@1sat/wallet 0.0.42 → 0.0.44

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/index.d.ts CHANGED
@@ -8,6 +8,6 @@ export { FileBackupProvider, FileRestoreReader, Zip, ZipDeflate, unzip, type Bac
8
8
  export { ChromeCWI, CWIEventName, EventCWI, createChromeCWI, createCWI, createEventCWI, createSigmaCWI, createWebCWI, type CWIResponseDetail, type CWITransport, type SigmaCWIConfig, type SigmaCWIResult, type WebCWIConfig, type WebCWIResult, } from './cwi';
9
9
  export { parsePrivateKey } from './parsePrivateKey';
10
10
  export { createWalletCore, DEFAULT_FEE_MODEL, DEFAULT_CONNECTION_TIMEOUT, type Chain, type WalletCoreConfig, type WalletCoreResult, } from './factory';
11
- export { filterGroupedByMissing, InMemoryPermissionStore, isExpired, normalizeOriginator, PermissionLedgerAdapter, permissionKeyFromRequest, permissionKeysFromGroup, permissionKeyToString, } from './permissions';
12
- export type { CounterpartyPermissionPromptDecision, GroupedPermissionPromptDecision, IPermissionStore, ListGrantsFilter, PermissionKey, PermissionLedgerAdapterOptions, PermissionPromptDecision, PermissionPromptHandler, PermissionRecord, PermissionRecordSource, PermissionType, StoredGrant, } from './permissions';
11
+ export { filterGroupedByMissing, InMemoryPermissionStore, isExpired, LocalWalletPermissionsManager, normalizeOriginator, permissionKeyFromRequest, permissionKeysFromGroup, permissionKeyToString, } from './permissions';
12
+ export type { IPermissionStore, ListGrantsFilter, LocalWalletPermissionsManagerOptions, PermissionKey, PermissionType, StoredGrant, } from './permissions';
13
13
  //# sourceMappingURL=index.d.ts.map
@@ -1 +1 @@
1
- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,EAAE,MAAM,cAAc,CAAA;AAC7C,YAAY,EACX,eAAe,EACf,cAAc,EACd,oBAAoB,EACpB,UAAU,EACV,aAAa,EACb,UAAU,GACV,MAAM,aAAa,CAAA;AAGpB,OAAO,EAAE,cAAc,EAAE,MAAM,0BAA0B,CAAA;AAGzD,OAAO,EACN,YAAY,EACZ,UAAU,EACV,UAAU,EACV,WAAW,EACX,iBAAiB,EACjB,WAAW,EACX,WAAW,EACX,aAAa,EACb,SAAS,GACT,MAAM,cAAc,CAAA;AAGrB,OAAO,EACN,YAAY,EACZ,aAAa,EACb,iBAAiB,EACjB,WAAW,EACX,OAAO,EACP,kBAAkB,EAClB,WAAW,EACX,OAAO,EACP,UAAU,EACV,WAAW,EACX,cAAc,EACd,aAAa,EACb,QAAQ,EACR,YAAY,EACZ,YAAY,EACZ,KAAK,KAAK,EACV,KAAK,UAAU,EACf,KAAK,IAAI,EACT,KAAK,SAAS,EACd,KAAK,YAAY,EACjB,KAAK,WAAW,EAChB,KAAK,MAAM,EACX,KAAK,YAAY,EACjB,KAAK,WAAW,EAChB,KAAK,KAAK,EACV,KAAK,GAAG,GACR,MAAM,YAAY,CAAA;AAGnB,OAAO,EACN,cAAc,EACd,iBAAiB,EACjB,YAAY,EACZ,KAAK,iBAAiB,GACtB,MAAM,gBAAgB,CAAA;AAGvB,OAAO,EACN,kBAAkB,EAClB,iBAAiB,EACjB,GAAG,EACH,UAAU,EACV,KAAK,EACL,KAAK,cAAc,EACnB,KAAK,sBAAsB,EAC3B,KAAK,mBAAmB,EACxB,KAAK,QAAQ,GACb,MAAM,UAAU,CAAA;AAGjB,OAAO,EACN,SAAS,EACT,YAAY,EACZ,QAAQ,EACR,eAAe,EACf,SAAS,EACT,cAAc,EACd,cAAc,EACd,YAAY,EACZ,KAAK,iBAAiB,EACtB,KAAK,YAAY,EACjB,KAAK,cAAc,EACnB,KAAK,cAAc,EACnB,KAAK,YAAY,EACjB,KAAK,YAAY,GACjB,MAAM,OAAO,CAAA;AAMd,OAAO,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAA;AAGnD,OAAO,EACN,gBAAgB,EAChB,iBAAiB,EACjB,0BAA0B,EAC1B,KAAK,KAAK,EACV,KAAK,gBAAgB,EACrB,KAAK,gBAAgB,GACrB,MAAM,WAAW,CAAA;AAGlB,OAAO,EACN,sBAAsB,EACtB,uBAAuB,EACvB,SAAS,EACT,mBAAmB,EACnB,uBAAuB,EACvB,wBAAwB,EACxB,uBAAuB,EACvB,qBAAqB,GACrB,MAAM,eAAe,CAAA;AACtB,YAAY,EACX,oCAAoC,EACpC,+BAA+B,EAC/B,gBAAgB,EAChB,gBAAgB,EAChB,aAAa,EACb,8BAA8B,EAC9B,wBAAwB,EACxB,uBAAuB,EACvB,gBAAgB,EAChB,sBAAsB,EACtB,cAAc,EACd,WAAW,GACX,MAAM,eAAe,CAAA"}
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,EAAE,MAAM,cAAc,CAAA;AAC7C,YAAY,EACX,eAAe,EACf,cAAc,EACd,oBAAoB,EACpB,UAAU,EACV,aAAa,EACb,UAAU,GACV,MAAM,aAAa,CAAA;AAGpB,OAAO,EAAE,cAAc,EAAE,MAAM,0BAA0B,CAAA;AAGzD,OAAO,EACN,YAAY,EACZ,UAAU,EACV,UAAU,EACV,WAAW,EACX,iBAAiB,EACjB,WAAW,EACX,WAAW,EACX,aAAa,EACb,SAAS,GACT,MAAM,cAAc,CAAA;AAGrB,OAAO,EACN,YAAY,EACZ,aAAa,EACb,iBAAiB,EACjB,WAAW,EACX,OAAO,EACP,kBAAkB,EAClB,WAAW,EACX,OAAO,EACP,UAAU,EACV,WAAW,EACX,cAAc,EACd,aAAa,EACb,QAAQ,EACR,YAAY,EACZ,YAAY,EACZ,KAAK,KAAK,EACV,KAAK,UAAU,EACf,KAAK,IAAI,EACT,KAAK,SAAS,EACd,KAAK,YAAY,EACjB,KAAK,WAAW,EAChB,KAAK,MAAM,EACX,KAAK,YAAY,EACjB,KAAK,WAAW,EAChB,KAAK,KAAK,EACV,KAAK,GAAG,GACR,MAAM,YAAY,CAAA;AAGnB,OAAO,EACN,cAAc,EACd,iBAAiB,EACjB,YAAY,EACZ,KAAK,iBAAiB,GACtB,MAAM,gBAAgB,CAAA;AAGvB,OAAO,EACN,kBAAkB,EAClB,iBAAiB,EACjB,GAAG,EACH,UAAU,EACV,KAAK,EACL,KAAK,cAAc,EACnB,KAAK,sBAAsB,EAC3B,KAAK,mBAAmB,EACxB,KAAK,QAAQ,GACb,MAAM,UAAU,CAAA;AAGjB,OAAO,EACN,SAAS,EACT,YAAY,EACZ,QAAQ,EACR,eAAe,EACf,SAAS,EACT,cAAc,EACd,cAAc,EACd,YAAY,EACZ,KAAK,iBAAiB,EACtB,KAAK,YAAY,EACjB,KAAK,cAAc,EACnB,KAAK,cAAc,EACnB,KAAK,YAAY,EACjB,KAAK,YAAY,GACjB,MAAM,OAAO,CAAA;AAMd,OAAO,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAA;AAGnD,OAAO,EACN,gBAAgB,EAChB,iBAAiB,EACjB,0BAA0B,EAC1B,KAAK,KAAK,EACV,KAAK,gBAAgB,EACrB,KAAK,gBAAgB,GACrB,MAAM,WAAW,CAAA;AAGlB,OAAO,EACN,sBAAsB,EACtB,uBAAuB,EACvB,SAAS,EACT,6BAA6B,EAC7B,mBAAmB,EACnB,wBAAwB,EACxB,uBAAuB,EACvB,qBAAqB,GACrB,MAAM,eAAe,CAAA;AACtB,YAAY,EACX,gBAAgB,EAChB,gBAAgB,EAChB,oCAAoC,EACpC,aAAa,EACb,cAAc,EACd,WAAW,GACX,MAAM,eAAe,CAAA"}
package/dist/index.js CHANGED
@@ -18,6 +18,6 @@ export { ChromeCWI, CWIEventName, EventCWI, createChromeCWI, createCWI, createEv
18
18
  export { parsePrivateKey } from './parsePrivateKey';
19
19
  // Factory core
20
20
  export { createWalletCore, DEFAULT_FEE_MODEL, DEFAULT_CONNECTION_TIMEOUT, } from './factory';
21
- // Permissions (BRC-100 permission ledger + adapter)
22
- export { filterGroupedByMissing, InMemoryPermissionStore, isExpired, normalizeOriginator, PermissionLedgerAdapter, permissionKeyFromRequest, permissionKeysFromGroup, permissionKeyToString, } from './permissions';
21
+ // Permissions — local-storage-backed WalletPermissionsManager
22
+ export { filterGroupedByMissing, InMemoryPermissionStore, isExpired, LocalWalletPermissionsManager, normalizeOriginator, permissionKeyFromRequest, permissionKeysFromGroup, permissionKeyToString, } from './permissions';
23
23
  //# sourceMappingURL=index.js.map
package/dist/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,WAAW;AACX,OAAO,EAAE,cAAc,EAAE,MAAM,cAAc,CAAA;AAU7C,UAAU;AACV,OAAO,EAAE,cAAc,EAAE,MAAM,0BAA0B,CAAA;AAEzD,cAAc;AACd,OAAO,EACN,YAAY,EACZ,UAAU,EACV,UAAU,EACV,WAAW,EACX,iBAAiB,EACjB,WAAW,EACX,WAAW,EACX,aAAa,EACb,SAAS,GACT,MAAM,cAAc,CAAA;AAErB,WAAW;AACX,OAAO,EACN,YAAY,EACZ,aAAa,EACb,iBAAiB,EACjB,WAAW,EACX,OAAO,EACP,kBAAkB,EAClB,WAAW,EACX,OAAO,EACP,UAAU,EACV,WAAW,EACX,cAAc,EACd,aAAa,EACb,QAAQ,EACR,YAAY,EACZ,YAAY,GAYZ,MAAM,YAAY,CAAA;AAEnB,eAAe;AACf,OAAO,EACN,cAAc,EACd,iBAAiB,EACjB,YAAY,GAEZ,MAAM,gBAAgB,CAAA;AAEvB,SAAS;AACT,OAAO,EACN,kBAAkB,EAClB,iBAAiB,EACjB,GAAG,EACH,UAAU,EACV,KAAK,GAKL,MAAM,UAAU,CAAA;AAEjB,+BAA+B;AAC/B,OAAO,EACN,SAAS,EACT,YAAY,EACZ,QAAQ,EACR,eAAe,EACf,SAAS,EACT,cAAc,EACd,cAAc,EACd,YAAY,GAOZ,MAAM,OAAO,CAAA;AAEd,8EAA8E;AAC9E,sDAAsD;AAEtD,oBAAoB;AACpB,OAAO,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAA;AAEnD,eAAe;AACf,OAAO,EACN,gBAAgB,EAChB,iBAAiB,EACjB,0BAA0B,GAI1B,MAAM,WAAW,CAAA;AAElB,oDAAoD;AACpD,OAAO,EACN,sBAAsB,EACtB,uBAAuB,EACvB,SAAS,EACT,mBAAmB,EACnB,uBAAuB,EACvB,wBAAwB,EACxB,uBAAuB,EACvB,qBAAqB,GACrB,MAAM,eAAe,CAAA"}
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,WAAW;AACX,OAAO,EAAE,cAAc,EAAE,MAAM,cAAc,CAAA;AAU7C,UAAU;AACV,OAAO,EAAE,cAAc,EAAE,MAAM,0BAA0B,CAAA;AAEzD,cAAc;AACd,OAAO,EACN,YAAY,EACZ,UAAU,EACV,UAAU,EACV,WAAW,EACX,iBAAiB,EACjB,WAAW,EACX,WAAW,EACX,aAAa,EACb,SAAS,GACT,MAAM,cAAc,CAAA;AAErB,WAAW;AACX,OAAO,EACN,YAAY,EACZ,aAAa,EACb,iBAAiB,EACjB,WAAW,EACX,OAAO,EACP,kBAAkB,EAClB,WAAW,EACX,OAAO,EACP,UAAU,EACV,WAAW,EACX,cAAc,EACd,aAAa,EACb,QAAQ,EACR,YAAY,EACZ,YAAY,GAYZ,MAAM,YAAY,CAAA;AAEnB,eAAe;AACf,OAAO,EACN,cAAc,EACd,iBAAiB,EACjB,YAAY,GAEZ,MAAM,gBAAgB,CAAA;AAEvB,SAAS;AACT,OAAO,EACN,kBAAkB,EAClB,iBAAiB,EACjB,GAAG,EACH,UAAU,EACV,KAAK,GAKL,MAAM,UAAU,CAAA;AAEjB,+BAA+B;AAC/B,OAAO,EACN,SAAS,EACT,YAAY,EACZ,QAAQ,EACR,eAAe,EACf,SAAS,EACT,cAAc,EACd,cAAc,EACd,YAAY,GAOZ,MAAM,OAAO,CAAA;AAEd,8EAA8E;AAC9E,sDAAsD;AAEtD,oBAAoB;AACpB,OAAO,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAA;AAEnD,eAAe;AACf,OAAO,EACN,gBAAgB,EAChB,iBAAiB,EACjB,0BAA0B,GAI1B,MAAM,WAAW,CAAA;AAElB,8DAA8D;AAC9D,OAAO,EACN,sBAAsB,EACtB,uBAAuB,EACvB,SAAS,EACT,6BAA6B,EAC7B,mBAAmB,EACnB,wBAAwB,EACxB,uBAAuB,EACvB,qBAAqB,GACrB,MAAM,eAAe,CAAA"}
@@ -1,6 +1,5 @@
1
- export { PermissionLedgerAdapter } from './adapter';
2
- export type { PermissionLedgerAdapterOptions } from './adapter';
3
1
  export { InMemoryPermissionStore } from './in-memory-store';
4
2
  export { filterGroupedByMissing, isExpired, normalizeOriginator, permissionKeyFromRequest, permissionKeysFromGroup, permissionKeyToString, } from './key';
5
- export type { CounterpartyPermissionPromptDecision, GroupedPermissionPromptDecision, IPermissionStore, ListGrantsFilter, PermissionKey, PermissionPromptDecision, PermissionPromptHandler, PermissionRecord, PermissionRecordSource, PermissionType, StoredGrant, } from './types';
3
+ export { LocalWalletPermissionsManager, type LocalWalletPermissionsManagerOptions, } from './manager';
4
+ export type { IPermissionStore, ListGrantsFilter, PermissionKey, PermissionType, StoredGrant, } from './types';
6
5
  //# sourceMappingURL=index.d.ts.map
@@ -1 +1 @@
1
- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/permissions/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,uBAAuB,EAAE,MAAM,WAAW,CAAA;AACnD,YAAY,EAAE,8BAA8B,EAAE,MAAM,WAAW,CAAA;AAC/D,OAAO,EAAE,uBAAuB,EAAE,MAAM,mBAAmB,CAAA;AAC3D,OAAO,EACN,sBAAsB,EACtB,SAAS,EACT,mBAAmB,EACnB,wBAAwB,EACxB,uBAAuB,EACvB,qBAAqB,GACrB,MAAM,OAAO,CAAA;AACd,YAAY,EACX,oCAAoC,EACpC,+BAA+B,EAC/B,gBAAgB,EAChB,gBAAgB,EAChB,aAAa,EACb,wBAAwB,EACxB,uBAAuB,EACvB,gBAAgB,EAChB,sBAAsB,EACtB,cAAc,EACd,WAAW,GACX,MAAM,SAAS,CAAA"}
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/permissions/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,uBAAuB,EAAE,MAAM,mBAAmB,CAAA;AAC3D,OAAO,EACN,sBAAsB,EACtB,SAAS,EACT,mBAAmB,EACnB,wBAAwB,EACxB,uBAAuB,EACvB,qBAAqB,GACrB,MAAM,OAAO,CAAA;AACd,OAAO,EACN,6BAA6B,EAC7B,KAAK,oCAAoC,GACzC,MAAM,WAAW,CAAA;AAClB,YAAY,EACX,gBAAgB,EAChB,gBAAgB,EAChB,aAAa,EACb,cAAc,EACd,WAAW,GACX,MAAM,SAAS,CAAA"}
@@ -1,4 +1,4 @@
1
- export { PermissionLedgerAdapter } from './adapter';
2
1
  export { InMemoryPermissionStore } from './in-memory-store';
3
2
  export { filterGroupedByMissing, isExpired, normalizeOriginator, permissionKeyFromRequest, permissionKeysFromGroup, permissionKeyToString, } from './key';
3
+ export { LocalWalletPermissionsManager, } from './manager';
4
4
  //# sourceMappingURL=index.js.map
@@ -1 +1 @@
1
- {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/permissions/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,uBAAuB,EAAE,MAAM,WAAW,CAAA;AAEnD,OAAO,EAAE,uBAAuB,EAAE,MAAM,mBAAmB,CAAA;AAC3D,OAAO,EACN,sBAAsB,EACtB,SAAS,EACT,mBAAmB,EACnB,wBAAwB,EACxB,uBAAuB,EACvB,qBAAqB,GACrB,MAAM,OAAO,CAAA"}
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/permissions/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,uBAAuB,EAAE,MAAM,mBAAmB,CAAA;AAC3D,OAAO,EACN,sBAAsB,EACtB,SAAS,EACT,mBAAmB,EACnB,wBAAwB,EACxB,uBAAuB,EACvB,qBAAqB,GACrB,MAAM,OAAO,CAAA;AACd,OAAO,EACN,6BAA6B,GAE7B,MAAM,WAAW,CAAA"}
@@ -0,0 +1,120 @@
1
+ import type { WalletInterface, WalletProtocol } from '@bsv/sdk';
2
+ import { type CounterpartyPermissionEventHandler, type GroupedPermissionEventHandler, type PermissionEventHandler, type PermissionToken, type PermissionsManagerConfig, WalletPermissionsManager, type WalletPermissionsManagerCallbacks } from '@bsv/wallet-toolbox/out/src/index.client.js';
3
+ import type { IPermissionStore } from './types';
4
+ export interface LocalWalletPermissionsManagerOptions {
5
+ /** Store grants are persisted into and read from. */
6
+ store: IPermissionStore;
7
+ }
8
+ type AnyPermissionEventHandler = PermissionEventHandler | GroupedPermissionEventHandler | CounterpartyPermissionEventHandler;
9
+ /**
10
+ * `WalletPermissionsManager` variant that persists grants to an injected
11
+ * `IPermissionStore` instead of minting on-chain PushDrop tokens.
