@canton-network/wallet-gateway-remote 0.6.1 → 0.8.0

package/README.md

@@ -26,7 +26,17 @@ By default, the service runs on port `3030`, but this can be overridden via the
 
 ## Configuration
 
-A configuration file is required to start up the Gateway. See [config.json](https://github.com/hyperledger-labs/splice-wallet-kernel/blob/main/wallet-gateway/test/config.json) for an example.
+A configuration file is required to start up the Gateway. Create an example config to edit as a starting point:
+
+```bash
+wallet-gateway --config-example > config.json
+```
+
+To show the full [JSON Schema](https://json-schema.org/) representation of the configuration file:
+
+```bash
+wallet-gateway --config-schema
+```
 
 # Developing
 

package/dist/auth/jwt-auth-service.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"jwt-auth-service.d.ts","sourceRoot":"","sources":["../../src/auth/jwt-auth-service.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,WAAW,EAAE,MAAM,kCAAkC,CAAA;AAC9D,OAAO,EAAE,KAAK,EAAE,MAAM,mCAAmC,CAAA;AAEzD,OAAO,EAAE,MAAM,EAAE,MAAM,MAAM,CAAA;AAE7B;;;;;GAKG;AACH,eAAO,MAAM,cAAc,GAAI,OAAO,KAAK,EAAE,QAAQ,MAAM,KAAG,WA2D5D,CAAA"}
+{"version":3,"file":"jwt-auth-service.d.ts","sourceRoot":"","sources":["../../src/auth/jwt-auth-service.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,WAAW,EAAE,MAAM,kCAAkC,CAAA;AAC9D,OAAO,EAAE,KAAK,EAAE,MAAM,mCAAmC,CAAA;AAEzD,OAAO,EAAE,MAAM,EAAE,MAAM,MAAM,CAAA;AAE7B;;;;;GAKG;AACH,eAAO,MAAM,cAAc,GAAI,OAAO,KAAK,EAAE,QAAQ,MAAM,KAAG,WAiE5D,CAAA"}

package/dist/auth/jwt-auth-service.js

@@ -27,6 +27,11 @@ export const jwtAuthService = (store, logger) => ({
                 logger.warn(`No identity provider found for issuer: ${iss}`);
                 return undefined;
             }
+            const scope = decoded.scope;
+            if (!scope) {
+                logger.warn('JWT does not contain a scope');
+                return undefined;
+            }
             if (idp.type == 'self_signed') {
                 logger.debug(idp, 'Using self-signed IDP');
                 const sub = decoded.sub;

package/dist/auth/jwt-unsafe-auth-service.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"jwt-unsafe-auth-service.d.ts","sourceRoot":"","sources":["../../src/auth/jwt-unsafe-auth-service.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,WAAW,EAAE,MAAM,kCAAkC,CAAA;AAC9D,OAAO,EAAE,KAAK,EAAE,MAAM,mCAAmC,CAAA;AAEzD,OAAO,EAAE,MAAM,EAAE,MAAM,MAAM,CAAA;AAE7B;;;;;GAKG;AACH,eAAO,MAAM,cAAc,GAAI,OAAO,KAAK,EAAE,QAAQ,MAAM,KAAG,WA+C5D,CAAA"}
+{"version":3,"file":"jwt-unsafe-auth-service.d.ts","sourceRoot":"","sources":["../../src/auth/jwt-unsafe-auth-service.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,WAAW,EAAE,MAAM,kCAAkC,CAAA;AAC9D,OAAO,EAAE,KAAK,EAAE,MAAM,mCAAmC,CAAA;AAEzD,OAAO,EAAE,MAAM,EAAE,MAAM,MAAM,CAAA;AAE7B;;;;;GAKG;AACH,eAAO,MAAM,cAAc,GAAI,OAAO,KAAK,EAAE,QAAQ,MAAM,KAAG,WAqD5D,CAAA"}

package/dist/auth/jwt-unsafe-auth-service.js

@@ -26,6 +26,11 @@ export const jwtAuthService = (store, logger) => ({
                 logger.warn('JWT does not contain a subject');
                 return undefined;
             }
+            const scope = decoded.scope;
+            if (!scope) {
+                logger.warn('JWT does not contain a scope');
+                return undefined;
+            }
             const idps = await store.listIdps();
             const idp = idps.find((i) => i.issuer === iss);
             if (!idp) {

package/dist/config/Config.d.ts

@@ -40,7 +40,7 @@ export declare const configSchema: z.ZodObject<{
             id: z.ZodString;
             name: z.ZodString;
             description: z.ZodString;
-            synchronizerId: z.ZodString;
+            synchronizerId: z.ZodOptional<z.ZodString>;
             identityProviderId: z.ZodString;
             ledgerApi: z.ZodObject<{
                 baseUrl: z.ZodString;

package/dist/dapp-api/controller.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"controller.d.ts","sourceRoot":"","sources":["../../src/dapp-api/controller.ts"],"names":[],"mappings":"AAIA,OAAO,EAAmB,WAAW,EAAE,MAAM,kCAAkC,CAAA;AAO/E,OAAO,EAAE,KAAK,EAAE,MAAM,mCAAmC,CAAA;AAQzD,OAAO,EAAE,mBAAmB,EAAE,MAAM,wCAAwC,CAAA;AAC5E,OAAO,EAAE,UAAU,IAAI,gBAAgB,EAAE,MAAM,qBAAqB,CAAA;AACpE,OAAO,EAAE,MAAM,EAAE,MAAM,MAAM,CAAA;AAG7B,eAAO,MAAM,cAAc,GACvB,YAAY,gBAAgB,EAC5B,OAAO,KAAK,EACZ,qBAAqB,mBAAmB,EACxC,SAAS,MAAM,EACf,UAAU,WAAW;;;;;;;;;;;;;CA4MxB,CAAA"}
+{"version":3,"file":"controller.d.ts","sourceRoot":"","sources":["../../src/dapp-api/controller.ts"],"names":[],"mappings":"AAIA,OAAO,EAAmB,WAAW,EAAE,MAAM,kCAAkC,CAAA;AAQ/E,OAAO,EAAE,KAAK,EAAE,MAAM,mCAAmC,CAAA;AAQzD,OAAO,EAAE,mBAAmB,EAAE,MAAM,wCAAwC,CAAA;AAC5E,OAAO,EAAE,UAAU,IAAI,gBAAgB,EAAE,MAAM,qBAAqB,CAAA;AACpE,OAAO,EAAE,MAAM,EAAE,MAAM,MAAM,CAAA;AAG7B,eAAO,MAAM,cAAc,GACvB,YAAY,gBAAgB,EAC5B,OAAO,KAAK,EACZ,qBAAqB,mBAAmB,EACxC,SAAS,MAAM,EACf,UAAU,WAAW;;;;;;;;;;;;;CAkNxB,CAAA"}

