@aztec/wallet-sdk 0.0.1-commit.96bb3f7 → 0.0.1-commit.993d240

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (101) hide show
  1. package/README.md +218 -355
  2. package/dest/base-wallet/base_wallet.d.ts +109 -40
  3. package/dest/base-wallet/base_wallet.d.ts.map +1 -1
  4. package/dest/base-wallet/base_wallet.js +286 -71
  5. package/dest/base-wallet/index.d.ts +3 -2
  6. package/dest/base-wallet/index.d.ts.map +1 -1
  7. package/dest/base-wallet/index.js +1 -0
  8. package/dest/base-wallet/utils.d.ts +52 -0
  9. package/dest/base-wallet/utils.d.ts.map +1 -0
  10. package/dest/base-wallet/utils.js +137 -0
  11. package/dest/crypto.d.ts +111 -27
  12. package/dest/crypto.d.ts.map +1 -1
  13. package/dest/crypto.js +307 -41
  14. package/dest/emoji_alphabet.d.ts +35 -0
  15. package/dest/emoji_alphabet.d.ts.map +1 -0
  16. package/dest/emoji_alphabet.js +299 -0
  17. package/dest/extension/handlers/background_connection_handler.d.ts +168 -0
  18. package/dest/extension/handlers/background_connection_handler.d.ts.map +1 -0
  19. package/dest/extension/handlers/background_connection_handler.js +294 -0
  20. package/dest/extension/handlers/content_script_connection_handler.d.ts +57 -0
  21. package/dest/extension/handlers/content_script_connection_handler.d.ts.map +1 -0
  22. package/dest/extension/handlers/content_script_connection_handler.js +193 -0
  23. package/dest/extension/handlers/index.d.ts +12 -0
  24. package/dest/extension/handlers/index.d.ts.map +1 -0
  25. package/dest/extension/handlers/index.js +10 -0
  26. package/dest/extension/handlers/internal_message_types.d.ts +65 -0
  27. package/dest/extension/handlers/internal_message_types.d.ts.map +1 -0
  28. package/dest/extension/handlers/internal_message_types.js +24 -0
  29. package/dest/extension/provider/extension_provider.d.ts +107 -0
  30. package/dest/extension/provider/extension_provider.d.ts.map +1 -0
  31. package/dest/extension/provider/extension_provider.js +160 -0
  32. package/dest/extension/provider/extension_wallet.d.ts +152 -0
  33. package/dest/extension/provider/extension_wallet.d.ts.map +1 -0
  34. package/dest/extension/provider/extension_wallet.js +349 -0
  35. package/dest/extension/provider/index.d.ts +3 -0
  36. package/dest/extension/provider/index.d.ts.map +1 -0
  37. package/dest/{providers/extension → extension/provider}/index.js +0 -1
  38. package/dest/iframe/handlers/iframe_connection_handler.d.ts +122 -0
  39. package/dest/iframe/handlers/iframe_connection_handler.d.ts.map +1 -0
  40. package/dest/iframe/handlers/iframe_connection_handler.js +239 -0
  41. package/dest/iframe/handlers/index.d.ts +2 -0
  42. package/dest/iframe/handlers/index.d.ts.map +1 -0
  43. package/dest/iframe/handlers/index.js +1 -0
  44. package/dest/iframe/provider/iframe_discovery.d.ts +25 -0
  45. package/dest/iframe/provider/iframe_discovery.d.ts.map +1 -0
  46. package/dest/iframe/provider/iframe_discovery.js +167 -0
  47. package/dest/iframe/provider/iframe_provider.d.ts +65 -0
  48. package/dest/iframe/provider/iframe_provider.d.ts.map +1 -0
  49. package/dest/iframe/provider/iframe_provider.js +257 -0
  50. package/dest/iframe/provider/iframe_wallet.d.ts +85 -0
  51. package/dest/iframe/provider/iframe_wallet.d.ts.map +1 -0
  52. package/dest/iframe/provider/iframe_wallet.js +269 -0
  53. package/dest/iframe/provider/index.d.ts +4 -0
  54. package/dest/iframe/provider/index.d.ts.map +1 -0
  55. package/dest/iframe/provider/index.js +3 -0
