@canton-network/wallet-gateway-remote 0.20.0 → 0.22.0

package/dist/ledger/wallet-allocation/signing-providers/kernel-wallet-allocator.d.ts

@@ -0,0 +1,17 @@
+import { UserId } from '@canton-network/core-wallet-auth';
+import { Store, Wallet } from '@canton-network/core-wallet-store';
+import { SigningDriverInterface } from '@canton-network/core-signing-lib';
+import { Logger } from 'pino';
+import { PartyAllocationService } from '../../party-allocation-service.js';
+import { PartyHint, Primary } from '../../../user-api/rpc-gen/typings.js';
+import type { WalletAllocator } from '../wallet-allocation-service.js';
+export declare class KernelWalletAllocator implements WalletAllocator {
+    private store;
+    private logger;
+    private partyAllocator;
+    private signingDriver;
+    constructor(store: Store, logger: Logger, partyAllocator: PartyAllocationService, signingDriver: SigningDriverInterface);
+    createWallet(userId: UserId, partyHint: PartyHint, primary?: Primary): Promise<Wallet>;
+    allocateParty(userId: UserId, existingWallet: Wallet): Promise<void>;
+}
+//# sourceMappingURL=kernel-wallet-allocator.d.ts.map

package/dist/ledger/wallet-allocation/signing-providers/kernel-wallet-allocator.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"kernel-wallet-allocator.d.ts","sourceRoot":"","sources":["../../../../src/ledger/wallet-allocation/signing-providers/kernel-wallet-allocator.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,MAAM,EAAE,MAAM,kCAAkC,CAAA;AACzD,OAAO,EAAE,KAAK,EAAgB,MAAM,EAAE,MAAM,mCAAmC,CAAA;AAC/E,OAAO,EAEH,sBAAsB,EAEzB,MAAM,kCAAkC,CAAA;AACzC,OAAO,EAAE,MAAM,EAAE,MAAM,MAAM,CAAA;AAC7B,OAAO,EAAE,sBAAsB,EAAE,MAAM,mCAAmC,CAAA;AAC1E,OAAO,EAAE,SAAS,EAAE,OAAO,EAAE,MAAM,sCAAsC,CAAA;AACzE,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,iCAAiC,CAAA;AAUtE,qBAAa,qBAAsB,YAAW,eAAe;IAErD,OAAO,CAAC,KAAK;IACb,OAAO,CAAC,MAAM;IACd,OAAO,CAAC,cAAc;IACtB,OAAO,CAAC,aAAa;gBAHb,KAAK,EAAE,KAAK,EACZ,MAAM,EAAE,MAAM,EACd,cAAc,EAAE,sBAAsB,EACtC,aAAa,EAAE,sBAAsB;IAG3C,YAAY,CACd,MAAM,EAAE,MAAM,EACd,SAAS,EAAE,SAAS,EACpB,OAAO,GAAE,OAAe,GACzB,OAAO,CAAC,MAAM,CAAC;IAgDZ,aAAa,CAAC,MAAM,EAAE,MAAM,EAAE,cAAc,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;CAiC7E"}

package/dist/ledger/wallet-allocation/signing-providers/kernel-wallet-allocator.js

@@ -0,0 +1,79 @@
+// Copyright (c) 2025-2026 Digital Asset (Switzerland) GmbH and/or its affiliates. All rights reserved.
+// SPDX-License-Identifier: Apache-2.0
+import { SigningProvider, } from '@canton-network/core-signing-lib';
+function handleSigningError(result) {
+    if ('error' in result) {
+        throw new Error(`Error from signing driver: ${result.error_description}`);
+    }
+    return result;
+}
+export class KernelWalletAllocator {
+    constructor(store, logger, partyAllocator, signingDriver) {
+        this.store = store;
+        this.logger = logger;
+        this.partyAllocator = partyAllocator;
+        this.signingDriver = signingDriver;
+    }
+    async createWallet(userId, partyHint, primary = false) {
+        const driver = this.signingDriver.controller(userId);
+        const key = await driver
+            .createKey({
+            name: partyHint,
+        })
+            .then(handleSigningError);
+        const party = await this.partyAllocator.allocateParty(userId, partyHint, key.publicKey, async (hash) => {
+            const { signature } = await driver
+                .signTransaction({
+                tx: '',
+                txHash: hash,
+                keyIdentifier: {
+                    publicKey: key.publicKey,
+                },
+            })
+                .then(handleSigningError);
+            if (!signature) {
+                throw new Error('No signature returned from signing driver');
+            }
+            return signature;
+        });
+        const network = await this.store.getCurrentNetwork();
+        const wallet = {
+            partyId: party.partyId,
+            hint: party.hint,
+            namespace: party.namespace,
+            signingProviderId: SigningProvider.WALLET_KERNEL,
+            networkId: network.id,
+            status: 'allocated',
+            primary,
+            publicKey: key.publicKey,
+            externalTxId: '',
+            topologyTransactions: '',
+        };
+        await this.store.addWallet(wallet);
+        return wallet;
+    }
+    async allocateParty(userId, existingWallet) {
+        const driver = this.signingDriver.controller(userId);
+        const signingCallback = async (hash) => {
+            const result = await driver
+                .signTransaction({
+                tx: '',
+                txHash: hash,
+                keyIdentifier: { publicKey: existingWallet.publicKey },
+            })
+                .then(handleSigningError);
+            if (!result.signature) {
+                throw new Error('No signature returned from signing driver');
+            }
+            return result.signature;
+        };
+        const party = await this.partyAllocator.allocateParty(userId, existingWallet.hint, existingWallet.publicKey, signingCallback);
+        const network = await this.store.getCurrentNetwork();
+        const updateWallet = {
+            networkId: network.id,
+            partyId: party.partyId,
+            status: 'allocated',
+        };
+        return await this.store.updateWallet(updateWallet);
+    }
+}

