@aptos-labs/ts-sdk 1.13.3-zeta.0 → 1.13.3-zeta.2

package/src/utils/apiEndpoints.ts

@@ -27,16 +27,16 @@ export const NetworkToFaucetAPI: Record<string, string> = {
 
 export const NetworkToPepperAPI: Record<string, string> = {
   mainnet: "mainnet not yet ready, requires sdk upgrade",
-  testnet: "https://api.testnet.aptoslabs.com/keyless/pepper/v0",
-  devnet: "https://api.devnet.aptoslabs.com/keyless/pepper/v0",
-  local: "https://api.devnet.aptoslabs.com/keyless/pepper/v0",
+  testnet: "https://pepper.keyless.testnet.aptoslabs.com/v0",
+  devnet: "https://pepper.keyless.devnet.aptoslabs.com/v0",
+  local: "https://pepper.keyless.devnet.aptoslabs.com/v0",
 };
 
 export const NetworkToProverAPI: Record<string, string> = {
   mainnet: "mainnet not yet ready, requires sdk upgrade",
-  testnet: "https://api.testnet.aptoslabs.com/keyless/prover/v0",
-  devnet: "https://api.devnet.aptoslabs.com/keyless/prover/v0",
-  local: "https://api.devnet.aptoslabs.com/keyless/prover/v0",
+  testnet: "https://prover.keyless.testnet.aptoslabs.com/v0",
+  devnet: "https://prover.keyless.devnet.aptoslabs.com/v0",
+  local: "https://prover.keyless.devnet.aptoslabs.com/v0",
 };
 
 export enum Network {

package/src/version.ts

@@ -6,4 +6,4 @@
  *
  * hardcoded for now, we would want to have it injected dynamically
  */
-export const VERSION = "1.13.3-zeta.0";
+export const VERSION = "1.13.3-zeta.2";

package/dist/esm/chunk-2M7KHFEG.mjs

@@ -1,2 +0,0 @@
-import{a as j}from"./chunk-W76IQV5K.mjs";import{a as g,b as I}from"./chunk-2YDIOWRJ.mjs";import{d as x}from"./chunk-E4Z5IEZP.mjs";import{a as E,b as T}from"./chunk-HURQZGUZ.mjs";import{i as w,j as K,k as h,m as A,n as b,o as l}from"./chunk-6NMHAFIO.mjs";import{k as S}from"./chunk-S5HG2QUD.mjs";import{b as P}from"./chunk-T23OVRNF.mjs";import{a as f}from"./chunk-6IFMQ5AS.mjs";import{b as y}from"./chunk-TVRJ3M7B.mjs";import{b as c}from"./chunk-AOCNYMMX.mjs";import{jwtDecode as D}from"jwt-decode";import{decode as U}from"base-64";function v(z){let e=z.replace(/-/g,"+").replace(/_/g,"/"),r=e+"==".substring(0,(3-e.length%3)%3);return U(r)}var o=class o{constructor(e){let{address:r,ephemeralKeyPair:t,iss:n,uidKey:a,uidVal:i,aud:s,pepper:p,proof:u,jwt:d}=e;this.ephemeralKeyPair=t;let B=K(e);this.publicKey=new w(n,B),this.accountAddress=r?P.from(r):this.publicKey.authKey().derivedAddress(),this.uidKey=a,this.uidVal=i,this.aud=s,this.jwt=d,this.proof=u,this.signingScheme=2;let m=c.fromHexInput(p).toUint8Array();if(m.length!==o.PEPPER_LENGTH)throw new Error(`Pepper length in bytes should be ${o.PEPPER_LENGTH}`);this.pepper=m}serialize(e){e.serializeStr(this.jwt),e.serializeStr(this.uidKey),e.serializeFixedBytes(this.pepper),this.ephemeralKeyPair.serialize(e),this.proof.serialize(e)}static deserialize(e){let r=e.deserializeStr(),t=e.deserializeStr(),n=e.deserializeFixedBytes(31),a=j.deserialize(e),i=A.deserialize(e);return o.fromJWTAndProof({proof:i,pepper:n,uidKey:t,jwt:r,ephemeralKeyPair:a})}bcsToBytes(){let e=new y;return this.serialize(e),e.toUint8Array()}bcsToHex(){let e=this.bcsToBytes();return c.fromHexInput(e)}signWithAuthenticator(e){let r=g(e),t=new T(this.sign(r.bcsToBytes())),n=new E(this.publicKey);return new x(n,t)}async waitForProofFetch(){this.proof instanceof Promise&&await this.proof}sign(e){let{expiryDateSecs:r}=this.ephemeralKeyPair,t=Math.floor(new Date().getTime()/1e3);if(r<t)throw new Error("Ephemeral key pair is expired.");if(this.proof instanceof Promise)throw new Error("Failed to fetch proof.");let n=this.jwt.split(".")[0],a=this.ephemeralKeyPair.getPublicKey(),i=new y;i.serializeFixedBytes(c.fromHexInput(e).toUint8Array()),i.serializeOption(this.proof.proof);let s=I(i.toUint8Array(),"APTOS::TransactionAndProof"),p=this.ephemeralKeyPair.sign(s);return new l({jwtHeader:v(n),openIdSignatureOrZkProof:new h(this.proof),expiryDateSecs:r,ephemeralPublicKey:a,ephemeralSignature:p})}signTransaction(e){let r=g(e);return this.sign(r.bcsToBytes())}signWithOpenIdSignature(e){let[r,t,n]=this.jwt.split("."),a=new b({jwtSignature:n,jwtPayloadJson:t,uidKey:this.uidKey,epkBlinder:this.ephemeralKeyPair.blinder,pepper:this.pepper}),{expiryDateSecs:i}=this.ephemeralKeyPair,s=this.ephemeralKeyPair.getPublicKey(),p=this.ephemeralKeyPair.sign(e);return new l({jwtHeader:r,openIdSignatureOrZkProof:new h(a),expiryDateSecs:i,ephemeralPublicKey:s,ephemeralSignature:p})}verifySignature(e){return!0}static fromBytes(e){return o.deserialize(new f(e))}static fromJWTAndProof(e){let{proof:r,jwt:t,ephemeralKeyPair:n,pepper:a}=e,i=e.uidKey??"sub",s=D(t),p=s.iss;if(typeof s.aud!="string")throw new Error("aud was not found or an array of values");let u=s.aud,d=s[i];return new o({proof:r,ephemeralKeyPair:n,iss:p,uidKey:i,uidVal:d,aud:u,pepper:a,jwt:t})}static fromDerivationPath(e,r){return S(e,o.SLIP_0010_SEED,r)}};o.PEPPER_LENGTH=31,o.SLIP_0010_SEED="32 bytes";var H=o;export{H as a};
-//# sourceMappingURL=chunk-2M7KHFEG.mjs.map

