@bsv/sdk 1.3.5 → 1.3.6

package/src/wallet/KeyDeriver.ts

@@ -23,7 +23,7 @@ export interface KeyDeriverApi {
      * @param {boolean} [forSelf=false] - Optional. false if undefined. Whether deriving for self.
      * @returns {PublicKey} - The derived public key.
      */
-  derivePublicKey(protocolID: WalletProtocol, keyID: string, counterparty: Counterparty, forSelf?: boolean): PublicKey
+  derivePublicKey: (protocolID: WalletProtocol, keyID: string, counterparty: Counterparty, forSelf?: boolean) => PublicKey
 
   /**
      * Derives a private key based on protocol ID, key ID, and counterparty.
@@ -32,7 +32,7 @@ export interface KeyDeriverApi {
      * @param {Counterparty} counterparty - The counterparty's public key or a predefined value ('self' or 'anyone').
      * @returns {PrivateKey} - The derived private key.
      */
-  derivePrivateKey(protocolID: WalletProtocol, keyID: string, counterparty: Counterparty): PrivateKey
+  derivePrivateKey: (protocolID: WalletProtocol, keyID: string, counterparty: Counterparty) => PrivateKey
 
   /**
      * Derives a symmetric key based on protocol ID, key ID, and counterparty.
@@ -41,9 +41,8 @@ export interface KeyDeriverApi {
      * @param {string} keyID - The key identifier.
      * @param {Counterparty} counterparty - The counterparty's public key or a predefined value ('self' or 'anyone').
      * @returns {SymmetricKey} - The derived symmetric key.
-     * @throws {Error} - Throws an error if attempting to derive a symmetric key for 'anyone'.
      */
-  deriveSymmetricKey(protocolID: WalletProtocol, keyID: string, counterparty: Counterparty): SymmetricKey
+  deriveSymmetricKey: (protocolID: WalletProtocol, keyID: string, counterparty: Counterparty) => SymmetricKey
 
   /**
      * Reveals the shared secret between the root key and the counterparty.
@@ -52,7 +51,7 @@ export interface KeyDeriverApi {
      * @returns {number[]} - The shared secret as a number array.
      * @throws {Error} - Throws an error if attempting to reveal a shared secret for 'self'.
      */
-  revealCounterpartySecret(counterparty: Counterparty): number[]
+  revealCounterpartySecret: (counterparty: Counterparty) => number[]
 
   /**
      * Reveals the specific key association for a given protocol ID, key ID, and counterparty.
@@ -61,7 +60,7 @@ export interface KeyDeriverApi {
      * @param {string} keyID - The key identifier.
      * @returns {number[]} - The specific key association as a number array.
      */
-  revealSpecificSecret(counterparty: Counterparty, protocolID: WalletProtocol, keyID: string): number[]
+  revealSpecificSecret: (counterparty: Counterparty, protocolID: WalletProtocol, keyID: string) => number[]
 }
 
 /**
@@ -76,7 +75,7 @@ export class KeyDeriver implements KeyDeriverApi {
      * Initializes the KeyDeriver instance with a root private key.
      * @param {PrivateKey | 'anyone'} rootKey - The root private key or the string 'anyone'.
      */
-  constructor(rootKey: PrivateKey | 'anyone') {
+  constructor (rootKey: PrivateKey | 'anyone') {
     if (rootKey === 'anyone') {
       this.rootKey = new PrivateKey(1)
     } else {
@@ -93,7 +92,7 @@ export class KeyDeriver implements KeyDeriverApi {
      * @param {boolean} [forSelf=false] - Whether deriving for self.
      * @returns {PublicKey} - The derived public key.
      */
-  derivePublicKey(protocolID: WalletProtocol, keyID: string, counterparty: Counterparty, forSelf: boolean = false): PublicKey {
+  derivePublicKey (protocolID: WalletProtocol, keyID: string, counterparty: Counterparty, forSelf: boolean = false): PublicKey {
     counterparty = this.normalizeCounterparty(counterparty)
     if (forSelf) {
       return this.rootKey.deriveChild(counterparty, this.computeInvoiceNumber(protocolID, keyID)).toPublicKey()
@@ -109,7 +108,7 @@ export class KeyDeriver implements KeyDeriverApi {
      * @param {Counterparty} counterparty - The counterparty's public key or a predefined value ('self' or 'anyone').
      * @returns {PrivateKey} - The derived private key.
      */
-  derivePrivateKey(protocolID: WalletProtocol, keyID: string, counterparty: Counterparty): PrivateKey {
+  derivePrivateKey (protocolID: WalletProtocol, keyID: string, counterparty: Counterparty): PrivateKey {
     counterparty = this.normalizeCounterparty(counterparty)
     return this.rootKey.deriveChild(counterparty, this.computeInvoiceNumber(protocolID, keyID))
   }
@@ -121,18 +120,17 @@ export class KeyDeriver implements KeyDeriverApi {
      * @param {string} keyID - The key identifier.
      * @param {Counterparty} counterparty - The counterparty's public key or a predefined value ('self' or 'anyone').
      * @returns {SymmetricKey} - The derived symmetric key.
-     * @throws {Error} - Throws an error if attempting to derive a symmetric key for 'anyone'.
      */
-  deriveSymmetricKey(protocolID: WalletProtocol, keyID: string, counterparty: Counterparty): SymmetricKey {
+  deriveSymmetricKey (protocolID: WalletProtocol, keyID: string, counterparty: Counterparty): SymmetricKey {
+    // If counterparty is 'anyone', we use 1*G as the public key.
+    // This is a publicly derivable key and should only be used in scenarios where public disclosure is intended.
     if (counterparty === 'anyone') {
-      throw new Error(
-        'Symmetric keys (such as encryption keys or HMAC keys) should not be derivable by everyone, because messages would be decryptable by anyone who knows the identity public key of the user, and HMACs would be similarly forgeable.'
-      )
+      counterparty = new PrivateKey(1).toPublicKey()
     }
     counterparty = this.normalizeCounterparty(counterparty)
     const derivedPublicKey = this.derivePublicKey(protocolID, keyID, counterparty)
     const derivedPrivateKey = this.derivePrivateKey(protocolID, keyID, counterparty)
-    return new SymmetricKey(derivedPrivateKey.deriveSharedSecret(derivedPublicKey).x!.toArray())
+    return new SymmetricKey(derivedPrivateKey.deriveSharedSecret(derivedPublicKey).x.toArray())
   }
 
