@bounded-sh/server 0.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/index.js ADDED
@@ -0,0 +1,1058 @@
1
+ 'use strict';
2
+
3
+ var core = require('@bounded-sh/core');
4
+ var buffer = require('buffer');
5
+ var web3_js = require('@solana/web3.js');
6
+ var anchor = require('@coral-xyz/anchor');
7
+ var nacl = require('tweetnacl');
8
+ var bs58 = require('bs58');
9
+ var crypto = require('crypto');
10
+
11
+ function _interopNamespaceDefault(e) {
12
+ var n = Object.create(null);
13
+ if (e) {
14
+ Object.keys(e).forEach(function (k) {
15
+ if (k !== 'default') {
16
+ var d = Object.getOwnPropertyDescriptor(e, k);
17
+ Object.defineProperty(n, k, d.get ? d : {
18
+ enumerable: true,
19
+ get: function () { return e[k]; }
20
+ });
21
+ }
22
+ });
23
+ }
24
+ n.default = e;
25
+ return Object.freeze(n);
26
+ }
27
+
28
+ var anchor__namespace = /*#__PURE__*/_interopNamespaceDefault(anchor);
29
+ var crypto__namespace = /*#__PURE__*/_interopNamespaceDefault(crypto);
30
+
31
+ /* ------------------------------------------------------------- *
32
+ * KEYPAIR ENV-VAR (only consulted when no explicit keypair is given)
33
+ *
34
+ * Most code should pass a keypair explicitly — `createWalletClient({ keypair })`
35
+ * does. The env var is the fallback for the global `set/get` path. `BOUNDED_*`
36
+ * is the canonical name (it matches the CLI's `BOUNDED_PRIVATE_KEY`); the legacy
37
+ * `TAROBASE_SOLANA_KEYPAIR` is still honored so existing setups keep working.
38
+ * ------------------------------------------------------------- */
39
+ const ENV_VARS = ['BOUNDED_PRIVATE_KEY', 'TAROBASE_SOLANA_KEYPAIR']; // base-58 or JSON array
40
+ function loadKeypairFromEnv() {
41
+ var _a;
42
+ let secret;
43
+ let found;
44
+ for (const name of ENV_VARS) {
45
+ const v = (_a = process === null || process === void 0 ? void 0 : process.env) === null || _a === void 0 ? void 0 : _a[name];
46
+ if (v) {
47
+ secret = v;
48
+ found = name;
49
+ break;
50
+ }
51
+ }
52
+ if (!secret) {
53
+ throw new Error(`No server keypair: set ${ENV_VARS[0]} to a base58 secret key (or JSON array), ` +
54
+ `or pass one explicitly via createWalletClient({ keypair }).`);
55
+ }
56
+ try {
57
+ const secretKey = secret.trim().startsWith('[')
58
+ ? Uint8Array.from(JSON.parse(secret))
59
+ : bs58.decode(secret.trim());
60
+ return web3_js.Keypair.fromSecretKey(secretKey);
61
+ }
62
+ catch (err) {
63
+ throw new Error(`Unable to parse ${found}. Ensure it is valid base58 or a JSON array.`);
64
+ }
65
+ }
66
+ /* ──────────────────────────────────────────────────────────
67
+ * Helper – fetch getPriorityFeeEstimate
68
+ * ──────────────────────────────────────────────────────── */
69
+ async function fetchPriorityFee(rpcEndpoint, rawUnsignedTxBuffer) {
70
+ var _a, _b;
71
+ try {
72
+ const res = await fetch(rpcEndpoint, {
73
+ method: "POST",
74
+ headers: { "Content-Type": "application/json" },
75
+ body: JSON.stringify({
76
+ jsonrpc: "2.0",
77
+ id: "1",
78
+ method: "getPriorityFeeEstimate",
79
+ params: [{
80
+ transaction: bs58.encode(rawUnsignedTxBuffer), options: {
81
+ recommended: true
82
+ }
83
+ }]
84
+ })
85
+ });
86
+ const data = await res.json();
87
+ const fee = (_b = (_a = data === null || data === void 0 ? void 0 : data.result) === null || _a === void 0 ? void 0 : _a.priorityFeeEstimate) !== null && _b !== void 0 ? _b : null;
88
+ console.log("Got fee from Helius", fee);
89
+ if (fee != null && fee > 0) {
90
+ return Math.ceil(Number(fee) * 1.2);
91
+ }
92
+ else {
93
+ console.log("No fee from Helius, using default 10000");
94
+ return Math.ceil(10000 * 1.2);
95
+ }
96
+ }
97
+ catch (err) {
98
+ console.warn("Priority‑fee estimate failed:", err);
99
+ return Math.ceil(10000 * 1.2);
100
+ }
101
+ }
102
+ class SolanaKeypairProvider {
103
+ constructor(networkUrl = null, keypair) {
104
+ this.networkUrl = networkUrl;
105
+ this.explicitKeypair = keypair;
106
+ }
107
+ get keypair() {
108
+ var _a, _b;
109
+ return ((_a = this.cachedKeypair) !== null && _a !== void 0 ? _a : (this.cachedKeypair = (_b = this.explicitKeypair) !== null && _b !== void 0 ? _b : loadKeypairFromEnv()));
110
+ }
111
+ /* ----------------------------------------------------------- *
112
+ * (Auth stubs – fill in later if needed)
113
+ * ----------------------------------------------------------- */
114
+ async login() { throw new Error('Not implemented'); }
115
+ async restoreSession() { throw new Error('Not implemented'); }
116
+ async logout() { throw new Error('Not implemented'); }
117
+ /* ----------------------------------------------------------- *
118
+ * Sign arbitrary message
119
+ * ----------------------------------------------------------- */
120
+ async signMessage(message) {
121
+ const sig = nacl.sign.detached(new TextEncoder().encode(message), this.keypair.secretKey);
122
+ return buffer.Buffer.from(sig).toString('base64');
123
+ }
124
+ /* ----------------------------------------------------------- *
125
+ * Sign transaction
126
+ * ----------------------------------------------------------- */
127
+ async signTransaction(transaction) {
128
+ // Use duck typing instead of instanceof to handle multiple @solana/web3.js versions
129
+ const isLegacyTransaction = 'recentBlockhash' in transaction && !('message' in transaction && 'staticAccountKeys' in transaction.message);
130
+ if (isLegacyTransaction) {
131
+ transaction.partialSign(this.keypair);
132
+ }
133
+ else {
134
+ transaction.sign([this.keypair]);
135
+ }
136
+ return transaction;
137
+ }
138
+ /**
139
+ * Signs and submits a Solana transaction to the network.
140
+ *
141
+ * This method handles blockhash and transaction confirmation automatically - you do NOT need to
142
+ * set recentBlockhash or lastValidBlockHeight on the transaction before calling this method.