package/dist/esm/chunk-2M7KHFEG.mjs.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../../src/account/KeylessAccount.ts"],"sourcesContent":["// Copyright © Aptos Foundation\n// SPDX-License-Identifier: Apache-2.0\n\nimport { JwtPayload, jwtDecode } from \"jwt-decode\";\nimport { decode } from \"base-64\";\nimport { HexInput, SigningScheme } from \"../types\";\nimport { AccountAddress } from \"../core/accountAddress\";\nimport {\n  AnyPublicKey,\n  AnySignature,\n  KeylessPublicKey,\n  KeylessSignature,\n  OpenIdSignature,\n  OpenIdSignatureOrZkProof,\n  Signature,\n  SignedGroth16Signature,\n  computeAddressSeed,\n  fromDerivationPath as fromDerivationPathInner,\n} from \"../core/crypto\";\n\nimport { Account } from \"./Account\";\nimport { EphemeralKeyPair } from \"./EphemeralKeyPair\";\nimport { Hex } from \"../core/hex\";\nimport { AccountAuthenticatorSingleKey } from \"../transactions/authenticator/account\";\nimport { Deserializer, Serializer } from \"../bcs\";\nimport { deriveTransactionType, generateSigningMessage } from \"../transactions/transactionBuilder/signingMessage\";\nimport { AnyRawTransaction } from \"../transactions/types\";\n\nfunction base64UrlDecode(base64Url: string): string {\n  // Replace base64url-specific characters\n  const base64 = base64Url.replace(/-/g, \"+\").replace(/_/g, \"/\");\n\n  // Pad the string with '=' characters if needed\n  const paddedBase64 = base64 + \"==\".substring(0, (3 - (base64.length % 3)) % 3);\n\n  // Decode the base64 string using the base-64 library\n  const decodedString = decode(paddedBase64);\n\n  return decodedString;\n}\n\nexport class KeylessAccount implements Account {\n  static readonly PEPPER_LENGTH: number = 31;\n\n  static readonly SLIP_0010_SEED: string = \"32 bytes\";\n\n  publicKey: KeylessPublicKey;\n\n  ephemeralKeyPair: EphemeralKeyPair;\n\n  uidKey: string;\n\n  uidVal: string;\n\n  aud: string;\n\n  pepper: Uint8Array;\n\n  accountAddress: AccountAddress;\n\n  proof: SignedGroth16Signature;\n\n  signingScheme: SigningScheme;\n\n  jwt: string;\n\n  constructor(args: {\n    address?: AccountAddress;\n    ephemeralKeyPair: EphemeralKeyPair;\n    iss: string;\n    uidKey: string;\n    uidVal: string;\n    aud: string;\n    pepper: HexInput;\n    proof: SignedGroth16Signature;\n    jwt: string;\n  }) {\n    const { address, ephemeralKeyPair, iss, uidKey, uidVal, aud, pepper, proof, jwt } = args;\n    this.ephemeralKeyPair = ephemeralKeyPair;\n    const addressSeed = computeAddressSeed(args);\n    this.publicKey = new KeylessPublicKey(iss, addressSeed);\n    this.accountAddress = address ? AccountAddress.from(address) : this.publicKey.authKey().derivedAddress();\n    this.uidKey = uidKey;\n    this.uidVal = uidVal;\n    this.aud = aud;\n    this.jwt = jwt;\n    this.proof = proof;\n\n    this.signingScheme = SigningScheme.SingleKey;\n    const pepperBytes = Hex.fromHexInput(pepper).toUint8Array();\n    if (pepperBytes.length !== KeylessAccount.PEPPER_LENGTH) {\n      throw new Error(`Pepper length in bytes should be ${KeylessAccount.PEPPER_LENGTH}`);\n    }\n    this.pepper = pepperBytes;\n  }\n\n  serialize(serializer: Serializer): void {\n    serializer.serializeStr(this.jwt);\n    serializer.serializeStr(this.uidKey);\n    serializer.serializeFixedBytes(this.pepper);\n    this.ephemeralKeyPair.serialize(serializer);\n    this.proof.serialize(serializer);\n  }\n\n  static deserialize(deserializer: Deserializer): KeylessAccount {\n    const jwt = deserializer.deserializeStr();\n    const uidKey = deserializer.deserializeStr();\n    const pepper = deserializer.deserializeFixedBytes(31);\n    const ephemeralKeyPair = EphemeralKeyPair.deserialize(deserializer);\n    const proof = SignedGroth16Signature.deserialize(deserializer);\n    return KeylessAccount.fromJWTAndProof({\n      proof,\n      pepper,\n      uidKey,\n      jwt,\n      ephemeralKeyPair,\n    });\n  }\n\n  bcsToBytes(): Uint8Array {\n    const serializer = new Serializer();\n    this.serialize(serializer);\n    return serializer.toUint8Array();\n  }\n\n  bcsToHex(): Hex {\n    const bcsBytes = this.bcsToBytes();\n    return Hex.fromHexInput(bcsBytes);\n  }\n\n  signWithAuthenticator(transaction: AnyRawTransaction): AccountAuthenticatorSingleKey {\n    const raw = deriveTransactionType(transaction);\n    const signature = new AnySignature(this.sign(raw.bcsToBytes()));\n    const publicKey = new AnyPublicKey(this.publicKey);\n    return new AccountAuthenticatorSingleKey(publicKey, signature);\n  }\n\n  async waitForProofFetch() {\n    if (this.proof instanceof Promise) {\n      await this.proof;\n    }\n  }\n\n  sign(data: HexInput): Signature {\n    const { expiryDateSecs } = this.ephemeralKeyPair;\n    const currentTimeInSeconds = Math.floor(new Date().getTime() / 1000);\n    if (expiryDateSecs < currentTimeInSeconds) {\n      throw new Error(\"Ephemeral key pair is expired.\");\n    }\n    if (this.proof instanceof Promise) {\n      throw new Error(\"Failed to fetch proof.\");\n    }\n    const jwtHeader = this.jwt.split(\".\")[0];\n    const ephemeralPublicKey = this.ephemeralKeyPair.getPublicKey();\n\n    const serializer = new Serializer();\n    serializer.serializeFixedBytes(Hex.fromHexInput(data).toUint8Array());\n    serializer.serializeOption(this.proof.proof);\n    const signMess = generateSigningMessage(serializer.toUint8Array(), \"APTOS::TransactionAndProof\");\n\n    const ephemeralSignature = this.ephemeralKeyPair.sign(signMess);\n\n    return new KeylessSignature({\n      jwtHeader: base64UrlDecode(jwtHeader),\n      openIdSignatureOrZkProof: new OpenIdSignatureOrZkProof(this.proof),\n      expiryDateSecs,\n      ephemeralPublicKey,\n      ephemeralSignature,\n    });\n  }\n\n  signTransaction(transaction: AnyRawTransaction): Signature {\n    const raw = deriveTransactionType(transaction);\n    return this.sign(raw.bcsToBytes());\n  }\n\n  signWithOpenIdSignature(data: HexInput): Signature {\n    const [jwtHeader, jwtPayload, jwtSignature] = this.jwt.split(\".