npm - @bopen-io/wallet-toolbox - Versions diffs - 1.7.18 - Mend

@bopen-io/wallet-toolbox 1.7.18

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (390) hide show

package/.claude/settings.local.json +10 -0
package/.env.template +22 -0
package/.github/ISSUE_TEMPLATE/bug_report.md +40 -0
package/.github/ISSUE_TEMPLATE/discussion.md +24 -0
package/.github/pull_request_template.md +22 -0
package/.github/workflows/push.yaml +145 -0
package/.prettierrc +10 -0
package/CHANGELOG.md +280 -0
package/CONTRIBUTING.md +89 -0
package/README.md +43 -0
package/docs/README.md +85 -0
package/docs/client.md +19627 -0
package/docs/monitor.md +953 -0
package/docs/open-rpc/index.html +46 -0
package/docs/services.md +6377 -0
package/docs/setup.md +1268 -0
package/docs/storage.md +5367 -0
package/docs/wallet.md +19626 -0
package/jest.config.ts +25 -0
package/license.md +28 -0
package/out/tsconfig.all.tsbuildinfo +1 -0
package/package.json +63 -0
package/src/CWIStyleWalletManager.ts +1999 -0
package/src/Setup.ts +579 -0
package/src/SetupClient.ts +322 -0
package/src/SetupWallet.ts +108 -0
package/src/SimpleWalletManager.ts +526 -0
package/src/Wallet.ts +1169 -0
package/src/WalletAuthenticationManager.ts +153 -0
package/src/WalletLogger.ts +213 -0
package/src/WalletPermissionsManager.ts +3660 -0
package/src/WalletSettingsManager.ts +114 -0
package/src/__tests/CWIStyleWalletManager.test.d.ts.map +1 -0
package/src/__tests/CWIStyleWalletManager.test.js.map +1 -0
package/src/__tests/CWIStyleWalletManager.test.ts +675 -0
package/src/__tests/WalletPermissionsManager.callbacks.test.ts +323 -0
package/src/__tests/WalletPermissionsManager.checks.test.ts +844 -0
package/src/__tests/WalletPermissionsManager.encryption.test.ts +412 -0
package/src/__tests/WalletPermissionsManager.fixtures.ts +307 -0
package/src/__tests/WalletPermissionsManager.flows.test.ts +462 -0
package/src/__tests/WalletPermissionsManager.initialization.test.ts +300 -0
package/src/__tests/WalletPermissionsManager.pmodules.test.ts +798 -0
package/src/__tests/WalletPermissionsManager.proxying.test.ts +724 -0
package/src/__tests/WalletPermissionsManager.tokens.test.ts +503 -0
package/src/index.all.ts +27 -0
package/src/index.client.ts +25 -0
package/src/index.mobile.ts +21 -0
package/src/index.ts +1 -0
package/src/monitor/Monitor.ts +412 -0
package/src/monitor/MonitorDaemon.ts +188 -0
package/src/monitor/README.md +3 -0
package/src/monitor/__test/MonitorDaemon.man.test.ts +45 -0
package/src/monitor/tasks/TaskCheckForProofs.ts +243 -0
package/src/monitor/tasks/TaskCheckNoSends.ts +73 -0
package/src/monitor/tasks/TaskClock.ts +33 -0
package/src/monitor/tasks/TaskFailAbandoned.ts +54 -0
package/src/monitor/tasks/TaskMonitorCallHistory.ts +26 -0
package/src/monitor/tasks/TaskNewHeader.ts +93 -0
package/src/monitor/tasks/TaskPurge.ts +68 -0
package/src/monitor/tasks/TaskReorg.ts +89 -0
package/src/monitor/tasks/TaskReviewStatus.ts +48 -0
package/src/monitor/tasks/TaskSendWaiting.ts +122 -0
package/src/monitor/tasks/TaskSyncWhenIdle.ts +26 -0
package/src/monitor/tasks/TaskUnFail.ts +151 -0
package/src/monitor/tasks/WalletMonitorTask.ts +47 -0
package/src/sdk/CertOpsWallet.ts +18 -0
package/src/sdk/PrivilegedKeyManager.ts +372 -0
package/src/sdk/README.md +13 -0
package/src/sdk/WERR_errors.ts +234 -0
package/src/sdk/WalletError.ts +170 -0
package/src/sdk/WalletErrorFromJson.ts +80 -0
package/src/sdk/WalletServices.interfaces.ts +700 -0
package/src/sdk/WalletSigner.interfaces.ts +11 -0
package/src/sdk/WalletStorage.interfaces.ts +606 -0
package/src/sdk/__test/CertificateLifeCycle.test.ts +131 -0
package/src/sdk/__test/PrivilegedKeyManager.test.ts +738 -0
package/src/sdk/__test/WalletError.test.ts +318 -0
package/src/sdk/__test/validationHelpers.test.ts +21 -0
package/src/sdk/index.ts +10 -0
package/src/sdk/types.ts +226 -0
package/src/services/README.md +11 -0
package/src/services/ServiceCollection.ts +248 -0
package/src/services/Services.ts +603 -0
package/src/services/__tests/ARC.man.test.ts +123 -0
package/src/services/__tests/ARC.timeout.man.test.ts +79 -0
package/src/services/__tests/ArcGorillaPool.man.test.ts +108 -0
package/src/services/__tests/arcServices.test.ts +8 -0
package/src/services/__tests/bitrails.test.ts +56 -0
package/src/services/__tests/getMerklePath.test.ts +15 -0
package/src/services/__tests/getRawTx.test.ts +13 -0
package/src/services/__tests/postBeef.test.ts +104 -0
package/src/services/__tests/verifyBeef.test.ts +50 -0
package/src/services/chaintracker/BHServiceClient.ts +212 -0
package/src/services/chaintracker/ChaintracksChainTracker.ts +71 -0
package/src/services/chaintracker/__tests/ChaintracksChainTracker.test.ts +33 -0
package/src/services/chaintracker/__tests/ChaintracksServiceClient.test.ts +29 -0
package/src/services/chaintracker/chaintracks/Api/BlockHeaderApi.ts +72 -0
package/src/services/chaintracker/chaintracks/Api/BulkIngestorApi.ts +83 -0
package/src/services/chaintracker/chaintracks/Api/BulkStorageApi.ts +92 -0
package/src/services/chaintracker/chaintracks/Api/ChaintracksApi.ts +64 -0
package/src/services/chaintracker/chaintracks/Api/ChaintracksClientApi.ts +189 -0
package/src/services/chaintracker/chaintracks/Api/ChaintracksFetchApi.ts +18 -0
package/src/services/chaintracker/chaintracks/Api/ChaintracksFsApi.ts +58 -0
package/src/services/chaintracker/chaintracks/Api/ChaintracksStorageApi.ts +386 -0
package/src/services/chaintracker/chaintracks/Api/LiveIngestorApi.ts +25 -0
package/src/services/chaintracker/chaintracks/Chaintracks.ts +609 -0
package/src/services/chaintracker/chaintracks/ChaintracksService.ts +199 -0
package/src/services/chaintracker/chaintracks/ChaintracksServiceClient.ts +154 -0
package/src/services/chaintracker/chaintracks/Ingest/BulkIngestorBase.ts +176 -0
package/src/services/chaintracker/chaintracks/Ingest/BulkIngestorCDN.ts +174 -0
package/src/services/chaintracker/chaintracks/Ingest/BulkIngestorCDNBabbage.ts +18 -0
package/src/services/chaintracker/chaintracks/Ingest/BulkIngestorWhatsOnChainCdn.ts +113 -0