143
+ * The network/RPC URL is derived from the provider's configuration (set during initialization).
144
+ *
145
+ * @param transaction - The transaction to sign and submit (Transaction or VersionedTransaction)
146
+ * @param feePayer - Optional fee payer public key. If not provided and the transaction doesn't
147
+ * already have a feePayer set, the keypair's public key will be used.
148
+ * Useful for co-signing scenarios where a different account pays the fees.
149
+ * @returns The transaction signature
150
+ */
151
+ async signAndSubmitTransaction(transaction, feePayer) {
152
+ // 1. Get RPC URL and create connection
153
+ const rpcUrl = this.getRpcUrl();
154
+ const connection = new web3_js.Connection(rpcUrl, 'confirmed');
155
+ // 2. Get fresh blockhash and set it on the transaction before signing
156
+ const { blockhash, lastValidBlockHeight } = await connection.getLatestBlockhash('confirmed');
157
+ // Use duck typing instead of instanceof to handle multiple @solana/web3.js versions
158
+ const isLegacyTransaction = 'recentBlockhash' in transaction && !('message' in transaction && 'staticAccountKeys' in transaction.message);
159
+ if (isLegacyTransaction) {
160
+ const legacyTx = transaction;
161
+ legacyTx.recentBlockhash = blockhash;
162
+ legacyTx.lastValidBlockHeight = lastValidBlockHeight;
163
+ // Set feePayer if not already set
164
+ if (!legacyTx.feePayer) {
165
+ legacyTx.feePayer = feePayer !== null && feePayer !== void 0 ? feePayer : this.keypair.publicKey;
166
+ }
167
+ }
168
+ else {
169
+ // VersionedTransaction
170
+ const versionedTx = transaction;
171
+ versionedTx.message.recentBlockhash = blockhash;
172
+ // Note: VersionedTransaction feePayer is set in the message at creation time
173
+ // and cannot be modified after creation
174
+ }
175
+ // 3. Sign the transaction
176
+ const signedTx = await this.signTransaction(transaction);
177
+ // 4. Submit and confirm using shared helper
178
+ const { signature } = await this.submitAndConfirmTransaction(signedTx, connection);
179
+ return signature;
180
+ }
181
+ /* ----------------------------------------------------------- *
182
+ * Private Helpers
183
+ * ----------------------------------------------------------- */
184
+ /**
185
+ * Submits a signed transaction and waits for confirmation using polling.
186
+ * Shared by both signAndSubmitTransaction and runTransactionInner.
187
+ */
188
+ async submitAndConfirmTransaction(signedTx, connection, options) {
189
+ var _a, _b, _c, _d;
190
+ const sig = await connection.sendRawTransaction(signedTx.serialize(), {
191
+ preflightCommitment: 'confirmed'
192
+ });
193
+ // Wait for confirmation using polling
194
+ const startTime = Date.now();
195
+ const timeoutMs = 10 * 1000; // 10 seconds
196
+ while (true) {
197
+ const st = await connection.getSignatureStatus(sig);
198
+ if ((_a = st === null || st === void 0 ? void 0 : st.value) === null || _a === void 0 ? void 0 : _a.err) {
199
+ // Transaction confirmed but failed on-chain — fetch logs for a readable error
200
+ const txInfo = await connection.getTransaction(sig, {
201
+ maxSupportedTransactionVersion: 0,
202
+ commitment: 'confirmed'
203
+ });
204
+ const logMessages = (_b = txInfo === null || txInfo === void 0 ? void 0 : txInfo.meta) === null || _b === void 0 ? void 0 : _b.logMessages;
205
+ const errorMessage = logMessages ? JSON.stringify(logMessages) : JSON.stringify((_c = st === null || st === void 0 ? void 0 : st.value) === null || _c === void 0 ? void 0 : _c.err);
206
+ throw new Error(`Transaction failed: ${errorMessage}`);
207
+ }
208
+ if (((_d = st === null || st === void 0 ? void 0 : st.value) === null || _d === void 0 ? void 0 : _d.confirmationStatus) === 'confirmed') {
209
+ break;
210
+ }
211
+ // Check if we've exceeded the timeout
212
+ if (Date.now() - startTime > timeoutMs) {
213
+ throw new Error(`Transaction confirmation timeout after ${timeoutMs / 1000} seconds`);
214
+ }
215
+ await new Promise(resolve => setTimeout(resolve, 500));
216
+ }
217
+ // Optionally fetch transaction info
218
+ let txInfo = null;
219
+ if (options === null || options === void 0 ? void 0 : options.fetchTxInfo) {
220
+ txInfo = await connection.getTransaction(sig, {
221
+ maxSupportedTransactionVersion: 0,
222
+ commitment: 'confirmed'
223
+ });
224
+ }
225
+ return { signature: sig, txInfo };
226
+ }
227
+ getRpcUrl(network) {
228
+ if (this.networkUrl) {
229
+ return this.networkUrl;
230
+ }
231
+ if (network === 'solana_devnet') {
232
+ return SOLANA_DEVNET_RPC_URL;
233
+ }
234
+ else if (network === 'solana_mainnet') {
235
+ return SOLANA_MAINNET_RPC_URL;
236
+ }
237
+ else if (network === 'surfnet') {
238
+ return SURFNET_RPC_URL;
239
+ }
240
+ return SOLANA_MAINNET_RPC_URL; // default to mainnet
241
+ }
242
+ /* ----------------------------------------------------------- *
243
+ * Transaction runner
244
+ * ----------------------------------------------------------- */
245
+ async runTransaction(_evm, sol, opts) {
246
+ if (!sol)
247
+ throw new Error('Solana transaction data required');
248
+ const kp = this.keypair;
249
+ // Helper for duck typing - checks if transaction is legacy Transaction vs VersionedTransaction
250
+ const isLegacyTx = (tx) => {
251
+ return 'recentBlockhash' in tx && !('message' in tx && 'staticAccountKeys' in tx.message);
252
+ };
253
+ const wallet = {
254
+ publicKey: kp.publicKey,
255
+ signTransaction: async (tx) => {
256
+ // Use duck typing instead of instanceof to handle multiple @solana/web3.js versions
257
+ if (isLegacyTx(tx)) {
258
+ tx.partialSign(kp);
259
+ }
260
+ else {
261
+ tx.sign([kp]);
262
+ }
263
+ return tx;
264
+ },
265
+ signAllTransactions: async (txs) => txs.map((t) => {
266
+ // Use duck typing instead of instanceof to handle multiple @solana/web3.js versions
267
+ if (isLegacyTx(t)) {
268
+ t.partialSign(kp);
