@beclab/olaresid 0.1.1 → 0.1.2

package/src/utils/crypto-utils.ts

@@ -0,0 +1,459 @@
+/**
+ * Cross-platform crypto utilities using Trust Wallet Core
+ * Works in both Node.js and Browser environments
+ *
+ * This implementation uses the same approach as TermiPass to ensure
+ * compatibility across the entire Olares ecosystem.
+ */
+
+import * as bip39 from 'bip39';
+import * as varint from 'varint';
+
+// Browser globals type declaration
+declare const window: any;
+declare const btoa: (input: string) => string;
+
+// Base58 Bitcoin alphabet
+const BASE58_ALPHABET =
+	'123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz';
+
+/**
+ * Encode bytes to base58btc format
+ * This is a pure implementation compatible with multiformats/bases/base58
+ */
+function base58Encode(bytes: Uint8Array): string {
+	// Convert bytes to bigint
+	let num = 0n;
+	for (let i = 0; i < bytes.length; i++) {
+		num = num * 256n + BigInt(bytes[i]);
+	}
+
+	// Convert to base58
+	let encoded = '';
+	while (num > 0n) {
+		const remainder = Number(num % 58n);
+		encoded = BASE58_ALPHABET[remainder] + encoded;
+		num = num / 58n;
+	}
+
+	// Add leading '1's for leading zero bytes
+	for (let i = 0; i < bytes.length && bytes[i] === 0; i++) {
+		encoded = '1' + encoded;
+	}
+
+	// Add 'z' prefix for base58btc multibase
+	return 'z' + encoded;
+}
+
+export interface RSAPublicKeyData {
+	rsaPublicKey: string;
+	rsaPrivateKey: string;
+}
+
+export interface DIDKeyData {
+	owner: string; // Ethereum address
+	did: string; // DID string in format: did:key:z...
+	mnemonic: string;
+}
+
+// ============================================================================
+// Trust Wallet Core Management
+// ============================================================================
+
+let walletCore: any = null;
+let walletCoreLoaded = false;
+let loadingPromise: Promise<any> | null = null;
+
+/**
+ * Load Trust Wallet Core (lazy loading)
+ * Works in both Node.js and browser environments
+ */
+async function loadWalletCore(): Promise<any> {
+	// Return cached instance if already loaded
+	if (walletCoreLoaded && walletCore) {
+		return walletCore;
+	}
+
+	// If already loading, wait for that promise
+	if (loadingPromise) {
+		return loadingPromise;
+	}
+
+	// Start loading
+	loadingPromise = (async () => {
+		try {
+			// Check if running in browser or Node.js
+			if (
+				typeof window !== 'undefined' &&
+				typeof require === 'undefined'
+			) {
+				// Browser environment with ES modules
+				const { initWasm } = await import('@trustwallet/wallet-core');
+				walletCore = await initWasm();
+			} else {
+				// Node.js environment
+				const { initWasm } = require('@trustwallet/wallet-core');
+				walletCore = await initWasm();
+			}
+
+			walletCoreLoaded = true;
+			return walletCore;
+		} catch (error) {
+			loadingPromise = null; // Reset on error to allow retry
+			throw new Error(
+				`Failed to load Trust Wallet Core: ${
+					error instanceof Error ? error.message : String(error)
+				}`
+			);
+		}
+	})();
+
+	return loadingPromise;
+}
+
+// multicodec code for Ed25519 keys (0xed)
+const ED25519_CODEC_ID = varint.encode(parseInt('0xed', 16));
+
+// ============================================================================
+// Mnemonic and Key Derivation Functions
+// ============================================================================
+
+/**
+ * Generate a random BIP39 mnemonic phrase
+ * @param wordCount Number of words (12, 15, 18, 21, or 24), default is 12
+ * @returns A mnemonic phrase string
+ *
+ * @example
+ * ```typescript
+ * const mnemonic = generateMnemonic(12);
+ * console.log(mnemonic);
+ * // Output: "abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon about"
+ * ```
+ */
+export function generateMnemonic(wordCount: number = 12): string {
+	// Convert word count to entropy bits
+	// 12 words = 128 bits, 15 words = 160 bits, etc.