package/src/services/chaintracker/chaintracks/Ingest/BulkIngestorWhatsOnChainWs.ts +81 -0
package/src/services/chaintracker/chaintracks/Ingest/LiveIngestorBase.ts +86 -0
package/src/services/chaintracker/chaintracks/Ingest/LiveIngestorTeranodeP2P.ts +59 -0
package/src/services/chaintracker/chaintracks/Ingest/LiveIngestorWhatsOnChainPoll.ts +104 -0
package/src/services/chaintracker/chaintracks/Ingest/LiveIngestorWhatsOnChainWs.ts +66 -0
package/src/services/chaintracker/chaintracks/Ingest/WhatsOnChainIngestorWs.ts +566 -0
package/src/services/chaintracker/chaintracks/Ingest/WhatsOnChainServices.ts +219 -0
package/src/services/chaintracker/chaintracks/Ingest/__tests/BulkIngestorCDNBabbage.test.ts +54 -0
package/src/services/chaintracker/chaintracks/Ingest/__tests/LiveIngestorWhatsOnChainPoll.test.ts +33 -0
package/src/services/chaintracker/chaintracks/Ingest/__tests/WhatsOnChainServices.test.ts +124 -0
package/src/services/chaintracker/chaintracks/Storage/BulkStorageBase.ts +92 -0
package/src/services/chaintracker/chaintracks/Storage/ChaintracksKnexMigrations.ts +104 -0
package/src/services/chaintracker/chaintracks/Storage/ChaintracksStorageBase.ts +382 -0
package/src/services/chaintracker/chaintracks/Storage/ChaintracksStorageIdb.ts +574 -0
package/src/services/chaintracker/chaintracks/Storage/ChaintracksStorageKnex.ts +438 -0
package/src/services/chaintracker/chaintracks/Storage/ChaintracksStorageMemory.ts +29 -0
package/src/services/chaintracker/chaintracks/Storage/ChaintracksStorageNoDb.ts +304 -0
package/src/services/chaintracker/chaintracks/Storage/__tests/ChaintracksStorageIdb.test.ts +102 -0
package/src/services/chaintracker/chaintracks/Storage/__tests/ChaintracksStorageKnex.test.ts +45 -0
package/src/services/chaintracker/chaintracks/__tests/Chaintracks.test.ts +77 -0
package/src/services/chaintracker/chaintracks/__tests/ChaintracksClientApi.test.ts +192 -0
package/src/services/chaintracker/chaintracks/__tests/LocalCdnServer.ts +75 -0
package/src/services/chaintracker/chaintracks/__tests/createIdbChaintracks.test.ts +62 -0
package/src/services/chaintracker/chaintracks/__tests/data/cdnTest349/mainNetBlockHeaders.json +1 -0
package/src/services/chaintracker/chaintracks/__tests/data/cdnTest349/mainNet_0.headers +0 -0
package/src/services/chaintracker/chaintracks/__tests/data/cdnTest349/mainNet_1.headers +0 -0
package/src/services/chaintracker/chaintracks/__tests/data/cdnTest349/mainNet_2.headers +0 -0
package/src/services/chaintracker/chaintracks/__tests/data/cdnTest349/mainNet_3.headers +0 -0
package/src/services/chaintracker/chaintracks/__tests/data/cdnTest379/mainNetBlockHeaders.json +1 -0
package/src/services/chaintracker/chaintracks/__tests/data/cdnTest379/mainNet_0.headers +0 -0
package/src/services/chaintracker/chaintracks/__tests/data/cdnTest379/mainNet_1.headers +0 -0
package/src/services/chaintracker/chaintracks/__tests/data/cdnTest379/mainNet_2.headers +0 -0
package/src/services/chaintracker/chaintracks/__tests/data/cdnTest379/mainNet_3.headers +0 -0
package/src/services/chaintracker/chaintracks/__tests/data/cdnTest399/mainNetBlockHeaders.json +1 -0
package/src/services/chaintracker/chaintracks/__tests/data/cdnTest399/mainNet_0.headers +0 -0
package/src/services/chaintracker/chaintracks/__tests/data/cdnTest399/mainNet_1.headers +0 -0
package/src/services/chaintracker/chaintracks/__tests/data/cdnTest399/mainNet_2.headers +0 -0
package/src/services/chaintracker/chaintracks/__tests/data/cdnTest399/mainNet_3.headers +0 -0
package/src/services/chaintracker/chaintracks/__tests/data/cdnTest402/mainNetBlockHeaders.json +1 -0
package/src/services/chaintracker/chaintracks/__tests/data/cdnTest402/mainNet_0.headers +0 -0
package/src/services/chaintracker/chaintracks/__tests/data/cdnTest402/mainNet_1.headers +0 -0
package/src/services/chaintracker/chaintracks/__tests/data/cdnTest402/mainNet_2.headers +0 -0
package/src/services/chaintracker/chaintracks/__tests/data/cdnTest402/mainNet_3.headers +0 -0
package/src/services/chaintracker/chaintracks/__tests/data/cdnTest402/mainNet_4.headers +0 -0
package/src/services/chaintracker/chaintracks/__tests/data/cdnTest499/mainNetBlockHeaders.json +1 -0
package/src/services/chaintracker/chaintracks/__tests/data/cdnTest499/mainNet_0.headers +0 -0
package/src/services/chaintracker/chaintracks/__tests/data/cdnTest499/mainNet_1.headers +0 -0
package/src/services/chaintracker/chaintracks/__tests/data/cdnTest499/mainNet_2.headers +0 -0
package/src/services/chaintracker/chaintracks/__tests/data/cdnTest499/mainNet_3.headers +0 -0
package/src/services/chaintracker/chaintracks/__tests/data/cdnTest499/mainNet_4.headers +0 -0
package/src/services/chaintracker/chaintracks/createDefaultIdbChaintracksOptions.ts +92 -0
package/src/services/chaintracker/chaintracks/createDefaultKnexChaintracksOptions.ts +111 -0
package/src/services/chaintracker/chaintracks/createDefaultNoDbChaintracksOptions.ts +91 -0
package/src/services/chaintracker/chaintracks/createIdbChaintracks.ts +60 -0
package/src/services/chaintracker/chaintracks/createKnexChaintracks.ts +65 -0
package/src/services/chaintracker/chaintracks/createNoDbChaintracks.ts +60 -0
package/src/services/chaintracker/chaintracks/index.all.ts +12 -0
package/src/services/chaintracker/chaintracks/index.client.ts +4 -0
package/src/services/chaintracker/chaintracks/index.mobile.ts +37 -0
package/src/services/chaintracker/chaintracks/util/BulkFileDataManager.ts +975 -0
package/src/services/chaintracker/chaintracks/util/BulkFileDataReader.ts +60 -0
package/src/services/chaintracker/chaintracks/util/BulkFilesReader.ts +336 -0
package/src/services/chaintracker/chaintracks/util/BulkHeaderFile.ts +247 -0
package/src/services/chaintracker/chaintracks/util/ChaintracksFetch.ts +69 -0
package/src/services/chaintracker/chaintracks/util/ChaintracksFs.ts +141 -0
package/src/services/chaintracker/chaintracks/util/HeightRange.ts +153 -0
package/src/services/chaintracker/chaintracks/util/SingleWriterMultiReaderLock.ts +76 -0
package/src/services/chaintracker/chaintracks/util/__tests/BulkFileDataManager.test.ts +304 -0
