@bopen-io/wallet-toolbox 1.7.19 → 1.7.20-idb-fix.2

package/SECURITY-ISSUE-WPM-TOKEN-THEFT.md

@@ -0,0 +1,218 @@
+# Security Issue: WalletPermissionsManager Token/Ordinal Theft Vulnerability
+
+## Summary
+
+A malicious dApp can transfer tokens and ordinals out of a user's wallet without triggering the `onSpendingAuthorizationRequested` callback, bypassing the spending permission prompt entirely.
+
+## Severity
+
+**HIGH** - This vulnerability allows unauthorized transfer of tokenized assets (ordinals, BSV21 tokens) without user consent.
+
+## Affected Component
+
+`WalletPermissionsManager.createAction()` in [src/WalletPermissionsManager.ts](src/WalletPermissionsManager.ts#L2598-L2832)
+
+## Vulnerability Details
+
+### Root Cause
+
+The spending authorization check in `createAction` only triggers when `netSpent > 0`:
+
+```typescript
+// Line 2798-2813
+netSpent = totalOutputSatoshis + tx.getFee() - totalInputSatoshis
+
+if (netSpent > 0) {
+  try {
+    await this.ensureSpendingAuthorization({
+      originator: originator!,
+      satoshis: netSpent,
+      lineItems,
+      reason: originalDescription
+    })
+  } catch (err) {
+    await this.underlying.abortAction({ reference })
+    throw err
+  }
+}
+```
+
+The `netSpent` calculation is based purely on satoshi value:
+- `totalOutputSatoshis` = sum of dApp-requested outputs
+- `totalInputSatoshis` = sum of dApp-requested inputs
+- `netSpent` = outputs + fee - inputs
+
+### The Problem
+
+This logic only considers satoshi flow, ignoring that UTXOs may carry tokenized assets:
+
+1. **1Sat Ordinals** - NFTs stored in 1 satoshi outputs
+2. **BSV21 Tokens** - Fungible tokens in minimal satoshi outputs
+3. **Any protocol using data-carrying outputs**
+
+Users should be prompted whenever their assets are being spent, regardless of the net satoshi flow.
+
+### Attack Scenario
+
+1. User has an ordinal (1 sat UTXO)
+2. Malicious dApp calls `createAction` with:
+   - Input: User's ordinal UTXO (1 sat) - dApp knows the outpoint
+   - Input: dApp's own 2 sat UTXO (with provided unlockingScript)
+   - Output: 2 sats to user's address
+3. Calculation: `netSpent = 2 + fee - (1 + 2) = -1 + fee`
+4. If `fee < 1 sat` (possible for small transactions), `netSpent <= 0`
+5. **No spending prompt fires**
+6. The ordinal is transferred without user approval
+
+### Why This Works
+
+The dApp provides its own inputs with `unlockingScript` already specified - those don't require the wallet to sign them. The wallet only needs to sign the user's ordinal input. Since `netSpent <= 0`, no authorization is requested, and the wallet automatically signs and broadcasts the transaction.
+
+## Impact
+
+- **Unauthorized transfer of ordinals** without user knowledge
+- **Unauthorized transfer of BSV21 tokens** without user knowledge
+- **Any wallet-owned UTXO** can be transferred if the attacker provides offsetting satoshi value
+- Users lose control over their tokenized assets
+
+## Proof of Concept
+
+```typescript
+// Malicious dApp code
+async function transferOrdinalWithoutConsent(walletClient, targetOrdinalOutpoint: string) {
+  const result = await walletClient.createAction({
+    description: "Legitimate-looking transaction",
+    inputs: [
+      {
+        // User's ordinal - wallet will sign this
+        outpoint: targetOrdinalOutpoint, // e.g., "abc123...def.0"
+        unlockingScriptLength: 107
+      },
+      {
+        // Attacker's funding input - already unlocked
+        outpoint: "attacker-utxo-txid.0",
+        unlockingScript: "3044..." // Pre-signed by attacker
+      }
+    ],
+    outputs: [
+      {
+        // Return some sats to user (to make netSpent <= 0)
+        satoshis: 2,
+        lockingScript: "76a914..." // user's address
+      },
+      {
+        // Take the ordinal
+        satoshis: 1,
+        lockingScript: "76a914..." // attacker's address
+      }
+    ]
+  });
+  // Ordinal transferred without any user prompt
+}
+```
+
+## Proposed Fix
+
+### Option 1: Always Prompt for Wallet-Owned Inputs (Recommended)
+
+Trigger `onSpendingAuthorizationRequested` whenever any wallet-owned input is being consumed, regardless of `netSpent` value:
+
+```typescript
+// Check if any wallet-owned inputs are being consumed
+const hasWalletOwnedInputs = args.inputs?.some(input => {
+  // An input is wallet-owned if it doesn't have a pre-provided unlockingScript
+  return !input.unlockingScript;
+});
+
+if (netSpent > 0 || hasWalletOwnedInputs) {
+  await this.ensureSpendingAuthorization({...});
+}
+```
+
+### Option 2: Protected Baskets Configuration
+
+Add a configuration option to specify baskets that always require spending authorization:
+
+```typescript
+interface PermissionsManagerConfig {
+  // ... existing config
+
+  /**
+   * Baskets that always require spending authorization when consumed as inputs,
+   * regardless of netSpent value. Use this for tokenized assets.
