@bsv/sdk 1.3.8 → 1.3.10

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@bsv/sdk",
-  "version": "1.3.8",
+  "version": "1.3.10",
   "type": "module",
   "description": "BSV Blockchain Software Development Kit",
   "main": "dist/cjs/mod.js",

package/src/auth/Peer.ts

@@ -2,7 +2,7 @@ import { SessionManager } from './SessionManager.js'
 import { createNonce, verifyNonce, getVerifiableCertificates, validateCertificates } from './utils/index.js'
 import { AuthMessage, PeerSession, RequestedCertificateSet, Transport } from './types.js'
 import { VerifiableCertificate } from './certificates/VerifiableCertificate.js'
-import { Random, Utils, Wallet } from '../../mod.js'
+import { Random, Utils, WalletInterface } from '../../mod.js'
 
 const AUTH_VERSION = '0.1'
 
@@ -14,7 +14,7 @@ const AUTH_VERSION = '0.1'
 export class Peer {
   public sessionManager: SessionManager
   private readonly transport: Transport
-  private readonly wallet: Wallet
+  private readonly wallet: WalletInterface
   certificatesToRequest: RequestedCertificateSet
   private readonly onGeneralMessageReceivedCallbacks: Map<number, (senderPublicKey: string, payload: number[]) => void> = new Map()
   private readonly onCertificatesReceivedCallbacks: Map<number, (senderPublicKey: string, certs: VerifiableCertificate[]) => void> = new Map()
@@ -33,14 +33,14 @@ export class Peer {
   /**
    * Creates a new Peer instance
    *
-   * @param {Wallet} wallet - The wallet instance used for cryptographic operations.
+   * @param {WalletInterface} wallet - The wallet instance used for cryptographic operations.
    * @param {Transport} transport - The transport mechanism used for sending and receiving messages.
    * @param {RequestedCertificateSet} [certificatesToRequest] - Optional set of certificates to request from a peer during the initial handshake.
    * @param {SessionManager} [sessionManager] - Optional SessionManager to be used for managing peer sessions.
    * @param {boolean} [autoPersistLastSession] - Whether to auto-persist the session with the last-interacted-with peer. Defaults to true.
    */
   constructor (
-    wallet: Wallet,
+    wallet: WalletInterface,
     transport: Transport,
     certificatesToRequest?: RequestedCertificateSet,
     sessionManager?: SessionManager,

package/src/auth/certificates/Certificate.ts

@@ -5,9 +5,10 @@ import {
   HexString,
   OutpointString,
   CertificateFieldNameUnder50Bytes,
-  ProtoWallet,
+  WalletInterface,
   Signature,
-  WalletProtocol
+  WalletProtocol,
+  ProtoWallet
 } from '../../../mod.js'
 
 /**
@@ -231,7 +232,7 @@ export default class Certificate {
    * @param {Wallet} certifierWallet - The wallet representing the certifier.
    * @returns {Promise<void>}
    */
-  async sign(certifierWallet: ProtoWallet): Promise<void> {
+  async sign(certifierWallet: WalletInterface): Promise<void> {
     if (this.signature) {
       throw new Error(`Certificate has already been signed! Signature present: ${this.signature}`)
     }

package/src/auth/certificates/MasterCertificate.ts

@@ -6,9 +6,9 @@ import {
   HexString,
   OutpointString,
   PubKeyHex,
-  ProtoWallet,
   Random,
-  WalletCounterparty
+  WalletCounterparty,
+  WalletInterface
 } from '../../../mod.js'
 import Certificate from './Certificate.js'
 
