@bsv/wallet-toolbox 1.3.31 → 1.3.32

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@bsv/wallet-toolbox",
-  "version": "1.3.31",
+  "version": "1.3.32",
   "description": "BRC100 conforming wallet, wallet storage and wallet signer components",
   "main": "./out/src/index.js",
   "types": "./out/src/index.d.ts",

package/src/WalletPermissionsManager.ts

@@ -324,6 +324,12 @@ export class WalletPermissionsManager implements WalletInterface {
     }
   > = new Map()
 
+  /** Cache recently confirmed permissions to avoid repeated lookups. */
+  private permissionCache: Map<string, { expiry: number; cachedAt: number }> = new Map()
+
+  /** How long a cached permission remains valid (5 minutes). */
+  private static readonly CACHE_TTL_MS = 5 * 60 * 1000
+
   /**
    * Configuration that determines whether to skip or apply various checks and encryption.
    */
@@ -480,6 +486,11 @@ export class WalletPermissionsManager implements WalletInterface {
         )
       }
     }
+
+    // Update the cache regardless of ephemeral status
+    const expiry = params.expiry || Math.floor(Date.now() / 1000) + 3600 * 24 * 30
+    const key = this.buildRequestKey(matching.request)
+    this.cachePermission(key, expiry)
   }
 
   /**
@@ -562,6 +573,17 @@ export class WalletPermissionsManager implements WalletInterface {
       privileged = false
     }
 
+    const cacheKey = this.buildRequestKey({
+      type: 'protocol',
+      originator,
+      privileged,
+      protocolID,
+      counterparty
+    })
+    if (this.isPermissionCached(cacheKey)) {
+      return true
+    }
+
     // 4) Attempt to find a valid token in the internal basket
     const token = await this.findProtocolToken(
       originator,
@@ -573,6 +595,7 @@ export class WalletPermissionsManager implements WalletInterface {
     if (token) {
       if (!this.isTokenExpired(token.expiry)) {
         // valid and unexpired
+        this.cachePermission(cacheKey, token.expiry)
         return true
       } else {
         // has a token but expired => request renewal if allowed
@@ -595,7 +618,7 @@ export class WalletPermissionsManager implements WalletInterface {
       if (!seekPermission) {
         throw new Error(`No protocol permission token found (seekPermission=false).`)
       }
-      return await this.requestPermissionFlow({
+      const granted = await this.requestPermissionFlow({
         type: 'protocol',
         originator,
         privileged,
@@ -604,6 +627,11 @@ export class WalletPermissionsManager implements WalletInterface {
         reason,
         renewal: false
       })
+      if (granted) {
+        // Unknown expiry until grantPermission() is called; cache for now with TTL only
+        this.cachePermission(cacheKey, 0)
+      }
+      return granted
     }
   }
 
@@ -631,9 +659,14 @@ export class WalletPermissionsManager implements WalletInterface {
     if (usageType === 'insertion' && !this.config.seekBasketInsertionPermissions) return true
     if (usageType === 'removal' && !this.config.seekBasketRemovalPermissions) return true
     if (usageType === 'listing' && !this.config.seekBasketListingPermissions) return true
+    const cacheKey = this.buildRequestKey({ type: 'basket', originator, basket })
+    if (this.isPermissionCached(cacheKey)) {
+      return true
+    }
     const token = await this.findBasketToken(originator, basket, true)
     if (token) {
       if (!this.isTokenExpired(token.expiry)) {
+        this.cachePermission(cacheKey, token.expiry)
         return true
       } else {
         if (!seekPermission) {
@@ -653,13 +686,17 @@ export class WalletPermissionsManager implements WalletInterface {
       if (!seekPermission) {
         throw new Error(`No basket permission found, and no user consent allowed (seekPermission=false).`)
       }
-      return await this.requestPermissionFlow({
+      const granted = await this.requestPermissionFlow({
         type: 'basket',
         originator,
         basket,
         reason,
         renewal: false
       })
+      if (granted) {
+        this.cachePermission(cacheKey, 0)
+      }
+      return granted
     }
   }
 
@@ -693,6 +730,15 @@ export class WalletPermissionsManager implements WalletInterface {
     if (!this.config.differentiatePrivilegedOperations) {
       privileged = false
     }
+    const cacheKey = this.buildRequestKey({
+      type: 'certificate',
+      originator,
+      privileged,
+      certificate: { verifier, certType, fields }
+    })
+    if (this.isPermissionCached(cacheKey)) {
+      return true
+    }
     const token = await this.findCertificateToken(
       originator,
       privileged,
@@ -703,6 +749,7 @@ export class WalletPermissionsManager implements WalletInterface {
     )
     if (token) {
       if (!this.isTokenExpired(token.expiry)) {
+        this.cachePermission(cacheKey, token.expiry)
         return true
       } else {
         if (!seekPermission) {
@@ -722,7 +769,7 @@ export class WalletPermissionsManager implements WalletInterface {
       if (!seekPermission) {
         throw new Error(`No certificate permission found (seekPermission=false).`)
       }
-      return await this.requestPermissionFlow({
+      const granted = await this.requestPermissionFlow({
         type: 'certificate',
         originator,
         privileged,
@@ -730,6 +777,10 @@ export class WalletPermissionsManager implements WalletInterface {
         reason,
         renewal: false
       })
+      if (granted) {
+        this.cachePermission(cacheKey, 0)
+      }
+      return granted
     }
   }
 
