@aptos-labs/ts-sdk 1.14.0-zeta.3 → 1.15.0-win.0

package/dist/esm/internal/keyless.d.mts

@@ -1,68 +0,0 @@
-import { AptosConfig } from '../api/aptosConfig.mjs';
-import { HexInput } from '../types/index.mjs';
-import { ZeroKnowledgeSig } from '../core/crypto/keyless.mjs';
-import { EphemeralKeyPair } from '../account/EphemeralKeyPair.mjs';
-import { ProofFetchCallback, KeylessAccount } from '../account/KeylessAccount.mjs';
-import '../utils/apiEndpoints.mjs';
-import '../utils/const.mjs';
-import '../types/indexer.mjs';
-import '../types/generated/operations.mjs';
-import '../types/generated/types.mjs';
-import '../publicKey-lq5djCIY.mjs';
-import '../bcs/serializer.mjs';
-import '../core/hex.mjs';
-import '../core/common.mjs';
-import '../core/accountAddress.mjs';
-import '../bcs/deserializer.mjs';
-import '../transactions/instances/transactionArgument.mjs';
-import '../core/crypto/signature.mjs';
-import '../core/crypto/ephemeral.mjs';
-import '../core/crypto/proof.mjs';
-import '../core/crypto/privateKey.mjs';
-import 'eventemitter3';
-import '../Ed25519Account-9zBaZEnp.mjs';
-import '../transactions/authenticator/account.mjs';
-import '../core/crypto/ed25519.mjs';
-import '../core/crypto/multiEd25519.mjs';
-import '../core/crypto/multiKey.mjs';
-import '../core/crypto/singleKey.mjs';
-import '../transactions/types.mjs';
-import '../bcs/serializable/moveStructs.mjs';
-import '../bcs/serializable/movePrimitives.mjs';
-import '../bcs/serializable/fixedBytes.mjs';
-import '../transactions/instances/rawTransaction.mjs';
-import '../transactions/instances/chainId.mjs';
-import '../transactions/instances/transactionPayload.mjs';
-import '../transactions/instances/identifier.mjs';
-import '../transactions/instances/moduleId.mjs';
-import '../transactions/typeTag/index.mjs';
-import '../transactions/instances/simpleTransaction.mjs';
-import '../transactions/instances/multiAgentTransaction.mjs';
-
-declare function getPepper(args: {
-    aptosConfig: AptosConfig;
-    jwt: string;
-    ephemeralKeyPair: EphemeralKeyPair;
-    uidKey?: string;
-    derivationPath?: string;
-    verify?: boolean;
-}): Promise<Uint8Array>;
-declare function getProof(args: {
-    aptosConfig: AptosConfig;
-    jwt: string;
-    ephemeralKeyPair: EphemeralKeyPair;
-    pepper: HexInput;
-    uidKey?: string;
-    extraFieldKey?: string;
-}): Promise<ZeroKnowledgeSig>;
-declare function deriveKeylessAccount(args: {
-    aptosConfig: AptosConfig;
-    jwt: string;
-    ephemeralKeyPair: EphemeralKeyPair;
-    uidKey?: string;
-    pepper?: HexInput;
-    extraFieldKey?: string;
-    proofFetchCallback?: ProofFetchCallback;
-}): Promise<KeylessAccount>;
-
-export { deriveKeylessAccount, getPepper, getProof };