\");\n    const openIdSig = new OpenIdSignature({\n      jwtSignature,\n      jwtPayloadJson: jwtPayload,\n      uidKey: this.uidKey,\n      epkBlinder: this.ephemeralKeyPair.blinder,\n      pepper: this.pepper,\n    });\n\n    const { expiryDateSecs } = this.ephemeralKeyPair;\n    const ephemeralPublicKey = this.ephemeralKeyPair.getPublicKey();\n    const ephemeralSignature = this.ephemeralKeyPair.sign(data);\n    return new KeylessSignature({\n      jwtHeader,\n      openIdSignatureOrZkProof: new OpenIdSignatureOrZkProof(openIdSig),\n      expiryDateSecs,\n      ephemeralPublicKey,\n      ephemeralSignature,\n    });\n  }\n\n  // eslint-disable-next-line @typescript-eslint/no-unused-vars, class-methods-use-this\n  verifySignature(args: { message: HexInput; signature: Signature }): boolean {\n    return true;\n  }\n\n  static fromBytes(bytes: Uint8Array): KeylessAccount {\n    return KeylessAccount.deserialize(new Deserializer(bytes));\n  }\n\n  static fromJWTAndProof(args: {\n    proof: SignedGroth16Signature;\n    jwt: string;\n    ephemeralKeyPair: EphemeralKeyPair;\n    pepper: HexInput;\n    uidKey?: string;\n  }): KeylessAccount {\n    const { proof, jwt, ephemeralKeyPair, pepper } = args;\n    const uidKey = args.uidKey ?? \"sub\";\n\n    const jwtPayload = jwtDecode<JwtPayload & { [key: string]: string }>(jwt);\n    const iss = jwtPayload.iss!;\n    if (typeof jwtPayload.aud !== \"string\") {\n      throw new Error(\"aud was not found or an array of values\");\n    }\n    const aud = jwtPayload.aud!;\n    const uidVal = jwtPayload[uidKey];\n    return new KeylessAccount({\n      proof,\n      ephemeralKeyPair,\n      iss,\n      uidKey,\n      uidVal,\n      aud,\n      pepper,\n      jwt,\n    });\n  }\n\n  static fromDerivationPath(path: string, seed: Uint8Array): Uint8Array {\n    return fromDerivationPathInner(path, KeylessAccount.SLIP_0010_SEED, seed);\n  }\n}\n"],"mappings":"2cAGA,OAAqB,aAAAA,MAAiB,aACtC,OAAS,UAAAC,MAAc,UAwBvB,SAASC,EAAgBC,EAA2B,CAElD,IAAMC,EAASD,EAAU,QAAQ,KAAM,GAAG,EAAE,QAAQ,KAAM,GAAG,EAGvDE,EAAeD,EAAS,KAAK,UAAU,GAAI,EAAKA,EAAO,OAAS,GAAM,CAAC,EAK7E,OAFsBE,EAAOD,CAAY,CAG3C,CAEO,IAAME,EAAN,MAAMA,CAAkC,CAyB7C,YAAYC,EAUT,CACD,GAAM,CAAE,QAAAC,EAAS,iBAAAC,EAAkB,IAAAC,EAAK,OAAAC,EAAQ,OAAAC,EAAQ,IAAAC,EAAK,OAAAC,EAAQ,MAAAC,EAAO,IAAAC,CAAI,EAAIT,EACpF,KAAK,iBAAmBE,EACxB,IAAMQ,EAAcC,EAAmBX,CAAI,EAC3C,KAAK,UAAY,IAAIY,EAAiBT,EAAKO,CAAW,EACtD,KAAK,eAAiBT,EAAUY,EAAe,KAAKZ,CAAO,EAAI,KAAK,UAAU,QAAQ,EAAE,eAAe,EACvG,KAAK,OAASG,EACd,KAAK,OAASC,EACd,KAAK,IAAMC,EACX,KAAK,IAAMG,EACX,KAAK,MAAQD,EAEb,KAAK,cAAgB,EACrB,IAAMM,EAAcC,EAAI,aAAaR,CAAM,EAAE,aAAa,EAC1D,GAAIO,EAAY,SAAWf,EAAe,cACxC,MAAM,IAAI,MAAM,oCAAoCA,EAAe,aAAa,EAAE,EAEpF,KAAK,OAASe,CAChB,CAEA,UAAUE,EAA8B,CACtCA,EAAW,aAAa,KAAK,GAAG,EAChCA,EAAW,aAAa,KAAK,MAAM,EACnCA,EAAW,oBAAoB,KAAK,MAAM,EAC1C,KAAK,iBAAiB,UAAUA,CAAU,EAC1C,KAAK,MAAM,UAAUA,CAAU,CACjC,CAEA,OAAO,YAAYC,EAA4C,CAC7D,IAAMR,EAAMQ,EAAa,eAAe,EAClCb,EAASa,EAAa,eAAe,EACrCV,EAASU,EAAa,sBAAsB,EAAE,EAC9Cf,EAAmBgB,EAAiB,YAAYD,CAAY,EAC5DT,EAAQW,EAAuB,YAAYF,CAAY,EAC7D,OAAOlB,EAAe,gBAAgB,CACpC,MAAAS,EACA,OAAAD,EACA,OAAAH,EACA,IAAAK,EACA,iBAAAP,CACF,CAAC,CACH,CAEA,YAAyB,CACvB,IAAMc,EAAa,IAAII,EACvB,YAAK,UAAUJ,CAAU,EAClBA,EAAW,aAAa,CACjC,CAEA,UAAgB,CACd,IAAMK,EAAW,KAAK,WAAW,EACjC,OAAON,EAAI,aAAaM,CAAQ,CAClC,CAEA,sBAAsBC,EAA+D,CACnF,IAAMC,EAAMC,EAAsBF,CAAW,EACvCG,EAAY,IAAIC,EAAa,KAAK,KAAKH,EAAI,WAAW,CAAC,CAAC,EACxDI,EAAY,IAAIC,EAAa,KAAK,SAAS,EACjD,OAAO,IAAIC,EAA8BF,EAAWF,CAAS,CAC/D,CAEA,MAAM,mBAAoB,CACpB,KAAK,iBAAiB,SACxB,MAAM,KAAK,KAEf,CAEA,KAAKK,EAA2B,CAC9B,GAAM,CAAE,eAAAC,CAAe,EAAI,KAAK,iBAC1BC,EAAuB,KAAK,MAAM,IAAI,KAAK,EAAE,QAAQ,EAAI,GAAI,EACnE,GAAID,EAAiBC,EACnB,MAAM,IAAI,MAAM,gCAAgC,EAElD,GAAI,KAAK,iBAAiB,QACxB,MAAM,IAAI,MAAM,wBAAwB,EAE1C,IAAMC,EAAY,KAAK,IAAI,MAAM,GAAG,EAAE,CAAC,EACjCC,EAAqB,KAAK,iBAAiB,aAAa,EAExDlB,EAAa,IAAII,EACvBJ,EAAW,oBAAoBD,EAAI,aAAae,CAAI,EAAE,aAAa,CAAC,EACpEd,EAAW,gBAAgB,KAAK,MAAM,KAAK,EAC3C,IAAMmB,EAAWC,EAAuBpB,EAAW,aAAa,EAAG,4BAA4B,EAEzFqB,EAAqB,KAAK,iBAAiB,KAAKF,CAAQ,EAE9D,OAAO,IAAIG,EAAiB,CAC1B,UAAW5C,EAAgBuC,CAAS,EACpC,yBAA0B,IAAIM,EAAyB,KAAK,KAAK,EACjE,eAAAR,EACA,mBAAAG,EACA,mBAAAG,CACF,CAAC,CACH,CAEA,gBAAgBf,EAA2C,CACzD,IAAMC,EAAMC,EAAsBF,CAAW,EAC7C,OAAO,KAAK,KAAKC,EAAI,WAAW,CAAC,CACnC,CAEA,wBAAwBO,EAA2B,CACjD,GAAM,CAACG,EAAWO,EAAYC,CAAY,EAAI,KAAK,IAAI,MAAM,GAAG,EAC1DC,EAAY,IAAIC,EAAgB,CACpC,aAAAF,EACA,eAAgBD,EAChB,OAAQ,KAAK,OACb,WAAY,KAAK,iBAAiB,QAClC,OAAQ,KAAK,MACf,CAAC,EAEK,CAAE,eAAAT,CAAe,EAAI,KAAK,iBAC1BG,EAAqB,KAAK,iBAAiB,aAAa,EACxDG,EAAqB,KAAK,iBAAiB,KAAKP,CAAI,EAC1D,OAAO,IAAIQ,EAAiB,CAC1B,UAAAL,EACA,yBAA0B,IAAIM,EAAyBG,CAAS,EAChE,eAAAX,EACA,mBAAAG,EACA,mBAAAG,CACF,CAAC,CACH,CAGA,gBAAgBrC,EAA4D,CAC1E,MAAO,EACT,CAEA,OAAO,UAAU4C,EAAmC,CAClD,OAAO7C,EAAe,YAAY,IAAI8C,EAAaD,CAAK,CAAC,CAC3D,CAEA,OAAO,gBAAgB5C,EAMJ,CACjB,GAAM,CAAE,MAAAQ,EAAO,IAAAC,EAAK,iBAAAP,EAAkB,OAAAK,CAAO,EAAIP,EAC3CI,EAASJ,EAAK,QAAU,MAExBwC,EAAaM,EAAkDrC,CAAG,EAClEN,EAAMqC,EAAW,IACvB,GAAI,OAAOA,EAAW,KAAQ,SAC5B,MAAM,IAAI,MAAM,yCAAyC,EAE3D,IAAMlC,EAAMkC,EAAW,IACjBnC,EAASmC,EAAWpC,CAAM,EAChC,OAAO,IAAIL,EAAe,CACxB,MAAAS,EACA,iBAAAN,EACA,IAAAC,EACA,OAAAC,EACA,OAAAC,EACA,IAAAC,EACA,OAAAC,EACA,IAAAE,CACF,CAAC,CACH,CAEA,OAAO,mBAAmBsC,EAAcC,EAA8B,CACpE,OAAOC,EAAwBF,EAAMhD,EAAe,eAAgBiD,CAAI,CAC1E,CACF,EAtMajD,EACK,cAAwB,GAD7BA,EAGK,eAAyB,WAHpC,IAAMmD,EAANnD","names":["jwtDecode","decode","base64UrlDecode","base64Url","base64","paddedBase64","decode","_KeylessAccount","args","address","ephemeralKeyPair","iss","uidKey","uidVal","aud","pepper","proof","jwt","addressSeed","computeAddressSeed","KeylessPublicKey","AccountAddress","pepperBytes","Hex","serializer","deserializer","EphemeralKeyPair","SignedGroth16Signature","Serializer","bcsBytes","transaction","raw","deriveTransactionType","signature","AnySignature","publicKey","AnyPublicKey","AccountAuthenticatorSingleKey","data","expiryDateSecs","currentTimeInSeconds","jwtHeader","ephemeralPublicKey","signMess","generateSigningMessage","ephemeralSignature","KeylessSignature","OpenIdSignatureOrZkProof","jwtPayload","jwtSignature","openIdSig","OpenIdSignature","bytes","Deserializer","jwtDecode","path","seed","fromDerivationPath","KeylessAccount"]}

