@bounded-sh/core 0.0.18 → 0.0.20

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/index.mjs CHANGED
@@ -1,6 +1,6 @@
1
1
  import axios from 'axios';
2
- import { ComputeBudgetProgram, PublicKey, VersionedTransaction, TransactionMessage, Keypair, SystemProgram, TransactionInstruction, Connection } from '@solana/web3.js';
3
2
  import nacl from 'tweetnacl';
3
+ import { ComputeBudgetProgram, PublicKey, VersionedTransaction, TransactionMessage, SystemProgram, TransactionInstruction, Connection } from '@solana/web3.js';
4
4
  import * as anchor from '@coral-xyz/anchor';
5
5
  import { Program } from '@coral-xyz/anchor';
6
6
  import BN from 'bn.js';
@@ -3310,231 +3310,6 @@ var sessionManager = /*#__PURE__*/Object.freeze({
3310
3310
  getActiveSessionManager: getActiveSessionManager
3311
3311
  });
3312
3312
 
3313
- var safeBuffer = {exports: {}};
3314
-
3315
- /*! safe-buffer. MIT License. Feross Aboukhadijeh <https://feross.org/opensource> */
3316
-
3317
- var hasRequiredSafeBuffer;
3318
-
3319
- function requireSafeBuffer () {
3320
- if (hasRequiredSafeBuffer) return safeBuffer.exports;
3321
- hasRequiredSafeBuffer = 1;
3322
- (function (module, exports$1) {
3323
- /* eslint-disable node/no-deprecated-api */
3324
- var buffer = requireBuffer();
3325
- var Buffer = buffer.Buffer;
3326
-
3327
- // alternative to using Object.keys for old browsers
3328
- function copyProps (src, dst) {
3329
- for (var key in src) {
3330
- dst[key] = src[key];
3331
- }
3332
- }
3333
- if (Buffer.from && Buffer.alloc && Buffer.allocUnsafe && Buffer.allocUnsafeSlow) {
3334
- module.exports = buffer;
3335
- } else {
3336
- // Copy properties from require('buffer')
3337
- copyProps(buffer, exports$1);
3338
- exports$1.Buffer = SafeBuffer;
3339
- }
3340
-
3341
- function SafeBuffer (arg, encodingOrOffset, length) {
3342
- return Buffer(arg, encodingOrOffset, length)
3343
- }
3344
-
3345
- SafeBuffer.prototype = Object.create(Buffer.prototype);
3346
-
3347
- // Copy static methods from Buffer
3348
- copyProps(Buffer, SafeBuffer);
3349
-
3350
- SafeBuffer.from = function (arg, encodingOrOffset, length) {
3351
- if (typeof arg === 'number') {
3352
- throw new TypeError('Argument must not be a number')
3353
- }
3354
- return Buffer(arg, encodingOrOffset, length)
3355
- };
3356
-
3357
- SafeBuffer.alloc = function (size, fill, encoding) {
3358
- if (typeof size !== 'number') {
3359
- throw new TypeError('Argument must be a number')
3360
- }
3361
- var buf = Buffer(size);
3362
- if (fill !== undefined) {
3363
- if (typeof encoding === 'string') {
3364
- buf.fill(fill, encoding);
3365
- } else {
3366
- buf.fill(fill);
3367
- }
3368
- } else {
3369
- buf.fill(0);
3370
- }
3371
- return buf
3372
- };
3373
-
3374
- SafeBuffer.allocUnsafe = function (size) {
3375
- if (typeof size !== 'number') {
3376
- throw new TypeError('Argument must be a number')
3377
- }
3378
- return Buffer(size)
3379
- };
3380
-
3381
- SafeBuffer.allocUnsafeSlow = function (size) {
3382
- if (typeof size !== 'number') {
3383
- throw new TypeError('Argument must be a number')
3384
- }
3385
- return buffer.SlowBuffer(size)
3386
- };
3387
- } (safeBuffer, safeBuffer.exports));
3388
- return safeBuffer.exports;
3389
- }
3390
-
3391
- var src;
3392
- var hasRequiredSrc;
3393
-
3394
- function requireSrc () {
3395
- if (hasRequiredSrc) return src;
3396
- hasRequiredSrc = 1;
3397
- // base-x encoding / decoding
3398
- // Copyright (c) 2018 base-x contributors
3399
- // Copyright (c) 2014-2018 The Bitcoin Core developers (base58.cpp)
3400
- // Distributed under the MIT software license, see the accompanying
3401
- // file LICENSE or http://www.opensource.org/licenses/mit-license.php.
