@bsv/wallet-toolbox-client 1.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/out/src/Wallet.d.ts +83 -0
- package/out/src/Wallet.d.ts.map +1 -0
- package/out/src/Wallet.js +415 -0
- package/out/src/Wallet.js.map +1 -0
- package/out/src/index.client.d.ts +8 -0
- package/out/src/index.client.d.ts.map +1 -0
- package/out/src/index.client.js +47 -0
- package/out/src/index.client.js.map +1 -0
- package/out/src/monitor/Monitor.d.ts +89 -0
- package/out/src/monitor/Monitor.d.ts.map +1 -0
- package/out/src/monitor/Monitor.js +253 -0
- package/out/src/monitor/Monitor.js.map +1 -0
- package/out/src/monitor/tasks/TaskCheckForProofs.d.ts +53 -0
- package/out/src/monitor/tasks/TaskCheckForProofs.d.ts.map +1 -0
- package/out/src/monitor/tasks/TaskCheckForProofs.js +197 -0
- package/out/src/monitor/tasks/TaskCheckForProofs.js.map +1 -0
- package/out/src/monitor/tasks/TaskClock.d.ts +14 -0
- package/out/src/monitor/tasks/TaskClock.d.ts.map +1 -0
- package/out/src/monitor/tasks/TaskClock.js +27 -0
- package/out/src/monitor/tasks/TaskClock.js.map +1 -0
- package/out/src/monitor/tasks/TaskFailAbandoned.d.ts +20 -0
- package/out/src/monitor/tasks/TaskFailAbandoned.d.ts.map +1 -0
- package/out/src/monitor/tasks/TaskFailAbandoned.js +52 -0
- package/out/src/monitor/tasks/TaskFailAbandoned.js.map +1 -0
- package/out/src/monitor/tasks/TaskNewHeader.d.ts +15 -0
- package/out/src/monitor/tasks/TaskNewHeader.d.ts.map +1 -0
- package/out/src/monitor/tasks/TaskNewHeader.js +45 -0
- package/out/src/monitor/tasks/TaskNewHeader.js.map +1 -0
- package/out/src/monitor/tasks/TaskPurge.d.ts +45 -0
- package/out/src/monitor/tasks/TaskPurge.d.ts.map +1 -0
- package/out/src/monitor/tasks/TaskPurge.js +35 -0
- package/out/src/monitor/tasks/TaskPurge.js.map +1 -0
- package/out/src/monitor/tasks/TaskReviewStatus.d.ts +26 -0
- package/out/src/monitor/tasks/TaskReviewStatus.d.ts.map +1 -0
- package/out/src/monitor/tasks/TaskReviewStatus.js +44 -0
- package/out/src/monitor/tasks/TaskReviewStatus.js.map +1 -0
- package/out/src/monitor/tasks/TaskSendWaiting.d.ts +32 -0
- package/out/src/monitor/tasks/TaskSendWaiting.d.ts.map +1 -0
- package/out/src/monitor/tasks/TaskSendWaiting.js +99 -0
- package/out/src/monitor/tasks/TaskSendWaiting.js.map +1 -0
- package/out/src/monitor/tasks/TaskSyncWhenIdle.d.ts +12 -0
- package/out/src/monitor/tasks/TaskSyncWhenIdle.d.ts.map +1 -0
- package/out/src/monitor/tasks/TaskSyncWhenIdle.js +22 -0
- package/out/src/monitor/tasks/TaskSyncWhenIdle.js.map +1 -0
- package/out/src/monitor/tasks/WalletMonitorTask.d.ts +40 -0
- package/out/src/monitor/tasks/WalletMonitorTask.d.ts.map +1 -0
- package/out/src/monitor/tasks/WalletMonitorTask.js +37 -0
- package/out/src/monitor/tasks/WalletMonitorTask.js.map +1 -0
- package/out/src/sdk/CertOps.d.ts +66 -0
- package/out/src/sdk/CertOps.d.ts.map +1 -0
- package/out/src/sdk/CertOps.js +198 -0
- package/out/src/sdk/CertOps.js.map +1 -0
- package/out/src/sdk/PrivilegedKeyManager.d.ts +125 -0
- package/out/src/sdk/PrivilegedKeyManager.d.ts.map +1 -0
- package/out/src/sdk/PrivilegedKeyManager.js +293 -0
- package/out/src/sdk/PrivilegedKeyManager.js.map +1 -0
- package/out/src/sdk/StorageSyncReader.d.ts +121 -0
- package/out/src/sdk/StorageSyncReader.d.ts.map +1 -0
- package/out/src/sdk/StorageSyncReader.js +3 -0
- package/out/src/sdk/StorageSyncReader.js.map +1 -0
- package/out/src/sdk/StorageSyncReaderWriter.d.ts +89 -0
- package/out/src/sdk/StorageSyncReaderWriter.d.ts.map +1 -0
- package/out/src/sdk/StorageSyncReaderWriter.js +3 -0
- package/out/src/sdk/StorageSyncReaderWriter.js.map +1 -0
- package/out/src/sdk/WERR_errors.d.ts +90 -0
- package/out/src/sdk/WERR_errors.d.ts.map +1 -0
- package/out/src/sdk/WERR_errors.js +128 -0
- package/out/src/sdk/WERR_errors.js.map +1 -0
- package/out/src/sdk/WalletError.d.ts +45 -0
- package/out/src/sdk/WalletError.d.ts.map +1 -0
- package/out/src/sdk/WalletError.js +122 -0
- package/out/src/sdk/WalletError.js.map +1 -0
- package/out/src/sdk/WalletServices.interfaces.d.ts +325 -0
- package/out/src/sdk/WalletServices.interfaces.d.ts.map +1 -0
- package/out/src/sdk/WalletServices.interfaces.js +3 -0
- package/out/src/sdk/WalletServices.interfaces.js.map +1 -0
- package/out/src/sdk/WalletSigner.interfaces.d.ts +10 -0
- package/out/src/sdk/WalletSigner.interfaces.d.ts.map +1 -0
- package/out/src/sdk/WalletSigner.interfaces.js +3 -0
- package/out/src/sdk/WalletSigner.interfaces.js.map +1 -0
- package/out/src/sdk/WalletStorage.interfaces.d.ts +299 -0
- package/out/src/sdk/WalletStorage.interfaces.d.ts.map +1 -0
- package/out/src/sdk/WalletStorage.interfaces.js +3 -0
- package/out/src/sdk/WalletStorage.interfaces.js.map +1 -0
- package/out/src/sdk/index.d.ts +12 -0
- package/out/src/sdk/index.d.ts.map +1 -0
- package/out/src/sdk/index.js +28 -0
- package/out/src/sdk/index.js.map +1 -0
- package/out/src/sdk/types.d.ts +74 -0
- package/out/src/sdk/types.d.ts.map +1 -0
- package/out/src/sdk/types.js +20 -0
- package/out/src/sdk/types.js.map +1 -0
- package/out/src/sdk/validationHelpers.d.ts +288 -0
- package/out/src/sdk/validationHelpers.d.ts.map +1 -0
- package/out/src/sdk/validationHelpers.js +630 -0
- package/out/src/sdk/validationHelpers.js.map +1 -0
- package/out/src/services/ServiceCollection.d.ts +25 -0
- package/out/src/services/ServiceCollection.d.ts.map +1 -0
- package/out/src/services/ServiceCollection.js +43 -0
- package/out/src/services/ServiceCollection.js.map +1 -0
- package/out/src/services/Services.d.ts +60 -0
- package/out/src/services/Services.d.ts.map +1 -0
- package/out/src/services/Services.js +342 -0
- package/out/src/services/Services.js.map +1 -0
- package/out/src/services/chaintracker/ChaintracksChainTracker.d.ts +15 -0
- package/out/src/services/chaintracker/ChaintracksChainTracker.d.ts.map +1 -0
- package/out/src/services/chaintracker/ChaintracksChainTracker.js +51 -0
- package/out/src/services/chaintracker/ChaintracksChainTracker.js.map +1 -0
- package/out/src/services/chaintracker/chaintracks/BlockHeaderApi.d.ts +98 -0
- package/out/src/services/chaintracker/chaintracks/BlockHeaderApi.d.ts.map +1 -0
- package/out/src/services/chaintracker/chaintracks/BlockHeaderApi.js +38 -0
- package/out/src/services/chaintracker/chaintracks/BlockHeaderApi.js.map +1 -0
- package/out/src/services/chaintracker/chaintracks/ChaintracksServiceClient.d.ts +36 -0
- package/out/src/services/chaintracker/chaintracks/ChaintracksServiceClient.d.ts.map +1 -0
- package/out/src/services/chaintracker/chaintracks/ChaintracksServiceClient.js +130 -0
- package/out/src/services/chaintracker/chaintracks/ChaintracksServiceClient.js.map +1 -0
- package/out/src/services/chaintracker/chaintracks/index.d.ts +3 -0
- package/out/src/services/chaintracker/chaintracks/index.d.ts.map +1 -0
- package/out/src/services/chaintracker/chaintracks/index.js +19 -0
- package/out/src/services/chaintracker/chaintracks/index.js.map +1 -0
- package/out/src/services/chaintracker/index.d.ts +3 -0
- package/out/src/services/chaintracker/index.d.ts.map +1 -0
- package/out/src/services/chaintracker/index.js +19 -0
- package/out/src/services/chaintracker/index.js.map +1 -0
- package/out/src/services/createDefaultWalletServicesOptions.d.ts +3 -0
- package/out/src/services/createDefaultWalletServicesOptions.d.ts.map +1 -0
- package/out/src/services/createDefaultWalletServicesOptions.js +34 -0
- package/out/src/services/createDefaultWalletServicesOptions.js.map +1 -0
- package/out/src/services/providers/arcServices.d.ts +62 -0
- package/out/src/services/providers/arcServices.d.ts.map +1 -0
- package/out/src/services/providers/arcServices.js +368 -0
- package/out/src/services/providers/arcServices.js.map +1 -0
- package/out/src/services/providers/echangeRates.d.ts +12 -0
- package/out/src/services/providers/echangeRates.d.ts.map +1 -0
- package/out/src/services/providers/echangeRates.js +237 -0
- package/out/src/services/providers/echangeRates.js.map +1 -0
- package/out/src/services/providers/whatsonchain.d.ts +17 -0
