@cavos/kit 0.0.2 → 0.0.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/{Cavos-C2KHZxxu.d.mts → Cavos-BH2_tOQ2.d.mts} +409 -5
- package/dist/{Cavos-C2KHZxxu.d.ts → Cavos-BH2_tOQ2.d.ts} +409 -5
- package/dist/{chunk-PEUQQZB5.mjs → chunk-BNGLH3Q3.mjs} +1122 -17
- package/dist/chunk-BNGLH3Q3.mjs.map +1 -0
- package/dist/index.d.mts +125 -5
- package/dist/index.d.ts +125 -5
- package/dist/index.js +1223 -12
- package/dist/index.js.map +1 -1
- package/dist/index.mjs +88 -2
- package/dist/index.mjs.map +1 -1
- package/dist/react/index.d.mts +25 -1
- package/dist/react/index.d.ts +25 -1
- package/dist/react/index.js +1072 -8
- package/dist/react/index.js.map +1 -1
- package/dist/react/index.mjs +21 -1
- package/dist/react/index.mjs.map +1 -1
- package/package.json +3 -1
- package/dist/chunk-PEUQQZB5.mjs.map +0 -1
package/dist/index.d.mts
CHANGED
|
@@ -1,6 +1,7 @@
|
|
|
1
|
-
import { A as AuthProvider, I as Identity, W as WalletRegistry, R as RegisteredWallet, D as DevicePublicKey, a as RecoveryClient, P as PendingDeviceRequest, b as DeviceSigner, c as DeviceSignature, C as ChainAdapter, d as ComputeAddressParams, e as ChainCall } from './Cavos-
|
|
2
|
-
export {
|
|
1
|
+
import { A as AuthProvider, I as Identity, W as WalletRegistry, R as RegisteredWallet, D as DevicePublicKey, a as RecoveryClient, P as PendingDeviceRequest, b as DeviceSigner, c as DeviceSignature, C as ChainAdapter, d as ComputeAddressParams, e as ChainCall, f as PasskeyAssertion, S as StellarNetwork } from './Cavos-BH2_tOQ2.mjs';
|
|
2
|
+
export { g as Cavos, h as CavosSolana, i as CavosStellar, j as CavosWallet, k as Chain, l as ConnectOptions, m as ConnectSolanaOptions, n as ConnectStatus, o as ConnectStellarOptions, p as DEVICE_ACCOUNT_PROGRAM_ID, q as DEVICE_ACCOUNT_WASM_HASH, E as EnrolledPasskey, F as FACTORY_CONTRACT_ID, r as InMemoryWalletRegistry, s as InstructionAccount, t as InstructionData, N as NATIVE_SAC_ID, u as NetworkEnv, v as PasskeyApprovable, w as PasskeyEnrollParams, x as PasskeySigner, y as PasskeySignerOptions, z as RecoverSolanaOptions, B as RecoverStellarOptions, G as RecoveryOptions, H as SECP256R1_PROGRAM_ID, J as SOLANA_NETWORKS, K as STELLAR_NETWORKS, L as SolanaAdapter, M as SolanaAdapterOptions, O as SolanaNetwork, Q as SolanaRelayer, T as SolanaRelayerOptions, U as StaticIdentity, V as StellarRelayer, X as StellarRelayerOptions, Y as anchorDiscriminator, Z as approveDeviceEverywhere, _ as base64urlEncode, $ as batchChallenge, a0 as buildSecp256r1Instruction, a1 as compressedPubkey, a2 as encodeLowSSignature, a3 as lowS, a4 as recoverCandidatePublicKeys, a5 as serializeInstructions, a6 as webauthnDigest } from './Cavos-BH2_tOQ2.mjs';
|
|
3
3
|
import { Signer, ArraySignatureType } from 'starknet';
|
|
4
|
+
import { rpc, xdr } from '@stellar/stellar-sdk';
|
|
4
5
|
import '@solana/web3.js';
|
|
5
6
|
|
|
6
7
|
interface CavosAuthOptions {
|
|
@@ -91,6 +92,13 @@ declare function deriveAddressSeed({ userId, appSalt }: IdentityInput): bigint;
|
|
|
91
92
|
* address on each chain (different address spaces, one identity).
|
|
92
93
|
*/
|
|
93
94
|
declare function deriveAddressSeedSolana({ userId, appSalt }: IdentityInput): Uint8Array;
|
|
95
|
+
/**
|
|
96
|
+
* Stellar variant: a 32-byte `address_seed` used as the Soroban account's seed
|
|
97
|
+
* and folded (with the initial device signer) into the factory deploy salt.
|
|
98
|
+
* Same identity input as the other chains, SHA-256 hashed, with a Stellar-scoped
|
|
99
|
+
* domain so the same user maps to a distinct address per chain.