   /**
@@ -142,7 +140,7 @@ export class KeyDeriver implements KeyDeriverApi {
      * @returns {number[]} - The shared secret as a number array.
      * @throws {Error} - Throws an error if attempting to reveal a shared secret for 'self'.
      */
-  revealCounterpartySecret(counterparty: Counterparty): number[] {
+  revealCounterpartySecret (counterparty: Counterparty): number[] {
     if (counterparty === 'self') {
       throw new Error('Counterparty secrets cannot be revealed for counterparty=self.')
     }
@@ -167,7 +165,7 @@ export class KeyDeriver implements KeyDeriverApi {
      * @param {string} keyID - The key identifier.
      * @returns {number[]} - The specific key association as a number array.
      */
-  revealSpecificSecret(counterparty: Counterparty, protocolID: WalletProtocol, keyID: string): number[] {
+  revealSpecificSecret (counterparty: Counterparty, protocolID: WalletProtocol, keyID: string): number[] {
     counterparty = this.normalizeCounterparty(counterparty)
     const sharedSecret = this.rootKey.deriveSharedSecret(counterparty)
     const invoiceNumberBin = Utils.toArray(this.computeInvoiceNumber(protocolID, keyID), 'utf8')
@@ -180,7 +178,7 @@ export class KeyDeriver implements KeyDeriverApi {
      * @returns {PublicKey} - The normalized counterparty public key.
      * @throws {Error} - Throws an error if the counterparty is invalid.
      */
-  private normalizeCounterparty(counterparty: Counterparty): PublicKey {
+  private normalizeCounterparty (counterparty: Counterparty): PublicKey {
     if (!counterparty) {
       throw new Error('counterparty must be self, anyone or a public key!')
     } else if (counterparty === 'self') {
@@ -201,7 +199,7 @@ export class KeyDeriver implements KeyDeriverApi {
      * @returns {string} - The computed invoice number.
      * @throws {Error} - Throws an error if protocol ID or key ID are invalid.
      */
-  private computeInvoiceNumber(protocolID: WalletProtocol, keyID: string): string {
+  private computeInvoiceNumber (protocolID: WalletProtocol, keyID: string): string {
     const securityLevel = protocolID[0]
     if (!Number.isInteger(securityLevel) || securityLevel < 0 || securityLevel > 2) {
       throw new Error('Protocol security level must be 0, 1, or 2')
@@ -243,4 +241,4 @@ export class KeyDeriver implements KeyDeriverApi {
   }
 }
 
-export default KeyDeriver
+export default KeyDeriver

package/src/wallet/ProtoWallet.ts

@@ -31,48 +31,48 @@ const privilegedError = new Error('ProtoWallet is a single-keyring wallet, opera
 /**
  * A ProtoWallet is precursor to a full wallet, capable of performing all foundational cryptographic operations.
  * It can derive keys, create signatures, facilitate encryption and HMAC operations, and reveal key linkages.
- * 
+ *
  * However, ProtoWallet does not create transactions, manage outputs, interact with the blockchain,
  * enable the management of identity certificates, or store any data.
  */
 export class ProtoWallet implements ProtoWalletApi {
   keyDeriver: KeyDeriverApi
 
-  constructor(rootKeyOrKeyDeriver: PrivateKey | 'anyone' | KeyDeriverApi) {
+  constructor (rootKeyOrKeyDeriver: PrivateKey | 'anyone' | KeyDeriverApi) {
     if (typeof rootKeyOrKeyDeriver['identityKey'] !== 'string') {
       rootKeyOrKeyDeriver = new KeyDeriver(rootKeyOrKeyDeriver as PrivateKey | 'anyone')
     }
     this.keyDeriver = rootKeyOrKeyDeriver as KeyDeriver
   }
 
-  async isAuthenticated(args: {}, Originator?: OriginatorDomainNameStringUnder250Bytes): Promise<AuthenticatedResult> {
+  async isAuthenticated (args: {}, Originator?: OriginatorDomainNameStringUnder250Bytes): Promise<AuthenticatedResult> {
     return { authenticated: true }
   }
 
-  async waitForAuthentication(args: {}, Originator?: OriginatorDomainNameStringUnder250Bytes): Promise<AuthenticatedResult> {
+  async waitForAuthentication (args: {}, Originator?: OriginatorDomainNameStringUnder250Bytes): Promise<AuthenticatedResult> {
     return { authenticated: true }
   }
 
-  async getNetwork(args: {}, Originator?: OriginatorDomainNameStringUnder250Bytes): Promise<GetNetworkResult> {
+  async getNetwork (args: {}, Originator?: OriginatorDomainNameStringUnder250Bytes): Promise<GetNetworkResult> {
     return { network: 'mainnet' }
   }
 