package/dist/esm/chunk-5VSMDXZ6.mjs

@@ -1,2 +0,0 @@
-var s={mainnet:"https://api.mainnet.aptoslabs.com/v1/graphql",testnet:"https://api.testnet.aptoslabs.com/v1/graphql",devnet:"https://api.devnet.aptoslabs.com/v1/graphql",randomnet:"https://indexer-randomnet.hasura.app/v1/graphql",local:"http://127.0.0.1:8090/v1/graphql"},o={mainnet:"https://api.mainnet.aptoslabs.com/v1",testnet:"https://api.testnet.aptoslabs.com/v1",devnet:"https://api.devnet.aptoslabs.com/v1",randomnet:"https://fullnode.random.aptoslabs.com/v1",local:"http://127.0.0.1:8080/v1"},n={mainnet:"https://faucet.mainnet.aptoslabs.com",testnet:"https://faucet.testnet.aptoslabs.com",devnet:"https://faucet.devnet.aptoslabs.com",randomnet:"https://faucet.random.aptoslabs.com",local:"http://127.0.0.1:8081"},a={mainnet:"mainnet not yet ready, requires sdk upgrade",testnet:"https://api.testnet.aptoslabs.com/keyless/pepper/v0",devnet:"https://api.devnet.aptoslabs.com/keyless/pepper/v0",local:"https://api.devnet.aptoslabs.com/keyless/pepper/v0"},p={mainnet:"mainnet not yet ready, requires sdk upgrade",testnet:"https://api.testnet.aptoslabs.com/keyless/prover/v0",devnet:"https://api.devnet.aptoslabs.com/keyless/prover/v0",local:"https://api.devnet.aptoslabs.com/keyless/prover/v0"},e=(t=>(t.MAINNET="mainnet",t.TESTNET="testnet",t.DEVNET="devnet",t.RANDOMNET="randomnet",t.LOCAL="local",t.CUSTOM="custom",t))(e||{}),r={mainnet:1,testnet:2,randomnet:70,local:4},c={mainnet:"mainnet",testnet:"testnet",devnet:"devnet",randomnet:"randomnet",local:"local",custom:"custom"};export{s as a,o as b,n as c,a as d,p as e,e as f,r as g,c as h};
-//# sourceMappingURL=chunk-5VSMDXZ6.mjs.map

package/dist/esm/chunk-5VSMDXZ6.mjs.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../../src/utils/apiEndpoints.ts"],"sourcesContent":["// Copyright © Aptos Foundation\n// SPDX-License-Identifier: Apache-2.0\n\nexport const NetworkToIndexerAPI: Record<string, string> = {\n  mainnet: \"https://api.mainnet.aptoslabs.com/v1/graphql\",\n  testnet: \"https://api.testnet.aptoslabs.com/v1/graphql\",\n  devnet: \"https://api.devnet.aptoslabs.com/v1/graphql\",\n  randomnet: \"https://indexer-randomnet.hasura.app/v1/graphql\",\n  local: \"http://127.0.0.1:8090/v1/graphql\",\n};\n\nexport const NetworkToNodeAPI: Record<string, string> = {\n  mainnet: \"https://api.mainnet.aptoslabs.com/v1\",\n  testnet: \"https://api.testnet.aptoslabs.com/v1\",\n  devnet: \"https://api.devnet.aptoslabs.com/v1\",\n  randomnet: \"https://fullnode.random.aptoslabs.com/v1\",\n  local: \"http://127.0.0.1:8080/v1\",\n};\n\nexport const NetworkToFaucetAPI: Record<string, string> = {\n  mainnet: \"https://faucet.mainnet.aptoslabs.com\",\n  testnet: \"https://faucet.testnet.aptoslabs.com\",\n  devnet: \"https://faucet.devnet.aptoslabs.com\",\n  randomnet: \"https://faucet.random.aptoslabs.com\",\n  local: \"http://127.0.0.1:8081\",\n};\n\nexport const NetworkToPepperAPI: Record<string, string> = {\n  mainnet: \"mainnet not yet ready, requires sdk upgrade\",\n  testnet: \"https://api.testnet.aptoslabs.com/keyless/pepper/v0\",\n  devnet: \"https://api.devnet.aptoslabs.com/keyless/pepper/v0\",\n  local: \"https://api.devnet.aptoslabs.com/keyless/pepper/v0\",\n};\n\nexport const NetworkToProverAPI: Record<string, string> = {\n  mainnet: \"mainnet not yet ready, requires sdk upgrade\",\n  testnet: \"https://api.testnet.aptoslabs.com/keyless/prover/v0\",\n  devnet: \"https://api.devnet.aptoslabs.com/keyless/prover/v0\",\n  local: \"https://api.devnet.aptoslabs.com/keyless/prover/v0\",\n};\n\nexport enum Network {\n  MAINNET = \"mainnet\",\n  TESTNET = \"testnet\",\n  DEVNET = \"devnet\",\n  RANDOMNET = \"randomnet\",\n  LOCAL = \"local\",\n  CUSTOM = \"custom\",\n}\n\nexport const NetworkToChainId: Record<string, number> = {\n  mainnet: 1,\n  testnet: 2,\n  randomnet: 70,\n  local: 4,\n};\n\nexport const NetworkToNetworkName: Record<string, Network> = {\n  mainnet: Network.MAINNET,\n  testnet: Network.TESTNET,\n  devnet: Network.DEVNET,\n  randomnet: Network.RANDOMNET,\n  local: Network.LOCAL,\n  custom: Network.CUSTOM,\n};\n"],"mappings":"AAGO,IAAMA,EAA8C,CACzD,QAAS,+CACT,QAAS,+CACT,OAAQ,8CACR,UAAW,kDACX,MAAO,kCACT,EAEaC,EAA2C,CACtD,QAAS,uCACT,QAAS,uCACT,OAAQ,sCACR,UAAW,2CACX,MAAO,0BACT,EAEaC,EAA6C,CACxD,QAAS,uCACT,QAAS,uCACT,OAAQ,sCACR,UAAW,sCACX,MAAO,uBACT,EAEaC,EAA6C,CACxD,QAAS,8CACT,QAAS,sDACT,OAAQ,qDACR,MAAO,oDACT,EAEaC,EAA6C,CACxD,QAAS,8CACT,QAAS,sDACT,OAAQ,qDACR,MAAO,oDACT,EAEYC,OACVA,EAAA,QAAU,UACVA,EAAA,QAAU,UACVA,EAAA,OAAS,SACTA,EAAA,UAAY,YACZA,EAAA,MAAQ,QACRA,EAAA,OAAS,SANCA,OAAA,IASCC,EAA2C,CACtD,QAAS,EACT,QAAS,EACT,UAAW,GACX,MAAO,CACT,EAEaC,EAAgD,CAC3D,QAAS,UACT,QAAS,UACT,OAAQ,SACR,UAAW,YACX,MAAO,QACP,OAAQ,QACV","names":["NetworkToIndexerAPI","NetworkToNodeAPI","NetworkToFaucetAPI","NetworkToPepperAPI","NetworkToProverAPI","Network","NetworkToChainId","NetworkToNetworkName"]}

