@cardanowall/sdk-ts 0.0.0 → 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +15 -11
- package/dist/conformance/cli.cjs +18 -18
- package/dist/conformance/cli.cjs.map +1 -1
- package/dist/conformance/cli.js +18 -18
- package/dist/conformance/cli.js.map +1 -1
- package/dist/index.cjs +18 -18
- package/dist/index.cjs.map +1 -1
- package/dist/index.js +18 -18
- package/dist/index.js.map +1 -1
- package/dist/verifier/index.cjs +18 -18
- package/dist/verifier/index.cjs.map +1 -1
- package/dist/verifier/index.js +18 -18
- package/dist/verifier/index.js.map +1 -1
- package/package.json +5 -4
package/README.md
CHANGED
|
@@ -42,9 +42,9 @@ const report = await verifyTx({
|
|
|
42
42
|
cardanoGatewayChain: ['https://api.koios.rest/api/v1'], // tried in order
|
|
43
43
|
});
|
|
44
44
|
|
|
45
|
-
console.log(report.verdict);
|
|
45
|
+
console.log(report.verdict); // 'valid' | 'pending' | 'failed'
|
|
46
46
|
console.log(report.exit_code); // 0 valid · 1 integrity fail · 2 network fail · 3 pending
|
|
47
|
-
console.log(report.record);
|
|
47
|
+
console.log(report.record); // the decoded CIP-309 PoeRecord
|
|
48
48
|
```
|
|
49
49
|
|
|
50
50
|
To decrypt a sealed PoE addressed to you, run at the **recipient-sealed** profile and supply your X25519 private key per item index:
|
|
@@ -68,11 +68,11 @@ When you already hold the metadata bytes from an indexer mirror, skip the chain
|
|
|
68
68
|
`baseUrl` is **required** — the client binds to no particular deployment. `apiKey`, when present, is an **opaque** bearer token forwarded verbatim as `Authorization: Bearer <apiKey>`; the SDK never parses or assumes its format. Omit it for anonymous read-only use.
|
|
69
69
|
|
|
70
70
|
```ts
|
|
71
|
-
import {
|
|
71
|
+
import { Cip309Client } from '@cardanowall/sdk-ts';
|
|
72
72
|
|
|
73
|
-
const client = new
|
|
73
|
+
const client = new Cip309Client({
|
|
74
74
|
baseUrl: 'https://gateway.example.com', // any CIP-309 gateway
|
|
75
|
-
apiKey: process.env.CIP309_API_KEY,
|
|
75
|
+
apiKey: process.env.CIP309_API_KEY, // opaque; omit for anonymous reads
|
|
76
76
|
});
|
|
77
77
|
|
|
78
78
|
// Read surface — no auth required for public records.
|
|
@@ -94,7 +94,7 @@ const quote = await client.poe.quote({
|
|
|
94
94
|
|
|
95
95
|
// Hash-only PoE: hash the content, build the record, submit. One HTTP call.
|
|
96
96
|
const result = await client.poe.publishContent({
|
|
97
|
-
content: 'hello world',
|
|
97
|
+
content: 'hello world', // string (UTF-8) or Uint8Array
|
|
98
98
|
quoteId: quote.quote_id,
|
|
99
99
|
// signer is optional; omit to publish unsigned (profile=core)
|
|
100
100
|
});
|
|
@@ -132,9 +132,9 @@ import {
|
|
|
132
132
|
decryptSealedFromSeed,
|
|
133
133
|
} from '@cardanowall/sdk-ts';
|
|
134
134
|
|
|
135
|
-
const keys = deriveKeysFromSeed(seed);
|
|
136
|
-
const me = recipientsFromSeed(seed);
|
|
137
|
-
const signer = signerFromSeed(seed);
|
|
135
|
+
const keys = deriveKeysFromSeed(seed); // { ed25519, x25519, mlkem768x25519 }
|
|
136
|
+
const me = recipientsFromSeed(seed); // { age: 'age1…', age1pqc: 'age1pqc…' }
|
|
137
|
+
const signer = signerFromSeed(seed); // a path-1 Signer for the publish helpers
|
|
138
138
|
|
|
139
139
|
// Decrypt a sealed PoE addressed to this seed — works for both classical
|
|
140
140
|
// (x25519) and hybrid post-quantum (mlkem768x25519 / X-Wing) records.