package/dist/esm/internal/keyless.mjs

@@ -1,2 +0,0 @@
-import{a,b,c}from"../chunk-75J7H3XD.mjs";import"../chunk-7Z6DYLCA.mjs";import"../chunk-Y4SSUCPJ.mjs";import"../chunk-HMFL7AOJ.mjs";import"../chunk-VPKPQBKL.mjs";import"../chunk-VSD2AWUR.mjs";import"../chunk-RKTM5GBP.mjs";import"../chunk-Y33CIIZX.mjs";import"../chunk-XZGQMZ2H.mjs";import"../chunk-4NMDYPUD.mjs";import"../chunk-5XOFEQWC.mjs";import"../chunk-CB6CNNM2.mjs";import"../chunk-UYVPNUH3.mjs";import"../chunk-HYU23YVP.mjs";import"../chunk-2ECWQRBB.mjs";import"../chunk-H62IKYXG.mjs";import"../chunk-MWUJCP27.mjs";import"../chunk-ZNEBMSNC.mjs";import"../chunk-NC5HHEEM.mjs";import"../chunk-3VGX3TXH.mjs";import"../chunk-MGOHPDX4.mjs";import"../chunk-3S3GIUQY.mjs";import"../chunk-HYDDIAJ6.mjs";import"../chunk-RFSO3JRG.mjs";import"../chunk-AQ4I7VVB.mjs";import"../chunk-HHVAU5HU.mjs";import"../chunk-JLWKIYHV.mjs";import"../chunk-YV7OBLK2.mjs";import"../chunk-KUX6GQ2E.mjs";import"../chunk-3CUVYW32.mjs";import"../chunk-PGCBIU33.mjs";import"../chunk-FLYEALDB.mjs";import"../chunk-N466X3S6.mjs";import"../chunk-25H3DXTL.mjs";import"../chunk-SI7MPP6G.mjs";import"../chunk-TJDC5PWD.mjs";import"../chunk-COW5IGYC.mjs";import"../chunk-STYDBDYL.mjs";import"../chunk-LR65XHSF.mjs";import"../chunk-7STYQ5ZE.mjs";import"../chunk-T23OVRNF.mjs";import"../chunk-N2FKVZ4D.mjs";import"../chunk-YGOJYDJA.mjs";import"../chunk-YNNPWCF6.mjs";import"../chunk-WM2NCYZL.mjs";import"../chunk-GED6IT3S.mjs";import"../chunk-UTXJOB3O.mjs";import"../chunk-RKHPXZM6.mjs";import"../chunk-FZY4PMEE.mjs";import"../chunk-EB7AI4B4.mjs";import"../chunk-6RBUXB5I.mjs";import"../chunk-C3L4ETUF.mjs";import"../chunk-3FVRXELT.mjs";import"../chunk-JM2B5E2I.mjs";import"../chunk-4WPQQPUF.mjs";import"../chunk-VT6XJSRO.mjs";import"../chunk-TVRJ3M7B.mjs";import"../chunk-AOCNYMMX.mjs";import"../chunk-FBPNHF54.mjs";import"../chunk-56CNRT2K.mjs";import"../chunk-NBEXLW7P.mjs";import"../chunk-JM544NRW.mjs";import"../chunk-YE5B2S5L.mjs";import"../chunk-FVA2OPG4.mjs";export{c as deriveKeylessAccount,a as getPepper,b as getProof};
-//# sourceMappingURL=keyless.mjs.map

package/dist/esm/internal/keyless.mjs.map

@@ -1 +0,0 @@
-{"version":3,"sources":[],"sourcesContent":[],"mappings":"","names":[]}

