@beclab/olaresid 0.1.3 → 0.1.5

package/src/utils/crypto-utils.ts

@@ -6,45 +6,15 @@
  * compatibility across the entire Olares ecosystem.
  */
 
-import * as bip39 from 'bip39';
 import * as varint from 'varint';
+import { base58btc } from 'multiformats/bases/base58';
+import { base64url } from 'multiformats/bases/base64';
 
 // Browser globals type declaration
 declare const window: any;
+declare const atob: (input: string) => string;
 declare const btoa: (input: string) => string;
 
-// Base58 Bitcoin alphabet
-const BASE58_ALPHABET =
-	'123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz';
-
-/**
- * Encode bytes to base58btc format
- * This is a pure implementation compatible with multiformats/bases/base58
- */
-function base58Encode(bytes: Uint8Array): string {
-	// Convert bytes to bigint
-	let num = 0n;
-	for (let i = 0; i < bytes.length; i++) {
-		num = num * 256n + BigInt(bytes[i]);
-	}
-
-	// Convert to base58
-	let encoded = '';
-	while (num > 0n) {
-		const remainder = Number(num % 58n);
-		encoded = BASE58_ALPHABET[remainder] + encoded;
-		num = num / 58n;
-	}
-
-	// Add leading '1's for leading zero bytes
-	for (let i = 0; i < bytes.length && bytes[i] === 0; i++) {
-		encoded = '1' + encoded;
-	}
-
-	// Add 'z' prefix for base58btc multibase
-	return 'z' + encoded;
-}
-
 export interface RSAPublicKeyData {
 	rsaPublicKey: string;
 	rsaPrivateKey: string;
@@ -56,6 +26,61 @@ export interface DIDKeyData {
 	mnemonic: string;
 }
 
+// ============================================================================
+// Cross-platform encoding utilities (Browser + Node.js compatible)
+// ============================================================================
+
+/**
+ * Convert base64 string to Uint8Array (cross-platform)
+ * Works in both browser and Node.js environments
+ * @param base64 base64 encoded string
+ * @returns Uint8Array
+ */
+export function base64ToUint8Array(base64: string): Uint8Array {
+	const binaryString = atob(base64);
+	const bytes = new Uint8Array(binaryString.length);
+	for (let i = 0; i < binaryString.length; i++) {
+		bytes[i] = binaryString.charCodeAt(i);
+	}
+	return bytes;
+}
+
+/**
+ * Convert Uint8Array to hex string (cross-platform)
+ * @param bytes Uint8Array to convert
+ * @returns hex string without '0x' prefix
+ */
+export function uint8ArrayToHex(bytes: Uint8Array): string {
+	return Array.from(bytes)
+		.map((b) => b.toString(16).padStart(2, '0'))
+		.join('');
+}
+
+/**
+ * Convert hex string to Uint8Array (cross-platform)
+ * @param hex hex string (with or without '0x' prefix)
+ * @returns Uint8Array
+ */
+export function hexToUint8Array(hex: string): Uint8Array {
+	const cleanHex = hex.startsWith('0x') ? hex.slice(2) : hex;
+	const bytes = new Uint8Array(cleanHex.length / 2);
+	for (let i = 0; i < cleanHex.length; i += 2) {
+		bytes[i / 2] = parseInt(cleanHex.slice(i, i + 2), 16);
+	}
+	return bytes;
+}
+
+/**
+ * Convert Uint8Array to base64 string (cross-platform)
+ * Works in both browser and Node.js environments
+ * @param bytes Uint8Array to convert
+ * @returns base64 encoded string
+ */
+export function uint8ArrayToBase64(bytes: Uint8Array): string {
+	const binaryString = String.fromCharCode(...bytes);
+	return btoa(binaryString);
+}
+
 // ============================================================================
 // Trust Wallet Core Management
 // ============================================================================
@@ -82,19 +107,9 @@ async function loadWalletCore(): Promise<any> {
 	// Start loading
 	loadingPromise = (async () => {
 		try {
-			// Check if running in browser or Node.js
-			if (
-				typeof window !== 'undefined' &&
-				typeof require === 'undefined'
-			) {
-				// Browser environment with ES modules
-				const { initWasm } = await import('@trustwallet/wallet-core');
-				walletCore = await initWasm();
-			} else {
-				// Node.js environment
-				const { initWasm } = require('@trustwallet/wallet-core');
-				walletCore = await initWasm();
-			}
+			// Dynamic import works in both Node.js ESM and browser ESM
+			const { initWasm } = await import('@trustwallet/wallet-core');
+			walletCore = await initWasm();
 
 			walletCoreLoaded = true;
 			return walletCore;
@@ -114,23 +129,38 @@ async function loadWalletCore(): Promise<any> {
 // multicodec code for Ed25519 keys (0xed)
 const ED25519_CODEC_ID = varint.encode(parseInt('0xed', 16));
 