- package/out/src/services/providers/whatsonchain.d.ts.map +1 -0
- package/out/src/services/providers/whatsonchain.js +130 -0
- package/out/src/services/providers/whatsonchain.js.map +1 -0
- package/out/src/signer/WalletSigner.d.ts +11 -0
- package/out/src/signer/WalletSigner.d.ts.map +1 -0
- package/out/src/signer/WalletSigner.js +13 -0
- package/out/src/signer/WalletSigner.js.map +1 -0
- package/out/src/signer/methods/acquireDirectCertificate.d.ts +4 -0
- package/out/src/signer/methods/acquireDirectCertificate.d.ts.map +1 -0
- package/out/src/signer/methods/acquireDirectCertificate.js +47 -0
- package/out/src/signer/methods/acquireDirectCertificate.js.map +1 -0
- package/out/src/signer/methods/createAction.d.ts +7 -0
- package/out/src/signer/methods/createAction.d.ts.map +1 -0
- package/out/src/signer/methods/createAction.js +250 -0
- package/out/src/signer/methods/createAction.js.map +1 -0
- package/out/src/signer/methods/internalizeAction.d.ts +31 -0
- package/out/src/signer/methods/internalizeAction.d.ts.map +1 -0
- package/out/src/signer/methods/internalizeAction.js +95 -0
- package/out/src/signer/methods/internalizeAction.js.map +1 -0
- package/out/src/signer/methods/proveCertificate.d.ts +4 -0
- package/out/src/signer/methods/proveCertificate.d.ts.map +1 -0
- package/out/src/signer/methods/proveCertificate.js +45 -0
- package/out/src/signer/methods/proveCertificate.js.map +1 -0
- package/out/src/signer/methods/signAction.d.ts +6 -0
- package/out/src/signer/methods/signAction.d.ts.map +1 -0
- package/out/src/signer/methods/signAction.js +79 -0
- package/out/src/signer/methods/signAction.js.map +1 -0
- package/out/src/storage/StorageProvider.d.ts +140 -0
- package/out/src/storage/StorageProvider.d.ts.map +1 -0
- package/out/src/storage/StorageProvider.js +539 -0
- package/out/src/storage/StorageProvider.js.map +1 -0
- package/out/src/storage/StorageReader.d.ts +76 -0
- package/out/src/storage/StorageReader.d.ts.map +1 -0
- package/out/src/storage/StorageReader.js +124 -0
- package/out/src/storage/StorageReader.js.map +1 -0
- package/out/src/storage/StorageReaderWriter.d.ts +87 -0
- package/out/src/storage/StorageReaderWriter.d.ts.map +1 -0
- package/out/src/storage/StorageReaderWriter.js +337 -0
- package/out/src/storage/StorageReaderWriter.js.map +1 -0
- package/out/src/storage/StorageSyncReader.d.ts +33 -0
- package/out/src/storage/StorageSyncReader.d.ts.map +1 -0
- package/out/src/storage/StorageSyncReader.js +142 -0
- package/out/src/storage/StorageSyncReader.js.map +1 -0
- package/out/src/storage/WalletStorageManager.d.ts +103 -0
- package/out/src/storage/WalletStorageManager.d.ts.map +1 -0
- package/out/src/storage/WalletStorageManager.js +408 -0
- package/out/src/storage/WalletStorageManager.js.map +1 -0
- package/out/src/storage/index.client.d.ts +7 -0
- package/out/src/storage/index.client.d.ts.map +1 -0
- package/out/src/storage/index.client.js +46 -0
- package/out/src/storage/index.client.js.map +1 -0
- package/out/src/storage/methods/attemptToPostReqsToNetwork.d.ts +27 -0
- package/out/src/storage/methods/attemptToPostReqsToNetwork.d.ts.map +1 -0
- package/out/src/storage/methods/attemptToPostReqsToNetwork.js +148 -0
- package/out/src/storage/methods/attemptToPostReqsToNetwork.js.map +1 -0
- package/out/src/storage/methods/createAction.d.ts +23 -0
- package/out/src/storage/methods/createAction.d.ts.map +1 -0
- package/out/src/storage/methods/createAction.js +663 -0
- package/out/src/storage/methods/createAction.js.map +1 -0
- package/out/src/storage/methods/generateChange.d.ts +108 -0
- package/out/src/storage/methods/generateChange.d.ts.map +1 -0
- package/out/src/storage/methods/generateChange.js +422 -0
- package/out/src/storage/methods/generateChange.js.map +1 -0
- package/out/src/storage/methods/getBeefForTransaction.d.ts +22 -0
- package/out/src/storage/methods/getBeefForTransaction.d.ts.map +1 -0
- package/out/src/storage/methods/getBeefForTransaction.js +94 -0
- package/out/src/storage/methods/getBeefForTransaction.js.map +1 -0
- package/out/src/storage/methods/getSyncChunk.d.ts +10 -0
- package/out/src/storage/methods/getSyncChunk.d.ts.map +1 -0
- package/out/src/storage/methods/getSyncChunk.js +271 -0
- package/out/src/storage/methods/getSyncChunk.js.map +1 -0
- package/out/src/storage/methods/internalizeAction.d.ts +38 -0
- package/out/src/storage/methods/internalizeAction.d.ts.map +1 -0
- package/out/src/storage/methods/internalizeAction.js +378 -0
- package/out/src/storage/methods/internalizeAction.js.map +1 -0
- package/out/src/storage/methods/listCertificates.d.ts +5 -0
- package/out/src/storage/methods/listCertificates.d.ts.map +1 -0
- package/out/src/storage/methods/listCertificates.js +68 -0
- package/out/src/storage/methods/listCertificates.js.map +1 -0
- package/out/src/storage/methods/processAction.d.ts +35 -0
- package/out/src/storage/methods/processAction.d.ts.map +1 -0
- package/out/src/storage/methods/processAction.js +271 -0
- package/out/src/storage/methods/processAction.js.map +1 -0
- package/out/src/storage/remoting/StorageClient.d.ts +56 -0
- package/out/src/storage/remoting/StorageClient.d.ts.map +1 -0
- package/out/src/storage/remoting/StorageClient.js +181 -0
- package/out/src/storage/remoting/StorageClient.js.map +1 -0
- package/out/src/storage/schema/entities/Certificate.d.ts +43 -0
- package/out/src/storage/schema/entities/Certificate.d.ts.map +1 -0
- package/out/src/storage/schema/entities/Certificate.js +162 -0
- package/out/src/storage/schema/entities/Certificate.js.map +1 -0
- package/out/src/storage/schema/entities/CertificateField.d.ts +32 -0
- package/out/src/storage/schema/entities/CertificateField.d.ts.map +1 -0
- package/out/src/storage/schema/entities/CertificateField.js +114 -0
- package/out/src/storage/schema/entities/CertificateField.js.map +1 -0
- package/out/src/storage/schema/entities/Commission.d.ts +37 -0
- package/out/src/storage/schema/entities/Commission.d.ts.map +1 -0
- package/out/src/storage/schema/entities/Commission.js +130 -0
- package/out/src/storage/schema/entities/Commission.js.map +1 -0
- package/out/src/storage/schema/entities/EntityBase.d.ts +105 -0
- package/out/src/storage/schema/entities/EntityBase.d.ts.map +1 -0
- package/out/src/storage/schema/entities/EntityBase.js +100 -0
- package/out/src/storage/schema/entities/EntityBase.js.map +1 -0
- package/out/src/storage/schema/entities/MergeEntity.d.ts +34 -0
- package/out/src/storage/schema/entities/MergeEntity.d.ts.map +1 -0
- package/out/src/storage/schema/entities/MergeEntity.js +57 -0
- package/out/src/storage/schema/entities/MergeEntity.js.map +1 -0
- package/out/src/storage/schema/entities/Output.d.ts +67 -0
- package/out/src/storage/schema/entities/Output.d.ts.map +1 -0
- package/out/src/storage/schema/entities/Output.js +281 -0
- package/out/src/storage/schema/entities/Output.js.map +1 -0
- package/out/src/storage/schema/entities/OutputBasket.d.ts +35 -0
- package/out/src/storage/schema/entities/OutputBasket.d.ts.map +1 -0
- package/out/src/storage/schema/entities/OutputBasket.js +133 -0
- package/out/src/storage/schema/entities/OutputBasket.js.map +1 -0
- package/out/src/storage/schema/entities/OutputTag.d.ts +31 -0
- package/out/src/storage/schema/entities/OutputTag.d.ts.map +1 -0
- package/out/src/storage/schema/entities/OutputTag.js +104 -0
- package/out/src/storage/schema/entities/OutputTag.js.map +1 -0
- package/out/src/storage/schema/entities/OutputTagMap.d.ts +28 -0
- package/out/src/storage/schema/entities/OutputTagMap.d.ts.map +1 -0
- package/out/src/storage/schema/entities/OutputTagMap.js +101 -0
- package/out/src/storage/schema/entities/OutputTagMap.js.map +1 -0
- package/out/src/storage/schema/entities/ProvenTx.d.ts +84 -0
- package/out/src/storage/schema/entities/ProvenTx.d.ts.map +1 -0
- package/out/src/storage/schema/entities/ProvenTx.js +283 -0
- package/out/src/storage/schema/entities/ProvenTx.js.map +1 -0
- package/out/src/storage/schema/entities/ProvenTxReq.d.ts +130 -0
