@blazium/ton-connect-mobile 1.2.5 → 1.2.6

package/src/core/session.ts

@@ -0,0 +1,247 @@
+/**
+ * Session crypto for TON Connect v2 protocol
+ * Uses X25519 (NaCl box) for key exchange and message encryption
+ */
+
+// eslint-disable-next-line @typescript-eslint/no-var-requires
+const nacl = require('tweetnacl');
+
+/**
+ * Convert Uint8Array to hex string
+ */
+export function bytesToHex(bytes: Uint8Array): string {
+  return Array.from(bytes)
+    .map((b) => b.toString(16).padStart(2, '0'))
+    .join('');
+}
+
+/**
+ * Convert hex string to Uint8Array
+ */
+export function hexToBytes(hex: string): Uint8Array {
+  const clean = hex.startsWith('0x') ? hex.slice(2) : hex;
+  const padded = clean.length % 2 === 0 ? clean : '0' + clean;
+  const bytes = new Uint8Array(padded.length / 2);
+  for (let i = 0; i < padded.length; i += 2) {
+    bytes[i / 2] = parseInt(padded.substring(i, i + 2), 16);
+  }
+  return bytes;
+}
+
+/**
+ * Convert Uint8Array to base64
+ */
+export function bytesToBase64(bytes: Uint8Array): string {
+  const chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/';
+  let result = '';
+  const len = bytes.length;
+  for (let i = 0; i < len; i += 3) {
+    const a = bytes[i];
+    const b = i + 1 < len ? bytes[i + 1] : 0;
+    const c = i + 2 < len ? bytes[i + 2] : 0;
+    const bitmap = (a << 16) | (b << 8) | c;
+    result += chars.charAt((bitmap >> 18) & 63);
+    result += chars.charAt((bitmap >> 12) & 63);
+    result += i + 1 < len ? chars.charAt((bitmap >> 6) & 63) : '=';
+    result += i + 2 < len ? chars.charAt(bitmap & 63) : '=';
+  }
+  return result;
+}
+
+/**
+ * Convert base64 to Uint8Array
+ */
+export function base64ToBytes(base64: string): Uint8Array {
+  const chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/';
+  const bytes: number[] = [];
+  let buffer = 0;
+  let bitsCollected = 0;
+  for (let i = 0; i < base64.length; i++) {
+    const ch = base64[i];
+    if (ch === '=') break;
+    // Also handle URL-safe base64
+    let index: number;
+    if (ch === '-') {
+      index = 62;
+    } else if (ch === '_') {
+      index = 63;
+    } else {
+      index = chars.indexOf(ch);
+    }
+    if (index === -1) continue;
+    buffer = (buffer << 6) | index;
+    bitsCollected += 6;
+    if (bitsCollected >= 8) {
+      bitsCollected -= 8;
+      bytes.push((buffer >> bitsCollected) & 0xff);
+      buffer &= (1 << bitsCollected) - 1;
+    }
+  }
+  return new Uint8Array(bytes);
+}
+
+/**
+ * Serialized session state for persistence
+ */
+export interface SessionState {
+  secretKey: string; // hex-encoded
+  walletPublicKey?: string; // hex-encoded, set after connection
+}
+
+/**
+ * Session crypto for TON Connect v2
+ * Handles X25519 key exchange and NaCl box encryption/decryption
+ */
+export class SessionCrypto {
+  private keypair: { publicKey: Uint8Array; secretKey: Uint8Array };
+
+  constructor(existingSecretKey?: Uint8Array) {
+    if (existingSecretKey) {
+      this.keypair = nacl.box.keyPair.fromSecretKey(existingSecretKey);
+    } else {
+      this.keypair = nacl.box.keyPair();
+    }
+  }
+
+  /**
+   * Session ID = hex-encoded public key (used as client_id in bridge)
+   */
+  get sessionId(): string {
+    return bytesToHex(this.keypair.publicKey);
+  }
+
+  /**
+   * Public key bytes
+   */
+  get publicKey(): Uint8Array {
+    return this.keypair.publicKey;
+  }
+
+  /**
