@atomiqlabs/sdk 8.8.3 → 8.9.0

package/dist/intermediaries/apis/IntermediaryAPI.js

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.IntermediaryAPI = exports.InvoiceStatusResponseCodes = exports.PaymentAuthorizationResponseCodes = exports.RefundAuthorizationResponseCodes = void 0;
+exports.IntermediaryAPI = exports.TrustedAddressStatusResponseCodes = exports.TrustedInvoiceStatusResponseCodes = exports.InvoiceStatusResponseCodes = exports.PaymentAuthorizationResponseCodes = exports.RefundAuthorizationResponseCodes = void 0;
 const RequestError_1 = require("../../errors/RequestError");
 const SchemaVerifier_1 = require("../../http/paramcoders/SchemaVerifier");
 const StreamingFetchPromise_1 = require("../../http/paramcoders/client/StreamingFetchPromise");
@@ -129,7 +129,64 @@ const SpvFromBTCPrepareResponseSchema = {
 const SpvFromBTCInitResponseSchema = {
     txId: SchemaVerifier_1.FieldTypeEnum.String
 };
+/////////////////////////
+///// Trusted from BTCLN
+var TrustedInvoiceStatusResponseCodes;
+(function (TrustedInvoiceStatusResponseCodes) {
+    TrustedInvoiceStatusResponseCodes[TrustedInvoiceStatusResponseCodes["EXPIRED"] = 10001] = "EXPIRED";
+    TrustedInvoiceStatusResponseCodes[TrustedInvoiceStatusResponseCodes["PAID"] = 10000] = "PAID";
+    TrustedInvoiceStatusResponseCodes[TrustedInvoiceStatusResponseCodes["AWAIT_PAYMENT"] = 10010] = "AWAIT_PAYMENT";
+    TrustedInvoiceStatusResponseCodes[TrustedInvoiceStatusResponseCodes["PENDING"] = 10011] = "PENDING";
+    TrustedInvoiceStatusResponseCodes[TrustedInvoiceStatusResponseCodes["TX_SENT"] = 10012] = "TX_SENT";
+})(TrustedInvoiceStatusResponseCodes = exports.TrustedInvoiceStatusResponseCodes || (exports.TrustedInvoiceStatusResponseCodes = {}));
+const TrustedFromBTCLNResponseSchema = {
+    pr: SchemaVerifier_1.FieldTypeEnum.String,
+    swapFee: SchemaVerifier_1.FieldTypeEnum.BigInt,
+    swapFeeSats: SchemaVerifier_1.FieldTypeEnum.BigInt,
+    total: SchemaVerifier_1.FieldTypeEnum.BigInt
+};
+/////////////////////////
+///// Trusted from BTC
+var TrustedAddressStatusResponseCodes;
+(function (TrustedAddressStatusResponseCodes) {
+    TrustedAddressStatusResponseCodes[TrustedAddressStatusResponseCodes["EXPIRED"] = 10001] = "EXPIRED";
+    TrustedAddressStatusResponseCodes[TrustedAddressStatusResponseCodes["PAID"] = 10000] = "PAID";
+    TrustedAddressStatusResponseCodes[TrustedAddressStatusResponseCodes["AWAIT_PAYMENT"] = 10010] = "AWAIT_PAYMENT";
+    TrustedAddressStatusResponseCodes[TrustedAddressStatusResponseCodes["AWAIT_CONFIRMATION"] = 10011] = "AWAIT_CONFIRMATION";
+    TrustedAddressStatusResponseCodes[TrustedAddressStatusResponseCodes["PENDING"] = 10013] = "PENDING";
+    TrustedAddressStatusResponseCodes[TrustedAddressStatusResponseCodes["TX_SENT"] = 10012] = "TX_SENT";
+    TrustedAddressStatusResponseCodes[TrustedAddressStatusResponseCodes["REFUNDED"] = 10014] = "REFUNDED";
+    TrustedAddressStatusResponseCodes[TrustedAddressStatusResponseCodes["DOUBLE_SPENT"] = 10015] = "DOUBLE_SPENT";
+    TrustedAddressStatusResponseCodes[TrustedAddressStatusResponseCodes["REFUNDABLE"] = 10016] = "REFUNDABLE";
+})(TrustedAddressStatusResponseCodes = exports.TrustedAddressStatusResponseCodes || (exports.TrustedAddressStatusResponseCodes = {}));
+const TrustedFromBTCResponseSchema = {
+    paymentHash: SchemaVerifier_1.FieldTypeEnum.String,
+    sequence: SchemaVerifier_1.FieldTypeEnum.BigInt,
+    btcAddress: SchemaVerifier_1.FieldTypeEnum.String,
+    amountSats: SchemaVerifier_1.FieldTypeEnum.BigInt,
+    swapFeeSats: SchemaVerifier_1.FieldTypeEnum.BigInt,
+    swapFee: SchemaVerifier_1.FieldTypeEnum.BigInt,
+    total: SchemaVerifier_1.FieldTypeEnum.BigInt,
+    intermediaryKey: SchemaVerifier_1.FieldTypeEnum.String,
+    recommendedFee: SchemaVerifier_1.FieldTypeEnum.Number,
+    expiresAt: SchemaVerifier_1.FieldTypeEnum.Number
+};
 class IntermediaryAPI {
+    constructor(requestHeaders) {
+        this.requestHeaders = requestHeaders;
+    }
+    httpGet(url, timeout, abortSignal, allowNon200 = false) {