12
+ *
13
+ * Interface-compatible with `WalletPermissionsManager` — swap the class name
14
+ * and keep every other call the same (`bindCallback`, `grantPermission`,
15
+ * `denyPermission`, etc.).
16
+ *
17
+ * Reads:
18
+ * - `ensure*Access` checks the local store first; on miss it delegates to
19
+ * super (which then consults its own cache, on-chain tokens, and falls
20
+ * through to firing a prompt). Existing on-chain grants are honored.
21
+ * - Because super's grouped-permission filter calls back through
22
+ * `this.has*Access` → `this.ensure*Access`, our overrides are picked up
23
+ * polymorphically and the connect-time grouped prompt only requests
24
+ * permissions still missing from the store.
25
+ *
26
+ * Writes:
27
+ * - `grantPermission` writes to the store and resolves super's pending
28
+ * request via `super.grantPermission({ ephemeral: true })` (no on-chain
29
+ * mint, no cache write).
30
+ * - `grantGroupedPermission` writes each granted sub-permission to the
31
+ * store and resolves super's pending request via
32
+ * `super.dismissGroupedPermission` (no on-chain mint).
33
+ *
34
+ * Counterparty pact grants pass through to super unchanged — those still go
35
+ * on-chain by design.
36
+ */
37
+ export declare class LocalWalletPermissionsManager extends WalletPermissionsManager {
38
+ private readonly permissionStore;
39
+ private readonly pendingSingle;
40
+ private readonly pendingGrouped;
41
+ constructor(underlyingWallet: WalletInterface, adminOriginator: string, config: PermissionsManagerConfig | undefined, options: LocalWalletPermissionsManagerOptions);
42
+ bindCallback(eventName: keyof WalletPermissionsManagerCallbacks, handler: AnyPermissionEventHandler): number;
43
+ ensureProtocolPermission(args: {
44
+ originator: string;
45
+ privileged: boolean;
46
+ protocolID: WalletProtocol;
47
+ counterparty: string;
48
+ reason?: string;
49
+ seekPermission?: boolean;
50
+ usageType: 'signing' | 'encrypting' | 'hmac' | 'publicKey' | 'identityKey' | 'linkageRevelation' | 'generic';
51
+ }): Promise<boolean>;
52
+ ensureBasketAccess(args: {
53
+ originator: string;
54
+ basket: string;
55
+ reason?: string;
56
+ seekPermission?: boolean;
57
+ usageType: 'insertion' | 'removal' | 'listing';
58
+ }): Promise<boolean>;
59
+ ensureCertificateAccess(args: {
60
+ originator: string;
61
+ privileged: boolean;
62
+ verifier: string;
63
+ certType: string;
64
+ fields: string[];
65
+ reason?: string;
66
+ seekPermission?: boolean;
67
+ usageType: 'disclosure';
68
+ }): Promise<boolean>;
69
+ ensureSpendingAuthorization(args: {
70
+ originator: string;
71
+ satoshis: number;
72
+ lineItems?: Array<{
73
+ type: 'input' | 'output' | 'fee';
74
+ description: string;
75
+ satoshis: number;
76
+ }>;
77
+ reason?: string;
78
+ seekPermission?: boolean;
79
+ }): Promise<boolean>;
80
+ private storeHit;
81
+ grantPermission(params: {
82
+ requestID: string;
83
+ expiry?: number;
84
+ ephemeral?: boolean;
85
+ amount?: number;
86
+ }): Promise<void>;
87
+ denyPermission(requestID: string): Promise<void>;
88
+ grantGroupedPermission(params: {
89
+ requestID: string;
90
+ granted: Partial<import('@bsv/wallet-toolbox/out/src/index.client.js').GroupedPermissions>;
91
+ expiry?: number;
92
+ }): Promise<void>;
93
+ denyGroupedPermission(requestID: string): Promise<void>;
94
+ dismissGroupedPermission(requestID: string): Promise<void>;
95
+ listProtocolPermissions(filter?: {
96
+ originator?: string;
97
+ privileged?: boolean;
98
+ protocolName?: string;
99
+ protocolSecurityLevel?: number;
100
+ counterparty?: string;
101
+ }): Promise<PermissionToken[]>;
102
+ listBasketAccess(params?: {
103
+ originator?: string;
104
+ basket?: string;
105
+ }): Promise<PermissionToken[]>;
106
+ listSpendingAuthorizations(params: {
107
+ originator?: string;
108
+ }): Promise<PermissionToken[]>;
109
+ listCertificateAccess(params?: {
110
+ originator?: string;
111
+ privileged?: boolean;
112
+ certType?: string;
113
+ verifier?: string;
114
+ }): Promise<PermissionToken[]>;
115
+ private idbTokensFor;
116
+ revokeAllForOriginator(originator: string): Promise<PermissionToken[]>;
117
+ revokePermission(oldToken: PermissionToken): Promise<void>;
118
+ }
119
+ export {};
120
+ //# sourceMappingURL=manager.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"manager.d.ts","sourceRoot":"","sources":["../../src/permissions/manager.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,eAAe,EAAE,cAAc,EAAE,MAAM,UAAU,CAAA;AAC/D,OAAO,EACN,KAAK,kCAAkC,EACvC,KAAK,6BAA6B,EAElC,KAAK,sBAAsB,EAE3B,KAAK,eAAe,EACpB,KAAK,wBAAwB,EAC7B,wBAAwB,EACxB,KAAK,iCAAiC,EACtC,MAAM,6CAA6C,CAAA;AAOpD,OAAO,KAAK,EACX,gBAAgB,EAIhB,MAAM,SAAS,CAAA;AAIhB,MAAM,WAAW,oCAAoC;IACpD,qDAAqD;IACrD,KAAK,EAAE,gBAAgB,CAAA;CACvB;AAED,KAAK,yBAAyB,GAC3B,sBAAsB,GACtB,6BAA6B,GAC7B,kCAAkC,CAAA;AAErC;;;;;;;;;;;;;;;;;;;;;;;;;;;GA2BG;AACH,qBAAa,6BAA8B,SAAQ,wBAAwB;IAC1E,OAAO,CAAC,QAAQ,CAAC,eAAe,CAAkB;IAClD,OAAO,CAAC,QAAQ,CAAC,aAAa,CAG3B;IACH,OAAO,CAAC,QAAQ,CAAC,cAAc,CAA8C;gBAG5E,gBAAgB,EAAE,eAAe,EACjC,eAAe,EAAE,MAAM,EAEvB,MAAM,EAAE,wBAAwB,YAAK,EACrC,OAAO,EAAE,oCAAoC;IAW9B,YAAY,CAC3B,SAAS,EAAE,MAAM,iCAAiC,EAClD,OAAO,EAAE,yBAAyB,GAChC,MAAM;IAyBa,wBAAwB,CAAC,IAAI,EAAE;QACpD,UAAU,EAAE,MAAM,CAAA;QAClB,UAAU,EAAE,OAAO,CAAA;QACnB,UAAU,EAAE,cAAc,CAAA;QAC1B,YAAY,EAAE,MAAM,CAAA;QACpB,MAAM,CAAC,EAAE,MAAM,CAAA;QACf,cAAc,CAAC,EAAE,OAAO,CAAA;QACxB,SAAS,EACN,SAAS,GACT,YAAY,GACZ,MAAM,GACN,WAAW,GACX,aAAa,GACb,mBAAmB,GACnB,SAAS,CAAA;KACZ,GAAG,OAAO,CAAC,OAAO,CAAC;IAeE,kBAAkB,CAAC,IAAI,EAAE;QAC9C,UAAU,EAAE,MAAM,CAAA;QAClB,MAAM,EAAE,MAAM,CAAA;QACd,MAAM,CAAC,EAAE,MAAM,CAAA;QACf,cAAc,CAAC,EAAE,OAAO,CAAA;QACxB,SAAS,EAAE,WAAW,GAAG,SAAS,GAAG,SAAS,CAAA;KAC9C,GAAG,OAAO,CAAC,OAAO,CAAC;IAUE,uBAAuB,CAAC,IAAI,EAAE;QACnD,UAAU,EAAE,MAAM,CAAA;QAClB,UAAU,EAAE,OAAO,CAAA;QACnB,QAAQ,EAAE,MAAM,CAAA;QAChB,QAAQ,EAAE,MAAM,CAAA;QAChB,MAAM,EAAE,MAAM,EAAE,CAAA;QAChB,MAAM,CAAC,EAAE,MAAM,CAAA;QACf,cAAc,CAAC,EAAE,OAAO,CAAA;QACxB,SAAS,EAAE,YAAY,CAAA;KACvB,GAAG,OAAO,CAAC,OAAO,CAAC;IAaE,2BAA2B,CAAC,IAAI,EAAE;QACvD,UAAU,EAAE,MAAM,CAAA;QAClB,QAAQ,EAAE,MAAM,CAAA;QAChB,SAAS,CAAC,EAAE,KAAK,CAAC;YACjB,IAAI,EAAE,OAAO,GAAG,QAAQ,GAAG,KAAK,CAAA;YAChC,WAAW,EAAE,MAAM,CAAA;YACnB,QAAQ,EAAE,MAAM,CAAA;SAChB,CAAC,CAAA;QACF,MAAM,CAAC,EAAE,MAAM,CAAA;QACf,cAAc,CAAC,EAAE,OAAO,CAAA;KACxB,GAAG,OAAO,CAAC,OAAO,CAAC;YAgBN,QAAQ;IAUA,eAAe,CAAC,MAAM,EAAE;QAC7C,SAAS,EAAE,MAAM,CAAA;QACjB,MAAM,CAAC,EAAE,MAAM,CAAA;QACf,SAAS,CAAC,EAAE,OAAO,CAAA;QACnB,MAAM,CAAC,EAAE,MAAM,CAAA;KACf,GAAG,OAAO,CAAC,IAAI,CAAC;IAwBK,cAAc,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAKhD,sBAAsB,CAAC,MAAM,EAAE;QACpD,SAAS,EAAE,MAAM,CAAA;QACjB,OAAO,EAAE,OAAO,CACf,OAAO,6CAA6C,EAAE,kBAAkB,CACxE,CAAA;QACD,MAAM,CAAC,EAAE,MAAM,CAAA;KACf,GAAG,OAAO,CAAC,IAAI,CAAC;IAkEK,qBAAqB,CAC1C,SAAS,EAAE,MAAM,GACf,OAAO,CAAC,IAAI,CAAC;IAKM,wBAAwB,CAC7C,SAAS,EAAE,MAAM,GACf,OAAO,CAAC,IAAI,CAAC;IASM,uBAAuB,CAC5C,MAAM,GAAE;QACP,UAAU,CAAC,EAAE,MAAM,CAAA;QACnB,UAAU,CAAC,EAAE,OAAO,CAAA;QACpB,YAAY,CAAC,EAAE,MAAM,CAAA;QACrB,qBAAqB,CAAC,EAAE,MAAM,CAAA;QAC9B,YAAY,CAAC,EAAE,MAAM,CAAA;KAChB,GACJ,OAAO,CAAC,eAAe,EAAE,CAAC;IAiCP,gBAAgB,CACrC,MAAM,GAAE;QAAE,UAAU,CAAC,EAAE,MAAM,CAAC;QAAC,MAAM,CAAC,EAAE,MAAM,CAAA;KAAO,GACnD,OAAO,CAAC,eAAe,EAAE,CAAC;IAYP,0BAA0B,CAAC,MAAM,EAAE;QACxD,UAAU,CAAC,EAAE,MAAM,CAAA;KACnB,GAAG,OAAO,CAAC,eAAe,EAAE,CAAC;IAUR,qBAAqB,CAC1C,MAAM,GAAE;QACP,UAAU,CAAC,EAAE,MAAM,CAAA;QACnB,UAAU,CAAC,EAAE,OAAO,CAAA;QACpB,QAAQ,CAAC,EAAE,MAAM,CAAA;QACjB,QAAQ,CAAC,EAAE,MAAM,CAAA;KACZ,GACJ,OAAO,CAAC,eAAe,EAAE,CAAC;YA+Bf,YAAY;IAeJ,sBAAsB,CAC3C,UAAU,EAAE,MAAM,GAChB,OAAO,CAAC,eAAe,EAAE,CAAC;IAMP,gBAAgB,CACrC,QAAQ,EAAE,eAAe,GACvB,OAAO,CAAC,IAAI,CAAC;CAUhB"}
@@ -0,0 +1,470 @@
1
+ import { WalletPermissionsManager, } from '@bsv/wallet-toolbox/out/src/index.client.js';
2
+ import { isExpired, normalizeOriginator, permissionKeyFromRequest, permissionKeyToString, } from './key';
3
+ const IDB_TXID_PREFIX = 'idb:';
4
+ /**
5
+ * `WalletPermissionsManager` variant that persists grants to an injected
6
+ * `IPermissionStore` instead of minting on-chain PushDrop tokens.