@@ -61,12 +61,12 @@ export class MasterCertificate extends Certificate {
    * This method uses the `masterKeyring` to decrypt each field's encryption key and then
    * decrypts the field values. The result is a record of plaintext field names and values.
    * 
-   * @param {ProtoWallet} subjectWallet - The wallet of the subject, used to decrypt the master keyring and field values.
+   * @param {WalletInterface} subjectWallet - The wallet of the subject, used to decrypt the master keyring and field values.
    * @returns {Promise<Record<CertificateFieldNameUnder50Bytes, string>>} - A record of field names and their decrypted values in plaintext.
    * 
    * @throws {Error} Throws an error if the `masterKeyring` is invalid or if decryption fails for any field.
    */
-  async decryptFields(subjectWallet: ProtoWallet): Promise<Record<CertificateFieldNameUnder50Bytes, string>> {
+  async decryptFields(subjectWallet: WalletInterface): Promise<Record<CertificateFieldNameUnder50Bytes, string>> {
     // const fields: Record<CertificateFieldNameUnder50Bytes, Base64String> = this.fields
     const decryptedFields: Record<CertificateFieldNameUnder50Bytes, string> = {}
     if (!this.masterKeyring || Object.keys(this.masterKeyring).length === 0) {
@@ -97,7 +97,7 @@ export class MasterCertificate extends Certificate {
    * for the verifier's identity key. The result is a keyring containing the keys necessary
    * for the verifier to access the designated fields.
    *
-   * @param {ProtoWallet} subjectWallet - The wallet instance of the subject, used to decrypt and re-encrypt field keys.
+   * @param {WalletInterface} subjectWallet - The wallet instance of the subject, used to decrypt and re-encrypt field keys.
    * @param {WalletCounterparty} verifier - The verifier who will receive access to the selectively revealed fields. Can be an identity key as hex, 'anyone', or 'self'.
    * @param {string[]} fieldsToReveal - An array of field names to be revealed to the verifier. Must be a subset of the certificate's fields.
    * @param {string} [originator] - Optional originator identifier, used if additional context is needed for decryption and encryption operations.
@@ -107,7 +107,7 @@ export class MasterCertificate extends Certificate {
    *   - A field in `fieldsToReveal` does not exist in the certificate.
    *   - The decrypted master field key fails to decrypt the corresponding field (indicating an invalid key).
    */
-  async createKeyringForVerifier(subjectWallet: ProtoWallet, verifier: WalletCounterparty, fieldsToReveal: string[], originator?: string): Promise<Record<CertificateFieldNameUnder50Bytes, string>> {
+  async createKeyringForVerifier(subjectWallet: WalletInterface, verifier: WalletCounterparty, fieldsToReveal: string[], originator?: string): Promise<Record<CertificateFieldNameUnder50Bytes, string>> {
     if (!Array.isArray(fieldsToReveal)) {
       throw new Error('fieldsToReveal must be an array of strings')
     }
@@ -157,7 +157,7 @@ export class MasterCertificate extends Certificate {
    * generated symmetric key, which is then encrypted for the subject. The certificate
    * can also includes a revocation outpoint to manage potential revocation.
    * 
-   * @param {ProtoWallet} certifierWallet - The wallet of the certifier, used to sign the certificate and encrypt field keys.
+   * @param {WalletInterface} certifierWallet - The wallet of the certifier, used to sign the certificate and encrypt field keys.
    * @param {WalletCounterparty} subject - The subject for whom the certificate is issued.
    * @param {Record<CertificateFieldNameUnder50Bytes, string>} fields - Unencrypted certificate fields to include, with their names and values.
    * @param {string} certificateType - The type of certificate being issued.
@@ -169,7 +169,7 @@ export class MasterCertificate extends Certificate {
    * @throws {Error} Throws an error if any operation (e.g., encryption, signing) fails during certificate issuance.
    */
   static async issueCertificateForSubject(
-    certifierWallet: ProtoWallet,
+    certifierWallet: WalletInterface,
     subject: WalletCounterparty,
     fields: Record<CertificateFieldNameUnder50Bytes, string>,
     certificateType: string,

package/src/auth/certificates/VerifiableCertificate.ts

@@ -6,7 +6,7 @@ import {
   HexString,
   OutpointString,
   PubKeyHex,
-  Wallet,
+  WalletInterface,
   WalletError
 } from '../../../mod.js'
 import Certificate from './Certificate.js'
@@ -45,11 +45,11 @@ export class VerifiableCertificate extends Certificate {
 