+        const headers = this.requestHeaders == null ? {} : this.requestHeaders("GET", url);
+        return (0, HttpUtils_1.httpGet)(url, timeout, abortSignal, allowNon200, headers);
+    }
+    httpPost(url, body, timeout, abortSignal) {
+        const headers = this.requestHeaders == null ? {} : this.requestHeaders("POST", url, body);
+        return (0, HttpUtils_1.httpPost)(url, body, timeout, abortSignal, headers);
+    }
+    streamingFetchPromise(url, body, schema, timeout, signal, streamRequest) {
+        const headers = this.requestHeaders == null ? {} : this.requestHeaders("POST", url);
+        return (0, StreamingFetchPromise_1.streamingFetchPromise)(url, body, schema, timeout, signal, streamRequest, headers);
+    }
     /**
      * Returns the information about a specific intermediary
      *
@@ -140,14 +197,14 @@ class IntermediaryAPI {
      * @throws {RequestError} If non-200 http response code is returned
      * @throws {Error} If the supplied nonce doesn't match the response
      */
-    static async getIntermediaryInfo(baseUrl, timeout, abortSignal) {
+    async getIntermediaryInfo(baseUrl, timeout, abortSignal) {
         const nonce = (0, Utils_1.randomBytes)(32).toString("hex");
         const abortController = (0, Utils_1.extendAbortController)(abortSignal);
         //We don't know whether the node supports only POST or also has GET info support enabled
         // here we try both, and abort when the first one returns (which should be GET)
         const response = await Promise.any([
-            (0, HttpUtils_1.httpGet)(baseUrl + "/info?nonce=" + nonce, timeout, abortController.signal),
-            (0, HttpUtils_1.httpPost)(baseUrl + "/info", {
+            this.httpGet(baseUrl + "/info?nonce=" + nonce, timeout, abortController.signal),
+            this.httpPost(baseUrl + "/info", {
                 nonce,
             }, timeout, abortController.signal)
         ]);
@@ -168,8 +225,8 @@ class IntermediaryAPI {
      *
      * @throws {RequestError} If non-200 http response code is returned
      */
-    static async getRefundAuthorization(url, paymentHash, sequence, timeout, abortSignal) {
-        return (0, RetryUtils_1.tryWithRetries)(() => (0, HttpUtils_1.httpGet)(url + "/getRefundAuthorization" +
+    async getRefundAuthorization(url, paymentHash, sequence, timeout, abortSignal) {
+        return (0, RetryUtils_1.tryWithRetries)(() => this.httpGet(url + "/getRefundAuthorization" +
             "?paymentHash=" + encodeURIComponent(paymentHash) +
             "&sequence=" + encodeURIComponent(sequence.toString(10)), timeout, abortSignal), undefined, RequestError_1.RequestError, abortSignal);
     }
@@ -183,8 +240,8 @@ class IntermediaryAPI {
      *
      * @throws {RequestError} If non-200 http response code is returned
      */
-    static async getPaymentAuthorization(url, paymentHash, timeout, abortSignal) {
-        return (0, RetryUtils_1.tryWithRetries)(() => (0, HttpUtils_1.httpGet)(url + "/getInvoicePaymentAuth" +
+    async getPaymentAuthorization(url, paymentHash, timeout, abortSignal) {
+        return (0, RetryUtils_1.tryWithRetries)(() => this.httpGet(url + "/getInvoicePaymentAuth" +
             "?paymentHash=" + encodeURIComponent(paymentHash), timeout, abortSignal), undefined, RequestError_1.RequestError, abortSignal);
     }
     /**
@@ -197,8 +254,8 @@ class IntermediaryAPI {
      *
      * @throws {RequestError} If non-200 http response code is returned
      */
-    static async getInvoiceStatus(url, paymentHash, timeout, abortSignal) {
-        return (0, RetryUtils_1.tryWithRetries)(() => (0, HttpUtils_1.httpGet)(url + "/getInvoiceStatus" +
+    async getInvoiceStatus(url, paymentHash, timeout, abortSignal) {
+        return (0, RetryUtils_1.tryWithRetries)(() => this.httpGet(url + "/getInvoiceStatus" +
             "?paymentHash=" + encodeURIComponent(paymentHash), timeout, abortSignal), undefined, RequestError_1.RequestError, abortSignal);
     }
     /**
@@ -213,8 +270,8 @@ class IntermediaryAPI {
      *
      * @throws {RequestError} If non-200 http response code is returned