  56. package/dest/manager/index.d.ts +2 -7
  57. package/dest/manager/index.d.ts.map +1 -1
  58. package/dest/manager/index.js +0 -4
  59. package/dest/manager/types.d.ts +109 -5
  60. package/dest/manager/types.d.ts.map +1 -1
  61. package/dest/manager/types.js +17 -1
  62. package/dest/manager/wallet_manager.d.ts +50 -7
  63. package/dest/manager/wallet_manager.d.ts.map +1 -1
  64. package/dest/manager/wallet_manager.js +208 -29
  65. package/dest/types.d.ts +117 -15
  66. package/dest/types.d.ts.map +1 -1
  67. package/dest/types.js +39 -2
  68. package/package.json +22 -11
  69. package/src/base-wallet/base_wallet.ts +395 -128
  70. package/src/base-wallet/index.ts +7 -1
  71. package/src/base-wallet/utils.ts +248 -0
  72. package/src/crypto.ts +367 -47
  73. package/src/emoji_alphabet.ts +317 -0
  74. package/src/extension/handlers/background_connection_handler.ts +456 -0
  75. package/src/extension/handlers/content_script_connection_handler.ts +264 -0
  76. package/src/extension/handlers/index.ts +25 -0
  77. package/src/extension/handlers/internal_message_types.ts +71 -0
  78. package/src/extension/provider/extension_provider.ts +233 -0
  79. package/src/extension/provider/extension_wallet.ts +410 -0
  80. package/src/extension/provider/index.ts +7 -0
  81. package/src/iframe/handlers/iframe_connection_handler.ts +341 -0
  82. package/src/iframe/handlers/index.ts +7 -0
  83. package/src/iframe/provider/iframe_discovery.ts +185 -0
  84. package/src/iframe/provider/iframe_provider.ts +331 -0
  85. package/src/iframe/provider/iframe_wallet.ts +323 -0
  86. package/src/iframe/provider/index.ts +3 -0
  87. package/src/manager/index.ts +3 -9
  88. package/src/manager/types.ts +113 -4
  89. package/src/manager/wallet_manager.ts +235 -30
  90. package/src/types.ts +129 -14
  91. package/dest/providers/extension/extension_provider.d.ts +0 -17
  92. package/dest/providers/extension/extension_provider.d.ts.map +0 -1
  93. package/dest/providers/extension/extension_provider.js +0 -56
  94. package/dest/providers/extension/extension_wallet.d.ts +0 -95
  95. package/dest/providers/extension/extension_wallet.d.ts.map +0 -1
  96. package/dest/providers/extension/extension_wallet.js +0 -225
  97. package/dest/providers/extension/index.d.ts +0 -5
  98. package/dest/providers/extension/index.d.ts.map +0 -1
  99. package/src/providers/extension/extension_provider.ts +0 -72
  100. package/src/providers/extension/extension_wallet.ts +0 -275
  101. package/src/providers/extension/index.ts +0 -11
@@ -0,0 +1,410 @@
1
+ import type { ChainInfo } from '@aztec/aztec.js/account';
2
+ import { type Wallet, WalletSchema } from '@aztec/aztec.js/wallet';
3
+ import { jsonStringify } from '@aztec/foundation/json-rpc';
4
+ import { type PromiseWithResolvers, promiseWithResolvers } from '@aztec/foundation/promise';
5
+ import { getSchemaReturnType, schemaHasMethod } from '@aztec/foundation/schemas';
6
+ import type { FunctionsOf } from '@aztec/foundation/types';
7
+
8
+ import { type EncryptedPayload, decrypt, encrypt } from '../../crypto.js';
9
+ import {
10
+ DEFAULT_HEARTBEAT_DEAD_AFTER_MS,
11
+ DEFAULT_HEARTBEAT_INTERVAL_MS,
12
+ type DisconnectCallback,
13
+ type HeartbeatOptions,
14
+ NOOP_LOGGER,
15
+ type WalletMessage,
16
+ WalletMessageType,
17
+ type WalletResponse,
18
+ type WalletSdkLogger,
19
+ } from '../../types.js';
20
+
21
+ /**
22
+ * Internal type representing a wallet method call before encryption.