   /**
    * Decrypts selectively revealed certificate fields using the provided keyring and verifier wallet
-   * @param {Wallet} verifierWallet - The wallet instance of the certificate's verifier, used to decrypt field keys.
+   * @param {WalletInterface} verifierWallet - The wallet instance of the certificate's verifier, used to decrypt field keys.
    * @returns {Promise<Record<CertificateFieldNameUnder50Bytes, string>>} - A promise that resolves to an object where each key is a field name and each value is the decrypted field value as a string.
    * @throws {Error} Throws an error if any of the decryption operations fail, with a message indicating the failure context.
    */
-  async decryptFields(verifierWallet: Wallet): Promise<Record<CertificateFieldNameUnder50Bytes, string>> {
+  async decryptFields(verifierWallet: WalletInterface): Promise<Record<CertificateFieldNameUnder50Bytes, string>> {
     if (!this.keyring || Object.keys(this.keyring).length === 0) {
       throw new Error('A keyring is required to decrypt certificate fields for the verifier.')
     }

package/src/auth/certificates/__tests/CompletedProtoWallet.ts

@@ -1,9 +1,9 @@
 import { PrivateKey } from "mod.js"
-import { ProtoWallet, Wallet, CreateActionArgs, OriginatorDomainNameStringUnder250Bytes, CreateActionResult, SignActionArgs, SignActionResult, AbortActionArgs, AbortActionResult, ListActionsArgs, ListActionsResult, InternalizeActionArgs, InternalizeActionResult, ListOutputsArgs, ListOutputsResult, RelinquishOutputArgs, RelinquishOutputResult, AcquireCertificateArgs, AcquireCertificateResult, ListCertificatesArgs, ListCertificatesResult, ProveCertificateArgs, ProveCertificateResult, RelinquishCertificateArgs, RelinquishCertificateResult, DiscoverByIdentityKeyArgs, DiscoverCertificatesResult, DiscoverByAttributesArgs, GetHeightResult, GetHeaderArgs, GetHeaderResult, KeyDeriverApi, KeyDeriver, GetPublicKeyArgs, GetPublicKeyResult, PubKeyHex } from "../../../wallet/index.js"
+import { ProtoWallet, WalletInterface, CreateActionArgs, OriginatorDomainNameStringUnder250Bytes, CreateActionResult, SignActionArgs, SignActionResult, AbortActionArgs, AbortActionResult, ListActionsArgs, ListActionsResult, InternalizeActionArgs, InternalizeActionResult, ListOutputsArgs, ListOutputsResult, RelinquishOutputArgs, RelinquishOutputResult, AcquireCertificateArgs, AcquireCertificateResult, ListCertificatesArgs, ListCertificatesResult, ProveCertificateArgs, ProveCertificateResult, RelinquishCertificateArgs, RelinquishCertificateResult, DiscoverByIdentityKeyArgs, DiscoverCertificatesResult, DiscoverByAttributesArgs, GetHeightResult, GetHeaderArgs, GetHeaderResult, KeyDeriverApi, KeyDeriver, GetPublicKeyArgs, GetPublicKeyResult, PubKeyHex, AuthenticatedResult, GetNetworkResult, GetVersionResult } from "../../../wallet/index.js"
 
 // Test Mock wallet which extends ProtoWallet but still implements Wallet interface
 // Unsupported methods throw
-export class CompletedProtoWallet extends ProtoWallet implements Wallet {
+export class CompletedProtoWallet extends ProtoWallet implements WalletInterface {
   constructor(rootKeyOrKeyDeriver: PrivateKey | 'anyone' | KeyDeriverApi) {
     super(rootKeyOrKeyDeriver)
     if (typeof rootKeyOrKeyDeriver['identityKey'] !== 'string') {
@@ -11,7 +11,18 @@ export class CompletedProtoWallet extends ProtoWallet implements Wallet {
     }
     this.keyDeriver = rootKeyOrKeyDeriver as KeyDeriver
   }
-
+  isAuthenticated(args: {}, originator?: OriginatorDomainNameStringUnder250Bytes): Promise<AuthenticatedResult> {
+    throw new Error("not implemented")
+  }
+  waitForAuthentication(args: {}, originator?: OriginatorDomainNameStringUnder250Bytes): Promise<AuthenticatedResult> {
+    throw new Error("not implemented")
+  }
+  getNetwork(args: {}, originator?: OriginatorDomainNameStringUnder250Bytes): Promise<GetNetworkResult> {
+    throw new Error("not implemented")
+  }
+  getVersion(args: {}, originator?: OriginatorDomainNameStringUnder250Bytes): Promise<GetVersionResult> {
+    throw new Error("not implemented")
+  }
   async getPublicKey(
     args: GetPublicKeyArgs,
     originator?: OriginatorDomainNameStringUnder250Bytes