package/dist/esm/chunk-NNA5VEB2.mjs

@@ -1,2 +0,0 @@
-import{c as E}from"./chunk-NMVZP3Q2.mjs";import{e as x,f as K}from"./chunk-7XHVF3ZX.mjs";import{a as g}from"./chunk-2M7KHFEG.mjs";import{a as m,l as h,m as A}from"./chunk-6NMHAFIO.mjs";import{b as S}from"./chunk-7MPJPZ73.mjs";import{c as d}from"./chunk-S5HG2QUD.mjs";import{b as l}from"./chunk-TVRJ3M7B.mjs";import{b as a}from"./chunk-AOCNYMMX.mjs";import{jwtDecode as b}from"jwt-decode";import{bls12_381 as p}from"@noble/curves/bls12-381";var v="APTOS_KEYLESS_PEPPER_PINKAS_VUF_DST";function w(e){return new TextEncoder().encode(e)}var I=p.G2.hashToCurve(w("APTOS_KEYLESS_PEPPER_PINKAS_VUF_SECRET_KEY_BASE"),{DST:v}).toAffine();function j(e){let{jwt:r,uidKey:o}=e,t=b(r),i=new l;i.serializeStr(t.iss),i.serializeStr(t.aud),i.serializeStr(t[o||"sub"]),i.serializeStr(o||"sub");let s=i.toUint8Array(),n=p.G1.hashToCurve(s,{DST:"APTOS_PEPPER_SERVICE_BLS12381_VUF_DST"}).toAffine();return p.G1.ProjectivePoint.fromAffine(n)}async function C(e){let{aptosConfig:r,pepperInput:o,pepperBase:t}=e,{data:i}=await E({aptosConfig:r,path:"vrf-pub-key",originMethod:"getPepper"}),s=p.G2.ProjectivePoint.fromHex(i.vrf_public_key_hex_string);return p.verifyShortSignature(t,o,s)}async function H(e){let{aptosConfig:r,jwt:o,ephemeralKeyPair:t,uidKey:i,verify:s}=e,{derivationPath:n}=e,f={jwt_b64:o,epk:t.getPublicKey().bcsToHex().toStringWithoutPrefix(),exp_date_secs:Number(t.expiryDateSecs),epk_blinder:a.fromHexInput(t.blinder).toStringWithoutPrefix(),uid_key:i},{data:P}=await x({aptosConfig:r,path:"fetch",body:f,originMethod:"getPepper",overrides:{WITH_CREDENTIALS:!1}}),c=a.fromHexInput(P.signature).toUint8Array();if(s&&!C({aptosConfig:r,pepperBase:c,pepperInput:j(e)}))throw new Error("Unable to verify");let u=p.pairing(p.G1.ProjectivePoint.fromHex(c),p.G2.ProjectivePoint.fromAffine(I));return n===void 0&&(n=d),g.fromDerivationPath(n,p.fields.Fp12.toBytes(u)).slice(0,31)}async function F(e){let{aptosConfig:r,jwt:o,ephemeralKeyPair:t,pepper:i,uidKey:s,extraFieldKey:n}=e,f=b(o),P;if(n){let T=f[n];P=`"${n}":"${T}",`}let c={jwt_b64:o,epk:t.getPublicKey().bcsToHex().toStringWithoutPrefix(),epk_blinder:a.fromHexInput(t.blinder).toStringWithoutPrefix(),exp_date_secs:Number(t.expiryDateSecs),exp_horizon_secs:m,pepper:a.fromHexInput(i).toStringWithoutPrefix(),extra_field:n,uid_key:s||"sub"},{data:u}=await K({aptosConfig:r,path:"prove",body:c,originMethod:"getProof",overrides:{WITH_CREDENTIALS:!1}}),y=u.proof,_=new h({a:y.a,b:y.b,c:y.c});return new A({proof:_,extraField:P,trainingWheelsSignature:S.fromHex(u.training_wheels_signature)})}async function W(e){let{pepper:r}=e;if(r===void 0)r=await H(e);else if(a.fromHexInput(r).toUint8Array().length!==31)throw new Error("Pepper needs to be 31 bytes");let o=await F({...e,pepper:r});return g.fromJWTAndProof({...e,proof:o,pepper:r})}export{H as a,F as b,W as c};
-//# sourceMappingURL=chunk-NNA5VEB2.mjs.map