+	const strengthMap: Record<number, number> = {
+		12: 128,
+		15: 160,
+		18: 192,
+		21: 224,
+		24: 256
+	};
+
+	const strength = strengthMap[wordCount];
+	if (!strength) {
+		throw new Error(
+			'Invalid word count. Must be one of: 12, 15, 18, 21, 24'
+		);
+	}
+
+	return bip39.generateMnemonic(strength);
+}
+
+/**
+ * Derive Ethereum address from mnemonic using Trust Wallet Core
+ * Uses standard BIP44 derivation path for Ethereum
+ *
+ * @param mnemonic BIP39 mnemonic phrase
+ * @returns Ethereum address (0x...)
+ *
+ * @example
+ * ```typescript
+ * const address = await getEthereumAddressFromMnemonic(mnemonic);
+ * console.log(address); // "0x9858EfFD232B4033E47d90003D41EC34EcaEda94"
+ * ```
+ */
+export async function getEthereumAddressFromMnemonic(
+	mnemonic: string
+): Promise<string> {
+	// Validate mnemonic
+	if (!bip39.validateMnemonic(mnemonic)) {
+		throw new Error('Invalid mnemonic phrase');
+	}
+
+	const core = await loadWalletCore();
+	const { HDWallet, CoinType } = core;
+
+	const wallet = HDWallet.createWithMnemonic(mnemonic, '');
+	return wallet.getAddressForCoin(CoinType.ethereum);
+}
+
+/**
+ * Derive EVM-compatible private key from mnemonic using Trust Wallet Core
+ * Uses standard BIP44 derivation path for Ethereum (m/44'/60'/0'/0/0)
+ *
+ * @param mnemonic BIP39 mnemonic phrase
+ * @returns Private key in hex format with 0x prefix (0x...)
+ *
+ * @example
+ * ```typescript
+ * const privateKey = await getEVMPrivateKeyFromMnemonic(mnemonic);
+ * console.log(privateKey); // "0x1234567890abcdef..."
+ * // Can be used with ethers.Wallet or setSigner
+ * ```
+ */
+export async function getEVMPrivateKeyFromMnemonic(
+	mnemonic: string
+): Promise<string> {
+	// Validate mnemonic
+	if (!bip39.validateMnemonic(mnemonic)) {
+		throw new Error('Invalid mnemonic phrase');
+	}
+
+	const core = await loadWalletCore();
+	const { HDWallet, CoinType } = core;
+
+	const wallet = HDWallet.createWithMnemonic(mnemonic, '');
+
+	// Get private key for Ethereum
+	const privateKeyData = wallet.getKeyForCoin(CoinType.ethereum);
+
+	// Convert to hex string with 0x prefix
+	const privateKeyHex =
+		'0x' + Buffer.from(privateKeyData.data()).toString('hex');
+
+	return privateKeyHex;
+}
+
+/**
+ * Get Ed25519 public key ID from mnemonic (internal helper)
+ * This is the same implementation as TermiPass
+ *
+ * @param mnemonic BIP39 mnemonic phrase
+ * @returns Base58btc encoded ID with multicodec prefix
+ */
+async function getID(mnemonic: string): Promise<string> {
+	const core = await loadWalletCore();
+	const { HDWallet, Curve } = core;
+
+	const wallet = HDWallet.createWithMnemonic(mnemonic, '');
+	const privateKey = wallet.getMasterKey(Curve.ed25519);
+	const publicKey = privateKey.getPublicKeyEd25519();
+
+	// Combine multicodec prefix with public key
+	const idBytes = new Uint8Array(
+		publicKey.data().length + ED25519_CODEC_ID.length
+	);
+	idBytes.set(ED25519_CODEC_ID, 0);
+	idBytes.set(publicKey.data(), ED25519_CODEC_ID.length);
+
+	// Encode to base58btc
+	const id = base58Encode(idBytes);
+	return id;
+}
+
+/**
+ * Generate DID from mnemonic using Trust Wallet Core
+ * Uses Ed25519 key and follows did:key specification
+ * This implementation is identical to TermiPass
+ *
+ * @param mnemonic BIP39 mnemonic phrase
+ * @returns DID string in format: did:key:z...