|
|
100
|
+
*/
|
|
101
|
+
declare function deriveAddressSeedStellar({ userId, appSalt }: IdentityInput): Uint8Array;
|
|
94
102
|
|
|
95
103
|
interface HttpWalletRegistryOptions {
|
|
96
104
|
/** Cavos backend base URL (e.g. https://cavos.xyz). */
|
|
@@ -249,6 +257,18 @@ declare class StarknetAdapter implements ChainAdapter {
|
|
|
249
257
|
buildRemoveSigner(accountAddress: string, signer: DevicePublicKey): ChainCall;
|
|
250
258
|
isAuthorizedSigner(accountAddress: string, signer: DevicePublicKey): Promise<boolean>;
|
|
251
259
|
buildSignature(txHash: bigint): Promise<string[]>;
|
|
260
|
+
buildAddApprover(accountAddress: string, passkey: DevicePublicKey): ChainCall;
|
|
261
|
+
buildRemoveApprover(accountAddress: string, passkey: DevicePublicKey): ChainCall;
|
|
262
|
+
isApprover(accountAddress: string, passkey: DevicePublicKey): Promise<boolean>;
|
|
263
|
+
getPasskeyNonce(accountAddress: string): Promise<bigint>;
|
|
264
|
+
/** This chain's leaf for approving `add_signer(newSigner)` at `nonce`:
|
|
265
|
+
* `sha256(new_x || new_y || nonce)` (coords 32B BE, nonce 16B BE). The batch
|
|
266
|
+
* challenge the passkey signs is `sha256(concat(leaves))` across chains. */
|
|
267
|
+
passkeyLeaf(newSigner: DevicePublicKey, nonce: bigint): Uint8Array;
|
|
268
|
+
/** Passkey-authorized `add_signer` call. `leaves`/`leafIndex` place this chain's
|
|
269
|
+
* leaf in the multi-chain batch (single chain → `[leaf]`, index 0). `yParity`
|
|
270
|
+
* matches the raw `(r, s)` — the contract normalizes high-S internally. */
|
|
271
|
+
buildAddSignerViaPasskey(accountAddress: string, newSigner: DevicePublicKey, nonce: bigint, leaves: Uint8Array[], leafIndex: number, assertion: PasskeyAssertion, yParity: boolean): ChainCall;
|
|
252
272
|
}
|
|
253
273
|
|
|
254
274
|
/**
|
|
@@ -290,11 +310,111 @@ declare const UDC_ADDRESS = "0x041a78e741e5af2fec34b695679bc6891742439f7afb8484e
|
|
|
290
310
|
* DeviceAccount class hash, per network. Populated from
|
|
291
311
|
* `account-contracts/starknet/deployments/<network>.json` after declaring.
|
|
292
312
|
*
|
|
293
|
-
*
|
|
294
|
-
*
|
|
313
|
+
* Sepolia re-declared 2026-07-01 with the passkey-approval surface + BATCHED
|
|
314
|
+
* multi-chain challenge (one passkey prompt approves a device on all chains).
|
|
315
|
+
* Mainnet still runs the prior class (no passkey) until it is re-declared.
|
|
295
316
|
*/
|
|
296
317
|
declare const DEVICE_ACCOUNT_CLASS_HASH: Record<StarknetNetwork, string>;
|
|
297
318
|
|
|
319
|
+
interface StellarAdapterOptions {
|
|
320
|
+
network: StellarNetwork;
|
|
321
|
+
/** RPC override (else the network default). */
|
|
322
|
+
rpcUrl?: string;
|
|
323
|
+
/** Factory contract id override (else the per-network default). */
|
|
324
|
+
factoryId?: string;
|
|
325
|
+
/** The device signer that authorizes account operations. */
|
|
326
|
+
signer: DeviceSigner;
|
|
327
|
+
}
|
|
328
|
+
/**
|
|
329
|
+
* Stellar / Soroban implementation of the Cavos device-account surface. Unlike
|
|
330
|
+
* Starknet (`buildSignature(txHash: bigint)`) the Soroban signing unit is a
|
|
331
|
+
* 32-byte Soroban *auth-entry* preimage, so — as the Solana adapter did for its
|
|
332
|
+
* own model — this adapter exposes chain-native methods rather than the generic
|
|
333
|
+
* `ChainAdapter` shape. Its job:
|
|
334
|
+
* - derive the deterministic account address off-chain (matches the factory),
|
|
335
|
+
* - build the factory/account/token invocations as host functions, and
|
|
336
|
+
* - sign a Soroban authorization entry with the silent P-256 device key,
|
|
337
|
+
* producing the `Vec<DeviceSignature>` ScVal that the contract's
|
|
338
|
+
* `__check_auth` verifies.