package/dist/esm/types/keyless.d.mts

@@ -1,69 +0,0 @@
-import { KeylessAccount } from '../account/KeylessAccount.mjs';
-import { AptosApiError } from '../client/types.mjs';
-import 'eventemitter3';
-import './index.mjs';
-import '../utils/apiEndpoints.mjs';
-import './indexer.mjs';
-import './generated/operations.mjs';
-import './generated/types.mjs';
-import '../core/accountAddress.mjs';
-import '../bcs/serializer.mjs';
-import '../core/hex.mjs';
-import '../core/common.mjs';
-import '../bcs/deserializer.mjs';
-import '../transactions/instances/transactionArgument.mjs';
-import '../core/crypto/signature.mjs';
-import '../core/crypto/keyless.mjs';
-import '../publicKey-lq5djCIY.mjs';
-import '../core/crypto/ephemeral.mjs';
-import '../core/crypto/proof.mjs';
-import '../Ed25519Account-9zBaZEnp.mjs';
-import '../transactions/authenticator/account.mjs';
-import '../core/crypto/ed25519.mjs';
-import '../core/crypto/privateKey.mjs';
-import '../core/crypto/multiEd25519.mjs';
-import '../core/crypto/multiKey.mjs';
-import '../core/crypto/singleKey.mjs';
-import '../transactions/types.mjs';
-import '../api/aptosConfig.mjs';
-import '../utils/const.mjs';
-import '../bcs/serializable/moveStructs.mjs';
-import '../bcs/serializable/movePrimitives.mjs';
-import '../bcs/serializable/fixedBytes.mjs';
-import '../transactions/instances/rawTransaction.mjs';
-import '../transactions/instances/chainId.mjs';
-import '../transactions/instances/transactionPayload.mjs';
-import '../transactions/instances/identifier.mjs';
-import '../transactions/instances/moduleId.mjs';
-import '../transactions/typeTag/index.mjs';
-import '../transactions/instances/simpleTransaction.mjs';
-import '../transactions/instances/multiAgentTransaction.mjs';
-import '../account/EphemeralKeyPair.mjs';
-
-type ProverResponse = {
-    proof: {
-        a: string;
-        b: string;
-        c: string;
-    };
-    public_inputs_hash: string;
-    training_wheels_signature: string;
-};
-type PepperFetchResponse = {
-    signature: string;
-    pepper: string;
-    address: string;
-};
-declare enum KeylessErrorType {
-    JWK_EXPIRED = 0,
-    EPK_EXPIRED = 1,
-    UNKNOWN_INVALID_SIGNATURE = 2,
-    UNKNOWN = 3
-}
-declare class KeylessError extends Error {
-    readonly type: KeylessErrorType;
-    private constructor();
-    static fromAptosApiError(error: AptosApiError, signer: KeylessAccount): Promise<KeylessError>;
-}
-
-export { KeylessError, KeylessErrorType, type PepperFetchResponse, type ProverResponse };

package/dist/esm/types/keyless.mjs

@@ -1,2 +0,0 @@
-import{a,b}from"../chunk-3COVJN6Z.mjs";import"../chunk-FVA2OPG4.mjs";export{b as KeylessError,a as KeylessErrorType};
-//# sourceMappingURL=keyless.mjs.map

package/dist/esm/types/keyless.mjs.map

@@ -1 +0,0 @@
-{"version":3,"sources":[],"sourcesContent":[],"mappings":"","names":[]}

