@cavos/kit 0.0.2 → 0.0.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/{Cavos-C2KHZxxu.d.mts → Cavos-x9qFpOvJ.d.mts} +438 -5
- package/dist/{Cavos-C2KHZxxu.d.ts → Cavos-x9qFpOvJ.d.ts} +438 -5
- package/dist/chunk-F2J25XSL.mjs +2946 -0
- package/dist/chunk-F2J25XSL.mjs.map +1 -0
- package/dist/index.d.mts +131 -5
- package/dist/index.d.ts +131 -5
- package/dist/index.js +1314 -18
- package/dist/index.js.map +1 -1
- package/dist/index.mjs +1 -1
- package/dist/react/index.d.mts +48 -16
- package/dist/react/index.d.ts +48 -16
- package/dist/react/index.js +1605 -92
- package/dist/react/index.js.map +1 -1
- package/dist/react/index.mjs +336 -77
- package/dist/react/index.mjs.map +1 -1
- package/package.json +3 -1
- package/dist/chunk-PEUQQZB5.mjs +0 -1672
- package/dist/chunk-PEUQQZB5.mjs.map +0 -1
package/dist/index.d.mts
CHANGED
|
@@ -1,6 +1,7 @@
|
|
|
1
|
-
import { A as AuthProvider, I as Identity, W as WalletRegistry, R as RegisteredWallet, D as DevicePublicKey, a as RecoveryClient, P as PendingDeviceRequest, b as DeviceSigner, c as DeviceSignature, C as ChainAdapter, d as ComputeAddressParams, e as ChainCall } from './Cavos-
|
|
2
|
-
export {
|
|
1
|
+
import { A as AuthProvider, I as Identity, W as WalletRegistry, R as RegisteredWallet, D as DevicePublicKey, a as RecoveryClient, P as PendingDeviceRequest, b as DeviceSigner, c as DeviceSignature, C as ChainAdapter, d as ComputeAddressParams, e as ChainCall, f as PasskeyAssertion, S as StellarNetwork } from './Cavos-x9qFpOvJ.mjs';
|
|
2
|
+
export { g as Cavos, h as CavosSolana, i as CavosStellar, j as CavosWallet, k as Chain, l as ConnectOptions, m as ConnectSolanaOptions, n as ConnectStatus, o as ConnectStellarOptions, p as DEVICE_ACCOUNT_PROGRAM_ID, q as DEVICE_ACCOUNT_WASM_HASH, E as EnrolledPasskey, F as FACTORY_CONTRACT_ID, r as InMemoryWalletRegistry, s as InstructionAccount, t as InstructionData, N as NATIVE_SAC_ID, u as NetworkEnv, v as PasskeyApprovable, w as PasskeyEnrollParams, x as PasskeySigner, y as PasskeySignerOptions, z as RecoverSolanaOptions, B as RecoverStellarOptions, G as RecoveryOptions, H as SECP256R1_PROGRAM_ID, J as SOLANA_NETWORKS, K as STELLAR_NETWORKS, L as SolanaAdapter, M as SolanaAdapterOptions, O as SolanaNetwork, Q as SolanaRelayer, T as SolanaRelayerOptions, U as StaticIdentity, V as StellarRelayer, X as StellarRelayerOptions, Y as anchorDiscriminator, Z as approveDeviceEverywhere, _ as base64urlEncode, $ as batchChallenge, a0 as buildSecp256r1Instruction, a1 as compressedPubkey, a2 as encodeLowSSignature, a3 as lowS, a4 as recoverCandidatePublicKeys, a5 as serializeInstructions, a6 as webauthnDigest } from './Cavos-x9qFpOvJ.mjs';
|
|
3
3
|
import { Signer, ArraySignatureType } from 'starknet';
|
|
4
|
+
import { rpc, xdr } from '@stellar/stellar-sdk';
|
|
4
5
|
import '@solana/web3.js';
|
|
5
6
|
|
|
6
7
|
interface CavosAuthOptions {
|
|
@@ -91,6 +92,13 @@ declare function deriveAddressSeed({ userId, appSalt }: IdentityInput): bigint;
|
|
|
91
92
|
* address on each chain (different address spaces, one identity).