+   * Secret key bytes (for persistence)
+   */
+  get secretKey(): Uint8Array {
+    return this.keypair.secretKey;
+  }
+
+  /**
+   * Encrypt a message for a recipient
+   * Format: nonce (24 bytes) + ciphertext
+   */
+  encrypt(message: string, receiverPublicKey: Uint8Array): Uint8Array {
+    const msgBytes = encodeUTF8(message);
+    const nonce = nacl.randomBytes(nacl.box.nonceLength); // 24 bytes
+    const encrypted = nacl.box(msgBytes, nonce, receiverPublicKey, this.keypair.secretKey);
+    if (!encrypted) {
+      throw new Error('Encryption failed');
+    }
+    // Prepend nonce to ciphertext
+    const result = new Uint8Array(nonce.length + encrypted.length);
+    result.set(nonce);
+    result.set(encrypted, nonce.length);
+    return result;
+  }
+
+  /**
+   * Decrypt a message from a sender
+   * Input format: nonce (24 bytes) + ciphertext
+   */
+  decrypt(encryptedMessage: Uint8Array, senderPublicKey: Uint8Array): string {
+    if (encryptedMessage.length < nacl.box.nonceLength) {
+      throw new Error('Encrypted message too short');
+    }
+    const nonce = encryptedMessage.slice(0, nacl.box.nonceLength);
+    const ciphertext = encryptedMessage.slice(nacl.box.nonceLength);
+    const decrypted = nacl.box.open(ciphertext, nonce, senderPublicKey, this.keypair.secretKey);
+    if (!decrypted) {
+      throw new Error('Decryption failed — invalid key or corrupted message');
+    }
+    return decodeUTF8(decrypted);
+  }
+
+  /**
+   * Serialize session for persistence
+   */
+  serialize(): SessionState {
+    return {
+      secretKey: bytesToHex(this.keypair.secretKey),
+    };
+  }
+
+  /**
+   * Restore session from persisted state
+   */
+  static fromState(state: SessionState): SessionCrypto {
+    return new SessionCrypto(hexToBytes(state.secretKey));
+  }
+}
+
+/**
+ * Encode string to UTF-8 Uint8Array
+ */
+function encodeUTF8(str: string): Uint8Array {
+  // eslint-disable-next-line no-undef
+  if (typeof globalThis !== 'undefined' && (globalThis as any).TextEncoder) {
+    // eslint-disable-next-line no-undef
+    return new (globalThis as any).TextEncoder().encode(str);
+  }
+  // Fallback for older environments
+  const bytes: number[] = [];
+  for (let i = 0; i < str.length; i++) {
+    let charCode = str.charCodeAt(i);
+    if (charCode < 0x80) {
+      bytes.push(charCode);
+    } else if (charCode < 0x800) {
+      bytes.push(0xc0 | (charCode >> 6), 0x80 | (charCode & 0x3f));
+    } else if (charCode >= 0xd800 && charCode < 0xdc00) {
+      // Surrogate pair
+      i++;
+      const low = str.charCodeAt(i);
+      charCode = ((charCode - 0xd800) << 10) + (low - 0xdc00) + 0x10000;
+      bytes.push(
+        0xf0 | (charCode >> 18),
+        0x80 | ((charCode >> 12) & 0x3f),
+        0x80 | ((charCode >> 6) & 0x3f),
+        0x80 | (charCode & 0x3f)
+      );
+    } else {
+      bytes.push(0xe0 | (charCode >> 12), 0x80 | ((charCode >> 6) & 0x3f), 0x80 | (charCode & 0x3f));
+    }
+  }
+  return new Uint8Array(bytes);
+}
+
+/**
+ * Decode UTF-8 Uint8Array to string
+ */
+function decodeUTF8(bytes: Uint8Array): string {
+  // eslint-disable-next-line no-undef
+  if (typeof globalThis !== 'undefined' && (globalThis as any).TextDecoder) {
+    // eslint-disable-next-line no-undef
+    return new (globalThis as any).TextDecoder().decode(bytes);
+  }
+  // Fallback
+  let result = '';
+  let i = 0;
+  while (i < bytes.length) {