|
|
@@ -149,6 +149,7 @@ if (result.matched) {
|
|
|
149
149
|
Everything is reachable from the package root; submodule entry points (`/verifier`, `/client`, `/identity`, `/merkle`, `/hash`, `/fetch`) exist for tree-shaking.
|
|
150
150
|
|
|
151
151
|
**Verifier** (`@cardanowall/sdk-ts` or `/verifier`)
|
|
152
|
+
|
|
152
153
|
- `verifyTx(input)` / `verifyResolved(input)` — the full pipeline; returns a `VerifyReport`.
|
|
153
154
|
- `verifyRecordSignatures`, `verifyMerkleCommitments`, `tryDecryptions` — individual stages.
|
|
154
155
|
- `DEFAULT_PROFILE`, `profileImplements`, `planProfileSkips` — the four conformance profiles (`core` → `signed` → `sealed` → `recipient-sealed`).
|
|
@@ -156,18 +157,21 @@ Everything is reachable from the package root; submodule entry points (`/verifie
|
|
|
156
157
|
- `resolveCardanoTx`, `extractLabel309Metadata`, `decodeTxWitnesses`, `decodeTxSummary` — resolution + transaction-level description.
|
|
157
158
|
|
|
158
159
|
**Client** (`/client`)
|
|
159
|
-
|
|
160
|
+
|
|
161
|
+
- `Cip309Client({ baseUrl, apiKey?, fetch? })` — `baseUrl` required, key opaque.
|
|
160
162
|
- `client.poe.{quote, publishContent, publishPrehashed, publishSealed, publishMerkle, uploads, publish, publishBatch}`.
|
|
161
163
|
- `client.records.{get, verify}`, `client.inbox.{list, get}`, `client.account.balance()`.
|
|
162
164
|
- Off-host signing: `prepareSigStructure`, `assembleCoseSign1`, plus the CIP-8 hashed-mode pair `prepareSigStructureHashed` / `assembleCoseSign1Hashed`.
|
|
163
|
-
- Typed errors extending `
|
|
165
|
+
- Typed errors extending `Cip309HttpError`: `InsufficientFundsError`, `QuoteExpiredError`, `QuoteAlreadyConsumedError`, `FxStaleError`, `RateLimitedError`, `UnauthorizedError`, `ValidationFailedError`, `MalformedCborError`, `InvalidClientConfigError`, and more.
|
|
164
166
|
|
|
165
167
|
**Identity** (`/identity`)
|
|
168
|
+
|
|
166
169
|
- `deriveKeysFromSeed`, `recipientsFromSeed`, `signerFromSeed`, `recipientKeyBundleFromSeed`, `decryptSealedFromSeed`.
|
|
167
170
|
- Recipient codecs `encodeAgeX25519Recipient`, `encodeAgeXWingRecipient`, `parseAgeRecipient`.
|
|
168
171
|
- Low-level derive primitives `deriveEd25519KeypairFromSeed`, `deriveX25519KeypairFromSeed`, `deriveMlKem768X25519KeypairFromSeed`.
|
|
169
172
|
|
|
170
173
|
**Wire format & primitives** (re-exported for convenience)
|
|
174
|
+
|
|
171
175
|
- From `@cardanowall/poe-standard`: `validatePoeRecord`, `encodePoeRecord`, `encodeRecordBodyForSigning`, the error-code catalogues (`STRUCTURAL_ERROR_CODES`, `VERIFIER_ERROR_CODES`, `ERROR_CODES`), `severityOf`, `PoeRecordSchema`.
|
|
172
176
|
- From `@cardanowall/crypto-core`: `eciesSealedPoeWrap` / `eciesSealedPoeUnwrap` (sealed PoE), `hash.*` (digests), `merkle.*` (`merkleSha2256Root`, `merkleSha2256InclusionProof`, `merkleSha2256VerifyInclusion`, leaves-list codecs).