7
+ *
8
+ * Interface-compatible with `WalletPermissionsManager` — swap the class name
9
+ * and keep every other call the same (`bindCallback`, `grantPermission`,
10
+ * `denyPermission`, etc.).
11
+ *
12
+ * Reads:
13
+ * - `ensure*Access` checks the local store first; on miss it delegates to
14
+ * super (which then consults its own cache, on-chain tokens, and falls
15
+ * through to firing a prompt). Existing on-chain grants are honored.
16
+ * - Because super's grouped-permission filter calls back through
17
+ * `this.has*Access` → `this.ensure*Access`, our overrides are picked up
18
+ * polymorphically and the connect-time grouped prompt only requests
19
+ * permissions still missing from the store.
20
+ *
21
+ * Writes:
22
+ * - `grantPermission` writes to the store and resolves super's pending
23
+ * request via `super.grantPermission({ ephemeral: true })` (no on-chain
24
+ * mint, no cache write).
25
+ * - `grantGroupedPermission` writes each granted sub-permission to the
26
+ * store and resolves super's pending request via
27
+ * `super.dismissGroupedPermission` (no on-chain mint).
28
+ *
29
+ * Counterparty pact grants pass through to super unchanged — those still go
30
+ * on-chain by design.
31
+ */
32
+ export class LocalWalletPermissionsManager extends WalletPermissionsManager {
33
+ permissionStore;
34
+ pendingSingle = new Map();
35
+ pendingGrouped = new Map();
36
+ constructor(underlyingWallet, adminOriginator,
37
+ // biome-ignore lint/style/useDefaultParameterLast: keeps signature aligned with WalletPermissionsManager
38
+ config = {}, options) {
39
+ super(underlyingWallet, adminOriginator, config);
40
+ this.permissionStore = options.store;
41
+ }
42
+ // -----------------------------------------------------------------
43
+ // Callback binding — capture the request so grant overrides can
44
+ // look it up by requestID later.
45
+ // -----------------------------------------------------------------
46
+ bindCallback(eventName, handler) {
47
+ if (eventName === 'onCounterpartyPermissionRequested') {
48
+ return super.bindCallback(eventName, handler);
49
+ }
50
+ if (eventName === 'onGroupedPermissionRequested') {
51
+ const userHandler = handler;
52
+ const wrapped = async (request) => {
53
+ this.pendingGrouped.set(request.requestID, request);
54
+ return userHandler(request);
55
+ };
56
+ return super.bindCallback(eventName, wrapped);
57
+ }
58
+ const userHandler = handler;
59
+ const wrapped = async (request) => {
60
+ this.pendingSingle.set(request.requestID, request);
61
+ return userHandler(request);
62
+ };
63
+ return super.bindCallback(eventName, wrapped);
64
+ }
65
+ // -----------------------------------------------------------------
66
+ // Read overrides — store-first, then delegate to super.
67
+ // -----------------------------------------------------------------
68
+ async ensureProtocolPermission(args) {
69
+ const counterparty = args.protocolID[0] === 1 ? '' : (args.counterparty ?? 'self');
70
+ const key = {
71
+ type: 'protocol',
72
+ originator: normalizeOriginator(args.originator),
73
+ privileged: !!args.privileged,
74
+ protocolLevel: args.protocolID[0],
75
+ protocolName: args.protocolID[1],
76
+ counterparty,
77
+ };
78
+ if (await this.storeHit(key))
79
+ return true;
80
+ return super.ensureProtocolPermission(args);
81
+ }
82
+ async ensureBasketAccess(args) {
83
+ const key = {
84
+ type: 'basket',
85
+ originator: normalizeOriginator(args.originator),
86
+ basket: args.basket,
87
+ };
88
+ if (await this.storeHit(key))
89
+ return true;
90
+ return super.ensureBasketAccess(args);
91
+ }
92
+ async ensureCertificateAccess(args) {
93
+ const key = {
94
+ type: 'certificate',
95
+ originator: normalizeOriginator(args.originator),
96
+ privileged: !!args.privileged,
97
+ verifier: args.verifier,
98
+ certType: args.certType,
99
+ fields: [...args.fields].sort(),
100
+ };
101
+ if (await this.storeHit(key))
102
+ return true;
103
+ return super.ensureCertificateAccess(args);
104
+ }
105
+ async ensureSpendingAuthorization(args) {
106
+ const key = {
107
+ type: 'spending',
108
+ originator: normalizeOriginator(args.originator),
109
+ };
110
+ const grant = await this.permissionStore.findGrant(key);
111
+ if (grant &&
112
+ !isExpired(grant.expiry) &&
113
+ (grant.authorizedAmount ?? 0) >= args.satoshis) {
114
+ return true;
115
+ }
116
+ return super.ensureSpendingAuthorization(args);
117
+ }
118
+ async storeHit(key) {
119
+ const grant = await this.permissionStore.findGrant(key);
120
+ return !!grant && !isExpired(grant.expiry);
121
+ }
122
+ // -----------------------------------------------------------------
123
+ // Grant / deny overrides — write store, resolve super's pending
124
+ // without minting on chain.
125
+ // -----------------------------------------------------------------
126
+ async grantPermission(params) {
127
+ const request = this.pendingSingle.get(params.requestID);
128
+ if (request) {
129
+ const key = permissionKeyFromRequest(request);
130
+ const grant = {
131
+ key,
132
+ expiry: params.expiry ?? 0,
133
+ grantedAt: Date.now(),
134
+ reason: request.reason,
135
+ };
136
+ if (key.type === 'spending' && params.amount != null) {
137
+ grant.authorizedAmount = params.amount;
138
+ }
139
+ else if (request.type === 'spending' &&
140
+ request.spending?.satoshis != null) {
141
+ grant.authorizedAmount = request.spending.satoshis;
142
+ }
143
+ await this.permissionStore.putGrant(grant);
144
+ this.pendingSingle.delete(params.requestID);
145
+ }
146
+ return super.grantPermission({ ...params, ephemeral: true });
147
+ }
148
+ async denyPermission(requestID) {
149
+ this.pendingSingle.delete(requestID);
150
+ return super.denyPermission(requestID);
151
+ }
152
+ async grantGroupedPermission(params) {
153
+ const request = this.pendingGrouped.get(params.requestID);
154
+ if (request) {
155
+ const originator = normalizeOriginator(request.originator);
156
+ const now = Date.now();
157
+ const expiry = params.expiry ?? 0;
158
+ if (params.granted.spendingAuthorization) {
159
+ await this.permissionStore.putGrant({
160
+ key: { type: 'spending', originator },
161
+ expiry,
162
+ grantedAt: now,
163
+ authorizedAmount: params.granted.spendingAuthorization.amount,
164
+ reason: params.granted.spendingAuthorization.description,
165
+ });
166
+ }
167
+ for (const p of params.granted.protocolPermissions ?? []) {
168
+ if (p.counterparty === '')
169
+ continue;
170
+ const level = p.protocolID[0];
171
+ const counterparty = level === 1 ? '' : (p.counterparty ?? 'self');
172
+ await this.permissionStore.putGrant({
173
+ key: {
174
+ type: 'protocol',
175
+ originator,
176
+ privileged: false,
177
+ protocolLevel: level,
178
+ protocolName: p.protocolID[1],
179
+ counterparty,
180
+ },
181
+ expiry,
182
+ grantedAt: now,
183
+ reason: p.description,
184
+ });
185
+ }
186
+ for (const b of params.granted.basketAccess ?? []) {
187
+ await this.permissionStore.putGrant({
188
+ key: { type: 'basket', originator, basket: b.basket },
189
+ expiry,
190
+ grantedAt: now,
191
+ reason: b.description,
192
+ });
193
+ }
194
+ for (const c of params.granted.certificateAccess ?? []) {
195
+ await this.permissionStore.putGrant({
196
+ key: {
197
+ type: 'certificate',
198
+ originator,
199
+ privileged: false,
200
+ verifier: c.verifierPublicKey,
201
+ certType: c.type,
202
+ fields: [...c.fields].sort(),
203
+ },
204
+ expiry,
205
+ grantedAt: now,
206
+ reason: c.description,
207
+ });
208
+ }
209
+ this.pendingGrouped.delete(params.requestID);
210
+ }
211
+ return super.dismissGroupedPermission(params.requestID);
212
+ }
213
+ async denyGroupedPermission(requestID) {
214
+ this.pendingGrouped.delete(requestID);
215
+ return super.denyGroupedPermission(requestID);
216
+ }
217
+ async dismissGroupedPermission(requestID) {
218
+ this.pendingGrouped.delete(requestID);
219
+ return super.dismissGroupedPermission(requestID);
220
+ }
221
+ // -----------------------------------------------------------------
222
+ // Listing — merge IDB grants with super's on-chain tokens.
223
+ // -----------------------------------------------------------------
224
+ async listProtocolPermissions(filter = {}) {
225
+ const onchain = await super.listProtocolPermissions(filter);
226
+ const idb = await this.idbTokensFor('protocol', filter.originator, (g) => {
227
+ if (g.key.type !== 'protocol')
228
+ return false;
229
+ if (filter.privileged !== undefined &&
230
+ g.key.privileged !== filter.privileged) {
231
+ return false;
232
+ }
233
+ if (filter.protocolName !== undefined &&
234
+ g.key.protocolName !== filter.protocolName) {
235
+ return false;
236
+ }
237
+ if (filter.protocolSecurityLevel !== undefined &&
238
+ g.key.protocolLevel !== filter.protocolSecurityLevel) {
239
+ return false;
240
+ }
241
+ if (filter.counterparty !== undefined &&
242
+ g.key.counterparty !== filter.counterparty) {
243
+ return false;
244
+ }
245
+ return true;
246
+ });
247
+ return mergeTokens(onchain, idb);
248
+ }
249
+ async listBasketAccess(params = {}) {
250
+ const onchain = await super.listBasketAccess(params);
251
+ const idb = await this.idbTokensFor('basket', params.originator, (g) => {
252
+ if (g.key.type !== 'basket')
253
+ return false;
254
+ if (params.basket !== undefined && g.key.basket !== params.basket) {
255
+ return false;
256
+ }
257
+ return true;
258
+ });
259
+ return mergeTokens(onchain, idb);
260
+ }
261
+ async listSpendingAuthorizations(params) {
262
+ const onchain = await super.listSpendingAuthorizations(params);
263
+ const idb = await this.idbTokensFor('spending', params.originator, (g) => g.key.type === 'spending');
264
+ return mergeTokens(onchain, idb);
265
+ }
266
+ async listCertificateAccess(params = {}) {
267
+ const onchain = await super.listCertificateAccess(params);
268
+ const idb = await this.idbTokensFor('certificate', params.originator, (g) => {
269
+ if (g.key.type !== 'certificate')
270
+ return false;
271
+ if (params.privileged !== undefined &&
272
+ g.key.privileged !== params.privileged) {
273
+ return false;
274
+ }
275
+ if (params.certType !== undefined &&
276
+ g.key.certType !== params.certType) {
277
+ return false;
278
+ }
279
+ if (params.verifier !== undefined &&
280
+ g.key.verifier !== params.verifier) {
281
+ return false;
282
+ }
283
+ return true;
284
+ });
285
+ return mergeTokens(onchain, idb);
286
+ }
287
+ async idbTokensFor(type, originator, predicate) {
288
+ const filter = { type };
289
+ if (originator)
290
+ filter.originator = normalizeOriginator(originator);
291
+ const grants = await this.permissionStore.listGrants(filter);
292
+ return grants.filter(predicate).map(grantToToken);
293
+ }
294
+ // -----------------------------------------------------------------
295
+ // Revocation — clear store, then delegate on-chain spend to super.
