npm - @aithos/sdk - Versions diffs - 0.1.0-alpha.32 → 0.1.0-alpha.34 - Mend

@aithos/sdk 0.1.0-alpha.32 → 0.1.0-alpha.34

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/dist/src/auth.d.ts CHANGED Viewed

@@ -325,6 +325,42 @@ export declare class AithosAuth {
      * @internal
      */
     _findDelegateForSubject(did: string): DelegateActor | undefined;
+    /**
+     * Sign in with email + password, dispatching automatically between
+     * the legacy zero-knowledge flow ({@link signIn}) and the custodial
+     * flow ({@link signInCustodial}) based on which mode the account
+     * was provisioned with.
+     *
+     * Use this in apps that want a single sign-in form for users who
+     * may have been created under either mode (e.g. an app that's
+     * migrating from zk to custodial — pre-existing users stay zk
+     * forever, new ones go custodial, the SDK figures it out).
+     *
+     * Strategy: try {@link signInCustodial} first (the modern path).
+     * If the backend reports `auth_invalid_credentials` — which it
+     * uniformly returns for "wrong password", "unknown user", AND
+     * "user exists but not in custodial mode" (anti-enum) — fall
+     * back to {@link signIn} (zk).
+     *
+     * Other failure modes from the custodial path are NOT swallowed:
+     *   - `auth_email_not_verified` → propagate (user is custodial but
+     *     hasn't clicked the confirmation link yet; the app should
+     *     surface a "resend mail" CTA rather than retrying as zk,
+     *     which would also fail and mask the real cause)
+     *   - server / network errors → propagate (don't double the
+     *     incident by retrying through the other flow)
+     *
+     * Latency profile:
+     *   - Pure custodial (success or wrong pwd) : 1 round-trip
+     *   - Pure zk (any outcome)                 : 1 custodial probe + 2 zk
+     *   - Unknown email                         : same as zk worst case
+     *
+     * Anti-enum note: timing slightly leaks the mode (custodial path is
+     * faster than zk). Acceptable for V1 — rate limiting + strong
+     * passwords are the real defenses. A future strict-anti-enum mode
+     * could race both paths in parallel and accept the 2x backend load.
+     */
+    signInAuto(input: SignInInput): Promise<AithosSession>;
     signIn(input: SignInInput): Promise<AithosSession>;
     signUp(input: SignUpInput): Promise<SignUpResult>;
     /**

package/dist/src/auth.js CHANGED Viewed

@@ -20,7 +20,7 @@
 // JWT-less sessions (recovery / mandate sign-ins) are valid: the
 // keyStore is the source of truth for "is the user signed in", the
 // JWT is auxiliary for compute/wallet.
-import { buildBlobPlaintext, buildSignedEnvelope, createBrowserIdentity, decryptBlob, DEFAULT_KDF, deriveAuthAndEncKeys, encryptBlob, parseBlob, randomNonce, randomSalt, serializeBlob, signedDidDocument, zeroize, } from "@aithos/protocol-client";
+import { browserIdentityFromStored, buildBlobPlaintext, buildSignedEnvelope, createBrowserIdentity, decryptBlob, DEFAULT_KDF, deriveAuthAndEncKeys, encryptBlob, parseBlob, randomNonce, randomSalt, serializeBlob, signedDidDocument, zeroize, } from "@aithos/protocol-client";
 import { custodialResendVerify, custodialResetFinalize, custodialResetRequest, custodialSignIn, custodialSignUp, custodialVerifyEmail, loginChallenge, loginVerify, putBlob, registerAccount, } from "./auth-api.js";
 import { defaultSessionStore, } from "./session-store.js";
 import { defaultKeyStore, } from "./key-store.js";
@@ -178,6 +178,63 @@ export class AithosAuth {
         return this.#delegates.findForSubject(did);
     }
     /* ------------------------------------------------------------------------ */
+    /*  Unified email + password — signInAuto (zk / custodial dispatch)         */
+    /* ------------------------------------------------------------------------ */
+    /**
+     * Sign in with email + password, dispatching automatically between
+     * the legacy zero-knowledge flow ({@link signIn}) and the custodial
+     * flow ({@link signInCustodial}) based on which mode the account
+     * was provisioned with.
+     *
+     * Use this in apps that want a single sign-in form for users who
+     * may have been created under either mode (e.g. an app that's
+     * migrating from zk to custodial — pre-existing users stay zk
+     * forever, new ones go custodial, the SDK figures it out).
+     *
+     * Strategy: try {@link signInCustodial} first (the modern path).
+     * If the backend reports `auth_invalid_credentials` — which it
+     * uniformly returns for "wrong password", "unknown user", AND
+     * "user exists but not in custodial mode" (anti-enum) — fall
+     * back to {@link signIn} (zk).
+     *
+     * Other failure modes from the custodial path are NOT swallowed:
+     *   - `auth_email_not_verified` → propagate (user is custodial but
+     *     hasn't clicked the confirmation link yet; the app should
+     *     surface a "resend mail" CTA rather than retrying as zk,
+     *     which would also fail and mask the real cause)
+     *   - server / network errors → propagate (don't double the
+     *     incident by retrying through the other flow)
+     *
+     * Latency profile:
+     *   - Pure custodial (success or wrong pwd) : 1 round-trip
+     *   - Pure zk (any outcome)                 : 1 custodial probe + 2 zk
+     *   - Unknown email                         : same as zk worst case
+     *
+     * Anti-enum note: timing slightly leaks the mode (custodial path is
+     * faster than zk). Acceptable for V1 — rate limiting + strong
+     * passwords are the real defenses. A future strict-anti-enum mode
+     * could race both paths in parallel and accept the 2x backend load.
+     */
+    async signInAuto(input) {
+        if (!input.email || !input.password) {
+            throw new AithosSDKError("auth_invalid_input", "signInAuto: email and password are required");
+        }
+        try {
+            const r = await this.signInCustodial(input);
+            return r.session;
+        }
+        catch (e) {
+            // Only fall back on the specific anti-enum sentinel — preserve
+            // other error codes (notably auth_email_not_verified) so the
+            // caller can surface the right UI hint.
+            if (e instanceof AithosSDKError &&
+                e.code === "auth_invalid_credentials") {
+                return await this.signIn(input);
+            }
+            throw e;
+        }
+    }
+    /* ------------------------------------------------------------------------ */
     /*  Email + password — signIn                                                */
     /* ------------------------------------------------------------------------ */
     async signIn(input) {
@@ -883,6 +940,18 @@ export class AithosAuth {
         zeroize(seedCircle);
         zeroize(seedSelf);
         zeroize(resp.encKey);
+        // Bootstrap the Ethos on api.aithos.be (cf. notes in signInCustodial).
+        // The magic-link flow is the FIRST time the user actually has
+        // hydrated keys client-side, so this is typically when the identity
+        // gets published. Idempotent — safe to call again on subsequent
+        // clicks (which won't get here normally, but defensively).
+        const identity = browserIdentityFromStored({
+            handle: stored.handle,
+            displayName: stored.displayName,
+            did: stored.did,
+            seeds: stored.seedsHex,
+        });
+        await this.#publishIdentity(identity);
         if (this.#ownerSigners)
             this.#ownerSigners.destroy();
         this.#ownerSigners = OwnerSigners.fromStoredOwnerKeys(stored);
@@ -989,6 +1058,24 @@ export class AithosAuth {
         // The enc_key is informational here — the custodial blob is empty
         // at first login. We still don't keep it in memory.
         zeroize(resp.encKey);
+        // Bootstrap the Ethos on api.aithos.be — same as signUp(zk). Without
+        // this, the DID returned by signInCustodial isn't resolvable on the
+        // platform (feed / profile lookups return "not found: did …"). The
+        // call is idempotent server-side: a published identity replays as a
+        // no-op. We do it here (rather than only on a "first login" flag)
+        // because the auth Lambda doesn't know whether the api.aithos.be
+        // side has been populated — the SDK is the single source of truth
+        // for "the user's Ethos is bootstrapped".
+        //
+        // Failure aborts the sign-in: the user can retry (same behaviour as
+        // signUp(zk)), and the local keystore is NOT populated half-way.
+        const identity = browserIdentityFromStored({
+            handle: stored.handle,
+            displayName: stored.displayName,
+            did: stored.did,
+            seeds: stored.seedsHex,
+        });
+        await this.#publishIdentity(identity);
         // Hydrate in-memory owner signers from the freshly-stored material.
         if (this.#ownerSigners)
             this.#ownerSigners.destroy();