package/src/auth/clients/AuthFetch.ts

@@ -1,4 +1,4 @@
-import { Utils, Random, P2PKH, PublicKey, Wallet } from '../../../mod.js'
+import { Utils, Random, P2PKH, PublicKey, WalletInterface } from '../../../mod.js'
 import { Peer } from '../Peer.js'
 import { SimplifiedFetchTransport } from '../transports/SimplifiedFetchTransport.js'
 import { SessionManager } from '../SessionManager.js'
@@ -26,7 +26,7 @@ const PAYMENT_VERSION = '1.0'
  */
 export class AuthFetch {
   private sessionManager: SessionManager
-  private wallet: Wallet
+  private wallet: WalletInterface
   private callbacks: Record<string, { resolve: Function, reject: Function }> = {}
   private certificatesReceived: VerifiableCertificate[] = []
   private requestedCertificates?: RequestedCertificateSet
@@ -37,7 +37,7 @@ export class AuthFetch {
   * @param wallet - The wallet instance for signing and authentication.
   * @param requestedCertificates - Optional set of certificates to request from peers.
   */
-  constructor(wallet: Wallet, requestedCertificates?: RequestedCertificateSet, sessionManager?: SessionManager) {
+  constructor(wallet: WalletInterface, requestedCertificates?: RequestedCertificateSet, sessionManager?: SessionManager) {
     this.wallet = wallet
     this.requestedCertificates = requestedCertificates
     this.sessionManager = sessionManager || new SessionManager()

package/src/auth/utils/__tests/cryptononce.test.ts

@@ -1,16 +1,17 @@
-import { PrivateKey } from '../../../../dist/cjs/src/primitives/index.js'
-import { ProtoWallet } from '../../../../dist/cjs/src/wallet/index.js'
-import { Wallet } from '../../../../dist/cjs/src/wallet/Wallet.interfaces.js'
+import { PrivateKey, Random, Utils } from '../../../../dist/cjs/src/primitives/index.js'
+import { ProtoWallet } from '../../../../dist/cjs/src/wallet/ProtoWallet.js'
+import { WalletInterface } from '../../../../dist/cjs/src/wallet/Wallet.interfaces.js'
 import { createNonce } from '../../../../dist/cjs/src/auth/utils/createNonce.js'
 import { verifyNonce } from '../../../../dist/cjs/src/auth/utils/verifyNonce.js'
+import { hash256 } from '../../../../dist/cjs/src/primitives/Hash.js'
 
 describe('createNonce', () => {
-  let mockWallet: Wallet
+  let mockWallet: WalletInterface
 
   beforeEach(() => {
     mockWallet = {
       createHmac: jest.fn().mockResolvedValue({ hmac: new Uint8Array(16) }),
-    } as unknown as Wallet
+    } as unknown as WalletInterface
   })
 
   afterEach(() => {
@@ -31,13 +32,13 @@ describe('createNonce', () => {
 })
 
 describe('verifyNonce', () => {
-  let mockWallet: Wallet
+  let mockWallet: WalletInterface
 
   beforeEach(() => {
     mockWallet = {
       createHmac: jest.fn().mockResolvedValue({ hmac: new Uint8Array(16) }),
       verifyHmac: jest.fn().mockResolvedValue({ valid: true }),
-    } as unknown as Wallet
+    } as unknown as WalletInterface
   })
 
