@affix-io/sdk 2.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.env.example +5 -0
- package/AUTHORS +5 -0
- package/CONTRIBUTING.md +32 -0
- package/LICENSE +201 -0
- package/NOTICE +7 -0
- package/README.md +211 -0
- package/SECURITY.md +39 -0
- package/certs/sectigo-r36.pem +36 -0
- package/dist/cli.d.ts +2 -0
- package/dist/cli.js +116 -0
- package/dist/client.d.ts +21 -0
- package/dist/client.js +72 -0
- package/dist/config.d.ts +4 -0
- package/dist/config.js +17 -0
- package/dist/credential-normalize.d.ts +3 -0
- package/dist/credential-normalize.js +10 -0
- package/dist/env.d.ts +12 -0
- package/dist/env.js +55 -0
- package/dist/field-input.d.ts +2 -0
- package/dist/field-input.js +35 -0
- package/dist/http.d.ts +11 -0
- package/dist/http.js +62 -0
- package/dist/index.d.ts +38 -0
- package/dist/index.js +154 -0
- package/dist/offline-queue.d.ts +11 -0
- package/dist/offline-queue.js +52 -0
- package/dist/proof-store.d.ts +10 -0
- package/dist/proof-store.js +44 -0
- package/dist/queue-body.d.ts +2 -0
- package/dist/queue-body.js +38 -0
- package/dist/types.d.ts +104 -0
- package/dist/types.js +1 -0
- package/dist/witness.d.ts +6 -0
- package/dist/witness.js +36 -0
- package/package.json +83 -0
- package/scripts/postinstall.mjs +19 -0
package/dist/types.d.ts
ADDED
|
@@ -0,0 +1,104 @@
|
|
|
1
|
+
export type Attestation = {
|
|
2
|
+
signed_at: string;
|
|
3
|
+
payload_digest: string;
|
|
4
|
+
mldsa_signature_b64: string;
|
|
5
|
+
algorithm: "ML-DSA-65";
|
|
6
|
+
};
|
|
7
|
+
export type AffixCredential = {
|
|
8
|
+
schema_id: string;
|
|
9
|
+
issuer_id: string;
|
|
10
|
+
issuer_pubkey_hash: string;
|
|
11
|
+
issuer_public_key_hex?: string;
|
|
12
|
+
credential_id: string;
|
|
13
|
+
claim_value: string | number;
|
|
14
|
+
valid_from: number;
|
|
15
|
+
valid_until: number;
|
|
16
|
+
fields?: Record<string, unknown>;
|
|
17
|
+
attestation?: Attestation;
|
|
18
|
+
};
|
|
19
|
+
export type WitnessContext = {
|
|
20
|
+
secret: string;
|
|
21
|
+
context_id: string;
|
|
22
|
+
as_of_timestamp?: number;
|
|
23
|
+
threshold?: number;
|
|
24
|
+
region_hash?: string;
|
|
25
|
+
required_coverage_hash?: string;
|
|
26
|
+
required_claim_hash?: string;
|
|
27
|
+
group_hash?: string;
|
|
28
|
+
min_value?: number;
|
|
29
|
+
max_value?: number;
|
|
30
|
+
min_remaining?: number;
|
|
31
|
+
reference_hash?: string;
|
|
32
|
+
expected_hash?: string;
|
|
33
|
+
claim_b?: string | number;
|
|
34
|
+
claim_c?: string | number;
|
|
35
|
+
required_a_hash?: string | number;
|
|
36
|
+
required_b_hash?: string | number;
|
|
37
|
+
required_c_hash?: string | number;
|
|
38
|
+
logic_mode?: string | number;
|
|
39
|
+
decision_hash?: string | number;
|
|
40
|
+
rules_hash?: string | number;
|
|
41
|
+
expected_decision_hash?: string | number;
|
|
42
|
+
expected_rules_hash?: string | number;
|
|
43
|
+
merkle_leaf?: string;
|
|
44
|
+
merkle_sibling0?: string;
|
|
45
|
+
merkle_sibling1?: string;
|
|
46
|
+
merkle_sibling2?: string;
|
|
47
|
+
merkle_index?: number;
|
|
48
|
+
merkle_root?: string;
|
|
49
|
+
};
|
|
50
|
+
export type WitnessPackage = {
|
|
51
|
+
circuit_id: string;
|
|
52
|
+
inputs: Record<string, string>;
|
|
53
|
+
};
|
|
54
|
+
export type ProveResult = {
|
|
55
|
+
proof_id: string;
|
|
56
|
+
circuit_id: string;
|
|
57
|
+
proof: string;
|
|
58
|
+
valid: boolean;
|
|
59
|
+
verified?: boolean;
|