-  async getVersion(args: {}, Originator?: OriginatorDomainNameStringUnder250Bytes): Promise<GetVersionResult> {
+  async getVersion (args: {}, Originator?: OriginatorDomainNameStringUnder250Bytes): Promise<GetVersionResult> {
     return { version: 'proto-1.0.0' }
   }
 
   /**
    * Convenience method to obtain the identityKey.
-   * @param originator 
+   * @param originator
    * @returns `await this.getPublicKey({ identityKey: true }, originator)`
    */
-  async getIdentityKey(
+  async getIdentityKey (
     originator?: OriginatorDomainNameStringUnder250Bytes
   ): Promise<{ publicKey: PubKeyHex }> {
     return await this.getPublicKey({ identityKey: true }, originator)
   }
 
-  async getPublicKey(
+  async getPublicKey (
     args: GetPublicKeyArgs,
     originator?: OriginatorDomainNameStringUnder250Bytes
   ): Promise<{ publicKey: PubKeyHex }> {
@@ -98,7 +98,7 @@ export class ProtoWallet implements ProtoWalletApi {
     }
   }
 
-  async revealCounterpartyKeyLinkage(
+  async revealCounterpartyKeyLinkage (
     args: RevealCounterpartyKeyLinkageArgs,
     originator?: OriginatorDomainNameStringUnder250Bytes
   ): Promise<RevealCounterpartyKeyLinkageResult> {
@@ -136,7 +136,7 @@ export class ProtoWallet implements ProtoWalletApi {
     }
   }
 
-  async revealSpecificKeyLinkage(
+  async revealSpecificKeyLinkage (
     args: RevealSpecificKeyLinkageArgs,
     originator?: OriginatorDomainNameStringUnder250Bytes
   ): Promise<RevealSpecificKeyLinkageResult> {
@@ -173,7 +173,7 @@ export class ProtoWallet implements ProtoWalletApi {
     }
   }
 
-  async encrypt(
+  async encrypt (
     args: WalletEncryptArgs,
     originator?: OriginatorDomainNameStringUnder250Bytes
   ): Promise<WalletEncryptResult> {
@@ -188,7 +188,7 @@ export class ProtoWallet implements ProtoWalletApi {
     return { ciphertext: key.encrypt(args.plaintext) as number[] }
   }
 
-  async decrypt(
+  async decrypt (
     args: WalletDecryptArgs,
     originator?: OriginatorDomainNameStringUnder250Bytes
   ): Promise<WalletDecryptResult> {
@@ -203,7 +203,7 @@ export class ProtoWallet implements ProtoWalletApi {
     return { plaintext: key.decrypt(args.ciphertext) as number[] }
   }
 
-  async createHmac(
+  async createHmac (
     args: CreateHmacArgs,
     originator?: OriginatorDomainNameStringUnder250Bytes
   ): Promise<CreateHmacResult> {
@@ -218,7 +218,7 @@ export class ProtoWallet implements ProtoWalletApi {
     return { hmac: Hash.sha256hmac(key.toArray(), args.data) }
   }
 
-  async verifyHmac(
+  async verifyHmac (
     args: VerifyHmacArgs,
     originator?: OriginatorDomainNameStringUnder250Bytes
   ): Promise<VerifyHmacResult> {
@@ -239,7 +239,7 @@ export class ProtoWallet implements ProtoWalletApi {
     return { valid }
   }
 
-  async createSignature(
+  async createSignature (
     args: CreateSignatureArgs,
     originator?: OriginatorDomainNameStringUnder250Bytes
   ): Promise<CreateSignatureResult> {
@@ -249,7 +249,7 @@ export class ProtoWallet implements ProtoWalletApi {
     if (!args.hashToDirectlySign && !args.data) {
       throw new Error('args.data or args.hashToDirectlySign must be valid')
     }
-    const hash: number[] = args.hashToDirectlySign || Hash.sha256(args.data!)
+    const hash: number[] = args.hashToDirectlySign || Hash.sha256(args.data)
     const key = this.keyDeriver.derivePrivateKey(
       args.protocolID,
       args.keyID,
@@ -258,7 +258,7 @@ export class ProtoWallet implements ProtoWalletApi {
     return { signature: ECDSA.sign(new BigNumber(hash), key, true).toDER() as number[] }
   }
 
-  async verifySignature(
+  async verifySignature (
     args: VerifySignatureArgs,
     originator?: OriginatorDomainNameStringUnder250Bytes
   ): Promise<VerifySignatureResult> {
@@ -268,7 +268,7 @@ export class ProtoWallet implements ProtoWalletApi {
     if (!args.hashToDirectlyVerify && !args.data) {
       throw new Error('args.data or args.hashToDirectlyVerify must be valid')
     }
-    const hash: number[] = args.hashToDirectlyVerify || Hash.sha256(args.data!)
+    const hash: number[] = args.hashToDirectlyVerify || Hash.sha256(args.data)
     const key = this.keyDeriver.derivePublicKey(
       args.protocolID,
       args.keyID,
@@ -285,4 +285,4 @@ export class ProtoWallet implements ProtoWalletApi {
   }
 }
 
-export default ProtoWallet
+export default ProtoWallet

package/src/wallet/Wallet.interfaces.ts

@@ -295,7 +295,6 @@ export interface SendWithResult {
   status: SendWithResultStatus
 }
 
-
 export interface SignableTransaction {
   tx: AtomicBEEF
   reference: Base64String
@@ -366,7 +365,7 @@ export interface SignActionArgs {
 }
 
 /**
- * 
+ *
  */
 export interface SignActionResult {
   txid?: TXIDHexString
@@ -580,9 +579,9 @@ export interface WalletEncryptionArgs {
 