package/dist/dapp-api/controller.js

@@ -46,6 +46,8 @@ export const dappController = (kernelInfo, store, notificationService, _logger,
                 notifier.emit('statusChanged', {
                     kernel: kernelInfo,
                     isConnected: false,
+                    isNetworkConnected: false,
+                    networkReason: 'Unauthenticated',
                     userUrl: 'http://localhost:3030/login/', // TODO: pull user URL from config
                 });
             }
@@ -84,9 +86,12 @@ export const dappController = (kernelInfo, store, notificationService, _logger,
             const ledgerClient = new LedgerClient(new URL(network.ledgerApi.baseUrl), logger, false, context.accessToken);
             const userId = context.userId;
             const notifier = notificationService.getNotifier(userId);
-            const commandId = v4();
+            params.commandId = params.commandId || v4();
+            const commandId = params.commandId;
             notifier.emit('txChanged', { status: 'pending', commandId });
-            const { preparedTransactionHash, preparedTransaction = '' } = await prepareSubmission(context.userId, wallet.partyId, network.synchronizerId, params.commands, ledgerClient, commandId);
+            const synchronizerId = network.synchronizerId ??
+                (await ledgerClient.getSynchronizerId());
+            const { preparedTransactionHash, preparedTransaction = '' } = await prepareSubmission(context.userId, wallet.partyId, synchronizerId, params, ledgerClient);
             store.setTransaction({
                 commandId,
                 status: 'pending',
@@ -96,7 +101,7 @@ export const dappController = (kernelInfo, store, notificationService, _logger,
             });
             return {
                 // TODO: pull user base URL / port from config
-                userUrl: `http://localhost:3030/approve/index.html?commandId=${commandId}&partyId=${wallet.partyId}&txHash=${encodeURIComponent(preparedTransactionHash)}&tx=${encodeURIComponent(preparedTransaction)}`,
+                userUrl: `http://localhost:3030/approve/index.html?commandId=${commandId}`,
             };
         },
         prepareReturn: async (params) => {
@@ -109,7 +114,7 @@ export const dappController = (kernelInfo, store, notificationService, _logger,
                 throw new Error('No primary wallet found');
             }
             const ledgerClient = new LedgerClient(new URL(network.ledgerApi.baseUrl), logger, false, context.accessToken);
-            return prepareSubmission(context.userId, wallet.partyId, network.synchronizerId, params.commands, ledgerClient);
+            return prepareSubmission(context.userId, wallet.partyId, network.synchronizerId, params, ledgerClient);
         },
         status: async () => {
             if (!context) {
@@ -149,18 +154,27 @@ export const dappController = (kernelInfo, store, notificationService, _logger,
         },
     });
 };
-async function prepareSubmission(userId, partyId, synchronizerId, commands, ledgerClient, commandId) {
+async function prepareSubmission(userId, partyId, synchronizerId, params, ledgerClient) {
+    // Map disclosed contracts to ledger api format (which wrongly defines optional fields as mandatory)
+    const disclosedContracts = params.disclosedContracts?.map((d) => {
+        return {
+            templateId: d.templateId || '',
+            contractId: d.contractId || '',
+            createdEventBlob: d.createdEventBlob,
+            synchronizerId: d.synchronizerId || '',
+        };
+    }) || [];
     const prepareParams = {
         // eslint-disable-next-line @typescript-eslint/no-explicit-any -- because OpenRPC codegen type is incompatible with ledger codegen type
-        commands: commands,
-        commandId: commandId || v4(),
+        commands: params.commands,
+        commandId: params.commandId || v4(),
         userId,
-        actAs: [partyId],
-        readAs: [],
-        disclosedContracts: [],
+        actAs: params.actAs || [partyId],
+        readAs: params.readAs || [],
+        disclosedContracts,
         synchronizerId,
         verboseHashing: false,
-        packageIdSelectionPreference: [],
+        packageIdSelectionPreference: params.packageIdSelectionPreference || [],
     };
     return await ledgerClient.postWithRetry('/v2/interactive-submission/prepare', prepareParams);
 }

package/dist/dapp-api/rpc-gen/typings.d.ts

@@ -1,3 +1,9 @@
+/**
+ *
+ * The unique identifier of the command associated with the transaction.
+ *
+ */
+export type CommandId = string;
 /**
  *
  * Structure representing JS commands for transaction execution
@@ -6,6 +12,73 @@
 export interface JsCommands {
     [key: string]: any;
 }
+/**
+ *
+ * The party that signed the transaction.
+ *
+ */
+export type Party = string;
+/**
+ *
+ * Set of parties on whose behalf the command should be executed, if submitted. If not set, the primary wallet's party is used.
+ *
+ */
+export type ActAs = Party[];
+/**
+ *
+ * Set of parties that should be granted read access to the command, if submitted. If not set, no additional read parties are granted.
+ *
+ */
+export type ReadAs = Party[];
+/**
+ *
+ * The template identifier of the disclosed contract.
+ *
+ */
+export type TemplateId = string;
+/**
+ *
+ * The unique identifier of the disclosed contract.
+ *
+ */
+export type ContractId = string;
+/**
+ *
+ * The blob data of the created event for the disclosed contract.
+ *
+ */
+export type CreatedEventBlob = string;
+/**
+ *
+ * If not set, a suitable synchronizer that this node is connected to will be chosen.
+ *
+ */
+export type SynchronizerId = string;
+/**
+ *
+ * Structure representing a disclosed contract for transaction execution
+ *
+ */
+export interface DisclosedContract {
+    templateId?: TemplateId;
+    contractId?: ContractId;
+    createdEventBlob: CreatedEventBlob;
+    synchronizerId?: SynchronizerId;
+    [k: string]: any;
+}
+/**
+ *
+ * List of contract IDs to be disclosed with the command.
+ *
+ */
+export type DisclosedContracts = DisclosedContract[];
+export type PackageId = string;
+/**
+ *
+ * The package-id selection preference of the client for resolving package names and interface instances in command submission and interpretation
+ *
+ */
+export type PackageIdSelectionPreference = PackageId[];
 export type RequestMethod = 'GET' | 'POST' | 'PUT' | 'DELETE';
 export type Resource = string;
 export type Body = string;
@@ -119,6 +192,12 @@ export type Primary = boolean;
  *
  */
 export type PartyId = string;
+/**
+ *
+ * The status of the wallet.
+ *
+ */
+export type WalletStatus = 'initialized' | 'allocated';
 /**
  *
  * The party hint and name of the wallet.
@@ -163,6 +242,7 @@ export type TopologyTransactions = string;
 export interface Wallet {
     primary: Primary;
     partyId: PartyId;
+    status: WalletStatus;
     hint: Hint;
     publicKey: PublicKey;
     namespace: Namespace;
@@ -178,12 +258,6 @@ export interface Wallet {
  *
  */
 export type StatusPending = 'pending';
-/**
- *
- * The unique identifier of the command associated with the transaction.
- *
- */
-export type CommandId = string;
 /**
  *
  * Event emitted when a transaction is pending.
@@ -211,12 +285,6 @@ export type Signature = string;
  *
  */
 export type SignedBy = string;
-/**
- *
- * The party that signed the transaction.
- *
- */
-export type Party = string;
 /**
  *
  * Payload for the TxChangedSignedEvent.
@@ -284,12 +352,34 @@ export interface TxChangedFailedEvent {
     status: StatusFailed;
     commandId: CommandId;
 }
+/**
+ *
+ * Structure representing the request for prepare and execute calls
+ *
+ */
 export interface PrepareReturnParams {
+    commandId?: CommandId;
     commands: JsCommands;
+    actAs?: ActAs;
+    readAs?: ReadAs;
+    disclosedContracts?: DisclosedContracts;
+    synchronizerId?: SynchronizerId;
+    packageIdSelectionPreference?: PackageIdSelectionPreference;
     [k: string]: any;
 }
+/**
+ *
+ * Structure representing the request for prepare and execute calls
+ *
+ */
 export interface PrepareExecuteParams {
+    commandId?: CommandId;
     commands: JsCommands;
+    actAs?: ActAs;
+    readAs?: ReadAs;
+    disclosedContracts?: DisclosedContracts;
+    synchronizerId?: SynchronizerId;
+    packageIdSelectionPreference?: PackageIdSelectionPreference;
     [k: string]: any;
 }
 export interface LedgerApiParams {

