@1upmonster/duel 0.2.1 → 0.2.3

package/src/transaction.ts

@@ -15,8 +15,34 @@ import {
 
 type SolanaRpc = Rpc<SolanaRpcApi>;
 
+// eslint-disable-next-line @typescript-eslint/no-explicit-any
+const bigIntReplacer = (_: string, v: unknown) => typeof v === 'bigint' ? v.toString() : v;
+
+/**
+ * Poll for transaction confirmation and throw if it failed.
+ * This ensures callers always know immediately when a transaction is rejected.
+ */
+async function confirmTransaction(rpc: SolanaRpc, sig: string): Promise<void> {
+  for (let i = 0; i < 8; i++) {
+    await new Promise(r => setTimeout(r, 1000));
+    // eslint-disable-next-line @typescript-eslint/no-explicit-any
+    const statuses = await (rpc as any).getSignatureStatuses([sig], { searchTransactionHistory: false }).send().catch(() => null);
+    const status = statuses?.value?.[0];
+    if (status) {
+      if (status.err) {
+        throw new Error(`[TX] ${sig.slice(0, 16)}... FAILED: ${JSON.stringify(status.err, bigIntReplacer)}`);
+      }
+      console.log(`[TX] ${sig.slice(0, 16)}... ${status.confirmationStatus}`);
+      return;
+    }
+  }
+  // No status after 8s — treat as timeout rather than silently succeeding
+  throw new Error(`[TX] ${sig.slice(0, 16)}... confirmation timeout (no status after 8s)`);
+}
+
 /**
  * Build, sign with a Kit keypair signer, and send a single instruction.
+ * Throws if the transaction is rejected or times out.
  */
 export async function sendInstruction(
   rpc: SolanaRpc,
@@ -42,27 +68,13 @@ export async function sendInstruction(
     skipPreflight: true,
   }).send() as Promise<string>);
 
-  // Poll for status to detect runtime errors
-  for (let i = 0; i < 8; i++) {
-    await new Promise(r => setTimeout(r, 1000));
-    // eslint-disable-next-line @typescript-eslint/no-explicit-any
-    const statuses = await (rpc as any).getSignatureStatuses([sig], { searchTransactionHistory: false }).send().catch(() => null);
-    const status = statuses?.value?.[0];
-    if (status) {
-      if (status.err) {
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        console.error(`[TX] ${sig.slice(0, 16)}... FAILED:`, JSON.stringify(status.err, (_, v) => typeof v === 'bigint' ? v.toString() : v));
-      } else if (status.confirmationStatus) {
-        console.log(`[TX] ${sig.slice(0, 16)}... ${status.confirmationStatus}`);
-      }
-      break;
-    }
-  }
+  await confirmTransaction(rpc, sig);
   return sig;
 }
 
 /**
  * Build, sign, and send multiple instructions in a single transaction.
+ * Throws if the transaction is rejected or times out.
  */
 export async function sendInstructions(
   rpc: SolanaRpc,
@@ -83,8 +95,11 @@ export async function sendInstructions(
   const encoded = getBase64EncodedWireTransaction(signedTx);
 
   // eslint-disable-next-line @typescript-eslint/no-explicit-any
-  return rpc.sendTransaction(encoded as any, {
+  const sig = await (rpc.sendTransaction(encoded as any, {
     encoding: "base64",
     skipPreflight: true,
-  }).send() as Promise<string>;
+  }).send() as Promise<string>);
+
+  await confirmTransaction(rpc, sig);
+  return sig;
 }

package/src/utils.ts

@@ -8,6 +8,40 @@ import {
 const addressEncoder = getAddressEncoder();
 const utf8Encoder = getUtf8Encoder();
 
+export const PERMISSION_PROGRAM = "ACLseoPoyC3cBqoUtkbjZ4aDrkurZW86v19pXz2XQnp1" as Address;
+export const DELEGATION_PROGRAM = "DELeGGvXpWV2fqJUhqcF5ZSYMS4JTLjteaAMARRSaeSh" as Address;
+
+/** Derives the Permission PDA for a given permissioned account. */
+export async function derivePermissionPda(accountAddress: Address): Promise<Address> {
+  const [pda] = await getProgramDerivedAddress({
+    programAddress: PERMISSION_PROGRAM,
+    seeds: [utf8Encoder.encode("permission:"), addressEncoder.encode(accountAddress)],
+  });
+  return pda;
+}
+
+/** Derives the DELeGG delegation PDAs for the Permission PDA (used in DelegatePermission ix). */
+export async function derivePermissionDelegationPdas(permissionPda: Address): Promise<{
+  delegationBuffer: Address;
+  delegationRecord: Address;
+  delegationMetadata: Address;
+}> {
+  const [delegationRecord] = await getProgramDerivedAddress({
+    programAddress: DELEGATION_PROGRAM,
+    seeds: [utf8Encoder.encode("delegation"), addressEncoder.encode(permissionPda)],
+  });
+  const [delegationMetadata] = await getProgramDerivedAddress({
+    programAddress: DELEGATION_PROGRAM,
+    seeds: [utf8Encoder.encode("delegation-metadata"), addressEncoder.encode(permissionPda)],
+  });
+  // Buffer PDA is under the ownerProgram (PERMISSION_PROGRAM for the Permission PDA)
+  const [delegationBuffer] = await getProgramDerivedAddress({
+    programAddress: PERMISSION_PROGRAM,
+    seeds: [utf8Encoder.encode("buffer"), addressEncoder.encode(permissionPda)],
+  });
+  return { delegationBuffer, delegationRecord, delegationMetadata };
+}
+
 export const QUEUE_SEED = "queue";
 export const TENANT_SEED = "tenant";
 export const TICKET_SEED = "ticket";