269
+ }
270
+ else {
271
+ t.sign([kp]);
272
+ }
273
+ return t;
274
+ }),
275
+ };
276
+ /* de-dupe remaining accounts */
277
+ const deduped = (() => {
278
+ const fin = [];
279
+ for (const acc of core.convertRemainingAccounts(sol.txArgs[0].remainingAccounts)) {
280
+ const ex = fin.find((x) => x.pubkey.equals(acc.pubkey));
281
+ if (ex) {
282
+ ex.isSigner || (ex.isSigner = acc.isSigner);
283
+ ex.isWritable || (ex.isWritable = acc.isWritable);
284
+ }
285
+ else
286
+ fin.push(acc);
287
+ }
288
+ return fin;
289
+ })();
290
+ let retries = 0;
291
+ let didPass = false;
292
+ let delay = 1000;
293
+ let toReturn = null;
294
+ let errorMessage = "";
295
+ while (retries < 5) {
296
+ try {
297
+ toReturn = await this.runTransactionInner(sol, opts, wallet, kp, deduped);
298
+ didPass = true;
299
+ break;
300
+ }
301
+ catch (error) {
302
+ console.log("Error building and sending transaction on retry:", retries, error);
303
+ await new Promise(resolve => setTimeout(resolve, delay));
304
+ // Exponential backoff
305
+ delay *= 1.5;
306
+ retries++;
307
+ errorMessage = error.message || JSON.stringify(error, null, 2);
308
+ }
309
+ }
310
+ if (!didPass) {
311
+ throw new Error(`Failed to send transaction after 5 retries: ${errorMessage}`);
312
+ }
313
+ return toReturn;
314
+ }
315
+ async runTransactionInner(sol, opts, wallet, kp, deduped) {
316
+ var _a, _b, _c;
317
+ let rpcUrl = this.getRpcUrl(sol.network);
318
+ const connection = new web3_js.Connection(rpcUrl, 'confirmed');
319
+ const anchorProvider = new anchor__namespace.AnchorProvider(connection, wallet, anchor__namespace.AnchorProvider.defaultOptions());
320
+ const app_id = sol.appId;
321
+ if (!app_id)
322
+ throw new Error('app_id missing');
323
+ // When the server has co-signed a transaction (CPI attestation),
324
+ // deserialize it and just add the wallet signature instead of
325
+ // building from components.
326
+ let tx;
327
+ let blockhash;
328
+ let lastValidBlockHeight;
329
+ if (sol.signedTransaction) {
330
+ tx = web3_js.VersionedTransaction.deserialize(buffer.Buffer.from(sol.signedTransaction, 'base64'));
331
+ const latestBlockhash = await connection.getLatestBlockhash('confirmed');
332
+ blockhash = latestBlockhash.blockhash;
333
+ lastValidBlockHeight = latestBlockhash.lastValidBlockHeight;
334
+ }
335
+ else {
336
+ const result = await core.buildSetDocumentsTransaction(connection, sol.txArgs[0].idl, anchorProvider, kp.publicKey, {
337
+ app_id,
338
+ documents: sol.txArgs[0].setDocumentData,
339
+ delete_paths: sol.txArgs[0].deletePaths,
340
+ txData: sol.txArgs[0].txData
341
+ }, deduped, sol.lutKey, sol.preInstructions, false, sol.additionalLutAddresses);
342
+ tx = result.tx;
343
+ blockhash = result.blockhash;
344
+ lastValidBlockHeight = result.lastValidBlockHeight;
345
+ }
346
+ // Helper for duck typing - checks if transaction is legacy Transaction vs VersionedTransaction
347
+ const isLegacyTx = (t) => {
348
+ return 'recentBlockhash' in t && !('message' in t && 'staticAccountKeys' in t.message);
349
+ };
350
+ // Refresh blockhash and lastValidBlockHeight
351
+ // Use duck typing instead of instanceof to handle multiple @solana/web3.js versions
352
+ if (isLegacyTx(tx)) {
353
+ tx.partialSign(kp);
354
+ tx.recentBlockhash = blockhash;
355
+ tx.lastValidBlockHeight = lastValidBlockHeight;
356
+ tx.feePayer = kp.publicKey;
357
+ }
358
+ else {
359
+ tx.sign([kp]);
360
+ tx.message.recentBlockhash = blockhash;
361
+ }
362
+ // 3️⃣ Optional priority‑fee instruction
363
+ const rawUnsigned = tx.serialize({ requireAllSignatures: false });
364
+ const microLamports = await fetchPriorityFee(connection.rpcEndpoint, rawUnsigned);
365
+ if (microLamports != null) {
366
+ // Use duck typing instead of instanceof to handle multiple @solana/web3.js versions
367
+ if (isLegacyTx(tx)) {
368
+ tx.instructions.unshift(web3_js.ComputeBudgetProgram.setComputeUnitPrice({ microLamports }));
369
+ tx.partialSign(kp);
370
+ }
371
+ else {
372
+ // For pre-signed (attestation) transactions, we can't rebuild — skip priority fee
373
+ if (!sol.signedTransaction) {
374
+ // Rebuild the transaction with the new priority fee
375
+ const roundTwo = await core.buildSetDocumentsTransaction(connection, sol.txArgs[0].idl, anchorProvider, kp.publicKey, {
376
+ app_id,
377
+ documents: sol.txArgs[0].setDocumentData,
378
+ delete_paths: sol.txArgs[0].deletePaths,
379
+ txData: sol.txArgs[0].txData
380
+ }, deduped, sol.lutKey, [web3_js.ComputeBudgetProgram.setComputeUnitPrice({ microLamports }), ...sol.preInstructions], false, sol.additionalLutAddresses);
381
+ tx = roundTwo.tx;
382
+ blockhash = roundTwo.blockhash;
383
+ lastValidBlockHeight = roundTwo.lastValidBlockHeight;
384
+ tx.sign([kp]);
385
+ tx.message.recentBlockhash = blockhash;
386
+ }
387
+ }
388
+ }
389
+ if ((opts === null || opts === void 0 ? void 0 : opts.shouldSubmitTx) === false) {
390
+ return { signedTransaction: tx, blockNumber: 0, gasUsed: '0', data: '' };
391
+ }
392
+ // Submit and confirm using shared helper
393
+ const { signature, txInfo } = await this.submitAndConfirmTransaction(tx, connection, { fetchTxInfo: true });
394
+ return {
395
+ transactionSignature: signature,
396
+ blockNumber: (_a = txInfo === null || txInfo === void 0 ? void 0 : txInfo.slot) !== null && _a !== void 0 ? _a : 0,
397
+ gasUsed: (_c = (_b = txInfo === null || txInfo === void 0 ? void 0 : txInfo.meta) === null || _b === void 0 ? void 0 : _b.fee.toString()) !== null && _c !== void 0 ? _c : '0',
398
+ data: txInfo === null || txInfo === void 0 ? void 0 : txInfo.meta,
399
+ };
400
+ }
401
+ /* ----------------------------------------------------------- */
402
+ async getNativeMethods() {
403
+ return { keypair: this.keypair };
404
+ }
405
+ }
406
+
407
+ /**
408
+ * Server-side OffchainAuthProvider wrapper for the poofnet environment.