package/src/services/chaintracker/chaintracks/util/__tests/ChaintracksFetch.test.ts +60 -0
package/src/services/chaintracker/chaintracks/util/__tests/HeightRange.test.ts +67 -0
package/src/services/chaintracker/chaintracks/util/__tests/SingleWriterMultiReaderLock.test.ts +49 -0
package/src/services/chaintracker/chaintracks/util/blockHeaderUtilities.ts +573 -0
package/src/services/chaintracker/chaintracks/util/dirtyHashes.ts +29 -0
package/src/services/chaintracker/chaintracks/util/validBulkHeaderFilesByFileHash.ts +432 -0
package/src/services/chaintracker/index.all.ts +4 -0
package/src/services/chaintracker/index.client.ts +4 -0
package/src/services/chaintracker/index.mobile.ts +4 -0
package/src/services/createDefaultWalletServicesOptions.ts +77 -0
package/src/services/index.ts +1 -0
package/src/services/processingErrors/arcSuccessError.json +76 -0
package/src/services/providers/ARC.ts +350 -0
package/src/services/providers/Bitails.ts +256 -0
package/src/services/providers/SdkWhatsOnChain.ts +83 -0
package/src/services/providers/WhatsOnChain.ts +883 -0
package/src/services/providers/__tests/WhatsOnChain.test.ts +242 -0
package/src/services/providers/__tests/exchangeRates.test.ts +18 -0
package/src/services/providers/exchangeRates.ts +265 -0
package/src/services/providers/getBeefForTxid.ts +369 -0
package/src/signer/README.md +5 -0
package/src/signer/WalletSigner.ts +17 -0
package/src/signer/methods/acquireDirectCertificate.ts +52 -0
package/src/signer/methods/buildSignableTransaction.ts +183 -0
package/src/signer/methods/completeSignedTransaction.ts +117 -0
package/src/signer/methods/createAction.ts +172 -0
package/src/signer/methods/internalizeAction.ts +106 -0
package/src/signer/methods/proveCertificate.ts +43 -0
package/src/signer/methods/signAction.ts +54 -0
package/src/storage/README.md +14 -0
package/src/storage/StorageIdb.ts +2304 -0
package/src/storage/StorageKnex.ts +1425 -0
package/src/storage/StorageProvider.ts +810 -0
package/src/storage/StorageReader.ts +194 -0
package/src/storage/StorageReaderWriter.ts +432 -0
package/src/storage/StorageSyncReader.ts +34 -0
package/src/storage/WalletStorageManager.ts +943 -0
package/src/storage/__test/StorageIdb.test.ts +43 -0
package/src/storage/__test/WalletStorageManager.test.ts +275 -0
package/src/storage/__test/adminStats.man.test.ts +89 -0
package/src/storage/__test/getBeefForTransaction.test.ts +385 -0
package/src/storage/index.all.ts +11 -0
package/src/storage/index.client.ts +7 -0
package/src/storage/index.mobile.ts +6 -0
package/src/storage/methods/ListActionsSpecOp.ts +70 -0
package/src/storage/methods/ListOutputsSpecOp.ts +129 -0
package/src/storage/methods/__test/GenerateChange/generateChangeSdk.test.ts +1057 -0
package/src/storage/methods/__test/GenerateChange/randomValsUsed1.ts +20 -0
package/src/storage/methods/__test/offsetKey.test.ts +274 -0
package/src/storage/methods/attemptToPostReqsToNetwork.ts +389 -0
package/src/storage/methods/createAction.ts +947 -0
package/src/storage/methods/generateChange.ts +556 -0
package/src/storage/methods/getBeefForTransaction.ts +139 -0
package/src/storage/methods/getSyncChunk.ts +293 -0
package/src/storage/methods/internalizeAction.ts +562 -0
package/src/storage/methods/listActionsIdb.ts +183 -0
package/src/storage/methods/listActionsKnex.ts +226 -0
package/src/storage/methods/listCertificates.ts +73 -0
package/src/storage/methods/listOutputsIdb.ts +203 -0
package/src/storage/methods/listOutputsKnex.ts +263 -0
package/src/storage/methods/offsetKey.ts +89 -0
package/src/storage/methods/processAction.ts +420 -0
package/src/storage/methods/purgeData.ts +251 -0
package/src/storage/methods/purgeDataIdb.ts +10 -0
package/src/storage/methods/reviewStatus.ts +101 -0
package/src/storage/methods/reviewStatusIdb.ts +43 -0
package/src/storage/methods/utils.Buffer.ts +33 -0
package/src/storage/methods/utils.ts +56 -0
package/src/storage/remoting/StorageClient.ts +567 -0
package/src/storage/remoting/StorageMobile.ts +544 -0
package/src/storage/remoting/StorageServer.ts +291 -0
package/src/storage/remoting/__test/StorageClient.test.ts +113 -0
package/src/storage/schema/KnexMigrations.ts +489 -0
package/src/storage/schema/StorageIdbSchema.ts +150 -0
package/src/storage/schema/entities/EntityBase.ts +210 -0
package/src/storage/schema/entities/EntityCertificate.ts +188 -0
package/src/storage/schema/entities/EntityCertificateField.ts +136 -0
package/src/storage/schema/entities/EntityCommission.ts +148 -0
package/src/storage/schema/entities/EntityOutput.ts +290 -0
package/src/storage/schema/entities/EntityOutputBasket.ts +153 -0
package/src/storage/schema/entities/EntityOutputTag.ts +121 -0
package/src/storage/schema/entities/EntityOutputTagMap.ts +123 -0
package/src/storage/schema/entities/EntityProvenTx.ts +319 -0
package/src/storage/schema/entities/EntityProvenTxReq.ts +580 -0
package/src/storage/schema/entities/EntitySyncState.ts +389 -0
package/src/storage/schema/entities/EntityTransaction.ts +306 -0
package/src/storage/schema/entities/EntityTxLabel.ts +121 -0
package/src/storage/schema/entities/EntityTxLabelMap.ts +123 -0
package/src/storage/schema/entities/EntityUser.ts +112 -0
package/src/storage/schema/entities/MergeEntity.ts +73 -0
package/src/storage/schema/entities/__tests/CertificateFieldTests.test.ts +353 -0
package/src/storage/schema/entities/__tests/CertificateTests.test.ts +354 -0
package/src/storage/schema/entities/__tests/CommissionTests.test.ts +371 -0
package/src/storage/schema/entities/__tests/OutputBasketTests.test.ts +278 -0
package/src/storage/schema/entities/__tests/OutputTagMapTests.test.ts +242 -0
package/src/storage/schema/entities/__tests/OutputTagTests.test.ts +288 -0
package/src/storage/schema/entities/__tests/OutputTests.test.ts +464 -0
package/src/storage/schema/entities/__tests/ProvenTxReqTests.test.ts +340 -0
package/src/storage/schema/entities/__tests/ProvenTxTests.test.ts +504 -0
package/src/storage/schema/entities/__tests/SyncStateTests.test.ts +288 -0