|
|
339
|
+
*/
|
|
340
|
+
declare class StellarAdapter {
|
|
341
|
+
readonly chain: "stellar";
|
|
342
|
+
readonly network: StellarNetwork;
|
|
343
|
+
readonly passphrase: string;
|
|
344
|
+
private readonly rpcUrl;
|
|
345
|
+
private readonly factoryId;
|
|
346
|
+
private readonly signer;
|
|
347
|
+
private _server?;
|
|
348
|
+
constructor(opts: StellarAdapterOptions);
|
|
349
|
+
server(): rpc.Server;
|
|
350
|
+
private networkId;
|
|
351
|
+
/**
|
|
352
|
+
* Deterministic account address for `(addressSeed, initialSigner)` — computed
|
|
353
|
+
* off-chain, byte-identical to the factory's on-chain `account_address`.
|
|
354
|
+
* `contractId = sha256(HashIdPreimage(networkId, factory, salt))` with
|
|
355
|
+
* `salt = sha256(addressSeed || sec1(initialSigner))`.
|
|
356
|
+
*/
|
|
357
|
+
computeAddress(addressSeed: Uint8Array, initialSigner: DevicePublicKey): string;
|
|
358
|
+
/** `salt = sha256(addressSeed(32) || sec1(initialSigner)(65))` — matches the factory. */
|
|
359
|
+
accountSalt(addressSeed: Uint8Array, initialSigner: DevicePublicKey): Buffer;
|
|
360
|
+
/** Host function: `factory.deploy(address_seed, initial_signer)`. */
|
|
361
|
+
buildDeploy(addressSeed: Uint8Array, initialSigner: DevicePublicKey): xdr.HostFunction;
|
|
362
|
+
/** Host function: `account.add_signer(new_signer)` (requires device auth). */
|
|
363
|
+
buildAddSigner(accountAddress: string, signer: DevicePublicKey): xdr.HostFunction;
|
|
364
|
+
/** Host function: `account.remove_signer(signer)` (requires device auth). */
|
|
365
|
+
buildRemoveSigner(accountAddress: string, signer: DevicePublicKey): xdr.HostFunction;
|
|
366
|
+
/** Host function: `account.add_approver(passkey)` (requires device auth). */
|
|
367
|
+
buildAddApprover(accountAddress: string, passkey: DevicePublicKey): xdr.HostFunction;
|
|
368
|
+
/** Host function: `account.remove_approver(passkey)` (requires device auth). */
|
|
369
|
+
buildRemoveApprover(accountAddress: string, passkey: DevicePublicKey): xdr.HostFunction;
|
|
370
|
+
/** This chain's leaf for approving `add_signer(newSigner)` at `nonce`:
|
|
371
|
+
* `sha256(sec1(new_signer) || nonce_be8)`. The batch challenge the passkey signs
|
|
372
|
+
* is `sha256(concat(leaves))` across chains. */
|
|
373
|
+
passkeyLeaf(newSigner: DevicePublicKey, nonce: bigint): Uint8Array;
|
|
374
|
+
/** Host function: passkey-authorized `add_signer_via_passkey` (no device auth —
|
|
375
|
+
* authorized by the embedded WebAuthn assertion, so any relayer can submit).
|
|
376
|
+
* `leaves`/`leafIndex` place this chain's leaf in the multi-chain batch. */
|
|
377
|
+
buildAddSignerViaPasskey(accountAddress: string, newSigner: DevicePublicKey, passkey: DevicePublicKey, nonce: bigint, leaves: Uint8Array[], leafIndex: number, assertion: PasskeyAssertion): xdr.HostFunction;
|
|
378
|
+
/** Read whether `passkey` is a registered approver (read-only simulation). */
|
|
379
|
+
isApprover(accountAddress: string, passkey: DevicePublicKey, readSource: string): Promise<boolean>;
|
|
380
|
+
/** Read the current passkey-approval nonce (read-only simulation). */
|
|
381
|
+
passkeyNonce(accountAddress: string, readSource: string): Promise<bigint>;
|
|
382
|
+
/** Host function: SEP-41 `token.transfer(from=account, to, amount)` (device auth). */
|
|
383
|
+
buildTransfer(tokenId: string, accountAddress: string, destination: string, amount: bigint): xdr.HostFunction;
|
|
384
|
+
/**
|
|
385
|
+
* Sign a Soroban authorization entry with the silent device key, producing the
|
|
386
|
+
* `Vec<DeviceSignature>` the account's `__check_auth` verifies. The device
|
|
387
|
+
* signs `sha256(preimage)` (WebCrypto hashes once more internally), which is
|
|
388
|
+
* exactly what the contract recomputes. Mutates + returns the entry.