package/src/account/EphemeralKeyPair.ts

@@ -1,161 +0,0 @@
-// Copyright © Aptos Foundation
-// SPDX-License-Identifier: Apache-2.0
-
-import { randomBytes } from "@noble/hashes/utils";
-
-import {
-  EPK_HORIZON_SECS,
-  Ed25519PrivateKey,
-  EphemeralPublicKey,
-  EphemeralSignature,
-  PrivateKey,
-} from "../core/crypto";
-import { Hex } from "../core/hex";
-import { bytesToBigIntLE, padAndPackBytesWithLen, poseidonHash } from "../core/crypto/poseidon";
-import { EphemeralPublicKeyVariant, HexInput } from "../types";
-import { Deserializer, Serializable, Serializer } from "../bcs";
-
-export class EphemeralKeyPair extends Serializable {
-  static readonly BLINDER_LENGTH: number = 31;
-
-  /**
-   * A byte array of length BLINDER_LENGTH used to obfuscate the public key from the IdP.
-   * Used in calculating the nonce passed to the IdP and as a secret witness in proof generation.
-   */
-  readonly blinder: Uint8Array;
-
-  /**
-   * A timestamp in seconds indicating when the ephemeral key pair is expired.  After expiry, a new
-   * EphemeralKeyPair must be generated and a new JWT needs to be created.
-   */
-  readonly expiryDateSecs: bigint | number;
-
-  /**
-   * The value passed to the IdP when the user authenticates.  It comprises of a hash of the
-   * ephermeral public key, expiry date, and blinder.
-   */
-  readonly nonce: string;
-
-  /**
-   * A private key used to sign transactions.  This private key is not tied to any account on the chain as it
-   * is ephemeral in nature.
-   */
-  private privateKey: PrivateKey;
-
-  /**
-   * A public key used to verify transactions.  This public key is not tied to any account on the chain as it
-   * is ephemeral in nature.
-   */
-  private publicKey: EphemeralPublicKey;
-
-  constructor(args: { privateKey: PrivateKey; expiryDateSecs?: bigint | number; blinder?: HexInput }) {
-    super();
-    const { privateKey, expiryDateSecs, blinder } = args;
-    this.privateKey = privateKey;
-    this.publicKey = new EphemeralPublicKey(privateKey.publicKey());
-    // We set the expiry date to be the nearest floored hour
-    this.expiryDateSecs = expiryDateSecs || BigInt(floorToWholeHour(currentTimeInSeconds() + EPK_HORIZON_SECS));
-    // Generate the blinder if not provided
-    this.blinder = blinder !== undefined ? Hex.fromHexInput(blinder).toUint8Array() : generateBlinder();
-    // Calculate the nonce
-    this.nonce = this.generateNonce();
-  }
-
-  /**
-   * Returns the public key of the key pair.
-   * @return EphemeralPublicKey
-   */
-  getPublicKey(): EphemeralPublicKey {
-    return this.publicKey;
-  }
-
-  /**
-   * Returns the public key of the key pair.
-   * @return boolean
-   */
-  isExpired(): boolean {
-    const currentTimeSecs: number = Math.floor(Date.now() / 1000);
-    return currentTimeSecs > this.expiryDateSecs;
-  }
-
-  serialize(serializer: Serializer): void {
-    serializer.serializeU32AsUleb128(this.publicKey.variant);
-    serializer.serializeBytes(this.privateKey.toUint8Array());
-    serializer.serializeU64(this.expiryDateSecs);
-    serializer.serializeFixedBytes(this.blinder);
-  }
-
-  static deserialize(deserializer: Deserializer): EphemeralKeyPair {
-    const variantIndex = deserializer.deserializeUleb128AsU32();
-    let privateKey: PrivateKey;
-    switch (variantIndex) {
-      case EphemeralPublicKeyVariant.Ed25519:
-        privateKey = Ed25519PrivateKey.deserialize(deserializer);
-        break;
-      default:
-        throw new Error(`Unknown variant index for EphemeralPublicKey: ${variantIndex}`);
-    }
-    const expiryDateSecs = deserializer.deserializeU64();
-    const blinder = deserializer.deserializeFixedBytes(31);
-    return new EphemeralKeyPair({ privateKey, expiryDateSecs, blinder });
-  }
-
-  static fromBytes(bytes: Uint8Array): EphemeralKeyPair {
-    return EphemeralKeyPair.deserialize(new Deserializer(bytes));
-  }
-
-  /**
-   * Returns the public key of the key pair.
-   * @param scheme the type of keypair to use for the EphemeralKeyPair.  Only Ed25519 supported for now.
-   * @return boolean
-   */
-  static generate(args?: { scheme: EphemeralPublicKeyVariant }): EphemeralKeyPair {
-    let privateKey: PrivateKey;
-
-    switch (args?.scheme) {
-      case EphemeralPublicKeyVariant.Ed25519:
-      default:
-        privateKey = Ed25519PrivateKey.generate();
-    }
-
-    return new EphemeralKeyPair({ privateKey });
-  }
-
-  private generateNonce(): string {
-    const fields = padAndPackBytesWithLen(this.publicKey.bcsToBytes(), 93);
-    fields.push(BigInt(this.expiryDateSecs));
-    fields.push(bytesToBigIntLE(this.blinder));
-    const nonceHash = poseidonHash(fields);
-    return nonceHash.toString();
-  }
-
-  /**
-   * Sign the given message with the private key.
-   *
-   * @param data in HexInput format
-   * @returns EphemeralSignature
-   */
-  sign(data: HexInput): EphemeralSignature {
-    if (this.isExpired()) {
-      throw new Error("EphemeralKeyPair has expired");
-    }
-    return new EphemeralSignature(this.privateKey.sign(data));
-  }
-}
-
-function generateBlinder(): Uint8Array {
-  return randomBytes(EphemeralKeyPair.BLINDER_LENGTH);
-}
-
-function currentTimeInSeconds(): number {
-  return Math.floor(new Date().getTime() / 1000);
-}
-
-function floorToWholeHour(timestampInSeconds: number): number {
-  const date = new Date(timestampInSeconds * 1000);
-  // Reset minutes and seconds to zero
-  date.setMinutes(0);
-  date.setSeconds(0);
-  date.setMilliseconds(0);
-  return Math.floor(date.getTime() / 1000);
-}