package/dist/ledger/wallet-allocation/signing-providers/participant-wallet-allocator.d.ts

@@ -0,0 +1,15 @@
+import { UserId } from '@canton-network/core-wallet-auth';
+import { Store, Wallet } from '@canton-network/core-wallet-store';
+import { Logger } from 'pino';
+import { PartyAllocationService } from '../../party-allocation-service.js';
+import { PartyHint, Primary } from '../../../user-api/rpc-gen/typings.js';
+import type { WalletAllocator } from '../wallet-allocation-service.js';
+export declare class ParticipantWalletAllocator implements WalletAllocator {
+    private store;
+    private logger;
+    private partyAllocator;
+    constructor(store: Store, logger: Logger, partyAllocator: PartyAllocationService);
+    createWallet(userId: UserId, partyHint: PartyHint, primary?: Primary): Promise<Wallet>;
+    allocateParty(userId: UserId, existingWallet: Wallet): Promise<void>;
+}
+//# sourceMappingURL=participant-wallet-allocator.d.ts.map

package/dist/ledger/wallet-allocation/signing-providers/participant-wallet-allocator.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"participant-wallet-allocator.d.ts","sourceRoot":"","sources":["../../../../src/ledger/wallet-allocation/signing-providers/participant-wallet-allocator.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,MAAM,EAAE,MAAM,kCAAkC,CAAA;AACzD,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,mCAAmC,CAAA;AAEjE,OAAO,EAAE,MAAM,EAAE,MAAM,MAAM,CAAA;AAC7B,OAAO,EAAE,sBAAsB,EAAE,MAAM,mCAAmC,CAAA;AAC1E,OAAO,EAAE,SAAS,EAAE,OAAO,EAAE,MAAM,sCAAsC,CAAA;AACzE,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,iCAAiC,CAAA;AAEtE,qBAAa,0BAA2B,YAAW,eAAe;IAE1D,OAAO,CAAC,KAAK;IACb,OAAO,CAAC,MAAM;IACd,OAAO,CAAC,cAAc;gBAFd,KAAK,EAAE,KAAK,EACZ,MAAM,EAAE,MAAM,EACd,cAAc,EAAE,sBAAsB;IAG5C,YAAY,CACd,MAAM,EAAE,MAAM,EACd,SAAS,EAAE,SAAS,EACpB,OAAO,GAAE,OAAe,GACzB,OAAO,CAAC,MAAM,CAAC;IAmBZ,aAAa,CAAC,MAAM,EAAE,MAAM,EAAE,cAAc,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;CAY7E"}

package/dist/ledger/wallet-allocation/signing-providers/participant-wallet-allocator.js

@@ -0,0 +1,37 @@
+// Copyright (c) 2025-2026 Digital Asset (Switzerland) GmbH and/or its affiliates. All rights reserved.
+// SPDX-License-Identifier: Apache-2.0
+import { SigningProvider } from '@canton-network/core-signing-lib';
+export class ParticipantWalletAllocator {
+    constructor(store, logger, partyAllocator) {
+        this.store = store;
+        this.logger = logger;
+        this.partyAllocator = partyAllocator;
+    }
+    async createWallet(userId, partyHint, primary = false) {
+        const party = await this.partyAllocator.allocateParty(userId, partyHint);
+        const network = await this.store.getCurrentNetwork();
+        const wallet = {
+            partyId: party.partyId,
+            hint: party.hint,
+            namespace: party.namespace,
+            signingProviderId: SigningProvider.PARTICIPANT,
+            networkId: network.id,
+            status: 'allocated',
+            primary,
+            publicKey: party.namespace,
+            externalTxId: '',
+            topologyTransactions: '',
+        };
+        await this.store.addWallet(wallet);
+        return wallet;
+    }
+    async allocateParty(userId, existingWallet) {
+        const party = await this.partyAllocator.allocateParty(userId, existingWallet.hint);
+        const network = await this.store.getCurrentNetwork();
+        return await this.store.updateWallet({
+            partyId: party.partyId,
+            networkId: network.id,
+            status: 'allocated',
+        });
+    }
+}