package/src/storage/schema/entities/__tests/TransactionTests.test.ts +604 -0
package/src/storage/schema/entities/__tests/TxLabelMapTests.test.ts +361 -0
package/src/storage/schema/entities/__tests/TxLabelTests.test.ts +198 -0
package/src/storage/schema/entities/__tests/stampLogTests.test.ts +90 -0
package/src/storage/schema/entities/__tests/usersTests.test.ts +340 -0
package/src/storage/schema/entities/index.ts +16 -0
package/src/storage/schema/tables/TableCertificate.ts +21 -0
package/src/storage/schema/tables/TableCertificateField.ts +12 -0
package/src/storage/schema/tables/TableCommission.ts +13 -0
package/src/storage/schema/tables/TableMonitorEvent.ts +9 -0
package/src/storage/schema/tables/TableOutput.ts +64 -0
package/src/storage/schema/tables/TableOutputBasket.ts +12 -0
package/src/storage/schema/tables/TableOutputTag.ts +10 -0
package/src/storage/schema/tables/TableOutputTagMap.ts +9 -0
package/src/storage/schema/tables/TableProvenTx.ts +14 -0
package/src/storage/schema/tables/TableProvenTxReq.ts +65 -0
package/src/storage/schema/tables/TableSettings.ts +17 -0
package/src/storage/schema/tables/TableSyncState.ts +18 -0
package/src/storage/schema/tables/TableTransaction.ts +54 -0
package/src/storage/schema/tables/TableTxLabel.ts +10 -0
package/src/storage/schema/tables/TableTxLabelMap.ts +9 -0
package/src/storage/schema/tables/TableUser.ts +16 -0
package/src/storage/schema/tables/index.ts +16 -0
package/src/storage/sync/StorageMySQLDojoReader.ts +696 -0
package/src/storage/sync/index.ts +1 -0
package/src/utility/Format.ts +133 -0
package/src/utility/README.md +3 -0
package/src/utility/ReaderUint8Array.ts +187 -0
package/src/utility/ScriptTemplateBRC29.ts +73 -0
package/src/utility/__tests/utilityHelpers.noBuffer.test.ts +109 -0
package/src/utility/aggregateResults.ts +68 -0
package/src/utility/identityUtils.ts +159 -0
package/src/utility/index.all.ts +7 -0
package/src/utility/index.client.ts +7 -0
package/src/utility/parseTxScriptOffsets.ts +29 -0
package/src/utility/stampLog.ts +69 -0
package/src/utility/tscProofToMerklePath.ts +48 -0
package/src/utility/utilityHelpers.buffer.ts +34 -0
package/src/utility/utilityHelpers.noBuffer.ts +60 -0
package/src/utility/utilityHelpers.ts +275 -0
package/src/wab-client/WABClient.ts +94 -0
package/src/wab-client/__tests/WABClient.man.test.ts +59 -0
package/src/wab-client/auth-method-interactors/AuthMethodInteractor.ts +47 -0
package/src/wab-client/auth-method-interactors/DevConsoleInteractor.ts +73 -0
package/src/wab-client/auth-method-interactors/PersonaIDInteractor.ts +35 -0
package/src/wab-client/auth-method-interactors/TwilioPhoneInteractor.ts +72 -0
package/syncVersions.js +71 -0
package/test/Wallet/StorageClient/storageClient.man.test.ts +75 -0
package/test/Wallet/action/abortAction.test.ts +47 -0
package/test/Wallet/action/createAction.test.ts +299 -0
package/test/Wallet/action/createAction2.test.ts +1273 -0
package/test/Wallet/action/createActionToGenerateBeefs.man.test.ts +293 -0
package/test/Wallet/action/internalizeAction.a.test.ts +286 -0
package/test/Wallet/action/internalizeAction.test.ts +682 -0
package/test/Wallet/action/relinquishOutput.test.ts +37 -0
package/test/Wallet/certificate/acquireCertificate.test.ts +298 -0
package/test/Wallet/certificate/listCertificates.test.ts +346 -0
package/test/Wallet/construct/Wallet.constructor.test.ts +57 -0
package/test/Wallet/get/getHeaderForHeight.test.ts +82 -0
package/test/Wallet/get/getHeight.test.ts +52 -0
package/test/Wallet/get/getKnownTxids.test.ts +86 -0
package/test/Wallet/get/getNetwork.test.ts +27 -0
package/test/Wallet/get/getVersion.test.ts +27 -0
package/test/Wallet/list/listActions.test.ts +279 -0
package/test/Wallet/list/listActions2.test.ts +1381 -0
package/test/Wallet/list/listCertificates.test.ts +118 -0
package/test/Wallet/list/listOutputs.test.ts +447 -0
package/test/Wallet/live/walletLive.man.test.ts +521 -0
package/test/Wallet/local/localWallet.man.test.ts +93 -0
package/test/Wallet/local/localWallet2.man.test.ts +277 -0
package/test/Wallet/signAction/mountaintop.man.test.ts +130 -0
package/test/Wallet/specOps/specOps.man.test.ts +220 -0
package/test/Wallet/support/janitor.man.test.ts +40 -0
package/test/Wallet/support/operations.man.test.ts +407 -0
package/test/Wallet/support/reqErrorReview.2025.05.06.man.test.ts +347 -0
package/test/Wallet/sync/Wallet.sync.test.ts +215 -0
package/test/Wallet/sync/Wallet.updateWalletLegacyTestData.man.test.ts +203 -0
package/test/Wallet/sync/setActive.test.ts +170 -0
package/test/WalletClient/LocalKVStore.man.test.ts +114 -0
package/test/WalletClient/WERR.man.test.ts +35 -0
package/test/bsv-ts-sdk/LocalKVStore.test.ts +102 -0
package/test/checkDB.ts +57 -0
package/test/checkdb +0 -0
package/test/examples/backup.man.test.ts +59 -0
package/test/examples/pushdrop.test.ts +282 -0
package/test/monitor/Monitor.test.ts +620 -0
package/test/services/Services.test.ts +263 -0
package/test/storage/KnexMigrations.test.ts +86 -0
package/test/storage/StorageMySQLDojoReader.man.test.ts +60 -0
package/test/storage/count.test.ts +177 -0
package/test/storage/find.test.ts +195 -0
package/test/storage/findLegacy.test.ts +67 -0
package/test/storage/idb/allocateChange.test.ts +251 -0
package/test/storage/idb/count.test.ts +158 -0
package/test/storage/idb/find.test.ts +177 -0
package/test/storage/idb/idbSpeed.test.ts +36 -0
package/test/storage/idb/insert.test.ts +268 -0
package/test/storage/idb/transactionAbort.test.ts +108 -0
package/test/storage/idb/update.test.ts +999 -0
package/test/storage/insert.test.ts +278 -0
package/test/storage/update.test.ts +1021 -0
package/test/storage/update2.test.ts +897 -0
package/test/utils/TestUtilsWalletStorage.ts +2526 -0
package/test/utils/localWalletMethods.ts +363 -0
package/test/utils/removeFailedFromDatabase.sql +17 -0
package/ts2md.json +44 -0
package/tsconfig.all.json +31 -0
package/tsconfig.client.json +29 -0
package/tsconfig.json +17 -0
package/tsconfig.mobile.json +28 -0

package/src/__tests/CWIStyleWalletManager.test.ts ADDED Viewed

@@ -0,0 +1,675 @@