- package/out/src/storage/schema/entities/ProvenTxReq.d.ts.map +1 -0
- package/out/src/storage/schema/entities/ProvenTxReq.js +521 -0
- package/out/src/storage/schema/entities/ProvenTxReq.js.map +1 -0
- package/out/src/storage/schema/entities/SyncState.d.ts +66 -0
- package/out/src/storage/schema/entities/SyncState.d.ts.map +1 -0
- package/out/src/storage/schema/entities/SyncState.js +284 -0
- package/out/src/storage/schema/entities/SyncState.js.map +1 -0
- package/out/src/storage/schema/entities/Transaction.d.ts +67 -0
- package/out/src/storage/schema/entities/Transaction.d.ts.map +1 -0
- package/out/src/storage/schema/entities/Transaction.js +264 -0
- package/out/src/storage/schema/entities/Transaction.js.map +1 -0
- package/out/src/storage/schema/entities/TxLabel.d.ts +31 -0
- package/out/src/storage/schema/entities/TxLabel.d.ts.map +1 -0
- package/out/src/storage/schema/entities/TxLabel.js +104 -0
- package/out/src/storage/schema/entities/TxLabel.js.map +1 -0
- package/out/src/storage/schema/entities/TxLabelMap.d.ts +28 -0
- package/out/src/storage/schema/entities/TxLabelMap.d.ts.map +1 -0
- package/out/src/storage/schema/entities/TxLabelMap.js +103 -0
- package/out/src/storage/schema/entities/TxLabelMap.js.map +1 -0
- package/out/src/storage/schema/entities/User.d.ts +29 -0
- package/out/src/storage/schema/entities/User.d.ts.map +1 -0
- package/out/src/storage/schema/entities/User.js +100 -0
- package/out/src/storage/schema/entities/User.js.map +1 -0
- package/out/src/storage/schema/entities/index.d.ts +17 -0
- package/out/src/storage/schema/entities/index.d.ts.map +1 -0
- package/out/src/storage/schema/entities/index.js +33 -0
- package/out/src/storage/schema/entities/index.js.map +1 -0
- package/out/src/storage/schema/tables/Certificate.d.ts +20 -0
- package/out/src/storage/schema/tables/Certificate.d.ts.map +1 -0
- package/out/src/storage/schema/tables/Certificate.js +3 -0
- package/out/src/storage/schema/tables/Certificate.js.map +1 -0
- package/out/src/storage/schema/tables/CertificateField.d.ts +12 -0
- package/out/src/storage/schema/tables/CertificateField.d.ts.map +1 -0
- package/out/src/storage/schema/tables/CertificateField.js +3 -0
- package/out/src/storage/schema/tables/CertificateField.js.map +1 -0
- package/out/src/storage/schema/tables/Commission.d.ts +13 -0
- package/out/src/storage/schema/tables/Commission.d.ts.map +1 -0
- package/out/src/storage/schema/tables/Commission.js +3 -0
- package/out/src/storage/schema/tables/Commission.js.map +1 -0
- package/out/src/storage/schema/tables/MonitorEvent.d.ts +9 -0
- package/out/src/storage/schema/tables/MonitorEvent.d.ts.map +1 -0
- package/out/src/storage/schema/tables/MonitorEvent.js +3 -0
- package/out/src/storage/schema/tables/MonitorEvent.js.map +1 -0
- package/out/src/storage/schema/tables/Output.d.ts +36 -0
- package/out/src/storage/schema/tables/Output.d.ts.map +1 -0
- package/out/src/storage/schema/tables/Output.js +31 -0
- package/out/src/storage/schema/tables/Output.js.map +1 -0
- package/out/src/storage/schema/tables/OutputBasket.d.ts +12 -0
- package/out/src/storage/schema/tables/OutputBasket.d.ts.map +1 -0
- package/out/src/storage/schema/tables/OutputBasket.js +3 -0
- package/out/src/storage/schema/tables/OutputBasket.js.map +1 -0
- package/out/src/storage/schema/tables/OutputTag.d.ts +10 -0
- package/out/src/storage/schema/tables/OutputTag.d.ts.map +1 -0
- package/out/src/storage/schema/tables/OutputTag.js +3 -0
- package/out/src/storage/schema/tables/OutputTag.js.map +1 -0
- package/out/src/storage/schema/tables/OutputTagMap.d.ts +9 -0
- package/out/src/storage/schema/tables/OutputTagMap.d.ts.map +1 -0
- package/out/src/storage/schema/tables/OutputTagMap.js +3 -0
- package/out/src/storage/schema/tables/OutputTagMap.js.map +1 -0
- package/out/src/storage/schema/tables/ProvenTx.d.ts +14 -0
- package/out/src/storage/schema/tables/ProvenTx.d.ts.map +1 -0
- package/out/src/storage/schema/tables/ProvenTx.js +3 -0
- package/out/src/storage/schema/tables/ProvenTx.js.map +1 -0
- package/out/src/storage/schema/tables/ProvenTxReq.d.ts +64 -0
- package/out/src/storage/schema/tables/ProvenTxReq.d.ts.map +1 -0
- package/out/src/storage/schema/tables/ProvenTxReq.js +3 -0
- package/out/src/storage/schema/tables/ProvenTxReq.js.map +1 -0
- package/out/src/storage/schema/tables/Settings.d.ts +17 -0
- package/out/src/storage/schema/tables/Settings.d.ts.map +1 -0
- package/out/src/storage/schema/tables/Settings.js +3 -0
- package/out/src/storage/schema/tables/Settings.js.map +1 -0
- package/out/src/storage/schema/tables/SyncState.d.ts +18 -0
- package/out/src/storage/schema/tables/SyncState.d.ts.map +1 -0
- package/out/src/storage/schema/tables/SyncState.js +3 -0
- package/out/src/storage/schema/tables/SyncState.js.map +1 -0
- package/out/src/storage/schema/tables/Transaction.d.ts +37 -0
- package/out/src/storage/schema/tables/Transaction.d.ts.map +1 -0
- package/out/src/storage/schema/tables/Transaction.js +21 -0
- package/out/src/storage/schema/tables/Transaction.js.map +1 -0
- package/out/src/storage/schema/tables/TxLabel.d.ts +10 -0
- package/out/src/storage/schema/tables/TxLabel.d.ts.map +1 -0
- package/out/src/storage/schema/tables/TxLabel.js +3 -0
- package/out/src/storage/schema/tables/TxLabel.js.map +1 -0
- package/out/src/storage/schema/tables/TxLabelMap.d.ts +9 -0
- package/out/src/storage/schema/tables/TxLabelMap.d.ts.map +1 -0
- package/out/src/storage/schema/tables/TxLabelMap.js +3 -0
- package/out/src/storage/schema/tables/TxLabelMap.js.map +1 -0
- package/out/src/storage/schema/tables/User.d.ts +16 -0
- package/out/src/storage/schema/tables/User.d.ts.map +1 -0
- package/out/src/storage/schema/tables/User.js +3 -0
- package/out/src/storage/schema/tables/User.js.map +1 -0
- package/out/src/storage/schema/tables/index.d.ts +17 -0
- package/out/src/storage/schema/tables/index.d.ts.map +1 -0
- package/out/src/storage/schema/tables/index.js +33 -0
- package/out/src/storage/schema/tables/index.js.map +1 -0
- package/out/src/utility/ScriptTemplateSABPPP.d.ts +25 -0
- package/out/src/utility/ScriptTemplateSABPPP.d.ts.map +1 -0
- package/out/src/utility/ScriptTemplateSABPPP.js +46 -0
- package/out/src/utility/ScriptTemplateSABPPP.js.map +1 -0
- package/out/src/utility/index.client.d.ts +7 -0
- package/out/src/utility/index.client.d.ts.map +1 -0
- package/out/src/utility/index.client.js +23 -0
- package/out/src/utility/index.client.js.map +1 -0
- package/out/src/utility/parseTxScriptOffsets.d.ts +14 -0
- package/out/src/utility/parseTxScriptOffsets.d.ts.map +1 -0
- package/out/src/utility/parseTxScriptOffsets.js +26 -0
- package/out/src/utility/parseTxScriptOffsets.js.map +1 -0
- package/out/src/utility/stampLog.d.ts +18 -0
- package/out/src/utility/stampLog.d.ts.map +1 -0
- package/out/src/utility/stampLog.js +72 -0
- package/out/src/utility/stampLog.js.map +1 -0
- package/out/src/utility/tscProofToMerklePath.d.ts +8 -0
- package/out/src/utility/tscProofToMerklePath.d.ts.map +1 -0
- package/out/src/utility/tscProofToMerklePath.js +41 -0
- package/out/src/utility/tscProofToMerklePath.js.map +1 -0
- package/out/src/utility/utilityHelpers.d.ts +129 -0
- package/out/src/utility/utilityHelpers.d.ts.map +1 -0
- package/out/src/utility/utilityHelpers.js +268 -0
- package/out/src/utility/utilityHelpers.js.map +1 -0
- package/out/src/utility/utilityHelpers.noBuffer.d.ts +9 -0
- package/out/src/utility/utilityHelpers.noBuffer.d.ts.map +1 -0
- package/out/src/utility/utilityHelpers.noBuffer.js +23 -0
- package/out/src/utility/utilityHelpers.noBuffer.js.map +1 -0
- package/out/tsconfig.client.tsbuildinfo +1 -0
- package/package.json +27 -0
|
@@ -0,0 +1,66 @@
|
|
|
1
|
+
import { Base64String, Certificate as BsvCertificate, CertificateFieldNameUnder50Bytes, GetPublicKeyArgs, GetPublicKeyResult, OriginatorDomainNameStringUnder250Bytes, PubKeyHex, WalletCertificate, WalletDecryptArgs, WalletDecryptResult, WalletEncryptArgs, WalletEncryptResult, WalletProtocol } from '@bsv/sdk';