|
|
173
177
|
|
package/dist/conformance/cli.cjs
CHANGED
|
@@ -901,11 +901,7 @@ function validateOneUri(chunks, path, errors) {
|
|
|
901
901
|
const uri = reconstructed.uri;
|
|
902
902
|
if (uri.includes("#")) {
|
|
903
903
|
errors.push(
|
|
904
|
-
issue(
|
|
905
|
-
"INVALID_URI",
|
|
906
|
-
path,
|
|
907
|
-
"URI contains a fragment identifier ('#'), which is forbidden"
|
|
908
|
-
)
|
|
904
|
+
issue("INVALID_URI", path, "URI contains a fragment identifier ('#'), which is forbidden")
|
|
909
905
|
);
|
|
910
906
|
return;
|
|
911
907
|
}
|
|
@@ -935,21 +931,13 @@ function validateOneUri(chunks, path, errors) {
|
|
|
935
931
|
const cid = slashIdx === -1 ? rest : rest.slice(0, slashIdx);
|
|
936
932
|
if (!validateCidProfile(cid)) {
|
|
937
933
|
errors.push(
|
|
938
|
-
issue(
|
|
939
|
-
"INVALID_URI",
|
|
940
|
-
path,
|
|
941
|
-
"ipfs:// URI is not a valid CID under the CIP-309 profile"
|
|
942
|
-
)
|
|
934
|
+
issue("INVALID_URI", path, "ipfs:// URI is not a valid CID under the CIP-309 profile")
|
|
943
935
|
);
|
|
944
936
|
}
|
|
945
937
|
return;
|
|
946
938
|
}
|
|
947
939
|
errors.push(
|
|
948
|
-
issue(
|
|
949
|
-
"INVALID_URI",
|
|
950
|
-
path,
|
|
951
|
-
"unsupported URI scheme; v1 PoE URI set is {ar://, ipfs://}"
|
|
952
|
-
)
|
|
940
|
+
issue("INVALID_URI", path, "unsupported URI scheme; v1 PoE URI set is {ar://, ipfs://}")
|
|
953
941
|
);
|
|
954
942
|
}
|
|
955
943
|
function checkItemEnc(item, idx, errors) {
|
|
@@ -3310,7 +3298,9 @@ async function tryDecryptions(args) {
|
|
|
3310
3298
|
let plaintext = null;
|
|
3311
3299
|
let failure = null;
|
|
3312
3300
|
if (reqHasSecret) {
|
|
3313
|
-
const envelope = sealedEnvelopeFromParsed(
|
|
3301
|
+
const envelope = sealedEnvelopeFromParsed(
|
|
3302
|
+
enc
|
|
3303
|
+
);
|
|
3314
3304
|
if (envelope === null) {
|
|
3315
3305
|
out.push({
|
|
3316
3306
|
item_index: idx,
|
|
@@ -4435,7 +4425,8 @@ function decodeTxSummary(txBodyBytes, witnessSetBytes, network) {
|
|
|
4435
4425
|
else if (typeof invalidBefore === "bigint") summary.invalid_before = Number(invalidBefore);
|
|
4436
4426
|
const invalidHereafter = body.get(BODY_KEY_INVALID_HEREAFTER);
|
|
4437
4427
|
if (typeof invalidHereafter === "number") summary.invalid_hereafter = invalidHereafter;
|
|
4438
|
-
else if (typeof invalidHereafter === "bigint")
|
|
4428
|
+
else if (typeof invalidHereafter === "bigint")
|
|
4429
|
+
summary.invalid_hereafter = Number(invalidHereafter);
|
|
4439
4430
|
if (requiredSigners.length > 0) summary.required_signer_key_hashes = requiredSigners;
|
|
4440
4431
|
const networkId = body.get(BODY_KEY_NETWORK_ID);
|
|
4441
4432
|
if (typeof networkId === "number") summary.network_id = networkId;
|
|
@@ -4615,7 +4606,16 @@ async function verifyTx(input) {
|
|
|
4615
4606
|
});
|
|
4616
4607
|
}
|
|
4617
4608
|
async function verifyResolvedRecord(args) {
|
|
4618
|
-
const {
|
|
4609
|
+
const {
|
|
4610
|
+
input,
|
|
4611
|
+
metadataBytes,
|
|
4612
|
+
txCbor,
|
|
4613
|
+
numConfirmations,
|
|
4614
|
+
blockTime,
|
|
4615
|
+
blockSlot,
|
|
4616
|
+
httpCalls,
|
|
4617
|
+
fetchFn
|
|
4618
|
+
} = args;
|
|
4619
4619
|
const profile = input.profile ?? DEFAULT_PROFILE;
|
|
4620
4620
|
const threshold = input.confirmationDepthThreshold ?? CONFIRMATION_DEPTH_THRESHOLD_DEFAULT;
|
|
4621
4621
|
const txDescription = txCbor !== void 0 ? decodeTxDescription(txCbor, input) : {};
|