@1upmonster/duel 0.2.2 → 0.2.3

package/src/player.ts

@@ -1,13 +1,16 @@
 import {
   createSolanaRpc,
+  AccountRole,
   type Address,
   type TransactionSigner,
   type Rpc,
   type SolanaRpcApi,
+  type Instruction,
 } from "@solana/kit";
 import {
   getCreateTicketInstructionAsync,
   getDelegateTicketInstructionAsync,
+  getSetupTicketPermissionInstructionAsync,
   getJoinQueueInstructionAsync,
   getCancelTicketInstructionAsync,
   getCloseTicketInstructionAsync,
@@ -15,7 +18,6 @@ import {
   accountType,
 } from "./generated/duel/index.js";
 import { sendInstruction } from "./transaction.js";
-import { waitUntilPermissionActive } from "./tee.js";
 import * as utils from "./utils.js";
 
 const DUEL_PROGRAM_ID = "EdZzUwKd1X2ZWjxLPpz1cpEzMF7RUZC43Pq64v1VcK5X" as Address;
@@ -130,7 +132,8 @@ export class MatchmakingPlayer {
 
   /**
    * High-level: full matchmaking TEE entry flow.
-   * Creates ticket on L1, delegates it to TEE, waits for activation, then joins the queue.
+   * Creates ticket on L1, sets up permission PDA (so only player + queue authority can read it),
+   * delegates the permission PDA and ticket to TEE, then joins the queue.
    * Use individual methods (createTicket, delegateTicket, joinQueue) as escape hatches if needed.
    */
   async enterQueue(
@@ -145,10 +148,45 @@ export class MatchmakingPlayer {
     const player = this.signer.address as Address;
     const ticketPda = await this.getTicketPda(player, tenant);
 
+    // 1. Create ticket on L1
     await this.createTicket(tenant);
+
+    // 2. Create Permission PDA for the ticket (CPI from duel program with invoke_signed)
+    const permissionPda = await utils.derivePermissionPda(ticketPda);
+    const setupIx = await getSetupTicketPermissionInstructionAsync({
+      player: this.signer,
+      tenant,
+      permission: permissionPda,
+      permissionProgram: utils.PERMISSION_PROGRAM,
+    }, { programAddress: this.programId });
+    await sendInstruction(this.rpc, setupIx, this.signer);
+
+    // 3. Delegate Permission PDA to TEE (called on permission program, player signs)
+    const { delegationBuffer, delegationRecord, delegationMetadata } =
+      await utils.derivePermissionDelegationPdas(permissionPda);
+    const delegatePermIx: Instruction = {
+      programAddress: utils.PERMISSION_PROGRAM,
+      data: new Uint8Array([3, 0, 0, 0, 0, 0, 0, 0]),
+      accounts: [
+        { address: this.signer.address, role: AccountRole.WRITABLE_SIGNER },
+        { address: this.signer.address, role: AccountRole.READONLY_SIGNER },
+        { address: ticketPda, role: AccountRole.READONLY },
+        { address: permissionPda, role: AccountRole.WRITABLE },
+        { address: "11111111111111111111111111111111" as Address, role: AccountRole.READONLY },
+        { address: utils.PERMISSION_PROGRAM, role: AccountRole.READONLY },
+        { address: delegationBuffer, role: AccountRole.WRITABLE },
+        { address: delegationRecord, role: AccountRole.WRITABLE },
+        { address: delegationMetadata, role: AccountRole.WRITABLE },
+        { address: utils.DELEGATION_PROGRAM, role: AccountRole.READONLY },
+        ...(validator ? [{ address: validator, role: AccountRole.READONLY }] : []),
+      ],
+    };
+    await sendInstruction(this.rpc, delegatePermIx, this.signer);
+
+    // 4. Delegate ticket to TEE
     await this.delegateTicket(player, tenant, validator);
-    await waitUntilPermissionActive(teeUrlWithToken, ticketPda);
 