+ *
+ * @example
+ * ```typescript
+ * const did = await getDIDFromMnemonic(mnemonic);
+ * console.log(did);
+ * // Output: "did:key:z6MkhtRJqzrZNaeEvGvgJVJv6dyFWDRYpZuHW61e8hjF6Fow"
+ * ```
+ */
+export async function getDIDFromMnemonic(mnemonic: string): Promise<string> {
+	// Validate mnemonic
+	if (!bip39.validateMnemonic(mnemonic)) {
+		throw new Error('Invalid mnemonic phrase');
+	}
+
+	const id = await getID(mnemonic);
+	return `did:key:${id}`;
+}
+
+/**
+ * Derive both owner (Ethereum address) and DID from existing mnemonic
+ *
+ * @param mnemonic BIP39 mnemonic phrase
+ * @returns Object containing owner (Ethereum address) and DID
+ *
+ * @example
+ * ```typescript
+ * const { owner, did } = await deriveDIDFromMnemonic(mnemonic);
+ * console.log('Owner:', owner);
+ * console.log('DID:', did);
+ * ```
+ */
+export async function deriveDIDFromMnemonic(mnemonic: string): Promise<{
+	owner: string;
+	did: string;
+}> {
+	// Validate mnemonic once upfront
+	if (!bip39.validateMnemonic(mnemonic)) {
+		throw new Error('Invalid mnemonic phrase');
+	}
+
+	// Derive both in parallel for better performance
+	const [owner, did] = await Promise.all([
+		getEthereumAddressFromMnemonic(mnemonic),
+		getDIDFromMnemonic(mnemonic)
+	]);
+
+	return { owner, did };
+}
+
+/**
+ * Generate mnemonic, Ethereum address, and DID all at once
+ *
+ * @param wordCount Number of words in mnemonic (default 12)
+ * @returns Object containing mnemonic, owner (Ethereum address), and DID
+ *
+ * @example
+ * ```typescript
+ * const keyData = await generateDIDKeyData(12);
+ * console.log('Mnemonic:', keyData.mnemonic);
+ * console.log('Owner:', keyData.owner);
+ * console.log('DID:', keyData.did);
+ * ```
+ */
+export async function generateDIDKeyData(
+	wordCount: number = 12
+): Promise<DIDKeyData> {
+	const mnemonic = generateMnemonic(wordCount);
+	const { owner, did } = await deriveDIDFromMnemonic(mnemonic);
+
+	return {
+		mnemonic,
+		owner,
+		did
+	};
+}
+
+// ============================================================================
+// RSA Key Pair Generation (Browser and Node.js compatible)
+// ============================================================================
+
+/**
+ * Check if running in Node.js environment
+ */
+function isNode(): boolean {
+	return (
+		typeof process !== 'undefined' &&
+		process.versions != null &&
+		process.versions.node != null
+	);
+}
+
+/**
+ * Convert ArrayBuffer to PEM format
+ */
+function arrayBufferToPem(buffer: ArrayBuffer, label: string): string {
+	const binary = String.fromCharCode(...new Uint8Array(buffer));
+	const base64 = btoa(binary);
+	const formatted = base64.match(/.{1,64}/g)?.join('\n') || base64;
+	return `-----BEGIN ${label}-----\n${formatted}\n-----END ${label}-----`;
+}
+
+/**
+ * Generate RSA key pair in browser using Web Crypto API
+ */
+async function generateKeyPairBrowser(
+	length: number