+import { WalletInterface, Random, Hash, Utils, PrivateKey, SymmetricKey } from '@bsv/sdk'
+import { PrivilegedKeyManager } from '../sdk'
+import { CWIStyleWalletManager, PBKDF2_NUM_ROUNDS, UMPToken, UMPTokenInteractor } from '../CWIStyleWalletManager'
+import { jest } from '@jest/globals'
+jest.useFakeTimers()
+// ------------------------------------------------------------------------------------------
+// Mocks and Utilities
+// ------------------------------------------------------------------------------------------
+/** A utility to create an Outpoint string for test usage. */
+function makeOutpoint(txid: string, vout: number): string {
+  return `${txid}:${vout}`
+}
+/**
+ * A mock underlying WalletInterface to verify that proxy methods:
+ *  1. Are not callable if not authenticated
+ *  2. Are disallowed if originator is admin
+ *  3. Forward to the real method if conditions pass
+ */
+const mockUnderlyingWallet = {
+  getPublicKey: jest.fn(),
+  revealCounterpartyKeyLinkage: jest.fn(),
+  revealSpecificKeyLinkage: jest.fn(),
+  encrypt: jest.fn(),
+  decrypt: jest.fn(),
+  createHmac: jest.fn(),
+  verifyHmac: jest.fn(),
+  createSignature: jest.fn(),
+  verifySignature: jest.fn(),
+  createAction: jest.fn(),
+  signAction: jest.fn(),
+  abortAction: jest.fn(),
+  listActions: jest.fn(),
+  internalizeAction: jest.fn(),
+  listOutputs: jest.fn(),
+  relinquishOutput: jest.fn(),
+  acquireCertificate: jest.fn(),
+  listCertificates: jest.fn(),
+  proveCertificate: jest.fn(),
+  relinquishCertificate: jest.fn(),
+  discoverByIdentityKey: jest.fn(),
+  discoverByAttributes: jest.fn(),
+  isAuthenticated: jest.fn(),
+  waitForAuthentication: jest.fn(),
+  getHeight: jest.fn(),
+  getHeaderForHeight: jest.fn(),
+  getNetwork: jest.fn(),
+  getVersion: jest.fn()
+} as unknown as WalletInterface
+/**
+ * A mock function that simulates building an underlying wallet.
+ */
+const mockWalletBuilder = jest.fn(async (primaryKey, privilegedKeyManager) => {
+  // Return our mock underlying wallet object.
+  return mockUnderlyingWallet
+})
+/**
+ * A mock UMPTokenInteractor implementation.
+ * We can track whether buildAndSend is called with the right arguments, etc.
+ */
+const mockUMPTokenInteractor: UMPTokenInteractor = {
+  findByPresentationKeyHash: jest.fn(async (hash: number[]) => undefined),
+  findByRecoveryKeyHash: jest.fn(async (hash: number[]) => undefined),
+  buildAndSend: jest.fn(
+    async (wallet: WalletInterface, admin: string, token: UMPToken, oldToken?: UMPToken) => 'abcd.0'
+  )
+}
+/**
+ * A mock "recoveryKeySaver" that claims it always saved the key successfully.
+ */
+const mockRecoveryKeySaver = jest.fn(async (key: number[]) => true as true)
+/**
+ * A mock "passwordRetriever" that we can customize to return a specific password
+ * or throw if needed.
+ */
+const mockPasswordRetriever = jest.fn(async () => 'test-password')
+const XOR = (n1: number[], n2: number[]): number[] => {
+  if (n1.length !== n2.length) {
+    throw new Error('lengths mismatch')
+  }
+  const r = new Array<number>(n1.length)
+  for (let i = 0; i < n1.length; i++) {
+    r[i] = n1[i] ^ n2[i]
+  }
+  return r
+}
+// Generate some globals
+const presentationKey = Random(32)
+const recoveryKey = Random(32)
+const passwordSalt = Random(32)
+const passwordKey = Hash.pbkdf2(Utils.toArray('test-password', 'utf8'), passwordSalt, PBKDF2_NUM_ROUNDS, 32, 'sha512')
+const primaryKey = Random(32)
+const privilegedKey = Random(32)
+/**
+ * A helper function to create a minimal valid UMP token.
+ * This can be used to mock a stored token for existing users.
+ */
+async function createMockUMPToken(): Promise<UMPToken> {
+  const presentationPassword = new SymmetricKey(XOR(presentationKey, passwordKey))
+  const presentationRecovery = new SymmetricKey(XOR(presentationKey, recoveryKey))
+  const recoveryPassword = new SymmetricKey(XOR(recoveryKey, passwordKey))
+  const primaryPassword = new SymmetricKey(XOR(primaryKey, passwordKey))
+  const tempPrivilegedKeyManager = new PrivilegedKeyManager(async () => new PrivateKey(privilegedKey))
+  return {
+    passwordSalt,
+    passwordPresentationPrimary: presentationPassword.encrypt(primaryKey) as number[],
+    passwordRecoveryPrimary: recoveryPassword.encrypt(primaryKey) as number[],
+    presentationRecoveryPrimary: presentationRecovery.encrypt(primaryKey) as number[],
+    passwordPrimaryPrivileged: primaryPassword.encrypt(privilegedKey) as number[],
+    presentationRecoveryPrivileged: presentationRecovery.encrypt(privilegedKey) as number[],
+    presentationHash: Hash.sha256(presentationKey),
+    recoveryHash: Hash.sha256(recoveryKey),
+    presentationKeyEncrypted: (
+      await tempPrivilegedKeyManager.encrypt({
+        plaintext: presentationKey,
+        protocolID: [2, 'admin key wrapping'],
+        keyID: '1'
+      })
+    ).ciphertext,
+    passwordKeyEncrypted: (
+      await tempPrivilegedKeyManager.encrypt({
+        plaintext: passwordKey,
+        protocolID: [2, 'admin key wrapping'],
+        keyID: '1'
+      })
+    ).ciphertext,
+    recoveryKeyEncrypted: (
+      await tempPrivilegedKeyManager.encrypt({
+        plaintext: recoveryKey,
+        protocolID: [2, 'admin key wrapping'],
+        keyID: '1'
+      })
+    ).ciphertext,
+    currentOutpoint: 'abcd:0'
+  }
+}
+describe('CWIStyleWalletManager Tests', () => {
+  let manager: CWIStyleWalletManager
+  beforeEach(() => {
+    // Reset all mock calls
+    jest.clearAllMocks()
+    // We create a new manager for each test, with no initial snapshot
+    manager = new CWIStyleWalletManager(
+      'admin.walletvendor.com', // admin originator
+      mockWalletBuilder,
+      mockUMPTokenInteractor,
+      mockRecoveryKeySaver,
+      mockPasswordRetriever
+      // no state snapshot
+    )
+  })
+  // ----------------------------------------------------------------------------------------
+  // Private method tests (just to ensure coverage).
+  // We'll call them via (manager as any).somePrivateMethod(...) if needed.