      */
-    static initToBTC(chainIdentifier, baseUrl, init, timeout, abortSignal, streamRequest) {
-        const responseBodyPromise = (0, StreamingFetchPromise_1.streamingFetchPromise)(baseUrl + "/tobtc/payInvoice?chain=" + encodeURIComponent(chainIdentifier), {
+    initToBTC(chainIdentifier, baseUrl, init, timeout, abortSignal, streamRequest) {
+        const responseBodyPromise = this.streamingFetchPromise(baseUrl + "/tobtc/payInvoice?chain=" + encodeURIComponent(chainIdentifier), {
             ...init.additionalParams,
             address: init.btcAddress,
             amount: init.amount.toString(10),
@@ -261,8 +318,8 @@ class IntermediaryAPI {
      *
      * @throws {RequestError} If non-200 http response code is returned
      */
-    static initFromBTC(chainIdentifier, baseUrl, depositToken, init, timeout, abortSignal, streamRequest) {
-        const responseBodyPromise = (0, StreamingFetchPromise_1.streamingFetchPromise)(baseUrl + "/frombtc/getAddress?chain=" + encodeURIComponent(chainIdentifier) + "&depositToken=" + encodeURIComponent(depositToken), {
+    initFromBTC(chainIdentifier, baseUrl, depositToken, init, timeout, abortSignal, streamRequest) {
+        const responseBodyPromise = this.streamingFetchPromise(baseUrl + "/frombtc/getAddress?chain=" + encodeURIComponent(chainIdentifier) + "&depositToken=" + encodeURIComponent(depositToken), {
             ...init.additionalParams,
             address: init.claimer,
             amount: init.amount.toString(10),
@@ -315,8 +372,8 @@ class IntermediaryAPI {
      *
      * @throws {RequestError} If non-200 http response code is returned
      */
-    static initFromBTCLN(chainIdentifier, baseUrl, depositToken, init, timeout, abortSignal, streamRequest) {
-        const responseBodyPromise = (0, StreamingFetchPromise_1.streamingFetchPromise)(baseUrl + "/frombtcln/createInvoice?chain=" + encodeURIComponent(chainIdentifier) + "&depositToken=" + encodeURIComponent(depositToken), {
+    initFromBTCLN(chainIdentifier, baseUrl, depositToken, init, timeout, abortSignal, streamRequest) {
+        const responseBodyPromise = this.streamingFetchPromise(baseUrl + "/frombtcln/createInvoice?chain=" + encodeURIComponent(chainIdentifier) + "&depositToken=" + encodeURIComponent(depositToken), {
             ...init.additionalParams,
             paymentHash: init.paymentHash.toString("hex"),
             amount: init.amount.toString(),
@@ -361,8 +418,8 @@ class IntermediaryAPI {
      *
      * @throws {RequestError} If non-200 http response code is returned
      */
-    static initFromBTCLNAuto(chainIdentifier, baseUrl, init, timeout, abortSignal, streamRequest) {
-        const responseBodyPromise = (0, StreamingFetchPromise_1.streamingFetchPromise)(baseUrl + "/frombtcln_auto/createInvoice?chain=" + encodeURIComponent(chainIdentifier), {
+    initFromBTCLNAuto(chainIdentifier, baseUrl, init, timeout, abortSignal, streamRequest) {
+        const responseBodyPromise = this.streamingFetchPromise(baseUrl + "/frombtcln_auto/createInvoice?chain=" + encodeURIComponent(chainIdentifier), {
             ...init.additionalParams,
             paymentHash: init.paymentHash.toString("hex"),
             amount: init.amount.toString(),
@@ -409,8 +466,8 @@ class IntermediaryAPI {
      *
      * @throws {RequestError} If non-200 http response code is returned
      */
-    static initToBTCLN(chainIdentifier, baseUrl, init, timeout, abortSignal, streamRequest) {
-        const responseBodyPromise = (0, StreamingFetchPromise_1.streamingFetchPromise)(baseUrl + "/tobtcln/payInvoice?chain=" + encodeURIComponent(chainIdentifier), {
+    initToBTCLN(chainIdentifier, baseUrl, init, timeout, abortSignal, streamRequest) {
+        const responseBodyPromise = this.streamingFetchPromise(baseUrl + "/tobtcln/payInvoice?chain=" + encodeURIComponent(chainIdentifier), {
             exactIn: false,
             ...init.additionalParams,
             pr: init.pr,
@@ -454,8 +511,8 @@ class IntermediaryAPI {
      *