+    const byte = bytes[i];
+    if (byte < 0x80) {
+      result += String.fromCharCode(byte);
+      i++;
+    } else if ((byte & 0xe0) === 0xc0) {
+      result += String.fromCharCode(((byte & 0x1f) << 6) | (bytes[i + 1] & 0x3f));
+      i += 2;
+    } else if ((byte & 0xf0) === 0xe0) {
+      result += String.fromCharCode(((byte & 0x0f) << 12) | ((bytes[i + 1] & 0x3f) << 6) | (bytes[i + 2] & 0x3f));
+      i += 3;
+    } else {
+      const codePoint =
+        ((byte & 0x07) << 18) | ((bytes[i + 1] & 0x3f) << 12) | ((bytes[i + 2] & 0x3f) << 6) | (bytes[i + 3] & 0x3f);
+      // Convert to surrogate pair
+      const offset = codePoint - 0x10000;
+      result += String.fromCharCode(0xd800 + (offset >> 10), 0xdc00 + (offset & 0x3ff));
+      i += 4;
+    }
+  }
+  return result;
+}

package/src/core/wallets.ts

@@ -1,93 +1,90 @@
-/**
- * TON Connect compatible wallet definitions
- * Each wallet has its own universal link format
- */
-
-export interface WalletDefinition {
-  /** Wallet name for display */
-  name: string;
-  /** Wallet app name */
-  appName: string;
-  /** Universal link base URL for this wallet */
-  universalLink: string;
-  /** Deep link scheme (if supported) */
-  deepLink?: string;
-  /** Wallet icon URL (optional) */
-  iconUrl?: string;
-  /** Platform support */
-  platforms: ('ios' | 'android' | 'web')[];
-  /** Preferred return strategy for this wallet */
-  preferredReturnStrategy?: 'back' | 'post_redirect' | 'none';
-  /** Whether this wallet requires returnScheme in payload */
-  requiresReturnScheme?: boolean;
-}
-
-/**
- * List of supported TON Connect wallets
- */
-export const SUPPORTED_WALLETS: WalletDefinition[] = [
-  {
-    name: 'Tonkeeper',
-    appName: 'Tonkeeper',
-    universalLink: 'https://app.tonkeeper.com/ton-connect',
-    deepLink: 'tonkeeper://',
-    iconUrl: 'https://tonkeeper.com/assets/tonconnect-icon.png',
-    platforms: ['ios', 'android', 'web'], // CRITICAL FIX: Tonkeeper Web is supported
-    preferredReturnStrategy: 'post_redirect', // CRITICAL FIX: 'back' strategy may not send callback properly, use 'post_redirect'
-    requiresReturnScheme: true, // CRITICAL FIX: Mobile apps need returnScheme for proper callback handling
-  },
-  {
-    name: 'MyTonWallet',
-    appName: 'MyTonWallet',
-    universalLink: 'https://connect.mytonwallet.org',
-    deepLink: 'mytonwallet://',
-    iconUrl: 'https://static.mytonwallet.io/icon-256.png',
-    platforms: ['ios', 'android', 'web'],
-    preferredReturnStrategy: 'post_redirect',
-    requiresReturnScheme: true, // MyTonWallet requires explicit returnScheme
-  },
-  {
-    name: 'Wallet in Telegram',
-    appName: 'Wallet',
-    universalLink: 'https://wallet.tg/ton-connect',
-    deepLink: 'tg://',
-    iconUrl: 'https://wallet.tg/images/logo-288.png',
-    platforms: ['ios', 'android'],
-    preferredReturnStrategy: 'post_redirect',
-    requiresReturnScheme: true, // Telegram Wallet requires explicit returnScheme
-  },
-  {
-    name: 'Tonhub',
-    appName: 'Tonhub',
-    universalLink: 'https://tonhub.com/ton-connect',
-    deepLink: 'tonhub://',
-    iconUrl: 'https://tonhub.com/tonconnect_logo.png',
-    platforms: ['ios', 'android'],
-    preferredReturnStrategy: 'post_redirect',
-    requiresReturnScheme: true, // Tonhub requires explicit returnScheme for proper callback
-  },
-];
-
-/**
- * Get wallet definition by name
- */