 /**
    * When `identityKey` is true, `WalletEncryptionArgs` are not used.
-   * 
+   *
    * When `identityKey` is undefined, `WalletEncryptionArgs` are required.
-   * 
+   *
    * @param {BooleanDefaultFalse|true} [identityKey] - Use true to retrieve the current user's own identity key, overriding any protocol ID, key ID, or counterparty specified.
    * @param {BooleanDefaultFalse} [forSelf] - Whether to return the public key derived from the current user's own identity (as opposed to the counterparty's identity).
  */
@@ -910,7 +909,7 @@ export interface WalletErrorObject extends Error {
 }
 
 /**
- * 
+ *
  */
 export interface GetPublicKeyResult {
   publicKey: PubKeyHex
@@ -921,7 +920,7 @@ export interface GetPublicKeyResult {
  * key derivation, encryption, decryption, hmac creation and verification, signature generation and verification
  *
  * Error Handling
- * 
+ *
  * Every method of the `Wallet` interface has a return value of the form `Promise<object>`.
  * When an error occurs, an exception object may be thrown which must conform to the `WalletErrorObject` interface.
  * Serialization layers can rely on the `isError` property being unique to error objects to
@@ -1043,9 +1042,9 @@ export interface ProtoWalletApi {
  * encryption, decryption, identity certificate management, identity verification, and communication
  * with applications as per the BRC standards. This interface allows applications to interact with
  * the wallet for a range of functionalities aligned with the Babbage architectural principles.
- * 
+ *
  * Error Handling
- * 
+ *
  * Every method of the `Wallet` interface has a return value of the form `Promise<object>`.
  * When an error occurs, an exception object may be thrown which must conform to the `WalletErrorObject` interface.
  * Serialization layers can rely on the `isError` property being unique to error objects to
@@ -1281,4 +1280,4 @@ export interface Wallet extends ProtoWalletApi {
     args: {},
     originator?: OriginatorDomainNameStringUnder250Bytes
   ) => Promise<GetVersionResult>
-}
+}

package/src/wallet/WalletClient.ts

@@ -1,10 +1,9 @@
-import { AcquireCertificateArgs, AcquireCertificateResult, Base64String, BasketStringUnder300Bytes, BEEF, BooleanDefaultFalse, BooleanDefaultTrue, Byte, CertificateFieldNameUnder50Bytes, CreateActionArgs, CreateActionResult, DescriptionString5to50Bytes, DiscoverCertificatesResult, EntityIconURLStringMax500Bytes, EntityNameStringMax100Bytes, HexString, InternalizeActionArgs, ISOTimestampString, KeyIDStringUnder800Bytes, LabelStringUnder300Bytes, ListActionsArgs, ListActionsResult, ListCertificatesResult, ListOutputsArgs, ListOutputsResult, OriginatorDomainNameStringUnder250Bytes, OutpointString, OutputTagStringUnder300Bytes, PositiveInteger, PositiveIntegerDefault10Max10000, PositiveIntegerMax10, PositiveIntegerOrZero, ProtocolString5To400Bytes, ProveCertificateArgs, ProveCertificateResult, PubKeyHex, SatoshiValue, SecurityLevel, SignActionArgs, SignActionResult, TXIDHexString, VersionString7To30Bytes, Wallet } from './Wallet.interfaces.js'
+import { AcquireCertificateArgs, AcquireCertificateResult, Base64String, BasketStringUnder300Bytes, BEEF, BooleanDefaultFalse, BooleanDefaultTrue, Byte, CertificateFieldNameUnder50Bytes, CreateActionArgs, CreateActionResult, DescriptionString5to50Bytes, DiscoverCertificatesResult, EntityIconURLStringMax500Bytes, EntityNameStringMax100Bytes, HexString, InternalizeActionArgs, ISOTimestampString, KeyIDStringUnder800Bytes, LabelStringUnder300Bytes, ListActionsArgs, ListActionsResult, ListCertificatesResult, ListOutputsArgs, ListOutputsResult, OriginatorDomainNameStringUnder250Bytes, OutpointString, OutputTagStringUnder300Bytes, PositiveInteger, PositiveIntegerDefault10Max10000, PositiveIntegerMax10, PositiveIntegerOrZero, ProtocolString5To400Bytes, ProveCertificateArgs, ProveCertificateResult, PubKeyHex, SatoshiValue, SecurityLevel, SignActionArgs, SignActionResult, TXIDHexString, VersionString7To30Bytes, Wallet, AuthenticatedResult } from './Wallet.interfaces.js'
 import WindowCWISubstrate from './substrates/window.CWI.js'
 import XDMSubstrate from './substrates/XDM.js'
 import WalletWireTransceiver from './substrates/WalletWireTransceiver.js'
 import HTTPWalletWire from './substrates/HTTPWalletWire.js'
 import HTTPWalletJSON from './substrates/HTTPWalletJSON.js'
-import { AuthenticatedResult } from './Wallet.interfaces.js'
 
 const MAX_XDM_RESPONSE_WAIT = 200
 

package/src/wallet/__tests/KeyDeriver.test.ts

@@ -79,8 +79,8 @@ describe('KeyDeriver', () => {
     expect(derivedSymmetricKey.toHex()).toEqual(new SymmetricKey(priv.deriveSharedSecret(pub).x?.toArray()).toHex())
   })
 