23
+ * @internal
24
+ */
25
+ type WalletMethodCall = {
26
+ /** The wallet method name to invoke */
27
+ type: keyof FunctionsOf<Wallet>;
28
+ /** Arguments to pass to the wallet method */
29
+ args: unknown[];
30
+ };
31
+
32
+ /**
33
+ * A wallet implementation that communicates with browser extension wallets
34
+ * using an encrypted MessageChannel.
35
+ *
36
+ * This class uses a secure channel established after discovery:
37
+ *
38
+ * 1. **MessageChannel**: Created during discovery and transferred via window.postMessage.
39
+ * Note: The port transfer is visible to page scripts, but security comes from encryption.
40
+ *
41
+ * 2. **ECDH Key Exchange**: The shared secret was derived after discovery using
42
+ * Elliptic Curve Diffie-Hellman key exchange over the MessagePort.
43
+ *
44
+ * 3. **AES-GCM Encryption**: All messages are encrypted using AES-256-GCM,
45
+ * providing both confidentiality and authenticity. This is what secures the channel.
46
+ *
47
+ * @example
48
+ * ```typescript
49
+ * // Discover and establish secure channel to a wallet
50
+ * const discoveredWallets = await ExtensionProvider.discoverWallets(chainInfo, { appId: 'my-dapp' });
51
+ * const connection = await discoveredWallets[0].establishSecureChannel();
52
+ *
53
+ * // User can verify emoji if desired
54
+ * console.log('Verify:', hashToEmoji(connection.info.verificationHash!));
55
+ *
56
+ * // Create wallet using the connection
57
+ * const wallet = ExtensionWallet.create(connection.info.id, connection.port, connection.sharedKey, chainInfo, 'my-dapp');
58
+ *
59
+ * // All subsequent calls are encrypted
60
+ * const accounts = await wallet.getAccounts();
61
+ * ```
62
+ */
63
+ export class ExtensionWallet {
64
+ /** Map of pending requests awaiting responses, keyed by message ID */
65
+ private inFlight = new Map<string, PromiseWithResolvers<unknown>>();
66
+ private disconnected = false;
67
+ private disconnectCallbacks: DisconnectCallback[] = [];
68
+ private heartbeatTimer: ReturnType<typeof setInterval> | null = null;
69
+ private lastInboundAt = 0;
70
+ private log: WalletSdkLogger;
71
+ private heartbeatIntervalMs: number;
72
+ private heartbeatDeadAfterMs: number;
73
+
74
+ /**
75
+ * Private constructor - use {@link ExtensionWallet.create} to instantiate.
76
+ * @param chainInfo - The chain information (chainId and version)
77
+ * @param appId - Application identifier for the requesting dApp
78
+ * @param extensionId - The unique identifier of the target wallet extension
79
+ * @param port - The MessagePort for private communication with the wallet
80
+ * @param sharedKey - The derived AES-256-GCM shared key for encryption
81
+ * @param logger - Optional logger; defaults to a no-op logger
82
+ * @param heartbeatOptions - Optional heartbeat tuning (mostly useful for tests)
83
+ */
84
+ private constructor(
85
+ private chainInfo: ChainInfo,
86
+ private appId: string,
87
+ private extensionId: string,
88
+ private port: MessagePort,
89
+ private sharedKey: CryptoKey,
90
+ logger?: WalletSdkLogger,
91
+ heartbeatOptions?: HeartbeatOptions,
92
+ ) {
93
+ this.log = logger ?? NOOP_LOGGER;
94
+ this.heartbeatIntervalMs = heartbeatOptions?.intervalMs ?? DEFAULT_HEARTBEAT_INTERVAL_MS;
95
+ this.heartbeatDeadAfterMs = heartbeatOptions?.deadAfterMs ?? DEFAULT_HEARTBEAT_DEAD_AFTER_MS;
96
+ }
97
+
98
+ /**
99
+ * Creates a Wallet that communicates with a browser extension
100
+ * over a secure encrypted MessageChannel.