|
|
389
|
+
*/
|
|
390
|
+
signAuthEntry(entry: xdr.SorobanAuthorizationEntry, validUntilLedger: number): Promise<xdr.SorobanAuthorizationEntry>;
|
|
391
|
+
/**
|
|
392
|
+
* Read a SEP-41 token balance of `account` via a read-only simulation of
|
|
393
|
+
* `token.balance(account)`. Returns 0 when the account isn't deployed or holds
|
|
394
|
+
* none. `readSource` is any funded G-account (used only for the simulation).
|
|
395
|
+
*/
|
|
396
|
+
readBalance(tokenId: string, account: string, readSource: string): Promise<bigint>;
|
|
397
|
+
/** Whether the account contract instance exists on-chain (is deployed). */
|
|
398
|
+
isDeployed(accountAddress: string): Promise<boolean>;
|
|
399
|
+
/**
|
|
400
|
+
* Read whether `signer` is a currently-authorized signer of the account, via a
|
|
401
|
+
* read-only simulation of `account.is_authorized(signer)`. `readSource` is any
|
|
402
|
+
* funded G-account (used only for the simulation's source/sequence).
|
|
403
|
+
*/
|
|
404
|
+
isAuthorizedSigner(accountAddress: string, signer: DevicePublicKey, readSource: string): Promise<boolean>;
|
|
405
|
+
}
|
|
406
|
+
/** SEC-1 uncompressed P-256 public key (65 bytes: 0x04 || X || Y). */
|
|
407
|
+
declare function sec1Pubkey(pk: DevicePublicKey): Uint8Array;
|
|
408
|
+
/** Raw 64-byte `r || s`, normalized to low-S (secp256r1_verify requires it). */
|
|
409
|
+
declare function encodeLowSSignature(sig: DeviceSignature): Uint8Array;
|
|
410
|
+
/**
|
|
411
|
+
* The `Vec<DeviceSignature>` ScVal the contract's `__check_auth` decodes. Each
|
|
412
|
+
* element is a struct `{ public_key: BytesN<65>, signature: BytesN<64> }`.
|
|
413
|
+
* Soroban serializes a struct as a symbol-keyed map sorted by key; `public_key`
|
|
414
|
+
* precedes `signature`, so `nativeToScVal` (which sorts) yields the exact layout.
|
|
415
|
+
*/
|
|
416
|
+
declare function deviceSignatureScVal(pubkey: DevicePublicKey, sig: DeviceSignature): xdr.ScVal;
|
|
417
|
+
|
|
298
418
|
/**
|
|
299
419
|
* Serialize a device signature to the felt array for `tx_info.signature`:
|
|
300
420
|
* [ r_low, r_high, s_low, s_high, y_parity ]
|
|
@@ -320,4 +440,4 @@ declare function hexToBytes(hex: string): Uint8Array;
|
|
|
320
440
|
/** A felt/bigint -> 32-byte big-endian Uint8Array (the tx-hash width). */
|
|
321
441
|
declare function bigIntTo32Bytes(value: bigint): Uint8Array;
|
|
322
442
|
|
|
323
|
-
export { AuthProvider, BackupSigner, CavosAuth, type CavosAuthOptions, ChainAdapter, ChainCall, ComputeAddressParams, DEVICE_ACCOUNT_CLASS_HASH, DevicePublicKey, DeviceSignature, DeviceSigner, HttpRecoveryClient, type HttpRecoveryClientOptions, HttpWalletRegistry, type HttpWalletRegistryOptions, Identity, type IdentityInput, PendingDeviceRequest, RecoveryClient, RegisteredWallet, STARKNET_NETWORKS, StarknetAdapter, type StarknetAdapterOptions, StarknetDeviceSigner, type StarknetNetwork, UDC_ADDRESS, WalletRegistry, WebCryptoSigner, type WebCryptoSignerOptions, bigIntTo32Bytes, bytesToBigInt, bytesToHex, deriveAddressSeed, deriveAddressSeedSolana, deriveBackupKey, generateRecoveryCode, hexToBytes, recoverYParity, signatureToFelts, u256ToFelts };
|
|
443
|
+