package/dist/ledger/wallet-allocation/wallet-allocation-service.d.ts

@@ -0,0 +1,20 @@
+import { UserId } from '@canton-network/core-wallet-auth';
+import { Store, Wallet } from '@canton-network/core-wallet-store';
+import { SigningDriverInterface, SigningProvider } from '@canton-network/core-signing-lib';
+import { Logger } from 'pino';
+import { PartyAllocationService } from '../party-allocation-service.js';
+import { PartyHint, Primary } from '../../user-api/rpc-gen/typings.js';
+export interface WalletAllocator {
+    createWallet(userId: UserId, partyHint: PartyHint, primary: Primary): Promise<Wallet>;
+    allocateParty(userId: UserId, existingWallet: Wallet): Promise<void>;
+}
+export declare class WalletAllocationService {
+    private readonly participantAllocator;
+    private readonly kernelAllocator?;
+    private readonly fireblocksAllocator?;
+    private readonly blockdaemonAllocator?;
+    constructor(store: Store, logger: Logger, partyAllocator: PartyAllocationService, signingDrivers?: Partial<Record<SigningProvider, SigningDriverInterface>>);
+    createWallet(userId: UserId, partyHint: PartyHint, primary: Primary, signingProviderId: SigningProvider): Promise<Wallet>;
+    allocateParty(userId: UserId, existingWallet: Wallet, signingProviderId: SigningProvider): Promise<void>;
+}
+//# sourceMappingURL=wallet-allocation-service.d.ts.map

package/dist/ledger/wallet-allocation/wallet-allocation-service.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"wallet-allocation-service.d.ts","sourceRoot":"","sources":["../../../src/ledger/wallet-allocation/wallet-allocation-service.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,MAAM,EAAE,MAAM,kCAAkC,CAAA;AACzD,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,mCAAmC,CAAA;AACjE,OAAO,EACH,sBAAsB,EACtB,eAAe,EAClB,MAAM,kCAAkC,CAAA;AACzC,OAAO,EAAE,MAAM,EAAE,MAAM,MAAM,CAAA;AAC7B,OAAO,EAAE,sBAAsB,EAAE,MAAM,gCAAgC,CAAA;AACvE,OAAO,EAAE,SAAS,EAAE,OAAO,EAAE,MAAM,mCAAmC,CAAA;AAMtE,MAAM,WAAW,eAAe;IAC5B,YAAY,CACR,MAAM,EAAE,MAAM,EACd,SAAS,EAAE,SAAS,EACpB,OAAO,EAAE,OAAO,GACjB,OAAO,CAAC,MAAM,CAAC,CAAA;IAClB,aAAa,CAAC,MAAM,EAAE,MAAM,EAAE,cAAc,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAA;CACvE;AAED,qBAAa,uBAAuB;IAChC,OAAO,CAAC,QAAQ,CAAC,oBAAoB,CAA4B;IACjE,OAAO,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAuB;IACxD,OAAO,CAAC,QAAQ,CAAC,mBAAmB,CAAC,CAA2B;IAChE,OAAO,CAAC,QAAQ,CAAC,oBAAoB,CAAC,CAA4B;gBAG9D,KAAK,EAAE,KAAK,EACZ,MAAM,EAAE,MAAM,EACd,cAAc,EAAE,sBAAsB,EACtC,cAAc,GAAE,OAAO,CACnB,MAAM,CAAC,eAAe,EAAE,sBAAsB,CAAC,CAC7C;IAuCG,YAAY,CACrB,MAAM,EAAE,MAAM,EACd,SAAS,EAAE,SAAS,EACpB,OAAO,EAAE,OAAO,EAChB,iBAAiB,EAAE,eAAe,GACnC,OAAO,CAAC,MAAM,CAAC;IA4CL,aAAa,CACtB,MAAM,EAAE,MAAM,EACd,cAAc,EAAE,MAAM,EACtB,iBAAiB,EAAE,eAAe,GACnC,OAAO,CAAC,IAAI,CAAC;CAuCnB"}