296
+ // -----------------------------------------------------------------
297
+ async revokeAllForOriginator(originator) {
298
+ const normalized = normalizeOriginator(originator);
299
+ await this.permissionStore.deleteAllForOriginator(normalized);
300
+ return super.revokeAllForOriginator(normalized);
301
+ }
302
+ async revokePermission(oldToken) {
303
+ const idbKey = idbKeyFromToken(oldToken);
304
+ if (idbKey) {
305
+ await this.permissionStore.deleteGrant(idbKey);
306
+ }
307
+ if (oldToken.txid.startsWith(IDB_TXID_PREFIX)) {
308
+ return;
309
+ }
310
+ return super.revokePermission(oldToken);
311
+ }
312
+ }
313
+ function grantToToken(grant) {
314
+ const base = {
315
+ txid: `${IDB_TXID_PREFIX}${permissionKeyToString(grant.key)}`,
316
+ tx: [],
317
+ outputIndex: 0,
318
+ outputScript: '',
319
+ satoshis: 0,
320
+ originator: grant.key.originator,
321
+ expiry: grant.expiry,
322
+ };
323
+ switch (grant.key.type) {
324
+ case 'protocol':
325
+ base.privileged = grant.key.privileged;
326
+ base.protocol = grant.key.protocolName;
327
+ base.securityLevel = grant.key.protocolLevel;
328
+ base.counterparty = grant.key.counterparty;
329
+ break;
330
+ case 'basket':
331
+ base.basketName = grant.key.basket;
332
+ break;
333
+ case 'certificate':
334
+ base.privileged = grant.key.privileged;
335
+ base.certType = grant.key.certType;
336
+ base.certFields = grant.key.fields;
337
+ base.verifier = grant.key.verifier;
338
+ break;
339
+ case 'spending':
340
+ if (grant.authorizedAmount != null) {
341
+ base.authorizedAmount = grant.authorizedAmount;
342
+ }
343
+ break;
344
+ }
345
+ return base;
346
+ }
347
+ function idbKeyFromToken(token) {
348
+ if (token.txid.startsWith(IDB_TXID_PREFIX)) {
349
+ return parseIdbKey(token.txid.slice(IDB_TXID_PREFIX.length));
350
+ }
351
+ const originator = normalizeOriginator(token.originator);
352
+ if (token.basketName) {
353
+ return { type: 'basket', originator, basket: token.basketName };
354
+ }
355
+ if (token.protocol && token.securityLevel !== undefined) {
356
+ return {
357
+ type: 'protocol',
358
+ originator,
359
+ privileged: !!token.privileged,
360
+ protocolLevel: token.securityLevel,
361
+ protocolName: token.protocol,
362
+ counterparty: token.counterparty ?? 'self',
363
+ };
364
+ }
365
+ if (token.certType && token.verifier && token.certFields) {
366
+ return {
367
+ type: 'certificate',
368
+ originator,
369
+ privileged: !!token.privileged,
370
+ verifier: token.verifier,
371
+ certType: token.certType,
372
+ fields: [...token.certFields].sort(),
373
+ };
374
+ }
375
+ if (token.authorizedAmount !== undefined) {
376
+ return { type: 'spending', originator };
377
+ }
378
+ return null;
379
+ }
380
+ function parseIdbKey(serialized) {
381
+ const idx = serialized.indexOf(':');
382
+ if (idx < 0)
383
+ return null;
384
+ const tag = serialized.slice(0, idx);
385
+ const rest = serialized.slice(idx + 1);
386
+ if (tag === 'basket') {
387
+ const sep = rest.indexOf(':');
388
+ if (sep < 0)
389
+ return null;
390
+ return {
391
+ type: 'basket',
392
+ originator: rest.slice(0, sep),
393
+ basket: rest.slice(sep + 1),
394
+ };
395
+ }
396
+ if (tag === 'spend') {
397
+ return { type: 'spending', originator: rest };
398
+ }
399
+ if (tag === 'proto') {
400
+ const parts = rest.split(':');
401
+ if (parts.length < 4)
402
+ return null;
403
+ const [originator, privileged, levelAndName, counterparty] = parts;
404
+ const commaIdx = levelAndName.indexOf(',');
405
+ if (commaIdx < 0)
406
+ return null;
407
+ const level = Number(levelAndName.slice(0, commaIdx));
408
+ const protocolName = levelAndName.slice(commaIdx + 1);
409
+ return {
410
+ type: 'protocol',
411
+ originator,
412
+ privileged: privileged === 'true',
413
+ protocolLevel: level,
414
+ protocolName,
415
+ counterparty,
416
+ };
417
+ }
418
+ if (tag === 'cert') {
419
+ const parts = rest.split(':');
420
+ if (parts.length < 5)
421
+ return null;
422
+ const [originator, privileged, verifier, certType, fieldsJoined] = parts;
423
+ return {
424
+ type: 'certificate',
425
+ originator,
426
+ privileged: privileged === 'true',
427
+ verifier,
428
+ certType,
429
+ fields: fieldsJoined ? fieldsJoined.split('|') : [],
430
+ };
431
+ }
432
+ return null;
433
+ }
434
+ function mergeTokens(onchain, idb) {
435
+ const seen = new Set();
436
+ const out = [];
437
+ for (const t of onchain) {
438
+ const k = onchainSignature(t);
439
+ if (k)
440
+ seen.add(k);
441
+ out.push(t);
442
+ }
443
+ for (const t of idb) {
444
+ const k = idbSignature(t);
445
+ if (k && seen.has(k))
446
+ continue;
447
+ out.push(t);
448
+ }
449
+ return out;
450
+ }
451
+ function onchainSignature(t) {
452
+ const originator = normalizeOriginator(t.originator);
453
+ if (t.basketName)
454
+ return `basket:${originator}:${t.basketName}`;
455
+ if (t.protocol && t.securityLevel !== undefined) {
456
+ return `proto:${originator}:${!!t.privileged}:${t.securityLevel},${t.protocol}:${t.counterparty ?? 'self'}`;
457
+ }
458
+ if (t.certType && t.verifier && t.certFields) {
459
+ return `cert:${originator}:${!!t.privileged}:${t.verifier}:${t.certType}:${[...t.certFields].sort().join('|')}`;
460
+ }
461
+ if (t.authorizedAmount !== undefined)
462
+ return `spend:${originator}`;
463
+ return null;
464
+ }
465
+ function idbSignature(t) {
466
+ if (!t.txid.startsWith(IDB_TXID_PREFIX))
467
+ return null;
468
+ return t.txid.slice(IDB_TXID_PREFIX.length);
469
+ }
470
+ //# sourceMappingURL=manager.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"manager.js","sourceRoot":"","sources":["../../src/permissions/manager.ts"],"names":[],"mappings":"AACA,OAAO,EAQN,wBAAwB,GAExB,MAAM,6CAA6C,CAAA;AACpD,OAAO,EACN,SAAS,EACT,mBAAmB,EACnB,wBAAwB,EACxB,qBAAqB,GACrB,MAAM,OAAO,CAAA;AAQd,MAAM,eAAe,GAAG,MAAM,CAAA;AAY9B;;;;;;;;;;;;;;;;;;;;;;;;;;;GA2BG;AACH,MAAM,OAAO,6BAA8B,SAAQ,wBAAwB;IACzD,eAAe,CAAkB;IACjC,aAAa,GAAG,IAAI,GAAG,EAGrC,CAAA;IACc,cAAc,GAAG,IAAI,GAAG,EAAoC,CAAA;IAE7E,YACC,gBAAiC,EACjC,eAAuB;IACvB,yGAAyG;IACzG,SAAmC,EAAE,EACrC,OAA6C;QAE7C,KAAK,CAAC,gBAAgB,EAAE,eAAe,EAAE,MAAM,CAAC,CAAA;QAChD,IAAI,CAAC,eAAe,GAAG,OAAO,CAAC,KAAK,CAAA;IACrC,CAAC;IAED,oEAAoE;IACpE,gEAAgE;IAChE,iCAAiC;IACjC,oEAAoE;IAEpD,YAAY,CAC3B,SAAkD,EAClD,OAAkC;QAElC,IAAI,SAAS,KAAK,mCAAmC,EAAE,CAAC;YACvD,OAAO,KAAK,CAAC,YAAY,CAAC,SAAS,EAAE,OAAO,CAAC,CAAA;QAC9C,CAAC;QACD,IAAI,SAAS,KAAK,8BAA8B,EAAE,CAAC;YAClD,MAAM,WAAW,GAAG,OAAwC,CAAA;YAC5D,MAAM,OAAO,GAAkC,KAAK,EAAE,OAAO,EAAE,EAAE;gBAChE,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,OAAO,CAAC,SAAS,EAAE,OAAO,CAAC,CAAA;gBACnD,OAAO,WAAW,CAAC,OAAO,CAAC,CAAA;YAC5B,CAAC,CAAA;YACD,OAAO,KAAK,CAAC,YAAY,CAAC,SAAS,EAAE,OAAO,CAAC,CAAA;QAC9C,CAAC;QAED,MAAM,WAAW,GAAG,OAAiC,CAAA;QACrD,MAAM,OAAO,GAA2B,KAAK,EAAE,OAAO,EAAE,EAAE;YACzD,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,OAAO,CAAC,SAAS,EAAE,OAAO,CAAC,CAAA;YAClD,OAAO,WAAW,CAAC,OAAO,CAAC,CAAA;QAC5B,CAAC,CAAA;QACD,OAAO,KAAK,CAAC,YAAY,CAAC,SAAS,EAAE,OAAO,CAAC,CAAA;IAC9C,CAAC;IAED,oEAAoE;IACpE,wDAAwD;IACxD,oEAAoE;IAEpD,KAAK,CAAC,wBAAwB,CAAC,IAe9C;QACA,MAAM,YAAY,GACjB,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,YAAY,IAAI,MAAM,CAAC,CAAA;QAC9D,MAAM,GAAG,GAAkB;YAC1B,IAAI,EAAE,UAAU;YAChB,UAAU,EAAE,mBAAmB,CAAC,IAAI,CAAC,UAAU,CAAC;YAChD,UAAU,EAAE,CAAC,CAAC,IAAI,CAAC,UAAU;YAC7B,aAAa,EAAE,IAAI,CAAC,UAAU,CAAC,CAAC,CAAc;YAC9C,YAAY,EAAE,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC;YAChC,YAAY;SACZ,CAAA;QACD,IAAI,MAAM,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC;YAAE,OAAO,IAAI,CAAA;QACzC,OAAO,KAAK,CAAC,wBAAwB,CAAC,IAAI,CAAC,CAAA;IAC5C,CAAC;IAEe,KAAK,CAAC,kBAAkB,CAAC,IAMxC;QACA,MAAM,GAAG,GAAkB;YAC1B,IAAI,EAAE,QAAQ;YACd,UAAU,EAAE,mBAAmB,CAAC,IAAI,CAAC,UAAU,CAAC;YAChD,MAAM,EAAE,IAAI,CAAC,MAAM;SACnB,CAAA;QACD,IAAI,MAAM,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC;YAAE,OAAO,IAAI,CAAA;QACzC,OAAO,KAAK,CAAC,kBAAkB,CAAC,IAAI,CAAC,CAAA;IACtC,CAAC;IAEe,KAAK,CAAC,uBAAuB,CAAC,IAS7C;QACA,MAAM,GAAG,GAAkB;YAC1B,IAAI,EAAE,aAAa;YACnB,UAAU,EAAE,mBAAmB,CAAC,IAAI,CAAC,UAAU,CAAC;YAChD,UAAU,EAAE,CAAC,CAAC,IAAI,CAAC,UAAU;YAC7B,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,MAAM,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE;SAC/B,CAAA;QACD,IAAI,MAAM,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC;YAAE,OAAO,IAAI,CAAA;QACzC,OAAO,KAAK,CAAC,uBAAuB,CAAC,IAAI,CAAC,CAAA;IAC3C,CAAC;IAEe,KAAK,CAAC,2BAA2B,CAAC,IAUjD;QACA,MAAM,GAAG,GAAkB;YAC1B,IAAI,EAAE,UAAU;YAChB,UAAU,EAAE,mBAAmB,CAAC,IAAI,CAAC,UAAU,CAAC;SAChD,CAAA;QACD,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,SAAS,CAAC,GAAG,CAAC,CAAA;QACvD,IACC,KAAK;YACL,CAAC,SAAS,CAAC,KAAK,CAAC,MAAM,CAAC;YACxB,CAAC,KAAK,CAAC,gBAAgB,IAAI,CAAC,CAAC,IAAI,IAAI,CAAC,QAAQ,EAC7C,CAAC;YACF,OAAO,IAAI,CAAA;QACZ,CAAC;QACD,OAAO,KAAK,CAAC,2BAA2B,CAAC,IAAI,CAAC,CAAA;IAC/C,CAAC;IAEO,KAAK,CAAC,QAAQ,CAAC,GAAkB;QACxC,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,SAAS,CAAC,GAAG,CAAC,CAAA;QACvD,OAAO,CAAC,CAAC,KAAK,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,MAAM,CAAC,CAAA;IAC3C,CAAC;IAED,oEAAoE;IACpE,gEAAgE;IAChE,4BAA4B;IAC5B,oEAAoE;IAEpD,KAAK,CAAC,eAAe,CAAC,MAKrC;QACA,MAAM,OAAO,GAAG,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,MAAM,CAAC,SAAS,CAAC,CAAA;QACxD,IAAI,OAAO,EAAE,CAAC;YACb,MAAM,GAAG,GAAG,wBAAwB,CAAC,OAAO,CAAC,CAAA;YAC7C,MAAM,KAAK,GAAgB;gBAC1B,GAAG;gBACH,MAAM,EAAE,MAAM,CAAC,MAAM,IAAI,CAAC;gBAC1B,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;gBACrB,MAAM,EAAE,OAAO,CAAC,MAAM;aACtB,CAAA;YACD,IAAI,GAAG,CAAC,IAAI,KAAK,UAAU,IAAI,MAAM,CAAC,MAAM,IAAI,IAAI,EAAE,CAAC;gBACtD,KAAK,CAAC,gBAAgB,GAAG,MAAM,CAAC,MAAM,CAAA;YACvC,CAAC;iBAAM,IACN,OAAO,CAAC,IAAI,KAAK,UAAU;gBAC3B,OAAO,CAAC,QAAQ,EAAE,QAAQ,IAAI,IAAI,EACjC,CAAC;gBACF,KAAK,CAAC,gBAAgB,GAAG,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAA;YACnD,CAAC;YACD,MAAM,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAA;YAC1C,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,CAAA;QAC5C,CAAC;QACD,OAAO,KAAK,CAAC,eAAe,CAAC,EAAE,GAAG,MAAM,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAA;IAC7D,CAAC;IAEe,KAAK,CAAC,cAAc,CAAC,SAAiB;QACrD,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,SAAS,CAAC,CAAA;QACpC,OAAO,KAAK,CAAC,cAAc,CAAC,SAAS,CAAC,CAAA;IACvC,CAAC;IAEe,KAAK,CAAC,sBAAsB,CAAC,MAM5C;QACA,MAAM,OAAO,GAAG,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,MAAM,CAAC,SAAS,CAAC,CAAA;QACzD,IAAI,OAAO,EAAE,CAAC;YACb,MAAM,UAAU,GAAG,mBAAmB,CAAC,OAAO,CAAC,UAAU,CAAC,CAAA;YAC1D,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAA;YACtB,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,IAAI,CAAC,CAAA;YAEjC,IAAI,MAAM,CAAC,OAAO,CAAC,qBAAqB,EAAE,CAAC;gBAC1C,MAAM,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC;oBACnC,GAAG,EAAE,EAAE,IAAI,EAAE,UAAU,EAAE,UAAU,EAAE;oBACrC,MAAM;oBACN,SAAS,EAAE,GAAG;oBACd,gBAAgB,EAAE,MAAM,CAAC,OAAO,CAAC,qBAAqB,CAAC,MAAM;oBAC7D,MAAM,EAAE,MAAM,CAAC,OAAO,CAAC,qBAAqB,CAAC,WAAW;iBACxD,CAAC,CAAA;YACH,CAAC;YAED,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,mBAAmB,IAAI,EAAE,EAAE,CAAC;gBAC1D,IAAI,CAAC,CAAC,YAAY,KAAK,EAAE;oBAAE,SAAQ;gBACnC,MAAM,KAAK,GAAG,CAAC,CAAC,UAAU,CAAC,CAAC,CAAc,CAAA;gBAC1C,MAAM,YAAY,GAAG,KAAK,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,YAAY,IAAI,MAAM,CAAC,CAAA;gBAClE,MAAM,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC;oBACnC,GAAG,EAAE;wBACJ,IAAI,EAAE,UAAU;wBAChB,UAAU;wBACV,UAAU,EAAE,KAAK;wBACjB,aAAa,EAAE,KAAK;wBACpB,YAAY,EAAE,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC;wBAC7B,YAAY;qBACZ;oBACD,MAAM;oBACN,SAAS,EAAE,GAAG;oBACd,MAAM,EAAE,CAAC,CAAC,WAAW;iBACrB,CAAC,CAAA;YACH,CAAC;YAED,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,YAAY,IAAI,EAAE,EAAE,CAAC;gBACnD,MAAM,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC;oBACnC,GAAG,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE;oBACrD,MAAM;oBACN,SAAS,EAAE,GAAG;oBACd,MAAM,EAAE,CAAC,CAAC,WAAW;iBACrB,CAAC,CAAA;YACH,CAAC;YAED,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,iBAAiB,IAAI,EAAE,EAAE,CAAC;gBACxD,MAAM,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC;oBACnC,GAAG,EAAE;wBACJ,IAAI,EAAE,aAAa;wBACnB,UAAU;wBACV,UAAU,EAAE,KAAK;wBACjB,QAAQ,EAAE,CAAC,CAAC,iBAAiB;wBAC7B,QAAQ,EAAE,CAAC,CAAC,IAAI;wBAChB,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE;qBAC5B;oBACD,MAAM;oBACN,SAAS,EAAE,GAAG;oBACd,MAAM,EAAE,CAAC,CAAC,WAAW;iBACrB,CAAC,CAAA;YACH,CAAC;YAED,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,CAAA;QAC7C,CAAC;QACD,OAAO,KAAK,CAAC,wBAAwB,CAAC,MAAM,CAAC,SAAS,CAAC,CAAA;IACxD,CAAC;IAEe,KAAK,CAAC,qBAAqB,CAC1C,SAAiB;QAEjB,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,SAAS,CAAC,CAAA;QACrC,OAAO,KAAK,CAAC,qBAAqB,CAAC,SAAS,CAAC,CAAA;IAC9C,CAAC;IAEe,KAAK,CAAC,wBAAwB,CAC7C,SAAiB;QAEjB,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,SAAS,CAAC,CAAA;QACrC,OAAO,KAAK,CAAC,wBAAwB,CAAC,SAAS,CAAC,CAAA;IACjD,CAAC;IAED,oEAAoE;IACpE,2DAA2D;IAC3D,oEAAoE;IAEpD,KAAK,CAAC,uBAAuB,CAC5C,SAMI,EAAE;QAEN,MAAM,OAAO,GAAG,MAAM,KAAK,CAAC,uBAAuB,CAAC,MAAM,CAAC,CAAA;QAC3D,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,UAAU,EAAE,MAAM,CAAC,UAAU,EAAE,CAAC,CAAC,EAAE,EAAE;YACxE,IAAI,CAAC,CAAC,GAAG,CAAC,IAAI,KAAK,UAAU;gBAAE,OAAO,KAAK,CAAA;YAC3C,IACC,MAAM,CAAC,UAAU,KAAK,SAAS;gBAC/B,CAAC,CAAC,GAAG,CAAC,UAAU,KAAK,MAAM,CAAC,UAAU,EACrC,CAAC;gBACF,OAAO,KAAK,CAAA;YACb,CAAC;YACD,IACC,MAAM,CAAC,YAAY,KAAK,SAAS;gBACjC,CAAC,CAAC,GAAG,CAAC,YAAY,KAAK,MAAM,CAAC,YAAY,EACzC,CAAC;gBACF,OAAO,KAAK,CAAA;YACb,CAAC;YACD,IACC,MAAM,CAAC,qBAAqB,KAAK,SAAS;gBAC1C,CAAC,CAAC,GAAG,CAAC,aAAa,KAAK,MAAM,CAAC,qBAAqB,EACnD,CAAC;gBACF,OAAO,KAAK,CAAA;YACb,CAAC;YACD,IACC,MAAM,CAAC,YAAY,KAAK,SAAS;gBACjC,CAAC,CAAC,GAAG,CAAC,YAAY,KAAK,MAAM,CAAC,YAAY,EACzC,CAAC;gBACF,OAAO,KAAK,CAAA;YACb,CAAC;YACD,OAAO,IAAI,CAAA;QACZ,CAAC,CAAC,CAAA;QACF,OAAO,WAAW,CAAC,OAAO,EAAE,GAAG,CAAC,CAAA;IACjC,CAAC;IAEe,KAAK,CAAC,gBAAgB,CACrC,SAAmD,EAAE;QAErD,MAAM,OAAO,GAAG,MAAM,KAAK,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAA;QACpD,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,QAAQ,EAAE,MAAM,CAAC,UAAU,EAAE,CAAC,CAAC,EAAE,EAAE;YACtE,IAAI,CAAC,CAAC,GAAG,CAAC,IAAI,KAAK,QAAQ;gBAAE,OAAO,KAAK,CAAA;YACzC,IAAI,MAAM,CAAC,MAAM,KAAK,SAAS,IAAI,CAAC,CAAC,GAAG,CAAC,MAAM,KAAK,MAAM,CAAC,MAAM,EAAE,CAAC;gBACnE,OAAO,KAAK,CAAA;YACb,CAAC;YACD,OAAO,IAAI,CAAA;QACZ,CAAC,CAAC,CAAA;QACF,OAAO,WAAW,CAAC,OAAO,EAAE,GAAG,CAAC,CAAA;IACjC,CAAC;IAEe,KAAK,CAAC,0BAA0B,CAAC,MAEhD;QACA,MAAM,OAAO,GAAG,MAAM,KAAK,CAAC,0BAA0B,CAAC,MAAM,CAAC,CAAA;QAC9D,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,YAAY,CAClC,UAAU,EACV,MAAM,CAAC,UAAU,EACjB,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,KAAK,UAAU,CAChC,CAAA;QACD,OAAO,WAAW,CAAC,OAAO,EAAE,GAAG,CAAC,CAAA;IACjC,CAAC;IAEe,KAAK,CAAC,qBAAqB,CAC1C,SAKI,EAAE;QAEN,MAAM,OAAO,GAAG,MAAM,KAAK,CAAC,qBAAqB,CAAC,MAAM,CAAC,CAAA;QACzD,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,YAAY,CAClC,aAAa,EACb,MAAM,CAAC,UAAU,EACjB,CAAC,CAAC,EAAE,EAAE;YACL,IAAI,CAAC,CAAC,GAAG,CAAC,IAAI,KAAK,aAAa;gBAAE,OAAO,KAAK,CAAA;YAC9C,IACC,MAAM,CAAC,UAAU,KAAK,SAAS;gBAC/B,CAAC,CAAC,GAAG,CAAC,UAAU,KAAK,MAAM,CAAC,UAAU,EACrC,CAAC;gBACF,OAAO,KAAK,CAAA;YACb,CAAC;YACD,IACC,MAAM,CAAC,QAAQ,KAAK,SAAS;gBAC7B,CAAC,CAAC,GAAG,CAAC,QAAQ,KAAK,MAAM,CAAC,QAAQ,EACjC,CAAC;gBACF,OAAO,KAAK,CAAA;YACb,CAAC;YACD,IACC,MAAM,CAAC,QAAQ,KAAK,SAAS;gBAC7B,CAAC,CAAC,GAAG,CAAC,QAAQ,KAAK,MAAM,CAAC,QAAQ,EACjC,CAAC;gBACF,OAAO,KAAK,CAAA;YACb,CAAC;YACD,OAAO,IAAI,CAAA;QACZ,CAAC,CACD,CAAA;QACD,OAAO,WAAW,CAAC,OAAO,EAAE,GAAG,CAAC,CAAA;IACjC,CAAC;IAEO,KAAK,CAAC,YAAY,CACzB,IAA8B,EAC9B,UAA8B,EAC9B,SAAsC;QAEtC,MAAM,MAAM,GAAqB,EAAE,IAAI,EAAE,CAAA;QACzC,IAAI,UAAU;YAAE,MAAM,CAAC,UAAU,GAAG,mBAAmB,CAAC,UAAU,CAAC,CAAA;QACnE,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,UAAU,CAAC,MAAM,CAAC,CAAA;QAC5D,OAAO,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,YAAY,CAAC,CAAA;IAClD,CAAC;IAED,oEAAoE;IACpE,mEAAmE;IACnE,oEAAoE;IAEpD,KAAK,CAAC,sBAAsB,CAC3C,UAAkB;QAElB,MAAM,UAAU,GAAG,mBAAmB,CAAC,UAAU,CAAC,CAAA;QAClD,MAAM,IAAI,CAAC,eAAe,CAAC,sBAAsB,CAAC,UAAU,CAAC,CAAA;QAC7D,OAAO,KAAK,CAAC,sBAAsB,CAAC,UAAU,CAAC,CAAA;IAChD,CAAC;IAEe,KAAK,CAAC,gBAAgB,CACrC,QAAyB;QAEzB,MAAM,MAAM,GAAG,eAAe,CAAC,QAAQ,CAAC,CAAA;QACxC,IAAI,MAAM,EAAE,CAAC;YACZ,MAAM,IAAI,CAAC,eAAe,CAAC,WAAW,CAAC,MAAM,CAAC,CAAA;QAC/C,CAAC;QACD,IAAI,QAAQ,CAAC,IAAI,CAAC,UAAU,CAAC,eAAe,CAAC,EAAE,CAAC;YAC/C,OAAM;QACP,CAAC;QACD,OAAO,KAAK,CAAC,gBAAgB,CAAC,QAAQ,CAAC,CAAA;IACxC,CAAC;CACD;AAED,SAAS,YAAY,CAAC,KAAkB;IACvC,MAAM,IAAI,GAAoB;QAC7B,IAAI,EAAE,GAAG,eAAe,GAAG,qBAAqB,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE;QAC7D,EAAE,EAAE,EAAE;QACN,WAAW,EAAE,CAAC;QACd,YAAY,EAAE,EAAE;QAChB,QAAQ,EAAE,CAAC;QACX,UAAU,EAAE,KAAK,CAAC,GAAG,CAAC,UAAU;QAChC,MAAM,EAAE,KAAK,CAAC,MAAM;KACpB,CAAA;IACD,QAAQ,KAAK,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;QACxB,KAAK,UAAU;YACd,IAAI,CAAC,UAAU,GAAG,KAAK,CAAC,GAAG,CAAC,UAAU,CAAA;YACtC,IAAI,CAAC,QAAQ,GAAG,KAAK,CAAC,GAAG,CAAC,YAAY,CAAA;YACtC,IAAI,CAAC,aAAa,GAAG,KAAK,CAAC,GAAG,CAAC,aAAa,CAAA;YAC5C,IAAI,CAAC,YAAY,GAAG,KAAK,CAAC,GAAG,CAAC,YAAY,CAAA;YAC1C,MAAK;QACN,KAAK,QAAQ;YACZ,IAAI,CAAC,UAAU,GAAG,KAAK,CAAC,GAAG,CAAC,MAAM,CAAA;YAClC,MAAK;QACN,KAAK,aAAa;YACjB,IAAI,CAAC,UAAU,GAAG,KAAK,CAAC,GAAG,CAAC,UAAU,CAAA;YACtC,IAAI,CAAC,QAAQ,GAAG,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAA;YAClC,IAAI,CAAC,UAAU,GAAG,KAAK,CAAC,GAAG,CAAC,MAAM,CAAA;YAClC,IAAI,CAAC,QAAQ,GAAG,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAA;YAClC,MAAK;QACN,KAAK,UAAU;YACd,IAAI,KAAK,CAAC,gBAAgB,IAAI,IAAI,EAAE,CAAC;gBACpC,IAAI,CAAC,gBAAgB,GAAG,KAAK,CAAC,gBAAgB,CAAA;YAC/C,CAAC;YACD,MAAK;IACP,CAAC;IACD,OAAO,IAAI,CAAA;AACZ,CAAC;AAED,SAAS,eAAe,CAAC,KAAsB;IAC9C,IAAI,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,eAAe,CAAC,EAAE,CAAC;QAC5C,OAAO,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC,MAAM,CAAC,CAAC,CAAA;IAC7D,CAAC;IACD,MAAM,UAAU,GAAG,mBAAmB,CAAC,KAAK,CAAC,UAAU,CAAC,CAAA;IACxD,IAAI,KAAK,CAAC,UAAU,EAAE,CAAC;QACtB,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,EAAE,KAAK,CAAC,UAAU,EAAE,CAAA;IAChE,CAAC;IACD,IAAI,KAAK,CAAC,QAAQ,IAAI,KAAK,CAAC,aAAa,KAAK,SAAS,EAAE,CAAC;QACzD,OAAO;YACN,IAAI,EAAE,UAAU;YAChB,UAAU;YACV,UAAU,EAAE,CAAC,CAAC,KAAK,CAAC,UAAU;YAC9B,aAAa,EAAE,KAAK,CAAC,aAAa;YAClC,YAAY,EAAE,KAAK,CAAC,QAAQ;YAC5B,YAAY,EAAE,KAAK,CAAC,YAAY,IAAI,MAAM;SAC1C,CAAA;IACF,CAAC;IACD,IAAI,KAAK,CAAC,QAAQ,IAAI,KAAK,CAAC,QAAQ,IAAI,KAAK,CAAC,UAAU,EAAE,CAAC;QAC1D,OAAO;YACN,IAAI,EAAE,aAAa;YACnB,UAAU;YACV,UAAU,EAAE,CAAC,CAAC,KAAK,CAAC,UAAU;YAC9B,QAAQ,EAAE,KAAK,CAAC,QAAQ;YACxB,QAAQ,EAAE,KAAK,CAAC,QAAQ;YACxB,MAAM,EAAE,CAAC,GAAG,KAAK,CAAC,UAAU,CAAC,CAAC,IAAI,EAAE;SACpC,CAAA;IACF,CAAC;IACD,IAAI,KAAK,CAAC,gBAAgB,KAAK,SAAS,EAAE,CAAC;QAC1C,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,UAAU,EAAE,CAAA;IACxC,CAAC;IACD,OAAO,IAAI,CAAA;AACZ,CAAC;AAED,SAAS,WAAW,CAAC,UAAkB;IACtC,MAAM,GAAG,GAAG,UAAU,CAAC,OAAO,CAAC,GAAG,CAAC,CAAA;IACnC,IAAI,GAAG,GAAG,CAAC;QAAE,OAAO,IAAI,CAAA;IACxB,MAAM,GAAG,GAAG,UAAU,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAA;IACpC,MAAM,IAAI,GAAG,UAAU,CAAC,KAAK,CAAC,GAAG,GAAG,CAAC,CAAC,CAAA;IACtC,IAAI,GAAG,KAAK,QAAQ,EAAE,CAAC;QACtB,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAA;QAC7B,IAAI,GAAG,GAAG,CAAC;YAAE,OAAO,IAAI,CAAA;QACxB,OAAO;YACN,IAAI,EAAE,QAAQ;YACd,UAAU,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;YAC9B,MAAM,EAAE,IAAI,CAAC,KAAK,CAAC,GAAG,GAAG,CAAC,CAAC;SAC3B,CAAA;IACF,CAAC;IACD,IAAI,GAAG,KAAK,OAAO,EAAE,CAAC;QACrB,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,UAAU,EAAE,IAAI,EAAE,CAAA;IAC9C,CAAC;IACD,IAAI,GAAG,KAAK,OAAO,EAAE,CAAC;QACrB,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QAC7B,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC;YAAE,OAAO,IAAI,CAAA;QACjC,MAAM,CAAC,UAAU,EAAE,UAAU,EAAE,YAAY,EAAE,YAAY,CAAC,GAAG,KAAK,CAAA;QAClE,MAAM,QAAQ,GAAG,YAAY,CAAC,OAAO,CAAC,GAAG,CAAC,CAAA;QAC1C,IAAI,QAAQ,GAAG,CAAC;YAAE,OAAO,IAAI,CAAA;QAC7B,MAAM,KAAK,GAAG,MAAM,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAc,CAAA;QAClE,MAAM,YAAY,GAAG,YAAY,CAAC,KAAK,CAAC,QAAQ,GAAG,CAAC,CAAC,CAAA;QACrD,OAAO;YACN,IAAI,EAAE,UAAU;YAChB,UAAU;YACV,UAAU,EAAE,UAAU,KAAK,MAAM;YACjC,aAAa,EAAE,KAAK;YACpB,YAAY;YACZ,YAAY;SACZ,CAAA;IACF,CAAC;IACD,IAAI,GAAG,KAAK,MAAM,EAAE,CAAC;QACpB,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QAC7B,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC;YAAE,OAAO,IAAI,CAAA;QACjC,MAAM,CAAC,UAAU,EAAE,UAAU,EAAE,QAAQ,EAAE,QAAQ,EAAE,YAAY,CAAC,GAAG,KAAK,CAAA;QACxE,OAAO;YACN,IAAI,EAAE,aAAa;YACnB,UAAU;YACV,UAAU,EAAE,UAAU,KAAK,MAAM;YACjC,QAAQ;YACR,QAAQ;YACR,MAAM,EAAE,YAAY,CAAC,CAAC,CAAC,YAAY,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE;SACnD,CAAA;IACF,CAAC;IACD,OAAO,IAAI,CAAA;AACZ,CAAC;AAED,SAAS,WAAW,CACnB,OAA0B,EAC1B,GAAsB;IAEtB,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAA;IAC9B,MAAM,GAAG,GAAsB,EAAE,CAAA;IACjC,KAAK,MAAM,CAAC,IAAI,OAAO,EAAE,CAAC;QACzB,MAAM,CAAC,GAAG,gBAAgB,CAAC,CAAC,CAAC,CAAA;QAC7B,IAAI,CAAC;YAAE,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAA;QAClB,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;IACZ,CAAC;IACD,KAAK,MAAM,CAAC,IAAI,GAAG,EAAE,CAAC;QACrB,MAAM,CAAC,GAAG,YAAY,CAAC,CAAC,CAAC,CAAA;QACzB,IAAI,CAAC,IAAI,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YAAE,SAAQ;QAC9B,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;IACZ,CAAC;IACD,OAAO,GAAG,CAAA;AACX,CAAC;AAED,SAAS,gBAAgB,CAAC,CAAkB;IAC3C,MAAM,UAAU,GAAG,mBAAmB,CAAC,CAAC,CAAC,UAAU,CAAC,CAAA;IACpD,IAAI,CAAC,CAAC,UAAU;QAAE,OAAO,UAAU,UAAU,IAAI,CAAC,CAAC,UAAU,EAAE,CAAA;IAC/D,IAAI,CAAC,CAAC,QAAQ,IAAI,CAAC,CAAC,aAAa,KAAK,SAAS,EAAE,CAAC;QACjD,OAAO,SAAS,UAAU,IAAI,CAAC,CAAC,CAAC,CAAC,UAAU,IAAI,CAAC,CAAC,aAAa,IAAI,CAAC,CAAC,QAAQ,IAAI,CAAC,CAAC,YAAY,IAAI,MAAM,EAAE,CAAA;IAC5G,CAAC;IACD,IAAI,CAAC,CAAC,QAAQ,IAAI,CAAC,CAAC,QAAQ,IAAI,CAAC,CAAC,UAAU,EAAE,CAAC;QAC9C,OAAO,QAAQ,UAAU,IAAI,CAAC,CAAC,CAAC,CAAC,UAAU,IAAI,CAAC,CAAC,QAAQ,IAAI,CAAC,CAAC,QAAQ,IAAI,CAAC,GAAG,CAAC,CAAC,UAAU,CAAC,CAAC,IAAI,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAA;IAChH,CAAC;IACD,IAAI,CAAC,CAAC,gBAAgB,KAAK,SAAS;QAAE,OAAO,SAAS,UAAU,EAAE,CAAA;IAClE,OAAO,IAAI,CAAA;AACZ,CAAC;AAED,SAAS,YAAY,CAAC,CAAkB;IACvC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,eAAe,CAAC;QAAE,OAAO,IAAI,CAAA;IACpD,OAAO,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC,MAAM,CAAC,CAAA;AAC5C,CAAC"}
@@ -1,4 +1,3 @@
1
- import type { CounterpartyPermissionRequest, CounterpartyPermissions, GroupedPermissionRequest, GroupedPermissions, PermissionRequest, PermissionToken } from '@bsv/wallet-toolbox';
2
1
  /** The four BRC-100 permission categories. */
3
2
  export type PermissionType = 'protocol' | 'basket' | 'certificate' | 'spending';
4
3
  /** A normalized permission key, uniquely identifying a (originator, category, parameters) tuple. */
@@ -29,9 +28,7 @@ export type PermissionKey = {
29
28
  *
30
29
  * For spending (DSAP) grants, the ledger only stores the user-authorized cap
31
30
  * (`authorizedAmount`). Actual monthly spend is read from the wallet's
32
- * action history on every cap check via `WalletPermissionsManager.querySpentSince`
33
- * — the same mechanism WPM uses natively, so spent accounting remains exact
34
- * and cross-device consistent.