+/**
+ * Simple mnemonic validation (checks word count)
+ * @param mnemonic BIP39 mnemonic phrase
+ * @returns true if mnemonic has valid word count (12, 15, 18, 21, or 24 words)
+ */
+function validateMnemonic(mnemonic: string): boolean {
+	const words = mnemonic.trim().split(/\s+/);
+	const validWordCounts = [12, 15, 18, 21, 24];
+	return validWordCounts.includes(words.length);
+}
+
 // ============================================================================
 // Mnemonic and Key Derivation Functions
 // ============================================================================
 
 /**
- * Generate a random BIP39 mnemonic phrase
+ * Generate a random BIP39 mnemonic phrase using Trust Wallet Core
+ * Works in both Node.js and browser environments
+ *
  * @param wordCount Number of words (12, 15, 18, 21, or 24), default is 12
- * @returns A mnemonic phrase string
+ * @returns A promise that resolves to a mnemonic phrase string
  *
  * @example
  * ```typescript
- * const mnemonic = generateMnemonic(12);
+ * const mnemonic = await generateMnemonic(12);
  * console.log(mnemonic);
  * // Output: "abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon about"
  * ```
  */
-export function generateMnemonic(wordCount: number = 12): string {
+export async function generateMnemonic(
+	wordCount: number = 12
+): Promise<string> {
 	// Convert word count to entropy bits
 	// 12 words = 128 bits, 15 words = 160 bits, etc.
 	const strengthMap: Record<number, number> = {
@@ -148,7 +178,14 @@ export function generateMnemonic(wordCount: number = 12): string {
 		);
 	}
 
-	return bip39.generateMnemonic(strength);
+	// Ensure Wallet Core is loaded
+	const core = await loadWalletCore();
+	const { HDWallet } = core;
+
+	const wallet = HDWallet.create(strength, '');
+	const mnemonic = wallet.mnemonic();
+
+	return mnemonic;
 }
 
 /**
@@ -168,8 +205,10 @@ export async function getEthereumAddressFromMnemonic(
 	mnemonic: string
 ): Promise<string> {
 	// Validate mnemonic
-	if (!bip39.validateMnemonic(mnemonic)) {
-		throw new Error('Invalid mnemonic phrase');
+	if (!validateMnemonic(mnemonic)) {
+		throw new Error(
+			'Invalid mnemonic phrase: must have 12, 15, 18, 21, or 24 words'
+		);
 	}
 
 	const core = await loadWalletCore();
@@ -197,8 +236,10 @@ export async function getEVMPrivateKeyFromMnemonic(
 	mnemonic: string
 ): Promise<string> {
 	// Validate mnemonic
-	if (!bip39.validateMnemonic(mnemonic)) {
-		throw new Error('Invalid mnemonic phrase');
+	if (!validateMnemonic(mnemonic)) {
+		throw new Error(
+			'Invalid mnemonic phrase: must have 12, 15, 18, 21, or 24 words'
+		);
 	}
 
 	const core = await loadWalletCore();
@@ -209,9 +250,9 @@ export async function getEVMPrivateKeyFromMnemonic(
 	// Get private key for Ethereum
 	const privateKeyData = wallet.getKeyForCoin(CoinType.ethereum);
 
-	// Convert to hex string with 0x prefix
-	const privateKeyHex =
-		'0x' + Buffer.from(privateKeyData.data()).toString('hex');
+	// Convert to hex string with 0x prefix (cross-platform)
+	const privateKeyBytes = new Uint8Array(privateKeyData.data());
+	const privateKeyHex = '0x' + uint8ArrayToHex(privateKeyBytes);
 
 	return privateKeyHex;
 }
@@ -239,7 +280,7 @@ async function getID(mnemonic: string): Promise<string> {
 	idBytes.set(publicKey.data(), ED25519_CODEC_ID.length);
 
 	// Encode to base58btc
-	const id = base58Encode(idBytes);
+	const id = base58btc.encode(idBytes);
 	return id;
 }
 