package/dist/ledger/wallet-allocation/wallet-allocation-service.js

@@ -0,0 +1,70 @@
+// Copyright (c) 2025-2026 Digital Asset (Switzerland) GmbH and/or its affiliates. All rights reserved.
+// SPDX-License-Identifier: Apache-2.0
+import { SigningProvider, } from '@canton-network/core-signing-lib';
+import { ParticipantWalletAllocator } from './signing-providers/participant-wallet-allocator.js';
+import { KernelWalletAllocator } from './signing-providers/kernel-wallet-allocator.js';
+import { FireblocksWalletAllocator } from './signing-providers/fireblocks-wallet-allocator.js';
+import { BlockdaemonWalletAllocator } from './signing-providers/blockdaemon-wallet-allocator.js';
+export class WalletAllocationService {
+    constructor(store, logger, partyAllocator, signingDrivers = {}) {
+        this.participantAllocator = new ParticipantWalletAllocator(store, logger, partyAllocator);
+        const kernelDriver = signingDrivers[SigningProvider.WALLET_KERNEL];
+        if (kernelDriver) {
+            this.kernelAllocator = new KernelWalletAllocator(store, logger, partyAllocator, kernelDriver);
+        }
+        const fireblocksDriver = signingDrivers[SigningProvider.FIREBLOCKS];
+        if (fireblocksDriver) {
+            this.fireblocksAllocator = new FireblocksWalletAllocator(store, logger, partyAllocator, fireblocksDriver);
+        }
+        const blockdaemonDriver = signingDrivers[SigningProvider.BLOCKDAEMON];
+        if (blockdaemonDriver) {
+            this.blockdaemonAllocator = new BlockdaemonWalletAllocator(store, logger, partyAllocator, blockdaemonDriver);
+        }
+    }
+    async createWallet(userId, partyHint, primary, signingProviderId) {
+        switch (signingProviderId) {
+            case SigningProvider.PARTICIPANT:
+                return this.participantAllocator.createWallet(userId, partyHint, primary);
+            case SigningProvider.WALLET_KERNEL:
+                if (!this.kernelAllocator) {
+                    throw new Error('Wallet Kernel signing driver not available');
+                }
+                return this.kernelAllocator.createWallet(userId, partyHint, primary);
+            case SigningProvider.FIREBLOCKS:
+                if (!this.fireblocksAllocator) {
+                    throw new Error('Fireblocks signing driver not available');
+                }
+                return this.fireblocksAllocator.createWallet(userId, partyHint, primary);
+            case SigningProvider.BLOCKDAEMON:
+                if (!this.blockdaemonAllocator) {
+                    throw new Error('Blockdaemon signing driver not available');
+                }
+                return this.blockdaemonAllocator.createWallet(userId, partyHint, primary);
+            default:
+                throw new Error(`Unsupported signing provider: ${signingProviderId}`);
+        }
+    }
+    async allocateParty(userId, existingWallet, signingProviderId) {
+        switch (signingProviderId) {
+            case SigningProvider.PARTICIPANT:
+                return this.participantAllocator.allocateParty(userId, existingWallet);
+            case SigningProvider.WALLET_KERNEL:
+                if (!this.kernelAllocator) {
+                    throw new Error('Wallet Kernel signing driver not available');
+                }
+                return this.kernelAllocator.allocateParty(userId, existingWallet);
+            case SigningProvider.FIREBLOCKS:
+                if (!this.fireblocksAllocator) {
+                    throw new Error('Fireblocks signing driver not available');
+                }
+                return this.fireblocksAllocator.allocateParty(userId, existingWallet);
+            case SigningProvider.BLOCKDAEMON:
+                if (!this.blockdaemonAllocator) {
+                    throw new Error('Blockdaemon signing driver not available');
+                }
+                return this.blockdaemonAllocator.allocateParty(userId, existingWallet);
+            default:
+                throw new Error(`Unsupported signing provider: ${signingProviderId}`);
+        }
+    }
+}

package/dist/ledger/wallet-allocation/wallet-allocation-service.test.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=wallet-allocation-service.test.d.ts.map

package/dist/ledger/wallet-allocation/wallet-allocation-service.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"wallet-allocation-service.test.d.ts","sourceRoot":"","sources":["../../../src/ledger/wallet-allocation/wallet-allocation-service.test.ts"],"names":[],"mappings":""}