|
|
92
93
|
*/
|
|
93
94
|
declare function deriveAddressSeedSolana({ userId, appSalt }: IdentityInput): Uint8Array;
|
|
95
|
+
/**
|
|
96
|
+
* Stellar variant: a 32-byte `address_seed` used as the Soroban account's seed
|
|
97
|
+
* and folded (with the initial device signer) into the factory deploy salt.
|
|
98
|
+
* Same identity input as the other chains, SHA-256 hashed, with a Stellar-scoped
|
|
99
|
+
* domain so the same user maps to a distinct address per chain.
|
|
100
|
+
*/
|
|
101
|
+
declare function deriveAddressSeedStellar({ userId, appSalt }: IdentityInput): Uint8Array;
|
|
94
102
|
|
|
95
103
|
interface HttpWalletRegistryOptions {
|
|
96
104
|
/** Cavos backend base URL (e.g. https://cavos.xyz). */
|
|
@@ -249,6 +257,21 @@ declare class StarknetAdapter implements ChainAdapter {
|
|
|
249
257
|
buildRemoveSigner(accountAddress: string, signer: DevicePublicKey): ChainCall;
|
|
250
258
|
isAuthorizedSigner(accountAddress: string, signer: DevicePublicKey): Promise<boolean>;
|
|
251
259
|
buildSignature(txHash: bigint): Promise<string[]>;
|
|
260
|
+
buildAddApprover(accountAddress: string, passkey: DevicePublicKey): ChainCall;
|
|
261
|
+
buildRemoveApprover(accountAddress: string, passkey: DevicePublicKey): ChainCall;
|
|
262
|
+
isApprover(accountAddress: string, passkey: DevicePublicKey): Promise<boolean>;
|
|
263
|
+
/** True if the account has at least one passkey registered as an approver.
|
|
264
|
+
* Lets the UI decide whether to offer passkey approval before prompting. */
|
|
265
|
+
hasPasskeyApprover(accountAddress: string): Promise<boolean>;
|
|
266
|
+
getPasskeyNonce(accountAddress: string): Promise<bigint>;
|
|
267
|
+
/** This chain's leaf for approving `add_signer(newSigner)` at `nonce`:
|
|
268
|
+
* `sha256(new_x || new_y || nonce)` (coords 32B BE, nonce 16B BE). The batch
|
|
269
|
+
* challenge the passkey signs is `sha256(concat(leaves))` across chains. */
|
|
270
|
+
passkeyLeaf(newSigner: DevicePublicKey, nonce: bigint): Uint8Array;
|
|
271
|
+
/** Passkey-authorized `add_signer` call. `leaves`/`leafIndex` place this chain's
|
|
272
|
+
* leaf in the multi-chain batch (single chain → `[leaf]`, index 0). `yParity`
|
|
273
|
+
* matches the raw `(r, s)` — the contract normalizes high-S internally. */
|
|
274
|
+
buildAddSignerViaPasskey(accountAddress: string, newSigner: DevicePublicKey, nonce: bigint, leaves: Uint8Array[], leafIndex: number, assertion: PasskeyAssertion, yParity: boolean): ChainCall;
|
|
252
275
|
}
|
|
253
276
|
|
|
254
277
|
/**
|
|
@@ -290,11 +313,114 @@ declare const UDC_ADDRESS = "0x041a78e741e5af2fec34b695679bc6891742439f7afb8484e
|
|
|
290
313
|
* DeviceAccount class hash, per network. Populated from
|
|
291
314
|
* `account-contracts/starknet/deployments/<network>.json` after declaring.
|
|
292
315
|
*
|
|
293
|
-
*
|
|
294
|
-
*
|
|
316
|
+
* Sepolia re-declared 2026-07-01 with the passkey-approval surface + BATCHED
|
|
317
|
+
* multi-chain challenge (one passkey prompt approves a device on all chains).
|
|
318
|
+
* Mainnet still runs the prior class (no passkey) until it is re-declared.