@@ -260,14 +301,105 @@ async function getID(mnemonic: string): Promise<string> {
  */
 export async function getDIDFromMnemonic(mnemonic: string): Promise<string> {
 	// Validate mnemonic
-	if (!bip39.validateMnemonic(mnemonic)) {
-		throw new Error('Invalid mnemonic phrase');
+	if (!validateMnemonic(mnemonic)) {
+		throw new Error(
+			'Invalid mnemonic phrase: must have 12, 15, 18, 21, or 24 words'
+		);
 	}
 
 	const id = await getID(mnemonic);
 	return `did:key:${id}`;
 }
 
+/**
+ * Generate Ed25519 JWK (JSON Web Key) from BIP39 mnemonic phrase
+ * Uses Trust Wallet Core for key derivation, ensuring compatibility with TermiPass
+ *
+ * @param mnemonic BIP39 mnemonic phrase (12, 15, 18, 21, or 24 words)
+ * @returns Object containing publicJwk and privateJwk in RFC 7517 format
+ *
+ * @example
+ * ```typescript
+ * const { publicJwk, privateJwk } = await getEd25519JwkFromMnemonic(mnemonic);
+ *
+ * // Public JWK (safe to share)
+ * console.log(publicJwk);
+ * // {
+ * //   "kty": "OKP",
+ * //   "crv": "Ed25519",
+ * //   "alg": "EdDSA",
+ * //   "use": "sig",
+ * //   "kid": "did:key:z6Mk...#z6Mk...",
+ * //   "x": "base64url-encoded-public-key"
+ * // }
+ *
+ * // Private JWK (keep secure!)
+ * console.log(privateJwk);
+ * // {
+ * //   "kty": "OKP",
+ * //   "crv": "Ed25519",
+ * //   "alg": "EdDSA",
+ * //   "use": "sig",
+ * //   "kid": "did:key:z6Mk...#z6Mk...",
+ * //   "x": "base64url-encoded-public-key",
+ * //   "d": "base64url-encoded-private-key"
+ * // }
+ * ```
+ */
+export async function getEd25519JwkFromMnemonic(mnemonic: string): Promise<{
+	publicJwk: any;
+	privateJwk: any;
+}> {
+	// Validate mnemonic
+	if (!validateMnemonic(mnemonic)) {
+		throw new Error(
+			'Invalid mnemonic phrase: must have 12, 15, 18, 21, or 24 words'
+		);
+	}
+
+	const core = await loadWalletCore();
+	const { HDWallet, Curve } = core;
+
+	const wallet = HDWallet.createWithMnemonic(mnemonic, '');
+	const privateKey = wallet.getMasterKey(Curve.ed25519);
+	const publicKey = privateKey.getPublicKeyEd25519();
+
+	// Get key data
+	const publicKeyBytes = publicKey.data();
+	const privateKeyBytes = privateKey.data();
+
+	const idBytes = new Uint8Array(
+		publicKeyBytes.length + ED25519_CODEC_ID.length
+	);
+	idBytes.set(ED25519_CODEC_ID, 0);
+	idBytes.set(publicKeyBytes, ED25519_CODEC_ID.length);
+	const id = base58btc.encode(idBytes);
+	const did = `did:key:${id}`;
+	const keyId = `${did}#${id}`;
+
+	// Base64url encode the keys
+	const x = base64url.baseEncode(publicKeyBytes);
+	const d = base64url.baseEncode(privateKeyBytes);
+
+	// Public JWK (contains only public key material)
+	const publicJwk = {
+		kty: 'OKP', // Key Type: Octet Key Pair
+		crv: 'Ed25519', // Curve: Ed25519
+		alg: 'EdDSA', // Algorithm: EdDSA
+		use: 'sig', // Use: signature
+		kid: keyId, // Key ID
+		x: x // Public key parameter
+	};
+
+	// Private JWK (contains both public and private key material)
+	const privateJwk = {
+		...publicJwk,
+		d: d // Private key parameter
+	};
+
+	return { publicJwk, privateJwk };
+}
+
 /**
  * Derive both owner (Ethereum address) and DID from existing mnemonic
  *
@@ -286,8 +418,10 @@ export async function deriveDIDFromMnemonic(mnemonic: string): Promise<{
 	did: string;
 }> {
 	// Validate mnemonic once upfront
-	if (!bip39.validateMnemonic(mnemonic)) {
-		throw new Error('Invalid mnemonic phrase');
+	if (!validateMnemonic(mnemonic)) {
+		throw new Error(
+			'Invalid mnemonic phrase: must have 12, 15, 18, 21, or 24 words'
+		);
 	}
 
 	// Derive both in parallel for better performance
@@ -316,7 +450,7 @@ export async function deriveDIDFromMnemonic(mnemonic: string): Promise<{
 export async function generateDIDKeyData(
 	wordCount: number = 12
 ): Promise<DIDKeyData> {
-	const mnemonic = generateMnemonic(wordCount);
+	const mnemonic = await generateMnemonic(wordCount);
 	const { owner, did } = await deriveDIDFromMnemonic(mnemonic);
 
 	return {