+  // ----------------------------------------------------------------------------------------
+  test('XOR function: verifies correctness', () => {
+    const fnXOR = (manager as any).XOR as (a: number[], b: number[]) => number[]
+    const a = [0x00, 0xff, 0xaa]
+    const b = [0xff, 0xff, 0x55]
+    const result = fnXOR(a, b)
+    // 0x00 ^ 0xFF = 0xFF
+    // 0xFF ^ 0xFF = 0x00
+    // 0xAA ^ 0x55 = 0xFF
+    expect(result).toEqual([0xff, 0x00, 0xff])
+  })
+  // ----------------------------------------------------------------------------------------
+  // Authentication flows
+  // ----------------------------------------------------------------------------------------
+  describe('New user flow: presentation + password', () => {
+    test('Successfully creates a new token and calls buildAndSend', async () => {
+      // New wallet funder is a mock function
+      const newWalletFunder = jest.fn(() => {})
+      ;(manager as any).newWalletFunder = newWalletFunder
+      // Mock that no token is found by presentation key hash
+      ;(mockUMPTokenInteractor.findByPresentationKeyHash as any).mockResolvedValueOnce(undefined)
+      // Provide a presentation key
+      await manager.providePresentationKey(presentationKey)
+      expect(manager.authenticationFlow).toBe('new-user')
+      // Provide a password
+      mockPasswordRetriever.mockResolvedValueOnce('dummy-password')
+      await manager.providePassword('dummy-password')
+      // The wallet should now be built, so manager is authenticated
+      expect(manager.authenticated).toBe(true)
+      // Recovery key saver should have been called
+      expect(mockRecoveryKeySaver).toHaveBeenCalledTimes(1)
+      // The underlying wallet builder should have been called exactly once
+      expect(mockWalletBuilder).toHaveBeenCalledTimes(1)
+      // The manager should have called buildAndSend on the interactor
+      expect(mockUMPTokenInteractor.buildAndSend).toHaveBeenCalledTimes(1)
+      const buildArgs = (mockUMPTokenInteractor.buildAndSend as any).mock.calls[0]
+      // [0] => the wallet, [1] => adminOriginator, [2] => newToken, [3] => oldToken
+      expect(buildArgs[1]).toBe('admin.walletvendor.com')
+      expect(buildArgs[2]).toHaveProperty('presentationHash')
+      expect(buildArgs[3]).toBeUndefined() // Because it's a new user (no old token)
+      expect(newWalletFunder).toHaveBeenCalled() // New wallet funder should have been called
+    })
+    test('Throws if user tries to provide recovery key during new-user flow', async () => {
+      // Mark it as new user flow by no token found
+      ;(mockUMPTokenInteractor.findByPresentationKeyHash as any).mockResolvedValueOnce(undefined)
+      await manager.providePresentationKey(Array.from({ length: 32 }, () => 1))
+      await expect(manager.provideRecoveryKey(Array.from({ length: 32 }, () => 2))).rejects.toThrow(
+        'Do not submit recovery key in new-user flow'
+      )
+    })
+  })
+  describe('Existing user flow: presentation + password', () => {
+    test('Decryption of primary key and building the wallet', async () => {
+      // Provide a mock UMP token
+      const mockToken = await createMockUMPToken()
+      ;(mockUMPTokenInteractor.findByPresentationKeyHash as any).mockResolvedValueOnce(mockToken)
+      // Provide presentation
+      await manager.providePresentationKey(presentationKey)
+      expect(manager.authenticationFlow).toBe('existing-user')
+      // Provide password
+      // The manager's internal code will do PBKDF2 with the password + token.passwordSalt
+      // Then XOR that with the presentation key for decryption.
+      await manager.providePassword('test-password')
+      // Check that manager is authenticated
+      expect(manager.authenticated).toBe(true)
+      // Underlying wallet is built
+      expect(mockWalletBuilder).toHaveBeenCalledTimes(1)
+    })
+  })
+  describe('Existing user flow: presentation + recovery key', () => {
+    beforeEach(async () => {
+      manager.authenticationMode = 'presentation-key-and-recovery-key'
+      manager.authenticationFlow = 'existing-user'
+    })
+    test('Successfully decrypts with presentation+recovery', async () => {
+      // Provide a mock UMP token
+      const mockToken = await createMockUMPToken()
+      ;(mockUMPTokenInteractor.findByPresentationKeyHash as any).mockResolvedValueOnce(mockToken)
+      await manager.providePresentationKey(presentationKey)
+      // Provide the recovery key.
+      // In "presentation-key-and-recovery-key" mode, the manager won't need the password at all.
+      await manager.provideRecoveryKey(recoveryKey)
+      expect(manager.authenticated).toBe(true)
+      expect(mockWalletBuilder).toHaveBeenCalledTimes(1)
+    })
+    test('Throws if presentation key not provided first', async () => {
+      const recoveryKey = Array.from({ length: 32 }, () => 8)
+      await expect(manager.provideRecoveryKey(recoveryKey)).rejects.toThrow('Provide the presentation key first')
+    })
+  })
+  describe('Existing user flow: recovery key + password', () => {
+    beforeEach(async () => {
+      manager.authenticationMode = 'recovery-key-and-password'
+      manager.authenticationFlow = 'existing-user'
+    })
+    test('Works with correct keys, sets mode as existing-user', async () => {
+      const mockToken = await createMockUMPToken()
+      ;(mockUMPTokenInteractor.findByRecoveryKeyHash as any).mockResolvedValueOnce(mockToken)
+      // Provide recovery key
+      await manager.provideRecoveryKey(recoveryKey)
+      // Provide password
+      await manager.providePassword('test-password')
+      expect(manager.authenticated).toBe(true)
+      expect(mockWalletBuilder).toHaveBeenCalledTimes(1)
+    })
+    test('Throws if no token found by recovery key hash', async () => {
+      ;(mockUMPTokenInteractor.findByRecoveryKeyHash as any).mockResolvedValueOnce(undefined)
+      await expect(manager.provideRecoveryKey(recoveryKey)).rejects.toThrow('No user found with this recovery key')
+    })
+  })
+  // ----------------------------------------------------------------------------------------
+  // Snapshots
+  // ----------------------------------------------------------------------------------------
+  describe('saveSnapshot / loadSnapshot', () => {
+    test('Saves a snapshot and can load it into a fresh manager instance', async () => {
+      // We'll do a new user flow so that manager is authenticated with a real token.
+      ;(mockUMPTokenInteractor.findByPresentationKeyHash as any).mockResolvedValueOnce(undefined)
+      const presKey = Array.from({ length: 32 }, () => 0xa1)
+      await manager.providePresentationKey(presKey)
+      await manager.providePassword('mypassword') // triggers creation of new user
+      const snapshot = manager.saveSnapshot()
+      expect(Array.isArray(snapshot)).toBe(true)
+      expect(snapshot.length).toBeGreaterThan(64) // 32 bytes + encrypted data
+      // Now create a fresh manager:
+      const freshManager = new CWIStyleWalletManager(
+        'admin.walletvendor.com',
+        mockWalletBuilder,
+        mockUMPTokenInteractor,
+        mockRecoveryKeySaver,
+        mockPasswordRetriever
+      )
+      // Not authenticated yet
+      await expect(() => freshManager.getPublicKey({ identityKey: true })).rejects.toThrow('User is not authenticated')
+      // Load the snapshot
+      await freshManager.loadSnapshot(snapshot)
+      // The fresh manager is now authenticated (underlying wallet will be built).