+): Promise<RSAPublicKeyData> {
+	if (
+		typeof window === 'undefined' ||
+		!window.crypto ||
+		!window.crypto.subtle
+	) {
+		throw new Error('Web Crypto API not available in this browser');
+	}
+
+	const keyPair = await window.crypto.subtle.generateKey(
+		{
+			name: 'RSA-OAEP',
+			modulusLength: length,
+			publicExponent: new Uint8Array([1, 0, 1]), // 65537
+			hash: 'SHA-256'
+		},
+		true, // extractable
+		['encrypt', 'decrypt']
+	);
+
+	const publicKeySpki = await window.crypto.subtle.exportKey(
+		'spki',
+		keyPair.publicKey
+	);
+	const privateKeyPkcs8 = await window.crypto.subtle.exportKey(
+		'pkcs8',
+		keyPair.privateKey
+	);
+
+	return {
+		rsaPublicKey: arrayBufferToPem(publicKeySpki, 'PUBLIC KEY'),
+		rsaPrivateKey: arrayBufferToPem(privateKeyPkcs8, 'PRIVATE KEY')
+	};
+}
+
+/**
+ * Generate RSA key pair in Node.js using crypto module
+ */
+function generateKeyPairNode(length: number): RSAPublicKeyData {
+	// Dynamic require to avoid bundler issues
+	const crypto = require('crypto');
+
+	const { publicKey, privateKey } = crypto.generateKeyPairSync('rsa', {
+		modulusLength: length,
+		publicKeyEncoding: {
+			type: 'spki',
+			format: 'pem'
+		},
+		privateKeyEncoding: {
+			type: 'pkcs8',
+			format: 'pem'
+		}
+	});
+
+	return {
+		rsaPublicKey: publicKey,
+		rsaPrivateKey: privateKey
+	};
+}
+
+/**
+ * Generate RSA key pair (cross-platform)
+ *
+ * - In Node.js: Returns immediately (synchronous)
+ * - In Browser: Returns a Promise (asynchronous, uses Web Crypto API)
+ *
+ * @param length Key length in bits (minimum 512, must be multiple of 8, default 2048)
+ * @returns Public and private keys in PEM PKCS#8 format
+ * @throws Error if key length is invalid or crypto API is unavailable
+ *
+ * @example
+ * ```typescript
+ * // Node.js (synchronous, but wrapped in Promise for compatibility)
+ * const keyPair = await createRsaKeyPair(2048);
+ *
+ * // Browser (asynchronous)
+ * const keyPair = await createRsaKeyPair(2048);
+ *
+ * console.log(keyPair.rsaPublicKey);  // PEM format
+ * console.log(keyPair.rsaPrivateKey); // PEM format
+ * ```
+ */
+export function createRsaKeyPair(
+	length: number = 2048
+): Promise<RSAPublicKeyData> {
+	// Validate key length
+	if (length < 512) {
+		throw new Error('RSA key length must be at least 512 bits');
+	}
+	if (length % 8 !== 0) {
+		throw new Error('RSA key length must be a multiple of 8');
+	}
+
+	if (isNode()) {
+		// Node.js environment: use crypto module (synchronous, but wrap in Promise)
+		return Promise.resolve(generateKeyPairNode(length));
+	} else {
+		// Browser environment: use Web Crypto API (asynchronous)
+		return generateKeyPairBrowser(length);
+	}
+}

package/src/utils/error-parser.ts

@@ -0,0 +1,225 @@
+/**
+ * Contract Error Parser Utility
+ *
+ * This module provides utilities for parsing contract errors from ethers.js
+ * and converting them into user-friendly error messages.