package/src/encryption.ts

@@ -1,154 +0,0 @@
-export class EncryptionProvider {
-    private keyPair: CryptoKeyPair | null = null;
-    
-    // Check for crypto availability
-    private get crypto(): Crypto {
-        if (typeof globalThis.crypto !== 'undefined') {
-            return globalThis.crypto;
-        }
-        // Fallback for Node < 19 if global crypto not set (though SDK likely targets modern envs)
-        try {
-            return require('crypto').webcrypto;
-        } catch (e) {
-            throw new Error("WebCrypto API not available.");
-        }
-    }
-
-    /**
-     * Generate a fresh ephemeral keypair for the session (X25519/P-256).
-     */
-    async generateSessionKey(): Promise<CryptoKey> {
-        this.keyPair = await this.crypto.subtle.generateKey(
-            {
-                name: "ECDH",
-                namedCurve: "P-256", 
-            },
-            true,
-            ["deriveKey", "deriveBits"]
-        ) as CryptoKeyPair;
-        
-        return this.keyPair.publicKey;
-    }
-
-    /**
-     * Derive shared secret and encrypt payload.
-     */
-    async encryptPayload(
-        data: Uint8Array, 
-        teePublicKeyBytes: Uint8Array
-    ): Promise<{ encrypted: Uint8Array, clientPublicKey: Uint8Array }> {
-        if (!this.keyPair) {
-            await this.generateSessionKey();
-        }
-
-        // Import TEE Public Key
-        // Fix: Explicitly cast to BufferSource/any because TS gets confused with SharedArrayBuffer in some envs
-        const teeKey = await this.crypto.subtle.importKey(
-            "raw",
-            teePublicKeyBytes as unknown as BufferSource,
-            { name: "ECDH", namedCurve: "P-256" }, 
-            false,
-            []
-        );
-
-        // Derive Shared Secret (AES-GCM Key)
-        const sharedKey = await this.crypto.subtle.deriveKey(
-            {
-                name: "ECDH",
-                public: teeKey,
-            },
-            this.keyPair!.privateKey,
-            {
-                name: "AES-GCM",
-                length: 256,
-            },
-            false,
-            ["encrypt", "decrypt"]
-        );
-
-        // Encrypt Data
-        const iv = this.crypto.getRandomValues(new Uint8Array(12));
-        const encryptedBuffer = await this.crypto.subtle.encrypt(
-            {
-                name: "AES-GCM",
-                iv: iv,
-            },
-            sharedKey,
-            data as unknown as BufferSource
-        );
-
-        // Concatenate IV + CipherText
-        const encrypted = new Uint8Array(iv.length + encryptedBuffer.byteLength);
-        encrypted.set(iv);
-        encrypted.set(new Uint8Array(encryptedBuffer), iv.length);
-
-        // Export Client Public Key
-        const clientPubRaw = await this.crypto.subtle.exportKey("raw", this.keyPair!.publicKey);
-
-        return {
-            encrypted,
-            clientPublicKey: new Uint8Array(clientPubRaw)
-        };
-    }
-    
-    /**
-     * Decrypt a response from the TEE.
-     */
-    async decryptResponse(
-        encryptedData: Uint8Array, 
-        teePublicKeyBytes: Uint8Array
-    ): Promise<Uint8Array> {
-          if (!this.keyPair) throw new Error("No session key");
-          
-           // Import TEE Public Key
-        const teeKey = await this.crypto.subtle.importKey(
-            "raw",
-            teePublicKeyBytes as unknown as BufferSource,
-            { name: "ECDH", namedCurve: "P-256" }, 
-            false,
-            []
-        );
-
-        // Derive Shared Secret
-        const sharedKey = await this.crypto.subtle.deriveKey(
-            {
-                name: "ECDH",
-                public: teeKey,
-            },
-            this.keyPair!.privateKey,
-            {
-                name: "AES-GCM",
-                length: 256,
-            },
-            false,
-            ["encrypt", "decrypt"]
-        );
-        
-        const iv = encryptedData.slice(0, 12);
-        const ciphertext = encryptedData.slice(12);
-        
-        const decrypted = await this.crypto.subtle.decrypt(
-            {
-                name: "AES-GCM",
-                iv: iv,
-            },
-            sharedKey,
-            ciphertext as unknown as BufferSource
-        );
-        
-        return new Uint8Array(decrypted);
-    }
-
-    /**
-     * Helper to generate a valid random P-256 Public Key (65 bytes) for testing.
-     */
-    async createMockValidatorKey(): Promise<Uint8Array> {
-        const pair = await this.crypto.subtle.generateKey(
-            { name: "ECDH", namedCurve: "P-256" },
-            true, 
-            ["deriveKey"]
-        ) as CryptoKeyPair;
-        const raw = await this.crypto.subtle.exportKey("raw", pair.publicKey);
-        return new Uint8Array(raw);
-    }
-}