|
60
|
+
decision?: "yes" | "no";
|
|
61
|
+
proof_digest: string;
|
|
62
|
+
return_value?: string;
|
|
63
|
+
merkle_root?: string;
|
|
64
|
+
merkle_leaf_hash?: string;
|
|
65
|
+
attestation?: Attestation;
|
|
66
|
+
witness?: WitnessPackage;
|
|
67
|
+
};
|
|
68
|
+
export type VerifyResult = {
|
|
69
|
+
proof_id: string;
|
|
70
|
+
valid: boolean;
|
|
71
|
+
verified: boolean;
|
|
72
|
+
decision: "yes" | "no";
|
|
73
|
+
circuit_id: string;
|
|
74
|
+
proof_digest: string;
|
|
75
|
+
merkle_root?: string;
|
|
76
|
+
merkle_leaf_hash?: string;
|
|
77
|
+
attestation?: Attestation;
|
|
78
|
+
};
|
|
79
|
+
export type SdkConfig = {
|
|
80
|
+
apiBase: string;
|
|
81
|
+
apiKey: string;
|
|
82
|
+
requestAttestation?: boolean;
|
|
83
|
+
sector?: string;
|
|
84
|
+
offlineQueuePath?: string;
|
|
85
|
+
proofStorePath?: string;
|
|
86
|
+
timeoutMs?: number;
|
|
87
|
+
};
|
|
88
|
+
export type QueuedProveJob = {
|
|
89
|
+
id: string;
|
|
90
|
+
circuit_id: string;
|
|
91
|
+
body: Record<string, unknown>;
|
|
92
|
+
created_at: string;
|
|
93
|
+
attempts: number;
|
|
94
|
+
};
|
|
95
|
+
export type StoredProof = {
|
|
96
|
+
proof_id: string;
|
|
97
|
+
circuit_id: string;
|
|
98
|
+
proof: string;
|
|
99
|
+
proof_digest: string;
|
|
100
|
+
valid: boolean;
|
|
101
|
+
created_at: string;
|
|
102
|
+
synced: boolean;
|
|
103
|
+
merkle_root?: string;
|
|
104
|
+
};
|
package/dist/types.js
ADDED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
export {};
|
|
@@ -0,0 +1,6 @@
|
|
|
1
|
+
import type { AffixCredential, WitnessContext, WitnessPackage } from "./types.js";
|
|
2
|
+
import type { AffixApiClient } from "./client.js";
|
|
3
|
+
export declare function randomFieldHex(): string;
|
|
4
|
+
export declare function defaultContext(overrides?: Partial<WitnessContext>): WitnessContext;
|
|
5
|
+
export declare function prepareWitness(client: AffixApiClient, circuitId: string, credential: AffixCredential, context: WitnessContext): Promise<WitnessPackage>;
|
|
6
|
+
export declare function witnessFromInputs(circuitId: string, inputs: Record<string, string>): WitnessPackage;
|
package/dist/witness.js
ADDED
|
@@ -0,0 +1,36 @@
|
|
|
1
|
+
import { randomBytes } from "node:crypto";
|
|
2
|
+
import { normalizeCredential } from "./credential-normalize.js";
|
|
3
|
+
const FR_MODULUS = 21888242871839275222246405745257275088548364400416034343698204186575808495617n;
|
|
4
|
+
function reduceField(value) {
|
|
5
|
+
return ((value % FR_MODULUS) + FR_MODULUS) % FR_MODULUS;
|
|
6
|
+
}
|
|
7
|
+
export function randomFieldHex() {
|
|
8
|
+
const bytes = randomBytes(32);
|
|
9
|
+
let acc = 0n;
|
|
10
|
+
for (const byte of bytes) {
|
|
11
|
+
acc = (acc << 8n) + BigInt(byte);
|
|
12
|
+
}
|
|
13
|
+
return `0x${reduceField(acc).toString(16)}`;
|
|
14
|
+
}
|
|
15
|
+
export function defaultContext(overrides = {}) {
|
|
16
|
+
return {
|
|
17
|
+
secret: overrides.secret ?? randomFieldHex(),
|
|
18
|
+
context_id: overrides.context_id ?? randomFieldHex(),
|
|
19
|
+
...overrides,
|
|
20
|
+
};
|
|
21
|
+
}
|
|
22
|
+
export async function prepareWitness(client, circuitId, credential, context) {
|
|
23
|
+
const response = await client.prepareWitness({
|
|
24
|
+
circuit_id: circuitId,
|
|
25
|
+
credential: normalizeCredential(credential),
|
|
26
|
+
context,
|
|
27
|
+
});
|
|
28
|
+
const witness = response.witness;
|
|
29
|
+