409
+ *
410
+ * For signMessage, this generates a mock signature using SHA-256 hashing.
411
+ * This is used for offchain transaction signing.
412
+ */
413
+ class OffchainAuthProvider {
414
+ constructor(wrappedProvider) {
415
+ this.wrappedProvider = wrappedProvider;
416
+ }
417
+ async login() {
418
+ return this.wrappedProvider.login();
419
+ }
420
+ async logout() {
421
+ return this.wrappedProvider.logout();
422
+ }
423
+ async restoreSession() {
424
+ return this.wrappedProvider.restoreSession();
425
+ }
426
+ async getNativeMethods() {
427
+ return this.wrappedProvider.getNativeMethods();
428
+ }
429
+ async signMessage(message) {
430
+ // Delegate to wrapped provider for real signing
431
+ return this.wrappedProvider.signMessage(message);
432
+ }
433
+ async signMessageMock(message) {
434
+ // Generate mock signature (SHA-256 hash of message, base64 encoded)
435
+ // This is used for offchain transaction signing
436
+ const hash = crypto__namespace.createHash('sha256').update(message).digest('base64');
437
+ return hash;
438
+ }
439
+ async signTransaction(transaction) {
440
+ throw new Error('Poofnet does not support real Solana transactions. Deploy your project to mainnet to use this feature.');
441
+ }
442
+ /**
443
+ * Sign and submit transaction - not supported in poofnet environment.
444
+ * See the real providers (PhantomWalletProvider, PrivyWalletProvider, SolanaKeypairProvider)
445
+ * for the full implementation with blockhash handling and feePayer support.
446
+ */
447
+ async signAndSubmitTransaction(_transaction, _feePayer) {
448
+ throw new Error('Poofnet does not support real Solana transactions. Deploy your project to mainnet to use this feature.');
449
+ }
450
+ async runTransaction(evmTransactionData, solTransactionData, options) {
451
+ return this.wrappedProvider.runTransaction(evmTransactionData, solTransactionData, options);
452
+ }
453
+ }
454
+
455
+ let currentAuthProvider = null;
456
+ const SOLANA_DEVNET_RPC_URL = "https://idelle-8nxsep-fast-devnet.helius-rpc.com";
457
+ const SOLANA_MAINNET_RPC_URL = "https://celestia-cegncv-fast-mainnet.helius-rpc.com";
458
+ const SURFNET_RPC_URL = "https://surfpool.fly.dev";
459
+ async function getAuthProvider() {
460
+ var _a;
461
+ const config = await core.getConfig();
462
+ if (currentAuthProvider) {
463
+ // If provider exists but chain is "offchain" and it's not already wrapped, rewrap it
464
+ if (config.chain === "offchain" && !(currentAuthProvider instanceof OffchainAuthProvider)) {
465
+ currentAuthProvider = new OffchainAuthProvider(currentAuthProvider);
466
+ }
467
+ return currentAuthProvider;
468
+ }
469
+ currentAuthProvider = await matchAuthProvider((_a = config.rpcUrl) !== null && _a !== void 0 ? _a : null);
470
+ // Wrap with OffchainAuthProvider for offchain chain
471
+ if (config.chain === "offchain") {
472
+ currentAuthProvider = new OffchainAuthProvider(currentAuthProvider);
473
+ }
474
+ return currentAuthProvider;
475
+ }
476
+ async function matchAuthProvider(rpcUrl) {
477
+ return new SolanaKeypairProvider(rpcUrl);
478
+ }
479
+
480
+ let authProviderInstance = null;
481
+ async function init(newConfig) {
482
+ // Initialize config first so getAuthProvider can access it
483
+ // Server-side skips backend init since it already has all needed config
484
+ await core.init(Object.assign(Object.assign({}, newConfig), { isServer: true, skipBackendInit: true }));
485
+ // Get the auth provider (which will wrap it if chain is "offchain")
486
+ authProviderInstance = await getAuthProvider();
487
+ // Update config with the wrapped provider
488
+ await core.init(Object.assign(Object.assign({}, newConfig), { authProvider: authProviderInstance, isServer: true, skipBackendInit: true }));
489
+ }
490
+
491
+ // Wrapper for getIdToken - passes isServer=true for server-side usage
492
+ async function getIdToken() {
493
+ return core.getIdToken(true);
494
+ }
495
+
496
+ var __rest = (undefined && undefined.__rest) || function (s, e) {
497
+ var t = {};
498
+ for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p) && e.indexOf(p) < 0)
499
+ t[p] = s[p];
500
+ if (s != null && typeof Object.getOwnPropertySymbols === "function")
501
+ for (var i = 0, p = Object.getOwnPropertySymbols(s); i < p.length; i++) {
502
+ if (e.indexOf(p[i]) < 0 && Object.prototype.propertyIsEnumerable.call(s, p[i]))
503
+ t[p[i]] = s[p[i]];
504
+ }
505
+ return t;
506
+ };
507
+ /* ------------------------------------------------------------------ */
508
+ /* Keypair parsing */
509
+ /* ------------------------------------------------------------------ */
510
+ function parseKeypair(secret) {
511
+ const trimmed = secret.trim();
512
+ try {
513
+ const secretKey = trimmed.startsWith('[')
514
+ ? Uint8Array.from(JSON.parse(trimmed))
515
+ : bs58.decode(trimmed);
516
+ return web3_js.Keypair.fromSecretKey(secretKey);
517
+ }
518
+ catch (_a) {
519
+ throw new Error('Invalid keypair: must be base58 or JSON array.');
520
+ }
521
+ }
522
+ /**
523
+ * Whether a JWT is expired or within 60s of expiry (or unparseable). Used to
524
+ * decide if the wallet should re-sign for a fresh token. Server-only (Node
525
+ * Buffer); a keypair-backed session can always re-sign, so this is safe to be
526
+ * conservative about.
527
+ */
528
+ function jwtExpiringSoon(token) {
529
+ if (!token)
530
+ return true;
531
+ try {
532
+ const part = token.split('.')[1];
533
+ const json = Buffer.from(part.replace(/-/g, '+').replace(/_/g, '/'), 'base64').toString('utf8');
534
+ const exp = JSON.parse(json).exp;
535
+ if (!exp)
536
+ return false;
537
+ return Date.now() > exp * 1000 - 60000;
538
+ }
539
+ catch (_a) {
540
+ return true;
541
+ }
542
+ }
543
+ /* ------------------------------------------------------------------ */
544
+ /* WalletClient */
545
+ /* ------------------------------------------------------------------ */
546
+ class WalletClient {
547
+ constructor(provider, sessionManager, address) {
548
+ this.provider = provider;
549
+ this.sessionManager = sessionManager;
550
+ this.address = address;
551
+ }
552
+ /* ---- Auth override helpers ---- */
553
+ buildOverrides() {
554
+ return {
555
+ authProvider: this.provider,
556
+ _getAuthHeaders: async () => {
557
+ let s = await this.sessionManager.getSession();
558
+ // Keypair-backed session: if the cached token is expired/near-expiry,
559
+ // re-sign for a fresh one (we always hold the key). Keeps long-lived WS
560
+ // subscriptions authenticated across reconnects, and stops one-shot reads
561
+ // from sending a stale token.