export { AuthProvider, BackupSigner, CavosAuth, type CavosAuthOptions, ChainAdapter, ChainCall, ComputeAddressParams, DEVICE_ACCOUNT_CLASS_HASH, DevicePublicKey, DeviceSignature, DeviceSigner, HttpRecoveryClient, type HttpRecoveryClientOptions, HttpWalletRegistry, type HttpWalletRegistryOptions, Identity, type IdentityInput, PasskeyAssertion, PendingDeviceRequest, RecoveryClient, RegisteredWallet, STARKNET_NETWORKS, StarknetAdapter, type StarknetAdapterOptions, StarknetDeviceSigner, type StarknetNetwork, StellarAdapter, type StellarAdapterOptions, StellarNetwork, UDC_ADDRESS, WalletRegistry, WebCryptoSigner, type WebCryptoSignerOptions, bigIntTo32Bytes, bytesToBigInt, bytesToHex, deriveAddressSeed, deriveAddressSeedSolana, deriveAddressSeedStellar, deriveBackupKey, deviceSignatureScVal, encodeLowSSignature as encodeStellarLowSSignature, generateRecoveryCode, hexToBytes, recoverYParity, sec1Pubkey, signatureToFelts, u256ToFelts };
|
package/dist/index.d.ts
CHANGED
|
@@ -1,6 +1,7 @@
|
|
|
1
|
-
import { A as AuthProvider, I as Identity, W as WalletRegistry, R as RegisteredWallet, D as DevicePublicKey, a as RecoveryClient, P as PendingDeviceRequest, b as DeviceSigner, c as DeviceSignature, C as ChainAdapter, d as ComputeAddressParams, e as ChainCall } from './Cavos-
|
|
2
|
-
export {
|
|
1
|
+
import { A as AuthProvider, I as Identity, W as WalletRegistry, R as RegisteredWallet, D as DevicePublicKey, a as RecoveryClient, P as PendingDeviceRequest, b as DeviceSigner, c as DeviceSignature, C as ChainAdapter, d as ComputeAddressParams, e as ChainCall, f as PasskeyAssertion, S as StellarNetwork } from './Cavos-BH2_tOQ2.js';
|
|
2
|
+
export { g as Cavos, h as CavosSolana, i as CavosStellar, j as CavosWallet, k as Chain, l as ConnectOptions, m as ConnectSolanaOptions, n as ConnectStatus, o as ConnectStellarOptions, p as DEVICE_ACCOUNT_PROGRAM_ID, q as DEVICE_ACCOUNT_WASM_HASH, E as EnrolledPasskey, F as FACTORY_CONTRACT_ID, r as InMemoryWalletRegistry, s as InstructionAccount, t as InstructionData, N as NATIVE_SAC_ID, u as NetworkEnv, v as PasskeyApprovable, w as PasskeyEnrollParams, x as PasskeySigner, y as PasskeySignerOptions, z as RecoverSolanaOptions, B as RecoverStellarOptions, G as RecoveryOptions, H as SECP256R1_PROGRAM_ID, J as SOLANA_NETWORKS, K as STELLAR_NETWORKS, L as SolanaAdapter, M as SolanaAdapterOptions, O as SolanaNetwork, Q as SolanaRelayer, T as SolanaRelayerOptions, U as StaticIdentity, V as StellarRelayer, X as StellarRelayerOptions, Y as anchorDiscriminator, Z as approveDeviceEverywhere, _ as base64urlEncode, $ as batchChallenge, a0 as buildSecp256r1Instruction, a1 as compressedPubkey, a2 as encodeLowSSignature, a3 as lowS, a4 as recoverCandidatePublicKeys, a5 as serializeInstructions, a6 as webauthnDigest } from './Cavos-BH2_tOQ2.js';
|
|
3
3
|
import { Signer, ArraySignatureType } from 'starknet';
|
|
4
|
+
import { rpc, xdr } from '@stellar/stellar-sdk';
|
|
4
5
|
import '@solana/web3.js';
|
|
5
6
|
|
|
6
7
|
interface CavosAuthOptions {
|
|
@@ -91,6 +92,13 @@ declare function deriveAddressSeed({ userId, appSalt }: IdentityInput): bigint;
|
|
|
91
92
|
* address on each chain (different address spaces, one identity).
|
|
92
93
|
*/
|
|
93
94
|
declare function deriveAddressSeedSolana({ userId, appSalt }: IdentityInput): Uint8Array;
|
|
95
|
+
/**
|
|
96
|
+
* Stellar variant: a 32-byte `address_seed` used as the Soroban account's seed
|
|
97
|
+
* and folded (with the initial device signer) into the factory deploy salt.
|
|
98
|
+
* Same identity input as the other chains, SHA-256 hashed, with a Stellar-scoped
|
|
99
|
+
* domain so the same user maps to a distinct address per chain.