   afterEach(() => {
@@ -81,4 +82,38 @@ describe('verifyNonce', () => {
 
     expect(isValid).toEqual(true)
   })
+
+  it('SerialNumber use-case', async () => {
+    const clientWallet = new ProtoWallet(PrivateKey.fromRandom())
+    const serverWallet = new ProtoWallet(PrivateKey.fromRandom())
+
+    // Client creates a random nonce that the server can verify
+    const clientNonce = await createNonce(clientWallet, (await serverWallet.getPublicKey({ identityKey: true })).publicKey)
+    // The server verifies the client created the nonce provided
+    await verifyNonce(clientNonce, serverWallet, (await clientWallet.getPublicKey({ identityKey: true })).publicKey)
+    // Server creates a random nonce that the client can verify
+    const serverNonce = await createNonce(serverWallet, (await clientWallet.getPublicKey({ identityKey: true })).publicKey)
+    // The server compute a serial number from the client and server nonce
+    const { hmac: serialNumber } = await serverWallet.createHmac({
+      data: clientNonce + serverNonce,
+      protocolID: [2, 'certificate creation'],
+      keyID: serverNonce + clientNonce,
+      counterparty: (await clientWallet.getPublicKey({ identityKey: true })).publicKey
+    })
+
+    // Client verifies server's nonce
+    await verifyNonce(serverNonce, clientWallet, (await serverWallet.getPublicKey({ identityKey: true })).publicKey)
+
+    // Client verifies the server included their nonce
+    const { valid } = await clientWallet.verifyHmac({
+      hmac: serialNumber,
+      data: clientNonce + serverNonce,
+      protocolID: [2, 'certificate creation'],
+      keyID: serverNonce + clientNonce,
+      counterparty: (await serverWallet.getPublicKey({ identityKey: true })).publicKey,
+    })
+
+    console.log(Utils.toBase64(serialNumber))
+    expect(valid).toEqual(true)
+  })
 })

package/src/auth/utils/createNonce.ts

@@ -1,15 +1,21 @@
-import { Utils, Random, Wallet } from '../../../mod.js'
+import { Utils, Random, WalletInterface, WalletCounterparty } from '../../../mod.js'
 
 /**
- * Creates a nonce derived from a privateKey
+ * Creates a nonce derived from a wallet
  * @param wallet
+ * @param counterparty - The counterparty to the nonce creation. Defaults to 'self'.
  * @returns A random nonce derived with a wallet
  */
-export async function createNonce(wallet: Wallet): Promise<string> {
+export async function createNonce(wallet: WalletInterface, counterparty: WalletCounterparty = 'self'): Promise<string> {
   // Generate 16 random bytes for the first half of the data
   const firstHalf = Random(16)
   // Create an sha256 HMAC
-  const { hmac } = await wallet.createHmac({ protocolID: [2, 'server hmac'], keyID: Utils.toUTF8(firstHalf), data: firstHalf, counterparty: 'self' })
+  const { hmac } = await wallet.createHmac({
+    protocolID: [2, 'server hmac'],
+    keyID: Utils.toUTF8(firstHalf),
+    data: firstHalf,
+    counterparty
+  })
   // Concatenate firstHalf and secondHalf as the nonce bytes
   const nonceBytes = [...firstHalf, ...hmac]
   return Utils.toBase64(nonceBytes)

package/src/auth/utils/getVerifiableCertificates.ts

@@ -1,5 +1,5 @@
 import { VerifiableCertificate } from "../certificates/VerifiableCertificate.js"
-import { Wallet } from "../../../mod.js"
+import { WalletInterface } from "../../../mod.js"
 import { RequestedCertificateSet } from "../types.js"
 
 /**
@@ -10,7 +10,7 @@ import { RequestedCertificateSet } from "../types.js"
  * @param {string} verifierIdentityKey - The public key of the verifier requesting the certificates.
  * @returns {Promise<VerifiableCertificate[]>} An array of verifiable certificates.
  */
-export const getVerifiableCertificates = async (wallet: Wallet, requestedCertificates: RequestedCertificateSet, verifierIdentityKey: string): Promise<VerifiableCertificate[]> => {
+export const getVerifiableCertificates = async (wallet: WalletInterface, requestedCertificates: RequestedCertificateSet, verifierIdentityKey: string): Promise<VerifiableCertificate[]> => {
   // Find matching certificates we have
   // Note: This may return multiple certificates that match the correct type.
   const matchingCertificates = await wallet.listCertificates({

package/src/auth/utils/validateCertificates.ts

@@ -1,4 +1,4 @@
-import { Wallet } from "../../wallet/index.js"
+import { WalletInterface } from "../../wallet/index.js"
 import { AuthMessage, RequestedCertificateSet } from "../types.js"
 import { VerifiableCertificate } from "../certificates/VerifiableCertificate.js"
 