package/dist/dapp-api/rpc-gen/typings.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"typings.d.ts","sourceRoot":"","sources":["../../../src/dapp-api/rpc-gen/typings.ts"],"names":[],"mappings":"AAKA;;;;GAIG;AACH,MAAM,WAAW,UAAU;IACvB,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG,CAAA;CACrB;AACD,MAAM,MAAM,aAAa,GAAG,KAAK,GAAG,MAAM,GAAG,KAAK,GAAG,QAAQ,CAAA;AAC7D,MAAM,MAAM,QAAQ,GAAG,MAAM,CAAA;AAC7B,MAAM,MAAM,IAAI,GAAG,MAAM,CAAA;AACzB;;;;GAIG;AACH,MAAM,MAAM,EAAE,GAAG,MAAM,CAAA;AACvB;;;;GAIG;AACH,MAAM,MAAM,UAAU,GAAG,SAAS,GAAG,SAAS,GAAG,QAAQ,GAAG,QAAQ,CAAA;AACpE;;;;GAIG;AACH,MAAM,MAAM,GAAG,GAAG,MAAM,CAAA;AACxB;;;;GAIG;AACH,MAAM,WAAW,UAAU;IACvB,EAAE,EAAE,EAAE,CAAA;IACN,UAAU,EAAE,UAAU,CAAA;IACtB,GAAG,CAAC,EAAE,GAAG,CAAA;IACT,CAAC,CAAC,EAAE,MAAM,GAAG,GAAG,CAAA;CACnB;AACD;;;;GAIG;AACH,MAAM,MAAM,WAAW,GAAG,OAAO,CAAA;AACjC;;;;GAIG;AACH,MAAM,MAAM,kBAAkB,GAAG,OAAO,CAAA;AACxC;;;;GAIG;AACH,MAAM,MAAM,aAAa,GAAG,MAAM,CAAA;AAClC;;;;GAIG;AACH,MAAM,MAAM,SAAS,GAAG,MAAM,CAAA;AAC9B,MAAM,WAAW,WAAW;IACxB,MAAM,EAAE,UAAU,CAAA;IAClB,WAAW,EAAE,WAAW,CAAA;IACxB,kBAAkB,EAAE,kBAAkB,CAAA;IACtC,aAAa,CAAC,EAAE,aAAa,CAAA;IAC7B,SAAS,CAAC,EAAE,SAAS,CAAA;IACrB,CAAC,CAAC,EAAE,MAAM,GAAG,GAAG,CAAA;CACnB;AACD;;;;GAIG;AACH,MAAM,MAAM,YAAY,GAAG,MAAM,CAAA;AACjC,MAAM,MAAM,GAAG,GAAG,MAAM,CAAA;AACxB,MAAM,MAAM,IAAI,GAAG,GAAG,EAAE,CAAA;AACxB;;;;GAIG;AACH,MAAM,MAAM,mBAAmB,GAAG,MAAM,CAAA;AACxC;;;;GAIG;AACH,MAAM,MAAM,uBAAuB,GAAG,MAAM,CAAA;AAC5C;;;;GAIG;AACH,MAAM,WAAW,2BAA2B;IACxC,mBAAmB,CAAC,EAAE,mBAAmB,CAAA;IACzC,uBAAuB,CAAC,EAAE,uBAAuB,CAAA;IACjD,CAAC,CAAC,EAAE,MAAM,GAAG,GAAG,CAAA;CACnB;AACD;;;;GAIG;AACH,MAAM,MAAM,OAAO,GAAG,MAAM,CAAA;AAC5B,MAAM,MAAM,QAAQ,GAAG,MAAM,CAAA;AAC7B;;;;GAIG;AACH,MAAM,MAAM,OAAO,GAAG,OAAO,CAAA;AAC7B;;;;GAIG;AACH,MAAM,MAAM,OAAO,GAAG,MAAM,CAAA;AAC5B;;;;GAIG;AACH,MAAM,MAAM,IAAI,GAAG,MAAM,CAAA;AACzB;;;;GAIG;AACH,MAAM,MAAM,SAAS,GAAG,MAAM,CAAA;AAC9B;;;;GAIG;AACH,MAAM,MAAM,SAAS,GAAG,MAAM,CAAA;AAC9B;;;;GAIG;AACH,MAAM,MAAM,iBAAiB,GAAG,MAAM,CAAA;AACtC;;;;GAIG;AACH,MAAM,MAAM,YAAY,GAAG,MAAM,CAAA;AACjC;;;;GAIG;AACH,MAAM,MAAM,oBAAoB,GAAG,MAAM,CAAA;AACzC;;;;GAIG;AACH,MAAM,WAAW,MAAM;IACnB,OAAO,EAAE,OAAO,CAAA;IAChB,OAAO,EAAE,OAAO,CAAA;IAChB,IAAI,EAAE,IAAI,CAAA;IACV,SAAS,EAAE,SAAS,CAAA;IACpB,SAAS,EAAE,SAAS,CAAA;IACpB,SAAS,EAAE,SAAS,CAAA;IACpB,iBAAiB,EAAE,iBAAiB,CAAA;IACpC,YAAY,CAAC,EAAE,YAAY,CAAA;IAC3B,oBAAoB,CAAC,EAAE,oBAAoB,CAAA;IAC3C,CAAC,CAAC,EAAE,MAAM,GAAG,GAAG,CAAA;CACnB;AACD;;;;GAIG;AACH,MAAM,MAAM,aAAa,GAAG,SAAS,CAAA;AACrC;;;;GAIG;AACH,MAAM,MAAM,SAAS,GAAG,MAAM,CAAA;AAC9B;;;;GAIG;AACH,MAAM,WAAW,qBAAqB;IAClC,MAAM,EAAE,aAAa,CAAA;IACrB,SAAS,EAAE,SAAS,CAAA;CACvB;AACD;;;;GAIG;AACH,MAAM,MAAM,YAAY,GAAG,QAAQ,CAAA;AACnC;;;;GAIG;AACH,MAAM,MAAM,SAAS,GAAG,MAAM,CAAA;AAC9B;;;;GAIG;AACH,MAAM,MAAM,QAAQ,GAAG,MAAM,CAAA;AAC7B;;;;GAIG;AACH,MAAM,MAAM,KAAK,GAAG,MAAM,CAAA;AAC1B;;;;GAIG;AACH,MAAM,WAAW,sBAAsB;IACnC,SAAS,EAAE,SAAS,CAAA;IACpB,QAAQ,EAAE,QAAQ,CAAA;IAClB,KAAK,EAAE,KAAK,CAAA;CACf;AACD;;;;GAIG;AACH,MAAM,WAAW,oBAAoB;IACjC,MAAM,EAAE,YAAY,CAAA;IACpB,SAAS,EAAE,SAAS,CAAA;IACpB,OAAO,EAAE,sBAAsB,CAAA;CAClC;AACD;;;;GAIG;AACH,MAAM,MAAM,cAAc,GAAG,UAAU,CAAA;AACvC;;;;GAIG;AACH,MAAM,MAAM,QAAQ,GAAG,MAAM,CAAA;AAC7B,MAAM,MAAM,gBAAgB,GAAG,MAAM,CAAA;AACrC;;;;GAIG;AACH,MAAM,WAAW,wBAAwB;IACrC,QAAQ,EAAE,QAAQ,CAAA;IAClB,gBAAgB,EAAE,gBAAgB,CAAA;CACrC;AACD;;;;GAIG;AACH,MAAM,WAAW,sBAAsB;IACnC,MAAM,EAAE,cAAc,CAAA;IACtB,SAAS,EAAE,SAAS,CAAA;IACpB,OAAO,EAAE,wBAAwB,CAAA;CACpC;AACD;;;;GAIG;AACH,MAAM,MAAM,YAAY,GAAG,QAAQ,CAAA;AACnC;;;;GAIG;AACH,MAAM,WAAW,oBAAoB;IACjC,MAAM,EAAE,YAAY,CAAA;IACpB,SAAS,EAAE,SAAS,CAAA;CACvB;AACD,MAAM,WAAW,mBAAmB;IAChC,QAAQ,EAAE,UAAU,CAAA;IACpB,CAAC,CAAC,EAAE,MAAM,GAAG,GAAG,CAAA;CACnB;AACD,MAAM,WAAW,oBAAoB;IACjC,QAAQ,EAAE,UAAU,CAAA;IACpB,CAAC,CAAC,EAAE,MAAM,GAAG,GAAG,CAAA;CACnB;AACD,MAAM,WAAW,eAAe;IAC5B,aAAa,EAAE,aAAa,CAAA;IAC5B,QAAQ,EAAE,QAAQ,CAAA;IAClB,IAAI,CAAC,EAAE,IAAI,CAAA;IACX,CAAC,CAAC,EAAE,MAAM,GAAG,GAAG,CAAA;CACnB;AACD,MAAM,WAAW,aAAa;IAC1B,MAAM,EAAE,WAAW,CAAA;IACnB,YAAY,EAAE,YAAY,CAAA;IAC1B,CAAC,CAAC,EAAE,MAAM,GAAG,GAAG,CAAA;CACnB;AACD;;;;GAIG;AACH,MAAM,MAAM,IAAI,GAAG,IAAI,CAAA;AACvB,MAAM,WAAW,mBAAmB;IAChC