package/dist/src/index.d.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-export declare const VERSION = "0.1.0-alpha.32";
+export declare const VERSION = "0.1.0-alpha.34";
 export { AithosSDK } from "./sdk.js";
 export type { AithosSDKConfig } from "./types.js";
 export { AithosSDKError } from "./types.js";

package/dist/src/index.js CHANGED Viewed

@@ -17,7 +17,7 @@
 // Public types specific to the SDK (`AithosSDKConfig`, `AithosSDKError`)
 // are exported from here. Endpoint config (`AithosSdkEndpoints`,
 // `DEFAULT_SDK_ENDPOINTS`) likewise.
-export const VERSION = "0.1.0-alpha.32";
+export const VERSION = "0.1.0-alpha.34";
 export { AithosSDK } from "./sdk.js";
 export { AithosSDKError } from "./types.js";
 // Re-export protocol-client's JSON-RPC error type so consumers can

package/package.json CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "name": "@aithos/sdk",
-  "version": "0.1.0-alpha.32",
-  "description": "Aithos SDK \u2014 high-level TypeScript developer kit for building agentic apps on the Aithos protocol. Wraps @aithos/protocol-client and exposes the Aithos compute proxy and wallet (Stripe top-up) endpoints.",
+  "version": "0.1.0-alpha.34",
+  "description": "Aithos SDK — high-level TypeScript developer kit for building agentic apps on the Aithos protocol. Wraps @aithos/protocol-client and exposes the Aithos compute proxy and wallet (Stripe top-up) endpoints.",
   "keywords": [
     "aithos",
     "sdk",
@@ -39,15 +39,6 @@
     "README.md",
     "LICENSE"
   ],
-  "scripts": {
-    "build": "tsc",
-    "build:test": "tsc -p tsconfig.test.json",
-    "check-types": "tsc --noEmit && tsc -p tsconfig.test.json --noEmit",
-    "test": "npm run clean && npm run build && npm run build:test && cd dist && node --test",
-    "test:watch": "cd dist && node --test --watch",
-    "clean": "rm -rf dist",
-    "prepublishOnly": "npm run clean && npm run build && npm test"
-  },
   "engines": {
     "node": ">=20"
   },
@@ -63,5 +54,13 @@
   "publishConfig": {
     "access": "public",
     "tag": "alpha"
+  },
+  "scripts": {
+    "build": "tsc",
+    "build:test": "tsc -p tsconfig.test.json",
+    "check-types": "tsc --noEmit && tsc -p tsconfig.test.json --noEmit",
+    "test": "npm run clean && npm run build && npm run build:test && cd dist && node --test",
+    "test:watch": "cd dist && node --test --watch",
+    "clean": "rm -rf dist"
   }
-}
+}