@aptos-labs/ts-sdk 7.0.1 → 7.1.0

package/src/transactions/transactionBuilder/encryptPayload.ts

@@ -4,7 +4,7 @@
 import { AptosConfig } from "../../api/aptosConfig.js";
 import { AccountAddress, AccountAddressInput } from "../../core/index.js";
 import { AuthenticationKey } from "../../core/authenticationKey.js";
-import { AccountPublicKey } from "../../core/crypto/index.js";
+import { fetchAndCacheAuthKeyForAddress } from "../../internal/account.js";
 import { fetchAndCacheEncryptionKey } from "../../internal/encryptionKey.js";
 import {
   ClaimedEntryFunction,
@@ -103,76 +103,81 @@ function resolveClaimedEntryFun(args: {
   return undefined;
 }
 
-function resolveAuthKey(input: HexInput | AccountPublicKey): AuthenticationKey {
-  if (input instanceof AccountPublicKey) {
-    return input.authKey();
+function resolveAuthKey(input: AuthenticationKey | HexInput): AuthenticationKey {
+  if (input instanceof AuthenticationKey) {
+    return input;
   }
   return new AuthenticationKey({ data: input });
 }
 
 /**
- * Validates auth-key options and assembles `(address, authenticationKey)` pairs in
- * `TransactionAuthenticator::all_signer_auth_keys` order: sender, secondaries, fee payer last.
+ * Assembles `(address, authenticationKey)` pairs in `TransactionAuthenticator::all_signer_auth_keys` order
+ * (sender, secondaries, fee payer last). Auth keys not supplied in `options` are fetched from chain via
+ * `fetchAndCacheAuthKeyForAddress`, which caches per `(network, address)` for ~1 hour.
  */
-function buildSignerAuthKeys(args: {
+async function buildSignerAuthKeys(args: {
+  aptosConfig: AptosConfig;
   sender: AccountAddress;
   options: InputGenerateTransactionOptions;
   feePayerAddress?: AccountAddressInput;
   secondarySignerAddresses?: AccountAddressInput[];
-}): { sender: SignerAuthKeyPair; additional: SignerAuthKeyPair[] | undefined } {
-  const { sender, options, feePayerAddress, secondarySignerAddresses } = args;
+}): Promise<{ sender: SignerAuthKeyPair; additional: SignerAuthKeyPair[] | undefined }> {
+  const { aptosConfig, sender, options, feePayerAddress, secondarySignerAddresses } = args;
 
-  if (options.authenticationKey === undefined) {
+  const secondaryAddrs = secondarySignerAddresses ?? [];
+  const secondaryAuthInputs = options.secondarySignerAuthenticationKeys;
+  if (secondaryAddrs.length === 0 && secondaryAuthInputs !== undefined && secondaryAuthInputs.length > 0) {
     throw new Error(
-      "options.authenticationKey is required when options.encrypted is true. " +
-        "Pass the sender's AccountPublicKey or a raw 32-byte auth key hex string.",
+      "options.secondarySignerAuthenticationKeys was set but no secondarySignerAddresses were provided to generateRawTransaction.",
     );
   }
-  const secondaryAddrs = secondarySignerAddresses ?? [];
-  const secondaryAuthHex = options.secondarySignerAuthenticationKeys;
-  if (secondaryAddrs.length > 0) {
-    if (!secondaryAuthHex || secondaryAuthHex.length !== secondaryAddrs.length) {
-      throw new Error(
-        "Encrypted multi-agent transactions require options.secondarySignerAuthenticationKeys with one entry per secondarySignerAddresses entry, in the same order. " +
-          "Each entry may be an AccountPublicKey or a raw 32-byte auth key hex string.",
-      );
-    }
-  } else if (secondaryAuthHex !== undefined && secondaryAuthHex.length > 0) {
+  if (
+    secondaryAddrs.length > 0 &&
+    secondaryAuthInputs !== undefined &&
+    secondaryAuthInputs.length !== secondaryAddrs.length
+  ) {
     throw new Error(
-      "options.secondarySignerAuthenticationKeys was set but no secondarySignerAddresses were provided to generateRawTransaction.",
+      "Encrypted multi-agent transactions require options.secondarySignerAuthenticationKeys (when provided) to have one entry per secondarySignerAddresses entry, in the same order. " +
+        "Leave individual entries undefined to fetch them from chain.",
     );
   }
 