101
+ *
102
+ * @param extensionId - The unique identifier of the wallet extension
103
+ * @param port - The MessagePort for encrypted communication with the wallet
104
+ * @param sharedKey - The derived AES-256-GCM shared key for encryption
105
+ * @param chainInfo - The chain information (chainId and version) for request context
106
+ * @param appId - Application identifier used to identify the requesting dApp to the wallet
107
+ * @param logger - Optional logger; defaults to a no-op logger to keep extension/page bundles small
108
+ * @param heartbeatOptions - Optional override for heartbeat tuning (mostly useful for tests)
109
+ * @returns A Wallet interface where all method calls are encrypted
110
+ *
111
+ * @example
112
+ * ```typescript
113
+ * const discoveredWallets = await ExtensionProvider.discoverWallets(chainInfo, { appId: 'my-defi-app' });
114
+ * const connection = await discoveredWallets[0].establishSecureChannel();
115
+ * const wallet = ExtensionWallet.create(
116
+ * connection.info.id,
117
+ * connection.port,
118
+ * connection.sharedKey,
119
+ * chainInfo,
120
+ * 'my-defi-app'
121
+ * );
122
+ *
123
+ * const accounts = await wallet.getAccounts();
124
+ * ```
125
+ */
126
+ static create(
127
+ extensionId: string,
128
+ port: MessagePort,
129
+ sharedKey: CryptoKey,
130
+ chainInfo: ChainInfo,
131
+ appId: string,
132
+ logger?: WalletSdkLogger,
133
+ heartbeatOptions?: HeartbeatOptions,
134
+ ): ExtensionWallet {
135
+ const wallet = new ExtensionWallet(chainInfo, appId, extensionId, port, sharedKey, logger, heartbeatOptions);
136
+
137
+ // Set up message handler for encrypted responses and unencrypted control messages
138
+ wallet.port.onmessage = (event: MessageEvent) => {
139
+ const data = event.data;
140
+ // Any inbound traffic counts as proof of liveness.
141
+ wallet.lastInboundAt = Date.now();
142
+
143
+ if (data && typeof data === 'object' && 'type' in data && data.type === WalletMessageType.DISCONNECT) {
144
+ wallet.handleDisconnect();
145
+ return;
146
+ }
147
+ // Otherwise treat as encrypted payload
148
+ void wallet.handleEncryptedResponse(data as EncryptedPayload);
149
+ };
150
+
151
+ wallet.port.start();
152
+
153
+ return new Proxy(wallet, {
154
+ get: (target, prop, receiver) => {
155
+ if (prop === 'asWallet') {
156
+ return () => receiver as unknown as Wallet;
157
+ } else if (schemaHasMethod(WalletSchema, prop.toString())) {
158
+ return async (...args: unknown[]) => {
159
+ const result = await target.postMessage({
160
+ type: prop.toString() as keyof FunctionsOf<Wallet>,
161
+ args,
162
+ });
163
+ return getSchemaReturnType(WalletSchema[prop.toString() as keyof typeof WalletSchema]).parseAsync(result);
164
+ };
165
+ } else {
166
+ return target[prop as keyof ExtensionWallet];
167
+ }
168
+ },
169
+ });
170
+ }
171
+
172
+ asWallet(): Wallet {
173
+ // Overridden by the proxy in create() to return the proxy itself.
174
+ // This body is never reached when accessed through create().
175
+ return this as unknown as Wallet;
176
+ }
177
+
178
+ /**
179
+ * Handles an encrypted response received from the wallet extension.
180
+ *
181
+ * Decrypts the response using the shared AES key and resolves or rejects
182
+ * the corresponding pending promise based on the response content.
