  const authDataSize = decoded.authenticatorData.length
+  const clientDataJSONSize = decoded.clientDataJSON.length
+  if (authDataSize > 65535) {
+    throw new Error('Authenticator data size is too large')
+  }
+  if (clientDataJSONSize > 65535) {
+    throw new Error('Client data JSON size is too large')
+  }
+  const bytesAuthDataSize = authDataSize <= 255 ? 1 : 2
+  const bytesClientDataJSONSize = clientDataJSONSize <= 255 ? 1 : 2
+  const bytesChallengeIndex = challengeIndex <= 255 ? 1 : 2
+  const bytesTypeIndex = typeIndex <= 255 ? 1 : 2
+  let flags = 0
+  flags |= decoded.publicKey.requireUserVerification ? 1 : 0 // 0x01 bit
+  flags |= (bytesAuthDataSize - 1) << 1 // 0x02 bit
+  flags |= (bytesClientDataJSONSize - 1) << 2 // 0x04 bit
+  flags |= (bytesChallengeIndex - 1) << 3 // 0x08 bit
+  flags |= (bytesTypeIndex - 1) << 4 // 0x10 bit
+  // Set metadata flag if metadata exists
+  if (decoded.embedMetadata) {
+    flags |= 1 << 6 // 0x40 bit
+  }
+  let result: Bytes.Bytes = Bytes.from([flags])
+  // Add metadata if it exists
+  if (decoded.embedMetadata) {
+    if (!decoded.publicKey.metadata) {
+      throw new Error('Metadata is not present in the public key')
+    }
+    result = Bytes.concat(result, Hex.toBytes(metadataNode(decoded.publicKey.metadata)))
+  }
+  result = Bytes.concat(result, Bytes.padLeft(Bytes.fromNumber(authDataSize), bytesAuthDataSize))
+  result = Bytes.concat(result, decoded.authenticatorData)
+  result = Bytes.concat(result, Bytes.padLeft(Bytes.fromNumber(decoded.clientDataJSON.length), bytesClientDataJSONSize))
+  result = Bytes.concat(result, Bytes.from(new TextEncoder().encode(decoded.clientDataJSON)))
+  result = Bytes.concat(result, Bytes.padLeft(Bytes.fromNumber(challengeIndex), bytesChallengeIndex))
+  result = Bytes.concat(result, Bytes.padLeft(Bytes.fromNumber(typeIndex), bytesTypeIndex))
+  result = Bytes.concat(result, Bytes.padLeft(decoded.r, 32))
+  result = Bytes.concat(result, Bytes.padLeft(decoded.s, 32))
+  result = Bytes.concat(result, Bytes.fromHex(decoded.publicKey.x))
+  result = Bytes.concat(result, Bytes.fromHex(decoded.publicKey.y))
+  return result
+}
+export function isValidSignature(challenge: Hex.Hex, decoded: DecodedSignature): boolean {
+  return WebAuthnP256.verify({
+    challenge,
+    publicKey: {
+      x: Hex.toBigInt(decoded.publicKey.x),
+      y: Hex.toBigInt(decoded.publicKey.y),
+      prefix: 4,
+    },
+    metadata: {
+      authenticatorData: Hex.fromBytes(decoded.authenticatorData),
+      challengeIndex: decoded.clientDataJSON.indexOf('"challenge"'),
+      clientDataJSON: decoded.clientDataJSON,
+      typeIndex: decoded.clientDataJSON.indexOf('"type"'),
+      userVerificationRequired: decoded.publicKey.requireUserVerification,
+    },
+    signature: {
+      r: Bytes.toBigInt(decoded.r),
+      s: Bytes.toBigInt(decoded.s),
+    },
+  })
+}
+export function decode(data: Bytes.Bytes): Required<DecodedSignature> & { challengeIndex: number; typeIndex: number } {
+  let offset = 0
+  const flags = data[0]
+  offset += 1
+  if (flags === undefined) {
+    throw new Error('Invalid flags')
+  }
+  const requireUserVerification = (flags & 0x01) !== 0x00
+  const bytesAuthDataSize = ((flags >> 1) & 0x01) + 1
+  const bytesClientDataJSONSize = ((flags >> 2) & 0x01) + 1
+  const bytesChallengeIndex = ((flags >> 3) & 0x01) + 1
+  const bytesTypeIndex = ((flags >> 4) & 0x01) + 1
+  const hasMetadata = ((flags >> 6) & 0x01) === 0x01
+  // Check if fallback to abi decode is needed
+  if ((flags & 0x20) !== 0) {
+    throw new Error('Fallback to abi decode is not supported in this implementation')
+  }
+  let metadata: Hex.Hex | undefined
+  // Read metadata if present
+  if (hasMetadata) {
+    const metadataBytes = Bytes.slice(data, offset, offset + 32)
+    metadata = Hex.fromBytes(metadataBytes)
+    offset += 32
+  }
+  const authDataSize = Bytes.toNumber(Bytes.slice(data, offset, offset + bytesAuthDataSize))
+  offset += bytesAuthDataSize
+  const authenticatorData = Bytes.slice(data, offset, offset + authDataSize)
+  offset += authDataSize
+  const clientDataJSONSize = Bytes.toNumber(Bytes.slice(data, offset, offset + bytesClientDataJSONSize))
+  offset += bytesClientDataJSONSize
+  const clientDataJSONBytes = Bytes.slice(data, offset, offset + clientDataJSONSize)
+  offset += clientDataJSONSize
+  const clientDataJSON = new TextDecoder().decode(clientDataJSONBytes)
+  const challengeIndex = Bytes.toNumber(Bytes.slice(data, offset, offset + bytesChallengeIndex))
+  offset += bytesChallengeIndex
+  const typeIndex = Bytes.toNumber(Bytes.slice(data, offset, offset + bytesTypeIndex))
+  offset += bytesTypeIndex
+  const r = Bytes.slice(data, offset, offset + 32)
+  offset += 32
+  const s = Bytes.slice(data, offset, offset + 32)
+  offset += 32
+  const xBytes = Bytes.slice(data, offset, offset + 32)
+  offset += 32
+  const yBytes = Bytes.slice(data, offset, offset + 32)
+  return {
+    publicKey: {
+      requireUserVerification,
+      x: Hex.fromBytes(xBytes),
+      y: Hex.fromBytes(yBytes),
+      metadata,
+    },
+    r,
+    s,
+    authenticatorData,
+    clientDataJSON,
+    challengeIndex,
+    typeIndex,
+    embedMetadata: hasMetadata,
+  }
+}