,IAAI,EAAE,IAAI,CAAA;IACV,CAAC,CAAC,EAAE,MAAM,GAAG,GAAG,CAAA;CACnB;AACD,MAAM,MAAM,mBAAmB,GAAG,GAAG,CAAA;AACrC,MAAM,WAAW,oBAAoB;IACjC,OAAO,EAAE,OAAO,CAAA;IAChB,CAAC,CAAC,EAAE,MAAM,GAAG,GAAG,CAAA;CACnB;AACD;;;;GAIG;AACH,MAAM,WAAW,eAAe;IAC5B,QAAQ,EAAE,QAAQ,CAAA;IAClB,CAAC,CAAC,EAAE,MAAM,GAAG,GAAG,CAAA;CACnB;AACD,MAAM,WAAW,gBAAgB;IAC7B,MAAM,EAAE,WAAW,CAAA;IACnB,YAAY,CAAC,EAAE,YAAY,CAAA;IAC3B,CAAC,CAAC,EAAE,MAAM,GAAG,GAAG,CAAA;CACnB;AACD;;;;GAIG;AACH,MAAM,MAAM,oBAAoB,GAAG,MAAM,EAAE,CAAA;AAC3C;;;;GAIG;AACH,MAAM,MAAM,qBAAqB,GAAG,MAAM,EAAE,CAAA;AAC5C;;;;GAIG;AACH,MAAM,MAAM,cAAc,GACpB,qBAAqB,GACrB,oBAAoB,GACpB,sBAAsB,GACtB,oBAAoB,CAAA;AAC1B;;;;GAIG;AAEH,MAAM,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,WAAW,CAAC,CAAA;AAC/C,MAAM,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,aAAa,CAAC,CAAA;AAClD,MAAM,MAAM,UAAU,GAAG,MAAM,OAAO,CAAC,IAAI,CAAC,CAAA;AAC5C,MAAM,MAAM,aAAa,GAAG,MAAM,OAAO,CAAC,mBAAmB,CAAC,CAAA;AAC9D,MAAM,MAAM,aAAa,GAAG,CACxB,MAAM,EAAE,mBAAmB,KAC1B,OAAO,CAAC,mBAAmB,CAAC,CAAA;AACjC,MAAM,MAAM,cAAc,GAAG,CACzB,MAAM,EAAE,oBAAoB,KAC3B,OAAO,CAAC,oBAAoB,CAAC,CAAA;AAClC,MAAM,MAAM,SAAS,GAAG,CAAC,MAAM,EAAE,eAAe,KAAK,OAAO,CAAC,eAAe,CAAC,CAAA;AAC7E,MAAM,MAAM,WAAW,GAAG,MAAM,OAAO,CAAC,gBAAgB,CAAC,CAAA;AACzD,MAAM,MAAM,eAAe,GAAG,MAAM,OAAO,CAAC,WAAW,CAAC,CAAA;AACxD,MAAM,MAAM,iBAAiB,GAAG,MAAM,OAAO,CAAC,oBAAoB,CAAC,CAAA;AACnE,MAAM,MAAM,eAAe,GAAG,MAAM,OAAO,CAAC,qBAAqB,CAAC,CAAA;AAClE,MAAM,MAAM,WAAW,GAAG,MAAM,OAAO,CAAC,cAAc,CAAC,CAAA"}
+{"version":3,"file":"typings.d.ts","sourceRoot":"","sources":["../../../src/dapp-api/rpc-gen/typings.ts"],"names":[],"mappings":"AAKA;;;;GAIG;AACH,MAAM,MAAM,SAAS,GAAG,MAAM,CAAA;AAC9B;;;;GAIG;AACH,MAAM,WAAW,UAAU;IACvB,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG,CAAA;CACrB;AACD;;;;GAIG;AACH,MAAM,MAAM,KAAK,GAAG,MAAM,CAAA;AAC1B;;;;GAIG;AACH,MAAM,MAAM,KAAK,GAAG,KAAK,EAAE,CAAA;AAC3B;;;;GAIG;AACH,MAAM,MAAM,MAAM,GAAG,KAAK,EAAE,CAAA;AAC5B;;;;GAIG;AACH,MAAM,MAAM,UAAU,GAAG,MAAM,CAAA;AAC/B;;;;GAIG;AACH,MAAM,MAAM,UAAU,GAAG,MAAM,CAAA;AAC/B;;;;GAIG;AACH,MAAM,MAAM,gBAAgB,GAAG,MAAM,CAAA;AACrC;;;;GAIG;AACH,MAAM,MAAM,cAAc,GAAG,MAAM,CAAA;AACnC;;;;GAIG;AACH,MAAM,WAAW,iBAAiB;IAC9B,UAAU,CAAC,EAAE,UAAU,CAAA;IACvB,UAAU,CAAC,EAAE,UAAU,CAAA;IACvB,gBAAgB,EAAE,gBAAgB,CAAA;IAClC,cAAc,CAAC,EAAE,cAAc,CAAA;IAC/B,CAAC,CAAC,EAAE,MAAM,GAAG,GAAG,CAAA;CACnB;AACD;;;;GAIG;AACH,MAAM,MAAM,kBAAkB,GAAG,iBAAiB,EAAE,CAAA;AACpD,MAAM,MAAM,SAAS,GAAG,MAAM,CAAA;AAC9B;;;;GAIG;AACH,MAAM,MAAM,4BAA4B,GAAG,SAAS,EAAE,CAAA;AACtD,MAAM,MAAM,aAAa,GAAG,KAAK,GAAG,MAAM,GAAG,KAAK,GAAG,QAAQ,CAAA;AAC7D,MAAM,MAAM,QAAQ,GAAG,MAAM,CAAA;AAC7B,MAAM,MAAM,IAAI,GAAG,MAAM,CAAA;AACzB;;;;GAIG;AACH,MAAM,MAAM,EAAE,GAAG,MAAM,CAAA;AACvB;;;;GAIG;AACH,MAAM,MAAM,UAAU,GAAG,SAAS,GAAG,SAAS,GAAG,QAAQ,GAAG,QAAQ,CAAA;AACpE;;;;GAIG;AACH,MAAM,MAAM,GAAG,GAAG,MAAM,CAAA;AACxB;;;;GAIG;AACH,MAAM,WAAW,UAAU;IACvB,EAAE,EAAE,EAAE,CAAA;IACN,UAAU,EAAE,UAAU,CAAA;IACtB,GAAG,CAAC,EAAE,GAAG,CAAA;IACT,CAAC,CAAC,EAAE,MAAM,GAAG,GAAG,CAAA;CACnB;AACD;;;;GAIG;AACH,MAAM,MAAM,WAAW,GAAG,OAAO,CAAA;AACjC;;;;GAIG;AACH,MAAM,MAAM,kBAAkB,GAAG,OAAO,CAAA;AACxC;;;;GAIG;AACH,MAAM,MAAM,aAAa,GAAG,MAAM,CAAA;AAClC;;;;GAIG;AACH,MAAM,MAAM,SAAS,GAAG,MAAM,CAAA;AAC9B,MAAM,WAAW,WAAW;IACxB,MAAM,EAAE,UAAU,CAAA;IAClB,WAAW,EAAE,WAAW,CAAA;IACxB,kBAAkB,EAAE,kBAAkB,CAAA;IACtC,aAAa,CAAC,EAAE,aAAa,CAAA;IAC7B,SAAS,CAAC,EAAE,SAAS,CAAA;IACrB,CAAC,CAAC,EAAE,MAAM,GAAG,GAAG,CAAA;CACnB;AACD;;;;GAIG;AACH,MAAM,MAAM,YAAY,GAAG,MAAM,CAAA;AACjC,MAAM,MAAM,GAAG,GAAG,MAAM,CAAA;AACxB,MAAM,MAAM,IAAI,GAAG,GAAG,EAAE,CAAA;AACxB;;;;GAIG;AACH,MAAM,MAAM,mBAAmB,GAAG,MAAM,CAAA;AACxC;;;;GAIG;AACH,MAAM,MAAM,uBAAuB,GAAG,MAAM,CAAA;AAC5C;;;;GAIG;AACH,MAAM,WAAW,2BAA2B;IACxC,mBAAmB,CAAC,EAAE,mBAAmB,CAAA;IACzC,uBAAuB,CAAC,EAAE,uBAAuB,CAAA;IACjD,CAAC,CAAC,EAAE,MAAM,GAAG,GAAG,CAAA;CACnB;AACD;;;;GAIG;AACH,MAAM,MAAM,OAAO,GAAG,MAAM,CAAA;AAC5B,MAAM,MAAM,QAAQ,GAAG,MAAM,CAAA;AAC7B;;;;GAIG;AACH,MAAM,MAAM,OAAO,GAAG,OAAO,CAAA;AAC7B;;;;GAIG;AACH,MAAM,MAAM,OAAO,GAAG,MAAM,CAAA;AAC5B;;;;GAIG;AACH,MAAM,MAAM,YAAY,GAAG,aAAa,GAAG,WAAW,CAAA;AACtD;;;;GAIG;AACH,MAAM,MAAM,IAAI,GAAG,MAAM,CAAA;AACzB;;;;GAIG;AACH,MAAM,MAAM,SAAS,GAAG,MAAM,CAAA;AAC9B;;;;GAIG;AACH,MAAM,MAAM,SAAS,GAAG,MAAM,CAAA;AAC9B;;;;GAIG;AACH,MAAM,MAAM,iBAAiB,GAAG,MAAM,CAAA;AACtC;;;;GAIG;AACH,MAAM,MAAM,YAAY,GAAG,MAAM,CAAA;AACjC;;;;GAIG;AACH,MAAM,MAAM,oBAAoB,GAAG,MAAM,CAAA;AACzC;;;;GAIG;AACH,MAAM,WAAW,MAAM;IACnB,OAAO,EAAE,OAAO,CAAA;IAChB,OAAO,EAAE,OAAO,CAAA;IAChB,MAAM,EAAE,YAAY,CAAA;IACpB,IAAI,EAAE,IAAI,CAAA;IACV,SAAS,EAAE,SAAS,CAAA;IACpB,SAAS,EAAE,SAAS,CAAA;IACpB,SAAS,EAAE,SAAS,CAAA;IACpB,iBAAiB,EAAE,iBAAiB,CAAA;IACpC,YAAY,CAAC,EAAE,YAAY,CAAA;IAC3B,oBAAoB,CAAC,EAAE,oBAAoB,CAAA;IAC3C,CAAC,CAAC,EAAE,MAAM,GAAG,GAAG,CAAA;CACnB;AACD;;;;GAIG;AACH,MAAM,MAAM,aAAa,GAAG,SAAS,CAAA;AACrC;;;;GAIG;AACH,MAAM,WAAW,qBAAqB;IAClC,MAAM,EAAE,aAAa,CAAA;IACrB,SAAS,EAAE,SAAS,CAAA;CACvB;AACD;;;;GAIG;AACH,MAAM,MAAM,YAAY,GAAG,QAAQ,CAAA;AACnC;;;;GAIG;AACH,MAAM,MAAM,SAAS,GAAG,MAAM,CAAA;AAC9B;;;;GAIG;AACH,MAAM,MAAM,QAAQ,GAAG,MAAM,CAAA;AAC7B;;;;GAIG;AACH,MAAM,WAAW,sBAAsB;IACnC,SAAS,EAAE,SAAS,CAAA;IACpB,QAAQ,EAAE,QAAQ,CAAA;IAClB,KAAK,EAAE,KAAK,CAAA;CACf;AACD;;;;GAIG;AACH,MAAM,WAAW,oBAAoB;IACjC,MAAM,EAAE,YAAY,CAAA;IACpB,SAAS,EAAE,SAAS,CAAA;IACpB,OAAO,EAAE,sBAAsB,CAAA;CAClC;AACD;;;;GAIG;AACH,MAAM,MAAM,cAAc,GAAG,UAAU,CAAA;AACvC;;;;GAIG;AACH,MAAM,MAAM,QAAQ,GAAG,MAAM,CAAA;AAC7B,MAAM,MAAM,gBAAgB,GAAG,MAAM,CAAA;AACrC;;;;GAIG;AACH,MAAM,WAAW,wBAAwB;IACrC,QAAQ,EAAE,QAAQ,CAAA;IAClB,gBAAgB,EAAE,gBAAgB,CAAA;CACrC;AACD;;;;GAIG;AACH,MAAM,WAAW,sBAAsB;IACnC,MAAM,EAAE,cAAc,CAAA;IACtB,SAAS,EAAE,SAAS,CAAA;IACpB,OAAO,EAAE,wBAAwB,CAAA;CACpC;AACD;;;;GAIG;AACH,MAAM,MAAM,YAAY,GAAG,QAAQ,CAAA;AACnC;;;;GAIG;AACH,MAAM,WAAW,oBAAoB;IACjC,MAAM,EAAE,YAAY,CAAA;IACpB,SAAS,EAAE,SAAS,CAAA;CACvB;AACD;;;;GAIG;AACH,MAAM,WAAW,mBAAmB;IAChC,SAAS,CAAC,EAAE,SAAS,CAAA;IACrB,QAAQ,EAAE,UAAU,CAAA;IACpB,KAAK,CAAC,EAAE,KAAK,CAAA;IACb,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,kBAAkB,CAAC,EAAE,kBAAkB,CAAA;IACvC,cAAc,CAAC,EAAE,cAAc,CAAA;IAC/B,4BAA4B,CAAC,EAAE,4BAA4B,CAAA;IAC3D,CAAC,CAAC,EAAE,MAAM,GAAG,GAAG,CAAA;CACnB;AACD;;;;GAIG;AACH,MAAM,WAAW,oBAAoB;IACjC,SAAS,CAAC,EAAE,SAAS,CAAA;IACrB,QAAQ,EAAE,UAAU,CAAA;IACpB,KAAK,CAAC,EAAE,KAAK,CAAA;IACb,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,kBAAkB,CAAC,EAAE,kBAAkB,CAAA;IACvC,cAAc,CAAC,EAAE,cAAc,CAAA;IAC/B,4BAA4B,CAAC,EAAE,4BAA4B,CAAA;IAC3D,CAAC,CAAC,EAAE,MAAM,GAAG,GAAG,CAAA;CACnB;AACD,MAAM,WAAW,eAAe;IAC5B,aAAa,EAAE,aAAa,CAAA;IAC5B,QAAQ,EAAE,QAAQ,CAAA;IAClB,IAAI,CAAC,EAAE,IAAI,CAAA;IACX,CAAC,CAAC,EAAE,MAAM,GAAG,GAAG,CAAA;CACnB;AACD,MAAM,WAAW,aAAa;IAC1B,MAAM,EAAE,WAAW,CAAA;IACnB,YAAY,EAAE,YAAY,CAAA;IAC1B,CAAC,CAAC,EAAE,MAAM,GAAG,GAAG,CAAA;CACnB;AACD;;;;GAIG;AACH,MAAM,MAAM,IAAI,GAAG,IAAI,CAAA;AACvB,MAAM,WAAW,mBAAmB;IAChC,IAAI,EAAE,IAAI,CAAA;IACV,CAAC,CAAC,EAAE,MAAM,GAAG,GAAG,CAAA;CACnB;AACD,MAAM,MAAM,mBAAmB,GAAG,GAAG,CAAA;AACrC,MAAM,WAAW,oBAAoB;IACjC,OAAO,EAAE,OAAO,CAAA;IAChB,CAAC,CAAC,EAAE,MAAM,GAAG,GAAG,CAAA;CACnB;AACD;;;;GAIG;AACH,MAAM,WAAW,eAAe;IAC5B,QAAQ,EAAE,QAAQ,CAAA;IAClB,CAAC,CAAC,EAAE,MAAM,GAAG,GAAG,CAAA;CACnB;AACD,MAAM,WAAW,gBAAgB;IAC7B,MAAM,EAAE,WAAW,CAAA;IACnB,YAAY,CAAC,EAAE,YAAY,CAAA;IAC3B,CAAC,CAAC,EAAE,MAAM,GAAG,GAAG,CAAA;CACnB;AACD;;;;GAIG;AACH,MAAM,MAAM,oBAAoB,GAAG,MAAM,EAAE,CAAA;AAC3C;;;;GAIG;AACH,MAAM,MAAM,qBAAqB,GAAG,MAAM,EAAE,CAAA;AAC5C;;;;GAIG;AACH,MAAM,MAAM,cAAc,GACpB,qBAAqB,GACrB,oBAAoB,GACpB,sBAAsB,GACtB,oBAAoB,CAAA;AAC1B;;;;GAIG;AAEH,MAAM,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,WAAW,CAAC,CAAA;AAC/C,MAAM,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,aAAa,CAAC,CAAA;AAClD,MAAM,MAAM,UAAU,GAAG,MAAM,OAAO,CAAC,IAAI,CAAC,CAAA;AAC5C,MAAM,MAAM,aAAa,GAAG,MAAM,OAAO,CAAC,mBAAmB,CAAC,CAAA;AAC9D,MAAM,MAAM,aAAa,GAAG,CACxB,MAAM,EAAE,mBAAmB,KAC1B,OAAO,CAAC,mBAAmB,CAAC,CAAA;AACjC,MAAM,MAAM,cAAc,GAAG,CACzB,MAAM,EAAE,oBAAoB,KAC3B,OAAO,CAAC,oBAAoB,CAAC,CAAA;AAClC,MAAM,MAAM,SAAS,GAAG,CAAC,MAAM,EAAE,eAAe,KAAK,OAAO,CAAC,eAAe,CAAC,CAAA;AAC7E,MAAM,MAAM,WAAW,GAAG,MAAM,OAAO,CAAC,gBAAgB,CAAC,CAAA;AACzD,MAAM,MAAM,eAAe,GAAG,MAAM,OAAO,CAAC,WAAW,CAAC,CAAA;AACxD,MAAM,MAAM,iBAAiB,GAAG,MAAM,OAAO,CAAC,oBAAoB,CAAC,CAAA;AACnE,MAAM,MAAM,eAAe,GAAG,MAAM,OAAO,CAAC,qBAAqB,CAAC,CAAA;AAClE,MAAM,MAAM,WAAW,GAAG,MAAM,OAAO,CAAC,cAAc,CAAC,CAAA"}