3402
- // @ts-ignore
3403
- var _Buffer = requireSafeBuffer().Buffer;
3404
- function base (ALPHABET) {
3405
- if (ALPHABET.length >= 255) { throw new TypeError('Alphabet too long') }
3406
- var BASE_MAP = new Uint8Array(256);
3407
- for (var j = 0; j < BASE_MAP.length; j++) {
3408
- BASE_MAP[j] = 255;
3409
- }
3410
- for (var i = 0; i < ALPHABET.length; i++) {
3411
- var x = ALPHABET.charAt(i);
3412
- var xc = x.charCodeAt(0);
3413
- if (BASE_MAP[xc] !== 255) { throw new TypeError(x + ' is ambiguous') }
3414
- BASE_MAP[xc] = i;
3415
- }
3416
- var BASE = ALPHABET.length;
3417
- var LEADER = ALPHABET.charAt(0);
3418
- var FACTOR = Math.log(BASE) / Math.log(256); // log(BASE) / log(256), rounded up
3419
- var iFACTOR = Math.log(256) / Math.log(BASE); // log(256) / log(BASE), rounded up
3420
- function encode (source) {
3421
- if (Array.isArray(source) || source instanceof Uint8Array) { source = _Buffer.from(source); }
3422
- if (!_Buffer.isBuffer(source)) { throw new TypeError('Expected Buffer') }
3423
- if (source.length === 0) { return '' }
3424
- // Skip & count leading zeroes.
3425
- var zeroes = 0;
3426
- var length = 0;
3427
- var pbegin = 0;
3428
- var pend = source.length;
3429
- while (pbegin !== pend && source[pbegin] === 0) {
3430
- pbegin++;
3431
- zeroes++;
3432
- }
3433
- // Allocate enough space in big-endian base58 representation.
3434
- var size = ((pend - pbegin) * iFACTOR + 1) >>> 0;
3435
- var b58 = new Uint8Array(size);
3436
- // Process the bytes.
3437
- while (pbegin !== pend) {
3438
- var carry = source[pbegin];
3439
- // Apply "b58 = b58 * 256 + ch".
3440
- var i = 0;
3441
- for (var it1 = size - 1; (carry !== 0 || i < length) && (it1 !== -1); it1--, i++) {
3442
- carry += (256 * b58[it1]) >>> 0;
3443
- b58[it1] = (carry % BASE) >>> 0;
3444
- carry = (carry / BASE) >>> 0;
3445
- }
3446
- if (carry !== 0) { throw new Error('Non-zero carry') }
3447
- length = i;
3448
- pbegin++;
3449
- }
3450
- // Skip leading zeroes in base58 result.
3451
- var it2 = size - length;
3452
- while (it2 !== size && b58[it2] === 0) {
3453
- it2++;
3454
- }
3455
- // Translate the result into a string.
3456
- var str = LEADER.repeat(zeroes);
3457
- for (; it2 < size; ++it2) { str += ALPHABET.charAt(b58[it2]); }
3458
- return str
3459
- }
3460
- function decodeUnsafe (source) {
3461
- if (typeof source !== 'string') { throw new TypeError('Expected String') }
3462
- if (source.length === 0) { return _Buffer.alloc(0) }
3463
- var psz = 0;
3464
- // Skip and count leading '1's.
3465
- var zeroes = 0;
3466
- var length = 0;
3467
- while (source[psz] === LEADER) {
3468
- zeroes++;
3469
- psz++;
3470
- }
3471
- // Allocate enough space in big-endian base256 representation.
3472
- var size = (((source.length - psz) * FACTOR) + 1) >>> 0; // log(58) / log(256), rounded up.
3473
- var b256 = new Uint8Array(size);
3474
- // Process the characters.
3475
- while (psz < source.length) {
3476
- // Find code of next character
3477
- var charCode = source.charCodeAt(psz);
3478
- // Base map can not be indexed using char code
3479
- if (charCode > 255) { return }
3480
- // Decode character
3481
- var carry = BASE_MAP[charCode];
3482
- // Invalid character
3483
- if (carry === 255) { return }
3484
- var i = 0;
3485
- for (var it3 = size - 1; (carry !== 0 || i < length) && (it3 !== -1); it3--, i++) {
3486
- carry += (BASE * b256[it3]) >>> 0;
3487
- b256[it3] = (carry % 256) >>> 0;
3488
- carry = (carry / 256) >>> 0;
3489
- }
3490
- if (carry !== 0) { throw new Error('Non-zero carry') }
3491
- length = i;
3492
- psz++;
3493
- }
3494
- // Skip leading zeroes in b256.