+ */
+
+/**
+ * Parsed error information
+ */
+export interface ParsedContractError {
+	message: string;
+	isNetworkError: boolean;
+	errorName?: string;
+	errorArgs?: any[];
+}
+
+/**
+ * Complete error selector mapping for all contracts (TerminusDID, RootResolver, RootTagger2, TagRegistry)
+ */
+const ERROR_SELECTORS: { [key: string]: string } = {
+	// TerminusDID contract errors
+	'0x89c62b64': 'ERC721InvalidOwner',
+	'0x7e273289': 'ERC721NonexistentToken',
+	'0x64283d7b': 'ERC721IncorrectOwner',
+	'0x73c6ac6e': 'ERC721InvalidSender',
+	'0x64a0ae92': 'ERC721InvalidReceiver',
+	'0x177e802f': 'ERC721InsufficientApproval',
+	'0xa9fbf51f': 'ERC721InvalidApprover',
+	'0x5b08ba18': 'ERC721InvalidOperator',
+	'0x6db122af': 'DomainNotExist',
+	'0x27e1f1e5': 'OnlyOperator',
+	'0xfb5c3755': 'InvalidDomain',
+	'0xc668cf69': 'SubdomainNotAllowed',
+	// RootTagger2 contract errors
+	'0xa3114200': 'RootTagNoExists',
+	'0xe7c4886e': 'AddressNoExists',
+	'0xca7dc5c3': 'AddressHasExisted',
+	'0x390642d4': 'SignatureIsValidOnlyInOneHour',
+	'0x9cc5a685': 'InvalidAddressSignature',
+	'0x871a1000': 'InvalidSolanaAddressSignature',
+	// RootResolver contract errors
+	'0x4a7f394f': 'InvalidAction',
+	'0xfde625f6': 'TagNotExist',
+	'0x4bdbac1b': 'InvalidBytes',
+	// TagRegistry contract errors
+	'0x651e7ee4': 'UndefinedTag',
+	'0x7417940b': 'RedefinedTag',
+	'0x1f7fe073': 'InvalidTagDefinition',
+	'0xc2d32a00': 'TagInvalidOp',
+	'0xe3f3bb98': 'TagTypeIncompatible',
+	'0xa6df187b': 'IncompatibleArrayLengthsForEncode',
+	'0xb62b06eb': 'TagTooManyEntries',
+	// ABI utility errors
+	'0x63df8171': 'InvalidIndex',
+	'0x93c19f61': 'InvalidOp',
+	'0xb9688461': 'InvalidType',
+	'0xaa7feadc': 'InvalidValue',
+	// Common errors
+	'0x82b42900': 'Unauthorized'
+};
+
+/**
+ * Network error codes that indicate connectivity issues
+ */
+const NETWORK_ERROR_CODES = [
+	'NETWORK_ERROR',
+	'TIMEOUT',
+	'SERVER_ERROR',
+	'ETIMEDOUT',
+	'ECONNREFUSED',
+	'ENOTFOUND'
+];
+
+/**
+ * Parse contract error and determine if it's a network error or contract error
+ * @param error - The error object from ethers.js
+ * @returns Parsed error information with friendly message
+ *
+ * @example
+ * ```typescript
+ * try {
+ *   await contract.someFunction();
+ * } catch (error) {
+ *   const parsed = parseContractError(error);
+ *   if (parsed.isNetworkError) {
+ *     throw new Error(`Network error: ${parsed.message}`);
+ *   }
+ *   console.log(parsed.message); // User-friendly message
+ * }
+ * ```
+ */
+export function parseContractError(error: any): ParsedContractError {
+	const errorCode = error.code || '';
+	const errorMessage = error.message || String(error);
+
+	// Check if it's a network error
+	const isNetworkError = NETWORK_ERROR_CODES.some(
+		(code) => errorCode.includes(code) || errorMessage.includes(code)
+	);
+
+	let errorName: string | undefined;
+	let errorArgs: any[] | undefined;
+
+	// Check for revert with custom error
+	if (error.data && typeof error.data === 'string') {
+		try {
+			const errorSelector = error.data.slice(0, 10);
+			errorName = ERROR_SELECTORS[errorSelector];
+		} catch (e) {
+			// Ignore parsing errors
+		}
+	}
+
+	// Check error message for known patterns (fallback)
+	if (!errorName && errorMessage) {
+		Object.values(ERROR_SELECTORS).forEach((name) => {
+			if (errorMessage.includes(name)) {
+				errorName = name;
+			}
+		});
+	}
+
+	// Build friendly error message
+	const friendlyMessage = errorName
+		? getFriendlyErrorMessage(errorName)
+		: errorMessage;
+