+   */
+  alwaysPromptForBasketInputs?: string[];
+}
+```
+
+Then in `createAction`:
+
+```typescript
+// Check if any inputs belong to protected baskets
+const protectedBaskets = this.config.alwaysPromptForBasketInputs || [];
+let consumesProtectedAsset = false;
+
+if (protectedBaskets.length > 0) {
+  for (const input of args.inputs || []) {
+    // Query the output's basket membership
+    const outputInfo = await this.underlying.listOutputs({
+      outpoint: input.outpoint,
+      include: 'locking scripts'
+    });
+    if (outputInfo.outputs.length > 0) {
+      const basket = outputInfo.outputs[0].basket;
+      if (basket && protectedBaskets.includes(basket)) {
+        consumesProtectedAsset = true;
+        break;
+      }
+    }
+  }
+}
+
+if (netSpent > 0 || consumesProtectedAsset) {
+  await this.ensureSpendingAuthorization({...});
+}
+```
+
+### Option 3: Hybrid Approach
+
+Combine both options - always prompt for wallet-owned inputs, but provide extra context when protected baskets are involved:
+
+```typescript
+if (netSpent > 0 || hasWalletOwnedInputs) {
+  const lineItemsWithAssetInfo = await this.enrichLineItemsWithAssetInfo(lineItems, args.inputs);
+  await this.ensureSpendingAuthorization({
+    satoshis: Math.max(netSpent, 0),
+    lineItems: lineItemsWithAssetInfo,
+    // New field to indicate asset consumption
+    consumesAssets: consumesProtectedAsset,
+    assetBaskets: consumedBaskets
+  });
+}
+```
+
+## Application-Level Mitigation (Interim)
+
+Until a fix is implemented, applications can protect tokenized assets by:
+
+1. **Derived key locking scripts**: Store ordinals/tokens with locking scripts that require `customInstructions` for signing. The wallet cannot auto-sign without derivation info, so malicious dApps can't spend them.
+
+2. **Custom permission modules**: Implement a `PermissionsModule` for token baskets that enforces additional checks.
+
+## Related Files
+
+- [src/WalletPermissionsManager.ts](src/WalletPermissionsManager.ts) - Main implementation
+- [src/__tests/WalletPermissionsManager.proxying.test.ts](src/__tests/WalletPermissionsManager.proxying.test.ts) - Existing tests
+- [src/__tests/WalletPermissionsManager.tokens.test.ts](src/__tests/WalletPermissionsManager.tokens.test.ts) - Token tests
+
+## Test Cases to Add
+
+1. Should trigger spending authorization when consuming wallet-owned inputs with netSpent <= 0
+2. Should trigger spending authorization when consuming inputs from protected baskets
+3. Should include asset information in spending authorization request
+4. Should not be bypassable by providing offsetting external inputs
+
+## References
+
+- BRC-98: Wallet Protocol Permissions
+- BRC-99: Spending Authorizations

package/WPM-vulnerability.md

@@ -0,0 +1,23 @@
+The vulnerability is in WalletPermissionsManager.createAction():
+
+Issue: onSpendingAuthorizationRequested can be bypassed for token/ordinal theft
+
+WalletPermissionsManager only triggers onSpendingAuthorizationRequested when netSpent > 0. The calculation:
+
+
+netSpent = (dApp-requested outputs) + fee - (dApp-requested inputs)
+This works for satoshi value but fails for tokens/ordinals where a 1 sat UTXO may hold significant value.
+
+Attack scenario:
+
+User has ordinal worth 1 sat (but $1000 market value)
+Malicious dApp calls createAction with:
+User's ordinal as input (1 sat)
+dApp's own 2 sat input (with provided unlockingScript)
+Output: 2 sats to user
+netSpent = 2 + fee - 3 = -1 + fee
+If fee < 1 sat, no spending prompt fires
+User loses ordinal without approval
+Mitigation (application-level): Store tokens/ordinals with derived key locking scripts. The wallet can't auto-sign without derivation info in customInstructions, so malicious dApps can't spend them even if they bypass the spending prompt.
+
+Potential fix (WPM-level): Consider triggering onSpendingAuthorizationRequested whenever wallet-owned inputs are consumed, regardless of netSpent value. Or add a config option like alwaysPromptForBasketInputs: ['1sat', 'bsv21'].

package/out/src/sdk/validationHelpers.d.ts

@@ -0,0 +1,303 @@
+import { AbortActionArgs, AcquireCertificateArgs, AcquisitionProtocol, AtomicBEEF, Base64String, BasketInsertion, BasketStringUnder300Bytes, BEEF, BooleanDefaultFalse, BooleanDefaultTrue, CertificateFieldNameUnder50Bytes, CreateActionArgs, CreateActionInput, CreateActionOptions, CreateActionOutput, DescriptionString5to50Bytes, DiscoverByAttributesArgs, DiscoverByIdentityKeyArgs, HexString, InternalizeActionArgs, InternalizeOutput, KeyringRevealer, LabelStringUnder300Bytes, ListActionsArgs, ListCertificatesArgs, ListOutputsArgs, OutpointString, OutputTagStringUnder300Bytes, PositiveInteger, PositiveIntegerDefault10Max10000, PositiveIntegerOrZero, ProveCertificateArgs, PubKeyHex, RelinquishCertificateArgs, RelinquishOutputArgs, SatoshiValue, SignActionArgs, SignActionOptions, SignActionSpend, TrustSelf, TXIDHexString, WalletPayment } from '@bsv/sdk';
+import { OutPoint } from './types';
+export declare function parseWalletOutpoint(outpoint: string): {
+    txid: string;
+    vout: number;
+};
+export declare function validateSatoshis(v: number | undefined, name: string, min?: number): number;
+export declare function validateOptionalInteger(v: number | undefined, name: string, min?: number, max?: number): number | undefined;
+export declare function validateInteger(v: number | undefined, name: string, defaultValue?: number, min?: number, max?: number): number;
+export declare function validatePositiveIntegerOrZero(v: number, name: string): number;
+export declare function validateStringLength(s: string, name: string, min?: number, max?: number): string;
+export declare function isHexString(s: string): boolean;
+/**
+ * @typedef {string & { minLength: 5, maxLength: 2000 }} DescriptionString5to2000Bytes
+ * A string used for descriptions, with a length between 5 and 2000 characters.