      * @throws {RequestError} If non-200 http response code is returned
      */
-    static async initToBTCLNExactIn(baseUrl, init, timeout, abortSignal, streamRequest) {
-        const responseBody = await (0, StreamingFetchPromise_1.streamingFetchPromise)(baseUrl + "/tobtcln/payInvoiceExactIn", {
+    async initToBTCLNExactIn(baseUrl, init, timeout, abortSignal, streamRequest) {
+        const responseBody = await this.streamingFetchPromise(baseUrl + "/tobtcln/payInvoiceExactIn", {
             ...init.additionalParams,
             pr: init.pr,
             reqId: init.reqId,
@@ -489,8 +546,8 @@ class IntermediaryAPI {
      *
      * @throws {RequestError} If non-200 http response code is returned
      */
-    static prepareToBTCLNExactIn(chainIdentifier, baseUrl, init, timeout, abortSignal, streamRequest) {
-        const responseBodyPromise = (0, StreamingFetchPromise_1.streamingFetchPromise)(baseUrl + "/tobtcln/payInvoice?chain=" + encodeURIComponent(chainIdentifier), {
+    prepareToBTCLNExactIn(chainIdentifier, baseUrl, init, timeout, abortSignal, streamRequest) {
+        const responseBodyPromise = this.streamingFetchPromise(baseUrl + "/tobtcln/payInvoice?chain=" + encodeURIComponent(chainIdentifier), {
             exactIn: true,
             ...init.additionalParams,
             pr: init.pr,
@@ -534,7 +591,7 @@ class IntermediaryAPI {
      *
      * @throws {RequestError} If non-200 http response code is returned
      */
-    static prepareSpvFromBTC(chainIdentifier, baseUrl, init, timeout, abortSignal, streamRequest) {
+    prepareSpvFromBTC(chainIdentifier, baseUrl, init, timeout, abortSignal, streamRequest) {
         //We need to make sure we only send the amount parameter after the amountUtxos and amountFeeRate resolve
         // this is needed, because in the LP code to maintain backwards compatibility the amountUtxos and amountFeeRate
         // params are checked immediately after the amount param (and other params) are received, if amount were sent
@@ -547,7 +604,7 @@ class IntermediaryAPI {
             const amount = await init.amount;
             return amount.toString(10);
         })();
-        const responseBodyPromise = (0, StreamingFetchPromise_1.streamingFetchPromise)(baseUrl + "/frombtc_spv/getQuote?chain=" + encodeURIComponent(chainIdentifier), {
+        const responseBodyPromise = this.streamingFetchPromise(baseUrl + "/frombtc_spv/getQuote?chain=" + encodeURIComponent(chainIdentifier), {
             exactOut: init.exactOut,
             ...init.additionalParams,
             address: init.address,
@@ -591,8 +648,8 @@ class IntermediaryAPI {
      *
      * @throws {RequestError} If non-200 http response code is returned
      */
-    static initSpvFromBTC(chainIdentifier, url, init, timeout, abortSignal, streamRequest) {
-        const responseBodyPromise = (0, StreamingFetchPromise_1.streamingFetchPromise)(url + "/postQuote?chain=" + encodeURIComponent(chainIdentifier), {
+    initSpvFromBTC(chainIdentifier, url, init, timeout, abortSignal, streamRequest) {
+        const responseBodyPromise = this.streamingFetchPromise(url + "/postQuote?chain=" + encodeURIComponent(chainIdentifier), {
             quoteId: init.quoteId,
             psbtHex: init.psbtHex
         }, {
@@ -614,5 +671,94 @@ class IntermediaryAPI {
             return result;
         });
     }
+    /**
+     * Fetches the invoice status from the intermediary node
+     *
+     * @param url Url of the trusted intermediary
+     * @param paymentHash Payment hash of the lightning invoice
+     * @param timeout Timeout in milliseconds
+     * @param abortSignal
+     * @throws {RequestError} if non-200 http response is returned
+     */
+    async getTrustedInvoiceStatus(url, paymentHash, timeout, abortSignal) {
+        return (0, RetryUtils_1.tryWithRetries)(() => this.httpGet(url + "/getInvoiceStatus?paymentHash=" + encodeURIComponent(paymentHash), timeout, abortSignal), undefined, RequestError_1.RequestError, abortSignal);
+    }
+    /**
+     * Initiate a trusted swap from BTCLN to SC native currency, retries!