-export function getWalletByName(name: string): WalletDefinition | undefined {
-  return SUPPORTED_WALLETS.find(
-    (wallet) => wallet.name.toLowerCase() === name.toLowerCase() || wallet.appName.toLowerCase() === name.toLowerCase()
-  );
-}
-
-/**
- * Get default wallet (Tonkeeper)
- */
-export function getDefaultWallet(): WalletDefinition {
-  return SUPPORTED_WALLETS[0]; // Tonkeeper
-}
-
-/**
- * Get all wallets for a specific platform
- */
-export function getWalletsForPlatform(platform: 'ios' | 'android' | 'web'): WalletDefinition[] {
-  return SUPPORTED_WALLETS.filter((wallet) => wallet.platforms.includes(platform));
-}
-
+/**
+ * TON Connect compatible wallet definitions
+ * Each wallet has its own universal link and bridge URL
+ * Data sourced from official https://github.com/ton-connect/wallets-list
+ */
+
+export interface WalletDefinition {
+  /** Wallet name for display */
+  name: string;
+  /** Wallet app name (identifier) */
+  appName: string;
+  /** Universal link base URL for this wallet */
+  universalLink: string;
+  /** HTTP Bridge URL for SSE communication */
+  bridgeUrl: string;
+  /** Deep link scheme (if supported) */
+  deepLink?: string;
+  /** Wallet icon URL (optional) */
+  iconUrl?: string;
+  /** Platform support */
+  platforms: ('ios' | 'android' | 'web')[];
+}
+
+/**
+ * List of supported TON Connect wallets
+ * Bridge URLs from official wallets-v2.json
+ */
+export const SUPPORTED_WALLETS: WalletDefinition[] = [
+  {
+    name: 'Tonkeeper',
+    appName: 'tonkeeper',
+    universalLink: 'https://app.tonkeeper.com/ton-connect',
+    bridgeUrl: 'https://bridge.tonapi.io/bridge',
+    deepLink: 'tonkeeper-tc://',
+    iconUrl: 'https://tonkeeper.com/assets/tonconnect-icon.png',
+    platforms: ['ios', 'android', 'web'],
+  },
+  {
+    name: 'MyTonWallet',
+    appName: 'mytonwallet',
+    universalLink: 'https://connect.mytonwallet.org',
+    bridgeUrl: 'https://tonconnectbridge.mytonwallet.org/bridge/',
+    deepLink: 'mytonwallet-tc://',
+    iconUrl: 'https://static.mytonwallet.io/icon-256.png',
+    platforms: ['ios', 'android', 'web'],
+  },
+  {
+    name: 'Wallet in Telegram',
+    appName: 'telegram-wallet',
+    universalLink: 'https://t.me/wallet?attach=wallet',
+    bridgeUrl: 'https://walletbot.me/tonconnect-bridge/bridge',
+    deepLink: 'tg://',
+    iconUrl: 'https://wallet.tg/images/logo-288.png',
+    platforms: ['ios', 'android'],
+  },
+  {
+    name: 'Tonhub',
+    appName: 'tonhub',
+    universalLink: 'https://tonhub.com/ton-connect',
+    bridgeUrl: 'https://connect.tonhubapi.com/tonconnect',
+    deepLink: 'tonhub://',
+    iconUrl: 'https://tonhub.com/tonconnect_logo.png',
+    platforms: ['ios', 'android'],
+  },
+];
+
+/**
+ * Get wallet definition by name
+ */
+export function getWalletByName(name: string): WalletDefinition | undefined {
+  return SUPPORTED_WALLETS.find(
+    (wallet) =>
+      wallet.name.toLowerCase() === name.toLowerCase() ||
+      wallet.appName.toLowerCase() === name.toLowerCase()
+  );
+}
+
+/**
+ * Get default wallet (Tonkeeper)
+ */
+export function getDefaultWallet(): WalletDefinition {
+  return SUPPORTED_WALLETS[0]; // Tonkeeper
+}
+
+/**
+ * Get all wallets for a specific platform
+ */
+export function getWalletsForPlatform(platform: 'ios' | 'android' | 'web'): WalletDefinition[] {
+  return SUPPORTED_WALLETS.filter((wallet) => wallet.platforms.includes(platform));
+}