package/src/account/KeylessAccount.ts

@@ -1,341 +0,0 @@
-// Copyright © Aptos Foundation
-// SPDX-License-Identifier: Apache-2.0
-
-import { JwtPayload, jwtDecode } from "jwt-decode";
-import { JwksClient } from "jwks-rsa";
-import { decode } from "js-base64";
-import EventEmitter from "eventemitter3";
-import { EphemeralCertificateVariant, HexInput, SigningScheme } from "../types";
-import { AccountAddress } from "../core/accountAddress";
-import {
-  AnyPublicKey,
-  AnySignature,
-  KeylessPublicKey,
-  KeylessSignature,
-  EphemeralCertificate,
-  Signature,
-  ZeroKnowledgeSig,
-  ZkProof,
-} from "../core/crypto";
-
-import { Account } from "./Account";
-import { EphemeralKeyPair } from "./EphemeralKeyPair";
-import { Hex } from "../core/hex";
-import { AccountAuthenticatorSingleKey } from "../transactions/authenticator/account";
-import { Deserializer, Serializable, Serializer } from "../bcs";
-import {
-  deriveTransactionType,
-  generateSigningMessageForSerializable,
-} from "../transactions/transactionBuilder/signingMessage";
-import { AnyRawTransaction, AnyRawTransactionInstance } from "../transactions/types";
-
-export const IssuerToJwkEndpoint: Record<string, string> = {
-  "https://accounts.google.com": "https://www.googleapis.com/oauth2/v3/certs",
-};
-
-export class KeylessAccount extends Serializable implements Account {
-  static readonly PEPPER_LENGTH: number = 31;
-
-  readonly publicKey: KeylessPublicKey;
-
-  readonly ephemeralKeyPair: EphemeralKeyPair;
-
-  readonly uidKey: string;
-
-  readonly uidVal: string;
-
-  readonly aud: string;
-
-  readonly pepper: Uint8Array;
-
-  readonly accountAddress: AccountAddress;
-
-  proof: ZeroKnowledgeSig | undefined;
-
-  readonly proofOrPromise: ZeroKnowledgeSig | Promise<ZeroKnowledgeSig>;
-
-  readonly signingScheme: SigningScheme;
-
-  private jwt: string;
-
-  private isJwtValid: boolean;
-
-  readonly emitter: EventEmitter<ProofFetchEvents>;
-
-  constructor(args: {
-    address?: AccountAddress;
-    ephemeralKeyPair: EphemeralKeyPair;
-    iss: string;
-    uidKey: string;
-    uidVal: string;
-    aud: string;
-    pepper: HexInput;
-    proofOrFetcher: ZeroKnowledgeSig | Promise<ZeroKnowledgeSig>;
-    proofFetchCallback?: ProofFetchCallback;
-    jwt: string;
-  }) {
-    super();
-    const { address, ephemeralKeyPair, uidKey, uidVal, aud, pepper, proofOrFetcher, proofFetchCallback, jwt } = args;
-    this.ephemeralKeyPair = ephemeralKeyPair;
-    this.publicKey = KeylessPublicKey.create(args);
-    this.accountAddress = address ? AccountAddress.from(address) : this.publicKey.authKey().derivedAddress();
-    this.uidKey = uidKey;
-    this.uidVal = uidVal;
-    this.aud = aud;
-    this.jwt = jwt;
-    this.emitter = new EventEmitter<ProofFetchEvents>();
-    this.proofOrPromise = proofOrFetcher;
-    if (proofOrFetcher instanceof ZeroKnowledgeSig) {
-      this.proof = proofOrFetcher;
-    } else {
-      if (proofFetchCallback === undefined) {
-        throw new Error("Must provide callback for async proof fetch");
-      }
-      this.emitter.on("proofFetchFinish", async (status) => {
-        await proofFetchCallback(status);
-        this.emitter.removeAllListeners();
-      });
-      this.init(proofOrFetcher);
-    }
-    this.signingScheme = SigningScheme.SingleKey;
-    const pepperBytes = Hex.fromHexInput(pepper).toUint8Array();
-    if (pepperBytes.length !== KeylessAccount.PEPPER_LENGTH) {
-      throw new Error(`Pepper length in bytes should be ${KeylessAccount.PEPPER_LENGTH}`);
-    }
-    this.pepper = pepperBytes;
-    this.isJwtValid = true;
-  }
-
-  /**
-   * This initializes the asyncronous proof fetch
-   * @return
-   */