   const feePayerAddr = feePayerAddress !== undefined ? AccountAddress.from(feePayerAddress) : undefined;
   const hasNonZeroFeePayer = feePayerAddr !== undefined && !feePayerAddr.equals(AccountAddress.ZERO);
-  if (hasNonZeroFeePayer && options.feePayerAuthenticationKey === undefined) {
-    throw new Error(
-      "options.feePayerAuthenticationKey is required when options.encrypted is true and feePayerAddress is a non-zero sponsor. " +
-        "Must match the fee payer authenticator; AAD order is sender, then secondaries, then fee payer (aptos-core `all_signer_auth_keys`).",
-    );
-  }
   if (options.feePayerAuthenticationKey !== undefined && !hasNonZeroFeePayer) {
     throw new Error(
       "options.feePayerAuthenticationKey was set but feePayerAddress is missing or the zero address (no on-chain fee payer for AAD).",
     );
   }
 
-  const senderPair: SignerAuthKeyPair = {
-    address: sender,
-    authenticationKey: resolveAuthKey(options.authenticationKey),
+  const resolveFor = async (
+    address: AccountAddress,
+    input: AuthenticationKey | HexInput | undefined,
+  ): Promise<AuthenticationKey> => {
+    if (input !== undefined) {
+      return resolveAuthKey(input);
+    }
+    return fetchAndCacheAuthKeyForAddress({ aptosConfig, accountAddress: address });
   };
-  const additional: SignerAuthKeyPair[] =
-    secondaryAddrs.length > 0 && secondaryAuthHex
-      ? secondaryAddrs.map((addr, i) => ({
-          address: AccountAddress.from(addr),
-          authenticationKey: resolveAuthKey(secondaryAuthHex[i]!),
-        }))
-      : [];
-  if (hasNonZeroFeePayer && options.feePayerAuthenticationKey !== undefined) {
-    additional.push({
-      address: feePayerAddr,
-      authenticationKey: resolveAuthKey(options.feePayerAuthenticationKey),
-    });
+
+  const secondaryPairsPromise = Promise.all(
+    secondaryAddrs.map(async (addr, i) => {
+      const address = AccountAddress.from(addr);
+      const authenticationKey = await resolveFor(address, secondaryAuthInputs?.[i]);
+      return { address, authenticationKey };
+    }),
+  );
+
+  const [senderAuthKey, secondaryPairs, feePayerAuthKey] = await Promise.all([
+    resolveFor(sender, options.senderAuthenticationKey),
+    secondaryPairsPromise,
+    hasNonZeroFeePayer ? resolveFor(feePayerAddr, options.feePayerAuthenticationKey) : Promise.resolve(undefined),
+  ]);
+
+  const senderPair: SignerAuthKeyPair = { address: sender, authenticationKey: senderAuthKey };
+  const additional: SignerAuthKeyPair[] = [...secondaryPairs];
+  if (hasNonZeroFeePayer && feePayerAuthKey !== undefined) {
+    additional.push({ address: feePayerAddr, authenticationKey: feePayerAuthKey });
   }
   return { sender: senderPair, additional: additional.length > 0 ? additional : undefined };
 }
@@ -197,7 +202,8 @@ export async function buildEncryptedPayload(args: {
     args;
 
   const senderAddr = AccountAddress.from(sender);
-  const { sender: senderPair, additional } = buildSignerAuthKeys({
+  const { sender: senderPair, additional } = await buildSignerAuthKeys({
+    aptosConfig,
     sender: senderAddr,
     options,
     feePayerAddress,