|
|
100
|
+
*/
|
|
101
|
+
declare function deriveAddressSeedStellar({ userId, appSalt }: IdentityInput): Uint8Array;
|
|
94
102
|
|
|
95
103
|
interface HttpWalletRegistryOptions {
|
|
96
104
|
/** Cavos backend base URL (e.g. https://cavos.xyz). */
|
|
@@ -249,6 +257,18 @@ declare class StarknetAdapter implements ChainAdapter {
|
|
|
249
257
|
buildRemoveSigner(accountAddress: string, signer: DevicePublicKey): ChainCall;
|
|
250
258
|
isAuthorizedSigner(accountAddress: string, signer: DevicePublicKey): Promise<boolean>;
|
|
251
259
|
buildSignature(txHash: bigint): Promise<string[]>;
|
|
260
|
+
buildAddApprover(accountAddress: string, passkey: DevicePublicKey): ChainCall;
|
|
261
|
+
buildRemoveApprover(accountAddress: string, passkey: DevicePublicKey): ChainCall;
|
|
262
|
+
isApprover(accountAddress: string, passkey: DevicePublicKey): Promise<boolean>;
|
|
263
|
+
getPasskeyNonce(accountAddress: string): Promise<bigint>;
|
|
264
|
+
/** This chain's leaf for approving `add_signer(newSigner)` at `nonce`:
|
|
265
|
+
* `sha256(new_x || new_y || nonce)` (coords 32B BE, nonce 16B BE). The batch
|
|
266
|
+
* challenge the passkey signs is `sha256(concat(leaves))` across chains. */
|
|
267
|
+
passkeyLeaf(newSigner: DevicePublicKey, nonce: bigint): Uint8Array;
|
|
268
|
+
/** Passkey-authorized `add_signer` call. `leaves`/`leafIndex` place this chain's
|
|
269
|
+
* leaf in the multi-chain batch (single chain → `[leaf]`, index 0). `yParity`
|
|
270
|
+
* matches the raw `(r, s)` — the contract normalizes high-S internally. */
|
|
271
|
+
buildAddSignerViaPasskey(accountAddress: string, newSigner: DevicePublicKey, nonce: bigint, leaves: Uint8Array[], leafIndex: number, assertion: PasskeyAssertion, yParity: boolean): ChainCall;
|
|
252
272
|
}
|
|
253
273
|
|
|
254
274
|
/**
|
|
@@ -290,11 +310,111 @@ declare const UDC_ADDRESS = "0x041a78e741e5af2fec34b695679bc6891742439f7afb8484e
|
|
|
290
310
|
* DeviceAccount class hash, per network. Populated from
|
|
291
311
|
* `account-contracts/starknet/deployments/<network>.json` after declaring.
|
|
292
312
|
*
|
|
293
|
-
*
|
|
294
|
-
*
|
|
313
|
+
* Sepolia re-declared 2026-07-01 with the passkey-approval surface + BATCHED
|
|
314
|
+
* multi-chain challenge (one passkey prompt approves a device on all chains).
|
|
315
|
+
* Mainnet still runs the prior class (no passkey) until it is re-declared.
|
|
295
316
|
*/
|
|
296
317
|
declare const DEVICE_ACCOUNT_CLASS_HASH: Record<StarknetNetwork, string>;
|
|
297
318
|
|
|
319
|
+
interface StellarAdapterOptions {
|
|
320
|
+
network: StellarNetwork;
|
|
321
|
+
/** RPC override (else the network default). */
|
|
322
|
+
rpcUrl?: string;
|
|
323
|
+
/** Factory contract id override (else the per-network default). */
|
|
324
|
+
factoryId?: string;
|
|
325
|
+
/** The device signer that authorizes account operations. */
|
|
326
|
+
signer: DeviceSigner;
|
|
327
|
+
}
|
|
328
|
+
/**
|
|
329
|
+
* Stellar / Soroban implementation of the Cavos device-account surface. Unlike
|
|
330
|
+
* Starknet (`buildSignature(txHash: bigint)`) the Soroban signing unit is a
|
|
331
|
+
* 32-byte Soroban *auth-entry* preimage, so — as the Solana adapter did for its
|
|
332
|
+
* own model — this adapter exposes chain-native methods rather than the generic
|
|
333
|
+
* `ChainAdapter` shape. Its job:
|
|
334
|
+
* - derive the deterministic account address off-chain (matches the factory),
|
|
335
|
+
* - build the factory/account/token invocations as host functions, and
|
|
336
|
+
* - sign a Soroban authorization entry with the silent P-256 device key,
|
|
337
|
+
* producing the `Vec<DeviceSignature>` ScVal that the contract's
|
|
338
|
+
* `__check_auth` verifies.
|
|
339
|
+
*/
|
|
340
|
+
declare class StellarAdapter {
|
|
341
|
+
readonly chain: "stellar";
|
|
342
|
+
readonly network: StellarNetwork;
|
|
343
|
+
readonly passphrase: string;
|
|
344
|
+
private readonly rpcUrl;
|
|
345
|
+
private readonly factoryId;
|
|
346
|
+
private readonly signer;
|
|
347
|
+
private _server?;
|
|
348
|
+
constructor(opts: StellarAdapterOptions);
|
|
349
|
+
server(): rpc.Server;
|
|
350
|
+
private networkId;
|
|
351
|
+
/**
|
|
352
|
+
* Deterministic account address for `(addressSeed, initialSigner)` — computed
|
|
353
|
+
* off-chain, byte-identical to the factory's on-chain `account_address`.