@@ -10,7 +10,7 @@ import { VerifiableCertificate } from "../certificates/VerifiableCertificate.js"
  * @returns {Promise<void>}
  * @throws Will throw an error if certificate validation or field decryption fails.
  */
-export const validateCertificates = async (verifierWallet: Wallet, message: AuthMessage, certificatesRequested?: RequestedCertificateSet): Promise<void> => {
+export const validateCertificates = async (verifierWallet: WalletInterface, message: AuthMessage, certificatesRequested?: RequestedCertificateSet): Promise<void> => {
   await Promise.all(message.certificates.map(async (incomingCert: VerifiableCertificate) => {
     if (incomingCert.subject !== message.identityKey) {
       throw new Error(`The subject of one of your certificates ("${incomingCert.subject}") is not the same as the request sender ("${message.identityKey}").`)

package/src/auth/utils/verifyNonce.ts

@@ -1,12 +1,13 @@
-import { Utils, Wallet } from '../../../mod.js'
+import { Utils, WalletCounterparty, WalletInterface } from '../../../mod.js'
 
 /**
  * Verifies a nonce derived from a wallet
  * @param nonce - A nonce to verify as a base64 string.
  * @param wallet
+ * @param counterparty - The counterparty to the nonce creation. Defaults to 'self'.
  * @returns The status of the validation
  */
-export async function verifyNonce(nonce: string, wallet: Wallet): Promise<boolean> {
+export async function verifyNonce(nonce: string, wallet: WalletInterface, counterparty: WalletCounterparty = 'self'): Promise<boolean> {
   // Convert nonce from base64 string to Uint8Array
   const buffer = Utils.toArray(nonce, 'base64')
 
@@ -20,7 +21,7 @@ export async function verifyNonce(nonce: string, wallet: Wallet): Promise<boolea
     hmac,
     protocolID: [2, 'server hmac'],
     keyID: Utils.toUTF8(data),
-    counterparty: 'self'
+    counterparty
   })
 
   return valid

package/src/overlay-tools/OverlayAdminTokenTemplate.ts

@@ -1,5 +1,5 @@
 import PushDrop from '../script/templates/PushDrop.js'
-import { Wallet } from '../wallet/Wallet.interfaces.js'
+import { WalletInterface } from '../wallet/Wallet.interfaces.js'
 import { LockingScript, ScriptTemplate, UnlockingScript } from '../script/index.js'
 import { Transaction } from '../transaction/index.js'
 import { Utils } from '../primitives/index.js'
@@ -39,7 +39,7 @@ export default class OverlayAdminTokenTemplate implements ScriptTemplate {
      * Constructs a new Overlay Admin template instance
      * @param wallet Wallet to use for locking and unlocking
      */
-  constructor (wallet: Wallet) {
+  constructor (wallet: WalletInterface) {
     this.pushDrop = new PushDrop(wallet)
   }
 

package/src/script/templates/PushDrop.ts

@@ -1,6 +1,6 @@
 import { ScriptTemplate, LockingScript, UnlockingScript, OP } from '../index.js'
 import { Utils, Hash, TransactionSignature, Signature, PublicKey } from '../../primitives/index.js'
-import { Wallet } from '../../wallet/Wallet.interfaces.js'
+import { WalletInterface } from '../../wallet/Wallet.interfaces.js'
 import { Transaction } from '../../transaction/index.js'
 import { SecurityLevel } from '../../wallet/Wallet.interfaces.js'
 
@@ -44,7 +44,7 @@ const createMinimallyEncodedScriptChunk = (data: number[]): { op: number, data?:
 }
 
 export default class PushDrop implements ScriptTemplate {
-  wallet: Wallet
+  wallet: WalletInterface
 
   /**
    * Decodes a PushDrop script back into its token fields and the locking public key. If a signature was present, it will be the last field returned.
@@ -84,9 +84,9 @@ export default class PushDrop implements ScriptTemplate {
   /**
    * Constructs a new instance of the PushDrop class.
    *
-   * @param {Wallet} wallet - The wallet interface used for creating signatures and accessing public keys.
+   * @param {WalletInterface} wallet - The wallet interface used for creating signatures and accessing public keys.
    */
-  constructor(wallet: Wallet) {
+  constructor(wallet: WalletInterface) {
     this.wallet = wallet
   }
 

package/src/wallet/ProtoWallet.ts

@@ -10,7 +10,6 @@ import {
   GetPublicKeyArgs,
   GetVersionResult,
   OriginatorDomainNameStringUnder250Bytes,
-  ProtoWalletApi,
   PubKeyHex,
   RevealCounterpartyKeyLinkageArgs,
   RevealCounterpartyKeyLinkageResult,
@@ -26,59 +25,26 @@ import {
   WalletEncryptResult
 } from './Wallet.interfaces.js'
 