|
|
295
319
|
*/
|
|
296
320
|
declare const DEVICE_ACCOUNT_CLASS_HASH: Record<StarknetNetwork, string>;
|
|
297
321
|
|
|
322
|
+
interface StellarAdapterOptions {
|
|
323
|
+
network: StellarNetwork;
|
|
324
|
+
/** RPC override (else the network default). */
|
|
325
|
+
rpcUrl?: string;
|
|
326
|
+
/** Factory contract id override (else the per-network default). */
|
|
327
|
+
factoryId?: string;
|
|
328
|
+
/** The device signer that authorizes account operations. */
|
|
329
|
+
signer: DeviceSigner;
|
|
330
|
+
}
|
|
331
|
+
/**
|
|
332
|
+
* Stellar / Soroban implementation of the Cavos device-account surface. Unlike
|
|
333
|
+
* Starknet (`buildSignature(txHash: bigint)`) the Soroban signing unit is a
|
|
334
|
+
* 32-byte Soroban *auth-entry* preimage, so — as the Solana adapter did for its
|
|
335
|
+
* own model — this adapter exposes chain-native methods rather than the generic
|
|
336
|
+
* `ChainAdapter` shape. Its job:
|
|
337
|
+
* - derive the deterministic account address off-chain (matches the factory),
|
|
338
|
+
* - build the factory/account/token invocations as host functions, and
|
|
339
|
+
* - sign a Soroban authorization entry with the silent P-256 device key,
|
|
340
|
+
* producing the `Vec<DeviceSignature>` ScVal that the contract's
|
|
341
|
+
* `__check_auth` verifies.
|
|
342
|
+
*/
|
|
343
|
+
declare class StellarAdapter {
|
|
344
|
+
readonly chain: "stellar";
|
|
345
|
+
readonly network: StellarNetwork;
|
|
346
|
+
readonly passphrase: string;
|
|
347
|
+
private readonly rpcUrl;
|
|
348
|
+
private readonly factoryId;
|
|
349
|
+
private readonly signer;
|
|
350
|
+
private _server?;
|
|
351
|
+
constructor(opts: StellarAdapterOptions);
|
|
352
|
+
server(): rpc.Server;
|
|
353
|
+
private networkId;
|
|
354
|
+
/**
|
|
355
|
+
* Deterministic account address for `(addressSeed, initialSigner)` — computed
|
|
356
|
+
* off-chain, byte-identical to the factory's on-chain `account_address`.
|
|
357
|
+
* `contractId = sha256(HashIdPreimage(networkId, factory, salt))` with
|
|
358
|
+
* `salt = sha256(addressSeed || sec1(initialSigner))`.
|
|
359
|
+
*/
|
|
360
|
+
computeAddress(addressSeed: Uint8Array, initialSigner: DevicePublicKey): string;
|
|
361
|
+
/** `salt = sha256(addressSeed(32) || sec1(initialSigner)(65))` — matches the factory. */
|
|
362
|
+
accountSalt(addressSeed: Uint8Array, initialSigner: DevicePublicKey): Buffer;
|
|
363
|
+
/** Host function: `factory.deploy(address_seed, initial_signer)`. */
|
|
364
|
+
buildDeploy(addressSeed: Uint8Array, initialSigner: DevicePublicKey): xdr.HostFunction;
|
|
365
|
+
/** Host function: `account.add_signer(new_signer)` (requires device auth). */
|
|
366
|
+
buildAddSigner(accountAddress: string, signer: DevicePublicKey): xdr.HostFunction;
|
|
367
|
+
/** Host function: `account.remove_signer(signer)` (requires device auth). */
|
|
368
|
+
buildRemoveSigner(accountAddress: string, signer: DevicePublicKey): xdr.HostFunction;
|
|
369
|
+
/** Host function: `account.add_approver(passkey)` (requires device auth). */
|
|
370
|
+
buildAddApprover(accountAddress: string, passkey: DevicePublicKey): xdr.HostFunction;
|
|
371
|
+
/** Host function: `account.remove_approver(passkey)` (requires device auth). */
|
|
372
|
+
buildRemoveApprover(accountAddress: string, passkey: DevicePublicKey): xdr.HostFunction;
|
|
373
|
+
/** This chain's leaf for approving `add_signer(newSigner)` at `nonce`:
|
|
374
|
+
* `sha256(sec1(new_signer) || nonce_be8)`. The batch challenge the passkey signs
|
|
375
|
+
* is `sha256(concat(leaves))` across chains. */
|
|
376
|
+
passkeyLeaf(newSigner: DevicePublicKey, nonce: bigint): Uint8Array;
|
|
377
|
+
/** Host function: passkey-authorized `add_signer_via_passkey` (no device auth —
|
|
378
|
+
* authorized by the embedded WebAuthn assertion, so any relayer can submit).