183
+ *
184
+ * @param encrypted - The encrypted response from the wallet
185
+ */
186
+ private async handleEncryptedResponse(encrypted: EncryptedPayload): Promise<void> {
187
+ if (!this.sharedKey) {
188
+ return;
189
+ }
190
+
191
+ try {
192
+ const response = await decrypt<WalletResponse>(this.sharedKey, encrypted);
193
+
194
+ const { messageId, result, error, walletId: responseWalletId } = response;
195
+
196
+ if (!messageId || !responseWalletId) {
197
+ return;
198
+ }
199
+
200
+ if (this.extensionId !== responseWalletId) {
201
+ return;
202
+ }
203
+
204
+ if (!this.inFlight.has(messageId)) {
205
+ return;
206
+ }
207
+
208
+ const { resolve, reject } = this.inFlight.get(messageId)!;
209
+
210
+ if (error) {
211
+ reject(new Error(jsonStringify(error)));
212
+ } else {
213
+ resolve(result);
214
+ }
215
+ this.inFlight.delete(messageId);
216
+ this.maybeStopHeartbeat();
217
+ } catch (err) {
218
+ this.log.warn('Failed to decrypt wallet response', { err });
219
+ }
220
+ }
221
+
222
+ /**
223
+ * Sends an encrypted wallet method call over the secure MessageChannel.
224
+ *
225
+ * The message is encrypted using AES-256-GCM with the shared key derived
226
+ * during discovery. A unique message ID is generated to correlate
227
+ * the response.
228
+ *
229
+ * @param call - The wallet method call containing method name and arguments
230
+ * @returns A Promise that resolves with the decrypted result from the wallet
231
+ *
232
+ * @throws Error if the secure channel has not been established or wallet is disconnected
233
+ */
234
+ private async postMessage(call: WalletMethodCall): Promise<unknown> {
235
+ if (this.disconnected) {
236
+ throw new Error('Wallet has been disconnected');
237
+ }
238
+ if (!this.port || !this.sharedKey) {
239
+ throw new Error('Secure channel not established');
240
+ }
241
+
242
+ const messageId = globalThis.crypto.randomUUID();
243
+ const message: WalletMessage = {
244
+ type: call.type,
245
+ args: call.args,
246
+ messageId,
247
+ chainInfo: this.chainInfo,
248
+ appId: this.appId,
249
+ walletId: this.extensionId,
250
+ };
251
+
252
+ const encrypted = await encrypt(this.sharedKey, jsonStringify(message));
253
+ this.port.postMessage(encrypted);
254
+
255
+ const { promise, resolve, reject } = promiseWithResolvers<unknown>();
256
+ this.inFlight.set(messageId, { promise, resolve, reject });
257
+ this.startHeartbeat();
258
+ return promise;
259
+ }
260
+
261
+ /**
262
+ * Start the heartbeat probe loop while at least one request is in flight.
263
+ * Idempotent — calling while already running is a no-op.
264
+ *
265
+ * Heartbeat is opt-in via wire protocol: PINGs are unencrypted control messages
266
+ * (like DISCONNECT). Older wallets that do not understand PING simply drop it,
267
+ * which is safe — we only declare disconnect when **no** inbound traffic of any
268
+ * kind (PONG, encrypted response, DISCONNECT) arrives within the dead window.
269
+ * A wallet that is processing a slow request will reset the timer when it
270
+ * eventually responds, so this never causes false disconnects on legacy peers.
271
+ */
272
+ private startHeartbeat(): void {
273
+ if (this.heartbeatTimer !== null || this.disconnected) {
274
+ return;
275
+ }
276
+ this.lastInboundAt = Date.now();
277
+ this.heartbeatTimer = setInterval(() => this.heartbeatTick(), this.heartbeatIntervalMs);
278
+ }
279
+
280
+ private maybeStopHeartbeat(): void {
281
+ if (this.inFlight.size === 0 && this.heartbeatTimer !== null) {
282
+ clearInterval(this.heartbeatTimer);
283
+ this.heartbeatTimer = null;
284
+ }
285
+ }
286
+
287
+ private heartbeatTick(): void {
288
+ if (this.disconnected || this.inFlight.size === 0) {
289
+ this.maybeStopHeartbeat();
290
+ return;
291
+ }
292
+
293
+ const idleMs = Date.now() - this.lastInboundAt;
294
+ if (idleMs >= this.heartbeatDeadAfterMs) {
295
+ this.log.warn('Wallet channel unresponsive — declaring disconnect', {
296
+ idleMs,
297
+ inFlight: this.inFlight.size,
298
+ });
299
+ this.handleDisconnect();
300
+ return;
301
+ }
302
+
303
+ try {
304
+ this.port.postMessage({ type: WalletMessageType.PING });
305
+ } catch (err) {
306
+ this.log.warn('Failed to send heartbeat PING', { err });
307
+ }
308
+ }
309
+
310
+ /**
311
+ * Handles wallet disconnection.