|
|
2
|
+
export interface CertOpsWallet {
|
|
3
|
+
getPublicKey(args: GetPublicKeyArgs, originator?: OriginatorDomainNameStringUnder250Bytes): Promise<GetPublicKeyResult>;
|
|
4
|
+
encrypt(args: WalletEncryptArgs, originator?: OriginatorDomainNameStringUnder250Bytes): Promise<WalletEncryptResult>;
|
|
5
|
+
decrypt(args: WalletDecryptArgs, originator?: OriginatorDomainNameStringUnder250Bytes): Promise<WalletDecryptResult>;
|
|
6
|
+
}
|
|
7
|
+
export declare class CertOps extends BsvCertificate {
|
|
8
|
+
wallet: CertOpsWallet;
|
|
9
|
+
_keyring?: Record<CertificateFieldNameUnder50Bytes, string>;
|
|
10
|
+
_encryptedFields?: Record<CertificateFieldNameUnder50Bytes, Base64String>;
|
|
11
|
+
_decryptedFields?: Record<CertificateFieldNameUnder50Bytes, string>;
|
|
12
|
+
constructor(wallet: CertOpsWallet, wc: WalletCertificate);
|
|
13
|
+
static fromCounterparty(wallet: CertOpsWallet, e: {
|
|
14
|
+
certificate: WalletCertificate;
|
|
15
|
+
keyring: Record<CertificateFieldNameUnder50Bytes, string>;
|
|
16
|
+
counterparty: PubKeyHex;
|
|
17
|
+
}): Promise<CertOps>;
|
|
18
|
+
static fromCertifier(wallet: CertOpsWallet, e: {
|
|
19
|
+
certificate: WalletCertificate;
|
|
20
|
+
keyring: Record<CertificateFieldNameUnder50Bytes, string>;
|
|
21
|
+
}): Promise<CertOps>;
|
|
22
|
+
static fromEncrypted(wallet: CertOpsWallet, wc: WalletCertificate, keyring: Record<CertificateFieldNameUnder50Bytes, string>): Promise<CertOps>;
|
|
23
|
+
static fromDecrypted(wallet: CertOpsWallet, wc: WalletCertificate): Promise<CertOps>;
|
|
24
|
+
static copyFields<T>(fields: Record<CertificateFieldNameUnder50Bytes, T>): Record<CertificateFieldNameUnder50Bytes, T>;
|
|
25
|
+
static getProtocolForCertificateFieldEncryption(serialNumber: string, fieldName: string): {
|
|
26
|
+
protocolID: WalletProtocol;
|
|
27
|
+
keyID: string;
|
|
28
|
+
};
|
|
29
|
+
exportForSubject(): {
|
|
30
|
+
certificate: WalletCertificate;
|
|
31
|
+
keyring: Record<CertificateFieldNameUnder50Bytes, string>;
|
|
32
|
+
};
|
|
33
|
+
toWalletCertificate(): WalletCertificate;
|
|
34
|
+
encryptFields(counterparty?: 'self' | PubKeyHex): Promise<{
|
|
35
|
+
fields: Record<CertificateFieldNameUnder50Bytes, string>;
|
|
36
|
+
keyring: Record<CertificateFieldNameUnder50Bytes, string>;
|
|
37
|
+
}>;
|
|
38
|
+
decryptFields(counterparty?: PubKeyHex, keyring?: Record<CertificateFieldNameUnder50Bytes, string>): Promise<Record<CertificateFieldNameUnder50Bytes, string>>;
|
|
39
|
+
exportForCounterparty(
|
|
40
|
+
/** The incoming counterparty is who they are to us. */
|
|
41
|
+
counterparty: PubKeyHex, fieldsToReveal: CertificateFieldNameUnder50Bytes[]): Promise<{
|
|
42
|
+
certificate: WalletCertificate;
|
|
43
|
+
keyring: Record<CertificateFieldNameUnder50Bytes, string>;
|
|
44
|
+
counterparty: PubKeyHex;
|
|
45
|
+
}>;
|
|
46
|
+
/**
|
|
47
|
+
* Creates a verifiable certificate structure for a specific verifier, allowing them access to specified fields.
|
|
48
|
+
* This method decrypts the master field keys for each field specified in `fieldsToReveal` and re-encrypts them
|
|
49
|
+
* for the verifier's identity key. The resulting certificate structure includes only the fields intended to be
|
|
50
|
+
* revealed and a verifier-specific keyring for field decryption.
|
|
51
|
+
*
|
|
52
|
+
* @param {PubKeyHex} verifierIdentityKey - The public identity key of the verifier who will receive access to the specified fields.
|
|
53
|
+
* @param {CertificateFieldNameUnder50Bytes[]} fieldsToReveal - An array of field names to be revealed to the verifier. Must be a subset of the certificate's fields.
|
|
54
|
+
* @returns {Promise<Record<CertificateFieldNameUnder50Bytes[], Base64String>} - A new certificate structure containing the original encrypted fields, the verifier-specific field decryption keyring, and essential certificate metadata.
|
|
55
|
+
* @throws {WERR_INVALID_PARAMETER} Throws an error if:
|
|
56
|
+
* - fieldsToReveal is empty or a field in `fieldsToReveal` does not exist in the certificate.
|
|
57
|
+
* - The decrypted master field key fails to decrypt the corresponding field (indicating an invalid key).
|
|
58
|
+
*/
|
|
59
|
+
createKeyringForVerifier(verifierIdentityKey: PubKeyHex, fieldsToReveal: CertificateFieldNameUnder50Bytes[]): Promise<Record<CertificateFieldNameUnder50Bytes, Base64String>>;
|
|
60
|
+
/**
|
|
61
|
+
* encrypt plaintext field values for the subject
|
|
62
|
+
* update the signature using the certifier's private key.
|
|
63
|
+
*/
|
|
64
|
+
encryptAndSignNewCertificate(): Promise<void>;
|
|
65
|
+
}
|
|
66
|
+
//# sourceMappingURL=CertOps.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"CertOps.d.ts","sourceRoot":"","sources":["../../../../src/sdk/CertOps.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,YAAY,EACZ,WAAW,IAAI,cAAc,EAC7B,gCAAgC,EAChC,gBAAgB,EAChB,kBAAkB,EAClB,uCAAuC,EACvC,SAAS,EACT,iBAAiB,EACjB,iBAAiB,EACjB,mBAAmB,EACnB,iBAAiB,EACjB,mBAAmB,EAEnB,cAAc,EACf,MAAM,UAAU,CAAA;AAKjB,MAAM,WAAW,aAAa;IAC5B,YAAY,CACV,IAAI,EAAE,gBAAgB,EACtB,UAAU,CAAC,EAAE,uCAAuC,GACnD,OAAO,CAAC,kBAAkB,CAAC,CAAA;IAC9B,OAAO,CACL,IAAI,EAAE,iBAAiB,EACvB,UAAU,CAAC,EAAE,uCAAuC,GACnD,OAAO,CAAC,mBAAmB,CAAC,CAAA;IAC/B,OAAO,CACL,IAAI,EAAE,iBAAiB,EACvB,UAAU,CAAC,EAAE,uCAAuC,GACnD,OAAO,CAAC,mBAAmB,CAAC,CAAA;CAChC;AAED,qBAAa,OAAQ,SAAQ,cAAc;IAMhC,MAAM,EAAE,aAAa;IAL9B,QAAQ,CAAC,EAAE,MAAM,CAAC,gCAAgC,EAAE,MAAM,CAAC,CAAA;IAC3D,gBAAgB,CAAC,EAAE,MAAM,CAAC,gCAAgC,EAAE,YAAY,CAAC,CAAA;IACzE,gBAAgB,CAAC,EAAE,MAAM,CAAC,gCAAgC,EAAE,MAAM,CAAC,CAAA;gBAG1D,MAAM,EAAE,aAAa,EAC5B,EAAE,EAAE,iBAAiB;WAaV,gBAAgB,CAC3B,MAAM,EAAE,aAAa,EACrB,CAAC,EAAE;QACD,WAAW,EAAE,iBAAiB,CAAA;QAC9B,OAAO,EAAE,MAAM,CAAC,gCAAgC,EAAE,MAAM,CAAC,CAAA;QACzD,YAAY,EAAE,SAAS,CAAA;KACxB,GACA,OAAO,CAAC,OAAO,CAAC;WAUN,aAAa,CACxB,MAAM,EAAE,aAAa,EACrB,CAAC,EAAE;QACD,WAAW,EAAE,iBAAiB,CAAA;QAC9B,OAAO,EAAE,MAAM,CAAC,gCAAgC,EAAE,MAAM,CAAC,CAAA;KAC1D,GACA,OAAO,CAAC,OAAO,CAAC;WAON,aAAa,CACxB,MAAM,EAAE,aAAa,EACrB,EAAE,EAAE,iBAAiB,EACrB,OAAO,EAAE,MAAM,CAAC,gCAAgC,EAAE,MAAM,CAAC,GACxD,OAAO,CAAC,OAAO,CAAC;WASN,aAAa,CACxB,MAAM,EAAE,aAAa,EACrB,EAAE,EAAE,iBAAiB,GACpB,OAAO,CAAC,OAAO,CAAC;IAQnB,MAAM,CAAC,UAAU,CAAC,CAAC,EACjB,MAAM,EAAE,MAAM,CAAC,gCAAgC,EAAE,CAAC,CAAC,GAClD,MAAM,CAAC,gCAAgC,EAAE,CAAC,CAAC;IAM9C,MAAM,CAAC,wCAAwC,CAC7C,YAAY,EAAE,MAAM,EACpB,SAAS,EAAE,MAAM,GAChB;QAAE,UAAU,EAAE,cAAc,CAAC;QAAC,KAAK,EAAE,MAAM,CAAA;KAAE;IAOhD,gBAAgB,IAAI;QAClB,WAAW,EAAE,iBAAiB,CAAA;QAC9B,OAAO,EAAE,MAAM,CAAC,gCAAgC,EAAE,MAAM,CAAC,CAAA;KAC1D;IAeD,mBAAmB,IAAI,iBAAiB;IAQlC,aAAa,CAAC,YAAY,GAAE,MAAM,GAAG,SAAkB,GAAG,OAAO,CAAC;QACtE,MAAM,EAAE,MAAM,CAAC,gCAAgC,EAAE,MAAM,CAAC,CAAA;QACxD,OAAO,EAAE,MAAM,CAAC,gCAAgC,EAAE,MAAM,CAAC,CAAA;KAC1D,CAAC;IAkCI,aAAa,CACjB,YAAY,CAAC,EAAE,SAAS,EACxB,OAAO,CAAC,EAAE,MAAM,CAAC,gCAAgC,EAAE,MAAM,CAAC,GACzD,OAAO,CAAC,MAAM,CAAC,gCAAgC,EAAE,MAAM,CAAC,CAAC;IAiCtD,qBAAqB;IACzB,uDAAuD;IACvD,YAAY,EAAE,SAAS,EACvB,cAAc,EAAE,gCAAgC,EAAE,GACjD,OAAO,CAAC;QACT,WAAW,EAAE,iBAAiB,CAAA;QAC9B,OAAO,EAAE,MAAM,CAAC,gCAAgC,EAAE,MAAM,CAAC,CAAA;QACzD,YAAY,EAAE,SAAS,CAAA;KACxB,CAAC;IAuBF;;;;;;;;;;;;OAYG;IACG,wBAAwB,CAC5B,mBAAmB,EAAE,SAAS,EAC9B,cAAc,EAAE,gCAAgC,EAAE,GACjD,OAAO,CAAC,MAAM,CAAC,gCAAgC,EAAE,YAAY,CAAC,CAAC;IAwDlE;;;OAGG;IACG,4BAA4B,IAAI,OAAO,CAAC,IAAI,CAAC;CAYpD"}
|
|
@@ -0,0 +1,198 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.CertOps = void 0;
|
|
4
|
+
const sdk_1 = require("@bsv/sdk");
|
|
5
|
+
const index_client_1 = require("../index.client");
|
|
6
|
+
const sdk_2 = require("@bsv/sdk");
|
|
7
|
+
const WERR_errors_1 = require("./WERR_errors");
|
|
8
|
+
class CertOps extends sdk_1.Certificate {
|
|
9
|
+
constructor(wallet, wc) {
|
|
10
|
+
super(wc.type, wc.serialNumber, wc.subject, wc.certifier, wc.revocationOutpoint, wc.fields, wc.signature);
|
|
11
|
+
this.wallet = wallet;
|
|
12
|
+
}
|
|
13
|
+
static async fromCounterparty(wallet, e) {
|
|
14
|
+
const c = new CertOps(wallet, e.certificate);
|
|
15
|
+
// confirm cert verifies and decrypts.