+ */
+export type DescriptionString5to2000Bytes = string;
+export interface ValidWalletSignerArgs {
+}
+export interface ValidCreateActionInput {
+    outpoint: OutPoint;
+    inputDescription: DescriptionString5to2000Bytes;
+    sequenceNumber: PositiveIntegerOrZero;
+    unlockingScript?: HexString;
+    unlockingScriptLength: PositiveInteger;
+}
+export declare function validateCreateActionInput(i: CreateActionInput): ValidCreateActionInput;
+export interface ValidCreateActionOutput {
+    lockingScript: HexString;
+    satoshis: SatoshiValue;
+    outputDescription: DescriptionString5to2000Bytes;
+    basket?: BasketStringUnder300Bytes;
+    customInstructions?: string;
+    tags: BasketStringUnder300Bytes[];
+}
+export declare function validateCreateActionOutput(o: CreateActionOutput): ValidCreateActionOutput;
+/**
+ * Set all default true/false booleans to true or false if undefined.
+ * Set all possibly undefined numbers to their default values.
+ * Set all possibly undefined arrays to empty arrays.
+ * Convert string outpoints to `{ txid: string, vout: number }`
+ */
+export declare function validateCreateActionOptions(options?: CreateActionOptions): ValidCreateActionOptions;
+export interface ValidProcessActionOptions {
+    acceptDelayedBroadcast: BooleanDefaultTrue;
+    returnTXIDOnly: BooleanDefaultFalse;
+    noSend: BooleanDefaultFalse;
+    sendWith: TXIDHexString[];
+}
+export interface ValidCreateActionOptions extends ValidProcessActionOptions {
+    signAndProcess: boolean;
+    trustSelf?: TrustSelf;
+    knownTxids: TXIDHexString[];
+    noSendChange: OutPoint[];
+    randomizeOutputs: boolean;
+}
+export interface ValidSignActionOptions extends ValidProcessActionOptions {
+    acceptDelayedBroadcast: boolean;
+    returnTXIDOnly: boolean;
+    noSend: boolean;
+    sendWith: TXIDHexString[];
+}
+export interface ValidProcessActionArgs extends ValidWalletSignerArgs {
+    options: ValidProcessActionOptions;
+    isSendWith: boolean;
+    isNewTx: boolean;
+    isRemixChange: boolean;
+    isNoSend: boolean;
+    isDelayed: boolean;
+}
+export interface ValidCreateActionArgs extends ValidProcessActionArgs {
+    description: DescriptionString5to2000Bytes;
+    inputBEEF?: BEEF;
+    inputs: ValidCreateActionInput[];
+    outputs: ValidCreateActionOutput[];
+    lockTime: number;
+    version: number;
+    labels: string[];
+    options: ValidCreateActionOptions;
+    isSignAction: boolean;
+    randomVals?: number[];
+    /**
+     * If true, signableTransactions will include sourceTransaction for each input,
+     * including those that do not require signature and those that were also contained
+     * in the inputBEEF.
+     */
+    includeAllSourceTransactions: boolean;
+}
+export interface ValidSignActionArgs extends ValidProcessActionArgs {
+    spends: Record<PositiveIntegerOrZero, SignActionSpend>;
+    reference: Base64String;
+    options: ValidSignActionOptions;
+}
+export declare function validateCreateActionArgs(args: CreateActionArgs): ValidCreateActionArgs;
+/**
+ * Set all default true/false booleans to true or false if undefined.
+ * Set all possibly undefined numbers to their default values.
+ * Set all possibly undefined arrays to empty arrays.
+ * Convert string outpoints to `{ txid: string, vout: number }`
+ */
+export declare function validateSignActionOptions(options?: SignActionOptions): ValidSignActionOptions;
+export declare function validateSignActionArgs(args: SignActionArgs): ValidSignActionArgs;
+export interface ValidAbortActionArgs extends ValidWalletSignerArgs {
+    reference: Base64String;
+}
+export declare function validateAbortActionArgs(args: AbortActionArgs): ValidAbortActionArgs;
+export interface ValidWalletPayment {
+    derivationPrefix: Base64String;
+    derivationSuffix: Base64String;
+    senderIdentityKey: PubKeyHex;
+}
+export declare function validateWalletPayment(args?: WalletPayment): ValidWalletPayment | undefined;
+export interface ValidBasketInsertion {
+    basket: BasketStringUnder300Bytes;
+    customInstructions?: string;
+    tags: BasketStringUnder300Bytes[];
+}
+export declare function validateBasketInsertion(args?: BasketInsertion): ValidBasketInsertion | undefined;
+export interface ValidInternalizeOutput {
+    outputIndex: PositiveIntegerOrZero;
+    protocol: 'wallet payment' | 'basket insertion';
+    paymentRemittance?: ValidWalletPayment;
+    insertionRemittance?: ValidBasketInsertion;
+}
+export declare function validateInternalizeOutput(args: InternalizeOutput): ValidInternalizeOutput;
+export interface ValidInternalizeActionArgs extends ValidWalletSignerArgs {
+    tx: AtomicBEEF;
+    outputs: InternalizeOutput[];
+    description: DescriptionString5to2000Bytes;
+    labels: LabelStringUnder300Bytes[];
+    seekPermission: BooleanDefaultTrue;
+}
+export declare function validateOriginator(s?: string): string | undefined;
+export declare function validateInternalizeActionArgs(args: InternalizeActionArgs): ValidInternalizeActionArgs;
+export declare function validateOptionalOutpointString(outpoint: string | undefined, name: string): string | undefined;
+export declare function validateOutpointString(outpoint: string, name: string): string;
+export interface ValidRelinquishOutputArgs extends ValidWalletSignerArgs {
+    basket: BasketStringUnder300Bytes;
+    output: OutpointString;
+}
+export declare function validateRelinquishOutputArgs(args: RelinquishOutputArgs): ValidRelinquishOutputArgs;
+export interface ValidRelinquishCertificateArgs extends ValidWalletSignerArgs {
+    type: Base64String;
+    serialNumber: Base64String;
+    certifier: PubKeyHex;
+}
+export declare function validateRelinquishCertificateArgs(args: RelinquishCertificateArgs): ValidRelinquishCertificateArgs;
+export interface ValidListCertificatesArgs extends ValidWalletSignerArgs {
+    partial?: {
+        type?: Base64String;
+        serialNumber?: Base64String;
+        certifier?: PubKeyHex;
+        subject?: PubKeyHex;
+        revocationOutpoint?: OutpointString;
+        signature?: HexString;
+    };
+    certifiers: PubKeyHex[];
+    types: Base64String[];
+    limit: PositiveIntegerDefault10Max10000;
+    offset: PositiveIntegerOrZero;
+    privileged: BooleanDefaultFalse;
+    privilegedReason?: DescriptionString5to50Bytes;
+}
+export declare function validateListCertificatesArgs(args: ListCertificatesArgs): ValidListCertificatesArgs;
+export interface ValidAcquireCertificateArgs extends ValidWalletSignerArgs {
+    acquisitionProtocol: AcquisitionProtocol;
+    type: Base64String;
+    serialNumber?: Base64String;
+    certifier: PubKeyHex;
+    revocationOutpoint?: OutpointString;
+    fields: Record<CertificateFieldNameUnder50Bytes, string>;
+    signature?: HexString;
+    certifierUrl?: string;
+    keyringRevealer?: KeyringRevealer;
+    keyringForSubject?: Record<CertificateFieldNameUnder50Bytes, Base64String>;
+    privileged: boolean;
+    privilegedReason?: DescriptionString5to50Bytes;
+}
+/**
+ *
+ * @param args
+ * @param subject Must be valid for "direct" `acquisitionProtocol`. public key of the certificate subject.