package/dist/ledger/wallet-allocation/wallet-allocation-service.test.js

@@ -0,0 +1,301 @@
+// Copyright (c) 2025-2026 Digital Asset (Switzerland) GmbH and/or its affiliates. All rights reserved.
+// SPDX-License-Identifier: Apache-2.0
+import { jest, describe, it, expect, beforeEach, afterEach, } from '@jest/globals';
+import { pino } from 'pino';
+import { sink } from 'pino-test';
+import { WalletAllocationService } from './wallet-allocation-service.js';
+import { SigningProvider } from '@canton-network/core-signing-lib';
+import { WALLET_DISABLED_REASON } from '@canton-network/core-types';
+const createWallet = (partyId, overrides = {}) => ({
+    primary: false,
+    partyId,
+    status: 'allocated',
+    hint: partyId.split('::')[0],
+    signingProviderId: 'internal',
+    publicKey: 'test-public-key',
+    namespace: 'namespace',
+    networkId: 'network1',
+    disabled: false,
+    ...overrides,
+});
+const createAllocatedParty = (partyId, hint, namespace) => ({
+    partyId,
+    hint,
+    namespace,
+});
+function createFireblocksDriver(options) {
+    const getKeysResult = {
+        keys: [{ id: 'key-1', name: 'Canton Party', publicKey: 'fb-pk' }],
+    };
+    const signTransactionResult = options.signTransactionResult ?? {
+        status: 'pending',
+        txId: 'tx-1',
+    };
+    const getTransactionResult = options.getTransactionResult ?? signTransactionResult;
+    return {
+        controller: jest.fn().mockReturnValue({
+            getKeys: jest
+                .fn()
+                .mockResolvedValue(getKeysResult),
+            signTransaction: jest
+                .fn()
+                .mockResolvedValue(signTransactionResult),
+            getTransaction: jest
+                .fn()
+                .mockResolvedValue(getTransactionResult),
+        }),
+    };
+}
+function createBlockdaemonDriver(options) {
+    const signTransactionResult = options.signTransactionResult ?? {
+        status: 'pending',
+        txId: 'tx-1',
+    };
+    const getTransactionResult = options.getTransactionResult ?? signTransactionResult;
+    return {
+        controller: jest.fn().mockReturnValue({
+            createKey: jest
+                .fn()
+                .mockResolvedValue({
+                publicKey: 'bd-pk',
+            }),
+            signTransaction: jest
+                .fn()
+                .mockResolvedValue(signTransactionResult),
+            getTransaction: jest
+                .fn()
+                .mockResolvedValue(getTransactionResult),
+        }),
+    };
+}
+describe('WalletAllocationService', () => {
+    let mockLogger;
+    let mockStore;
+    let mockPartyAllocator;
+    let mockController;
+    let mockWalletKernelDriver;
+    let service;
+    const createService = (drivers) => new WalletAllocationService(mockStore, mockLogger, mockPartyAllocator, drivers);
+    beforeEach(async () => {
+        mockLogger = pino(sink());
+        mockStore = {
+            getWallets: jest.fn(),
+            removeWallet: jest.fn(),
+            addWallet: jest.fn(),
+            updateWallet: jest.fn(),
+            getCurrentNetwork: jest
+                .fn()
+                .mockResolvedValue({ id: 'network1' }),
+        };
+        mockPartyAllocator = {
+            allocateParty: jest.fn(),
+            allocatePartyWithExistingWallet: jest.fn(),
+            createFingerprintFromKey: jest.fn().mockReturnValue('fingerprint'),
+            generateTopologyTransactions: jest
+                .fn()
+                .mockResolvedValue({
+                topologyTransactions: ['tx1'],
+                multiHash: 'hash',
+            }),
+        };
+        mockController = {
+            createKey: jest
+                .fn()
+                .mockResolvedValue({
+                id: 'key-id',
+                name: 'test-key',
+                publicKey: 'new-public-key',
+            }),
+            signTransaction: jest
+                .fn()
+                .mockResolvedValue({
+                txId: 'tx-id',
+                status: 'signed',
+                signature: 'sig',
+            }),
+        };
+        mockWalletKernelDriver = {
+            controller: jest.fn(() => mockController),
+        };
+        service = createService({
+            [SigningProvider.WALLET_KERNEL]: mockWalletKernelDriver,
+        });
+    });
+    afterEach(() => {
+        jest.restoreAllMocks();
+    });
+    describe('Participant', () => {
+        it('createWallet allocates new party and adds wallet', async () => {
+            const expectedParty = createAllocatedParty('alice::participant1', 'alice', 'participant1');
+            mockPartyAllocator.allocateParty.mockResolvedValue(expectedParty);
+            const result = await service.createWallet('user-1', 'alice', false, SigningProvider.PARTICIPANT);
+            expect(mockPartyAllocator.allocateParty).toHaveBeenCalledWith('user-1', 'alice');
+            expect(mockStore.addWallet).toHaveBeenCalledWith(expect.objectContaining({
+                partyId: 'alice::participant1',
+                status: 'allocated',
+                networkId: 'network1',
+            }));
+            expect(result.partyId).toBe('alice::participant1');
+            expect(result.status).toBe('allocated');
+        });
+        it('allocateParty allocates party and updates store', async () => {
+            const expectedParty = createAllocatedParty('alice::participant1', 'alice', 'participant1');
+            mockPartyAllocator.allocateParty.mockResolvedValue(expectedParty);
+            const existingWallet = createWallet('alice::namespace', {
+                hint: 'alice',
+                namespace: 'namespace',
+                signingProviderId: SigningProvider.PARTICIPANT,
+            });
+            await service.allocateParty('user-1', existingWallet, SigningProvider.PARTICIPANT);
+            expect(mockPartyAllocator.allocateParty).toHaveBeenCalledWith('user-1', 'alice');
+            expect(mockStore.updateWallet).toHaveBeenCalledWith({
+                partyId: 'alice::participant1',
+                networkId: 'network1',
+                status: 'allocated',
+            });
+        });
+    });
+    describe('Wallet Kernel', () => {
+        it('createWallet initializes new wallet and adds to store', async () => {
+            const expectedParty = createAllocatedParty('bob::fingerprint', 'bob', 'fingerprint');
+            mockPartyAllocator.createFingerprintFromKey.mockReturnValue('fingerprint');
+            mockPartyAllocator.allocateParty.mockResolvedValue(expectedParty);
+            const result = await service.createWallet('user-1', 'bob', false, SigningProvider.WALLET_KERNEL);
+            expect(mockStore.addWallet).toHaveBeenCalledWith(expect.objectContaining({
+                partyId: 'bob::fingerprint',
+                status: 'allocated',
+                publicKey: 'new-public-key',
+            }));
+            expect(result.partyId).toBe('bob::fingerprint');
+            expect(result.publicKey).toBe('new-public-key');
+            expect(mockWalletKernelDriver.controller).toHaveBeenCalledWith('user-1');
+            expect(mockController.createKey).toHaveBeenCalledWith({
+                name: 'bob',
+            });
+        });