-  test('should not derive symmetric key with anyone', () => {
-    expect(() => keyDeriver.deriveSymmetricKey(protocolID, keyID, 'anyone')).toThrow()
+  test('should be able to derive symmetric key with anyone', () => {
+    expect(() => keyDeriver.deriveSymmetricKey(protocolID, keyID, 'anyone')).not.toThrow()
   })
 
   test('should reveal the correct counterparty shared secret', () => {

package/dist/cjs/src/auth/utils/certificateHelpers.js

@@ -1,51 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.createMasterCertificate = createMasterCertificate;
-exports.createVerifiableCertificate = createVerifiableCertificate;
-const mod_js_1 = require("../../../mod.js");
-const MasterCertificate_js_1 = require("../certificates/MasterCertificate.js");
-const VerifiableCertificate_js_1 = require("../certificates/VerifiableCertificate.js");
-/**
- * Creates a Master Certificate by encrypting provided fields and generating a master keyring.
- *
- * @param {ProtoWallet} wallet - The wallet instance used for encryption and public key retrieval.
- * @param {Record<string, string>} fields - The certificate fields to encrypt.
- * @param {string} certificateType - The type of the certificate being created.
- * @param {string} certificateSerialNumber - The serial number of the certificate.
- * @param {string} certifierPublicKey - The public key of the certifier.
- * @returns {Promise<MasterCertificate>} A promise resolving to the created Master Certificate.
- */
-async function createMasterCertificate(wallet, fields, certificateType, certificateSerialNumber, certifierPublicKey) {
-    const certificateFields = {};
-    const masterKeyring = {};
-    for (const fieldName in fields) {
-        const fieldSymmetricKey = mod_js_1.SymmetricKey.fromRandom();
-        const encryptedFieldValue = fieldSymmetricKey.encrypt(mod_js_1.Utils.toArray(fields[fieldName], 'utf8'));
-        certificateFields[fieldName] = mod_js_1.Utils.toBase64(encryptedFieldValue);
-        const encryptedFieldKey = await wallet.encrypt({
-            plaintext: fieldSymmetricKey.toArray(),
-            protocolID: [2, 'certificate field encryption'],
-            keyID: `${certificateSerialNumber} ${fieldName}`,
-            counterparty: 'self'
-        });
-        masterKeyring[fieldName] = mod_js_1.Utils.toBase64(encryptedFieldKey.ciphertext);
-    }
-    return new MasterCertificate_js_1.MasterCertificate(certificateType, certificateSerialNumber, (await wallet.getPublicKey({ identityKey: true })).publicKey, certifierPublicKey, 'revocationOutpoint', certificateFields, masterKeyring);
-}
-/**
- * Creates a Verifiable Certificate by signing a Master Certificate and generating a keyring for a verifier.
- *
- * @param {MasterCertificate} masterCertificate - The master certificate to convert into a verifiable certificate.
- * @param {ProtoWallet} wallet - The wallet instance used for generating a keyring for the verifier.
- * @param {string} verifierIdentityKey - The identity key of the verifier.
- * @param {string[]} fieldsToReveal - The list of fields to reveal to the verifier.
- * @param {PrivateKey} certifierPrivateKey - The private key of the certifier for signing the certificate.
- * @returns {Promise<VerifiableCertificate>} A promise resolving to the created Verifiable Certificate.
- */
-async function createVerifiableCertificate(masterCertificate, wallet, verifierIdentityKey, fieldsToReveal, certifierPrivateKey) {
-    const certifierWallet = new mod_js_1.ProtoWallet(certifierPrivateKey);
-    await masterCertificate.sign(certifierWallet);
-    const keyringForVerifier = await masterCertificate.createKeyringForVerifier(wallet, verifierIdentityKey, fieldsToReveal);
-    return new VerifiableCertificate_js_1.VerifiableCertificate(masterCertificate.type, masterCertificate.serialNumber, masterCertificate.subject, masterCertificate.certifier, masterCertificate.revocationOutpoint, masterCertificate.fields, masterCertificate.signature, keyringForVerifier);
-}
-//# sourceMappingURL=certificateHelpers.js.map