+    // 5. Join the queue on TEE
     const teeClient = new MatchmakingPlayer(teeRpc, this.signer, this.programId);
     await teeClient.joinQueue(queue, tenant, playerData, callbackProgram);
 

package/src/tee.ts

@@ -45,35 +45,31 @@ export async function getAuthToken(
 }
 
 /**
- * Poll the TEE /permission endpoint until the given PDA has authorized users,
- * indicating delegation is active. Returns false on timeout (does not throw).
+ * Poll the TEE until the Permission PDA for the given account is active (authorizedUsers non-empty).
+ * This confirms the TEE has picked up the delegated Permission PDA and is enforcing access control.
+ * Returns true if active before timeout, false otherwise.
  */
-export async function waitUntilPermissionActive(
+export async function waitForPermission(
   teeUrlWithToken: string,
-  pda: Address,
-  timeoutMs = 30000,
+  accountAddress: Address,
+  timeoutMs = 10000,
 ): Promise<boolean> {
-  // Parse URL: "https://host/path?token=xxx" -> baseUrl="https://host/path", tokenParam="token=xxx"
-  const [baseUrl, tokenParam] = teeUrlWithToken.replace("/?", "?").split("?");
-  let permissionUrl: string;
-  if (tokenParam) {
-    permissionUrl = `${baseUrl}/permission?${tokenParam}&pubkey=${pda}`;
-  } else {
-    permissionUrl = `${baseUrl}/permission?pubkey=${pda}`;
-  }
+  const [baseUrl, token] = teeUrlWithToken.replace("/?", "?").split("?");
+  const permUrl = token
+    ? `${baseUrl}/permission?${token}&pubkey=${accountAddress}`
+    : `${baseUrl}/permission?pubkey=${accountAddress}`;
 
-  const start = Date.now();
-  while (Date.now() - start < timeoutMs) {
+  const deadline = Date.now() + timeoutMs;
+  while (Date.now() < deadline) {
     try {
-      const res = await fetch(permissionUrl);
-      if (res.ok) {
-        const { authorizedUsers } = (await res.json()) as { authorizedUsers?: unknown[] };
-        if (authorizedUsers && authorizedUsers.length > 0) return true;
-      }
+      const res = await fetch(permUrl);
+      const json = (await res.json()) as { authorizedUsers?: unknown[] | null };
+      if (json.authorizedUsers && json.authorizedUsers.length > 0) return true;
     } catch {
-      // ignore transient errors, keep polling
+      // ignore transient errors
     }
-    await new Promise((r) => setTimeout(r, 400));
+    await new Promise((r) => setTimeout(r, 500));
   }
   return false;
 }
+

package/src/transaction.ts

@@ -15,8 +15,34 @@ import {
 
 type SolanaRpc = Rpc<SolanaRpcApi>;
 
+// eslint-disable-next-line @typescript-eslint/no-explicit-any
+const bigIntReplacer = (_: string, v: unknown) => typeof v === 'bigint' ? v.toString() : v;
+
+/**
+ * Poll for transaction confirmation and throw if it failed.
+ * This ensures callers always know immediately when a transaction is rejected.
+ */
+async function confirmTransaction(rpc: SolanaRpc, sig: string): Promise<void> {
+  for (let i = 0; i < 8; i++) {
+    await new Promise(r => setTimeout(r, 1000));
+    // eslint-disable-next-line @typescript-eslint/no-explicit-any
+    const statuses = await (rpc as any).getSignatureStatuses([sig], { searchTransactionHistory: false }).send().catch(() => null);
+    const status = statuses?.value?.[0];
+    if (status) {
+      if (status.err) {
+        throw new Error(`[TX] ${sig.slice(0, 16)}... FAILED: ${JSON.stringify(status.err, bigIntReplacer)}`);
+      }
+      console.log(`[TX] ${sig.slice(0, 16)}... ${status.confirmationStatus}`);
+      return;
+    }
+  }
+  // No status after 8s — treat as timeout rather than silently succeeding
+  throw new Error(`[TX] ${sig.slice(0, 16)}... confirmation timeout (no status after 8s)`);
+}
+
 /**
  * Build, sign with a Kit keypair signer, and send a single instruction.
+ * Throws if the transaction is rejected or times out.
  */
 export async function sendInstruction(
   rpc: SolanaRpc,
@@ -42,27 +68,13 @@ export async function sendInstruction(
     skipPreflight: true,
   }).send() as Promise<string>);
 