3495
- var it4 = size - length;
3496
- while (it4 !== size && b256[it4] === 0) {
3497
- it4++;
3498
- }
3499
- var vch = _Buffer.allocUnsafe(zeroes + (size - it4));
3500
- vch.fill(0x00, 0, zeroes);
3501
- var j = zeroes;
3502
- while (it4 !== size) {
3503
- vch[j++] = b256[it4++];
3504
- }
3505
- return vch
3506
- }
3507
- function decode (string) {
3508
- var buffer = decodeUnsafe(string);
3509
- if (buffer) { return buffer }
3510
- throw new Error('Non-base' + BASE + ' character')
3511
- }
3512
- return {
3513
- encode: encode,
3514
- decodeUnsafe: decodeUnsafe,
3515
- decode: decode
3516
- }
3517
- }
3518
- src = base;
3519
- return src;
3520
- }
3521
-
3522
- var bs58$1;
3523
- var hasRequiredBs58;
3524
-
3525
- function requireBs58 () {
3526
- if (hasRequiredBs58) return bs58$1;
3527
- hasRequiredBs58 = 1;
3528
- var basex = requireSrc();
3529
- var ALPHABET = '123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz';
3530
-
3531
- bs58$1 = basex(ALPHABET);
3532
- return bs58$1;
3533
- }
3534
-
3535
- var bs58Exports = requireBs58();
3536
- var bs58 = /*@__PURE__*/getDefaultExportFromCjs(bs58Exports);
3537
-
3538
3313
  // ─────────────────────────────────────────────────────────────
3539
3314
  // Local implementation of getSimulationComputeUnits
3540
3315
  // (Replaces @solana-developers/helpers to avoid Wallet import issue in browser/ESM builds)
@@ -3792,36 +3567,7 @@ async function buildSetDocumentsTransaction(connection, idl, anchorProvider, pay
3792
3567
  return { tx: vTx, blockhash, lastValidBlockHeight };
3793
3568
  }
3794
3569
 
3795
- /* ------------------------------------------------------------------ */
3796
- /* ENV helpers */
3797
- /* ------------------------------------------------------------------ */
3798
- // Canonical `BOUNDED_PRIVATE_KEY` (matches the CLI). Only consulted when no
3799
- // explicit keypair was provided (createWalletClient passes one).
3800
- const ENV_KEYPAIR = "BOUNDED_PRIVATE_KEY";
3801
- const LEGACY_ENV_KEYPAIR = "BOUNDED_SOLANA_KEYPAIR";
3802
- function loadKeypairFromEnv() {
3803
- if (process.env[LEGACY_ENV_KEYPAIR]) {
3804
- throw new Error(`${LEGACY_ENV_KEYPAIR} is no longer supported. Set ${ENV_KEYPAIR} instead, ` +
3805
- `or pass an explicit keypair via createWalletClient({ keypair }).`);
3806
- }
3807
- const secret = process.env[ENV_KEYPAIR];
3808
- if (!secret) {
3809
- throw new Error(`No server keypair for this top-level call. The top-level get/set/subscribe/etc. use an ` +
3810
- `AMBIENT session — set ${ENV_KEYPAIR} to a base-58 secret key (or JSON array) to provide one. ` +
3811
- `If you already created a wallet with createWalletClient({ keypair }), call ITS methods instead ` +
3812
- `(client.subscribe / client.set / client.get): that client is self-contained and deliberately does ` +
3813
- `not set the ambient session, so the top-level functions can't see it.`);
3814
- }
3815
- try {
3816
- const secretKey = secret.trim().startsWith("[")
3817
- ? Uint8Array.from(JSON.parse(secret))
3818
- : bs58.decode(secret.trim());
3819
- return Keypair.fromSecretKey(secretKey);
3820
- }
3821
- catch (err) {
3822
- throw new Error(`Unable to parse ${ENV_KEYPAIR}. Ensure it is valid base-58 or JSON.`);
3823
- }
3824
- }
3570
+ const NO_AMBIENT_SERVER_SESSION = "Server sessions are not process-global. Use createWalletClient({ keypair }) and call that wallet client's methods.";
3825
3571
  /* ------------------------------------------------------------------ */
3826
3572
  /* SESSION MANAGER */
3827
3573
  /* ------------------------------------------------------------------ */
@@ -3844,8 +3590,10 @@ class ServerSessionManager {
3844
3590
  * Session creation (instance method)
3845
3591
  * ---------------------------------------------- */
3846
3592
  async createSession() {
3847
- var _a;
3848
- const kp = (_a = this.keypair) !== null && _a !== void 0 ? _a : loadKeypairFromEnv();
3593
+ if (!this.keypair) {
3594
+ throw new Error(NO_AMBIENT_SERVER_SESSION);
3595
+ }
3596
+ const kp = this.keypair;
3849
3597
  const address = kp.publicKey.toBase58();
3850
3598
  /* fetch nonce from auth API */
3851
3599
  const nonce = await genAuthNonce();
@@ -3907,7 +3655,7 @@ class ServerSessionManager {
3907
3655
  return (_b = (_a = this.session) === null || _a === void 0 ? void 0 : _a.refreshToken) !== null && _b !== void 0 ? _b : null;
3908
3656
  }
3909
3657
  }
3910
- /* The default singleton instance (reads keypair from env) */
3658
+ /* The default singleton exists only so top-level server calls fail closed. */
3911
3659
  ServerSessionManager.instance = new ServerSessionManager();
3912
3660
 
3913
3661
  /**
@@ -5401,11 +5149,8 @@ async function setMany(many, options) {
5401
5149
  async function handleOffchainTransaction(tx, authProvider, options) {
5402
5150
  var _a, _b, _c, _d, _e, _f;
5403
5151
  const config = await getConfig();
5404
- // 1. Sign the transaction message using mock signing for offchain transactions
5405
- // Use signMessageMock if available (OffchainAuthProvider), otherwise fall back to signMessage
5406
- const signature = authProvider.signMessageMock
5407
- ? await authProvider.signMessageMock(tx.message)
5408
- : await authProvider.signMessage(tx.message);
5152
+ // 1. Sign the transaction message using the provider's canonical signer.