|
|
16
|
+
await c.verify();
|
|
17
|
+
await c.decryptFields(e.counterparty, e.keyring);
|
|
18
|
+
// un-decrypt
|
|
19
|
+
c.fields = c._encryptedFields;
|
|
20
|
+
return c;
|
|
21
|
+
}
|
|
22
|
+
static async fromCertifier(wallet, e) {
|
|
23
|
+
return await CertOps.fromCounterparty(wallet, {
|
|
24
|
+
counterparty: e.certificate.certifier,
|
|
25
|
+
...e
|
|
26
|
+
});
|
|
27
|
+
}
|
|
28
|
+
static async fromEncrypted(wallet, wc, keyring) {
|
|
29
|
+
const c = new CertOps(wallet, wc);
|
|
30
|
+
c._keyring = keyring;
|
|
31
|
+
c._encryptedFields = this.copyFields(c.fields);
|
|
32
|
+
c._decryptedFields = await c.decryptFields();
|
|
33
|
+
await c.verify();
|
|
34
|
+
return c;
|
|
35
|
+
}
|
|
36
|
+
static async fromDecrypted(wallet, wc) {
|
|
37
|
+
const c = new CertOps(wallet, wc);
|
|
38
|
+
({ fields: c._encryptedFields, keyring: c._keyring } =
|
|
39
|
+
await c.encryptFields());
|
|
40
|
+
c._decryptedFields = await c.decryptFields();
|
|
41
|
+
return c;
|
|
42
|
+
}
|
|
43
|
+
static copyFields(fields) {
|
|
44
|
+
const copy = {};
|
|
45
|
+
for (const [n, v] of Object.entries(fields))
|
|
46
|
+
copy[n] = v;
|
|
47
|
+
return copy;
|
|
48
|
+
}
|
|
49
|
+
static getProtocolForCertificateFieldEncryption(serialNumber, fieldName) {
|
|
50
|
+
return {
|
|
51
|
+
protocolID: [2, 'certificate field encryption'],
|
|
52
|
+
keyID: `${serialNumber} ${fieldName}`
|
|
53
|
+
};
|
|
54
|
+
}
|
|
55
|
+
exportForSubject() {
|
|
56
|
+
if (!this._keyring ||
|
|
57
|
+
!this._encryptedFields ||
|
|
58
|
+
!this.signature ||
|
|
59
|
+
this.signature.length === 0)
|
|
60
|
+
throw new WERR_errors_1.WERR_INVALID_OPERATION(`Certificate must be encrypted and signed prior to export.`);
|
|
61
|
+
const certificate = this.toWalletCertificate();
|
|
62
|
+
const keyring = this._keyring;
|
|
63
|
+
return { certificate, keyring };
|
|
64
|
+
}
|
|
65
|
+
toWalletCertificate() {
|
|
66
|
+
const wc = {
|
|
67
|
+
signature: '',
|
|
68
|
+
...this
|
|
69
|
+
};
|
|
70
|
+
return wc;
|
|
71
|
+
}
|
|
72
|
+
async encryptFields(counterparty = 'self') {
|
|
73
|
+
const fields = this._decryptedFields || this.fields;
|
|
74
|
+
const encryptedFields = {};
|
|
75
|
+
const keyring = {};
|
|
76
|
+
for (const fieldName of Object.keys(fields)) {
|
|
77
|
+
const fieldSymmetricKey = sdk_2.SymmetricKey.fromRandom();
|
|
78
|
+
const encryptedFieldValue = fieldSymmetricKey.encrypt(sdk_2.Utils.toArray(this.fields[fieldName], 'utf8'));
|
|
79
|
+
encryptedFields[fieldName] = sdk_2.Utils.toBase64(encryptedFieldValue);
|
|
80
|
+
const encryptedFieldKey = await this.wallet.encrypt({
|
|
81
|
+
plaintext: fieldSymmetricKey.toArray(),
|
|
82
|
+
counterparty,
|
|
83
|
+
...CertOps.getProtocolForCertificateFieldEncryption(this.serialNumber, fieldName)
|
|
84
|
+
});
|
|
85
|
+
keyring[fieldName] = sdk_2.Utils.toBase64(encryptedFieldKey.ciphertext);
|
|
86
|
+
}
|
|
87
|
+
this._keyring = keyring;
|
|
88
|
+
this._decryptedFields = fields;
|
|
89
|
+
this.fields = this._encryptedFields = encryptedFields;
|
|
90
|
+
return { fields: encryptedFields, keyring };
|
|
91
|
+
}
|
|
92
|
+
async decryptFields(counterparty, keyring) {
|
|
93
|
+
keyring || (keyring = this._keyring);
|
|
94
|
+
const fields = this._encryptedFields || this.fields;
|
|
95
|
+
const decryptedFields = {};
|
|
96
|
+
if (!keyring)
|
|
97
|
+
throw new index_client_1.sdk.WERR_INVALID_PARAMETER('keyring', 'valid');
|
|
98
|
+
try {
|
|
99
|
+
for (const fieldName of Object.keys(keyring)) {
|
|
100
|
+
const { plaintext: fieldRevelationKey } = await this.wallet.decrypt({
|
|
101
|
+
ciphertext: sdk_2.Utils.toArray(keyring[fieldName], 'base64'),
|
|
102
|
+
counterparty: counterparty || this.subject,
|
|
103
|
+
...CertOps.getProtocolForCertificateFieldEncryption(this.serialNumber, fieldName)
|
|
104
|
+
});
|
|
105
|
+
const fieldValue = new sdk_2.SymmetricKey(fieldRevelationKey).decrypt(sdk_2.Utils.toArray(fields[fieldName], 'base64'));
|
|
106
|
+
decryptedFields[fieldName] = sdk_2.Utils.toUTF8(fieldValue);
|
|
107
|
+
}
|
|
108
|
+
this._keyring = keyring;
|
|
109
|
+
this._encryptedFields = fields;
|
|
110
|
+
this.fields = this._decryptedFields = decryptedFields;
|
|
111
|
+
return decryptedFields;
|
|
112
|
+
}
|
|
113
|
+
catch (eu) {
|
|
114
|
+
const e = index_client_1.sdk.WalletError.fromUnknown(eu);
|
|
115
|
+
throw e;
|
|
116
|
+
}
|
|
117
|
+
}
|
|
118
|
+
async exportForCounterparty(
|
|
119
|
+
/** The incoming counterparty is who they are to us. */
|
|
120
|
+
counterparty, fieldsToReveal) {
|
|
121
|
+
if (!this._keyring ||
|
|
122
|
+
!this._encryptedFields ||
|
|
123
|
+
!this.signature ||
|
|
124
|
+
this.signature.length === 0)
|
|
125
|
+
throw new WERR_errors_1.WERR_INVALID_OPERATION(`Certificate must be encrypted and signed prior to export.`);
|
|
126
|
+
const certificate = this.toWalletCertificate();
|
|
127
|
+
const keyring = await this.createKeyringForVerifier(counterparty, fieldsToReveal);
|
|
128
|
+
// The exported counterparty is who we are to them...
|
|
129
|
+
return {
|
|
130
|
+
certificate,
|
|
131
|
+
keyring,
|
|
132
|
+
counterparty: await (0, index_client_1.getIdentityKey)(this.wallet)
|
|
133
|
+
};
|
|
134
|
+
}
|
|
135
|
+
/**
|
|
136
|
+
* Creates a verifiable certificate structure for a specific verifier, allowing them access to specified fields.
|
|
137
|
+
* This method decrypts the master field keys for each field specified in `fieldsToReveal` and re-encrypts them
|
|
138
|
+
* for the verifier's identity key. The resulting certificate structure includes only the fields intended to be
|
|
139
|
+
* revealed and a verifier-specific keyring for field decryption.
|
|
140
|
+
*
|
|
141
|
+
* @param {PubKeyHex} verifierIdentityKey - The public identity key of the verifier who will receive access to the specified fields.
|
|
142
|
+
* @param {CertificateFieldNameUnder50Bytes[]} fieldsToReveal - An array of field names to be revealed to the verifier. Must be a subset of the certificate's fields.