+        it('allocateParty allocates with existing public key and updates store', async () => {
+            const expectedParty = createAllocatedParty('bob::fingerprint', 'bob', 'fingerprint');
+            mockPartyAllocator.allocateParty.mockImplementation(async (_userId, _hint, _publicKey, signingCallback) => {
+                if (signingCallback) {
+                    await signingCallback('test-hash');
+                }
+                return expectedParty;
+            });
+            const existingWallet = createWallet('bob::namespace', {
+                hint: 'bob',
+                publicKey: 'existing-public-key',
+                signingProviderId: SigningProvider.WALLET_KERNEL,
+            });
+            await service.allocateParty('user-1', existingWallet, SigningProvider.WALLET_KERNEL);
+            expect(mockController.signTransaction).toHaveBeenCalledWith(expect.objectContaining({
+                txHash: 'test-hash',
+                keyIdentifier: { publicKey: 'existing-public-key' },
+            }));
+            expect(mockStore.updateWallet).toHaveBeenCalledWith({
+                partyId: 'bob::fingerprint',
+                networkId: 'network1',
+                status: 'allocated',
+            });
+        });
+        it('throws when Wallet Kernel signing driver not available', async () => {
+            const serviceWithoutDriver = createService({});
+            await expect(serviceWithoutDriver.createWallet('user-1', 'bob', false, SigningProvider.WALLET_KERNEL)).rejects.toThrow('Wallet Kernel signing driver not available');
+        });
+    });
+    describe('Fireblocks', () => {
+        it('throws when Fireblocks signing driver not available', async () => {
+            const serviceWithoutFireblocks = createService({});
+            await expect(serviceWithoutFireblocks.createWallet('user-1', 'alice', false, SigningProvider.FIREBLOCKS)).rejects.toThrow('Fireblocks signing driver not available');
+        });
+        it('createWallet returns allocated when signTransaction returns signed', async () => {
+            const serviceWithFireblocks = createService({
+                [SigningProvider.FIREBLOCKS]: createFireblocksDriver({
+                    signTransactionResult: { status: 'signed', txId: 'tx-1' },
+                    getTransactionResult: {
+                        txId: 'tx-1',
+                        status: 'signed',
+                        signature: 'deadbeef',
+                    },
+                }),
+            });
+            mockPartyAllocator.allocatePartyWithExistingWallet.mockResolvedValue('alice::namespace');
+            const result = await serviceWithFireblocks.createWallet('user-1', 'alice', false, SigningProvider.FIREBLOCKS);
+            expect(result.status).toBe('allocated');
+            expect(result.partyId).toBe('alice::namespace');
+            expect(mockPartyAllocator.allocatePartyWithExistingWallet).toHaveBeenCalled();
+            expect(mockStore.addWallet).toHaveBeenCalled();
+        });
+        it('createWallet returns initialized when signTransaction returns pending', async () => {
+            const serviceWithFireblocks = createService({
+                [SigningProvider.FIREBLOCKS]: createFireblocksDriver({
+                    signTransactionResult: { status: 'pending', txId: 'tx-1' },
+                    getTransactionResult: {
+                        txId: 'tx-1',
+                        status: 'pending',
+                    },
+                }),
+            });
+            const result = await serviceWithFireblocks.createWallet('user-1', 'alice', false, SigningProvider.FIREBLOCKS);
+            expect(result.status).toBe('initialized');
+            expect(mockPartyAllocator.allocatePartyWithExistingWallet).not.toHaveBeenCalled();
+            expect(mockStore.addWallet).toHaveBeenCalled();
+        });
+        it.each([
+            ['failed', WALLET_DISABLED_REASON.TOPOLOGY_TRANSACTION_FAILED],
+            ['rejected', WALLET_DISABLED_REASON.TOPOLOGY_TRANSACTION_REJECTED],
+        ])('createWallet returns status removed with reason when signTransaction returns %s', async (status, expectedReason) => {
+            const serviceWithFireblocks = createService({
+                [SigningProvider.FIREBLOCKS]: createFireblocksDriver({
+                    signTransactionResult: { status, txId: 'tx-1' },
+                    getTransactionResult: {
+                        txId: 'tx-1',
+                        status,
+                    },
+                }),
+            });
+            const result = await serviceWithFireblocks.createWallet('user-1', 'alice', false, SigningProvider.FIREBLOCKS);
+            expect(result.status).toBe('removed');
+            expect(result.reason).toBe(expectedReason);
+            expect(mockPartyAllocator.allocatePartyWithExistingWallet).not.toHaveBeenCalled();
+            expect(mockStore.addWallet).toHaveBeenCalled();
+        });
+    });
+    describe('Blockdaemon', () => {
+        it('throws when Blockdaemon signing driver not available', async () => {
+            const serviceWithoutBlockdaemon = createService({});
+            await expect(serviceWithoutBlockdaemon.createWallet('user-1', 'alice', false, SigningProvider.BLOCKDAEMON)).rejects.toThrow('Blockdaemon signing driver not available');
+        });
+        it('createWallet returns initialized when signTransaction returns pending', async () => {
+            const serviceWithBlockdaemon = createService({
+                [SigningProvider.BLOCKDAEMON]: createBlockdaemonDriver({
+                    signTransactionResult: { status: 'pending', txId: 'tx-1' },
+                }),
+            });
+            const result = await serviceWithBlockdaemon.createWallet('user-1', 'alice', false, SigningProvider.BLOCKDAEMON);
+            expect(result.status).toBe('initialized');
+            expect(result.reason).toBe(WALLET_DISABLED_REASON.TOPOLOGY_TRANSACTION_PENDING);
+            expect(result.externalTxId).toBe('tx-1');
+            expect(result.partyId).toBe('alice::fingerprint');
+            expect(mockPartyAllocator.allocatePartyWithExistingWallet).not.toHaveBeenCalled();
+            expect(mockStore.addWallet).toHaveBeenCalled();
+        });
+        it('createWallet returns allocated when signTransaction returns signed', async () => {
+            const serviceWithBlockdaemon = createService({
+                [SigningProvider.BLOCKDAEMON]: createBlockdaemonDriver({
+                    signTransactionResult: { status: 'signed', txId: 'tx-1' },
+                    getTransactionResult: {
+                        txId: 'tx-1',
+                        status: 'signed',
+                        signature: 'sig-base64',
+                    },
+                }),
+            });
+            mockPartyAllocator.allocatePartyWithExistingWallet.mockResolvedValue('alice::namespace');
+            const result = await serviceWithBlockdaemon.createWallet('user-1', 'alice', false, SigningProvider.BLOCKDAEMON);
+            expect(result.status).toBe('allocated');
+            expect(result.partyId).toBe('alice::namespace');
+            expect(mockPartyAllocator.allocatePartyWithExistingWallet).toHaveBeenCalled();
+            expect(mockStore.addWallet).toHaveBeenCalled();
+        });
+    });
+});