package/dist/esm/chunk-NNA5VEB2.mjs.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../../src/internal/keyless.ts"],"sourcesContent":["// Copyright © Aptos Foundation\n// SPDX-License-Identifier: Apache-2.0\n\n/**\n * This file contains the underlying implementations for exposed API surface in\n * the {@link api/oidb}. By moving the methods out into a separate file,\n * other namespaces and processes can access these methods without depending on the entire\n * faucet namespace and without having a dependency cycle error.\n */\nimport { jwtDecode } from \"jwt-decode\";\nimport { bls12_381 as bls } from \"@noble/curves/bls12-381\";\nimport { ProjPointType } from \"@noble/curves/abstract/weierstrass\";\nimport { AptosConfig } from \"../api/aptosConfig\";\nimport { getAptosPepperService, postAptosPepperService, postAptosProvingService } from \"../client\";\nimport {\n  APTOS_BIP44_DEFAULT_DERIVATION_PATH,\n  EPK_HORIZON_SECS,\n  EphemeralSignature,\n  Groth16Zkp,\n  Hex,\n  SignedGroth16Signature,\n} from \"../core\";\nimport { HexInput } from \"../types\";\nimport { Serializer } from \"../bcs\";\nimport { EphemeralKeyPair, KeylessAccount } from \"../account\";\nimport { PepperFetchResponse, ProverResponse } from \"../types/keyless\";\n\nconst APTOS_KEYLESS_PEPPER_PINKAS_VUF_DST = \"APTOS_KEYLESS_PEPPER_PINKAS_VUF_DST\";\n\nfunction stringToUint8Array(str: string): Uint8Array {\n  const encoder = new TextEncoder();\n  return encoder.encode(str);\n}\n\nconst PINKAS_VUF_SECRET_KEY_BASE_AFFINE = bls.G2.hashToCurve(\n  stringToUint8Array(\"APTOS_KEYLESS_PEPPER_PINKAS_VUF_SECRET_KEY_BASE\"),\n  { DST: APTOS_KEYLESS_PEPPER_PINKAS_VUF_DST },\n).toAffine();\n\nfunction getPepperInput(args: { jwt: string; uidKey?: string }): ProjPointType<bigint> {\n  const { jwt, uidKey } = args;\n  const jwtPayload = jwtDecode<{ [key: string]: string }>(jwt);\n  const serializer = new Serializer();\n  serializer.serializeStr(jwtPayload.iss);\n  serializer.serializeStr(jwtPayload.aud);\n  serializer.serializeStr(jwtPayload[uidKey || \"sub\"]);\n  serializer.serializeStr(uidKey || \"sub\");\n  const serial = serializer.toUint8Array();\n  const msg = bls.G1.hashToCurve(serial, { DST: \"APTOS_PEPPER_SERVICE_BLS12381_VUF_DST\" }).toAffine();\n  const pp = bls.G1.ProjectivePoint.fromAffine(msg);\n  return pp;\n}\n\nasync function verifyPepperBase(args: {\n  aptosConfig: AptosConfig;\n  pepperInput: ProjPointType<bigint>;\n  pepperBase: Uint8Array;\n}): Promise<boolean> {\n  const { aptosConfig, pepperInput, pepperBase } = args;\n  const { data: pubKeyResponse } = await getAptosPepperService<any, { vrf_public_key_hex_string: string }>({\n    aptosConfig,\n    path: \"vrf-pub-key\",\n    originMethod: \"getPepper\",\n  });\n  const publicKeyFromService = bls.G2.ProjectivePoint.fromHex(pubKeyResponse.vrf_public_key_hex_string);\n  return bls.verifyShortSignature(pepperBase, pepperInput, publicKeyFromService);\n}\n\nexport async function getPepper(args: {\n  aptosConfig: AptosConfig;\n  jwt: string;\n  ephemeralKeyPair: EphemeralKeyPair;\n  uidKey?: string;\n  derivationPath?: string;\n  verify?: boolean;\n}): Promise<Uint8Array> {\n  const { aptosConfig, jwt, ephemeralKeyPair, uidKey, verify } = args;\n  let { derivationPath } = args;\n\n  const body = {\n    jwt_b64: jwt,\n    epk: ephemeralKeyPair.getPublicKey().bcsToHex().toStringWithoutPrefix(),\n    exp_date_secs: Number(ephemeralKeyPair.expiryDateSecs),\n    epk_blinder: Hex.fromHexInput(ephemeralKeyPair.blinder).toStringWithoutPrefix(),\n    uid_key: uidKey,\n  };\n  // console.log(JSON.stringify(body));\n  const { data } = await postAptosPepperService<any, PepperFetchResponse>({\n    aptosConfig,\n    path: \"fetch\",\n    body,\n    originMethod: \"getPepper\",\n    overrides: { WITH_CREDENTIALS: false },\n  });\n  const pepperBase = Hex.fromHexInput(data.signature).toUint8Array();\n\n  if (verify) {\n    const pepperVerified = verifyPepperBase({ aptosConfig, pepperBase, pepperInput: getPepperInput(args) });\n    if (!pepperVerified) {\n      throw new Error(\"Unable to verify\");\n    }\n  }\n  // This takes the BLS VUF H(m)^sk and transforms it into a Pinkas VUF e(H(m), g_3^sk), where g_3 is the base of the secret key (computed pseudo-randomly via hash-to-curve).\n  // This gives us the freedom of either decentralizing the pepper service as a BLS-based MPC or on top of the validators, by reusing the Pinkas WVUF-based randomness infrastructure.\n  const newPepperBase = bls.pairing(\n    bls.G1.ProjectivePoint.fromHex(pepperBase),\n    bls.G2.ProjectivePoint.fromAffine(PINKAS_VUF_SECRET_KEY_BASE_AFFINE),\n  );\n\n  if (derivationPath === undefined) {\n    derivationPath = APTOS_BIP44_DEFAULT_DERIVATION_PATH;\n  }\n  const pepper = KeylessAccount.fromDerivationPath(derivationPath, bls.fields.Fp12.toBytes(newPepperBase));\n  return pepper.slice(0, 31);\n}\n\nexport async function getProof(args: {\n  aptosConfig: AptosConfig;\n  jwt: string;\n  ephemeralKeyPair: EphemeralKeyPair;\n  pepper: HexInput;\n  uidKey?: string;\n  extraFieldKey?: string;\n}): Promise<SignedGroth16Signature> {\n  const { aptosConfig, jwt, ephemeralKeyPair, pepper, uidKey, extraFieldKey } = args;\n  const jwtPayload = jwtDecode<{ [key: string]: string }>(jwt);\n  let extraField;\n  if (extraFieldKey) {\n    const extraFieldVal = jwtPayload[extraFieldKey];\n    extraField = `\"${extraFieldKey}\":\"${extraFieldVal}\",`;\n  }\n  const json = {\n    jwt_b64: jwt,\n    epk: ephemeralKeyPair.getPublicKey().bcsToHex().toStringWithoutPrefix(),\n    epk_blinder: Hex.fromHexInput(ephemeralKeyPair.blinder).toStringWithoutPrefix(),\n    exp_date_secs: Number(ephemeralKeyPair.expiryDateSecs),\n    exp_horizon_secs: EPK_HORIZON_SECS,\n    pepper: Hex.fromHexInput(pepper).toStringWithoutPrefix(),\n    extra_field: extraFieldKey,\n    uid_key: uidKey || \"sub\",\n  };\n\n  const { data } = await postAptosProvingService<any, ProverResponse>({\n    aptosConfig,\n    path: \"prove\",\n    body: json,\n    originMethod: \"getProof\",\n    overrides: { WITH_CREDENTIALS: false },\n  });\n\n  const proofPoints = data.proof;\n  const proof = new Groth16Zkp({\n    a: proofPoints.a,\n    b: proofPoints.b,\n    c: proofPoints.c,\n  });\n\n  const signedProof = new SignedGroth16Signature({\n    proof,\n    extraField,\n    trainingWheelsSignature: EphemeralSignature.fromHex(data.training_wheels_signature),\n  });\n  return signedProof;\n}\n\nexport async function deriveKeylessAccount(args: {\n  aptosConfig: AptosConfig;\n  jwt: string;\n  ephemeralKeyPair: EphemeralKeyPair;\n  uidKey?: string;\n  pepper?: HexInput;\n  extraFieldKey?: string;\n}): Promise<KeylessAccount> {\n  let { pepper } = args;\n  if (pepper === undefined) {\n    pepper = await getPepper(args);\n  } else if (Hex.fromHexInput(pepper).toUint8Array().length !== 31) {\n    throw new Error(\"Pepper needs to be 31 bytes\");\n  }\n  const proof = await getProof({ ...args, pepper });\n\n  const keylessAccount = KeylessAccount.fromJWTAndProof({ ...args, proof, pepper });\n\n    return keylessAccount;\n}\n"],"mappings":"6VASA,OAAS,aAAAA,MAAiB,aAC1B,OAAS,aAAaC,MAAW,0BAiBjC,IAAMC,EAAsC,sCAE5C,SAASC,EAAmBC,EAAyB,CAEnD,OADgB,IAAI,YAAY,EACjB,OAAOA,CAAG,CAC3B,CAEA,IAAMC,EAAoCC,EAAI,GAAG,YAC/CH,EAAmB,iDAAiD,EACpE,CAAE,IAAKD,CAAoC,CAC7C,EAAE,SAAS,EAEX,SAASK,EAAeC,EAA+D,CACrF,GAAM,CAAE,IAAAC,EAAK,OAAAC,CAAO,EAAIF,EAClBG,EAAaC,EAAqCH,CAAG,EACrDI,EAAa,IAAIC,EACvBD,EAAW,aAAaF,EAAW,GAAG,EACtCE,EAAW,aAAaF,EAAW,GAAG,EACtCE,EAAW,aAAaF,EAAWD,GAAU,KAAK,CAAC,EACnDG,EAAW,aAAaH,GAAU,KAAK,EACvC,IAAMK,EAASF,EAAW,aAAa,EACjCG,EAAMV,EAAI,GAAG,YAAYS,EAAQ,CAAE,IAAK,uCAAwC,CAAC,EAAE,SAAS,EAElG,OADWT,EAAI,GAAG,gBAAgB,WAAWU,CAAG,CAElD,CAEA,eAAeC,EAAiBT,EAIX,CACnB,GAAM,CAAE,YAAAU,EAAa,YAAAC,EAAa,WAAAC,CAAW,EAAIZ,EAC3C,CAAE,KAAMa,CAAe,EAAI,MAAMC,EAAkE,CACvG,YAAAJ,EACA,KAAM,cACN,aAAc,WAChB,CAAC,EACKK,EAAuBjB,EAAI,GAAG,gBAAgB,QAAQe,EAAe,yBAAyB,EACpG,OAAOf,EAAI,qBAAqBc,EAAYD,EAAaI,CAAoB,CAC/E,CAEA,eAAsBC,EAAUhB,EAOR,CACtB,GAAM,CAAE,YAAAU,EAAa,IAAAT,EAAK,iBAAAgB,EAAkB,OAAAf,EAAQ,OAAAgB,CAAO,EAAIlB,EAC3D,CAAE,eAAAmB,CAAe,EAAInB,EAEnBoB,EAAO,CACX,QAASnB,EACT,IAAKgB,EAAiB,aAAa,EAAE,SAAS,EAAE,sBAAsB,EACtE,cAAe,OAAOA,EAAiB,cAAc,EACrD,YAAaI,EAAI,aAAaJ,EAAiB,OAAO,EAAE,sBAAsB,EAC9E,QAASf,CACX,EAEM,CAAE,KAAAoB,CAAK,EAAI,MAAMC,EAAiD,CACtE,YAAAb,EACA,KAAM,QACN,KAAAU,EACA,aAAc,YACd,UAAW,CAAE,iBAAkB,EAAM,CACvC,CAAC,EACKR,EAAaS,EAAI,aAAaC,EAAK,SAAS,EAAE,aAAa,EAEjE,GAAIJ,GAEE,CADmBT,EAAiB,CAAE,YAAAC,EAAa,WAAAE,EAAY,YAAab,EAAeC,CAAI,CAAE,CAAC,EAEpG,MAAM,IAAI,MAAM,kBAAkB,EAKtC,IAAMwB,EAAgB1B,EAAI,QACxBA,EAAI,GAAG,gBAAgB,QAAQc,CAAU,EACzCd,EAAI,GAAG,gBAAgB,WAAWD,CAAiC,CACrE,EAEA,OAAIsB,IAAmB,SACrBA,EAAiBM,GAEJC,EAAe,mBAAmBP,EAAgBrB,EAAI,OAAO,KAAK,QAAQ0B,CAAa,CAAC,EACzF,MAAM,EAAG,EAAE,CAC3B,CAEA,eAAsBG,EAAS3B,EAOK,CAClC,GAAM,CAAE,YAAAU,EAAa,IAAAT,EAAK,iBAAAgB,EAAkB,OAAAW,EAAQ,OAAA1B,EAAQ,cAAA2B,CAAc,EAAI7B,EACxEG,EAAaC,EAAqCH,CAAG,EACvD6B,EACJ,GAAID,EAAe,CACjB,IAAME,EAAgB5B,EAAW0B,CAAa,EAC9CC,EAAa,IAAID,CAAa,MAAME,CAAa,IACnD,CACA,IAAMC,EAAO,CACX,QAAS/B,EACT,IAAKgB,EAAiB,aAAa,EAAE,SAAS,EAAE,sBAAsB,EACtE,YAAaI,EAAI,aAAaJ,EAAiB,OAAO,EAAE,sBAAsB,EAC9E,cAAe,OAAOA,EAAiB,cAAc,EACrD,iBAAkBgB,EAClB,OAAQZ,EAAI,aAAaO,CAAM,EAAE,sBAAsB,EACvD,YAAaC,EACb,QAAS3B,GAAU,KACrB,EAEM,CAAE,KAAAoB,CAAK,EAAI,MAAMY,EAA6C,CAClE,YAAAxB,EACA,KAAM,QACN,KAAMsB,EACN,aAAc,WACd,UAAW,CAAE,iBAAkB,EAAM,CACvC,CAAC,EAEKG,EAAcb,EAAK,MACnBc,EAAQ,IAAIC,EAAW,CAC3B,EAAGF,EAAY,EACf,EAAGA,EAAY,EACf,EAAGA,EAAY,CACjB,CAAC,EAOD,OALoB,IAAIG,EAAuB,CAC7C,MAAAF,EACA,WAAAN,EACA,wBAAyBS,EAAmB,QAAQjB,EAAK,yBAAyB,CACpF,CAAC,CAEH,CAEA,eAAsBkB,EAAqBxC,EAOf,CAC1B,GAAI,CAAE,OAAA4B,CAAO,EAAI5B,EACjB,GAAI4B,IAAW,OACbA,EAAS,MAAMZ,EAAUhB,CAAI,UACpBqB,EAAI,aAAaO,CAAM,EAAE,aAAa,EAAE,SAAW,GAC5D,MAAM,IAAI,MAAM,6BAA6B,EAE/C,IAAMQ,EAAQ,MAAMT,EAAS,CAAE,GAAG3B,EAAM,OAAA4B,CAAO,CAAC,EAI9C,OAFqBF,EAAe,gBAAgB,CAAE,GAAG1B,EAAM,MAAAoC,EAAO,OAAAR,CAAO,CAAC,CAGlF","names":["jwtDecode","bls","APTOS_KEYLESS_PEPPER_PINKAS_VUF_DST","stringToUint8Array","str","PINKAS_VUF_SECRET_KEY_BASE_AFFINE","bls","getPepperInput","args","jwt","uidKey","jwtPayload","jwtDecode","serializer","Serializer","serial","msg","verifyPepperBase","aptosConfig","pepperInput","pepperBase","pubKeyResponse","getAptosPepperService","publicKeyFromService","getPepper","ephemeralKeyPair","verify","derivationPath","body","Hex","data","postAptosPepperService","newPepperBase","APTOS_BIP44_DEFAULT_DERIVATION_PATH","KeylessAccount","getProof","pepper","extraFieldKey","extraField","extraFieldVal","json","EPK_HORIZON_SECS","postAptosProvingService","proofPoints","proof","Groth16Zkp","SignedGroth16Signature","EphemeralSignature","deriveKeylessAccount"]}