|
|
354
|
+
* `contractId = sha256(HashIdPreimage(networkId, factory, salt))` with
|
|
355
|
+
* `salt = sha256(addressSeed || sec1(initialSigner))`.
|
|
356
|
+
*/
|
|
357
|
+
computeAddress(addressSeed: Uint8Array, initialSigner: DevicePublicKey): string;
|
|
358
|
+
/** `salt = sha256(addressSeed(32) || sec1(initialSigner)(65))` — matches the factory. */
|
|
359
|
+
accountSalt(addressSeed: Uint8Array, initialSigner: DevicePublicKey): Buffer;
|
|
360
|
+
/** Host function: `factory.deploy(address_seed, initial_signer)`. */
|
|
361
|
+
buildDeploy(addressSeed: Uint8Array, initialSigner: DevicePublicKey): xdr.HostFunction;
|
|
362
|
+
/** Host function: `account.add_signer(new_signer)` (requires device auth). */
|
|
363
|
+
buildAddSigner(accountAddress: string, signer: DevicePublicKey): xdr.HostFunction;
|
|
364
|
+
/** Host function: `account.remove_signer(signer)` (requires device auth). */
|
|
365
|
+
buildRemoveSigner(accountAddress: string, signer: DevicePublicKey): xdr.HostFunction;
|
|
366
|
+
/** Host function: `account.add_approver(passkey)` (requires device auth). */
|
|
367
|
+
buildAddApprover(accountAddress: string, passkey: DevicePublicKey): xdr.HostFunction;
|
|
368
|
+
/** Host function: `account.remove_approver(passkey)` (requires device auth). */
|
|
369
|
+
buildRemoveApprover(accountAddress: string, passkey: DevicePublicKey): xdr.HostFunction;
|
|
370
|
+
/** This chain's leaf for approving `add_signer(newSigner)` at `nonce`:
|
|
371
|
+
* `sha256(sec1(new_signer) || nonce_be8)`. The batch challenge the passkey signs
|
|
372
|
+
* is `sha256(concat(leaves))` across chains. */
|
|
373
|
+
passkeyLeaf(newSigner: DevicePublicKey, nonce: bigint): Uint8Array;
|
|
374
|
+
/** Host function: passkey-authorized `add_signer_via_passkey` (no device auth —
|
|
375
|
+
* authorized by the embedded WebAuthn assertion, so any relayer can submit).
|
|
376
|
+
* `leaves`/`leafIndex` place this chain's leaf in the multi-chain batch. */
|
|
377
|
+
buildAddSignerViaPasskey(accountAddress: string, newSigner: DevicePublicKey, passkey: DevicePublicKey, nonce: bigint, leaves: Uint8Array[], leafIndex: number, assertion: PasskeyAssertion): xdr.HostFunction;
|
|
378
|
+
/** Read whether `passkey` is a registered approver (read-only simulation). */
|
|
379
|
+
isApprover(accountAddress: string, passkey: DevicePublicKey, readSource: string): Promise<boolean>;
|
|
380
|
+
/** Read the current passkey-approval nonce (read-only simulation). */
|
|
381
|
+
passkeyNonce(accountAddress: string, readSource: string): Promise<bigint>;
|
|
382
|
+
/** Host function: SEP-41 `token.transfer(from=account, to, amount)` (device auth). */
|
|
383
|
+
buildTransfer(tokenId: string, accountAddress: string, destination: string, amount: bigint): xdr.HostFunction;
|
|
384
|
+
/**
|
|
385
|
+
* Sign a Soroban authorization entry with the silent device key, producing the
|
|
386
|
+
* `Vec<DeviceSignature>` the account's `__check_auth` verifies. The device
|
|
387
|
+
* signs `sha256(preimage)` (WebCrypto hashes once more internally), which is
|
|
388
|
+
* exactly what the contract recomputes. Mutates + returns the entry.
|
|
389
|
+
*/
|
|
390
|
+
signAuthEntry(entry: xdr.SorobanAuthorizationEntry, validUntilLedger: number): Promise<xdr.SorobanAuthorizationEntry>;
|
|
391
|
+
/**
|
|
392
|
+
* Read a SEP-41 token balance of `account` via a read-only simulation of
|
|
393
|
+
* `token.balance(account)`. Returns 0 when the account isn't deployed or holds
|
|
394
|
+
* none. `readSource` is any funded G-account (used only for the simulation).