+	return {
+		message: friendlyMessage,
+		isNetworkError,
+		errorName,
+		errorArgs
+	};
+}
+
+/**
+ * Get user-friendly error message for a given error name
+ * @param errorName - The contract error name
+ * @returns User-friendly error message
+ */
+function getFriendlyErrorMessage(errorName: string): string {
+	switch (errorName) {
+		// RootTagger2 errors
+		case 'RootTagNoExists':
+			return `Tag does not exist for this domain`;
+		case 'AddressNoExists':
+			return `Wallet address does not exist`;
+		case 'AddressHasExisted':
+			return `This wallet address has already been added to the domain`;
+		case 'SignatureIsValidOnlyInOneHour':
+			return `Signature expired: Signatures are only valid for 1 hour`;
+		case 'InvalidAddressSignature':
+			return `Invalid signature: The wallet signature verification failed`;
+		case 'InvalidSolanaAddressSignature':
+			return `Invalid Solana signature: The wallet signature verification failed`;
+
+		// TerminusDID errors
+		case 'ERC721InvalidOwner':
+			return `Invalid owner address`;
+		case 'ERC721NonexistentToken':
+			return `Domain does not exist`;
+		case 'ERC721IncorrectOwner':
+			return `Incorrect owner: You are not the owner of this domain`;
+		case 'ERC721InvalidSender':
+			return `Invalid sender address`;
+		case 'ERC721InvalidReceiver':
+			return `Invalid receiver address`;
+		case 'ERC721InsufficientApproval':
+			return `Insufficient approval: Caller is not approved to operate this domain`;
+		case 'ERC721InvalidApprover':
+			return `Invalid approver address`;
+		case 'ERC721InvalidOperator':
+			return `Invalid operator address`;
+		case 'DomainNotExist':
+			return `Domain does not exist`;
+		case 'OnlyOperator':
+			return `Only operator can perform this action`;
+		case 'InvalidDomain':
+			return `Invalid domain name format`;
+		case 'SubdomainNotAllowed':
+			return `Subdomain creation is not allowed for this domain`;
+
+		// RootResolver errors
+		case 'InvalidAction':
+			return `Invalid action`;
+		case 'TagNotExist':
+			return `Tag does not exist`;
+		case 'InvalidBytes':
+			return `Invalid bytes data format`;
+
+		// TagRegistry errors
+		case 'UndefinedTag':
+			return `Tag is not defined: You must define the tag type before using it`;
+		case 'RedefinedTag':
+			return `Tag already exists: This tag has already been defined for this domain`;
+		case 'InvalidTagDefinition':
+			return `Invalid tag definition: The tag type definition is malformed`;
+		case 'TagInvalidOp':
+			return `Invalid tag operation: The operation is not supported for this tag type or state`;
+		case 'TagTypeIncompatible':
+			return `Tag type mismatch: The value type does not match the defined tag type`;
+		case 'IncompatibleArrayLengthsForEncode':
+			return `Array encoding error: Mismatched array lengths during encoding`;
+		case 'TagTooManyEntries':
+			return `Too many tag entries: The maximum number of tags has been reached`;
+
+		// ABI utility errors
+		case 'InvalidIndex':
+			return `Invalid array index: The index is out of bounds`;
+		case 'InvalidOp':
+			return `Invalid ABI operation: The operation is not supported for this type`;
+		case 'InvalidType':
+			return `Invalid ABI type: The type definition is malformed`;
+		case 'InvalidValue':
+			return `Invalid value: The value cannot be encoded with the specified type`;
+
+		// Common errors
+		case 'Unauthorized':
+			return `Unauthorized: You do not have permission to perform this action`;
+
+		default:
+			return `Contract error: ${errorName}`;
+	}
+}