+ * @returns
+ */
+export declare function validateAcquireCertificateArgs(args: AcquireCertificateArgs): Promise<ValidAcquireCertificateArgs>;
+export interface ValidAcquireDirectCertificateArgs extends ValidWalletSignerArgs {
+    type: Base64String;
+    serialNumber: Base64String;
+    certifier: PubKeyHex;
+    revocationOutpoint: OutpointString;
+    fields: Record<CertificateFieldNameUnder50Bytes, string>;
+    signature: HexString;
+    /**
+     * validated to an empty string, must be provided by wallet and must
+     * match expectations of keyringForSubject
+     */
+    subject: PubKeyHex;
+    keyringRevealer: KeyringRevealer;
+    keyringForSubject: Record<CertificateFieldNameUnder50Bytes, Base64String>;
+    privileged: boolean;
+    privilegedReason?: DescriptionString5to50Bytes;
+}
+export interface ValidAcquireIssuanceCertificateArgs extends ValidWalletSignerArgs {
+    type: Base64String;
+    certifier: PubKeyHex;
+    certifierUrl: string;
+    fields: Record<CertificateFieldNameUnder50Bytes, string>;
+    /**
+     * validated to an empty string, must be provided by wallet and must
+     * match expectations of keyringForSubject
+     */
+    subject: PubKeyHex;
+    privileged: boolean;
+    privilegedReason?: DescriptionString5to50Bytes;
+}
+export declare function validateAcquireIssuanceCertificateArgs(args: AcquireCertificateArgs): ValidAcquireIssuanceCertificateArgs;
+export declare function validateAcquireDirectCertificateArgs(args: AcquireCertificateArgs): ValidAcquireDirectCertificateArgs;
+export interface ValidProveCertificateArgs extends ValidWalletSignerArgs {
+    type?: Base64String;
+    serialNumber?: Base64String;
+    certifier?: PubKeyHex;
+    subject?: PubKeyHex;
+    revocationOutpoint?: OutpointString;
+    signature?: HexString;
+    fieldsToReveal: CertificateFieldNameUnder50Bytes[];
+    verifier: PubKeyHex;
+    privileged: boolean;
+    privilegedReason?: DescriptionString5to50Bytes;
+}
+export declare function validateProveCertificateArgs(args: ProveCertificateArgs): ValidProveCertificateArgs;
+export interface ValidDiscoverByIdentityKeyArgs extends ValidWalletSignerArgs {
+    identityKey: PubKeyHex;
+    limit: PositiveIntegerDefault10Max10000;
+    offset: PositiveIntegerOrZero;
+    seekPermission: boolean;
+}
+export declare function validateDiscoverByIdentityKeyArgs(args: DiscoverByIdentityKeyArgs): ValidDiscoverByIdentityKeyArgs;
+export interface ValidDiscoverByAttributesArgs extends ValidWalletSignerArgs {
+    attributes: Record<CertificateFieldNameUnder50Bytes, string>;
+    limit: PositiveIntegerDefault10Max10000;
+    offset: PositiveIntegerOrZero;
+    seekPermission: boolean;
+}
+export declare function validateDiscoverByAttributesArgs(args: DiscoverByAttributesArgs): ValidDiscoverByAttributesArgs;
+export interface ValidListOutputsArgs extends ValidWalletSignerArgs {
+    basket: BasketStringUnder300Bytes;
+    tags: OutputTagStringUnder300Bytes[];
+    tagQueryMode: 'all' | 'any';
+    includeLockingScripts: boolean;
+    includeTransactions: boolean;
+    includeCustomInstructions: BooleanDefaultFalse;
+    includeTags: BooleanDefaultFalse;
+    includeLabels: BooleanDefaultFalse;
+    limit: PositiveIntegerDefault10Max10000;
+    offset: number;
+    seekPermission: BooleanDefaultTrue;
+    knownTxids: string[];
+}
+/**
+ * @param {BasketStringUnder300Bytes} args.basket - Required. The associated basket name whose outputs should be listed.
+ * @param {OutputTagStringUnder300Bytes[]} [args.tags] - Optional. Filter outputs based on these tags.
+ * @param {'all' | 'any'} [args.tagQueryMode] - Optional. Filter mode, defining whether all or any of the tags must match. By default, any tag can match.
+ * @param {'locking scripts' | 'entire transactions'} [args.include] - Optional. Whether to include locking scripts (with each output) or entire transactions (as aggregated BEEF, at the top level) in the result. By default, unless specified, neither are returned.