-  async init(promise: Promise<ZeroKnowledgeSig>) {
-    try {
-      this.proof = await promise;
-      this.emitter.emit("proofFetchFinish", { status: "Success" });
-    } catch (error) {
-      if (error instanceof Error) {
-        this.emitter.emit("proofFetchFinish", { status: "Failed", error: error.toString() });
-      } else {
-        this.emitter.emit("proofFetchFinish", { status: "Failed", error: "Unknown" });
-      }
-    }
-  }
-
-  serialize(serializer: Serializer): void {
-    serializer.serializeStr(this.jwt);
-    serializer.serializeStr(this.uidKey);
-    serializer.serializeFixedBytes(this.pepper);
-    this.ephemeralKeyPair.serialize(serializer);
-    if (this.proof === undefined) {
-      throw new Error("Connot serialize - proof undefined");
-    }
-    this.proof.serialize(serializer);
-  }
-
-  static deserialize(deserializer: Deserializer): KeylessAccount {
-    const jwt = deserializer.deserializeStr();
-    const uidKey = deserializer.deserializeStr();
-    const pepper = deserializer.deserializeFixedBytes(31);
-    const ephemeralKeyPair = EphemeralKeyPair.deserialize(deserializer);
-    const proof = ZeroKnowledgeSig.deserialize(deserializer);
-    return KeylessAccount.fromJWTAndProof({
-      proof,
-      pepper,
-      uidKey,
-      jwt,
-      ephemeralKeyPair,
-    });
-  }
-
-  /**
-   * Checks if the proof is expired.  If so the account must be rederived with a new EphemeralKeyPair
-   * and JWT token.
-   * @return boolean
-   */
-  isExpired(): boolean {
-    return this.ephemeralKeyPair.isExpired();
-  }
-
-  /**
-   * Checks if the the JWK used to verify the token still exists on the issuer's JWK uri.
-   * Caches the result.
-   * @return boolean
-   */
-  async checkJwkValidity(): Promise<boolean> {
-    if (!this.isJwtValid) {
-      return false;
-    }
-    const jwtHeader = jwtDecode(this.jwt, { header: true });
-    const client = new JwksClient({
-      jwksUri: IssuerToJwkEndpoint[this.publicKey.iss],
-    });
-    try {
-      await client.getSigningKey(jwtHeader.kid);
-      return true;
-    } catch (error) {
-      this.isJwtValid = false;
-      return false;
-    }
-  }
-
-  /**
-   * Sign a message using Keyless.
-   * @param message the message to sign, as binary input
-   * @return the AccountAuthenticator containing the signature, together with the account's public key
-   */
-  signWithAuthenticator(message: HexInput): AccountAuthenticatorSingleKey {
-    const signature = new AnySignature(this.sign(message));
-    const publicKey = new AnyPublicKey(this.publicKey);
-    return new AccountAuthenticatorSingleKey(publicKey, signature);
-  }
-
-  /**
-   * Sign a transaction using Keyless.
-   * @param transaction the raw transaction
-   * @return the AccountAuthenticator containing the signature of the transaction, together with the account's public key
-   */
-  signTransactionWithAuthenticator(transaction: AnyRawTransaction): AccountAuthenticatorSingleKey {
-    const signature = new AnySignature(this.signTransaction(transaction));
-    const publicKey = new AnyPublicKey(this.publicKey);
-    return new AccountAuthenticatorSingleKey(publicKey, signature);
-  }
-
-  /**
-   * Waits for asyncronous proof fetching to finish.
-   * @return
-   */
-  async waitForProofFetch() {
-    if (this.proofOrPromise instanceof Promise) {
-      await this.proofOrPromise;
-    }
-  }
-
-  /**
-   * Sign the given message using Keyless.
-   * @param message in HexInput format
-   * @returns Signature
-   */
-  sign(data: HexInput): KeylessSignature {
-    const { expiryDateSecs } = this.ephemeralKeyPair;
-    if (this.isExpired()) {
-      throw new Error("Ephemeral key pair is expired.");
-    }