|
|
395
|
+
*/
|
|
396
|
+
readBalance(tokenId: string, account: string, readSource: string): Promise<bigint>;
|
|
397
|
+
/** Whether the account contract instance exists on-chain (is deployed). */
|
|
398
|
+
isDeployed(accountAddress: string): Promise<boolean>;
|
|
399
|
+
/**
|
|
400
|
+
* Read whether `signer` is a currently-authorized signer of the account, via a
|
|
401
|
+
* read-only simulation of `account.is_authorized(signer)`. `readSource` is any
|
|
402
|
+
* funded G-account (used only for the simulation's source/sequence).
|
|
403
|
+
*/
|
|
404
|
+
isAuthorizedSigner(accountAddress: string, signer: DevicePublicKey, readSource: string): Promise<boolean>;
|
|
405
|
+
}
|
|
406
|
+
/** SEC-1 uncompressed P-256 public key (65 bytes: 0x04 || X || Y). */
|
|
407
|
+
declare function sec1Pubkey(pk: DevicePublicKey): Uint8Array;
|
|
408
|
+
/** Raw 64-byte `r || s`, normalized to low-S (secp256r1_verify requires it). */
|
|
409
|
+
declare function encodeLowSSignature(sig: DeviceSignature): Uint8Array;
|
|
410
|
+
/**
|
|
411
|
+
* The `Vec<DeviceSignature>` ScVal the contract's `__check_auth` decodes. Each
|
|
412
|
+
* element is a struct `{ public_key: BytesN<65>, signature: BytesN<64> }`.
|
|
413
|
+
* Soroban serializes a struct as a symbol-keyed map sorted by key; `public_key`
|
|
414
|
+
* precedes `signature`, so `nativeToScVal` (which sorts) yields the exact layout.
|
|
415
|
+
*/
|
|
416
|
+
declare function deviceSignatureScVal(pubkey: DevicePublicKey, sig: DeviceSignature): xdr.ScVal;
|
|
417
|
+
|
|
298
418
|
/**
|
|
299
419
|
* Serialize a device signature to the felt array for `tx_info.signature`:
|
|
300
420
|
* [ r_low, r_high, s_low, s_high, y_parity ]
|
|
@@ -320,4 +440,4 @@ declare function hexToBytes(hex: string): Uint8Array;
|
|
|
320
440
|
/** A felt/bigint -> 32-byte big-endian Uint8Array (the tx-hash width). */
|
|
321
441
|
declare function bigIntTo32Bytes(value: bigint): Uint8Array;
|
|
322
442
|
|
|
323
|
-
export { AuthProvider, BackupSigner, CavosAuth, type CavosAuthOptions, ChainAdapter, ChainCall, ComputeAddressParams, DEVICE_ACCOUNT_CLASS_HASH, DevicePublicKey, DeviceSignature, DeviceSigner, HttpRecoveryClient, type HttpRecoveryClientOptions, HttpWalletRegistry, type HttpWalletRegistryOptions, Identity, type IdentityInput, PendingDeviceRequest, RecoveryClient, RegisteredWallet, STARKNET_NETWORKS, StarknetAdapter, type StarknetAdapterOptions, StarknetDeviceSigner, type StarknetNetwork, UDC_ADDRESS, WalletRegistry, WebCryptoSigner, type WebCryptoSignerOptions, bigIntTo32Bytes, bytesToBigInt, bytesToHex, deriveAddressSeed, deriveAddressSeedSolana, deriveBackupKey, generateRecoveryCode, hexToBytes, recoverYParity, signatureToFelts, u256ToFelts };
|
|
443
|
+
export { AuthProvider, BackupSigner, CavosAuth, type CavosAuthOptions, ChainAdapter, ChainCall, ComputeAddressParams, DEVICE_ACCOUNT_CLASS_HASH, DevicePublicKey, DeviceSignature, DeviceSigner, HttpRecoveryClient, type HttpRecoveryClientOptions, HttpWalletRegistry, type HttpWalletRegistryOptions, Identity, type IdentityInput, PasskeyAssertion, PendingDeviceRequest, RecoveryClient, RegisteredWallet, STARKNET_NETWORKS, StarknetAdapter, type StarknetAdapterOptions, StarknetDeviceSigner, type StarknetNetwork, StellarAdapter, type StellarAdapterOptions, StellarNetwork, UDC_ADDRESS, WalletRegistry, WebCryptoSigner, type WebCryptoSignerOptions, bigIntTo32Bytes, bytesToBigInt, bytesToHex, deriveAddressSeed, deriveAddressSeedSolana, deriveAddressSeedStellar, deriveBackupKey, deviceSignatureScVal, encodeLowSSignature as encodeStellarLowSSignature, generateRecoveryCode, hexToBytes, recoverYParity, sec1Pubkey, signatureToFelts, u256ToFelts };
|