package/dist/ledger/wallet-sync-service.d.ts

@@ -1,25 +1,18 @@
 import { LedgerClient } from '@canton-network/core-ledger-client';
 import { AuthContext } from '@canton-network/core-wallet-auth';
-import { Store, Wallet } from '@canton-network/core-wallet-store';
+import { Store } from '@canton-network/core-wallet-store';
 import { SigningDriverInterface, SigningProvider } from '@canton-network/core-signing-lib';
 import { Logger } from 'pino';
 import { PartyAllocationService } from './party-allocation-service.js';
-export type WalletSyncReport = {
-    added: Wallet[];
-    removed: Wallet[];
-};
-export declare const WALLET_DISABLED_REASON: {
-    NO_SIGNING_PROVIDER_MATCHED: string;
-};
+import { SyncWalletsResult } from '../user-api/rpc-gen/typings.js';
 export declare class WalletSyncService {
     private store;
     private ledgerClient;
-    private adminLedgerClient;
     private authContext;
     private logger;
     private signingDrivers;
     private partyAllocator;
-    constructor(store: Store, ledgerClient: LedgerClient, adminLedgerClient: LedgerClient, authContext: AuthContext, logger: Logger, signingDrivers: Partial<Record<SigningProvider, SigningDriverInterface>> | undefined, partyAllocator: PartyAllocationService);
+    constructor(store: Store, ledgerClient: LedgerClient, authContext: AuthContext, logger: Logger, signingDrivers: Partial<Record<SigningProvider, SigningDriverInterface>> | undefined, partyAllocator: PartyAllocationService);
     run(timeoutMs: number): Promise<void>;
     protected resolveSigningProvider(namespace: string): Promise<{
         signingProviderId: SigningProvider.PARTICIPANT;
@@ -29,8 +22,10 @@ export declare class WalletSyncService {
         publicKey: string;
         matched: boolean;
     }>;
-    private getPartiesRightsMap;
+    private getPartiesWithRights;
     isWalletSyncNeeded(): Promise<boolean>;
-    syncWallets(): Promise<WalletSyncReport>;
+    private handleWalletsWithoutParty;
+    private handlePartiesWithoutWallet;
+    syncWallets(): Promise<SyncWalletsResult>;
 }
 //# sourceMappingURL=wallet-sync-service.d.ts.map