package/dist/cjs/src/auth/utils/certificateHelpers.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"certificateHelpers.js","sourceRoot":"","sources":["../../../../../src/auth/utils/certificateHelpers.ts"],"names":[],"mappings":";;AAcA,0DAiCC;AAYD,kEA0BC;AArFD,4CAA8E;AAC9E,+EAAwE;AACxE,uFAAgF;AAEhF;;;;;;;;;GASG;AACI,KAAK,UAAU,uBAAuB,CAC3C,MAAmB,EACnB,MAA8B,EAC9B,eAAuB,EACvB,uBAA+B,EAC/B,kBAA0B;IAE1B,MAAM,iBAAiB,GAA2B,EAAE,CAAA;IACpD,MAAM,aAAa,GAA2B,EAAE,CAAA;IAEhD,KAAK,MAAM,SAAS,IAAI,MAAM,EAAE,CAAC;QAC/B,MAAM,iBAAiB,GAAG,qBAAY,CAAC,UAAU,EAAE,CAAA;QACnD,MAAM,mBAAmB,GAAG,iBAAiB,CAAC,OAAO,CAAC,cAAK,CAAC,OAAO,CAAC,MAAM,CAAC,SAAS,CAAC,EAAE,MAAM,CAAC,CAAC,CAAA;QAC/F,iBAAiB,CAAC,SAAS,CAAC,GAAG,cAAK,CAAC,QAAQ,CAAC,mBAA+B,CAAC,CAAA;QAE9E,MAAM,iBAAiB,GAAG,MAAM,MAAM,CAAC,OAAO,CAAC;YAC7C,SAAS,EAAE,iBAAiB,CAAC,OAAO,EAAE;YACtC,UAAU,EAAE,CAAC,CAAC,EAAE,8BAA8B,CAAC;YAC/C,KAAK,EAAE,GAAG,uBAAuB,IAAI,SAAS,EAAE;YAChD,YAAY,EAAE,MAAM;SACrB,CAAC,CAAA;QACF,aAAa,CAAC,SAAS,CAAC,GAAG,cAAK,CAAC,QAAQ,CAAC,iBAAiB,CAAC,UAAU,CAAC,CAAA;IACzE,CAAC;IAED,OAAO,IAAI,wCAAiB,CAC1B,eAAe,EACf,uBAAuB,EACvB,CAAC,MAAM,MAAM,CAAC,YAAY,CAAC,EAAE,WAAW,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,SAAS,EAC5D,kBAAkB,EAClB,oBAAoB,EACpB,iBAAiB,EACjB,aAAa,CACd,CAAA;AACH,CAAC;AAED;;;;;;;;;GASG;AACI,KAAK,UAAU,2BAA2B,CAC/C,iBAAoC,EACpC,MAAmB,EACnB,mBAA2B,EAC3B,cAAwB,EACxB,mBAA+B;IAE/B,MAAM,eAAe,GAAG,IAAI,oBAAW,CAAC,mBAAmB,CAAC,CAAA;IAC5D,MAAM,iBAAiB,CAAC,IAAI,CAAC,eAAe,CAAC,CAAA;IAE7C,MAAM,kBAAkB,GAAG,MAAM,iBAAiB,CAAC,wBAAwB,CACzE,MAAM,EACN,mBAAmB,EACnB,cAAc,CACf,CAAA;IAED,OAAO,IAAI,gDAAqB,CAC9B,iBAAiB,CAAC,IAAI,EACtB,iBAAiB,CAAC,YAAY,EAC9B,iBAAiB,CAAC,OAAO,EACzB,iBAAiB,CAAC,SAAS,EAC3B,iBAAiB,CAAC,kBAAkB,EACpC,iBAAiB,CAAC,MAAM,EACxB,iBAAiB,CAAC,SAAS,EAC3B,kBAAkB,CACnB,CAAA;AACH,CAAC"}

package/dist/esm/src/auth/utils/certificateHelpers.js

@@ -1,47 +0,0 @@
-import { SymmetricKey, Utils, ProtoWallet } from "../../../mod.js";
-import { MasterCertificate } from "../certificates/MasterCertificate.js";
-import { VerifiableCertificate } from "../certificates/VerifiableCertificate.js";
-/**
- * Creates a Master Certificate by encrypting provided fields and generating a master keyring.
- *
- * @param {ProtoWallet} wallet - The wallet instance used for encryption and public key retrieval.
- * @param {Record<string, string>} fields - The certificate fields to encrypt.
- * @param {string} certificateType - The type of the certificate being created.
- * @param {string} certificateSerialNumber - The serial number of the certificate.
- * @param {string} certifierPublicKey - The public key of the certifier.
- * @returns {Promise<MasterCertificate>} A promise resolving to the created Master Certificate.
- */
-export async function createMasterCertificate(wallet, fields, certificateType, certificateSerialNumber, certifierPublicKey) {
-    const certificateFields = {};
-    const masterKeyring = {};
-    for (const fieldName in fields) {
-        const fieldSymmetricKey = SymmetricKey.fromRandom();
-        const encryptedFieldValue = fieldSymmetricKey.encrypt(Utils.toArray(fields[fieldName], 'utf8'));
-        certificateFields[fieldName] = Utils.toBase64(encryptedFieldValue);
-        const encryptedFieldKey = await wallet.encrypt({
-            plaintext: fieldSymmetricKey.toArray(),
-            protocolID: [2, 'certificate field encryption'],
-            keyID: `${certificateSerialNumber} ${fieldName}`,
-            counterparty: 'self'
-        });
-        masterKeyring[fieldName] = Utils.toBase64(encryptedFieldKey.ciphertext);
-    }
-    return new MasterCertificate(certificateType, certificateSerialNumber, (await wallet.getPublicKey({ identityKey: true })).publicKey, certifierPublicKey, 'revocationOutpoint', certificateFields, masterKeyring);
-}
-/**
- * Creates a Verifiable Certificate by signing a Master Certificate and generating a keyring for a verifier.
- *
- * @param {MasterCertificate} masterCertificate - The master certificate to convert into a verifiable certificate.
- * @param {ProtoWallet} wallet - The wallet instance used for generating a keyring for the verifier.
- * @param {string} verifierIdentityKey - The identity key of the verifier.
- * @param {string[]} fieldsToReveal - The list of fields to reveal to the verifier.
- * @param {PrivateKey} certifierPrivateKey - The private key of the certifier for signing the certificate.
- * @returns {Promise<VerifiableCertificate>} A promise resolving to the created Verifiable Certificate.
- */
-export async function createVerifiableCertificate(masterCertificate, wallet, verifierIdentityKey, fieldsToReveal, certifierPrivateKey) {
-    const certifierWallet = new ProtoWallet(certifierPrivateKey);
-    await masterCertificate.sign(certifierWallet);
-    const keyringForVerifier = await masterCertificate.createKeyringForVerifier(wallet, verifierIdentityKey, fieldsToReveal);
-    return new VerifiableCertificate(masterCertificate.type, masterCertificate.serialNumber, masterCertificate.subject, masterCertificate.certifier, masterCertificate.revocationOutpoint, masterCertificate.fields, masterCertificate.signature, keyringForVerifier);
-}
-//# sourceMappingURL=certificateHelpers.js.map