package/dist/example-config.d.ts

@@ -0,0 +1,82 @@
+declare const _default: {
+    kernel: {
+        id: string;
+        clientType: "remote";
+        url: string;
+        userUrl: string;
+    };
+    signingStore: {
+        connection: {
+            type: "sqlite";
+            database: string;
+        };
+    };
+    store: {
+        connection: {
+            type: "sqlite";
+            database: string;
+        };
+        idps: ({
+            id: string;
+            type: "self_signed";
+            issuer: string;
+            configUrl?: never;
+        } | {
+            id: string;
+            type: "oauth";
+            issuer: string;
+            configUrl: string;
+        })[];
+        networks: ({
+            id: string;
+            name: string;
+            description: string;
+            identityProviderId: string;
+            auth: {
+                method: "self_signed";
+                issuer: string;
+                audience: string;
+                scope: string;
+                clientId: string;
+                clientSecret: string;
+            };
+            adminAuth: {
+                method: "self_signed";
+                issuer: string;
+                scope: string;
+                audience: string;
+                clientId: string;
+                clientSecret: string;
+            };
+            ledgerApi: {
+                baseUrl: string;
+            };
+        } | {
+            id: string;
+            name: string;
+            description: string;
+            identityProviderId: string;
+            auth: {
+                method: "authorization_code";
+                clientId: string;
+                scope: string;
+                audience: string;
+                issuer?: never;
+                clientSecret?: never;
+            };
+            adminAuth: {
+                method: "client_credentials";
+                scope: string;
+                audience: string;
+                clientId: string;
+                clientSecret: string;
+                issuer?: never;
+            };
+            ledgerApi: {
+                baseUrl: string;
+            };
+        })[];
+    };
+};
+export default _default;
+//# sourceMappingURL=example-config.d.ts.map

package/dist/example-config.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"example-config.d.ts","sourceRoot":"","sources":["../src/example-config.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAKA,wBAoFkB"}