|
|
143
|
+
* @returns {Promise<Record<CertificateFieldNameUnder50Bytes[], Base64String>} - A new certificate structure containing the original encrypted fields, the verifier-specific field decryption keyring, and essential certificate metadata.
|
|
144
|
+
* @throws {WERR_INVALID_PARAMETER} Throws an error if:
|
|
145
|
+
* - fieldsToReveal is empty or a field in `fieldsToReveal` does not exist in the certificate.
|
|
146
|
+
* - The decrypted master field key fails to decrypt the corresponding field (indicating an invalid key).
|
|
147
|
+
*/
|
|
148
|
+
async createKeyringForVerifier(verifierIdentityKey, fieldsToReveal) {
|
|
149
|
+
if (!this._keyring || !this._encryptedFields)
|
|
150
|
+
throw new index_client_1.sdk.WERR_INVALID_OPERATION(`certificate must be encrypted`);
|
|
151
|
+
if (!Array.isArray(fieldsToReveal) ||
|
|
152
|
+
fieldsToReveal.some(n => this._encryptedFields[n] === undefined))
|
|
153
|
+
throw new index_client_1.sdk.WERR_INVALID_PARAMETER('fieldsToReveal', `an array of certificate field names`);
|
|
154
|
+
const fieldRevelationKeyring = {};
|
|
155
|
+
for (const fieldName of fieldsToReveal) {
|
|
156
|
+
// Create a keyID
|
|
157
|
+
const encryptedFieldKey = this._keyring[fieldName];
|
|
158
|
+
const protocol = CertOps.getProtocolForCertificateFieldEncryption(this.serialNumber, fieldName);
|
|
159
|
+
// Decrypt the master field key
|
|
160
|
+
const { plaintext: fieldKey } = await this.wallet.decrypt({
|
|
161
|
+
ciphertext: sdk_2.Utils.toArray(encryptedFieldKey, 'base64'),
|
|
162
|
+
counterparty: this.certifier,
|
|
163
|
+
...protocol
|
|
164
|
+
});
|
|
165
|
+
// Verify that derived key actually decrypts requested field
|
|
166
|
+
try {
|
|
167
|
+
new sdk_2.SymmetricKey(fieldKey).decrypt(sdk_2.Utils.toArray(this.fields[fieldName], 'base64'));
|
|
168
|
+
}
|
|
169
|
+
catch (_) {
|
|
170
|
+
throw new index_client_1.sdk.WERR_INTERNAL(`unable to decrypt field "${fieldName}" using derived field key.`);
|
|
171
|
+
}
|
|
172
|
+
// Encrypt derived fieldRevelationKey for verifier
|
|
173
|
+
const { ciphertext: encryptedFieldRevelationKey } = await this.wallet.encrypt({
|
|
174
|
+
plaintext: fieldKey,
|
|
175
|
+
counterparty: verifierIdentityKey,
|
|
176
|
+
...protocol
|
|
177
|
+
});
|
|
178
|
+
// Add encryptedFieldRevelationKey to fieldRevelationKeyring
|
|
179
|
+
fieldRevelationKeyring[fieldName] = sdk_2.Utils.toBase64(encryptedFieldRevelationKey);
|
|
180
|
+
}
|
|
181
|
+
// Return the field revelation keyring which can be used to create a verifiable certificate for a verifier.
|
|
182
|
+
return fieldRevelationKeyring;
|
|
183
|
+
}
|
|
184
|
+
/**
|
|
185
|
+
* encrypt plaintext field values for the subject
|
|
186
|
+
* update the signature using the certifier's private key.
|
|
187
|
+
*/
|
|
188
|
+
async encryptAndSignNewCertificate() {
|
|
189
|
+
if ((await (0, index_client_1.getIdentityKey)(this.wallet)) !== this.certifier)
|
|
190
|
+
throw new index_client_1.sdk.WERR_INVALID_PARAMETER('wallet', 'the certifier for new certificate issuance.');
|
|
191
|
+
await this.encryptFields(this.subject);
|
|
192
|
+
await this.sign(this.wallet);
|
|
193
|
+
// Confirm the signed certificate verifies:
|
|
194
|
+
await this.verify();
|
|
195
|
+
}
|
|
196
|
+
}
|
|
197
|
+
exports.CertOps = CertOps;
|
|
198
|
+
//# sourceMappingURL=CertOps.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"CertOps.js","sourceRoot":"","sources":["../../../../src/sdk/CertOps.ts"],"names":[],"mappings":";;;AAAA,kCAeiB;AACjB,kDAAqD;AACrD,kCAA8C;AAC9C,+CAAsD;AAiBtD,MAAa,OAAQ,SAAQ,iBAAc;IAKzC,YACS,MAAqB,EAC5B,EAAqB;QAErB,KAAK,CACH,EAAE,CAAC,IAAI,EACP,EAAE,CAAC,YAAY,EACf,EAAE,CAAC,OAAO,EACV,EAAE,CAAC,SAAS,EACZ,EAAE,CAAC,kBAAkB,EACrB,EAAE,CAAC,MAAM,EACT,EAAE,CAAC,SAAS,CACb,CAAA;QAXM,WAAM,GAAN,MAAM,CAAe;IAY9B,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,gBAAgB,CAC3B,MAAqB,EACrB,CAIC;QAED,MAAM,CAAC,GAAG,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC,WAAW,CAAC,CAAA;QAC5C,sCAAsC;QACtC,MAAM,CAAC,CAAC,MAAM,EAAE,CAAA;QAChB,MAAM,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,YAAY,EAAE,CAAC,CAAC,OAAO,CAAC,CAAA;QAChD,aAAa;QACb,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,gBAAiB,CAAA;QAC9B,OAAO,CAAC,CAAA;IACV,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,aAAa,CACxB,MAAqB,EACrB,CAGC;QAED,OAAO,MAAM,OAAO,CAAC,gBAAgB,CAAC,MAAM,EAAE;YAC5C,YAAY,EAAE,CAAC,CAAC,WAAW,CAAC,SAAS;YACrC,GAAG,CAAC;SACL,CAAC,CAAA;IACJ,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,aAAa,CACxB,MAAqB,EACrB,EAAqB,EACrB,OAAyD;QAEzD,MAAM,CAAC,GAAG,IAAI,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAA;QACjC,CAAC,CAAC,QAAQ,GAAG,OAAO,CAAA;QACpB,CAAC,CAAC,gBAAgB,GAAG,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,MAAM,CAAC,CAAA;QAC9C,CAAC,CAAC,gBAAgB,GAAG,MAAM,CAAC,CAAC,aAAa,EAAE,CAAA;QAC5C,MAAM,CAAC,CAAC,MAAM,EAAE,CAAA;QAChB,OAAO,CAAC,CAAA;IACV,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,aAAa,CACxB,MAAqB,EACrB,EAAqB;QAErB,MAAM,CAAC,GAAG,IAAI,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAChC;QAAA,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC,gBAAgB,EAAE,OAAO,EAAE,CAAC,CAAC,QAAQ,EAAE;YACnD,MAAM,CAAC,CAAC,aAAa,EAAE,CAAC,CAAA;QAC1B,CAAC,CAAC,gBAAgB,GAAG,MAAM,CAAC,CAAC,aAAa,EAAE,CAAA;QAC5C,OAAO,CAAC,CAAA;IACV,CAAC;IAED,MAAM,CAAC,UAAU,CACf,MAAmD;QAEnD,MAAM,IAAI,GAAgD,EAAE,CAAA;QAC5D,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC;YAAE,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAA;QACxD,OAAO,IAAI,CAAA;IACb,CAAC;IAED,MAAM,CAAC,wCAAwC,CAC7C,YAAoB,EACpB,SAAiB;QAEjB,OAAO;YACL,UAAU,EAAE,CAAC,CAAC,EAAE,8BAA8B,CAAC;YAC/C,KAAK,EAAE,GAAG,YAAY,IAAI,SAAS,EAAE;SACtC,CAAA;IACH,CAAC;IAED,gBAAgB;QAId,IACE,CAAC,IAAI,CAAC,QAAQ;YACd,CAAC,IAAI,CAAC,gBAAgB;YACtB,CAAC,IAAI,CAAC,SAAS;YACf,IAAI,CAAC,SAAS,CAAC,MAAM,KAAK,CAAC;YAE3B,MAAM,IAAI,oCAAsB,CAC9B,2DAA2D,CAC5D,CAAA;QACH,MAAM,WAAW,GAAG,IAAI,CAAC,mBAAmB,EAAE,CAAA;QAC9C,MAAM,OAAO,GAAG,IAAI,CAAC,QAAS,CAAA;QAC9B,OAAO,EAAE,WAAW,EAAE,OAAO,EAAE,CAAA;IACjC,CAAC;IAED,mBAAmB;QACjB,MAAM,EAAE,GAAsB;YAC5B,SAAS,EAAE,EAAE;YACb,GAAG,IAAI;SACR,CAAA;QACD,OAAO,EAAE,CAAA;IACX,CAAC;IAED,KAAK,CAAC,aAAa,CAAC,eAAmC,MAAM;QAI3D,MAAM,MAAM,GACV,IAAI,CAAC,gBAAgB,IAAI,IAAI,CAAC,MAAM,CAAA;QACtC,MAAM,eAAe,GAGjB,EAAE,CAAA;QACN,MAAM,OAAO,GAA2D,EAAE,CAAA;QAE1E,KAAK,MAAM,SAAS,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