562
+ if (jwtExpiringSoon(s.idToken)) {
563
+ this.sessionManager.clearSession();
564
+ s = await this.sessionManager.getSession();
565
+ }
566
+ return { Authorization: `Bearer ${s.idToken}` };
567
+ },
568
+ _clearAuth: async () => {
569
+ this.sessionManager.clearSession();
570
+ },
571
+ _walletAddress: this.address,
572
+ };
573
+ }
574
+ /** Strip Authorization from caller headers to prevent overriding wallet token */
575
+ sanitizeHeaders(headers) {
576
+ if (!headers)
577
+ return undefined;
578
+ const _a = headers, { Authorization, authorization } = _a, rest = __rest(_a, ["Authorization", "authorization"]);
579
+ return Object.keys(rest).length > 0 ? rest : undefined;
580
+ }
581
+ mergeSetOverrides(opts) {
582
+ var _a;
583
+ const ovr = this.buildOverrides();
584
+ return Object.assign(Object.assign({}, opts), { _overrides: Object.assign(Object.assign({}, opts === null || opts === void 0 ? void 0 : opts._overrides), { headers: this.sanitizeHeaders((_a = opts === null || opts === void 0 ? void 0 : opts._overrides) === null || _a === void 0 ? void 0 : _a.headers), authProvider: ovr.authProvider, _getAuthHeaders: ovr._getAuthHeaders, _clearAuth: ovr._clearAuth }) });
585
+ }
586
+ mergeReadOverrides(existing) {
587
+ const ovr = this.buildOverrides();
588
+ return Object.assign(Object.assign({}, existing), { headers: this.sanitizeHeaders(existing === null || existing === void 0 ? void 0 : existing.headers), _getAuthHeaders: ovr._getAuthHeaders, _clearAuth: ovr._clearAuth, _walletAddress: ovr._walletAddress });
589
+ }
590
+ /* ---- Data operations ---- */
591
+ async set(path, document, options) {
592
+ return core.set(path, document, this.mergeSetOverrides(options));
593
+ }
594
+ async setMany(many, options) {
595
+ return core.setMany(many, this.mergeSetOverrides(options));
596
+ }
597
+ async setFile(path, file, options) {
598
+ return core.setFile(path, file, { _overrides: this.mergeReadOverrides(options === null || options === void 0 ? void 0 : options._overrides) });
599
+ }
600
+ async get(path, opts) {
601
+ return core.get(path, Object.assign(Object.assign({}, opts), { _overrides: this.mergeReadOverrides(opts === null || opts === void 0 ? void 0 : opts._overrides) }));
602
+ }
603
+ async getMany(paths, opts) {
604
+ return core.getMany(paths, Object.assign(Object.assign({}, opts), { _overrides: this.mergeReadOverrides() }));
605
+ }
606
+ async getFiles(path, options) {
607
+ return core.getFiles(path, { _overrides: this.mergeReadOverrides(options === null || options === void 0 ? void 0 : options._overrides) });
608
+ }
609
+ async search(path, query, opts = {}) {
610
+ return core.search(path, query, Object.assign(Object.assign({}, opts), { _overrides: this.mergeReadOverrides(opts === null || opts === void 0 ? void 0 : opts._overrides) }));
611
+ }
612
+ async runQuery(absolutePath, queryName, queryArgs, opts) {
613
+ return core.runQuery(absolutePath, queryName, queryArgs, Object.assign(Object.assign({}, opts), { _overrides: this.mergeReadOverrides(opts === null || opts === void 0 ? void 0 : opts._overrides) }));
614
+ }
615
+ async runQueryMany(many, opts) {
616
+ return core.runQueryMany(many, Object.assign(Object.assign({}, opts), { _overrides: this.mergeReadOverrides(opts === null || opts === void 0 ? void 0 : opts._overrides) }));
617
+ }
618
+ async runExpression(expression, queryArgs, options) {
619
+ return core.runExpression(expression, queryArgs, Object.assign(Object.assign({}, options), { _overrides: this.mergeReadOverrides(options === null || options === void 0 ? void 0 : options._overrides) }));
620
+ }
621
+ async runExpressionMany(many) {
622
+ const ovr = this.mergeReadOverrides();
623
+ return core.runExpressionMany(many.map(m => (Object.assign(Object.assign({}, m), { _overrides: ovr }))));
624
+ }
625
+ async count(path, opts = {}) {
626
+ return core.count(path, Object.assign(Object.assign({}, opts), { _overrides: this.mergeReadOverrides(opts === null || opts === void 0 ? void 0 : opts._overrides) }));
627
+ }
628
+ async aggregate(path, operation, opts = {}) {
629
+ return core.aggregate(path, operation, Object.assign(Object.assign({}, opts), { _overrides: this.mergeReadOverrides(opts === null || opts === void 0 ? void 0 : opts._overrides) }));
630
+ }
631
+ async queryAggregate(path, spec, opts = {}) {
632
+ return core.queryAggregate(path, spec, Object.assign(Object.assign({}, opts), { _overrides: this.mergeReadOverrides(opts === null || opts === void 0 ? void 0 : opts._overrides) }));
633
+ }
634
+ /**
635
+ * Subscribe to real-time updates as THIS wallet's identity. Unlike the global
636
+ * `subscribe`, this needs no `BOUNDED_PRIVATE_KEY` env var — the WS connection
637
+ * authenticates with the wallet's own session (so read rules see the right
638
+ * principal), and is scoped to its own connection so it never crosses another
639
+ * identity. Accepts a bare callback or `{ onData, onError, filter, ... }`.
640
+ * Returns an async unsubscribe.
641
+ */
642
+ async subscribe(path, options) {
643
+ const opts = typeof options === 'function' ? { onData: options } : Object.assign({}, options);
644
+ const ovr = this.buildOverrides();
645
+ return core.subscribe(path, Object.assign(Object.assign({}, opts), { _overrides: {
646
+ _getAuthHeaders: ovr._getAuthHeaders,
647
+ _clearAuth: ovr._clearAuth,
648
+ _walletAddress: ovr._walletAddress,
649
+ } }));
650
+ }
651
+ /**
652
+ * Invoke a deployed Bounded Function AS this wallet's identity. Unlike the
653
+ * top-level `functions.invoke`, this needs no `BOUNDED_PRIVATE_KEY` env var —
654
+ * the dispatcher sees the wallet's verified session, so the function's `auth`
655
+ * rule + `ctx.user` reflect this client. Returns the function's JSON; throws
656
+ * `FunctionInvokeError` on 401/403/404/503.