312
+ * Rejects all pending requests and notifies registered callbacks.
313
+ * @internal
314
+ */
315
+ private handleDisconnect(): void {
316
+ if (this.disconnected) {
317
+ return;
318
+ }
319
+ this.disconnected = true;
320
+
321
+ if (this.heartbeatTimer !== null) {
322
+ clearInterval(this.heartbeatTimer);
323
+ this.heartbeatTimer = null;
324
+ }
325
+
326
+ if (this.port) {
327
+ this.port.onmessage = null;
328
+ this.port.close();
329
+ }
330
+
331
+ const error = new Error('Wallet disconnected');
332
+ for (const { reject } of this.inFlight.values()) {
333
+ reject(error);
334
+ }
335
+ this.inFlight.clear();
336
+
337
+ for (const callback of this.disconnectCallbacks) {
338
+ try {
339
+ callback();
340
+ } catch {
341
+ // Ignore errors on disconnect callbacks
342
+ }
343
+ }
344
+ }
345
+
346
+ /**
347
+ * Registers a callback to be invoked when the wallet disconnects.
348
+ *
349
+ * @param callback - Function to call when wallet disconnects
350
+ * @returns A function to unregister the callback
351
+ *
352
+ * @example
353
+ * ```typescript
354
+ * const wallet = await ExtensionWallet.create(...);
355
+ * const unsubscribe = wallet.onDisconnect(() => {
356
+ * console.log('Wallet disconnected! Please reconnect.');
357
+ * // Clean up UI, prompt user to reconnect, etc.
358
+ * });
359
+ * // Later: unsubscribe(); to stop receiving notifications
360
+ * ```
361
+ */
362
+ onDisconnect(callback: DisconnectCallback): () => void {
363
+ this.disconnectCallbacks.push(callback);
364
+ return () => {
365
+ const index = this.disconnectCallbacks.indexOf(callback);
366
+ if (index !== -1) {
367
+ this.disconnectCallbacks.splice(index, 1);
368
+ }
369
+ };
370
+ }
371
+
372
+ /**
373
+ * Returns whether the wallet has been disconnected.
374
+ *
375
+ * @returns true if the wallet is no longer connected
376
+ */
377
+ isDisconnected(): boolean {
378
+ return this.disconnected;
379
+ }
380
+
381
+ /**
382
+ * Disconnects from the wallet and cleans up resources.
383
+ *
384
+ * This method notifies the wallet extension that the session is ending,
385
+ * allowing it to clean up its state. After calling this method, the wallet
386
+ * instance can no longer be used and any pending requests will be rejected.
387
+ *
388
+ * @example
389
+ * ```typescript
390
+ * const extensionWallet = ExtensionWallet.create(extensionId, port, sharedKey, chainInfo, 'my-app');
391
+ * // ... use wallet ...
392
+ * await extensionWallet.disconnect(); // Clean disconnect when done
393
+ * ```
394
+ */
395
+ // eslint-disable-next-line require-await -- async for interface compatibility
396
+ async disconnect(): Promise<void> {
397
+ if (this.disconnected) {
398
+ return;
399
+ }
400
+
401
+ if (this.port) {
402
+ // Send unencrypted disconnect - control messages don't need encryption
403
+ this.port.postMessage({
404
+ type: WalletMessageType.DISCONNECT,
405
+ });
406
+ }
407
+
408
+ this.handleDisconnect();
409
+ }
410
+ }
@@ -0,0 +1,7 @@
1
+ export { ExtensionWallet } from './extension_wallet.js';
2
+ export {
3
+ ExtensionProvider,
4
+ type DiscoveredWallet,
5
+ type ConnectedWallet,
6
+ type DiscoveryOptions,
7
+ } from './extension_provider.js';