+     *
+     * @param chainIdentifier
+     * @param baseUrl Base url of the trusted swap intermediary
+     * @param init Initialization parameters
+     * @param timeout Timeout in milliseconds for the request
+     * @param abortSignal
+     * @throws {RequestError} If the response is non-200
+     */
+    async initTrustedFromBTCLN(chainIdentifier, baseUrl, init, timeout, abortSignal) {
+        const resp = await (0, RetryUtils_1.tryWithRetries)(() => this.httpGet(baseUrl + "/lnforgas/createInvoice" +
+            "?address=" + encodeURIComponent(init.address) +
+            "&amount=" + encodeURIComponent(init.amount.toString(10)) +
+            "&chain=" + encodeURIComponent(chainIdentifier) +
+            "&token=" + encodeURIComponent(init.token), timeout, abortSignal), undefined, RequestError_1.RequestError, abortSignal);
+        if (resp.code !== 10000)
+            throw RequestError_1.RequestError.parse(JSON.stringify(resp), 400);
+        const res = (0, SchemaVerifier_1.verifySchema)(resp.data, TrustedFromBTCLNResponseSchema);
+        if (res == null)
+            throw new Error("Invalid response returned from LP");
+        return res;
+    }
+    /**
+     * Fetches the address status from the intermediary node
+     *
+     * @param url Url of the trusted intermediary
+     * @param paymentHash Payment hash of the swap
+     * @param sequence Sequence number of the swap
+     * @param timeout Timeout in milliseconds
+     * @param abortSignal
+     * @throws {RequestError} if non-200 http response is returned
+     */
+    async getTrustedAddressStatus(url, paymentHash, sequence, timeout, abortSignal) {
+        return (0, RetryUtils_1.tryWithRetries)(() => this.httpGet(url + "/getAddressStatus?paymentHash=" + encodeURIComponent(paymentHash) + "&sequence=" + encodeURIComponent(sequence.toString(10)), timeout, abortSignal), undefined, RequestError_1.RequestError, abortSignal);
+    }
+    /**
+     * Sets the refund address for an on-chain gas swap
+     *
+     * @param url Url of the trusted intermediary
+     * @param paymentHash Payment hash of the swap
+     * @param sequence Sequence number of the swap
+     * @param refundAddress Refund address to set for the swap
+     * @param timeout Timeout in milliseconds
+     * @param abortSignal
+     * @throws {RequestError} if non-200 http response is returned
+     */
+    async setTrustedRefundAddress(url, paymentHash, sequence, refundAddress, timeout, abortSignal) {
+        return (0, RetryUtils_1.tryWithRetries)(() => this.httpGet(url + "/setRefundAddress" +
+            "?paymentHash=" + encodeURIComponent(paymentHash) +
+            "&sequence=" + encodeURIComponent(sequence.toString(10)) +
+            "&refundAddress=" + encodeURIComponent(refundAddress), timeout, abortSignal), undefined, RequestError_1.RequestError, abortSignal);
+    }
+    /**
+     * Initiate a trusted swap from BTC to SC native currency, retries!
+     *
+     * @param chainIdentifier
+     * @param baseUrl Base url of the trusted swap intermediary
+     * @param init Initialization parameters
+     * @param timeout Timeout in milliseconds for the request
+     * @param abortSignal
+     * @throws {RequestError} If the response is non-200
+     */
+    async initTrustedFromBTC(chainIdentifier, baseUrl, init, timeout, abortSignal) {
+        const resp = await (0, RetryUtils_1.tryWithRetries)(() => this.httpGet(baseUrl + "/frombtc_trusted/getAddress?chain=" + encodeURIComponent(chainIdentifier) +
+            "&address=" + encodeURIComponent(init.address) +
+            "&amount=" + encodeURIComponent(init.amount.toString(10)) +
+            (init.refundAddress == null ? "" : "&refundAddress=" + encodeURIComponent(init.refundAddress)) +
+            "&exactIn=true" +
+            "&token=" + encodeURIComponent(init.token), timeout, abortSignal), undefined, RequestError_1.RequestError, abortSignal);
+        if (resp.code !== 10000)
+            throw RequestError_1.RequestError.parse(JSON.stringify(resp), 400);
+        const res = (0, SchemaVerifier_1.verifySchema)(resp.data, TrustedFromBTCResponseSchema);
+        if (res == null)
+            throw new Error("Invalid response returned from LP");
+        return res;
+    }
 }
 exports.IntermediaryAPI = IntermediaryAPI;

package/dist/intermediaries/auth/SignedKeyBasedAuth.d.ts

@@ -0,0 +1,14 @@
+/**
+ * Adds a `x-atomiq-auth` header with the following binary format, that is hex-encoded:
+ * - 4 bytes - timestamp (timestamp when the request was sent)
+ * - 32 bytes - random bytes (entropy, to be signed)
+ *
+ * - 32 bytes - key of the signing authority
+ * - 64 bytes - schnorr signature signing the request signing key by the signing authority
+ *
+ * - 32 bytes - request signing key (signed by the signing authority)
+ * - 64 bytes - schnorr signature of the timestamp and random bytes
+ *
+ * Uses secp256k1 curve and schnorr signatures
+ */
+export declare function getSignedKeyBasedAuthHandler(certificate: string, privateKey: string): (type: "GET" | "POST", url: string, body?: any) => Record<string, string>;

package/dist/intermediaries/auth/SignedKeyBasedAuth.js

@@ -0,0 +1,68 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getSignedKeyBasedAuthHandler = void 0;
+const secp256k1_1 = require("@noble/curves/secp256k1");
+const Utils_1 = require("../../utils/Utils");
+function parsePrivateKey(value, name) {
+    if (!/^[0-9a-fA-F]{64}$/.test(value))
+        throw new Error(`${name} must be a 32-byte hex private key`);
+    const bytes = Buffer.from(value, "hex");
+    if (!secp256k1_1.secp256k1.utils.isValidPrivateKey(bytes))
+        throw new Error(`${name} is not a valid secp256k1 private key`);
+    return bytes;
+}
+function parsePublicKey(value, name) {
+    if (!/^[0-9a-fA-F]{64}$/.test(value))
+        throw new Error(`${name} must be an X-only 32-byte hex public key`);
+    if (!secp256k1_1.secp256k1.utils.isValidPublicKey(Buffer.from("02" + value, "hex"), true))
+        throw new Error(`${name} is not a valid X-only 32-byte secp256k1 public key`);
+    return Buffer.from(value, "hex");
+}
+function parseSignature(value, name) {
+    if (!/^[0-9a-fA-F]{128}$/.test(value))
+        throw new Error(`${name} must be a valid 64-byte hex schnorr signature`);
+    return Buffer.from(value, "hex");
+}
+const CERTIFICATE_LENGTH = 64 + 128 + 64;
+/**
+ * Adds a `x-atomiq-auth` header with the following binary format, that is hex-encoded:
+ * - 4 bytes - timestamp (timestamp when the request was sent)
+ * - 32 bytes - random bytes (entropy, to be signed)
+ *
+ * - 32 bytes - key of the signing authority
+ * - 64 bytes - schnorr signature signing the request signing key by the signing authority
+ *
+ * - 32 bytes - request signing key (signed by the signing authority)
+ * - 64 bytes - schnorr signature of the timestamp and random bytes
+ *
+ * Uses secp256k1 curve and schnorr signatures
+ */
+function getSignedKeyBasedAuthHandler(certificate, privateKey) {
+    const _privateKey = parsePrivateKey(privateKey, "Private key");
+    if (certificate.length !== CERTIFICATE_LENGTH)
+        throw new Error(`Certificate has invalid length, expected ${CERTIFICATE_LENGTH}!`);
+    const authorityPublicKey = parsePublicKey(certificate.substring(0, 64), "Certificate: Authority Public key");
+    const authoritySignature = parseSignature(certificate.substring(64, 64 + 128), "Certificate: Authority Signature");
+    const signingPublicKey = parsePublicKey(certificate.substring(64 + 128), "Certificate: Signing Public key");
+    if (!secp256k1_1.schnorr.verify(authoritySignature, signingPublicKey, authorityPublicKey))
+        throw new Error("Invalid certificate, authority signature is not valid!");
+    if (!signingPublicKey.equals(secp256k1_1.schnorr.getPublicKey(privateKey)))
+        throw new Error("Passed private key doesn't match the certificate!");
+    const _certificate = Buffer.from(certificate, "hex");
+    return () => {
+        const timestamp = Math.floor(Date.now() / 1000);
+        const timestampBuffer = Buffer.alloc(4);
+        timestampBuffer.writeUInt32BE(timestamp);
+        const requestUid = (0, Utils_1.randomBytes)(32);
+        const toSign = Buffer.concat([timestampBuffer, requestUid]);
+        const signature = secp256k1_1.schnorr.sign(toSign, _privateKey);
+        return {
+            "x-atomiq-auth": Buffer.concat([
+                toSign,
+                _certificate,
+                signature
+            ]).toString("hex")
+        };
+    };
+}
+exports.getSignedKeyBasedAuthHandler = getSignedKeyBasedAuthHandler;

package/dist/storage/IUnifiedStorage.d.ts

@@ -14,12 +14,14 @@ export type QueryParams = {
     value: any | any[];
 };
 /**
- * Base type for stored objects, every storage object MUST have an `id` field