657
+ */
658
+ async invoke(name, args = {}, opts = {}) {
659
+ const ovr = this.buildOverrides();
660
+ return core.functions.invoke(name, args, Object.assign(Object.assign({}, opts), { _overrides: { _getAuthHeaders: ovr._getAuthHeaders } }));
661
+ }
662
+ /* ---- Signing operations (use provider directly) ---- */
663
+ async signMessage(message) {
664
+ return this.provider.signMessage(message);
665
+ }
666
+ async signTransaction(transaction) {
667
+ return this.provider.signTransaction(transaction);
668
+ }
669
+ async signAndSubmitTransaction(transaction, feePayer) {
670
+ return this.provider.signAndSubmitTransaction(transaction, feePayer);
671
+ }
672
+ }
673
+ /**
674
+ * Create a self-contained wallet client bound to a specific keypair.
675
+ * Each client has its own auth session — no global state is mutated.
676
+ *
677
+ * @example
678
+ * ```ts
679
+ * const vault = await createWalletClient({ keypair: process.env.VAULT_KEY });
680
+ * await vault.set('markets/123', data);
681
+ * ```
682
+ */
683
+ async function createWalletClient(opts) {
684
+ var _a;
685
+ const kp = parseKeypair(opts.keypair);
686
+ const config = await core.getConfig();
687
+ let provider = new SolanaKeypairProvider((_a = config.rpcUrl) !== null && _a !== void 0 ? _a : null, kp);
688
+ if (config.chain === 'offchain') {
689
+ provider = new OffchainAuthProvider(provider);
690
+ }
691
+ const sessionManager = core.ServerSessionManager.forKeypair(kp);
692
+ // Eagerly authenticate so failures surface immediately
693
+ await sessionManager.getSession();
694
+ return new WalletClient(provider, sessionManager, kp.publicKey.toBase58());
695
+ }
696
+
697
+ // ---------------------------------------------------------------------------
698
+ // webhooks.ts -- Verify signed inbound mutation webhooks.
699
+ //
700
+ // The Tarobase realtime worker fires outbound webhooks for declared
701
+ // collections after a mutation commits, signed with a platform Ed25519 private
702
+ // key. This module verifies those signatures on the receiving server.
703
+ //
704
+ // verifyWebhook():
705
+ // 1. Fetches the platform's hosted public keys (well-known endpoint),
706
+ // cached in-memory with a TTL.
707
+ // 2. Picks the key matching the X-Bounded-Key-Id header.
708
+ // 3. Verifies the Ed25519 signature (X-Bounded-Signature) over the RAW body.
709
+ // 4. Checks the X-Bounded-Timestamp is within an allowed skew.
710
+ // 5. Returns the parsed, typed payload — or throws.
711
+ //
712
+ // Verification uses WebCrypto (globalThis.crypto.subtle), available natively in
713
+ // Node 18+, Bun, Deno, Cloudflare Workers, and modern browsers.
714
+ // ---------------------------------------------------------------------------
715
+ // Default to PRODUCTION keys so an omitted keysUrl is production-safe (audit
716
+ // SDK LOW-7). Staging receivers must pass keysUrl explicitly.
717
+ const DEFAULT_WEBHOOK_KEYS_URL = "https://realtime.bounded.sh/.well-known/bounded-webhook-keys.json";
718
+ const DEFAULT_MAX_SKEW_SECONDS = 300;
719
+ const DEFAULT_CACHE_TTL_MS = 300000;
720
+ class WebhookVerificationError extends Error {
721
+ constructor(message) {
722
+ super(message);
723
+ this.name = "WebhookVerificationError";
724
+ }
725
+ }
726
+ function getHeader(headers, name) {
727
+ var _a;
728
+ if (headers && typeof headers.get === "function") {
729
+ return headers.get(name);
730
+ }
731
+ const lower = name.toLowerCase();
732
+ const obj = headers;
733
+ for (const key of Object.keys(obj)) {
734
+ if (key.toLowerCase() === lower) {
735
+ const value = obj[key];
736
+ return Array.isArray(value) ? (_a = value[0]) !== null && _a !== void 0 ? _a : null : value !== null && value !== void 0 ? value : null;
737
+ }
738
+ }
739
+ return null;
740
+ }
741
+ // ---------------------------------------------------------------------------
742
+ // Base64
743
+ // ---------------------------------------------------------------------------
744
+ function base64ToBytes(b64) {
745
+ const binary = typeof Buffer !== "undefined"
746
+ ? Buffer.from(b64, "base64").toString("binary")
747
+ : atob(b64);
748
+ const buffer = new ArrayBuffer(binary.length);
749
+ const bytes = new Uint8Array(buffer);
750
+ for (let i = 0; i < binary.length; i++)
751
+ bytes[i] = binary.charCodeAt(i);
752
+ return bytes;
753
+ }
754
+ function utf8Bytes(text) {
755
+ const encoded = new TextEncoder().encode(text);
756
+ const buffer = new ArrayBuffer(encoded.length);
757
+ const bytes = new Uint8Array(buffer);
758
+ bytes.set(encoded);
759
+ return bytes;
760
+ }
761
+ const keyCache = new Map();
762
+ /** Clear the in-memory key cache (mainly for tests). */
763
+ function clearWebhookKeyCache() {
764
+ keyCache.clear();
765
+ }
766
+ async function loadKeys(keysUrl, cacheTtlMs, fetchImpl, now) {
767
+ const cached = keyCache.get(keysUrl);
768
+ if (cached && cached.expiresAt > now()) {
769
+ return cached.keys;
770
+ }
771
+ let res;
772
+ try {
773
+ res = await fetchImpl(keysUrl);
774
+ }
775
+ catch (err) {
776
+ throw new WebhookVerificationError(`Failed to fetch webhook keys from ${keysUrl}: ${err.message}`);
777
+ }
778
+ if (!res.ok) {
779
+ throw new WebhookVerificationError(`Failed to fetch webhook keys from ${keysUrl}: HTTP ${res.status}`);
780
+ }
781
+ const body = (await res.json());
782
+ if (!body || !Array.isArray(body.keys)) {
783
+ throw new WebhookVerificationError(`Webhook keys endpoint ${keysUrl} returned an invalid payload.`);
784
+ }
785
+ keyCache.set(keysUrl, { keys: body.keys, expiresAt: now() + cacheTtlMs });
786
+ return body.keys;
787
+ }
788
+ // ---------------------------------------------------------------------------
789
+ // In-memory replay store (single-process receivers)
790
+ // ---------------------------------------------------------------------------
791
+ /**
792
+ * A simple in-memory {@link WebhookReplayStore}. Records seen event ids until
793
+ * their skew-window expiry and lazily evicts expired entries. Suitable for a
794
+ * single-process receiver; use a shared store (Redis, KV, a DB unique
795
+ * constraint) for multi-instance deployments.
