@cardanowall/poe-standard 0.9.0 → 0.11.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -59,6 +59,34 @@ type ValidationResult = {
59
59
  readonly issues: ReadonlyArray<ValidationIssue>;
60
60
  };
61
61
  declare function validatePoeRecord(bytes: Uint8Array, options?: ValidatorOptions): ValidationResult;
62
+ /**
63
+ * The single grammar for a record fetch-set URI. Returns `null` when `uri` is a
64
+ * well-formed member of the v1 fetch set (`ar://` / `ipfs://`), or the exact
65
+ * rejection reason otherwise. The canonical record validator (`checkOneUri`)
66
+ * AND every producer-side pre-check (`isFetchSetUri`) delegate here, so a
67
+ * producer can never emit a URI a downstream verifier would reject — the early
68
+ * check and the canonical check are literally the same function.
69
+ */
70
+ declare function fetchSetUriRejection(uri: string): string | null;
71
+ /**
72
+ * Whether `uri` is a well-formed member of a record's fetch set under the
73
+ * strict Label 309 grammar (see {@link fetchSetUriRejection}). Producer helpers
74
+ * call this to reject a malformed content or mirror URI early, using the exact
75
+ * grammar the canonical record validator enforces.
76
+ */
77
+ declare function isFetchSetUri(uri: string): boolean;
78
+ /**
79
+ * Whether `uri` is an absolute Arweave transaction URI: `ar://` followed by a
80
+ * valid 43-character base64url txid, with no fragment, path, or query.
81
+ *
82
+ * This is the exact form a sealed-ciphertext upload receipt carries — the
83
+ * gateway is the only Arweave writer and every sealed ciphertext is stored on
84
+ * Arweave — so the sealed submit path constrains resume-receipt URIs to it. A
85
+ * URI accepted here is always a valid fetch-set member (so the assembled record
86
+ * still passes canonical validation), and its encoded width is fixed at `5 + 43`
87
+ * bytes, which is what keeps the pre-upload exact-size quote exact.
88
+ */
89
+ declare function isArweaveTxUri(uri: string): boolean;
62
90
  declare function validateCidProfile(cid: string): boolean;
63
91
 
64
- export { type Argon2ParamsCeiling, DEFAULT_PASSPHRASE_PARAMS_CEILING, type ValidationIssue, type ValidationResult, type ValidatorOptions, type ValidatorRole, validateCidProfile, validatePoeRecord };
92
+ export { type Argon2ParamsCeiling, DEFAULT_PASSPHRASE_PARAMS_CEILING, type ValidationIssue, type ValidationResult, type ValidatorOptions, type ValidatorRole, fetchSetUriRejection, isArweaveTxUri, isFetchSetUri, validateCidProfile, validatePoeRecord };
@@ -59,6 +59,34 @@ type ValidationResult = {
59
59
  readonly issues: ReadonlyArray<ValidationIssue>;
60
60
  };
61
61
  declare function validatePoeRecord(bytes: Uint8Array, options?: ValidatorOptions): ValidationResult;
62
+ /**
63
+ * The single grammar for a record fetch-set URI. Returns `null` when `uri` is a
64
+ * well-formed member of the v1 fetch set (`ar://` / `ipfs://`), or the exact
65
+ * rejection reason otherwise. The canonical record validator (`checkOneUri`)
66
+ * AND every producer-side pre-check (`isFetchSetUri`) delegate here, so a
67
+ * producer can never emit a URI a downstream verifier would reject — the early
68
+ * check and the canonical check are literally the same function.
69
+ */
70
+ declare function fetchSetUriRejection(uri: string): string | null;
71
+ /**
72
+ * Whether `uri` is a well-formed member of a record's fetch set under the
73
+ * strict Label 309 grammar (see {@link fetchSetUriRejection}). Producer helpers
74
+ * call this to reject a malformed content or mirror URI early, using the exact
75
+ * grammar the canonical record validator enforces.
76
+ */
77
+ declare function isFetchSetUri(uri: string): boolean;
78
+ /**
79
+ * Whether `uri` is an absolute Arweave transaction URI: `ar://` followed by a
80
+ * valid 43-character base64url txid, with no fragment, path, or query.
81
+ *
82
+ * This is the exact form a sealed-ciphertext upload receipt carries — the
83
+ * gateway is the only Arweave writer and every sealed ciphertext is stored on
84
+ * Arweave — so the sealed submit path constrains resume-receipt URIs to it. A
85
+ * URI accepted here is always a valid fetch-set member (so the assembled record
86
+ * still passes canonical validation), and its encoded width is fixed at `5 + 43`
87
+ * bytes, which is what keeps the pre-upload exact-size quote exact.
88
+ */
89
+ declare function isArweaveTxUri(uri: string): boolean;
62
90
  declare function validateCidProfile(cid: string): boolean;
63
91
 