+ * Base type for stored objects, every storage object MUST have an `id` field. The object might also specify a `_meta`
+ *  field which gets carried to the delete/save operations (and can be used to implement optimistic concurrency)
  *
  * @category Storage
  */
 export type UnifiedStoredObject = {
     id: string;
+    _meta?: any;
 } & any;
 /**
  * Defines simple indexes (for queries that use a single key)
@@ -59,27 +61,67 @@ export interface IUnifiedStorage<I extends UnifiedStorageIndexes, C extends Unif
      *  - [[condition1, condition2]] - returns all rows where condition1 AND condition2 is met
      *  - [[condition1], [condition2]] - returns all rows where condition1 OR condition2 is met
      *  - [[condition1, condition2], [condition3]] - returns all rows where (condition1 AND condition2) OR condition3 is met
+     *
+     * You can also add an optional `_meta` field in the returned unified storage object which gets attached to that
+     *  returned object and will be present for subsequent saves and removal of this object, if you specify the `_meta`
+     *  field here, you need to explicitly handle it in the all the saving and remove functions and not simply serialize
+     *  it into the storage
+     *
      * @param params
      */
     query(params: Array<Array<QueryParams>>): Promise<Array<UnifiedStoredObject>>;
     /**
      * Saves an object to storage, updating indexes as needed
+     *
+     * If the object contains a `_meta` field, this will be also present in the to-be-saved value, to mutate the `_meta`
+     *  field of the object that is saved, you can mutate the `_meta` field directly on the passed value, which then
+     *  gets reflected automatically in the existing object. The mutated `_meta` field is copied even if the function
+     *  throws, hence the implementations must be careful with setting the `_meta` field on the still in-flight requests
+     *  that might fail.
+     *
      * @param value Object to save (must have an id property)
      */
     save(value: UnifiedStoredObject): Promise<void>;
     /**
      * Saves multiple objects to storage in a batch operation
+     *
+     * If the objects contain a `_meta` field, this will be also present in the to-be-saved values, to mutate the `_meta`
+     *  field of the objects that are saved, you can mutate the `_meta` field directly on the passed values, which then
+     *  gets reflected automatically in the existing objects. The mutated `_meta` field is copied even if the function
+     *  throws, hence the implementations must be careful with setting the `_meta` field on the still in-flight requests
+     *  that might fail.
+     *
      * @param value Array of objects to save
+     * @param lenient In lenient mode the persistency layer doesn't throw on individual swap failures due to
+     *  optimistic concurrency, or other (implementation specific), this flag is to be used when the saving of the swap
+     *  isn't mission-critical for executing next steps (e.g. in tick or sync loops)
      */
-    saveAll(value: UnifiedStoredObject[]): Promise<void>;
+    saveAll(value: UnifiedStoredObject[], lenient?: boolean): Promise<void>;
     /**
      * Removes an object from storage
+     *
+     * If the object contains a `_meta` field, this will be also present in the to-be-removed value, to mutate the `_meta`
+     *  field of the object that is saved, you can mutate the `_meta` field directly on the passed value, which then
+     *  gets reflected automatically in the existing object. The mutated `_meta` field is copied even if the function
+     *  throws, hence the implementations must be careful with setting the `_meta` field on the still in-flight requests
+     *  that might fail.
+     *
      * @param value Object to remove (must have an id property)
      */
     remove(value: UnifiedStoredObject): Promise<void>;
     /**
      * Removes multiple objects from storage in a batch operation
+     *
+     * If the objects contain a `_meta` field, this will be also present in the to-be-removed values, to mutate the `_meta`
+     *  field of the objects that are saved, you can mutate the `_meta` field directly on the passed values, which then
+     *  gets reflected automatically in the existing objects. The mutated `_meta` field is copied even if the function
+     *  throws, hence the implementations must be careful with setting the `_meta` field on the still in-flight requests
+     *  that might fail.