31
+ * action history on every cap check via `WalletPermissionsManager.querySpentSince`.
35
32
  */
36
33
  export interface StoredGrant {
37
34
  key: PermissionKey;
@@ -50,7 +47,7 @@ export interface ListGrantsFilter {
50
47
  type?: PermissionType;
51
48
  }
52
49
  /**
53
- * Storage backend for permission grants.
50
+ * Storage backend for permission grants used by `LocalWalletPermissionsManager`.
54
51
  *
55
52
  * Implementations should be keyed by the canonical string form of the
56
53
  * `PermissionKey` (use `permissionKeyToString` from `./key`).
@@ -65,68 +62,4 @@ export interface IPermissionStore {
65
62
  deleteAllForOriginator(originator: string): Promise<number>;
66
63
  listGrants(filter?: ListGrantsFilter): Promise<StoredGrant[]>;
67
64
  }
68
- /** User decision returned from a single-permission prompt. */
69
- export type PermissionPromptDecision = {
70
- approved: true;
71
- /** Optional override for the grant expiry in UNIX seconds. */
72
- expiry?: number;
73
- /** DSAP only — override the authorized amount (e.g. user chose a larger cap). */
74
- authorizedAmount?: number;
75
- } | {
76
- approved: false;
77
- };
78
- /** User decision returned from a BRC-73 grouped-permission prompt. */
79
- export type GroupedPermissionPromptDecision = {
80
- approved: true;
81
- /** Subset of the requested permissions that the user agreed to. */
82
- granted: Partial<GroupedPermissions>;
83
- expiry?: number;
84
- } | {
85
- approved: false;
86
- };
87
- /**
88
- * User decision returned from a level-2 counterparty pact prompt.
89
- *
90
- * `granted` is a `Partial<CounterpartyPermissions>` because users typically
91
- * approve a subset of the requested protocols, matching WPM's
92
- * `grantCounterpartyPermission` signature.
93
- */
94
- export type CounterpartyPermissionPromptDecision = {
95
- approved: true;
96
- granted: Partial<CounterpartyPermissions>;
97
- expiry?: number;
98
- } | {
99
- approved: false;
100
- };
101
- /**
102
- * Prompt callbacks supplied by the consumer (the host app).
103
- *
104
- * The adapter calls these when a grant is needed after the store lookup
105
- * comes back empty. Counterparty prompts are optional — if omitted, the
106
- * adapter auto-denies counterparty requests so the dApp call fails cleanly
107
- * instead of hanging forever.
108
- */
109
- export interface PermissionPromptHandler {
110
- onPermissionRequested(request: PermissionRequest & {
111
- requestID: string;
112
- }): Promise<PermissionPromptDecision>;
113
- onGroupedPermissionRequested(request: GroupedPermissionRequest): Promise<GroupedPermissionPromptDecision>;
114
- onCounterpartyPermissionRequested?(request: CounterpartyPermissionRequest): Promise<CounterpartyPermissionPromptDecision>;
115
- }
116
- /** The source a permission record was loaded from when listing all permissions. */
117
- export type PermissionRecordSource = 'ledger' | 'onchain';
118
- /**
119
- * Unified record returned by the adapter's `listAllPermissions` helper.
120
- *
121
- * `source: 'ledger'` records are local `StoredGrant`s; `source: 'onchain'`
122
- * records are WPM `PermissionToken` shapes surfaced for level-2 counterparty
123
- * pacts (and any pre-migration on-chain tokens that still exist).
124
- */
125
- export type PermissionRecord = ({
126
- source: 'ledger';
127
- } & StoredGrant) | {
128
- source: 'onchain';
129
- type: PermissionType;
130
- token: PermissionToken;
131
- };
132
65
  //# sourceMappingURL=types.d.ts.map
@@ -1 +1 @@
1
- {"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/permissions/types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACX,6BAA6B,EAC7B,uBAAuB,EACvB,wBAAwB,EACxB,kBAAkB,EAClB,iBAAiB,EACjB,eAAe,EACf,MAAM,qBAAqB,CAAA;AAE5B,8CAA8C;AAC9C,MAAM,MAAM,cAAc,GAAG,UAAU,GAAG,QAAQ,GAAG,aAAa,GAAG,UAAU,CAAA;AAE/E,oGAAoG;AACpG,MAAM,MAAM,aAAa,GACtB;IACA,IAAI,EAAE,UAAU,CAAA;IAChB,UAAU,EAAE,MAAM,CAAA;IAClB,UAAU,EAAE,OAAO,CAAA;IACnB,aAAa,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAA;IACxB,YAAY,EAAE,MAAM,CAAA;IACpB,YAAY,EAAE,MAAM,CAAA;CACnB,GACD;IACA,IAAI,EAAE,QAAQ,CAAA;IACd,UAAU,EAAE,MAAM,CAAA;IAClB,MAAM,EAAE,MAAM,CAAA;CACb,GACD;IACA,IAAI,EAAE,aAAa,CAAA;IACnB,UAAU,EAAE,MAAM,CAAA;IAClB,UAAU,EAAE,OAAO,CAAA;IACnB,QAAQ,EAAE,MAAM,CAAA;IAChB,QAAQ,EAAE,MAAM,CAAA;IAChB,MAAM,EAAE,MAAM,EAAE,CAAA;CACf,GACD;IACA,IAAI,EAAE,UAAU,CAAA;IAChB,UAAU,EAAE,MAAM,CAAA;CACjB,CAAA;AAEJ;;;;;;;;GAQG;AACH,MAAM,WAAW,WAAW;IAC3B,GAAG,EAAE,aAAa,CAAA;IAClB,yCAAyC;IACzC,MAAM,EAAE,MAAM,CAAA;IACd,qDAAqD;IACrD,SAAS,EAAE,MAAM,CAAA;IACjB,gEAAgE;IAChE,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,sDAAsD;IACtD,gBAAgB,CAAC,EAAE,MAAM,CAAA;CACzB;AAED,sDAAsD;AACtD,MAAM,WAAW,gBAAgB;IAChC,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB,IAAI,CAAC,EAAE,cAAc,CAAA;CACrB;AAED;;;;;;;;GAQG;AACH,MAAM,WAAW,gBAAgB;IAChC,SAAS,CAAC,GAAG,EAAE,aAAa,GAAG,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC,CAAA;IAC1D,QAAQ,CAAC,KAAK,EAAE,WAAW,GAAG,OAAO,CAAC,IAAI,CAAC,CAAA;IAC3C,WAAW,CAAC,GAAG,EAAE,aAAa,GAAG,OAAO,CAAC,IAAI,CAAC,CAAA;IAC9C,sBAAsB,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAA;IAC3D,UAAU,CAAC,MAAM,CAAC,EAAE,gBAAgB,GAAG,OAAO,CAAC,WAAW,EAAE,CAAC,CAAA;CAC7D;AAED,8DAA8D;AAC9D,MAAM,MAAM,wBAAwB,GACjC;IACA,QAAQ,EAAE,IAAI,CAAA;IACd,8DAA8D;IAC9D,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,iFAAiF;IACjF,gBAAgB,CAAC,EAAE,MAAM,CAAA;CACxB,GACD;IAAE,QAAQ,EAAE,KAAK,CAAA;CAAE,CAAA;AAEtB,sEAAsE;AACtE,MAAM,MAAM,+BAA+B,GACxC;IACA,QAAQ,EAAE,IAAI,CAAA;IACd,mEAAmE;IACnE,OAAO,EAAE,OAAO,CAAC,kBAAkB,CAAC,CAAA;IACpC,MAAM,CAAC,EAAE,MAAM,CAAA;CACd,GACD;IAAE,QAAQ,EAAE,KAAK,CAAA;CAAE,CAAA;AAEtB;;;;;;GAMG;AACH,MAAM,MAAM,oCAAoC,GAC7C;IACA,QAAQ,EAAE,IAAI,CAAA;IACd,OAAO,EAAE,OAAO,CAAC,uBAAuB,CAAC,CAAA;IACzC,MAAM,CAAC,EAAE,MAAM,CAAA;CACd,GACD;IAAE,QAAQ,EAAE,KAAK,CAAA;CAAE,CAAA;AAEtB;;;;;;;GAOG;AACH,MAAM,WAAW,uBAAuB;IACvC,qBAAqB,CACpB,OAAO,EAAE,iBAAiB,GAAG;QAAE,SAAS,EAAE,MAAM,CAAA;KAAE,GAChD,OAAO,CAAC,wBAAwB,CAAC,CAAA;IACpC,4BAA4B,CAC3B,OAAO,EAAE,wBAAwB,GAC/B,OAAO,CAAC,+BAA+B,CAAC,CAAA;IAC3C,iCAAiC,CAAC,CACjC,OAAO,EAAE,6BAA6B,GACpC,OAAO,CAAC,oCAAoC,CAAC,CAAA;CAChD;AAED,mFAAmF;AACnF,MAAM,MAAM,sBAAsB,GAAG,QAAQ,GAAG,SAAS,CAAA;AAEzD;;;;;;GAMG;AACH,MAAM,MAAM,gBAAgB,GACzB,CAAC;IAAE,MAAM,EAAE,QAAQ,CAAA;CAAE,GAAG,WAAW,CAAC,GACpC;IACA,MAAM,EAAE,SAAS,CAAA;IACjB,IAAI,EAAE,cAAc,CAAA;IACpB,KAAK,EAAE,eAAe,CAAA;CACrB,CAAA"}
1
+ {"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/permissions/types.ts"],"names":[],"mappings":"AAAA,8CAA8C;AAC9C,MAAM,MAAM,cAAc,GAAG,UAAU,GAAG,QAAQ,GAAG,aAAa,GAAG,UAAU,CAAA;AAE/E,oGAAoG;AACpG,MAAM,MAAM,aAAa,GACtB;IACA,IAAI,EAAE,UAAU,CAAA;IAChB,UAAU,EAAE,MAAM,CAAA;IAClB,UAAU,EAAE,OAAO,CAAA;IACnB,aAAa,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAA;IACxB,YAAY,EAAE,MAAM,CAAA;IACpB,YAAY,EAAE,MAAM,CAAA;CACnB,GACD;IACA,IAAI,EAAE,QAAQ,CAAA;IACd,UAAU,EAAE,MAAM,CAAA;IAClB,MAAM,EAAE,MAAM,CAAA;CACb,GACD;IACA,IAAI,EAAE,aAAa,CAAA;IACnB,UAAU,EAAE,MAAM,CAAA;IAClB,UAAU,EAAE,OAAO,CAAA;IACnB,QAAQ,EAAE,MAAM,CAAA;IAChB,QAAQ,EAAE,MAAM,CAAA;IAChB,MAAM,EAAE,MAAM,EAAE,CAAA;CACf,GACD;IACA,IAAI,EAAE,UAAU,CAAA;IAChB,UAAU,EAAE,MAAM,CAAA;CACjB,CAAA;AAEJ;;;;;;GAMG;AACH,MAAM,WAAW,WAAW;IAC3B,GAAG,EAAE,aAAa,CAAA;IAClB,yCAAyC;IACzC,MAAM,EAAE,MAAM,CAAA;IACd,qDAAqD;IACrD,SAAS,EAAE,MAAM,CAAA;IACjB,gEAAgE;IAChE,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,sDAAsD;IACtD,gBAAgB,CAAC,EAAE,MAAM,CAAA;CACzB;AAED,sDAAsD;AACtD,MAAM,WAAW,gBAAgB;IAChC,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB,IAAI,CAAC,EAAE,cAAc,CAAA;CACrB;AAED;;;;;;;;GAQG;AACH,MAAM,WAAW,gBAAgB;IAChC,SAAS,CAAC,GAAG,EAAE,aAAa,GAAG,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC,CAAA;IAC1D,QAAQ,CAAC,KAAK,EAAE,WAAW,GAAG,OAAO,CAAC,IAAI,CAAC,CAAA;IAC3C,WAAW,CAAC,GAAG,EAAE,aAAa,GAAG,OAAO,CAAC,IAAI,CAAC,CAAA;IAC9C,sBAAsB,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAA;IAC3D,UAAU,CAAC,MAAM,CAAC,EAAE,gBAAgB,GAAG,OAAO,CAAC,WAAW,EAAE,CAAC,CAAA;CAC7D"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@1sat/wallet",
3
- "version": "0.0.42",
3
+ "version": "0.0.44",
4
4
  "description": "BRC-100 wallet engine for 1Sat Ordinals SDK",
5
5
  "type": "module",
6
6
  "main": "./dist/index.js",
@@ -44,4 +44,4 @@
44
44
  "@types/chrome": "^0.1.32",
45
45
  "typescript": "^5.9.3"
46
46
  }
47
- }
47
+ }
@@ -1,91 +0,0 @@
1
- import type { WalletPermissionsManager } from '@bsv/wallet-toolbox';
2
- import type { IPermissionStore, PermissionKey, PermissionPromptHandler, PermissionRecord } from './types';
3
- export interface PermissionLedgerAdapterOptions {
4
- /** The WPM instance to attach callbacks to. */
5
- wallet: WalletPermissionsManager;
6
- /** Persistent store for permission grants. */
7
- store: IPermissionStore;
8
- /** UI prompt callbacks. */
9
- prompt: PermissionPromptHandler;
10
- }
11
- /**
12
- * Bridges an {@link IPermissionStore} to a {@link WalletPermissionsManager}.
13
- *
14
- * The adapter owns WPM's permission callbacks. On every permission check:
15
- *
16
- * 1. It looks up a stored grant in the supplied store.
17
- * 2. If a valid unexpired grant exists, it calls
18
- * `wallet.grantPermission({ ephemeral: true })` silently. WPM resolves
19
- * the pending dApp call without writing anything to the chain.
20
- * 3. Otherwise it delegates to the host app's prompt handler. On approval,
21
- * it writes the grant to the store and calls `grantPermission` ephemerally.
22
- *
23
- * BRC-73 grouped permissions are handled via `dismissGroupedPermission` after
24
- * writing each sub-permission to the store. WPM's downstream per-method checks
25
- * then find the entries on their individual callback paths. When a site adds
26
- * a new permission between visits, the prompt receives only the missing
27
- * subset — already-granted permissions are not re-listed.
28
- *
29
- * DSAP (spending) cap enforcement reads actual confirmed spend from the
30
- * wallet's action history via `WalletPermissionsManager.querySpentSince` —
31
- * the same mechanism WPM uses natively. No ledger-side counter is
32
- * maintained, so failed broadcasts cannot cause drift.
33
- *
34
- * Level-2 counterparty pacts (`onCounterpartyPermissionRequested`) remain
35
- * on-chain: the adapter just routes the UI decision to WPM's native
36
- * `grantCounterpartyPermission` / `denyCounterpartyPermission`. If the
37
- * consumer omits `prompt.onCounterpartyPermissionRequested`, the adapter
38
- * auto-denies counterparty requests so the dApp call fails cleanly instead
39
- * of hanging forever.
40
- *
41
- * Call {@link dispose} to unbind callbacks when tearing down the wallet.
42
- */
43
- export declare class PermissionLedgerAdapter {
44
- private readonly wallet;
45
- private readonly store;
46
- private readonly prompt;
47
- private boundCallbacks;
48
- constructor(options: PermissionLedgerAdapterOptions);
49
- private bindCallbacks;
50
- /** Unbinds every callback this adapter registered on the wallet. */
51
- dispose(): void;
52
- private handleSingle;
53
- private handleSpending;
54
- private handleGrouped;
55
- private handleCounterparty;
56
- private safeDeny;
57
- /**
58
- * Return the full union of local (ledger) grants and on-chain WPM tokens.