+ * @param {BooleanDefaultFalse} [args.includeEntireTransactions] - Optional. Whether to include the entire transaction(s) in the result.
+ * @param {BooleanDefaultFalse} [args.includeCustomInstructions] - Optional. Whether custom instructions should be returned in the result.
+ * @param {BooleanDefaultFalse} [args.includeTags] - Optional. Whether the tags associated with the output should be returned.
+ * @param {BooleanDefaultFalse} [args.includeLabels] - Optional. Whether the labels associated with the transaction containing the output should be returned.
+ * @param {PositiveIntegerDefault10Max10000} [args.limit] - Optional limit on the number of outputs to return.
+ * @param {number} [args.offset] - If positive or zero: Number of outputs to skip before starting to return results, oldest first.
+ * If negative: Outputs are returned newest first and offset of -1 is the newest output.
+ * When using negative offsets, caution is required as new outputs may be added between calls,
+ * potentially causing outputs to be duplicated across calls.
+ * @param {BooleanDefaultTrue} [args.seekPermission] — Optional. Whether to seek permission from the user for this operation if required. Default true, will return an error rather than proceed if set to false.
+ */
+export declare function validateListOutputsArgs(args: ListOutputsArgs): ValidListOutputsArgs;
+export interface ValidListActionsArgs extends ValidWalletSignerArgs {
+    labels: LabelStringUnder300Bytes[];
+    labelQueryMode: 'any' | 'all';
+    includeLabels: BooleanDefaultFalse;
+    includeInputs: BooleanDefaultFalse;
+    includeInputSourceLockingScripts: BooleanDefaultFalse;
+    includeInputUnlockingScripts: BooleanDefaultFalse;
+    includeOutputs: BooleanDefaultFalse;
+    includeOutputLockingScripts: BooleanDefaultFalse;
+    limit: PositiveIntegerDefault10Max10000;
+    offset: PositiveIntegerOrZero;
+    seekPermission: BooleanDefaultTrue;
+}
+/**
+ * @param {LabelStringUnder300Bytes[]} args.labels - An array of labels used to filter actions.
+ * @param {'any' | 'all'} [args.labelQueryMode] - Optional. Specifies how to match labels (default is any which matches any of the labels).
+ * @param {BooleanDefaultFalse} [args.includeLabels] - Optional. Whether to include transaction labels in the result set.
+ * @param {BooleanDefaultFalse} [args.includeInputs] - Optional. Whether to include input details in the result set.
+ * @param {BooleanDefaultFalse} [args.includeInputSourceLockingScripts] - Optional. Whether to include input source locking scripts in the result set.
+ * @param {BooleanDefaultFalse} [args.includeInputUnlockingScripts] - Optional. Whether to include input unlocking scripts in the result set.
+ * @param {BooleanDefaultFalse} [args.includeOutputs] - Optional. Whether to include output details in the result set.
+ * @param {BooleanDefaultFalse} [args.includeOutputLockingScripts] - Optional. Whether to include output locking scripts in the result set.
+ * @param {PositiveIntegerDefault10Max10000} [args.limit] - Optional. The maximum number of transactions to retrieve.