64
- export { type Argon2ParamsCeiling, DEFAULT_PASSPHRASE_PARAMS_CEILING, type ValidationIssue, type ValidationResult, type ValidatorOptions, type ValidatorRole, validateCidProfile, validatePoeRecord };
92
+ export { type Argon2ParamsCeiling, DEFAULT_PASSPHRASE_PARAMS_CEILING, type ValidationIssue, type ValidationResult, type ValidatorOptions, type ValidatorRole, fetchSetUriRejection, isArweaveTxUri, isFetchSetUri, validateCidProfile, validatePoeRecord };
package/dist/validator.js CHANGED
@@ -2906,46 +2906,37 @@ function checkUris(uris, basePath, issues) {
2906
2906
  uris.forEach((uri, ui) => checkOneUri(uri, [...basePath, ui], issues));
2907
2907
  }
2908
2908
  function checkOneUri(uri, path, issues) {
2909
+ const rejection = fetchSetUriRejection(uri);
2910
+ if (rejection !== null) issues.push(issueOf("INVALID_URI", path, rejection));
2911
+ }
2912
+ function isArweaveTxid(body) {
2913
+ return /^[A-Za-z0-9_-]{43}$/.test(body);
2914
+ }
2915
+ function fetchSetUriRejection(uri) {
2909
2916
  if (uri.includes("#")) {
2910
- issues.push(
2911
- issueOf("INVALID_URI", path, "URI contains a fragment identifier ('#'), which is forbidden")
2912
- );
2913
- return;
2917
+ return "URI contains a fragment identifier ('#'), which is forbidden";
2914
2918
  }
2915
2919
  const sepIdx = uri.indexOf("://");
2916
2920
  if (sepIdx <= 0 || !/^[a-z][a-z0-9+.-]*$/i.test(uri.slice(0, sepIdx))) {
2917
- issues.push(
2918
- issueOf("INVALID_URI", path, "URI is not absolute (missing scheme://hierarchical-part)")
2919
- );
2920
- return;
2921
+ return "URI is not absolute (missing scheme://hierarchical-part)";
2921
2922
  }
2922
2923
  const scheme = uri.slice(0, sepIdx).toLowerCase();
2923
2924
  const rest = uri.slice(sepIdx + "://".length);
2924
2925
  if (scheme === "ar") {
2925
- if (!/^[A-Za-z0-9_-]{43}$/.test(rest)) {
2926
- issues.push(
2927
- issueOf(
2928
- "INVALID_URI",
2929
- path,
2930
- "ar:// URI does not match `^ar://[A-Za-z0-9_-]{43}$` (43-char base64url txid, no path/query/fragment)"
2931
- )
2932
- );
2933
- }
2934
- return;
2926
+ return isArweaveTxid(rest) ? null : "ar:// URI does not match `^ar://[A-Za-z0-9_-]{43}$` (43-char base64url txid, no path/query/fragment)";
2935
2927
  }
2936
2928
  if (scheme === "ipfs") {
2937
2929
  const slashIdx = rest.indexOf("/");
2938
2930
  const cid = slashIdx === -1 ? rest : rest.slice(0, slashIdx);
2939
- if (!validateCidProfile(cid)) {
2940
- issues.push(
2941
- issueOf("INVALID_URI", path, "ipfs:// URI is not a valid CID under the Label 309 profile")
2942
- );
2943
- }
2944
- return;
2931
+ return validateCidProfile(cid) ? null : "ipfs:// URI is not a valid CID under the Label 309 profile";
2945
2932
  }
2946
- issues.push(
2947
- issueOf("INVALID_URI", path, "unsupported URI scheme; v1 PoE URI set is {ar://, ipfs://}")
2948
- );
2933
+ return "unsupported URI scheme; v1 PoE URI set is {ar://, ipfs://}";
2934
+ }
2935
+ function isFetchSetUri(uri) {
2936
+ return fetchSetUriRejection(uri) === null;
2937
+ }
2938
+ function isArweaveTxUri(uri) {
2939
+ return uri.startsWith("ar://") && isArweaveTxid(uri.slice("ar://".length));
2949
2940
  }
2950
2941
  function checkItemEnc(item, idx, opts, issues) {
2951
2942
  const encPath = ["items", idx, "enc"];
@@ -3723,6 +3714,6 @@ function valueAtPath(root, path) {
3723
3714
  (*! noble-ed25519 - MIT License (c) 2019 Paul Miller (paulmillr.com) *)
3724
3715
  */
3725
3716
 
3726
- export { DEFAULT_PASSPHRASE_PARAMS_CEILING, validateCidProfile, validatePoeRecord };
3717
+ export { DEFAULT_PASSPHRASE_PARAMS_CEILING, fetchSetUriRejection, isArweaveTxUri, isFetchSetUri, validateCidProfile, validatePoeRecord };
3727
3718
  //# sourceMappingURL=validator.js.map
3728
3719
  //# sourceMappingURL=validator.js.map