|
|
379
|
+
* `leaves`/`leafIndex` place this chain's leaf in the multi-chain batch. */
|
|
380
|
+
buildAddSignerViaPasskey(accountAddress: string, newSigner: DevicePublicKey, passkey: DevicePublicKey, nonce: bigint, leaves: Uint8Array[], leafIndex: number, assertion: PasskeyAssertion): xdr.HostFunction;
|
|
381
|
+
/** Read whether `passkey` is a registered approver (read-only simulation). */
|
|
382
|
+
/** True if the account has at least one passkey registered as an approver.
|
|
383
|
+
* Reads the contract's `approvers` view and checks the list is non-empty. */
|
|
384
|
+
hasPasskeyApprover(accountAddress: string, readSource: string): Promise<boolean>;
|
|
385
|
+
isApprover(accountAddress: string, passkey: DevicePublicKey, readSource: string): Promise<boolean>;
|
|
386
|
+
/** Read the current passkey-approval nonce (read-only simulation). */
|
|
387
|
+
passkeyNonce(accountAddress: string, readSource: string): Promise<bigint>;
|
|
388
|
+
/** Host function: SEP-41 `token.transfer(from=account, to, amount)` (device auth). */
|
|
389
|
+
buildTransfer(tokenId: string, accountAddress: string, destination: string, amount: bigint): xdr.HostFunction;
|
|
390
|
+
/**
|
|
391
|
+
* Sign a Soroban authorization entry with the silent device key, producing the
|
|
392
|
+
* `Vec<DeviceSignature>` the account's `__check_auth` verifies. The device
|
|
393
|
+
* signs `sha256(preimage)` (WebCrypto hashes once more internally), which is
|
|
394
|
+
* exactly what the contract recomputes. Mutates + returns the entry.
|
|
395
|
+
*/
|
|
396
|
+
signAuthEntry(entry: xdr.SorobanAuthorizationEntry, validUntilLedger: number): Promise<xdr.SorobanAuthorizationEntry>;
|
|
397
|
+
/**
|
|
398
|
+
* Read a SEP-41 token balance of `account` via a read-only simulation of
|
|
399
|
+
* `token.balance(account)`. Returns 0 when the account isn't deployed or holds
|
|
400
|
+
* none. `readSource` is any funded G-account (used only for the simulation).
|
|
401
|
+
*/
|
|
402
|
+
readBalance(tokenId: string, account: string, readSource: string): Promise<bigint>;
|
|
403
|
+
/** Whether the account contract instance exists on-chain (is deployed). */
|
|
404
|
+
isDeployed(accountAddress: string): Promise<boolean>;
|
|
405
|
+
/**
|
|
406
|
+
* Read whether `signer` is a currently-authorized signer of the account, via a
|
|
407
|
+
* read-only simulation of `account.is_authorized(signer)`. `readSource` is any
|
|
408
|
+
* funded G-account (used only for the simulation's source/sequence).
|
|
409
|
+
*/
|
|
410
|
+
isAuthorizedSigner(accountAddress: string, signer: DevicePublicKey, readSource: string): Promise<boolean>;
|
|
411
|
+
}
|
|
412
|
+
/** SEC-1 uncompressed P-256 public key (65 bytes: 0x04 || X || Y). */
|
|
413
|
+
declare function sec1Pubkey(pk: DevicePublicKey): Uint8Array;
|
|
414
|
+
/** Raw 64-byte `r || s`, normalized to low-S (secp256r1_verify requires it). */
|
|
415
|
+
declare function encodeLowSSignature(sig: DeviceSignature): Uint8Array;
|
|
416
|
+
/**
|
|
417
|
+
* The `Vec<DeviceSignature>` ScVal the contract's `__check_auth` decodes. Each
|
|
418
|
+
* element is a struct `{ public_key: BytesN<65>, signature: BytesN<64> }`.
|
|
419
|
+
* Soroban serializes a struct as a symbol-keyed map sorted by key; `public_key`
|
|
420
|
+
* precedes `signature`, so `nativeToScVal` (which sorts) yields the exact layout.