-  // Poll for status to detect runtime errors
-  for (let i = 0; i < 8; i++) {
-    await new Promise(r => setTimeout(r, 1000));
-    // eslint-disable-next-line @typescript-eslint/no-explicit-any
-    const statuses = await (rpc as any).getSignatureStatuses([sig], { searchTransactionHistory: false }).send().catch(() => null);
-    const status = statuses?.value?.[0];
-    if (status) {
-      if (status.err) {
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        console.error(`[TX] ${sig.slice(0, 16)}... FAILED:`, JSON.stringify(status.err, (_, v) => typeof v === 'bigint' ? v.toString() : v));
-      } else if (status.confirmationStatus) {
-        console.log(`[TX] ${sig.slice(0, 16)}... ${status.confirmationStatus}`);
-      }
-      break;
-    }
-  }
+  await confirmTransaction(rpc, sig);
   return sig;
 }
 
 /**
  * Build, sign, and send multiple instructions in a single transaction.
+ * Throws if the transaction is rejected or times out.
  */
 export async function sendInstructions(
   rpc: SolanaRpc,
@@ -83,8 +95,11 @@ export async function sendInstructions(
   const encoded = getBase64EncodedWireTransaction(signedTx);
 
   // eslint-disable-next-line @typescript-eslint/no-explicit-any
-  return rpc.sendTransaction(encoded as any, {
+  const sig = await (rpc.sendTransaction(encoded as any, {
     encoding: "base64",
     skipPreflight: true,
-  }).send() as Promise<string>;
+  }).send() as Promise<string>);
+
+  await confirmTransaction(rpc, sig);
+  return sig;
 }

package/src/utils.ts

@@ -8,6 +8,40 @@ import {
 const addressEncoder = getAddressEncoder();
 const utf8Encoder = getUtf8Encoder();
 
+export const PERMISSION_PROGRAM = "ACLseoPoyC3cBqoUtkbjZ4aDrkurZW86v19pXz2XQnp1" as Address;
+export const DELEGATION_PROGRAM = "DELeGGvXpWV2fqJUhqcF5ZSYMS4JTLjteaAMARRSaeSh" as Address;
+
+/** Derives the Permission PDA for a given permissioned account. */
+export async function derivePermissionPda(accountAddress: Address): Promise<Address> {
+  const [pda] = await getProgramDerivedAddress({
+    programAddress: PERMISSION_PROGRAM,
+    seeds: [utf8Encoder.encode("permission:"), addressEncoder.encode(accountAddress)],
+  });
+  return pda;
+}
+
+/** Derives the DELeGG delegation PDAs for the Permission PDA (used in DelegatePermission ix). */
+export async function derivePermissionDelegationPdas(permissionPda: Address): Promise<{
+  delegationBuffer: Address;
+  delegationRecord: Address;
+  delegationMetadata: Address;
+}> {
+  const [delegationRecord] = await getProgramDerivedAddress({
+    programAddress: DELEGATION_PROGRAM,
+    seeds: [utf8Encoder.encode("delegation"), addressEncoder.encode(permissionPda)],
+  });
+  const [delegationMetadata] = await getProgramDerivedAddress({
+    programAddress: DELEGATION_PROGRAM,
+    seeds: [utf8Encoder.encode("delegation-metadata"), addressEncoder.encode(permissionPda)],
+  });
+  // Buffer PDA is under the ownerProgram (PERMISSION_PROGRAM for the Permission PDA)
+  const [delegationBuffer] = await getProgramDerivedAddress({
+    programAddress: PERMISSION_PROGRAM,
+    seeds: [utf8Encoder.encode("buffer"), addressEncoder.encode(permissionPda)],
+  });
+  return { delegationBuffer, delegationRecord, delegationMetadata };
+}
+
 export const QUEUE_SEED = "queue";
 export const TENANT_SEED = "tenant";
 export const TICKET_SEED = "ticket";