+ * @param {PositiveIntegerOrZero} [args.offset] - Optional. Number of transactions to skip before starting to return the results.
+ * @param {BooleanDefaultTrue} [args.seekPermission] — Optional. Whether to seek permission from the user for this operation if required. Default true, will return an error rather than proceed if set to false.
+ */
+export declare function validateListActionsArgs(args: ListActionsArgs): ValidListActionsArgs;
+//# sourceMappingURL=validationHelpers.d.ts.map

package/out/src/sdk/validationHelpers.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"validationHelpers.d.ts","sourceRoot":"","sources":["../../../src/sdk/validationHelpers.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,eAAe,EACf,sBAAsB,EACtB,mBAAmB,EACnB,UAAU,EACV,YAAY,EACZ,eAAe,EACf,yBAAyB,EAEzB,IAAI,EACJ,mBAAmB,EACnB,kBAAkB,EAClB,gCAAgC,EAChC,gBAAgB,EAChB,iBAAiB,EACjB,mBAAmB,EACnB,kBAAkB,EAClB,2BAA2B,EAC3B,wBAAwB,EACxB,yBAAyB,EACzB,SAAS,EACT,qBAAqB,EACrB,iBAAiB,EACjB,eAAe,EACf,wBAAwB,EACxB,eAAe,EACf,oBAAoB,EACpB,eAAe,EACf,cAAc,EACd,4BAA4B,EAC5B,eAAe,EACf,gCAAgC,EAChC,qBAAqB,EACrB,oBAAoB,EACpB,SAAS,EACT,yBAAyB,EACzB,oBAAoB,EACpB,YAAY,EACZ,cAAc,EACd,iBAAiB,EACjB,eAAe,EACf,SAAS,EACT,aAAa,EAEb,aAAa,EACd,MAAM,UAAU,CAAA;AACjB,OAAO,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAA;AAGlC,wBAAgB,mBAAmB,CAAC,QAAQ,EAAE,MAAM,GAAG;IACrD,IAAI,EAAE,MAAM,CAAA;IACZ,IAAI,EAAE,MAAM,CAAA;CACb,CAGA;AA+BD,wBAAgB,gBAAgB,CAAC,CAAC,EAAE,MAAM,GAAG,SAAS,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,CAAC,EAAE,MAAM,GAAG,MAAM,CAK1F;AAED,wBAAgB,uBAAuB,CACrC,CAAC,EAAE,MAAM,GAAG,SAAS,EACrB,IAAI,EAAE,MAAM,EACZ,GAAG,CAAC,EAAE,MAAM,EACZ,GAAG,CAAC,EAAE,MAAM,GACX,MAAM,GAAG,SAAS,CAGpB;AAED,wBAAgB,eAAe,CAC7B,CAAC,EAAE,MAAM,GAAG,SAAS,EACrB,IAAI,EAAE,MAAM,EACZ,YAAY,CAAC,EAAE,MAAM,EACrB,GAAG,CAAC,EAAE,MAAM,EACZ,GAAG,CAAC,EAAE,MAAM,GACX,MAAM,CAUR;AAED,wBAAgB,6BAA6B,CAAC,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,MAAM,CAE7E;AAED,wBAAgB,oBAAoB,CAAC,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,CAAC,EAAE,MAAM,EAAE,GAAG,CAAC,EAAE,MAAM,GAAG,MAAM,CAKhG;AAkFD,wBAAgB,WAAW,CAAC,CAAC,EAAE,MAAM,GAAG,OAAO,CAM9C;AAED;;;GAGG;AACH,MAAM,MAAM,6BAA6B,GAAG,MAAM,CAAA;AAElD,MAAM,WAAW,qBAAqB;CAAG;AAEzC,MAAM,WAAW,sBAAsB;IACrC,QAAQ,EAAE,QAAQ,CAAA;IAClB,gBAAgB,EAAE,6BAA6B,CAAA;IAC/C,cAAc,EAAE,qBAAqB,CAAA;IACrC,eAAe,CAAC,EAAE,SAAS,CAAA;IAC3B,qBAAqB,EAAE,eAAe,CAAA;CACvC;AAED,wBAAgB,yBAAyB,CAAC,CAAC,EAAE,iBAAiB,GAAG,sBAAsB,CAetF;AAED,MAAM,WAAW,uBAAuB;IACtC,aAAa,EAAE,SAAS,CAAA;IACxB,QAAQ,EAAE,YAAY,CAAA;IACtB,iBAAiB,EAAE,6BAA6B,CAAA;IAChD,MAAM,CAAC,EAAE,yBAAyB,CAAA;IAClC,kBAAkB,CAAC,EAAE,MAAM,CAAA;IAC3B,IAAI,EAAE,yBAAyB,EAAE,CAAA;CAClC;AAED,wBAAgB,0BAA0B,CAAC,CAAC,EAAE,kBAAkB,GAAG,uBAAuB,CAUzF;AAED;;;;;GAKG;AACH,wBAAgB,2BAA2B,CAAC,OAAO,CAAC,EAAE,mBAAmB,GAAG,wBAAwB,CAanG;AAED,MAAM,WAAW,yBAAyB;IACxC,sBAAsB,EAAE,kBAAkB,CAAA;IAC1C,cAAc,EAAE,mBAAmB,CAAA;IACnC,MAAM,EAAE,mBAAmB,CAAA;IAC3B,QAAQ,EAAE,aAAa,EAAE,CAAA;CAC1B;AAED,MAAM,WAAW,wBAAyB,SAAQ,yBAAyB;IACzE,cAAc,EAAE,OAAO,CAAA;IACvB,SAAS,CAAC,EAAE,SAAS,CAAA;IACrB,UAAU,EAAE,aAAa,EAAE,CAAA;IAC3B,YAAY,EAAE,QAAQ,EAAE,CAAA;IACxB,gBAAgB,EAAE,OAAO,CAAA;CAC1B;AAED,MAAM,WAAW,sBAAuB,SAAQ,yBAAyB;IACvE,sBAAsB,EAAE,OAAO,CAAA;IAC/B,cAAc,EAAE,OAAO,CAAA;IACvB,MAAM,EAAE,OAAO,CAAA;IACf,QAAQ,EAAE,aAAa,EAAE,CAAA;CAC1B;AAED,MAAM,WAAW,sBAAuB,SAAQ,qBAAqB;IACnE,OAAO,EAAE,yBAAyB,CAAA;IAElC,UAAU,EAAE,OAAO,CAAA;IAEnB,OAAO,EAAE,OAAO,CAAA;IAEhB,aAAa,EAAE,OAAO,CAAA;IAEtB,QAAQ,EAAE,OAAO,CAAA;IAEjB,SAAS,EAAE,OAAO,CAAA;CACnB;AAED,MAAM,WAAW,qBAAsB,SAAQ,sBAAsB;IACnE,WAAW,EAAE,6BAA6B,CAAA;IAC1C,SAAS,CAAC,EAAE,IAAI,CAAA;IAChB,MAAM,EAAE,sBAAsB,EAAE,CAAA;IAChC,OAAO,EAAE,uBAAuB,EAAE,CAAA;IAClC,QAAQ,EAAE,MAAM,CAAA;IAChB,OAAO,EAAE,MAAM,CAAA;IACf,MAAM,EAAE,MAAM,EAAE,CAAA;IAEhB,OAAO,EAAE,wBAAwB,CAAA;IAEjC,YAAY,EAAE,OAAO,CAAA;IACrB,UAAU,CAAC,EAAE,MAAM,EAAE,CAAA;IACrB;;;;OAIG;IACH,4BAA4B,EAAE,OAAO,CAAA;CACtC;AAED,MAAM,WAAW,mBAAoB,SAAQ,sBAAsB;IACjE,MAAM,EAAE,MAAM,CAAC,qBAAqB,EAAE,eAAe,CAAC,CAAA;IACtD,SAAS,EAAE,YAAY,CAAA;IAEvB,OAAO,EAAE,sBAAsB,CAAA;CAChC;AAED,wBAAgB,wBAAwB,CAAC,IAAI,EAAE,gBAAgB,GAAG,qBAAqB,CA4BtF;AAED;;;;;GAKG;AACH,wBAAgB,yBAAyB,CAAC,OAAO,CAAC,EAAE,iBAAiB,GAAG,sBAAsB,CAS7F;AAED,wBAAgB,sBAAsB,CAAC,IAAI,EAAE,cAAc,GAAG,mBAAmB,CAgBhF;AAED,MAAM,WAAW,oBAAqB,SAAQ,qBAAqB;IACjE,SAAS,EAAE,YAAY,CAAA;CACxB;AAED,wBAAgB,uBAAuB,CAAC,IAAI,EAAE,eAAe,GAAG,oBAAoB,CAMnF;AAED,MAAM,WAAW,kBAAkB;IACjC,gBAAgB,EAAE,YAAY,CAAA;IAC9B,gBAAgB,EAAE,YAAY,CAAA;IAC9B,iBAAiB,EAAE,SAAS,CAAA;CAC7B;AAED,wBAAgB,qBAAqB,CAAC,IAAI,CAAC,EAAE,aAAa,GAAG,kBAAkB,GAAG,SAAS,CAQ1F;AAED,MAAM,WAAW,oBAAoB;IACnC,MAAM,EAAE,yBAAyB,CAAA;IACjC,kBAAkB,CAAC,EAAE,MAAM,CAAA;IAC3B,IAAI,EAAE,yBAAyB,EAAE,CAAA;CAClC;AAED,wBAAgB,uBAAuB,CAAC,IAAI,CAAC,EAAE,eAAe,GAAG,oBAAoB,GAAG,SAAS,CAQhG;AAED,MAAM,WAAW,sBAAsB;IACrC,WAAW,EAAE,qBAAqB,CAAA;IAClC,QAAQ,EAAE,gBAAgB,GAAG,kBAAkB,CAAA;IAC/C,iBAAiB,CAAC,EAAE,kBAAkB,CAAA;IACtC,mBAAmB,CAAC,EAAE,oBAAoB,CAAA;CAC3C;AAED,wBAAgB,yBAAyB,CAAC,IAAI,EAAE,iBAAiB,GAAG,sBAAsB,CAUzF;AAED,MAAM,WAAW,0BAA2B,SAAQ,qBAAqB;IACvE,EAAE,EAAE,UAAU,CAAA;IACd,OAAO,EAAE,iBAAiB,EAAE,CAAA;IAC5B,WAAW,EAAE,6BAA6B,CAAA;IAC1C,MAAM,EAAE,wBAAwB,EAAE,CAAA;IAClC,cAAc,EAAE,kBAAkB,CAAA;CACnC;AAED,wBAAgB,kBAAkB,CAAC,CAAC,CAAC,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS,CAQjE;AAED,wBAAgB,6BAA6B,CAAC,IAAI,EAAE,qBAAqB,GAAG,0BAA0B,CAoBrG;AAED,wBAAgB,8BAA8B,CAAC,QAAQ,EAAE,MAAM,GAAG,SAAS,EAAE,IAAI,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS,CAG7G;AAED,wBAAgB,sBAAsB,CAAC,QAAQ,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,MAAM,CAO7E;AAED,MAAM,WAAW,yBAA0B,SAAQ,qBAAqB;IACtE,MAAM,EAAE,yBAAyB,CAAA;IACjC,MAAM,EAAE,cAAc,CAAA;CACvB;AAED,wBAAgB,4BAA4B,CAAC,IAAI,EAAE,oBAAoB,GAAG,yBAAyB,CAOlG;AAED,MAAM,WAAW,8BAA+B,SAAQ,qBAAqB;IAC3E,IAAI,EAAE,YAAY,CAAA;IAClB,YAAY,EAAE,YAAY,CAAA;IAC1B,SAAS,EAAE,SAAS,CAAA;CACrB;AAED,wBAAgB,iCAAiC,CAAC,IAAI,EAAE,yBAAyB,GAAG,8BAA8B,CAQjH;AAED,MAAM,WAAW,yBAA0B,SAAQ,qBAAqB;IACtE,OAAO,CAAC,EAAE;QACR,IAAI,CAAC,EAAE,YAAY,CAAA;QACnB,YAAY,CAAC,EAAE,YAAY,CAAA;QAC3B,SAAS,CAAC,EAAE,SAAS,CAAA;QACrB,OAAO,CAAC,EAAE,SAAS,CAAA;QACnB,kBAAkB,CAAC,EAAE,cAAc,CAAA;QACnC,SAAS,CAAC,EAAE,SAAS,CAAA;KACtB,CAAA;IACD,UAAU,EAAE,SAAS,EAAE,CAAA;IACvB,KAAK,EAAE,YAAY,EAAE,CAAA;IACrB,KAAK,EAAE,gCAAgC,CAAA;IACvC,MAAM,EAAE,qBAAqB,CAAA;IAC7B,UAAU,EAAE,mBAAmB,CAAA;IAC/B,gBAAgB,CAAC,EAAE,2BAA2B,CAAA;CAC/C;AAED,wBAAgB,4BAA4B,CAAC,IAAI,EAAE,oBAAoB,GAAG,