if (!witness?.inputs) {
|
|
30
|
+
throw new Error("witness_prepare_empty");
|
|
31
|
+
}
|
|
32
|
+
return witness;
|
|
33
|
+
}
|
|
34
|
+
export function witnessFromInputs(circuitId, inputs) {
|
|
35
|
+
return { circuit_id: circuitId, inputs };
|
|
36
|
+
}
|
package/package.json
ADDED
|
@@ -0,0 +1,83 @@
|
|
|
1
|
+
{
|
|
2
|
+
"name": "@affix-io/sdk",
|
|
3
|
+
"version": "2.0.0",
|
|
4
|
+
"description": "Post-quantum zero-knowledge proof SDK for Node.js. Noir circuits, ML-DSA-65 attestation, Barretenberg UltraHonk proving, verifiable credentials, and privacy-preserving KYC.",
|
|
5
|
+
"license": "Apache-2.0",
|
|
6
|
+
"type": "module",
|
|
7
|
+
"main": "./dist/index.js",
|
|
8
|
+
"types": "./dist/index.d.ts",
|
|
9
|
+
"homepage": "https://github.com/AffixIO/SDK",
|
|
10
|
+
"repository": {
|
|
11
|
+
"type": "git",
|
|
12
|
+
"url": "git+https://github.com/AffixIO/SDK.git"
|
|
13
|
+
},
|
|
14
|
+
"bugs": {
|
|
15
|
+
"url": "https://github.com/AffixIO/SDK/issues"
|
|
16
|
+
},
|
|
17
|
+
"keywords": [
|
|
18
|
+
"post-quantum-cryptography",
|
|
19
|
+
"post-quantum",
|
|
20
|
+
"quantum-safe",
|
|
21
|
+
"quantum-resistant",
|
|
22
|
+
"zero-knowledge",
|
|
23
|
+
"zero-knowledge-proofs",
|
|
24
|
+
"zkp",
|
|
25
|
+
"zk-snark",
|
|
26
|
+
"snark",
|
|
27
|
+
"noir",
|
|
28
|
+
"noir-lang",
|
|
29
|
+
"barretenberg",
|
|
30
|
+
"ultrahonk",
|
|
31
|
+
"ml-dsa",
|
|
32
|
+
"fips-204",
|
|
33
|
+
"fips-203",
|
|
34
|
+
"fips-205",
|
|
35
|
+
"crystals-dilithium",
|
|
36
|
+
"privacy-preserving",
|
|
37
|
+
"verifiable-credentials",
|
|
38
|
+
"attestation",
|
|
39
|
+
"kyc",
|
|
40
|
+
"identity",
|
|
41
|
+
"merkle",
|
|
42
|
+
"proof",
|
|
43
|
+
"prove",
|
|
44
|
+
"verify",
|
|
45
|
+
"nodejs",
|
|
46
|
+
"typescript",
|
|
47
|
+
"affixio"
|
|
48
|
+
],
|
|
49
|
+
"files": [
|
|
50
|
+
"dist",
|
|
51
|
+
"certs",
|
|
52
|
+
".env.example",
|
|
53
|
+
"README.md",
|
|
54
|
+
"LICENSE",
|
|
55
|
+
"NOTICE",
|
|
56
|
+
"SECURITY.md",
|
|
57
|
+
"CONTRIBUTING.md",
|
|
58
|
+
"AUTHORS",
|
|
59
|
+
"scripts/postinstall.mjs"
|
|
60
|
+
],
|
|
61
|
+
"exports": {
|
|
62
|
+
".": {
|
|
63
|
+
"types": "./dist/index.d.ts",
|
|
64
|
+
"import": "./dist/index.js"
|
|
65
|
+
}
|
|
66
|
+
},
|
|
67
|
+
"bin": {
|
|
68
|
+
"affix-sdk": "./dist/cli.js",
|
|
69
|
+
"affix-sdk-web": "./dist/cli.js"
|
|
70
|
+
},
|
|
71
|
+
"scripts": {
|
|
72
|
+
"start": "node dist/cli.js",
|
|
73
|
+
"postinstall": "node scripts/postinstall.mjs"
|
|
74
|
+
},
|
|
75
|
+
"engines": {
|
|
76
|
+
"node": ">=18"
|
|
77
|
+
},
|
|
78
|
+
"publishConfig": {
|
|
79
|
+
"access": "public",
|
|
80
|
+
"registry": "https://registry.npmjs.org"
|
|
81
|
+
},
|
|
82
|
+
"dependencies": {}
|
|
83
|
+
}
|
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
import { chmodSync, existsSync, readdirSync, statSync } from "node:fs";
|
|
2
|
+
import { join } from "node:path";
|
|
3
|
+
|
|
4
|
+
const binDir = join(process.cwd(), "node_modules", ".bin");
|
|
5
|
+
if (!existsSync(binDir)) {
|
|
6
|
+
process.exit(0);
|
|
7
|
+
}
|
|
8
|
+
|
|
9
|
+
for (const name of readdirSync(binDir)) {
|
|
10
|
+
const path = join(binDir, name);
|
|
11
|
+
try {
|
|
12
|
+
const mode = statSync(path).mode;
|
|
13
|
+
if ((mode & 0o111) === 0) {
|
|
14
|
+
chmodSync(path, mode | 0o755);
|
|
15
|
+
}
|
|
16
|
+
} catch {
|
|
17
|
+
// ignore broken symlinks
|
|
18
|
+
}
|
|
19
|
+
}
|