+      await expect(freshManager.getPublicKey({ identityKey: true })).resolves.not.toThrow()
+      // It calls walletBuilder again
+      expect(mockWalletBuilder).toHaveBeenCalledTimes(2) // once for the old manager, once for the fresh
+    })
+    test('Throws error if saving snapshot while no primary key or token set', async () => {
+      // Manager is not yet authenticated
+      expect(() => manager.saveSnapshot()).toThrow('No root primary key or current UMP token set')
+    })
+    test('Throws if snapshot is corrupt or cannot be decrypted', async () => {
+      // Attempt to load an invalid snapshot
+      await expect(() => manager.loadSnapshot([1, 2, 3])).rejects.toThrow('Failed to load snapshot')
+    })
+  })
+  // ----------------------------------------------------------------------------------------
+  // Changing Keys
+  // ----------------------------------------------------------------------------------------
+  describe('Change Password', () => {
+    test('Requires authentication and updates the UMP token on-chain', async () => {
+      ;(mockUMPTokenInteractor.findByPresentationKeyHash as any).mockResolvedValueOnce(undefined)
+      manager = new CWIStyleWalletManager(
+        'admin.walletvendor.com',
+        mockWalletBuilder,
+        mockUMPTokenInteractor,
+        mockRecoveryKeySaver,
+        async () => 'test-password'
+      )
+      await manager.providePresentationKey(presentationKey)
+      await manager.providePassword('test-password')
+      expect(manager.authenticated).toBe(true)
+      await manager.changePassword('new-pass')
+      expect(mockUMPTokenInteractor.buildAndSend).toHaveBeenCalledTimes(2)
+    })
+    test('Throws if not authenticated', async () => {
+      await expect(manager.changePassword('test-password')).rejects.toThrow(
+        'Not authenticated or missing required data.'
+      )
+    })
+  })
+  describe('Change Recovery Key', () => {
+    test('Prompts to save the new key, updates the token', async () => {
+      ;(mockUMPTokenInteractor.findByPresentationKeyHash as any).mockResolvedValueOnce(undefined)
+      manager = new CWIStyleWalletManager(
+        'admin.walletvendor.com',
+        mockWalletBuilder,
+        mockUMPTokenInteractor,
+        mockRecoveryKeySaver,
+        async () => 'test-password'
+      )
+      await manager.providePresentationKey(presentationKey)
+      await manager.providePassword('test-password')
+      expect(manager.authenticated).toBe(true)
+      ;(mockUMPTokenInteractor.buildAndSend as any).mockResolvedValueOnce(makeOutpoint('rcv1', 0))
+      await manager.changeRecoveryKey()
+      // The user is prompted to store the new key
+      expect(mockRecoveryKeySaver).toHaveBeenCalledTimes(2) // once when user created, once after changed
+      // The UMP token is updated
+      expect(mockUMPTokenInteractor.buildAndSend).toHaveBeenCalledTimes(2)
+    })
+    test('Throws if not authenticated', async () => {
+      await expect(manager.changeRecoveryKey()).rejects.toThrow('Not authenticated or missing required data.')
+    })
+  })
+  describe('Change Presentation Key', () => {
+    test('Requires authentication, re-publishes the token, old token consumed', async () => {
+      ;(mockUMPTokenInteractor.findByPresentationKeyHash as any).mockResolvedValueOnce(undefined)
+      manager = new CWIStyleWalletManager(
+        'admin.walletvendor.com',
+        mockWalletBuilder,
+        mockUMPTokenInteractor,
+        mockRecoveryKeySaver,
+        async () => 'test-password'
+      )
+      await manager.providePresentationKey(presentationKey)
+      await manager.providePassword('test-password')
+      expect(manager.authenticated).toBe(true)
+      ;(mockUMPTokenInteractor.buildAndSend as any).mockResolvedValueOnce(makeOutpoint('rcv1', 0))
+      const newPresKey = Array.from({ length: 32 }, () => 0xee)
+      await manager.changePresentationKey(newPresKey)
+      expect(mockUMPTokenInteractor.buildAndSend).toHaveBeenCalledTimes(2)
+    })
+  })
+  describe('Profile management', () => {
+    test('addProfile adds a new profile and updates the UMP token', async () => {
+      ;(mockUMPTokenInteractor.findByPresentationKeyHash as any).mockResolvedValueOnce(undefined)
+      await manager.providePresentationKey(presentationKey)
+      await manager.providePassword('test-password')
+      expect(manager.authenticated).toBe(true)
+      const initialProfiles = manager.listProfiles()
+      expect(initialProfiles).toHaveLength(1)
+      expect(initialProfiles[0].name).toBe('default')
+      const getFactorSpy = jest.spyOn(manager as any, 'getFactor').mockImplementation(async () => Random(32))
+      ;(mockUMPTokenInteractor.buildAndSend as any).mockClear()
+      const newProfileId = await manager.addProfile('Work')
+      expect(Array.isArray(newProfileId)).toBe(true)
+      expect(newProfileId.length).toBe(16)
+      const updatedProfiles = manager.listProfiles()
+      expect(updatedProfiles).toHaveLength(2)
+      const workProfile = updatedProfiles.find(p => p.name === 'Work')
+      expect(workProfile).toBeDefined()
+      expect(workProfile!.active).toBe(false)
+      expect(mockUMPTokenInteractor.buildAndSend).toHaveBeenCalledTimes(1)
+      getFactorSpy.mockRestore()
+    })
+    test('syncUMPToken refreshes UMP token and profiles from overlay when newer token exists', async () => {
+      ;(mockUMPTokenInteractor.findByPresentationKeyHash as any).mockResolvedValueOnce(undefined)
+      await manager.providePresentationKey(presentationKey)
+      await manager.providePassword('test-password')
+      expect(manager.authenticated).toBe(true)
+      const originalToken = (manager as any).currentUMPToken as UMPToken
+      const rootPrimaryKey = (manager as any).rootPrimaryKey as number[]
+      const extraProfile = {
+        name: 'overlay-profile',
+        id: Random(16),
+        primaryPad: Random(32),
+        privilegedPad: Random(32),
+        createdAt: Math.floor(Date.now() / 1000)
+      }
+      const profilesJson = JSON.stringify([extraProfile])
+      const profilesBytes = Utils.toArray(profilesJson, 'utf8')
+      const profilesEncrypted = new SymmetricKey(rootPrimaryKey).encrypt(profilesBytes) as number[]
+      const updatedToken: UMPToken = {
+        ...originalToken,
+        currentOutpoint: makeOutpoint('overlay-tx', 0),
+        profilesEncrypted
+      }
+      const saveSnapshotSpy = jest.spyOn(manager, 'saveSnapshot')
+      ;(mockUMPTokenInteractor.findByPresentationKeyHash as any).mockResolvedValueOnce(updatedToken)
+      const result = await manager.syncUMPToken()
+      expect(result).toBe(true)
+      expect(saveSnapshotSpy).toHaveBeenCalled()
+      saveSnapshotSpy.mockRestore()
+      const profiles = manager.listProfiles()
+      expect(profiles.some(p => p.name === 'overlay-profile')).toBe(true)
+    })
+  })
+  test('Destroy callback clears sensitive data', async () => {
+    // authenticate as new user
+    ;(mockUMPTokenInteractor.findByPresentationKeyHash as any).mockResolvedValueOnce(undefined)
+    await manager.providePresentationKey(Array.from({ length: 32 }, () => 12))
+    await manager.providePassword('some-pass')
+    // manager is authenticated
+    expect(manager.authenticated).toBe(true)
+    // Destroy
+    manager.destroy()
+    expect(manager.authenticated).toBe(false)
+    // And we can confirm that manager won't allow calls
+    await expect(() => manager.getPublicKey({ identityKey: true })).rejects.toThrow('User is not authenticated')
+  })
+  // ----------------------------------------------------------------------------------------
+  // Proxies / originator checks
+  // ----------------------------------------------------------------------------------------
+  describe('Proxy method calls', () => {
+    beforeEach(async () => {
+      // authenticate
+      ;(mockUMPTokenInteractor.findByPresentationKeyHash as any).mockResolvedValueOnce(undefined)
+      await manager.providePresentationKey(presentationKey)
+      await manager.providePassword('test-password')
+    })
+    test('Throws if user is not authenticated', async () => {
+      // force de-auth
+      ;(manager as any).authenticated = false
+      await expect(() => manager.getPublicKey({ identityKey: true })).rejects.toThrow('User is not authenticated.')