59
- *
60
- * Under the default setup, the on-chain side contains only level-2
61
- * counterparty pacts (and any pre-migration tokens that still exist).
62
- * Records are tagged with `source: 'ledger' | 'onchain'` so the revoke
63
- * handler can route correctly.
64
- */
65
- listAllPermissions(): Promise<PermissionRecord[]>;
66
- /**
67
- * Revoke a single ledger-backed grant.
68
- *
69
- * To revoke an on-chain (counterparty) token, call
70
- * `wallet.revokePermission(token)` directly with the raw WPM token.
71
- */
72
- revokeLedgerGrant(key: PermissionKey): Promise<void>;
73
- /**
74
- * Revoke every grant for an originator across both stores.
75
- *
76
- * Returns counts of what was removed from each side.
77
- */
78
- revokeAllForOriginator(originator: string): Promise<{
79
- ledger: number;
80
- onchain: number;
81
- }>;
82
- /**
83
- * Return the satoshi amount spent against the given DSAP grant in the
84
- * current UTC month, read from the wallet's action history.
85
- *
86
- * Delegates to `WalletPermissionsManager.querySpentSince` for accuracy and
87
- * cross-device consistency — the ledger does not track spend itself.
88
- */
89
- querySpent(key: PermissionKey): Promise<number>;
90
- }
91
- //# sourceMappingURL=adapter.d.ts.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"adapter.d.ts","sourceRoot":"","sources":["../../src/permissions/adapter.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAQX,wBAAwB,EAExB,MAAM,qBAAqB,CAAA;AAS5B,OAAO,KAAK,EACX,gBAAgB,EAChB,aAAa,EACb,uBAAuB,EACvB,gBAAgB,EAEhB,MAAM,SAAS,CAAA;AAEhB,MAAM,WAAW,8BAA8B;IAC9C,+CAA+C;IAC/C,MAAM,EAAE,wBAAwB,CAAA;IAChC,8CAA8C;IAC9C,KAAK,EAAE,gBAAgB,CAAA;IACvB,2BAA2B;IAC3B,MAAM,EAAE,uBAAuB,CAAA;CAC/B;AAQD;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA+BG;AACH,qBAAa,uBAAuB;IACnC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAA0B;IACjD,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAkB;IACxC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAyB;IAChD,OAAO,CAAC,cAAc,CAAoC;gBAE9C,OAAO,EAAE,8BAA8B;IAOnD,OAAO,CAAC,aAAa;IAoBrB,oEAAoE;IACpE,OAAO,IAAI,IAAI;YAWD,YAAY;YAmCZ,cAAc;YAwDd,aAAa;YAgEb,kBAAkB;YA8BlB,QAAQ;IAQtB;;;;;;;OAOG;IACG,kBAAkB,IAAI,OAAO,CAAC,gBAAgB,EAAE,CAAC;IAqCvD;;;;;OAKG;IACG,iBAAiB,CAAC,GAAG,EAAE,aAAa,GAAG,OAAO,CAAC,IAAI,CAAC;IAI1D;;;;OAIG;IACG,sBAAsB,CAC3B,UAAU,EAAE,MAAM,GAChB,OAAO,CAAC;QAAE,MAAM,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,MAAM,CAAA;KAAE,CAAC;IAO/C;;;;;;OAMG;IACG,UAAU,CAAC,GAAG,EAAE,aAAa,GAAG,OAAO,CAAC,MAAM,CAAC;CAMrD"}
@@ -1,317 +0,0 @@
1
- import { filterGroupedByMissing, isExpired, normalizeOriginator, permissionKeyFromRequest, permissionKeyToString, permissionKeysFromGroup, } from './key';
2
- /**
3
- * Bridges an {@link IPermissionStore} to a {@link WalletPermissionsManager}.
4
- *
5
- * The adapter owns WPM's permission callbacks. On every permission check:
6
- *
7
- * 1. It looks up a stored grant in the supplied store.
8
- * 2. If a valid unexpired grant exists, it calls
9
- * `wallet.grantPermission({ ephemeral: true })` silently. WPM resolves
10
- * the pending dApp call without writing anything to the chain.
11
- * 3. Otherwise it delegates to the host app's prompt handler. On approval,
12
- * it writes the grant to the store and calls `grantPermission` ephemerally.
13
- *
14
- * BRC-73 grouped permissions are handled via `dismissGroupedPermission` after
15
- * writing each sub-permission to the store. WPM's downstream per-method checks
16
- * then find the entries on their individual callback paths. When a site adds
17
- * a new permission between visits, the prompt receives only the missing
18
- * subset — already-granted permissions are not re-listed.
19
- *
20
- * DSAP (spending) cap enforcement reads actual confirmed spend from the
21
- * wallet's action history via `WalletPermissionsManager.querySpentSince` —
22
- * the same mechanism WPM uses natively. No ledger-side counter is
23
- * maintained, so failed broadcasts cannot cause drift.
24
- *
25
- * Level-2 counterparty pacts (`onCounterpartyPermissionRequested`) remain
26
- * on-chain: the adapter just routes the UI decision to WPM's native
27
- * `grantCounterpartyPermission` / `denyCounterpartyPermission`. If the
28
- * consumer omits `prompt.onCounterpartyPermissionRequested`, the adapter
29
- * auto-denies counterparty requests so the dApp call fails cleanly instead
30
- * of hanging forever.
31
- *
32
- * Call {@link dispose} to unbind callbacks when tearing down the wallet.
33
- */
34
- export class PermissionLedgerAdapter {
35
- wallet;
36
- store;
37
- prompt;
38
- boundCallbacks = [];
39
- constructor(options) {
40
- this.wallet = options.wallet;
41
- this.store = options.store;
42
- this.prompt = options.prompt;
43
- this.bindCallbacks();
44
- }
45
- bindCallbacks() {
46
- const bind = (name, handler) => {
47
- const id = this.wallet.bindCallback(name, handler);
48
- this.boundCallbacks.push([name, id]);
49
- };
50
- const single = (r) => this.handleSingle(r);
51
- const spending = (r) => this.handleSpending(r);
52
- const grouped = (r) => this.handleGrouped(r);
53
- const counterparty = (r) => this.handleCounterparty(r);
54
- bind('onProtocolPermissionRequested', single);
55
- bind('onBasketAccessRequested', single);
56
- bind('onCertificateAccessRequested', single);
57
- bind('onSpendingAuthorizationRequested', spending);
58
- bind('onGroupedPermissionRequested', grouped);
59
- bind('onCounterpartyPermissionRequested', counterparty);
60
- }
61
- /** Unbinds every callback this adapter registered on the wallet. */
62
- dispose() {
63
- for (const [name, id] of this.boundCallbacks) {
64
- this.wallet.unbindCallback(name, id);
65
- }
66
- this.boundCallbacks = [];
67
- }
68
- // ---------------------------------------------------------------------
69
- // Handlers
70
- // ---------------------------------------------------------------------
71
- async handleSingle(request) {
72
- try {
73
- const key = permissionKeyFromRequest(request);
74
- const existing = await this.store.findGrant(key);
75
- if (existing && !isExpired(existing.expiry)) {
76
- await this.wallet.grantPermission({
77
- requestID: request.requestID,
78
- ephemeral: true,
79
- });
80
- return;
81
- }
82
- const decision = await this.prompt.onPermissionRequested(request);
83
- if (decision.approved) {
84
- await this.store.putGrant({
85
- key,
86
- expiry: decision.expiry ?? 0,
87
- grantedAt: Date.now(),
88
- reason: request.reason,
89
- });
90
- await this.wallet.grantPermission({
91
- requestID: request.requestID,
92
- ephemeral: true,
93
- });
94
- }
95
- else {
96
- await this.wallet.denyPermission(request.requestID);
97
- }
98
- }
99
- catch (err) {
100
- await this.safeDeny(request.requestID);
101
- throw err;
102
- }
103
- }
104
- async handleSpending(request) {
105
- try {
106
- if (request.type !== 'spending' || !request.spending) {
107
- await this.wallet.denyPermission(request.requestID);
108
- return;
109
- }
110
- const key = permissionKeyFromRequest(request);
111
- const needed = request.spending.satoshis;
112
- const existing = await this.store.findGrant(key);
113
- if (existing &&
114
- !isExpired(existing.expiry) &&
115
- existing.key.type === 'spending' &&
116
- existing.authorizedAmount != null) {
117
- // Read actual confirmed spend for this originator this month directly
118
- // from the wallet's action history. WPM's own `querySpentSince` only
119
- // reads `token.originator` + `token.rawOriginator`, so we can pass a
120
- // minimal stub rather than reconstruct a full PermissionToken.
121
- const spent = await this.wallet.querySpentSince({
122
- originator: existing.key.originator,
123
- });
124
- if (spent + needed <= existing.authorizedAmount) {
125
- await this.wallet.grantPermission({
126
- requestID: request.requestID,
127
- ephemeral: true,
128
- });
129
- return;
130
- }
131
- }
132
- const decision = await this.prompt.onPermissionRequested(request);
133
- if (decision.approved) {
134
- await this.store.putGrant({
135
- key,
136
- expiry: decision.expiry ?? 0,
137
- grantedAt: Date.now(),
138
- reason: request.reason,
139
- authorizedAmount: decision.authorizedAmount ?? needed,
140
- });
141
- await this.wallet.grantPermission({
142
- requestID: request.requestID,
143
- ephemeral: true,
144
- });
145
- }
146
- else {
147
- await this.wallet.denyPermission(request.requestID);
148
- }
149
- }
150
- catch (err) {
151
- await this.safeDeny(request.requestID);
152
- throw err;
153
- }
154
- }
155
- async handleGrouped(request) {
156
- try {
157
- const neededKeys = permissionKeysFromGroup(request.originator, request.permissions);
158
- const lookups = await Promise.all(neededKeys.map((k) => this.store.findGrant(k)));
159
- const missingKeys = new Set();
160
- for (let i = 0; i < neededKeys.length; i++) {
161
- const g = lookups[i];
162
- if (!g || isExpired(g.expiry)) {
163
- missingKeys.add(permissionKeyToString(neededKeys[i]));
164
- }
165
- }
166
- if (missingKeys.size === 0) {
167
- await this.wallet.dismissGroupedPermission(request.requestID);
168
- return;
169
- }
170
- // Hand the prompt only the sub-permissions that still need approval.
171
- // On first visit this equals the full bundle; on a revisit where the
172
- // site has added one new permission, only that new one is shown.
173
- const trimmedPermissions = filterGroupedByMissing(request.originator, request.permissions, missingKeys);
174
- const decision = await this.prompt.onGroupedPermissionRequested({
175
- ...request,
176
- permissions: trimmedPermissions,
177
- });
178
- if (!decision.approved) {
179
- await this.wallet.denyGroupedPermission(request.requestID);
180
- return;
181
- }
182
- const normalized = normalizeOriginator(request.originator);
183
- const grantedKeys = permissionKeysFromGroup(normalized, decision.granted);
184
- const now = Date.now();
185
- const expiry = decision.expiry ?? 0;
186
- for (const key of grantedKeys) {
187
- const grant = { key, expiry, grantedAt: now };
188
- if (key.type === 'spending' && decision.granted.spendingAuthorization) {
189
- grant.authorizedAmount = decision.granted.spendingAuthorization.amount;
190
- grant.reason = decision.granted.spendingAuthorization.description;
191
- }
192
- await this.store.putGrant(grant);
193
- }
194
- await this.wallet.dismissGroupedPermission(request.requestID);
195
- }
196
- catch (err) {
197
- await this.wallet
198
- .denyGroupedPermission(request.requestID)
199
- .catch(() => undefined);
200
- throw err;
201
- }
202
- }
203
- async handleCounterparty(request) {
204
- // Level-2 counterparty pacts stay on-chain. The adapter does not consult
205
- // the local store for these; it just routes the consumer's UI decision
206
- // to WPM's native grant/deny (which writes the token to the chain).
207
- const handler = this.prompt.onCounterpartyPermissionRequested;
208
- if (!handler) {
209
- await this.wallet.denyCounterpartyPermission(request.requestID);
210
- return;
211
- }
212
- try {
213
- const decision = await handler(request);
214
- if (decision.approved) {
215
- await this.wallet.grantCounterpartyPermission({
216
- requestID: request.requestID,
217
- granted: decision.granted,
218
- expiry: decision.expiry,
219
- });
220
- }
221
- else {
222
- await this.wallet.denyCounterpartyPermission(request.requestID);
223
- }
224
- }
225
- catch (err) {
226
- await this.wallet
227
- .denyCounterpartyPermission(request.requestID)
228
- .catch(() => undefined);
229
- throw err;
230
- }
231
- }
232
- async safeDeny(requestID) {
233
- await this.wallet.denyPermission(requestID).catch(() => undefined);
234
- }
235
- // ---------------------------------------------------------------------
236
- // Management helpers (for consumers to rebuild UIs)
237
- // ---------------------------------------------------------------------
238
- /**
239
- * Return the full union of local (ledger) grants and on-chain WPM tokens.
240
- *
241
- * Under the default setup, the on-chain side contains only level-2
242
- * counterparty pacts (and any pre-migration tokens that still exist).
243
- * Records are tagged with `source: 'ledger' | 'onchain'` so the revoke
244
- * handler can route correctly.
245
- */
246
- async listAllPermissions() {
247
- const [ledger, protocols, baskets, spending, certs] = await Promise.all([
248
- this.store.listGrants(),
249
- this.wallet.listProtocolPermissions({}),
250
- this.wallet.listBasketAccess({}),
251
- this.wallet.listSpendingAuthorizations({}),
252
- this.wallet.listCertificateAccess({}),
253
- ]);
254
- const ledgerRecords = ledger.map((g) => ({
255
- source: 'ledger',
256
- ...g,
257
- }));
258
- const onChain = [
259
- ...protocols.map((t) => ({
260
- source: 'onchain',
261
- type: 'protocol',
262
- token: t,
263
- })),
264
- ...baskets.map((t) => ({
265
- source: 'onchain',
266
- type: 'basket',
267
- token: t,
268
- })),
269
- ...spending.map((t) => ({
270
- source: 'onchain',
271
- type: 'spending',
272
- token: t,
273
- })),
274
- ...certs.map((t) => ({
275
- source: 'onchain',
276
- type: 'certificate',
277
- token: t,
278
- })),
279
- ];
280
- return [...ledgerRecords, ...onChain];
281
- }
282
- /**
283
- * Revoke a single ledger-backed grant.
284
- *
285
- * To revoke an on-chain (counterparty) token, call
286
- * `wallet.revokePermission(token)` directly with the raw WPM token.
287
- */
288
- async revokeLedgerGrant(key) {
289
- await this.store.deleteGrant(key);
290
- }
291
- /**
292
- * Revoke every grant for an originator across both stores.
293
- *
294
- * Returns counts of what was removed from each side.
295
- */
296
- async revokeAllForOriginator(originator) {
297
- const normalized = normalizeOriginator(originator);
298
- const ledgerCount = await this.store.deleteAllForOriginator(normalized);
299
- const onchainRevoked = await this.wallet.revokeAllForOriginator(normalized);
300
- return { ledger: ledgerCount, onchain: onchainRevoked.length };
301
- }
302
- /**
303
- * Return the satoshi amount spent against the given DSAP grant in the
304
- * current UTC month, read from the wallet's action history.
305
- *
306
- * Delegates to `WalletPermissionsManager.querySpentSince` for accuracy and
307
- * cross-device consistency — the ledger does not track spend itself.