package/src/encryption.ts

@@ -1,154 +0,0 @@
-export class EncryptionProvider {
-    private keyPair: CryptoKeyPair | null = null;
-    
-    // Check for crypto availability
-    private get crypto(): Crypto {
-        if (typeof globalThis.crypto !== 'undefined') {
-            return globalThis.crypto;
-        }
-        // Fallback for Node < 19 if global crypto not set (though SDK likely targets modern envs)
-        try {
-            return require('crypto').webcrypto;
-        } catch (e) {
-            throw new Error("WebCrypto API not available.");
-        }
-    }
-
-    /**
-     * Generate a fresh ephemeral keypair for the session (X25519/P-256).
-     */
-    async generateSessionKey(): Promise<CryptoKey> {
-        this.keyPair = await this.crypto.subtle.generateKey(
-            {
-                name: "ECDH",
-                namedCurve: "P-256", 
-            },
-            true,
-            ["deriveKey", "deriveBits"]
-        ) as CryptoKeyPair;
-        
-        return this.keyPair.publicKey;
-    }
-
-    /**
-     * Derive shared secret and encrypt payload.
-     */
-    async encryptPayload(
-        data: Uint8Array, 
-        teePublicKeyBytes: Uint8Array
-    ): Promise<{ encrypted: Uint8Array, clientPublicKey: Uint8Array }> {
-        if (!this.keyPair) {
-            await this.generateSessionKey();
-        }
-
-        // Import TEE Public Key
-        // Fix: Explicitly cast to BufferSource/any because TS gets confused with SharedArrayBuffer in some envs
-        const teeKey = await this.crypto.subtle.importKey(
-            "raw",
-            teePublicKeyBytes as unknown as BufferSource,
-            { name: "ECDH", namedCurve: "P-256" }, 
-            false,
-            []
-        );
-
-        // Derive Shared Secret (AES-GCM Key)
-        const sharedKey = await this.crypto.subtle.deriveKey(
-            {
-                name: "ECDH",
-                public: teeKey,
-            },
-            this.keyPair!.privateKey,
-            {
-                name: "AES-GCM",
-                length: 256,
-            },
-            false,
-            ["encrypt", "decrypt"]
-        );
-
-        // Encrypt Data
-        const iv = this.crypto.getRandomValues(new Uint8Array(12));
-        const encryptedBuffer = await this.crypto.subtle.encrypt(
-            {
-                name: "AES-GCM",
-                iv: iv,
-            },
-            sharedKey,
-            data as unknown as BufferSource
-        );
-
-        // Concatenate IV + CipherText
-        const encrypted = new Uint8Array(iv.length + encryptedBuffer.byteLength);
-        encrypted.set(iv);
-        encrypted.set(new Uint8Array(encryptedBuffer), iv.length);
-
-        // Export Client Public Key
-        const clientPubRaw = await this.crypto.subtle.exportKey("raw", this.keyPair!.publicKey);
-
-        return {
-            encrypted,
-            clientPublicKey: new Uint8Array(clientPubRaw)
-        };
-    }
-    
-    /**
-     * Decrypt a response from the TEE.
-     */
-    async decryptResponse(
-        encryptedData: Uint8Array, 
-        teePublicKeyBytes: Uint8Array
-    ): Promise<Uint8Array> {
-          if (!this.keyPair) throw new Error("No session key");
-          
-           // Import TEE Public Key
-        const teeKey = await this.crypto.subtle.importKey(
-            "raw",
-            teePublicKeyBytes as unknown as BufferSource,
-            { name: "ECDH", namedCurve: "P-256" }, 
-            false,
-            []
-        );
-
-        // Derive Shared Secret
-        const sharedKey = await this.crypto.subtle.deriveKey(
-            {
-                name: "ECDH",
-                public: teeKey,
-            },
-            this.keyPair!.privateKey,
-            {
-                name: "AES-GCM",
-                length: 256,
-            },
-            false,
-            ["encrypt", "decrypt"]
-        );
-        
-        const iv = encryptedData.slice(0, 12);
-        const ciphertext = encryptedData.slice(12);
-        
-        const decrypted = await this.crypto.subtle.decrypt(
-            {
-                name: "AES-GCM",
-                iv: iv,
-            },
-            sharedKey,
-            ciphertext as unknown as BufferSource
-        );
-        
-        return new Uint8Array(decrypted);
-    }
-
-    /**
-     * Helper to generate a valid random P-256 Public Key (65 bytes) for testing.
-     */
-    async createMockValidatorKey(): Promise<Uint8Array> {
-        const pair = await this.crypto.subtle.generateKey(
-            { name: "ECDH", namedCurve: "P-256" },
-            true, 
-            ["deriveKey"]
-        ) as CryptoKeyPair;
-        const raw = await this.crypto.subtle.exportKey("raw", pair.publicKey);
-        return new Uint8Array(raw);
-    }
-}