;YAC5C,MAAM,iBAAiB,GAAG,kBAAY,CAAC,UAAU,EAAE,CAAA;YACnD,MAAM,mBAAmB,GAAG,iBAAiB,CAAC,OAAO,CACnD,WAAK,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,EAAE,MAAM,CAAC,CAC9C,CAAA;YACD,eAAe,CAAC,SAAS,CAAC,GAAG,WAAK,CAAC,QAAQ,CACzC,mBAA+B,CAChC,CAAA;YAED,MAAM,iBAAiB,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC;gBAClD,SAAS,EAAE,iBAAiB,CAAC,OAAO,EAAE;gBACtC,YAAY;gBACZ,GAAG,OAAO,CAAC,wCAAwC,CACjD,IAAI,CAAC,YAAY,EACjB,SAAS,CACV;aACF,CAAC,CAAA;YACF,OAAO,CAAC,SAAS,CAAC,GAAG,WAAK,CAAC,QAAQ,CAAC,iBAAiB,CAAC,UAAU,CAAC,CAAA;QACnE,CAAC;QACD,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAA;QACvB,IAAI,CAAC,gBAAgB,GAAG,MAAM,CAAA;QAC9B,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,gBAAgB,GAAG,eAAe,CAAA;QACrD,OAAO,EAAE,MAAM,EAAE,eAAe,EAAE,OAAO,EAAE,CAAA;IAC7C,CAAC;IAED,KAAK,CAAC,aAAa,CACjB,YAAwB,EACxB,OAA0D;QAE1D,OAAO,KAAP,OAAO,GAAK,IAAI,CAAC,QAAQ,EAAA;QACzB,MAAM,MAAM,GACV,IAAI,CAAC,gBAAgB,IAAI,IAAI,CAAC,MAAM,CAAA;QACtC,MAAM,eAAe,GAAqD,EAAE,CAAA;QAC5E,IAAI,CAAC,OAAO;YAAE,MAAM,IAAI,kBAAG,CAAC,sBAAsB,CAAC,SAAS,EAAE,OAAO,CAAC,CAAA;QAEtE,IAAI,CAAC;YACH,KAAK,MAAM,SAAS,IAAI,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC7C,MAAM,EAAE,SAAS,EAAE,kBAAkB,EAAE,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC;oBAClE,UAAU,EAAE,WAAK,CAAC,OAAO,CAAC,OAAO,CAAC,SAAS,CAAC,EAAE,QAAQ,CAAC;oBACvD,YAAY,EAAE,YAAY,IAAI,IAAI,CAAC,OAAO;oBAC1C,GAAG,OAAO,CAAC,wCAAwC,CACjD,IAAI,CAAC,YAAY,EACjB,SAAS,CACV;iBACF,CAAC,CAAA;gBAEF,MAAM,UAAU,GAAG,IAAI,kBAAY,CAAC,kBAAkB,CAAC,CAAC,OAAO,CAC7D,WAAK,CAAC,OAAO,CAAC,MAAM,CAAC,SAAS,CAAC,EAAE,QAAQ,CAAC,CAC3C,CAAA;gBACD,eAAe,CAAC,SAAS,CAAC,GAAG,WAAK,CAAC,MAAM,CAAC,UAAsB,CAAC,CAAA;YACnE,CAAC;YACD,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAA;YACvB,IAAI,CAAC,gBAAgB,GAAG,MAAM,CAAA;YAC9B,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,gBAAgB,GAAG,eAAe,CAAA;YACrD,OAAO,eAAe,CAAA;QACxB,CAAC;QAAC,OAAO,EAAW,EAAE,CAAC;YACrB,MAAM,CAAC,GAAG,kBAAG,CAAC,WAAW,CAAC,WAAW,CAAC,EAAE,CAAC,CAAA;YACzC,MAAM,CAAC,CAAA;QACT,CAAC;IACH,CAAC;IAED,KAAK,CAAC,qBAAqB;IACzB,uDAAuD;IACvD,YAAuB,EACvB,cAAkD;QAMlD,IACE,CAAC,IAAI,CAAC,QAAQ;YACd,CAAC,IAAI,CAAC,gBAAgB;YACtB,CAAC,IAAI,CAAC,SAAS;YACf,IAAI,CAAC,SAAS,CAAC,MAAM,KAAK,CAAC;YAE3B,MAAM,IAAI,oCAAsB,CAC9B,2DAA2D,CAC5D,CAAA;QACH,MAAM,WAAW,GAAG,IAAI,CAAC,mBAAmB,EAAE,CAAA;QAC9C,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,wBAAwB,CACjD,YAAY,EACZ,cAAc,CACf,CAAA;QACD,qDAAqD;QACrD,OAAO;YACL,WAAW;YACX,OAAO;YACP,YAAY,EAAE,MAAM,IAAA,6BAAc,EAAC,IAAI,CAAC,MAAM,CAAC;SAChD,CAAA;IACH,CAAC;IAED;;;;;;;;;;;;OAYG;IACH,KAAK,CAAC,wBAAwB,CAC5B,mBAA8B,EAC9B,cAAkD;QAElD,IAAI,CAAC,IAAI,CAAC,QAAQ,IAAI,CAAC,IAAI,CAAC,gBAAgB;YAC1C,MAAM,IAAI,kBAAG,CAAC,sBAAsB,CAAC,+BAA+B,CAAC,CAAA;QACvE,IACE,CAAC,KAAK,CAAC,OAAO,CAAC,cAAc,CAAC;YAC9B,cAAc,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,gBAAiB,CAAC,CAAC,CAAC,KAAK,SAAS,CAAC;YAEjE,MAAM,IAAI,kBAAG,CAAC,sBAAsB,CAClC,gBAAgB,EAChB,qCAAqC,CACtC,CAAA;QACH,MAAM,sBAAsB,GAAG,EAAE,CAAA;QACjC,KAAK,MAAM,SAAS,IAAI,cAAc,EAAE,CAAC;YACvC,iBAAiB;YACjB,MAAM,iBAAiB,GAAG,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAA;YAClD,MAAM,QAAQ,GAAG,OAAO,CAAC,wCAAwC,CAC/D,IAAI,CAAC,YAAY,EACjB,SAAS,CACV,CAAA;YAED,+BAA+B;YAC/B,MAAM,EAAE,SAAS,EAAE,QAAQ,EAAE,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC;gBACxD,UAAU,EAAE,WAAK,CAAC,OAAO,CAAC,iBAAiB,EAAE,QAAQ,CAAC;gBACtD,YAAY,EAAE,IAAI,CAAC,SAAS;gBAC5B,GAAG,QAAQ;aACZ,CAAC,CAAA;YAEF,4DAA4D;YAC5D,IAAI,CAAC;gBACH,IAAI,kBAAY,CAAC,QAAQ,CAAC,CAAC,OAAO,CAChC,WAAK,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,EAAE,QAAQ,CAAC,CAChD,CAAA;YACH,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;gBACX,MAAM,IAAI,kBAAG,CAAC,aAAa,CACzB,4BAA4B,SAAS,4BAA4B,CAClE,CAAA;YACH,CAAC;YAED,kDAAkD;YAClD,MAAM,EAAE,UAAU,EAAE,2BAA2B,EAAE,GAC/C,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC;gBACxB,SAAS,EAAE,QAAQ;gBACnB,YAAY,EAAE,mBAAmB;gBACjC,GAAG,QAAQ;aACZ,CAAC,CAAA;YAEJ,4DAA4D;YAC5D,sBAAsB,CAAC,SAAS,CAAC,GAAG,WAAK,CAAC,QAAQ,CAChD,2BAA2B,CAC5B,CAAA;QACH,CAAC;QAED,2GAA2G;QAC3G,OAAO,sBAAsB,CAAA;IAC/B,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,4BAA4B;QAChC,IAAI,CAAC,MAAM,IAAA,6BAAc,EAAC,IAAI,CAAC,MAAM,CAAC,CAAC,KAAK,IAAI,CAAC,SAAS;YACxD,MAAM,IAAI,kBAAG,CAAC,sBAAsB,CAClC,QAAQ,EACR,6CAA6C,CAC9C,CAAA;QAEH,MAAM,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;QACtC,MAAM,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,MAAoC,CAAC,CAAA;QAC1D,2CAA2C;QAC3C,MAAM,IAAI,CAAC,MAAM,EAAE,CAAA;IACrB,CAAC;CACF;AAtTD,0BAsTC"}
|
|
@@ -0,0 +1,125 @@
|
|
|
1
|
+
import { PrivateKey, CreateHmacArgs, CreateHmacResult, CreateSignatureArgs, CreateSignatureResult, GetPublicKeyArgs, PubKeyHex, RevealCounterpartyKeyLinkageArgs, RevealCounterpartyKeyLinkageResult, RevealSpecificKeyLinkageArgs, RevealSpecificKeyLinkageResult, VerifyHmacArgs, VerifyHmacResult, VerifySignatureArgs, VerifySignatureResult, WalletDecryptArgs, WalletDecryptResult, WalletEncryptArgs, WalletEncryptResult } from '@bsv/sdk';
|
|
2
|
+
/**
|
|
3
|
+
* PrivilegedKeyManager
|
|
4
|
+
*
|
|
5
|
+
* This class manages a privileged (i.e., very sensitive) private key, obtained from
|
|
6
|
+
* an external function (`keyGetter`), which might be backed by HSMs, secure enclaves,
|
|
7
|
+
* or other secure storage. The manager retains the key in memory only for a limited
|
|
8
|
+
* duration (`retentionPeriod`), uses XOR-based chunk-splitting obfuscation, and
|
|
9
|
+
* includes decoy data to raise the difficulty of discovering the real key in memory.
|
|
10
|
+
*
|
|
11
|
+
* IMPORTANT: While these measures raise the bar for attackers, JavaScript environments
|
|
12
|
+
* do not provide perfect in-memory secrecy.
|
|
13
|
+
*/
|
|
14
|
+
export declare class PrivilegedKeyManager {
|
|
15
|
+
/**
|
|
16
|
+
* Function that will retrieve the PrivateKey from a secure environment,
|
|
17
|
+
* e.g., an HSM or secure enclave. The reason for key usage is passed in
|
|
18
|
+
* to help with user consent, auditing, and access policy checks.
|
|
19
|
+
*/
|
|
20
|
+
private keyGetter;
|
|
21
|
+
/**
|
|
22
|
+
* Time (in ms) for which the obfuscated key remains in memory
|
|
23
|
+
* before being automatically destroyed.
|
|
24
|
+
*/
|
|
25
|
+
private retentionPeriod;
|
|
26
|
+
/**
|
|
27
|
+
* A list of dynamically generated property names used to store
|
|
28
|
+
* real key chunks (XORed with random pads).