796
+ */
797
+ class InMemoryReplayStore {
798
+ constructor() {
799
+ this.seen = new Map();
800
+ }
801
+ checkAndRecord(id, expiresAtMs) {
802
+ const now = Date.now();
803
+ // Opportunistic eviction of expired entries to bound memory.
804
+ if (this.seen.size > 0) {
805
+ for (const [key, exp] of this.seen) {
806
+ if (exp <= now)
807
+ this.seen.delete(key);
808
+ }
809
+ }
810
+ const existing = this.seen.get(id);
811
+ if (existing !== undefined && existing > now) {
812
+ return true; // replay
813
+ }
814
+ this.seen.set(id, expiresAtMs);
815
+ return false;
816
+ }
817
+ /** Clear all recorded ids (mainly for tests). */
818
+ clear() {
819
+ this.seen.clear();
820
+ }
821
+ }
822
+ // ---------------------------------------------------------------------------
823
+ // verifyWebhook
824
+ // ---------------------------------------------------------------------------
825
+ /**
826
+ * Verify a signed inbound webhook and return its typed payload.
827
+ *
828
+ * @param rawBody The exact raw request body string the platform signed. Must be
829
+ * the unparsed bytes — re-serializing parsed JSON may not match byte-for-byte.
830
+ * @param headers The inbound request headers (a Headers instance or a plain
831
+ * object; case-insensitive).
832
+ * @param opts Optional overrides (keys URL, skew, cache TTL, fetch).
833
+ * @returns The parsed, validated {@link WebhookPayload}.
834
+ * @throws {WebhookVerificationError} if anything fails verification.
835
+ */
836
+ async function verifyWebhook(rawBody, headers, opts = {}) {
837
+ var _a, _b, _c, _d, _e, _f;
838
+ // Resolution order: explicit opts.keysUrl > the configured Bounded network's
839
+ // hosted keys (so a staging receiver verifies staging-signed deliveries
840
+ // without passing keysUrl) > the production default (fail-closed when the
841
+ // network is unknown — audit SDK LOW-7).
842
+ const keysUrl = (_b = (_a = opts.keysUrl) !== null && _a !== void 0 ? _a : core.getWebhookKeysUrl()) !== null && _b !== void 0 ? _b : DEFAULT_WEBHOOK_KEYS_URL;
843
+ const maxSkew = (_c = opts.maxSkewSeconds) !== null && _c !== void 0 ? _c : DEFAULT_MAX_SKEW_SECONDS;
844
+ const cacheTtlMs = (_d = opts.cacheTtlMs) !== null && _d !== void 0 ? _d : DEFAULT_CACHE_TTL_MS;
845
+ const fetchImpl = (_e = opts.fetchImpl) !== null && _e !== void 0 ? _e : globalThis.fetch;
846
+ const now = (_f = opts.now) !== null && _f !== void 0 ? _f : Date.now;
847
+ if (typeof fetchImpl !== "function") {
848
+ throw new WebhookVerificationError("No fetch implementation available; pass opts.fetchImpl.");
849
+ }
850
+ const signature = getHeader(headers, "X-Bounded-Signature");
851
+ const keyId = getHeader(headers, "X-Bounded-Key-Id");
852
+ const timestampHeader = getHeader(headers, "X-Bounded-Timestamp");
853
+ if (!signature)
854
+ throw new WebhookVerificationError("Missing X-Bounded-Signature header.");
855
+ if (!keyId)
856
+ throw new WebhookVerificationError("Missing X-Bounded-Key-Id header.");
857
+ if (!timestampHeader)
858
+ throw new WebhookVerificationError("Missing X-Bounded-Timestamp header.");
859
+ const headerTimestamp = Number(timestampHeader);
860
+ if (!Number.isFinite(headerTimestamp)) {
861
+ throw new WebhookVerificationError("Invalid X-Bounded-Timestamp header.");
862
+ }
863
+ // Resolve the signing key by id.
864
+ const keys = await loadKeys(keysUrl, cacheTtlMs, fetchImpl, now);
865
+ let key = keys.find((k) => k.id === keyId);
866
+ // Cache-miss tolerance: a freshly-rotated key may not be cached yet. Force a
867
+ // single refresh before giving up.
868
+ if (!key) {
869
+ keyCache.delete(keysUrl);
870
+ const refreshed = await loadKeys(keysUrl, cacheTtlMs, fetchImpl, now);
871
+ key = refreshed.find((k) => k.id === keyId);
872
+ }
873
+ if (!key) {
874
+ throw new WebhookVerificationError(`No public key found for key id "${keyId}".`);
875
+ }
876
+ if (key.alg !== "ed25519") {
877
+ throw new WebhookVerificationError(`Unsupported key algorithm "${key.alg}".`);
878
+ }
879
+ // Verify the Ed25519 signature over the raw body.
880
+ const subtle = (globalThis.crypto && globalThis.crypto.subtle);
881
+ if (!subtle) {
882
+ throw new WebhookVerificationError("WebCrypto (crypto.subtle) is not available.");
883
+ }
884
+ let cryptoKey;
885
+ try {
886
+ cryptoKey = await subtle.importKey("raw", base64ToBytes(key.publicKey), { name: "Ed25519" }, false, ["verify"]);
887
+ }
888
+ catch (err) {
889
+ throw new WebhookVerificationError(`Failed to import Ed25519 public key: ${err.message}`);
890
+ }
891
+ const ok = await subtle.verify({ name: "Ed25519" }, cryptoKey, base64ToBytes(signature), utf8Bytes(rawBody));
892
+ if (!ok) {
893
+ throw new WebhookVerificationError("Webhook signature verification failed.");
894
+ }
895
+ // Parse and shallow-validate the payload.
896
+ let payload;
897
+ try {
898
+ payload = JSON.parse(rawBody);
899
+ }
900
+ catch (_g) {
901
+ throw new WebhookVerificationError("Webhook body is not valid JSON.");
902
+ }
903
+ if (!payload ||
904
+ typeof payload.id !== "string" ||
905
+ typeof payload.appId !== "string" ||
906
+ typeof payload.path !== "string" ||
907
+ (payload.operation !== "create" &&
908
+ payload.operation !== "update" &&
909
+ payload.operation !== "delete") ||
910
+ typeof payload.timestamp !== "number" ||
911
+ !Number.isFinite(payload.timestamp)) {
912
+ throw new WebhookVerificationError("Webhook payload is missing required fields.");
913
+ }
914
+ // Replay protection: the timestamp used for the skew window MUST be the SIGNED
915
+ // payload.timestamp, not the unsigned X-Bounded-Timestamp header. An attacker
916
+ // can swap the header freely without breaking the Ed25519 signature, so the
917
+ // header alone is no replay bound. We also require the header to equal the
918
+ // signed value so the (unsigned) header cannot diverge from what was signed.