-    if (this.proof === undefined) {
-      throw new Error("Proof not found");
-    }
-    if (!this.isJwtValid) {
-      throw new Error("The proof has expired. Please refetch proof");
-    }
-    const ephemeralPublicKey = this.ephemeralKeyPair.getPublicKey();
-    const ephemeralSignature = this.ephemeralKeyPair.sign(data);
-
-    return new KeylessSignature({
-      jwtHeader: base64UrlDecode(this.jwt.split(".")[0]),
-      ephemeralCertificate: new EphemeralCertificate(this.proof, EphemeralCertificateVariant.ZkProof),
-      expiryDateSecs,
-      ephemeralPublicKey,
-      ephemeralSignature,
-    });
-  }
-
-  /**
-   * Sign the given transaction with Keyless.
-   * Signs the transaction and proof to guard against proof malleability.
-   * @param transaction the transaction to be signed
-   * @returns KeylessSignature
-   */
-  signTransaction(transaction: AnyRawTransaction): KeylessSignature {
-    if (this.proof === undefined) {
-      throw new Error("Proof not found");
-    }
-    const raw = deriveTransactionType(transaction);
-    const txnAndProof = new TransactionAndProof(raw, this.proof.proof);
-    const signMess = generateSigningMessageForSerializable(txnAndProof);
-    return this.sign(signMess);
-  }
-
-  // eslint-disable-next-line @typescript-eslint/no-unused-vars, class-methods-use-this
-  verifySignature(args: { message: HexInput; signature: Signature }): boolean {
-    throw new Error("Not implemented");
-  }
-
-  static fromBytes(bytes: Uint8Array): KeylessAccount {
-    return KeylessAccount.deserialize(new Deserializer(bytes));
-  }
-
-  static fromJWTAndProof(args: {
-    proof: ZeroKnowledgeSig | Promise<ZeroKnowledgeSig>;
-    jwt: string;
-    ephemeralKeyPair: EphemeralKeyPair;
-    pepper: HexInput;
-    uidKey?: string;
-    proofFetchCallback?: ProofFetchCallback;
-  }): KeylessAccount {
-    const { proof, jwt, ephemeralKeyPair, pepper, proofFetchCallback } = args;
-    const uidKey = args.uidKey ?? "sub";
-
-    const jwtPayload = jwtDecode<JwtPayload & { [key: string]: string }>(jwt);
-    const iss = jwtPayload.iss!;
-    if (typeof jwtPayload.aud !== "string") {
-      throw new Error("aud was not found or an array of values");
-    }
-    const aud = jwtPayload.aud!;
-    const uidVal = jwtPayload[uidKey];
-    return new KeylessAccount({
-      proofOrFetcher: proof,
-      ephemeralKeyPair,
-      iss,
-      uidKey,
-      uidVal,
-      aud,
-      pepper,
-      jwt,
-      proofFetchCallback,
-    });
-  }
-}
-
-class TransactionAndProof extends Serializable {
-  transaction: AnyRawTransactionInstance;
-
-  proof?: ZkProof;
-
-  constructor(transaction: AnyRawTransactionInstance, proof?: ZkProof) {
-    super();
-    this.transaction = transaction;
-    this.proof = proof;
-  }
-
-  serialize(serializer: Serializer): void {
-    serializer.serializeFixedBytes(this.transaction.bcsToBytes());
-    serializer.serializeOption(this.proof);
-  }
-}
-
-function base64UrlDecode(base64Url: string): string {
-  // Replace base64url-specific characters
-  const base64 = base64Url.replace(/-/g, "+").replace(/_/g, "/");
-  // Pad the string with '=' characters if needed
-  const paddedBase64 = base64 + "==".substring(0, (3 - (base64.length % 3)) % 3);
-  const decodedString = decode(paddedBase64);
-  return decodedString;
-}
-
-export type ProofFetchSuccess = {
-  status: "Success";
-};
-
-export type ProofFetchFailure = {
-  status: "Failed";
-  error: string;
-};
-
-export type ProofFetchStatus = ProofFetchSuccess | ProofFetchFailure;
-
-export type ProofFetchCallback = (status: ProofFetchStatus) => Promise<void>;
-
-export interface ProofFetchEvents {
-  proofFetchFinish: (status: ProofFetchStatus) => void;
-}