+    })
+    test('Throws if originator is adminOriginator', async () => {
+      await expect(manager.getPublicKey({ identityKey: true }, 'admin.walletvendor.com')).rejects.toThrow(
+        'External applications are not allowed to use the admin originator.'
+      )
+    })
+    test('Passes if user is authenticated and originator is not admin', async () => {
+      await manager.getPublicKey({ identityKey: true }, 'example.com')
+      expect(mockUnderlyingWallet.getPublicKey).toHaveBeenCalledTimes(1)
+    })
+    test('All proxied methods call underlying with correct arguments', async () => {
+      // We'll do a quick spot-check of a few methods:
+      await manager.encrypt({ plaintext: [1, 2, 3], protocolID: [1, 'tests'], keyID: '1' }, 'mydomain.com')
+      expect(mockUnderlyingWallet.encrypt).toHaveBeenCalledWith(
+        { plaintext: [1, 2, 3], protocolID: [1, 'tests'], keyID: '1' },
+        'mydomain.com'
+      )
+      // TODO: Test all other proxied methods
+    })
+    test('isAuthenticated() rejects if originator is admin, resolves otherwise', async () => {
+      // If admin tries:
+      await expect(manager.isAuthenticated({}, 'admin.walletvendor.com')).rejects.toThrow(
+        'External applications are not allowed to use the admin originator.'
+      )
+      // If normal domain:
+      const result = await manager.isAuthenticated({}, 'normal.com')
+      expect(result).toEqual({ authenticated: true })
+    })
+    test('waitForAuthentication() eventually resolves', async () => {
+      // Already authenticated from beforeEach. So it should immediately return.
+      await manager.waitForAuthentication({}, 'normal.com')
+      expect(mockUnderlyingWallet.waitForAuthentication).toHaveBeenCalledTimes(1)
+    })
+  })
+  describe('Additional Tests for Password Retriever Callback, Privileged Key Expiry, and UMP Token Serialization', () => {
+    let manager: CWIStyleWalletManager
+    beforeEach(() => {
+      jest.clearAllMocks()
+      manager = new CWIStyleWalletManager(
+        'admin.walletvendor.com',
+        mockWalletBuilder,
+        mockUMPTokenInteractor,
+        mockRecoveryKeySaver,
+        mockPasswordRetriever
+      )
+    })
+    test('serializeUMPToken and deserializeUMPToken correctly round-trip a UMP token', async () => {
+      const token = await createMockUMPToken()
+      // We need a token with a currentOutpoint for serialization.
+      expect(token.currentOutpoint).toBeDefined()
+      const serializeFn = (manager as any).serializeUMPToken as (token: UMPToken) => number[]
+      const deserializeFn = (manager as any).deserializeUMPToken as (bin: number[]) => UMPToken
+      const serialized = serializeFn(token)
+      expect(Array.isArray(serialized)).toBe(true)
+      expect(serialized.length).toBeGreaterThan(0)
+      const deserialized = deserializeFn(serialized)
+      expect(deserialized).toEqual(token)
+    })
+    test('Password retriever callback: the test function is passed and returns a boolean', async () => {
+      let capturedTestFn: ((candidate: string) => boolean) | null = null
+      const customPasswordRetriever = jest.fn(async (reason: string, testFn: (candidate: string) => boolean) => {
+        capturedTestFn = testFn
+        // In a real scenario the test function would validate a candidate.
+        // For our test we simply return the correct password.
+        return 'test-password'
+      })
+      ;(manager as any).passwordRetriever = customPasswordRetriever
+      // Force a new-user flow by having no token found.
+      ;(mockUMPTokenInteractor.findByPresentationKeyHash as any).mockResolvedValueOnce(undefined)
+      await manager.providePresentationKey(presentationKey)
+      await manager.providePassword('test-password')
+      expect(manager.authenticated).toBe(true)
+      // Clear the privileged key so the callback gets ran
+      jest.advanceTimersByTime(121_000)
+      // Let's trigger a privileged operation
+      await manager.changePassword('test-password') // trigger some privileged operation...
+      expect(customPasswordRetriever).toHaveBeenCalled()
+      expect(capturedTestFn).not.toBeNull()
+      // Since the internal test function is defined inline, we simply check that its output is a boolean.
+      // (Its logic uses the outer scope and may not use its argument correctly, but we verify that it at least returns a boolean.)
+      const testResult = capturedTestFn!('any-input')
+      expect(typeof testResult).toBe('boolean')
+      expect(capturedTestFn!('any-input')).toBe(false)
+      expect(capturedTestFn!('test-password')).toBe(true)
+    })
+    test('Privileged key expiry: each call to decrypt via the privileged manager invokes passwordRetriever', async () => {
+      // In a new-user flow, buildUnderlying is called without a privilegedKey,
+      // so any later use of the privileged manager will trigger a password prompt.
+      const customPasswordRetriever = jest.fn(async (reason: string, testFn: (candidate: string) => boolean) => {
+        return 'test-password'
+      })
+      ;(manager as any).passwordRetriever = customPasswordRetriever
+      // New-user flow (no existing token)
+      ;(mockUMPTokenInteractor.findByPresentationKeyHash as any).mockResolvedValueOnce(undefined)
+      await manager.providePresentationKey(presentationKey)
+      await manager.providePassword('test-password')
+      // Clear any calls recorded during authentication.
+      customPasswordRetriever.mockClear()
+      // Call the underlying privileged key manager’s decrypt twice.
+      // (For example, we use the ciphertext from one of the token’s encrypted fields.)
+      await (manager as any).rootPrivilegedKeyManager.decrypt({
+        ciphertext: (manager as any).currentUMPToken.passwordKeyEncrypted,
+        protocolID: [2, 'admin key wrapping'],
+        keyID: '1'
+      })
+      // Key expires after 2 minutes
+      jest.advanceTimersByTime(121_000)
+      await (manager as any).rootPrivilegedKeyManager.decrypt({
+        ciphertext: (manager as any).currentUMPToken.passwordKeyEncrypted,
+        protocolID: [2, 'admin key wrapping'],
+        keyID: '1'
+      })
+      // Since no ephemeral privileged key was provided when building the underlying wallet,
+      // each call to decrypt should have resulted in a call to passwordRetriever.
+      expect(customPasswordRetriever).toHaveBeenCalledTimes(2)
+    })
+  })
+})