919
+ if (headerTimestamp !== payload.timestamp) {
920
+ throw new WebhookVerificationError("X-Bounded-Timestamp header does not match the signed payload timestamp.");
921
+ }
922
+ const nowSeconds = Math.floor(now() / 1000);
923
+ if (Math.abs(nowSeconds - payload.timestamp) > maxSkew) {
924
+ throw new WebhookVerificationError(`Webhook timestamp outside allowed skew of ${maxSkew}s (delta ${Math.abs(nowSeconds - payload.timestamp)}s).`);
925
+ }
926
+ // Optional nonce/replay cache: reject a previously-seen event id within the
927
+ // skew window. The signed payload.id uniquely identifies the delivery.
928
+ if (opts.replayStore) {
929
+ const expiresAtMs = (payload.timestamp + maxSkew) * 1000;
930
+ const replayed = await opts.replayStore.checkAndRecord(payload.id, expiresAtMs);
931
+ if (replayed) {
932
+ throw new WebhookVerificationError(`Webhook replay detected for event id "${payload.id}".`);
933
+ }
934
+ }
935
+ return payload;
936
+ }
937
+
938
+ Object.defineProperty(exports, "FunctionInvokeError", {
939
+ enumerable: true,
940
+ get: function () { return core.FunctionInvokeError; }
941
+ });
942
+ Object.defineProperty(exports, "InsufficientBalanceError", {
943
+ enumerable: true,
944
+ get: function () { return core.InsufficientBalanceError; }
945
+ });
946
+ Object.defineProperty(exports, "LiveIntentError", {
947
+ enumerable: true,
948
+ get: function () { return core.LiveIntentError; }
949
+ });
950
+ Object.defineProperty(exports, "aggregate", {
951
+ enumerable: true,
952
+ get: function () { return core.aggregate; }
953
+ });
954
+ Object.defineProperty(exports, "count", {
955
+ enumerable: true,
956
+ get: function () { return core.count; }
957
+ });
958
+ Object.defineProperty(exports, "functions", {
959
+ enumerable: true,
960
+ get: function () { return core.functions; }
961
+ });
962
+ Object.defineProperty(exports, "get", {
963
+ enumerable: true,
964
+ get: function () { return core.get; }
965
+ });
966
+ Object.defineProperty(exports, "getConfig", {
967
+ enumerable: true,
968
+ get: function () { return core.getConfig; }
969
+ });
970
+ Object.defineProperty(exports, "getFiles", {
971
+ enumerable: true,
972
+ get: function () { return core.getFiles; }
973
+ });
974
+ Object.defineProperty(exports, "getMany", {
975
+ enumerable: true,
976
+ get: function () { return core.getMany; }
977
+ });
978
+ Object.defineProperty(exports, "invokeFunction", {
979
+ enumerable: true,
980
+ get: function () { return core.invokeFunction; }
981
+ });
982
+ Object.defineProperty(exports, "live", {
983
+ enumerable: true,
984
+ get: function () { return core.live; }
985
+ });
986
+ Object.defineProperty(exports, "liveIntent", {
987
+ enumerable: true,
988
+ get: function () { return core.liveIntent; }
989
+ });
990
+ Object.defineProperty(exports, "queryAggregate", {
991
+ enumerable: true,
992
+ get: function () { return core.queryAggregate; }
993
+ });
994
+ Object.defineProperty(exports, "runExpression", {
995
+ enumerable: true,
996
+ get: function () { return core.runExpression; }
997
+ });
998
+ Object.defineProperty(exports, "runExpressionMany", {
999
+ enumerable: true,
1000
+ get: function () { return core.runExpressionMany; }
1001
+ });
1002
+ Object.defineProperty(exports, "runQuery", {
1003
+ enumerable: true,
1004
+ get: function () { return core.runQuery; }
1005
+ });
1006
+ Object.defineProperty(exports, "runQueryMany", {
1007
+ enumerable: true,
1008
+ get: function () { return core.runQueryMany; }
1009
+ });
1010
+ Object.defineProperty(exports, "search", {
1011
+ enumerable: true,
1012
+ get: function () { return core.search; }
1013
+ });
1014
+ Object.defineProperty(exports, "set", {
1015
+ enumerable: true,
1016
+ get: function () { return core.set; }
1017
+ });
1018
+ Object.defineProperty(exports, "setFile", {
1019
+ enumerable: true,
1020
+ get: function () { return core.setFile; }
1021
+ });
1022
+ Object.defineProperty(exports, "setMany", {
1023
+ enumerable: true,
1024
+ get: function () { return core.setMany; }
1025
+ });
1026
+ Object.defineProperty(exports, "signAndSubmitTransaction", {
1027
+ enumerable: true,
1028
+ get: function () { return core.signAndSubmitTransaction; }
1029
+ });
1030
+ Object.defineProperty(exports, "signMessage", {
1031
+ enumerable: true,
1032
+ get: function () { return core.signMessage; }
1033
+ });
1034
+ Object.defineProperty(exports, "signTransaction", {
1035
+ enumerable: true,
1036
+ get: function () { return core.signTransaction; }
1037
+ });
1038
+ Object.defineProperty(exports, "subscribe", {
1039
+ enumerable: true,
1040
+ get: function () { return core.subscribe; }
1041
+ });
1042
+ exports.DEFAULT_WEBHOOK_KEYS_URL = DEFAULT_WEBHOOK_KEYS_URL;
1043
+ exports.InMemoryReplayStore = InMemoryReplayStore;
1044
+ exports.WalletClient = WalletClient;
1045
+ exports.WebhookVerificationError = WebhookVerificationError;
1046
+ exports.clearWebhookKeyCache = clearWebhookKeyCache;
1047
+ exports.createWalletClient = createWalletClient;
1048
+ exports.getAuthProvider = getAuthProvider;
1049
+ exports.getIdToken = getIdToken;
1050
+ exports.init = init;
1051
+ exports.verifyWebhook = verifyWebhook;
1052
+ Object.keys(core).forEach(function (k) {
1053
+ if (k !== 'default' && !Object.prototype.hasOwnProperty.call(exports, k)) Object.defineProperty(exports, k, {
1054
+ enumerable: true,
1055
+ get: function () { return core[k]; }
1056
+ });
1057
+ });
1058
+ //# sourceMappingURL=index.js.map