package/dist/example-config.js

@@ -0,0 +1,84 @@
+// Copyright (c) 2025 Digital Asset (Switzerland) GmbH and/or its affiliates. All rights reserved.
+// SPDX-License-Identifier: Apache-2.0
+export default {
+    kernel: {
+        id: 'remote-da',
+        clientType: 'remote',
+        url: 'http://localhost:3030/api/v0/dapp',
+        userUrl: 'http://localhost:3030',
+    },
+    signingStore: {
+        connection: {
+            type: 'sqlite',
+            database: 'signing_store.sqlite',
+        },
+    },
+    store: {
+        connection: {
+            type: 'sqlite',
+            database: 'store.sqlite',
+        },
+        idps: [
+            {
+                id: 'idp-example-self-signed',
+                type: 'self_signed',
+                issuer: 'unsafe-auth',
+            },
+            {
+                id: 'idp-example-oauth',
+                type: 'oauth',
+                issuer: 'https://oauth.example.com/',
+                configUrl: 'https://oauth.example.com/.well-known/openid-configuration',
+            },
+        ],
+        networks: [
+            {
+                id: 'canton:example-self-signed',
+                name: 'Canton Local (Self Signed)',
+                description: 'A network that connects to a Canton participant using self-signed tokens',
+                identityProviderId: 'idp-example-self-signed',
+                auth: {
+                    method: 'self_signed',
+                    issuer: 'self-signed',
+                    audience: '<REPLACE_PARTICIPANT_AUDIENCE>',
+                    scope: 'openid daml_ledger_api offline_access',
+                    clientId: '<REPLACE_CLIENT_ID>',
+                    clientSecret: 'unsafe',
+                },
+                adminAuth: {
+                    method: 'self_signed',
+                    issuer: 'self-signed',
+                    scope: 'daml_ledger_api',
+                    audience: '<REPLACE_PARTICIPANT_AUDIENCE>',
+                    clientId: '<REPLACE_ADMIN_CLIENT_ID>',
+                    clientSecret: 'unsafe',
+                },
+                ledgerApi: {
+                    baseUrl: 'http://127.0.0.1:2975',
+                },
+            },
+            {
+                id: 'canton:example-oauth',
+                name: 'Canton Local (OAuth IDP)',
+                description: 'A network that connects to a Canton participant using an OAuth IDP',
+                identityProviderId: 'idp-example-oauth',
+                auth: {
+                    method: 'authorization_code',
+                    clientId: '<REPLACE_USER_CLIENT_ID>',
+                    scope: 'openid daml_ledger_api offline_access',
+                    audience: '<REPLACE_PARTICIPANT_AUDIENCE>',
+                },
+                adminAuth: {
+                    method: 'client_credentials',
+                    scope: 'daml_ledger_api',
+                    audience: '<REPLACE_PARTICIPANT_AUDIENCE>',
+                    clientId: '<REPLACE_ADMIN_CLIENT_ID>',
+                    clientSecret: '<REPLACE_ADMIN_CLIENT_SECRET>',
+                },
+                ledgerApi: {
+                    baseUrl: 'http://127.0.0.1:2975',
+                },
+            },
+        ],
+    },
+};

package/dist/index.d.ts

@@ -1,9 +1,10 @@
 #!/usr/bin/env node
 declare const options: {
     config: string;
+    configSchema: boolean;
+    configExample: boolean;
     port: string | true;
     logFormat: "json" | "pretty";
-    storeType: "sqlite" | "postgres";
 };
 export type CliOptions = typeof options;
 export {};

package/dist/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AAuDA,QAAA,MAAM,OAAO;;;;;CAAiB,CAAA;AAE9B,MAAM,MAAM,UAAU,GAAG,OAAO,OAAO,CAAA"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AAiEA,QAAA,MAAM,OAAO;;;;;;CAAiB,CAAA;AAE9B,MAAM,MAAM,UAAU,GAAG,OAAO,OAAO,CAAA"}

package/dist/index.js

@@ -9,6 +9,9 @@ import { readFileSync } from 'fs';
 import { join, dirname } from 'path';
 import { fileURLToPath } from 'url';
 import pino from 'pino';
+import z from 'zod';
+import { configSchema } from './config/Config.js';
+import exampleConfig from './example-config.js';
 const __filename = fileURLToPath(import.meta.url);
 const __dirname = dirname(__filename);
 const pkg = JSON.parse(readFileSync(join(__dirname, '../package.json'), 'utf8'));
@@ -17,14 +20,21 @@ const program = new Command()
     .version(pkg.version)
     .description('Run a remotely hosted Wallet Gateway')
     .option('-c, --config <path>', 'set config path', './config.json')
+    .option('--config-schema', 'output the config schema and exit', false)
+    .option('--config-example', 'output an example config and exit', false)
     .option('-p, --port [port]', 'set port', '3030')
     .addOption(new Option('-f, --log-format <format>', 'set log format')
     .choices(['json', 'pretty'])
     .default('pretty'))
-    .addOption(new Option('-s, --store-type <type>', 'set store type')
-    .choices(['sqlite', 'postgres'])
-    .default('sqlite'))
     .action((opts) => {
+    if (opts.configSchema) {
+        console.log(JSON.stringify(z.toJSONSchema(configSchema), null, 2));
+        process.exit(0);
+    }
+    if (opts.configExample) {
+        console.log(JSON.stringify(exampleConfig, null, 2));
+        process.exit(0);
+    }
     // Define project-global logger
     const logger = pino({
         name: 'main',
@@ -43,9 +53,15 @@ const program = new Command()
 // Parse only the options (without executing commands) to get config path
 program.parseOptions(process.argv);
 const options = program.opts();
-const config = ConfigUtils.loadConfigFile(options.config);
-// Add the `db` command now, before final parse
-const cli = createCLI(config.store);
-program.addCommand(cli.name('db'));
+// Add a documented stub
+let db = new Command('db')
+    .description('Database management commands')
+    .allowUnknownOption(true);
+const hasDb = process.argv.slice(2).includes('db');
+if (hasDb) {
+    const config = ConfigUtils.loadConfigFile(options.config);
+    db = createCLI(config.store);
+}
+program.addCommand(db.name('db'));
 // Now parse normally for execution/help
 program.parseAsync(process.argv);

package/dist/ledger/party-allocation-service.d.ts

@@ -11,10 +11,16 @@ type SigningCbFn = (hash: string) => Promise<string>;
  * This service provides an abstraction for Canton party allocation that seamlessly handles both internal and external parties.
  */
 export declare class PartyAllocationService {
-    private synchronizerId;
     private logger;
     private ledgerClient;
-    constructor(synchronizerId: string, accessTokenProvider: AccessTokenProvider, httpLedgerUrl: string, logger: Logger, accessToken?: string);
+    private synchronizerId;
+    constructor({ synchronizerId, accessTokenProvider, httpLedgerUrl, logger, accessToken, }: {
+        synchronizerId?: string;
+        accessTokenProvider: AccessTokenProvider;
+        httpLedgerUrl: string;
+        logger: Logger;
+        accessToken?: string;
+    });
     /**
      * Allocates an internal participant party for a user.
      * @param userId The ID of the user.