package/src/transactions/types.ts

@@ -19,8 +19,8 @@ import {
   U8,
 } from "../bcs/serializable/movePrimitives.js";
 import { FixedBytes } from "../bcs/serializable/fixedBytes.js";
-import { AccountAddress, AccountAddressInput } from "../core/index.js";
-import { AccountPublicKey, PublicKey } from "../core/crypto/index.js";
+import { AccountAddress, AccountAddressInput, AuthenticationKey } from "../core/index.js";
+import { PublicKey } from "../core/crypto/index.js";
 import {
   MultiAgentRawTransaction,
   FeePayerRawTransaction,
@@ -182,23 +182,27 @@ export type InputEncryptedTransactionBuildOptions = {
    */
   encrypted?: boolean;
   /**
-   * Authentication key for the primary sender. Required when `encrypted` is true.
-   * Accept either an `AccountPublicKey` (auth key is derived automatically via `.authKey()`) or a raw 32-byte hex
-   * string. Must match the on-chain authenticator identity (aptos-core `PayloadAssociatedData::V1.signer_auth_keys`).
+   * Authentication key for the primary sender. Optional: when omitted (and `encrypted` is true), the SDK fetches
+   * the sender's `authentication_key` from the fullnode and caches it for ~1 hour. Pass it explicitly to skip the
+   * lookup (useful right after a key rotation). Accepts an `AuthenticationKey` or a raw 32-byte hex string /
+   * `Uint8Array`. Must match the on-chain authenticator identity (aptos-core
+   * `PayloadAssociatedData::V1.signer_auth_keys`).
    */
-  authenticationKey?: HexInput | AccountPublicKey;
+  senderAuthenticationKey?: AuthenticationKey | HexInput;
   /**
    * For encrypted **multi-agent** transactions: each secondary signer's authentication key, in the same order
-   * as `secondarySignerAddresses` on the transaction build input. Accepts `AccountPublicKey` or raw 32-byte hex.
+   * as `secondarySignerAddresses` on the transaction build input. Any entry left undefined (or the entire array
+   * omitted) will be fetched from chain and cached. Accepts `AuthenticationKey` or a raw 32-byte hex string /
+   * `Uint8Array`.
    */
-  secondarySignerAuthenticationKeys?: (HexInput | AccountPublicKey)[];
+  secondarySignerAuthenticationKeys?: (AuthenticationKey | HexInput | undefined)[];
   /**
-   * For encrypted **fee-payer** transactions: the fee payer's authentication key. Required when `encrypted` is true
-   * and `feePayerAddress` is set to a **non-zero** sponsor address. Appended **last** in AAD `signer_auth_keys`,
-   * matching aptos-core `TransactionAuthenticator::all_signer_auth_keys` (after sender and secondaries).
-   * Accepts `AccountPublicKey` or raw 32-byte hex.
+   * For encrypted **fee-payer** transactions: the fee payer's authentication key. Optional when `feePayerAddress`
+   * is a **non-zero** sponsor — omitted values are fetched from chain and cached. Appended **last** in AAD
+   * `signer_auth_keys`, matching aptos-core `TransactionAuthenticator::all_signer_auth_keys` (after sender and
+   * secondaries). Accepts `AuthenticationKey` or a raw 32-byte hex string / `Uint8Array`.
    */
-  feePayerAuthenticationKey?: HexInput | AccountPublicKey;
+  feePayerAuthenticationKey?: AuthenticationKey | HexInput;
   /**
    * Overrides `claimed_entry_fun` for encrypted transactions when a fee payer is set, the payload is multisig, or the
    * payload is `TransactionInnerPayload` with a multisig address in `TransactionExtraConfigV1`.

package/src/utils/helpers.ts

@@ -6,6 +6,39 @@ import { AccountAddress } from "../core/accountAddress.js";
 import { createObjectAddress } from "../core/account/utils/address.js";
 import { TEXT_ENCODER } from "./const.js";
 
+/**
+ * Maximum bigint value that can be losslessly converted to a JS `number`.
+ * Equal to `BigInt(Number.MAX_SAFE_INTEGER)` (2^53 - 1).
+ */
+const MAX_SAFE_U64 = BigInt(Number.MAX_SAFE_INTEGER);
+
+/**
+ * Narrows a u64 (`bigint`) into a JS `number` with an explicit safety check.
+ *
+ * The `deserializeU64` reader returns `bigint`, but several keyless code
+ * paths historically narrowed the value with `Number(value)` to fit existing
+ * `number`-typed fields (expiry timestamps, expiry horizons). For values
+ * larger than `Number.MAX_SAFE_INTEGER` (~9 × 10^15), `Number(bigint)`
+ * silently loses precision — comparisons against `Date.now() / 1000` then
+ * return wrong results.
+ *
+ * Real-world expiry values are far below the unsafe range (year ~285 million
+ * AD as a Unix timestamp), so this check is effectively a guard against
+ * corrupted or malicious BCS data rather than a precision concern in normal
+ * operation. Throwing is correct behavior at the BCS/JSON boundary.
+ */
+export function u64ToNumberSafe(value: bigint, fieldName: string): number {
+  if (value < 0n) {
+    throw new RangeError(`${fieldName} is negative (${value}); expected an unsigned u64`);
+  }
+  if (value > MAX_SAFE_U64) {
+    throw new RangeError(
+      `${fieldName} (${value}) exceeds Number.MAX_SAFE_INTEGER (${MAX_SAFE_U64}); refusing to silently lose precision`,
+    );
+  }
+  return Number(value);
+}
+
 /**
  * Checks if the current runtime environment is Bun.
  * This is useful for detecting Bun-specific compatibility issues.

package/src/version.ts

@@ -6,4 +6,4 @@
  *
  * hardcoded for now, we would want to have it injected dynamically
  */
-export const VERSION = "7.0.1";
+export const VERSION = "7.1.0";