package/dist/esm/chunk-PLPCOELE.mjs

@@ -1,2 +0,0 @@
-import{a as r,c as t}from"./chunk-NNA5VEB2.mjs";var i=class{constructor(e){this.config=e}async getPepper(e){return r({aptosConfig:this.config,...e})}async deriveKeylessAccount(e){return t({aptosConfig:this.config,...e})}};export{i as a};
-//# sourceMappingURL=chunk-PLPCOELE.mjs.map

package/dist/esm/chunk-PLPCOELE.mjs.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../../src/api/keyless.ts"],"sourcesContent":["// Copyright © Aptos Foundation\n// SPDX-License-Identifier: Apache-2.0\n\nimport { EphemeralKeyPair, KeylessAccount } from \"../account\";\nimport { deriveKeylessAccount, getPepper } from \"../internal/keyless\";\nimport { HexInput } from \"../types\";\nimport { AptosConfig } from \"./aptosConfig\";\n\n/**\n * A class to query all `OIDB` related queries on Aptos.\n */\nexport class Keyless {\n  constructor(readonly config: AptosConfig) {}\n\n  /**\n   * TODO\n   *\n   * @param args.jwt jwt token\n   * @returns The pepper\n   */\n  async getPepper(args: { jwt: string; ephemeralKeyPair: EphemeralKeyPair }): Promise<Uint8Array> {\n    return getPepper({ aptosConfig: this.config, ...args });\n  }\n\n  async deriveKeylessAccount(args: {\n    jwt: string;\n    ephemeralKeyPair: EphemeralKeyPair;\n    uidKey?: string;\n    pepper?: HexInput;\n    extraFieldKey?: string;\n  }): Promise<KeylessAccount> {\n    return deriveKeylessAccount({ aptosConfig: this.config, ...args });\n  }\n}\n"],"mappings":"gDAWO,IAAMA,EAAN,KAAc,CACnB,YAAqBC,EAAqB,CAArB,YAAAA,CAAsB,CAQ3C,MAAM,UAAUC,EAAgF,CAC9F,OAAOC,EAAU,CAAE,YAAa,KAAK,OAAQ,GAAGD,CAAK,CAAC,CACxD,CAEA,MAAM,qBAAqBA,EAMC,CAC1B,OAAOE,EAAqB,CAAE,YAAa,KAAK,OAAQ,GAAGF,CAAK,CAAC,CACnE,CACF","names":["Keyless","config","args","getPepper","deriveKeylessAccount"]}

package/dist/esm/chunk-W76IQV5K.mjs

@@ -1,2 +0,0 @@
-import{a as m}from"./chunk-6NMHAFIO.mjs";import{b as u,c as h,e as d}from"./chunk-FLYEALDB.mjs";import{a as y,b as p}from"./chunk-7MPJPZ73.mjs";import{b as s}from"./chunk-CQJ4WN7M.mjs";import{a as o}from"./chunk-6IFMQ5AS.mjs";import{a as c}from"./chunk-TVRJ3M7B.mjs";import{b as l}from"./chunk-AOCNYMMX.mjs";import{randomBytes as g}from"@noble/hashes/utils";var b=class t extends c{constructor(e){super();let{privateKey:i,expiryDateSecs:n,blinder:a}=e;this.privateKey=i,this.publicKey=new y(i.publicKey()),this.expiryDateSecs=n||BigInt(f(v()+m)),this.blinder=a!==void 0?l.fromHexInput(a).toUint8Array():S(),this.nonce=this.generateNonce()}getPublicKey(){return this.publicKey}serialize(e){e.serializeU32AsUleb128(this.publicKey.variant),e.serializeBytes(this.privateKey.toUint8Array()),e.serializeU64(this.expiryDateSecs),e.serializeFixedBytes(this.blinder)}static deserialize(e){let i=e.deserializeUleb128AsU32(),n;switch(i){case 0:n=s.deserialize(e);break;default:throw new Error(`Unknown variant index for EphemeralPublicKey: ${i}`)}let a=e.deserializeU64(),K=e.deserializeFixedBytes(31);return new t({privateKey:n,expiryDateSecs:a,blinder:K})}static fromBytes(e){return t.deserialize(new o(e))}static generate(e){let i;switch(e?.scheme){case 0:default:i=s.generate()}return new t({privateKey:i})}generateNonce(){let e=u(this.publicKey.bcsToBytes(),93);return e.push(BigInt(this.expiryDateSecs)),e.push(h(this.blinder)),d(e).toString()}sign(e){return new p(this.privateKey.sign(e))}};function S(){return g(31)}function v(){return Math.floor(new Date().getTime()/1e3)}function f(t){let r=new Date(t*1e3);return r.setMinutes(0),r.setSeconds(0),r.setMilliseconds(0),Math.floor(r.getTime()/1e3)}export{b as a};
-//# sourceMappingURL=chunk-W76IQV5K.mjs.map