-const privilegedError = new Error('ProtoWallet is a single-keyring wallet, operating without context about whether its configured keyring is privileged.')
-
 /**
  * A ProtoWallet is precursor to a full wallet, capable of performing all foundational cryptographic operations.
  * It can derive keys, create signatures, facilitate encryption and HMAC operations, and reveal key linkages.
  *
  * However, ProtoWallet does not create transactions, manage outputs, interact with the blockchain,
- * enable the management of identity certificates, or store any data.
+ * enable the management of identity certificates, or store any data. It is also not concerned with privileged keys.
  */
-export class ProtoWallet implements ProtoWalletApi {
+export class ProtoWallet {
   keyDeriver: KeyDeriverApi
 
-  constructor(rootKeyOrKeyDeriver: PrivateKey | 'anyone' | KeyDeriverApi) {
+  constructor (rootKeyOrKeyDeriver: PrivateKey | 'anyone' | KeyDeriverApi) {
     if (typeof (rootKeyOrKeyDeriver as KeyDeriver).identityKey !== 'string') {
       rootKeyOrKeyDeriver = new KeyDeriver(rootKeyOrKeyDeriver as PrivateKey | 'anyone')
     }
     this.keyDeriver = rootKeyOrKeyDeriver as KeyDeriver
   }
 
-  async isAuthenticated(args: {}, Originator?: OriginatorDomainNameStringUnder250Bytes): Promise<AuthenticatedResult> {
-    return { authenticated: true }
-  }
-
-  async waitForAuthentication(args: {}, Originator?: OriginatorDomainNameStringUnder250Bytes): Promise<AuthenticatedResult> {
-    return { authenticated: true }
-  }
-
-  async getNetwork(args: {}, Originator?: OriginatorDomainNameStringUnder250Bytes): Promise<GetNetworkResult> {
-    return { network: 'mainnet' }
-  }
-
-  async getVersion(args: {}, Originator?: OriginatorDomainNameStringUnder250Bytes): Promise<GetVersionResult> {
-    return { version: 'proto-1.0.0' }
-  }
-
-  /**
-   * Convenience method to obtain the identityKey.
-   * @param originator
-   * @returns `await this.getPublicKey({ identityKey: true }, originator)`
-   */
-  async getIdentityKey(
-    originator?: OriginatorDomainNameStringUnder250Bytes
+  async getPublicKey (
+    args: GetPublicKeyArgs
   ): Promise<{ publicKey: PubKeyHex }> {
-    return await this.getPublicKey({ identityKey: true }, originator)
-  }
-
-  async getPublicKey(
-    args: GetPublicKeyArgs,
-    originator?: OriginatorDomainNameStringUnder250Bytes
-  ): Promise<{ publicKey: PubKeyHex }> {
-    if (args.privileged) {
-      throw privilegedError
-    }
     if (args.identityKey) {
       return { publicKey: this.keyDeriver.rootKey.toPublicKey().toString() }
     } else {
@@ -98,13 +64,9 @@ export class ProtoWallet implements ProtoWalletApi {
     }
   }
 
-  async revealCounterpartyKeyLinkage(
-    args: RevealCounterpartyKeyLinkageArgs,
-    originator?: OriginatorDomainNameStringUnder250Bytes
+  async revealCounterpartyKeyLinkage (
+    args: RevealCounterpartyKeyLinkageArgs
   ): Promise<RevealCounterpartyKeyLinkageResult> {
-    if (args.privileged) {
-      throw privilegedError
-    }
     const { publicKey: identityKey } = await this.getPublicKey({ identityKey: true })
     const linkage = this.keyDeriver.revealCounterpartySecret(args.counterparty)
     const linkageProof = new Schnorr().generateProof(this.keyDeriver.rootKey, this.keyDeriver.rootKey.toPublicKey(), PublicKey.fromString(args.counterparty), Point.fromDER(linkage))
@@ -136,13 +98,9 @@ export class ProtoWallet implements ProtoWalletApi {
     }
   }
 