package/dist/esm/src/auth/utils/certificateHelpers.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"certificateHelpers.js","sourceRoot":"","sources":["../../../../../src/auth/utils/certificateHelpers.ts"],"names":[],"mappings":"AAAA,OAAO,EAAc,YAAY,EAAE,KAAK,EAAE,WAAW,EAAE,MAAM,iBAAiB,CAAA;AAC9E,OAAO,EAAE,iBAAiB,EAAE,MAAM,sCAAsC,CAAA;AACxE,OAAO,EAAE,qBAAqB,EAAE,MAAM,0CAA0C,CAAA;AAEhF;;;;;;;;;GASG;AACH,MAAM,CAAC,KAAK,UAAU,uBAAuB,CAC3C,MAAmB,EACnB,MAA8B,EAC9B,eAAuB,EACvB,uBAA+B,EAC/B,kBAA0B;IAE1B,MAAM,iBAAiB,GAA2B,EAAE,CAAA;IACpD,MAAM,aAAa,GAA2B,EAAE,CAAA;IAEhD,KAAK,MAAM,SAAS,IAAI,MAAM,EAAE,CAAC;QAC/B,MAAM,iBAAiB,GAAG,YAAY,CAAC,UAAU,EAAE,CAAA;QACnD,MAAM,mBAAmB,GAAG,iBAAiB,CAAC,OAAO,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,SAAS,CAAC,EAAE,MAAM,CAAC,CAAC,CAAA;QAC/F,iBAAiB,CAAC,SAAS,CAAC,GAAG,KAAK,CAAC,QAAQ,CAAC,mBAA+B,CAAC,CAAA;QAE9E,MAAM,iBAAiB,GAAG,MAAM,MAAM,CAAC,OAAO,CAAC;YAC7C,SAAS,EAAE,iBAAiB,CAAC,OAAO,EAAE;YACtC,UAAU,EAAE,CAAC,CAAC,EAAE,8BAA8B,CAAC;YAC/C,KAAK,EAAE,GAAG,uBAAuB,IAAI,SAAS,EAAE;YAChD,YAAY,EAAE,MAAM;SACrB,CAAC,CAAA;QACF,aAAa,CAAC,SAAS,CAAC,GAAG,KAAK,CAAC,QAAQ,CAAC,iBAAiB,CAAC,UAAU,CAAC,CAAA;IACzE,CAAC;IAED,OAAO,IAAI,iBAAiB,CAC1B,eAAe,EACf,uBAAuB,EACvB,CAAC,MAAM,MAAM,CAAC,YAAY,CAAC,EAAE,WAAW,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,SAAS,EAC5D,kBAAkB,EAClB,oBAAoB,EACpB,iBAAiB,EACjB,aAAa,CACd,CAAA;AACH,CAAC;AAED;;;;;;;;;GASG;AACH,MAAM,CAAC,KAAK,UAAU,2BAA2B,CAC/C,iBAAoC,EACpC,MAAmB,EACnB,mBAA2B,EAC3B,cAAwB,EACxB,mBAA+B;IAE/B,MAAM,eAAe,GAAG,IAAI,WAAW,CAAC,mBAAmB,CAAC,CAAA;IAC5D,MAAM,iBAAiB,CAAC,IAAI,CAAC,eAAe,CAAC,CAAA;IAE7C,MAAM,kBAAkB,GAAG,MAAM,iBAAiB,CAAC,wBAAwB,CACzE,MAAM,EACN,mBAAmB,EACnB,cAAc,CACf,CAAA;IAED,OAAO,IAAI,qBAAqB,CAC9B,iBAAiB,CAAC,IAAI,EACtB,iBAAiB,CAAC,YAAY,EAC9B,iBAAiB,CAAC,OAAO,EACzB,iBAAiB,CAAC,SAAS,EAC3B,iBAAiB,CAAC,kBAAkB,EACpC,iBAAiB,CAAC,MAAM,EACxB,iBAAiB,CAAC,SAAS,EAC3B,kBAAkB,CACnB,CAAA;AACH,CAAC"}

package/dist/types/src/auth/utils/certificateHelpers.d.ts

@@ -1,26 +0,0 @@
-import { PrivateKey, ProtoWallet } from "../../../mod.js";
-import { MasterCertificate } from "../certificates/MasterCertificate.js";
-import { VerifiableCertificate } from "../certificates/VerifiableCertificate.js";
-/**
- * Creates a Master Certificate by encrypting provided fields and generating a master keyring.
- *
- * @param {ProtoWallet} wallet - The wallet instance used for encryption and public key retrieval.
- * @param {Record<string, string>} fields - The certificate fields to encrypt.
- * @param {string} certificateType - The type of the certificate being created.
- * @param {string} certificateSerialNumber - The serial number of the certificate.
- * @param {string} certifierPublicKey - The public key of the certifier.
- * @returns {Promise<MasterCertificate>} A promise resolving to the created Master Certificate.
- */
-export declare function createMasterCertificate(wallet: ProtoWallet, fields: Record<string, string>, certificateType: string, certificateSerialNumber: string, certifierPublicKey: string): Promise<MasterCertificate>;
-/**
- * Creates a Verifiable Certificate by signing a Master Certificate and generating a keyring for a verifier.
- *
- * @param {MasterCertificate} masterCertificate - The master certificate to convert into a verifiable certificate.
- * @param {ProtoWallet} wallet - The wallet instance used for generating a keyring for the verifier.
- * @param {string} verifierIdentityKey - The identity key of the verifier.
- * @param {string[]} fieldsToReveal - The list of fields to reveal to the verifier.
- * @param {PrivateKey} certifierPrivateKey - The private key of the certifier for signing the certificate.
- * @returns {Promise<VerifiableCertificate>} A promise resolving to the created Verifiable Certificate.
- */
-export declare function createVerifiableCertificate(masterCertificate: MasterCertificate, wallet: ProtoWallet, verifierIdentityKey: string, fieldsToReveal: string[], certifierPrivateKey: PrivateKey): Promise<VerifiableCertificate>;
-//# sourceMappingURL=certificateHelpers.d.ts.map