package/dist/ledger/party-allocation-service.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"party-allocation-service.d.ts","sourceRoot":"","sources":["../../src/ledger/party-allocation-service.ts"],"names":[],"mappings":"AAGA,OAAO,EACH,2BAA2B,EAG9B,MAAM,oCAAoC,CAAA;AAC3C,OAAO,EAAE,mBAAmB,EAAE,MAAM,kCAAkC,CAAA;AACtE,OAAO,EAAE,MAAM,EAAE,MAAM,MAAM,CAAA;AAE7B,MAAM,MAAM,cAAc,GAAG;IACzB,OAAO,EAAE,MAAM,CAAA;IACf,IAAI,EAAE,MAAM,CAAA;IACZ,SAAS,EAAE,MAAM,CAAA;CACpB,CAAA;AAED,KAAK,WAAW,GAAG,CAAC,IAAI,EAAE,MAAM,KAAK,OAAO,CAAC,MAAM,CAAC,CAAA;AAEpD;;GAEG;AACH,qBAAa,sBAAsB;IAI3B,OAAO,CAAC,cAAc;IAGtB,OAAO,CAAC,MAAM;IANlB,OAAO,CAAC,YAAY,CAAc;gBAGtB,cAAc,EAAE,MAAM,EAC9B,mBAAmB,EAAE,mBAAmB,EACxC,aAAa,EAAE,MAAM,EACb,MAAM,EAAE,MAAM,EACtB,WAAW,GAAE,MAAW;IAW5B;;;;OAIG;IACG,aAAa,CAAC,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,cAAc,CAAC;IAE1E;;;;;;OAMG;IACG,aAAa,CACf,MAAM,EAAE,MAAM,EACd,IAAI,EAAE,MAAM,EACZ,SAAS,EAAE,MAAM,EACjB,eAAe,EAAE,WAAW,GAC7B,OAAO,CAAC,cAAc,CAAC;IAoB1B;;;OAGG;IACH,wBAAwB,CAAC,SAAS,EAAE,MAAM,GAAG,MAAM;IAMnD;;;;OAIG;IACG,4BAA4B,CAC9B,IAAI,EAAE,MAAM,EACZ,SAAS,EAAE,MAAM,GAClB,OAAO,CAAC,2BAA2B,CAAC;IAavC;;;;;;OAMG;IACG,+BAA+B,CACjC,SAAS,EAAE,MAAM,EACjB,YAAY,EAAE,MAAM,EAAE,EACtB,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,GACf,OAAO,CAAC,MAAM,CAAC;YA8BJ,qBAAqB;YAuBrB,qBAAqB;CAoCtC"}
+{"version":3,"file":"party-allocation-service.d.ts","sourceRoot":"","sources":["../../src/ledger/party-allocation-service.ts"],"names":[],"mappings":"AAGA,OAAO,EACH,2BAA2B,EAG9B,MAAM,oCAAoC,CAAA;AAC3C,OAAO,EAAE,mBAAmB,EAAE,MAAM,kCAAkC,CAAA;AACtE,OAAO,EAAE,MAAM,EAAE,MAAM,MAAM,CAAA;AAE7B,MAAM,MAAM,cAAc,GAAG;IACzB,OAAO,EAAE,MAAM,CAAA;IACf,IAAI,EAAE,MAAM,CAAA;IACZ,SAAS,EAAE,MAAM,CAAA;CACpB,CAAA;AAED,KAAK,WAAW,GAAG,CAAC,IAAI,EAAE,MAAM,KAAK,OAAO,CAAC,MAAM,CAAC,CAAA;AAEpD;;GAEG;AACH,qBAAa,sBAAsB;IAC/B,OAAO,CAAC,MAAM,CAAQ;IACtB,OAAO,CAAC,YAAY,CAAc;IAClC,OAAO,CAAC,cAAc,CAAoB;gBAE9B,EACR,cAAc,EACd,mBAAmB,EACnB,aAAa,EACb,MAAM,EACN,WAAW,GACd,EAAE;QACC,cAAc,CAAC,EAAE,MAAM,CAAA;QACvB,mBAAmB,EAAE,mBAAmB,CAAA;QACxC,aAAa,EAAE,MAAM,CAAA;QACrB,MAAM,EAAE,MAAM,CAAA;QACd,WAAW,CAAC,EAAE,MAAM,CAAA;KACvB;IAYD;;;;OAIG;IACG,aAAa,CAAC,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,cAAc,CAAC;IAE1E;;;;;;OAMG;IACG,aAAa,CACf,MAAM,EAAE,MAAM,EACd,IAAI,EAAE,MAAM,EACZ,SAAS,EAAE,MAAM,EACjB,eAAe,EAAE,WAAW,GAC7B,OAAO,CAAC,cAAc,CAAC;IAoB1B;;;OAGG;IACH,wBAAwB,CAAC,SAAS,EAAE,MAAM,GAAG,MAAM;IAMnD;;;;OAIG;IACG,4BAA4B,CAC9B,IAAI,EAAE,MAAM,EACZ,SAAS,EAAE,MAAM,GAClB,OAAO,CAAC,2BAA2B,CAAC;IAevC;;;;;;OAMG;IACG,+BAA+B,CACjC,SAAS,EAAE,MAAM,EACjB,YAAY,EAAE,MAAM,EAAE,EACtB,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,GACf,OAAO,CAAC,MAAM,CAAC;YAgCJ,qBAAqB;YAuBrB,qBAAqB;CAsCtC"}

package/dist/ledger/party-allocation-service.js

@@ -5,10 +5,10 @@ import { LedgerClient, TopologyWriteService, } from '@canton-network/core-ledger
  * This service provides an abstraction for Canton party allocation that seamlessly handles both internal and external parties.
  */
 export class PartyAllocationService {
-    constructor(synchronizerId, accessTokenProvider, httpLedgerUrl, logger, accessToken = '') {
-        this.synchronizerId = synchronizerId;
+    constructor({ synchronizerId, accessTokenProvider, httpLedgerUrl, logger, accessToken, }) {
         this.logger = logger;
-        this.ledgerClient = new LedgerClient(new URL(httpLedgerUrl), this.logger, true, accessToken, accessTokenProvider);
+        this.synchronizerId = synchronizerId;
+        this.ledgerClient = new LedgerClient(new URL(httpLedgerUrl), this.logger, true, accessToken ?? '', accessTokenProvider);
     }
     async allocateParty(userId, hint, publicKey, signingCallback) {
         if (publicKey !== undefined && signingCallback !== undefined) {
@@ -22,10 +22,12 @@ export class PartyAllocationService {
         return TopologyWriteService.createFingerprintFromKey(publicKey);
     }
     async generateTopologyTransactions(hint, publicKey) {
-        return this.ledgerClient.generateTopology(this.synchronizerId, publicKey, hint);
+        const synchronizerId = this.synchronizerId ?? (await this.ledgerClient.getSynchronizerId());
+        return this.ledgerClient.generateTopology(synchronizerId, publicKey, hint);
     }
     async allocatePartyWithExistingWallet(namespace, transactions, signature, userId) {
-        const res = await this.ledgerClient.allocateExternalParty(this.synchronizerId, transactions.map((transaction) => ({
+        const synchronizerId = this.synchronizerId ?? (await this.ledgerClient.getSynchronizerId());
+        const res = await this.ledgerClient.allocateExternalParty(synchronizerId, transactions.map((transaction) => ({
             transaction,
         })), [
             {
@@ -51,10 +53,11 @@ export class PartyAllocationService {
         return { hint, namespace, partyId: res.partyDetails.party };
     }
     async allocateExternalParty(userId, hint, publicKey, signingCallback) {
+        const synchronizerId = this.synchronizerId ?? (await this.ledgerClient.getSynchronizerId());
         const namespace = this.createFingerprintFromKey(publicKey);
         const transactions = await this.generateTopologyTransactions(hint, publicKey);
         const signature = await signingCallback(transactions.multiHash);
-        const res = await this.ledgerClient.allocateExternalParty(this.synchronizerId, transactions.topologyTransactions.map((transaction) => ({
+        const res = await this.ledgerClient.allocateExternalParty(synchronizerId, transactions.topologyTransactions.map((transaction) => ({
             transaction,
         })), [
             {