|
|
29
|
+
*/
|
|
30
|
+
private chunkPropNames;
|
|
31
|
+
/**
|
|
32
|
+
* A list of dynamically generated property names used to store
|
|
33
|
+
* the random pads that correspond to the real key chunks.
|
|
34
|
+
*/
|
|
35
|
+
private chunkPadPropNames;
|
|
36
|
+
/**
|
|
37
|
+
* A list of decoy property names that will be removed
|
|
38
|
+
* when the real key is destroyed.
|
|
39
|
+
*/
|
|
40
|
+
private decoyPropNamesDestroy;
|
|
41
|
+
/**
|
|
42
|
+
* A list of decoy property names that remain in memory
|
|
43
|
+
* even after the real key is destroyed (just to cause confusion).
|
|
44
|
+
*/
|
|
45
|
+
private decoyPropNamesRemain;
|
|
46
|
+
/**
|
|
47
|
+
* Handle to the timer that will remove the key from memory
|
|
48
|
+
* after the retention period. If the key is refreshed again
|
|
49
|
+
* within that period, the timer is cleared and re-set.
|
|
50
|
+
*/
|
|
51
|
+
private destroyTimer;
|
|
52
|
+
/**
|
|
53
|
+
* Number of chunks to split the 32-byte key into.
|
|
54
|
+
* Adjust to increase or decrease obfuscation complexity.
|
|
55
|
+
*/
|
|
56
|
+
private readonly CHUNK_COUNT;
|
|
57
|
+
/**
|
|
58
|
+
* @param keyGetter - Asynchronous function that retrieves the PrivateKey from a secure environment.
|
|
59
|
+
* @param retentionPeriod - Time in milliseconds to retain the obfuscated key in memory before zeroizing.
|
|
60
|
+
*/
|
|
61
|
+
constructor(keyGetter: (reason: string) => Promise<PrivateKey>, retentionPeriod?: number);
|
|
62
|
+
/**
|
|
63
|
+
* Safely destroys the in-memory obfuscated key material by zeroizing
|
|
64
|
+
* and deleting related fields. Also destroys some (but not all) decoy
|
|
65
|
+
* properties to further confuse an attacker.
|
|
66
|
+
*/
|
|
67
|
+
destroyKey(): void;
|
|
68
|
+
/**
|
|
69
|
+
* Re/sets the destruction timer that removes the key from memory
|
|
70
|
+
* after `retentionPeriod` ms. If a timer is already running, it
|
|
71
|
+
* is cleared and re-set. This ensures the key remains in memory
|
|
72
|
+
* for exactly the desired window after its most recent acquisition.
|
|
73
|
+
*/
|
|
74
|
+
private scheduleKeyDestruction;
|
|
75
|
+
/**
|
|
76
|
+
* XOR-based obfuscation on a per-chunk basis.
|
|
77
|
+
* This function takes two equal-length byte arrays
|
|
78
|
+
* and returns the XOR combination.
|
|
79
|
+
*/
|
|
80
|
+
private xorBytes;
|
|
81
|
+
/**
|
|
82
|
+
* Splits the 32-byte key into `this.CHUNK_COUNT` smaller chunks
|
|
83
|
+
* (mostly equal length; the last chunk picks up leftover bytes
|
|
84
|
+
* if 32 is not evenly divisible).
|
|
85
|
+
*/
|
|
86
|
+
private splitKeyIntoChunks;
|
|
87
|
+
/**
|
|
88
|
+
* Reassembles the chunks from the dynamic properties, XORs them
|
|
89
|
+
* with their corresponding pads, and returns a single 32-byte
|
|
90
|
+
* Uint8Array representing the raw key.
|
|
91
|
+
*/
|
|
92
|
+
private reassembleKeyFromChunks;
|
|
93
|
+
/**
|
|
94
|
+
* Generates a random property name to store key chunks or decoy data.
|
|
95
|
+
*/
|
|
96
|
+
private generateRandomPropName;
|
|
97
|
+
/**
|
|
98
|
+
* Forces a PrivateKey to be represented as exactly 32 bytes, left-padding
|
|
99
|
+
* with zeros if its numeric value has fewer than 32 bytes.
|
|
100
|
+
*/
|
|
101
|
+
private get32ByteRepresentation;
|
|
102
|
+
/**
|
|
103
|
+
* Returns the privileged key needed to perform cryptographic operations.
|
|
104
|
+
* Uses in-memory chunk-based obfuscation if the key was already fetched.
|
|
105
|
+
* Otherwise, it calls out to `keyGetter`, splits the 32-byte representation
|
|
106
|
+
* of the key, XORs each chunk with a random pad, and stores them under
|
|
107
|
+
* dynamic property names. Also populates new decoy properties.
|
|
108
|
+
*
|
|
109
|
+
* @param reason - The reason for why the key is needed, passed to keyGetter.
|
|
110
|
+
* @returns The PrivateKey object needed for cryptographic operations.
|
|
111
|
+
*/
|
|
112
|
+
private getPrivilegedKey;
|
|
113
|
+
getPublicKey(args: GetPublicKeyArgs): Promise<{
|
|
114
|
+
publicKey: PubKeyHex;
|
|
115
|
+
}>;
|
|
116
|
+
revealCounterpartyKeyLinkage(args: RevealCounterpartyKeyLinkageArgs): Promise<RevealCounterpartyKeyLinkageResult>;
|
|
117
|
+
revealSpecificKeyLinkage(args: RevealSpecificKeyLinkageArgs): Promise<RevealSpecificKeyLinkageResult>;
|
|
118
|
+
encrypt(args: WalletEncryptArgs): Promise<WalletEncryptResult>;
|
|
119
|
+
decrypt(args: WalletDecryptArgs): Promise<WalletDecryptResult>;
|
|
120
|
+
createHmac(args: CreateHmacArgs): Promise<CreateHmacResult>;
|
|
121
|
+
verifyHmac(args: VerifyHmacArgs): Promise<VerifyHmacResult>;
|
|
122
|
+
createSignature(args: CreateSignatureArgs): Promise<CreateSignatureResult>;
|
|
123
|
+
verifySignature(args: VerifySignatureArgs): Promise<VerifySignatureResult>;
|
|
124
|
+
}
|
|
125
|
+
//# sourceMappingURL=PrivilegedKeyManager.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"PrivilegedKeyManager.d.ts","sourceRoot":"","sources":["../../../../src/sdk/PrivilegedKeyManager.ts"],"names":[],"mappings":"AAAA,OAAO,EAGL,UAAU,EACV,cAAc,EACd,gBAAgB,EAChB,mBAAmB,EACnB,qBAAqB,EACrB,gBAAgB,EAEhB,SAAS,EACT,gCAAgC,EAChC,kCAAkC,EAClC,4BAA4B,EAC5B,8BAA8B,EAC9B,cAAc,EACd,gBAAgB,EAChB,mBAAmB,EACnB,qBAAqB,EACrB,iBAAiB,EACjB,mBAAmB,EACnB,iBAAiB,EACjB,mBAAmB,EACpB,MAAM,UAAU,CAAA;AAEjB;;;;;;;;;;;GAWG;AACH,qBAAa,oBAAoB;IAC/B;;;;OAIG;IACH,OAAO,CAAC,SAAS,CAAyC;IAE1D;;;OAGG;IACH,OAAO,CAAC,eAAe,CAAQ;IAE/B;;;OAGG;IACH,OAAO,CAAC,cAAc,CAAe;IAErC;;;OAGG;IACH,OAAO,CAAC,iBAAiB,CAAe;IAExC;;;OAGG;IACH,OAAO,CAAC,qBAAqB,CAAe;IAE5C;;;OAGG;IACH,OAAO,CAAC,oBAAoB,CAAe;IAE3C;;;;OAIG;IACH,OAAO,CAAC,YAAY,CAAiB;IAErC;;;OAGG;IACH,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAI;IAEhC;;;OAGG;gBAED,SAAS,EAAE,CAAC,MAAM,EAAE,MAAM,KAAK,OAAO,CAAC,UAAU,CAAC,EAClD,eAAe,SAAU;IAc3B;;;;OAIG;IACH,UAAU,IAAI,IAAI;IAyClB;;;;;OAKG;IACH,OAAO,CAAC,sBAAsB;IAU9B;;;;OAIG;IACH,OAAO,CAAC,QAAQ;IAQhB;;;;OAIG;IACH,OAAO,CAAC,kBAAkB;IAc1B;;;;OAIG;IACH,OAAO,CAAC,uBAAuB;IAiC/B;;OAEG;IACH,OAAO,CAAC,sBAAsB;IAM9B;;;OAGG;IACH,OAAO,CAAC,uBAAuB;IAe/B;;;;;;;;;OASG;YACW,gBAAgB;IA4DxB,YAAY,CAChB,IAAI,EAAE,gBAAgB,GACrB,OAAO,CAAC;QAAE,SAAS,EAAE,SAAS,CAAA;KAAE,CAAC;IAM9B,4BAA4B,CAChC,IAAI,EAAE,gCAAgC,GACrC,OAAO,CAAC,kCAAkC,CAAC;IAMxC,wBAAwB,CAC5B,IAAI,EAAE,4BAA4B,GACjC,OAAO,CAAC,8BAA8B,CAAC;IAMpC,OAAO,CAAC,IAAI,EAAE,iBAAiB,GAAG,OAAO,CAAC,mBAAmB,CAAC;IAM9D,OAAO,CAAC,IAAI,EAAE,iBAAiB,GAAG,OAAO,CAAC,mBAAmB,CAAC;IAM9D,UAAU,CAAC,IAAI,EAAE,cAAc,GAAG,OAAO,CAAC,gBAAgB,CAAC;IAM3D,UAAU,CAAC,IAAI,EAAE,cAAc,GAAG,OAAO,CAAC,gBAAgB,CAAC;IAM3D,eAAe,CACnB,IAAI,EAAE,mBAAmB,GACxB,OAAO,CAAC,qBAAqB,CAAC;IAM3B,eAAe,CACnB,IAAI,EAAE,mBAAmB,GACxB,OAAO,CAAC,qBAAqB,CAAC;CAKlC"}
|