-  async revealSpecificKeyLinkage(
-    args: RevealSpecificKeyLinkageArgs,
-    originator?: OriginatorDomainNameStringUnder250Bytes
+  async revealSpecificKeyLinkage (
+    args: RevealSpecificKeyLinkageArgs
   ): Promise<RevealSpecificKeyLinkageResult> {
-    if (args.privileged) {
-      throw privilegedError
-    }
     const { publicKey: identityKey } = await this.getPublicKey({ identityKey: true })
     const linkage = this.keyDeriver.revealSpecificSecret(
       args.counterparty,
@@ -173,13 +131,9 @@ export class ProtoWallet implements ProtoWalletApi {
     }
   }
 
-  async encrypt(
-    args: WalletEncryptArgs,
-    originator?: OriginatorDomainNameStringUnder250Bytes
+  async encrypt (
+    args: WalletEncryptArgs
   ): Promise<WalletEncryptResult> {
-    if (args.privileged) {
-      throw privilegedError
-    }
     const key = this.keyDeriver.deriveSymmetricKey(
       args.protocolID,
       args.keyID,
@@ -188,13 +142,9 @@ export class ProtoWallet implements ProtoWalletApi {
     return { ciphertext: key.encrypt(args.plaintext) as number[] }
   }
 
-  async decrypt(
-    args: WalletDecryptArgs,
-    originator?: OriginatorDomainNameStringUnder250Bytes
+  async decrypt (
+    args: WalletDecryptArgs
   ): Promise<WalletDecryptResult> {
-    if (args.privileged) {
-      throw privilegedError
-    }
     const key = this.keyDeriver.deriveSymmetricKey(
       args.protocolID,
       args.keyID,
@@ -203,13 +153,9 @@ export class ProtoWallet implements ProtoWalletApi {
     return { plaintext: key.decrypt(args.ciphertext) as number[] }
   }
 
-  async createHmac(
-    args: CreateHmacArgs,
-    originator?: OriginatorDomainNameStringUnder250Bytes
+  async createHmac (
+    args: CreateHmacArgs
   ): Promise<CreateHmacResult> {
-    if (args.privileged) {
-      throw privilegedError
-    }
     const key = this.keyDeriver.deriveSymmetricKey(
       args.protocolID,
       args.keyID,
@@ -218,13 +164,9 @@ export class ProtoWallet implements ProtoWalletApi {
     return { hmac: Hash.sha256hmac(key.toArray(), args.data) }
   }
 
-  async verifyHmac(
-    args: VerifyHmacArgs,
-    originator?: OriginatorDomainNameStringUnder250Bytes
+  async verifyHmac (
+    args: VerifyHmacArgs
   ): Promise<VerifyHmacResult> {
-    if (args.privileged) {
-      throw privilegedError
-    }
     const key = this.keyDeriver.deriveSymmetricKey(
       args.protocolID,
       args.keyID,
@@ -239,13 +181,9 @@ export class ProtoWallet implements ProtoWalletApi {
     return { valid }
   }
 
-  async createSignature(
-    args: CreateSignatureArgs,
-    originator?: OriginatorDomainNameStringUnder250Bytes
+  async createSignature (
+    args: CreateSignatureArgs
   ): Promise<CreateSignatureResult> {
-    if (args.privileged) {
-      throw privilegedError
-    }
     if (!args.hashToDirectlySign && !args.data) {
       throw new Error('args.data or args.hashToDirectlySign must be valid')
     }
@@ -258,13 +196,9 @@ export class ProtoWallet implements ProtoWalletApi {
     return { signature: ECDSA.sign(new BigNumber(hash), key, true).toDER() as number[] }
   }
 
-  async verifySignature(
-    args: VerifySignatureArgs,
-    originator?: OriginatorDomainNameStringUnder250Bytes
+  async verifySignature (
+    args: VerifySignatureArgs
   ): Promise<VerifySignatureResult> {
-    if (args.privileged) {
-      throw privilegedError
-    }
     if (!args.hashToDirectlyVerify && !args.data) {
       throw new Error('args.data or args.hashToDirectlyVerify must be valid')
     }