+     *
      * @param value Array of objects to remove
+     * @param lenient In lenient mode the persistency layer doesn't throw on individual swap failures due to
+     *  optimistic concurrency, or other (implementation specific), this flag is to be used when the saving of the swap
+     *  isn't mission-critical for executing next steps (e.g. in tick or sync loops)
      */
-    removeAll(value: UnifiedStoredObject[]): Promise<void>;
+    removeAll(value: UnifiedStoredObject[], lenient?: boolean): Promise<void>;
 }

package/dist/storage/UnifiedSwapStorage.d.ts

@@ -98,8 +98,11 @@ export declare class UnifiedSwapStorage<T extends ChainType> {
     /**
      * Saves multiple swaps to storage in a batch operation
      * @param values Array of swaps to save
+     * @param lenient In lenient mode the underlying persistent layer doesn't throw on individual swap failures due to
+     *  optimistic concurrency, or other (implementation specific), this flag is to be used when the saving of the swap
+     *  isn't mission-critical for executing next steps (e.g. in tick or sync loops)
      */
-    saveAll<S extends ISwap<T>>(values: S[]): Promise<void>;
+    saveAll<S extends ISwap<T>>(values: S[], lenient?: boolean): Promise<void>;
     /**
      * Removes a swap from storage
      * @param value Swap to remove
@@ -108,7 +111,10 @@ export declare class UnifiedSwapStorage<T extends ChainType> {
     /**
      * Removes multiple swaps from storage in a batch operation
      * @param values Array of swaps to remove
+     * @param lenient In lenient mode the underlying persistent layer doesn't throw on individual swap failures due to
+     *  optimistic concurrency, or other (implementation specific), this flag is to be used when the saving of the swap
+     *  isn't mission-critical for executing next steps (e.g. in tick or sync loops)
      */
-    removeAll<S extends ISwap<T>>(values: S[]): Promise<void>;
+    removeAll<S extends ISwap<T>>(values: S[], lenient?: boolean): Promise<void>;
 }
 export {};

package/dist/storage/UnifiedSwapStorage.js

@@ -79,18 +79,37 @@ class UnifiedSwapStorage {
     async save(value) {
         if (!this.noWeakRefMap)
             this.weakRefCache.set(value.getId(), new WeakRef(value));
-        await this.storage.save(value.serialize());
+        const serialized = value.serialize();
+        try {
+            await this.storage.save(serialized);
+        }
+        finally {
+            value._meta = serialized._meta;
+        }
         value._persisted = true;
     }
     /**
      * Saves multiple swaps to storage in a batch operation
      * @param values Array of swaps to save
+     * @param lenient In lenient mode the underlying persistent layer doesn't throw on individual swap failures due to
+     *  optimistic concurrency, or other (implementation specific), this flag is to be used when the saving of the swap
+     *  isn't mission-critical for executing next steps (e.g. in tick or sync loops)
      */
-    async saveAll(values) {
+    async saveAll(values, lenient) {
         if (!this.noWeakRefMap)
             values.forEach(value => this.weakRefCache.set(value.getId(), new WeakRef(value)));
-        await this.storage.saveAll(values.map(obj => obj.serialize()));
-        values.forEach(value => value._persisted = true);
+        const serialized = values.map(obj => obj.serialize());
+        try {
+            await this.storage.saveAll(serialized, lenient);
+        }
+        finally {
+            values.forEach((value, index) => {
+                value._meta = serialized[index]._meta;
+            });
+        }
+        values.forEach((value) => {
+            value._persisted = true;
+        });
     }
     /**
      * Removes a swap from storage
@@ -99,18 +118,37 @@ class UnifiedSwapStorage {
     async remove(value) {
         if (!this.noWeakRefMap)
             this.weakRefCache.delete(value.getId());
-        await this.storage.remove(value.serialize());
+        const serialized = value.serialize();
+        try {
+            await this.storage.remove(serialized);
+        }
+        finally {
+            value._meta = serialized._meta;
+        }
         value._persisted = false;
     }
     /**
      * Removes multiple swaps from storage in a batch operation
      * @param values Array of swaps to remove
+     * @param lenient In lenient mode the underlying persistent layer doesn't throw on individual swap failures due to
+     *  optimistic concurrency, or other (implementation specific), this flag is to be used when the saving of the swap
+     *  isn't mission-critical for executing next steps (e.g. in tick or sync loops)
      */
-    async removeAll(values) {
+    async removeAll(values, lenient) {
         if (!this.noWeakRefMap)
             values.forEach(value => this.weakRefCache.delete(value.getId()));
-        await this.storage.removeAll(values.map(obj => obj.serialize()));
-        values.forEach(value => value._persisted = false);
+        const serialized = values.map(obj => obj.serialize());
+        try {
+            await this.storage.removeAll(serialized, lenient);
+        }
+        finally {
+            values.forEach((value, index) => {
+                value._meta = serialized[index]._meta;
+            });
+        }
+        values.forEach((value) => {
+            value._persisted = false;
+        });
     }
 }
 exports.UnifiedSwapStorage = UnifiedSwapStorage;