package/dist/esm/chunk-W76IQV5K.mjs.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../../src/account/EphemeralKeyPair.ts"],"sourcesContent":["// Copyright © Aptos Foundation\n// SPDX-License-Identifier: Apache-2.0\n\nimport { randomBytes } from \"@noble/hashes/utils\";\n\nimport {\n  EPK_HORIZON_SECS,\n  Ed25519PrivateKey,\n  EphemeralPublicKey,\n  EphemeralSignature,\n  PrivateKey,\n} from \"../core/crypto\";\nimport { Hex } from \"../core/hex\";\nimport { bytesToBigIntLE, padAndPackBytesWithLen, poseidonHash } from \"../core/crypto/poseidon\";\nimport { EphemeralPublicKeyVariant, HexInput, SigningSchemeInput } from \"../types\";\nimport { Deserializer, Serializable, Serializer } from \"../bcs\";\n\nexport class EphemeralKeyPair extends Serializable {\n  readonly blinder: Uint8Array;\n\n  readonly expiryDateSecs: bigint | number;\n\n  readonly nonce: string;\n\n  private privateKey: PrivateKey;\n\n  private publicKey: EphemeralPublicKey;\n\n  constructor(args: { privateKey: PrivateKey; expiryDateSecs?: bigint | number; blinder?: HexInput }) {\n    super();\n    const { privateKey, expiryDateSecs, blinder } = args;\n    this.privateKey = privateKey;\n    this.publicKey = new EphemeralPublicKey(privateKey.publicKey());\n    this.expiryDateSecs = expiryDateSecs || BigInt(floorToWholeHour(currentTimeInSeconds() + EPK_HORIZON_SECS));\n    this.blinder = blinder !== undefined ? Hex.fromHexInput(blinder).toUint8Array() : generateBlinder();\n    this.nonce = this.generateNonce();\n  }\n\n  getPublicKey(): EphemeralPublicKey {\n    return this.publicKey;\n  }\n\n  serialize(serializer: Serializer): void {\n    serializer.serializeU32AsUleb128(this.publicKey.variant);\n    serializer.serializeBytes(this.privateKey.toUint8Array());\n    serializer.serializeU64(this.expiryDateSecs);\n    serializer.serializeFixedBytes(this.blinder);\n  }\n\n  static deserialize(deserializer: Deserializer): EphemeralKeyPair {\n    const variantIndex = deserializer.deserializeUleb128AsU32();\n    let privateKey: PrivateKey;\n    switch (variantIndex) {\n      case EphemeralPublicKeyVariant.Ed25519:\n        privateKey = Ed25519PrivateKey.deserialize(deserializer);\n        break;\n      default:\n        throw new Error(`Unknown variant index for EphemeralPublicKey: ${variantIndex}`);\n    }\n    const expiryDateSecs = deserializer.deserializeU64();\n    const blinder = deserializer.deserializeFixedBytes(31);\n    return new EphemeralKeyPair({ privateKey, expiryDateSecs, blinder });\n  }\n\n  static fromBytes(bytes: Uint8Array): EphemeralKeyPair {\n    return EphemeralKeyPair.deserialize(new Deserializer(bytes));\n  }\n\n  static generate(args?: { scheme: SigningSchemeInput }): EphemeralKeyPair {\n    let privateKey: PrivateKey;\n\n    switch (args?.scheme) {\n      case SigningSchemeInput.Ed25519:\n      default:\n        privateKey = Ed25519PrivateKey.generate();\n    }\n\n    return new EphemeralKeyPair({ privateKey });\n  }\n\n  generateNonce(): string {\n    const fields = padAndPackBytesWithLen(this.publicKey.bcsToBytes(), 93);\n    fields.push(BigInt(this.expiryDateSecs));\n    fields.push(bytesToBigIntLE(this.blinder));\n    const nonceHash = poseidonHash(fields);\n    return nonceHash.toString();\n  }\n\n  /**\n   * Sign the given message with the private key.\n   *   *\n   * @param data in HexInput format\n   * @returns EphemeralSignature\n   */\n  sign(data: HexInput): EphemeralSignature {\n    return new EphemeralSignature(this.privateKey.sign(data));\n  }\n}\n\nfunction generateBlinder(): Uint8Array {\n  return randomBytes(31);\n}\n\nfunction currentTimeInSeconds(): number {\n  return Math.floor(new Date().getTime() / 1000);\n}\n\nfunction floorToWholeHour(timestampInSeconds: number): number {\n  const date = new Date(timestampInSeconds * 1000);\n  // Reset minutes and seconds to zero\n  date.setMinutes(0);\n  date.setSeconds(0);\n  date.setMilliseconds(0);\n  return Math.floor(date.getTime() / 1000);\n}\n"],"mappings":"oTAGA,OAAS,eAAAA,MAAmB,sBAcrB,IAAMC,EAAN,MAAMC,UAAyBC,CAAa,CAWjD,YAAYC,EAAwF,CAClG,MAAM,EACN,GAAM,CAAE,WAAAC,EAAY,eAAAC,EAAgB,QAAAC,CAAQ,EAAIH,EAChD,KAAK,WAAaC,EAClB,KAAK,UAAY,IAAIG,EAAmBH,EAAW,UAAU,CAAC,EAC9D,KAAK,eAAiBC,GAAkB,OAAOG,EAAiBC,EAAqB,EAAIC,CAAgB,CAAC,EAC1G,KAAK,QAAUJ,IAAY,OAAYK,EAAI,aAAaL,CAAO,EAAE,aAAa,EAAIM,EAAgB,EAClG,KAAK,MAAQ,KAAK,cAAc,CAClC,CAEA,cAAmC,CACjC,OAAO,KAAK,SACd,CAEA,UAAUC,EAA8B,CACtCA,EAAW,sBAAsB,KAAK,UAAU,OAAO,EACvDA,EAAW,eAAe,KAAK,WAAW,aAAa,CAAC,EACxDA,EAAW,aAAa,KAAK,cAAc,EAC3CA,EAAW,oBAAoB,KAAK,OAAO,CAC7C,CAEA,OAAO,YAAYC,EAA8C,CAC/D,IAAMC,EAAeD,EAAa,wBAAwB,EACtDV,EACJ,OAAQW,EAAc,CACpB,OACEX,EAAaY,EAAkB,YAAYF,CAAY,EACvD,MACF,QACE,MAAM,IAAI,MAAM,iDAAiDC,CAAY,EAAE,CACnF,CACA,IAAMV,EAAiBS,EAAa,eAAe,EAC7CR,EAAUQ,EAAa,sBAAsB,EAAE,EACrD,OAAO,IAAIb,EAAiB,CAAE,WAAAG,EAAY,eAAAC,EAAgB,QAAAC,CAAQ,CAAC,CACrE,CAEA,OAAO,UAAUW,EAAqC,CACpD,OAAOhB,EAAiB,YAAY,IAAIiB,EAAaD,CAAK,CAAC,CAC7D,CAEA,OAAO,SAASd,EAAyD,CACvE,IAAIC,EAEJ,OAAQD,GAAM,OAAQ,CACpB,OACA,QACEC,EAAaY,EAAkB,SAAS,CAC5C,CAEA,OAAO,IAAIf,EAAiB,CAAE,WAAAG,CAAW,CAAC,CAC5C,CAEA,eAAwB,CACtB,IAAMe,EAASC,EAAuB,KAAK,UAAU,WAAW,EAAG,EAAE,EACrE,OAAAD,EAAO,KAAK,OAAO,KAAK,cAAc,CAAC,EACvCA,EAAO,KAAKE,EAAgB,KAAK,OAAO,CAAC,EACvBC,EAAaH,CAAM,EACpB,SAAS,CAC5B,CAQA,KAAKI,EAAoC,CACvC,OAAO,IAAIC,EAAmB,KAAK,WAAW,KAAKD,CAAI,CAAC,CAC1D,CACF,EAEA,SAASX,GAA8B,CACrC,OAAOa,EAAY,EAAE,CACvB,CAEA,SAAShB,GAA+B,CACtC,OAAO,KAAK,MAAM,IAAI,KAAK,EAAE,QAAQ,EAAI,GAAI,CAC/C,CAEA,SAASD,EAAiBkB,EAAoC,CAC5D,IAAMC,EAAO,IAAI,KAAKD,EAAqB,GAAI,EAE/C,OAAAC,EAAK,WAAW,CAAC,EACjBA,EAAK,WAAW,CAAC,EACjBA,EAAK,gBAAgB,CAAC,EACf,KAAK,MAAMA,EAAK,QAAQ,EAAI,GAAI,CACzC","names":["randomBytes","EphemeralKeyPair","_EphemeralKeyPair","Serializable","args","privateKey","expiryDateSecs","blinder","EphemeralPublicKey","floorToWholeHour","currentTimeInSeconds","EPK_HORIZON_SECS","Hex","generateBlinder","serializer","deserializer","variantIndex","Ed25519PrivateKey","bytes","Deserializer","fields","padAndPackBytesWithLen","bytesToBigIntLE","poseidonHash","data","EphemeralSignature","randomBytes","timestampInSeconds","date"]}

package/dist/esm/chunk-YGHLXEB4.mjs

@@ -1,2 +0,0 @@
-var t="1.13.3-zeta.0";export{t as a};
-//# sourceMappingURL=chunk-YGHLXEB4.mjs.map