package/dist/types/src/auth/utils/certificateHelpers.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"certificateHelpers.d.ts","sourceRoot":"","sources":["../../../../../src/auth/utils/certificateHelpers.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAuB,WAAW,EAAE,MAAM,iBAAiB,CAAA;AAC9E,OAAO,EAAE,iBAAiB,EAAE,MAAM,sCAAsC,CAAA;AACxE,OAAO,EAAE,qBAAqB,EAAE,MAAM,0CAA0C,CAAA;AAEhF;;;;;;;;;GASG;AACH,wBAAsB,uBAAuB,CAC3C,MAAM,EAAE,WAAW,EACnB,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,EAC9B,eAAe,EAAE,MAAM,EACvB,uBAAuB,EAAE,MAAM,EAC/B,kBAAkB,EAAE,MAAM,GACzB,OAAO,CAAC,iBAAiB,CAAC,CA2B5B;AAED;;;;;;;;;GASG;AACH,wBAAsB,2BAA2B,CAC/C,iBAAiB,EAAE,iBAAiB,EACpC,MAAM,EAAE,WAAW,EACnB,mBAAmB,EAAE,MAAM,EAC3B,cAAc,EAAE,MAAM,EAAE,EACxB,mBAAmB,EAAE,UAAU,GAC9B,OAAO,CAAC,qBAAqB,CAAC,CAoBhC"}

package/src/auth/utils/certificateHelpers.ts

@@ -1,86 +0,0 @@
-import { PrivateKey, SymmetricKey, Utils, ProtoWallet } from "../../../mod.js"
-import { MasterCertificate } from "../certificates/MasterCertificate.js"
-import { VerifiableCertificate } from "../certificates/VerifiableCertificate.js"
-
-/**
- * Creates a Master Certificate by encrypting provided fields and generating a master keyring.
- * 
- * @param {ProtoWallet} wallet - The wallet instance used for encryption and public key retrieval.
- * @param {Record<string, string>} fields - The certificate fields to encrypt.
- * @param {string} certificateType - The type of the certificate being created.
- * @param {string} certificateSerialNumber - The serial number of the certificate.
- * @param {string} certifierPublicKey - The public key of the certifier.
- * @returns {Promise<MasterCertificate>} A promise resolving to the created Master Certificate.
- */
-export async function createMasterCertificate(
-  wallet: ProtoWallet,
-  fields: Record<string, string>,
-  certificateType: string,
-  certificateSerialNumber: string,
-  certifierPublicKey: string
-): Promise<MasterCertificate> {
-  const certificateFields: Record<string, string> = {}
-  const masterKeyring: Record<string, string> = {}
-
-  for (const fieldName in fields) {
-    const fieldSymmetricKey = SymmetricKey.fromRandom()
-    const encryptedFieldValue = fieldSymmetricKey.encrypt(Utils.toArray(fields[fieldName], 'utf8'))
-    certificateFields[fieldName] = Utils.toBase64(encryptedFieldValue as number[])
-
-    const encryptedFieldKey = await wallet.encrypt({
-      plaintext: fieldSymmetricKey.toArray(),
-      protocolID: [2, 'certificate field encryption'],
-      keyID: `${certificateSerialNumber} ${fieldName}`,
-      counterparty: 'self'
-    })
-    masterKeyring[fieldName] = Utils.toBase64(encryptedFieldKey.ciphertext)
-  }
-
-  return new MasterCertificate(
-    certificateType,
-    certificateSerialNumber,
-    (await wallet.getPublicKey({ identityKey: true })).publicKey,
-    certifierPublicKey,
-    'revocationOutpoint',
-    certificateFields,
-    masterKeyring
-  )
-}
-
-/**
- * Creates a Verifiable Certificate by signing a Master Certificate and generating a keyring for a verifier.
- * 
- * @param {MasterCertificate} masterCertificate - The master certificate to convert into a verifiable certificate.
- * @param {ProtoWallet} wallet - The wallet instance used for generating a keyring for the verifier.
- * @param {string} verifierIdentityKey - The identity key of the verifier.
- * @param {string[]} fieldsToReveal - The list of fields to reveal to the verifier.
- * @param {PrivateKey} certifierPrivateKey - The private key of the certifier for signing the certificate.
- * @returns {Promise<VerifiableCertificate>} A promise resolving to the created Verifiable Certificate.
- */
-export async function createVerifiableCertificate(
-  masterCertificate: MasterCertificate,
-  wallet: ProtoWallet,
-  verifierIdentityKey: string,
-  fieldsToReveal: string[],
-  certifierPrivateKey: PrivateKey
-): Promise<VerifiableCertificate> {
-  const certifierWallet = new ProtoWallet(certifierPrivateKey)
-  await masterCertificate.sign(certifierWallet)
-
-  const keyringForVerifier = await masterCertificate.createKeyringForVerifier(
-    wallet,
-    verifierIdentityKey,
-    fieldsToReveal
-  )
-
-  return new VerifiableCertificate(
-    masterCertificate.type,
-    masterCertificate.serialNumber,
-    masterCertificate.subject,
-    masterCertificate.certifier,
-    masterCertificate.revocationOutpoint,
-    masterCertificate.fields,
-    masterCertificate.signature,
-    keyringForVerifier
-  )
-}