package/dist/ledger/wallet-sync-service.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"wallet-sync-service.d.ts","sourceRoot":"","sources":["../../src/ledger/wallet-sync-service.ts"],"names":[],"mappings":"AAGA,OAAO,EACH,YAAY,EAEf,MAAM,oCAAoC,CAAA;AAC3C,OAAO,EAAE,WAAW,EAAE,MAAM,kCAAkC,CAAA;AAC9D,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,mCAAmC,CAAA;AACjE,OAAO,EACH,sBAAsB,EACtB,eAAe,EAClB,MAAM,kCAAkC,CAAA;AACzC,OAAO,EAAE,MAAM,EAAE,MAAM,MAAM,CAAA;AAC7B,OAAO,EAAE,sBAAsB,EAAE,MAAM,+BAA+B,CAAA;AAEtE,MAAM,MAAM,gBAAgB,GAAG;IAC3B,KAAK,EAAE,MAAM,EAAE,CAAA;IACf,OAAO,EAAE,MAAM,EAAE,CAAA;CACpB,CAAA;AAED,eAAO,MAAM,sBAAsB;;CAElC,CAAA;AAED,qBAAa,iBAAiB;IAEtB,OAAO,CAAC,KAAK;IACb,OAAO,CAAC,YAAY;IACpB,OAAO,CAAC,iBAAiB;IACzB,OAAO,CAAC,WAAW;IACnB,OAAO,CAAC,MAAM;IACd,OAAO,CAAC,cAAc;IAGtB,OAAO,CAAC,cAAc;gBARd,KAAK,EAAE,KAAK,EACZ,YAAY,EAAE,YAAY,EAC1B,iBAAiB,EAAE,YAAY,EAC/B,WAAW,EAAE,WAAW,EACxB,MAAM,EAAE,MAAM,EACd,cAAc,EAAE,OAAO,CAC3B,MAAM,CAAC,eAAe,EAAE,sBAAsB,CAAC,CAClD,YAAK,EACE,cAAc,EAAE,sBAAsB;IAG5C,GAAG,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;cAU3B,sBAAsB,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAC5D;QACI,iBAAiB,EAAE,eAAe,CAAC,WAAW,CAAA;QAC9C,OAAO,EAAE,OAAO,CAAA;KACnB,GACD;QACI,iBAAiB,EAAE,OAAO,CACtB,eAAe,EACf,eAAe,CAAC,WAAW,CAC9B,CAAA;QACD,SAAS,EAAE,MAAM,CAAA;QACjB,OAAO,EAAE,OAAO,CAAA;KACnB,CACN;YA6Ha,mBAAmB;IAqC3B,kBAAkB,IAAI,OAAO,CAAC,OAAO,CAAC;IA+BtC,WAAW,IAAI,OAAO,CAAC,gBAAgB,CAAC;CAsJjD"}
+{"version":3,"file":"wallet-sync-service.d.ts","sourceRoot":"","sources":["../../src/ledger/wallet-sync-service.ts"],"names":[],"mappings":"AAGA,OAAO,EACH,YAAY,EAEf,MAAM,oCAAoC,CAAA;AAC3C,OAAO,EAAE,WAAW,EAAE,MAAM,kCAAkC,CAAA;AAC9D,OAAO,EAAE,KAAK,EAAU,MAAM,mCAAmC,CAAA;AACjE,OAAO,EACH,sBAAsB,EACtB,eAAe,EAClB,MAAM,kCAAkC,CAAA;AACzC,OAAO,EAAE,MAAM,EAAE,MAAM,MAAM,CAAA;AAC7B,OAAO,EAAE,sBAAsB,EAAE,MAAM,+BAA+B,CAAA;AACtE,OAAO,EAAE,iBAAiB,EAAE,MAAM,gCAAgC,CAAA;AAGlE,qBAAa,iBAAiB;IAEtB,OAAO,CAAC,KAAK;IACb,OAAO,CAAC,YAAY;IACpB,OAAO,CAAC,WAAW;IACnB,OAAO,CAAC,MAAM;IACd,OAAO,CAAC,cAAc;IAGtB,OAAO,CAAC,cAAc;gBAPd,KAAK,EAAE,KAAK,EACZ,YAAY,EAAE,YAAY,EAC1B,WAAW,EAAE,WAAW,EACxB,MAAM,EAAE,MAAM,EACd,cAAc,EAAE,OAAO,CAC3B,MAAM,CAAC,eAAe,EAAE,sBAAsB,CAAC,CAClD,YAAK,EACE,cAAc,EAAE,sBAAsB;IAG5C,GAAG,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;cAU3B,sBAAsB,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAC5D;QACI,iBAAiB,EAAE,eAAe,CAAC,WAAW,CAAA;QAC9C,OAAO,EAAE,OAAO,CAAA;KACnB,GACD;QACI,iBAAiB,EAAE,OAAO,CACtB,eAAe,EACf,eAAe,CAAC,WAAW,CAC9B,CAAA;QACD,SAAS,EAAE,MAAM,CAAA;QACjB,OAAO,EAAE,OAAO,CAAA;KACnB,CACN;YA4Ha,oBAAoB;IA8B5B,kBAAkB,IAAI,OAAO,CAAC,OAAO,CAAC;YAqC9B,yBAAyB;YAkEzB,0BAA0B;IA4ClC,WAAW,IAAI,OAAO,CAAC,iBAAiB,CAAC;CA0FlD"}