308
- */
309
- async querySpent(key) {
310
- if (key.type !== 'spending')
311
- return 0;
312
- return this.wallet.querySpentSince({
313
- originator: key.originator,
314
- });
315
- }
316
- }
317
- //# sourceMappingURL=adapter.js.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"adapter.js","sourceRoot":"","sources":["../../src/permissions/adapter.ts"],"names":[],"mappings":"AAWA,OAAO,EACN,sBAAsB,EACtB,SAAS,EACT,mBAAmB,EACnB,wBAAwB,EACxB,qBAAqB,EACrB,uBAAuB,GACvB,MAAM,OAAO,CAAA;AAwBd;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA+BG;AACH,MAAM,OAAO,uBAAuB;IAClB,MAAM,CAA0B;IAChC,KAAK,CAAkB;IACvB,MAAM,CAAyB;IACxC,cAAc,GAAkC,EAAE,CAAA;IAE1D,YAAY,OAAuC;QAClD,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAA;QAC5B,IAAI,CAAC,KAAK,GAAG,OAAO,CAAC,KAAK,CAAA;QAC1B,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAA;QAC5B,IAAI,CAAC,aAAa,EAAE,CAAA;IACrB,CAAC;IAEO,aAAa;QACpB,MAAM,IAAI,GAAG,CAAC,IAAkB,EAAE,OAAkC,EAAE,EAAE;YACvE,MAAM,EAAE,GAAG,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,IAAI,EAAE,OAAO,CAAC,CAAA;YAClD,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,CAAA;QACrC,CAAC,CAAA;QAED,MAAM,MAAM,GAA2B,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC,CAAA;QAClE,MAAM,QAAQ,GAA2B,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,CAAA;QACtE,MAAM,OAAO,GAAkC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,CAAA;QAC3E,MAAM,YAAY,GAAuC,CAAC,CAAC,EAAE,EAAE,CAC9D,IAAI,CAAC,kBAAkB,CAAC,CAAC,CAAC,CAAA;QAE3B,IAAI,CAAC,+BAA+B,EAAE,MAAM,CAAC,CAAA;QAC7C,IAAI,CAAC,yBAAyB,EAAE,MAAM,CAAC,CAAA;QACvC,IAAI,CAAC,8BAA8B,EAAE,MAAM,CAAC,CAAA;QAC5C,IAAI,CAAC,kCAAkC,EAAE,QAAQ,CAAC,CAAA;QAClD,IAAI,CAAC,8BAA8B,EAAE,OAAO,CAAC,CAAA;QAC7C,IAAI,CAAC,mCAAmC,EAAE,YAAY,CAAC,CAAA;IACxD,CAAC;IAED,oEAAoE;IACpE,OAAO;QACN,KAAK,MAAM,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;YAC9C,IAAI,CAAC,MAAM,CAAC,cAAc,CAAC,IAAI,EAAE,EAAE,CAAC,CAAA;QACrC,CAAC;QACD,IAAI,CAAC,cAAc,GAAG,EAAE,CAAA;IACzB,CAAC;IAED,wEAAwE;IACxE,WAAW;IACX,wEAAwE;IAEhE,KAAK,CAAC,YAAY,CACzB,OAAkD;QAElD,IAAI,CAAC;YACJ,MAAM,GAAG,GAAG,wBAAwB,CAAC,OAAO,CAAC,CAAA;YAC7C,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,GAAG,CAAC,CAAA;YAChD,IAAI,QAAQ,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;gBAC7C,MAAM,IAAI,CAAC,MAAM,CAAC,eAAe,CAAC;oBACjC,SAAS,EAAE,OAAO,CAAC,SAAS;oBAC5B,SAAS,EAAE,IAAI;iBACf,CAAC,CAAA;gBACF,OAAM;YACP,CAAC;YAED,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,qBAAqB,CAAC,OAAO,CAAC,CAAA;YACjE,IAAI,QAAQ,CAAC,QAAQ,EAAE,CAAC;gBACvB,MAAM,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC;oBACzB,GAAG;oBACH,MAAM,EAAE,QAAQ,CAAC,MAAM,IAAI,CAAC;oBAC5B,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;oBACrB,MAAM,EAAE,OAAO,CAAC,MAAM;iBACtB,CAAC,CAAA;gBACF,MAAM,IAAI,CAAC,MAAM,CAAC,eAAe,CAAC;oBACjC,SAAS,EAAE,OAAO,CAAC,SAAS;oBAC5B,SAAS,EAAE,IAAI;iBACf,CAAC,CAAA;YACH,CAAC;iBAAM,CAAC;gBACP,MAAM,IAAI,CAAC,MAAM,CAAC,cAAc,CAAC,OAAO,CAAC,SAAS,CAAC,CAAA;YACpD,CAAC;QACF,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACd,MAAM,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,SAAS,CAAC,CAAA;YACtC,MAAM,GAAG,CAAA;QACV,CAAC;IACF,CAAC;IAEO,KAAK,CAAC,cAAc,CAC3B,OAAkD;QAElD,IAAI,CAAC;YACJ,IAAI,OAAO,CAAC,IAAI,KAAK,UAAU,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,CAAC;gBACtD,MAAM,IAAI,CAAC,MAAM,CAAC,cAAc,CAAC,OAAO,CAAC,SAAS,CAAC,CAAA;gBACnD,OAAM;YACP,CAAC;YACD,MAAM,GAAG,GAAG,wBAAwB,CAAC,OAAO,CAAC,CAAA;YAC7C,MAAM,MAAM,GAAG,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAA;YACxC,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,GAAG,CAAC,CAAA;YAEhD,IACC,QAAQ;gBACR,CAAC,SAAS,CAAC,QAAQ,CAAC,MAAM,CAAC;gBAC3B,QAAQ,CAAC,GAAG,CAAC,IAAI,KAAK,UAAU;gBAChC,QAAQ,CAAC,gBAAgB,IAAI,IAAI,EAChC,CAAC;gBACF,sEAAsE;gBACtE,qEAAqE;gBACrE,qEAAqE;gBACrE,+DAA+D;gBAC/D,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,eAAe,CAAC;oBAC/C,UAAU,EAAE,QAAQ,CAAC,GAAG,CAAC,UAAU;iBAChB,CAAC,CAAA;gBACrB,IAAI,KAAK,GAAG,MAAM,IAAI,QAAQ,CAAC,gBAAgB,EAAE,CAAC;oBACjD,MAAM,IAAI,CAAC,MAAM,CAAC,eAAe,CAAC;wBACjC,SAAS,EAAE,OAAO,CAAC,SAAS;wBAC5B,SAAS,EAAE,IAAI;qBACf,CAAC,CAAA;oBACF,OAAM;gBACP,CAAC;YACF,CAAC;YAED,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,qBAAqB,CAAC,OAAO,CAAC,CAAA;YACjE,IAAI,QAAQ,CAAC,QAAQ,EAAE,CAAC;gBACvB,MAAM,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC;oBACzB,GAAG;oBACH,MAAM,EAAE,QAAQ,CAAC,MAAM,IAAI,CAAC;oBAC5B,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;oBACrB,MAAM,EAAE,OAAO,CAAC,MAAM;oBACtB,gBAAgB,EAAE,QAAQ,CAAC,gBAAgB,IAAI,MAAM;iBACrD,CAAC,CAAA;gBACF,MAAM,IAAI,CAAC,MAAM,CAAC,eAAe,CAAC;oBACjC,SAAS,EAAE,OAAO,CAAC,SAAS;oBAC5B,SAAS,EAAE,IAAI;iBACf,CAAC,CAAA;YACH,CAAC;iBAAM,CAAC;gBACP,MAAM,IAAI,CAAC,MAAM,CAAC,cAAc,CAAC,OAAO,CAAC,SAAS,CAAC,CAAA;YACpD,CAAC;QACF,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACd,MAAM,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,SAAS,CAAC,CAAA;YACtC,MAAM,GAAG,CAAA;QACV,CAAC;IACF,CAAC;IAEO,KAAK,CAAC,aAAa,CAC1B,OAAiC;QAEjC,IAAI,CAAC;YACJ,MAAM,UAAU,GAAG,uBAAuB,CACzC,OAAO,CAAC,UAAU,EAClB,OAAO,CAAC,WAAW,CACnB,CAAA;YACD,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,GAAG,CAChC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAC9C,CAAA;YACD,MAAM,WAAW,GAAG,IAAI,GAAG,EAAU,CAAA;YACrC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,UAAU,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBAC5C,MAAM,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC,CAAA;gBACpB,IAAI,CAAC,CAAC,IAAI,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,EAAE,CAAC;oBAC/B,WAAW,CAAC,GAAG,CAAC,qBAAqB,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;gBACtD,CAAC;YACF,CAAC;YAED,IAAI,WAAW,CAAC,IAAI,KAAK,CAAC,EAAE,CAAC;gBAC5B,MAAM,IAAI,CAAC,MAAM,CAAC,wBAAwB,CAAC,OAAO,CAAC,SAAS,CAAC,CAAA;gBAC7D,OAAM;YACP,CAAC;YAED,qEAAqE;YACrE,qEAAqE;YACrE,iEAAiE;YACjE,MAAM,kBAAkB,GAAG,sBAAsB,CAChD,OAAO,CAAC,UAAU,EAClB,OAAO,CAAC,WAAW,EACnB,WAAW,CACX,CAAA;YACD,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,4BAA4B,CAAC;gBAC/D,GAAG,OAAO;gBACV,WAAW,EAAE,kBAAkB;aAC/B,CAAC,CAAA;YACF,IAAI,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC;gBACxB,MAAM,IAAI,CAAC,MAAM,CAAC,qBAAqB,CAAC,OAAO,CAAC,SAAS,CAAC,CAAA;gBAC1D,OAAM;YACP,CAAC;YAED,MAAM,UAAU,GAAG,mBAAmB,CAAC,OAAO,CAAC,UAAU,CAAC,CAAA;YAC1D,MAAM,WAAW,GAAG,uBAAuB,CAAC,UAAU,EAAE,QAAQ,CAAC,OAAO,CAAC,CAAA;YACzE,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAA;YACtB,MAAM,MAAM,GAAG,QAAQ,CAAC,MAAM,IAAI,CAAC,CAAA;YAEnC,KAAK,MAAM,GAAG,IAAI,WAAW,EAAE,CAAC;gBAC/B,MAAM,KAAK,GAAgB,EAAE,GAAG,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,EAAE,CAAA;gBAC1D,IAAI,GAAG,CAAC,IAAI,KAAK,UAAU,IAAI,QAAQ,CAAC,OAAO,CAAC,qBAAqB,EAAE,CAAC;oBACvE,KAAK,CAAC,gBAAgB,GAAG,QAAQ,CAAC,OAAO,CAAC,qBAAqB,CAAC,MAAM,CAAA;oBACtE,KAAK,CAAC,MAAM,GAAG,QAAQ,CAAC,OAAO,CAAC,qBAAqB,CAAC,WAAW,CAAA;gBAClE,CAAC;gBACD,MAAM,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAA;YACjC,CAAC;YAED,MAAM,IAAI,CAAC,MAAM,CAAC,wBAAwB,CAAC,OAAO,CAAC,SAAS,CAAC,CAAA;QAC9D,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACd,MAAM,IAAI,CAAC,MAAM;iBACf,qBAAqB,CAAC,OAAO,CAAC,SAAS,CAAC;iBACxC,KAAK,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,CAAA;YACxB,MAAM,GAAG,CAAA;QACV,CAAC;IACF,CAAC;IAEO,KAAK,CAAC,kBAAkB,CAC/B,OAAsC;QAEtC,yEAAyE;QACzE,uEAAuE;QACvE,oEAAoE;QACpE,MAAM,OAAO,GAAG,IAAI,CAAC,MAAM,CAAC,iCAAiC,CAAA;QAC7D,IAAI,CAAC,OAAO,EAAE,CAAC;YACd,MAAM,IAAI,CAAC,MAAM,CAAC,0BAA0B,CAAC,OAAO,CAAC,SAAS,CAAC,CAAA;YAC/D,OAAM;QACP,CAAC;QACD,IAAI,CAAC;YACJ,MAAM,QAAQ,GAAG,MAAM,OAAO,CAAC,OAAO,CAAC,CAAA;YACvC,IAAI,QAAQ,CAAC,QAAQ,EAAE,CAAC;gBACvB,MAAM,IAAI,CAAC,MAAM,CAAC,2BAA2B,CAAC;oBAC7C,SAAS,EAAE,OAAO,CAAC,SAAS;oBAC5B,OAAO,EAAE,QAAQ,CAAC,OAAO;oBACzB,MAAM,EAAE,QAAQ,CAAC,MAAM;iBACvB,CAAC,CAAA;YACH,CAAC;iBAAM,CAAC;gBACP,MAAM,IAAI,CAAC,MAAM,CAAC,0BAA0B,CAAC,OAAO,CAAC,SAAS,CAAC,CAAA;YAChE,CAAC;QACF,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACd,MAAM,IAAI,CAAC,MAAM;iBACf,0BAA0B,CAAC,OAAO,CAAC,SAAS,CAAC;iBAC7C,KAAK,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,CAAA;YACxB,MAAM,GAAG,CAAA;QACV,CAAC;IACF,CAAC;IAEO,KAAK,CAAC,QAAQ,CAAC,SAAiB;QACvC,MAAM,IAAI,CAAC,MAAM,CAAC,cAAc,CAAC,SAAS,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,CAAA;IACnE,CAAC;IAED,wEAAwE;IACxE,oDAAoD;IACpD,wEAAwE;IAExE;;;;;;;OAOG;IACH,KAAK,CAAC,kBAAkB;QACvB,MAAM,CAAC,MAAM,EAAE,SAAS,EAAE,OAAO,EAAE,QAAQ,EAAE,KAAK,CAAC,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC;YACvE,IAAI,CAAC,KAAK,CAAC,UAAU,EAAE;YACvB,IAAI,CAAC,MAAM,CAAC,uBAAuB,CAAC,EAAE,CAAC;YACvC,IAAI,CAAC,MAAM,CAAC,gBAAgB,CAAC,EAAE,CAAC;YAChC,IAAI,CAAC,MAAM,CAAC,0BAA0B,CAAC,EAAE,CAAC;YAC1C,IAAI,CAAC,MAAM,CAAC,qBAAqB,CAAC,EAAE,CAAC;SACrC,CAAC,CAAA;QACF,MAAM,aAAa,GAAuB,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAC5D,MAAM,EAAE,QAAQ;YAChB,GAAG,CAAC;SACJ,CAAC,CAAC,CAAA;QACH,MAAM,OAAO,GAAuB;YACnC,GAAG,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;gBACxB,MAAM,EAAE,SAAkB;gBAC1B,IAAI,EAAE,UAAmB;gBACzB,KAAK,EAAE,CAAC;aACR,CAAC,CAAC;YACH,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;gBACtB,MAAM,EAAE,SAAkB;gBAC1B,IAAI,EAAE,QAAiB;gBACvB,KAAK,EAAE,CAAC;aACR,CAAC,CAAC;YACH,GAAG,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;gBACvB,MAAM,EAAE,SAAkB;gBAC1B,IAAI,EAAE,UAAmB;gBACzB,KAAK,EAAE,CAAC;aACR,CAAC,CAAC;YACH,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;gBACpB,MAAM,EAAE,SAAkB;gBAC1B,IAAI,EAAE,aAAsB;gBAC5B,KAAK,EAAE,CAAC;aACR,CAAC,CAAC;SACH,CAAA;QACD,OAAO,CAAC,GAAG,aAAa,EAAE,GAAG,OAAO,CAAC,CAAA;IACtC,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,iBAAiB,CAAC,GAAkB;QACzC,MAAM,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,GAAG,CAAC,CAAA;IAClC,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,sBAAsB,CAC3B,UAAkB;QAElB,MAAM,UAAU,GAAG,mBAAmB,CAAC,UAAU,CAAC,CAAA;QAClD,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,sBAAsB,CAAC,UAAU,CAAC,CAAA;QACvE,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,sBAAsB,CAAC,UAAU,CAAC,CAAA;QAC3E,OAAO,EAAE,MAAM,EAAE,WAAW,EAAE,OAAO,EAAE,cAAc,CAAC,MAAM,EAAE,CAAA;IAC/D,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,UAAU,CAAC,GAAkB;QAClC,IAAI,GAAG,CAAC,IAAI,KAAK,UAAU;YAAE,OAAO,CAAC,CAAA;QACrC,OAAO,IAAI,CAAC,MAAM,CAAC,eAAe,CAAC;YAClC,UAAU,EAAE,GAAG,CAAC,UAAU;SACP,CAAC,CAAA;IACtB,CAAC;CACD"}