5153
+ const signature = await authProvider.signMessage(tx.message);
5409
5154
  // 2. Create signed transaction
5410
5155
  const signedTx = {
5411
5156
  transaction: tx,
@@ -5950,7 +5695,7 @@ async function getOrCreateConnection(appId, isServer, routePath, authTokenProvid
5950
5695
  const roomKey = roomKeyFromRoutePath(routePath);
5951
5696
  // A wallet-scoped subscription (server WalletClient) gets its OWN connection
5952
5697
  // keyed by the wallet identity, so its WS authenticates as that wallet and
5953
- // never shares a connection (or token) with the ambient env identity.
5698
+ // never shares a connection (or token) with any top-level server caller.
5954
5699
  const base = roomKey ? `${appId}#room#${roomKey}` : appId;
5955
5700
  const connKey = principalKey ? `${base}#id#${principalKey}` : base;
5956
5701
  let connection = connections.get(connKey);
@@ -6007,7 +5752,7 @@ async function getOrCreateConnection(appId, isServer, routePath, authTokenProvid
6007
5752
  }
6008
5753
  // Resolve auth token if available. A wallet-scoped connection resolves
6009
5754
  // its token from the wallet's own session (self-refreshing); all others
6010
- // use the ambient env/web session. The token is sent as the first WS
5755
+ // use the browser session or fail closed for top-level server calls. The token is sent as the first WS
6011
5756
  // frame after open, never as a URL query parameter.
6012
5757
  let authToken;
6013
5758
  try {
@@ -6358,8 +6103,8 @@ async function subscribeV2(path, subscriptionOptions, roomRoutePath) {
6358
6103
  // subscribes with identical options (shared process / SSR / login-switch).
6359
6104
  // Per-subscription wallet override (server WalletClient.subscribe). When set,
6360
6105
  // the connection authenticates + caches under the wallet's identity instead of
6361
- // the ambient env keypair — so a `createWalletClient` caller can subscribe
6362
- // without setting BOUNDED_PRIVATE_KEY (and never crashes resolving it).
6106
+ // any top-level server caller — so a `createWalletClient` caller can
6107
+ // subscribe through its explicit wallet session.
6363
6108
  const overrides = subscriptionOptions._overrides;
6364
6109
  const authTokenProvider = (overrides === null || overrides === void 0 ? void 0 : overrides._getAuthHeaders)
6365
6110
  ? async () => bearerFromAuthHeaders(await overrides._getAuthHeaders()) || null
@@ -6648,7 +6393,7 @@ async function doReconnectWithNewAuth() {
6648
6393
  console.warn('[WS v2] Failed to clear HTTP read cache on auth change:', error);
6649
6394
  }
6650
6395
  try {
6651
- const { reconnectRealtimeStoreWithNewAuth } = await import('./realtime-store-DVnh5nQ8.mjs');
6396
+ const { reconnectRealtimeStoreWithNewAuth } = await import('./realtime-store-D3t7PyZl.mjs');
6652
6397
  await reconnectRealtimeStoreWithNewAuth();
6653
6398
  }
6654
6399
  catch (error) {
@@ -6988,7 +6733,8 @@ async function invoke(name, args = {}, opts = {}) {
6988
6733
  const base = (config.functionsUrl || DEFAULT_FUNCTIONS_URL).replace(/\/$/, '');
6989
6734
  // Attach the caller's session token automatically (same token as data calls).
6990
6735
  // A wallet-scoped call (server WalletClient.invoke) resolves the token from the
6991
- // wallet's own session; all others use the ambient env/web session.
6736
+ // wallet's own session; browser calls use the active web session. Top-level
6737
+ // server calls fail closed because there is no ambient server signer.
6992
6738
  const authHeader = ((_a = opts._overrides) === null || _a === void 0 ? void 0 : _a._getAuthHeaders)
6993
6739
  ? await opts._overrides._getAuthHeaders()
6994
6740
  : await createAuthHeader(config.isServer);