@@ -759,11 +810,16 @@ export class WalletPermissionsManager implements WalletInterface {
       // We skip spending permission entirely
       return true
     }
+    const cacheKey = this.buildRequestKey({ type: 'spending', originator })
+    if (this.isPermissionCached(cacheKey)) {
+      return true
+    }
     const token = await this.findSpendingToken(originator)
     if (token?.authorizedAmount) {
       // Check how much has been spent so far
       const spentSoFar = await this.querySpentSince(token)
       if (spentSoFar + satoshis <= token.authorizedAmount) {
+        this.cachePermission(cacheKey, token.expiry)
         return true
       } else {
         // Renew if possible
@@ -772,7 +828,7 @@ export class WalletPermissionsManager implements WalletInterface {
             `Spending authorization insufficient for ${satoshis}, no user consent (seekPermission=false).`
           )
         }
-        return await this.requestPermissionFlow({
+        const granted = await this.requestPermissionFlow({
           type: 'spending',
           originator,
           spending: { satoshis, lineItems },
@@ -780,19 +836,27 @@ export class WalletPermissionsManager implements WalletInterface {
           renewal: true,
           previousToken: token
         })
+        if (granted) {
+          this.cachePermission(cacheKey, 0)
+        }
+        return granted
       }
     } else {
       // no token
       if (!seekPermission) {
         throw new Error(`No spending authorization found, (seekPermission=false).`)
       }
-      return await this.requestPermissionFlow({
+      const granted = await this.requestPermissionFlow({
         type: 'spending',
         originator,
         spending: { satoshis, lineItems },
         reason,
         renewal: false
       })
+      if (granted) {
+        this.cachePermission(cacheKey, 0)
+      }
+      return granted
     }
   }
 
@@ -828,8 +892,19 @@ export class WalletPermissionsManager implements WalletInterface {
       return true
     }
 
+    const cacheKey = this.buildRequestKey({
+      type: 'protocol',
+      originator,
+      privileged: false,
+      protocolID: [1, `action label ${label}`],
+      counterparty: 'self'
+    })
+    if (this.isPermissionCached(cacheKey)) {
+      return true
+    }
+
     // 3) Let ensureProtocolPermission handle the rest.
-    return await this.ensureProtocolPermission({
+    const granted = await this.ensureProtocolPermission({
       originator,
       privileged: false,
       protocolID: [1, `action label ${label}`],
@@ -838,6 +913,10 @@ export class WalletPermissionsManager implements WalletInterface {
       seekPermission,
       usageType: 'generic'
     })
+    if (granted) {
+      this.cachePermission(cacheKey, 0)
+    }
+    return granted
   }
 
   /**
@@ -2525,6 +2604,29 @@ export class WalletPermissionsManager implements WalletInterface {
     return false
   }
 
+  /**
+   * Returns true if we have a cached record that the permission identified by
+   * `key` is valid and unexpired.
+   */
+  private isPermissionCached(key: string): boolean {
+    const entry = this.permissionCache.get(key)
+    if (!entry) return false
+    if (Date.now() - entry.cachedAt > WalletPermissionsManager.CACHE_TTL_MS) {
+      this.permissionCache.delete(key)
+      return false
+    }
+    if (this.isTokenExpired(entry.expiry)) {
+      this.permissionCache.delete(key)
+      return false
+    }
+    return true
+  }
+
+  /** Caches the fact that the permission for `key` is valid until `expiry`. */
+  private cachePermission(key: string, expiry: number): void {
+    this.permissionCache.set(key, { expiry, cachedAt: Date.now() })
+  }
+
   /**
    * Builds a "map key" string so that identical requests (e.g. "protocol:domain:true:protoName:counterparty")
    * do not produce multiple user prompts.

package/src/__tests/WalletPermissionsManager.flows.test.ts

@@ -295,6 +295,9 @@ describe('WalletPermissionsManager - Permission Request Flow & Active Requests',
       // Because ephemeral=true, we do NOT create an on-chain token
       expect(createTokenSpy).not.toHaveBeenCalled()
 
+      // Clear cache to actually run again
+      ;(manager as any).permissionCache = new Map()
+
       // 2) Immediately call ensureProtocolPermission again for the same resource
       // Because ephemeral usage didn't store a token, it should re-prompt.
       const pCall2 = manager.ensureProtocolPermission({

package/test/Wallet/support/operations.man.test.ts

@@ -52,6 +52,7 @@ describe('operations.man tests', () => {
     let offset = 0
     const limit = 100
     let allUnfails: number[] = []
+    let reviewed = 0
     for (;;) {
       let log = ''
       const unfails: number[] = []
@@ -66,8 +67,9 @@ describe('operations.man tests', () => {
           log += `unfail ${req.provenTxReqId} ${req.txid}\n`
           unfails.push(req.provenTxReqId)
         }
+        reviewed++
       }
-      console.log(`DoubleSpends OFFSET: ${offset} ${unfails.length} unfails\n${log}`)
+      console.log(`DoubleSpends OFFSET: ${offset} ${reviewed} ${unfails.length} unfails\n${log}`)
       allUnfails = allUnfails.concat(unfails)
       if (reqs.length < limit) break
       offset += reqs.length
@@ -83,6 +85,7 @@ describe('operations.man tests', () => {
     let offset = 0
     const limit = 100
     let allUnfails: number[] = []
+    let reviewed = 0
     for (;;) {
       let log = ''
       const unfails: number[] = []
@@ -98,8 +101,9 @@ describe('operations.man tests', () => {
           log += `unfail ${req.provenTxReqId} ${req.txid}\n`
           unfails.push(req.provenTxReqId)
         }
+        reviewed++
       }
-      console.log(`Failed OFFSET: ${offset} ${unfails.length} unfails\n${log}`)
+      console.log(`Failed OFFSET: ${offset} ${reviewed} ${unfails.length} unfails\n${log}`)
       allUnfails = allUnfails.concat(unfails)
       if (reqs.length < limit) break
       offset += reqs.length