yBAAyB,CAWlG;AAED,MAAM,WAAW,2BAA4B,SAAQ,qBAAqB;IACxE,mBAAmB,EAAE,mBAAmB,CAAA;IAExC,IAAI,EAAE,YAAY,CAAA;IAClB,YAAY,CAAC,EAAE,YAAY,CAAA;IAC3B,SAAS,EAAE,SAAS,CAAA;IACpB,kBAAkB,CAAC,EAAE,cAAc,CAAA;IACnC,MAAM,EAAE,MAAM,CAAC,gCAAgC,EAAE,MAAM,CAAC,CAAA;IACxD,SAAS,CAAC,EAAE,SAAS,CAAA;IAErB,YAAY,CAAC,EAAE,MAAM,CAAA;IAErB,eAAe,CAAC,EAAE,eAAe,CAAA;IACjC,iBAAiB,CAAC,EAAE,MAAM,CAAC,gCAAgC,EAAE,YAAY,CAAC,CAAA;IAE1E,UAAU,EAAE,OAAO,CAAA;IACnB,gBAAgB,CAAC,EAAE,2BAA2B,CAAA;CAC/C;AAwCD;;;;;GAKG;AACH,wBAAsB,8BAA8B,CAClD,IAAI,EAAE,sBAAsB,GAC3B,OAAO,CAAC,2BAA2B,CAAC,CAyBtC;AAED,MAAM,WAAW,iCAAkC,SAAQ,qBAAqB;IAC9E,IAAI,EAAE,YAAY,CAAA;IAClB,YAAY,EAAE,YAAY,CAAA;IAC1B,SAAS,EAAE,SAAS,CAAA;IACpB,kBAAkB,EAAE,cAAc,CAAA;IAClC,MAAM,EAAE,MAAM,CAAC,gCAAgC,EAAE,MAAM,CAAC,CAAA;IACxD,SAAS,EAAE,SAAS,CAAA;IAEpB;;;OAGG;IACH,OAAO,EAAE,SAAS,CAAA;IAElB,eAAe,EAAE,eAAe,CAAA;IAChC,iBAAiB,EAAE,MAAM,CAAC,gCAAgC,EAAE,YAAY,CAAC,CAAA;IAEzE,UAAU,EAAE,OAAO,CAAA;IACnB,gBAAgB,CAAC,EAAE,2BAA2B,CAAA;CAC/C;AAED,MAAM,WAAW,mCAAoC,SAAQ,qBAAqB;IAChF,IAAI,EAAE,YAAY,CAAA;IAClB,SAAS,EAAE,SAAS,CAAA;IACpB,YAAY,EAAE,MAAM,CAAA;IACpB,MAAM,EAAE,MAAM,CAAC,gCAAgC,EAAE,MAAM,CAAC,CAAA;IAExD;;;OAGG;IACH,OAAO,EAAE,SAAS,CAAA;IAElB,UAAU,EAAE,OAAO,CAAA;IACnB,gBAAgB,CAAC,EAAE,2BAA2B,CAAA;CAC/C;AAED,wBAAgB,sCAAsC,CACpD,IAAI,EAAE,sBAAsB,GAC3B,mCAAmC,CA0BrC;AACD,wBAAgB,oCAAoC,CAAC,IAAI,EAAE,sBAAsB,GAAG,iCAAiC,CA4BpH;AAED,MAAM,WAAW,yBAA0B,SAAQ,qBAAqB;IACtE,IAAI,CAAC,EAAE,YAAY,CAAA;IACnB,YAAY,CAAC,EAAE,YAAY,CAAA;IAC3B,SAAS,CAAC,EAAE,SAAS,CAAA;IACrB,OAAO,CAAC,EAAE,SAAS,CAAA;IACnB,kBAAkB,CAAC,EAAE,cAAc,CAAA;IACnC,SAAS,CAAC,EAAE,SAAS,CAAA;IAErB,cAAc,EAAE,gCAAgC,EAAE,CAAA;IAClD,QAAQ,EAAE,SAAS,CAAA;IACnB,UAAU,EAAE,OAAO,CAAA;IACnB,gBAAgB,CAAC,EAAE,2BAA2B,CAAA;CAC/C;AAED,wBAAgB,4BAA4B,CAAC,IAAI,EAAE,oBAAoB,GAAG,yBAAyB,CAsBlG;AAED,MAAM,WAAW,8BAA+B,SAAQ,qBAAqB;IAC3E,WAAW,EAAE,SAAS,CAAA;IACtB,KAAK,EAAE,gCAAgC,CAAA;IACvC,MAAM,EAAE,qBAAqB,CAAA;IAC7B,cAAc,EAAE,OAAO,CAAA;CACxB;AAED,wBAAgB,iCAAiC,CAAC,IAAI,EAAE,yBAAyB,GAAG,8BAA8B,CAQjH;AAED,MAAM,WAAW,6BAA8B,SAAQ,qBAAqB;IAC1E,UAAU,EAAE,MAAM,CAAC,gCAAgC,EAAE,MAAM,CAAC,CAAA;IAC5D,KAAK,EAAE,gCAAgC,CAAA;IACvC,MAAM,EAAE,qBAAqB,CAAA;IAC7B,cAAc,EAAE,OAAO,CAAA;CACxB;AAWD,wBAAgB,gCAAgC,CAAC,IAAI,EAAE,wBAAwB,GAAG,6BAA6B,CAQ9G;AAED,MAAM,WAAW,oBAAqB,SAAQ,qBAAqB;IACjE,MAAM,EAAE,yBAAyB,CAAA;IACjC,IAAI,EAAE,4BAA4B,EAAE,CAAA;IACpC,YAAY,EAAE,KAAK,GAAG,KAAK,CAAA;IAC3B,qBAAqB,EAAE,OAAO,CAAA;IAC9B,mBAAmB,EAAE,OAAO,CAAA;IAC5B,yBAAyB,EAAE,mBAAmB,CAAA;IAC9C,WAAW,EAAE,mBAAmB,CAAA;IAChC,aAAa,EAAE,mBAAmB,CAAA;IAClC,KAAK,EAAE,gCAAgC,CAAA;IACvC,MAAM,EAAE,MAAM,CAAA;IACd,cAAc,EAAE,kBAAkB,CAAA;IAClC,UAAU,EAAE,MAAM,EAAE,CAAA;CACrB;AAED;;;;;;;;;;;;;;;GAeG;AACH,wBAAgB,uBAAuB,CAAC,IAAI,EAAE,eAAe,GAAG,oBAAoB,CAsBnF;AAED,MAAM,WAAW,oBAAqB,SAAQ,qBAAqB;IACjE,MAAM,EAAE,wBAAwB,EAAE,CAAA;IAClC,cAAc,EAAE,KAAK,GAAG,KAAK,CAAA;IAC7B,aAAa,EAAE,mBAAmB,CAAA;IAClC,aAAa,EAAE,mBAAmB,CAAA;IAClC,gCAAgC,EAAE,mBAAmB,CAAA;IACrD,4BAA4B,EAAE,mBAAmB,CAAA;IACjD,cAAc,EAAE,mBAAmB,CAAA;IACnC,2BAA2B,EAAE,mBAAmB,CAAA;IAChD,KAAK,EAAE,gCAAgC,CAAA;IACvC,MAAM,EAAE,qBAAqB,CAAA;IAC7B,cAAc,EAAE,kBAAkB,CAAA;CACnC;AAED;;;;;;;;;;;;GAYG;AACH,wBAAgB,uBAAuB,CAAC,IAAI,EAAE,eAAe,GAAG,oBAAoB,CAqBnF"}