|
|
421
|
+
*/
|
|
422
|
+
declare function deviceSignatureScVal(pubkey: DevicePublicKey, sig: DeviceSignature): xdr.ScVal;
|
|
423
|
+
|
|
298
424
|
/**
|
|
299
425
|
* Serialize a device signature to the felt array for `tx_info.signature`:
|
|
300
426
|
* [ r_low, r_high, s_low, s_high, y_parity ]
|
|
@@ -320,4 +446,4 @@ declare function hexToBytes(hex: string): Uint8Array;
|
|
|
320
446
|
/** A felt/bigint -> 32-byte big-endian Uint8Array (the tx-hash width). */
|
|
321
447
|
declare function bigIntTo32Bytes(value: bigint): Uint8Array;
|
|
322
448
|
|
|
323
|
-
export { AuthProvider, BackupSigner, CavosAuth, type CavosAuthOptions, ChainAdapter, ChainCall, ComputeAddressParams, DEVICE_ACCOUNT_CLASS_HASH, DevicePublicKey, DeviceSignature, DeviceSigner, HttpRecoveryClient, type HttpRecoveryClientOptions, HttpWalletRegistry, type HttpWalletRegistryOptions, Identity, type IdentityInput, PendingDeviceRequest, RecoveryClient, RegisteredWallet, STARKNET_NETWORKS, StarknetAdapter, type StarknetAdapterOptions, StarknetDeviceSigner, type StarknetNetwork, UDC_ADDRESS, WalletRegistry, WebCryptoSigner, type WebCryptoSignerOptions, bigIntTo32Bytes, bytesToBigInt, bytesToHex, deriveAddressSeed, deriveAddressSeedSolana, deriveBackupKey, generateRecoveryCode, hexToBytes, recoverYParity, signatureToFelts, u256ToFelts };
|
|
449
|
+
export { AuthProvider, BackupSigner, CavosAuth, type CavosAuthOptions, ChainAdapter, ChainCall, ComputeAddressParams, DEVICE_ACCOUNT_CLASS_HASH, DevicePublicKey, DeviceSignature, DeviceSigner, HttpRecoveryClient, type HttpRecoveryClientOptions, HttpWalletRegistry, type HttpWalletRegistryOptions, Identity, type IdentityInput, PasskeyAssertion, PendingDeviceRequest, RecoveryClient, RegisteredWallet, STARKNET_NETWORKS, StarknetAdapter, type StarknetAdapterOptions, StarknetDeviceSigner, type StarknetNetwork, StellarAdapter, type StellarAdapterOptions, StellarNetwork, UDC_ADDRESS, WalletRegistry, WebCryptoSigner, type WebCryptoSignerOptions, bigIntTo32Bytes, bytesToBigInt, bytesToHex, deriveAddressSeed, deriveAddressSeedSolana, deriveAddressSeedStellar, deriveBackupKey, deviceSignatureScVal, encodeLowSSignature as encodeStellarLowSSignature, generateRecoveryCode, hexToBytes, recoverYParity, sec1Pubkey, signatureToFelts, u256ToFelts };
|
package/dist/index.d.ts
CHANGED
|
@@ -1,6 +1,7 @@
|
|
|
1
|
-
import { A as AuthProvider, I as Identity, W as WalletRegistry, R as RegisteredWallet, D as DevicePublicKey, a as RecoveryClient, P as PendingDeviceRequest, b as DeviceSigner, c as DeviceSignature, C as ChainAdapter, d as ComputeAddressParams, e as ChainCall } from './Cavos-
|
|
2
|
-
export {
|
|
1
|
+
import { A as AuthProvider, I as Identity, W as WalletRegistry, R as RegisteredWallet, D as DevicePublicKey, a as RecoveryClient, P as PendingDeviceRequest, b as DeviceSigner, c as DeviceSignature, C as ChainAdapter, d as ComputeAddressParams, e as ChainCall, f as PasskeyAssertion, S as StellarNetwork } from './Cavos-x9qFpOvJ.js';
|
|
2
|
+
export { g as Cavos, h as CavosSolana, i as CavosStellar, j as CavosWallet, k as Chain, l as ConnectOptions, m as ConnectSolanaOptions, n as ConnectStatus, o as ConnectStellarOptions, p as DEVICE_ACCOUNT_PROGRAM_ID, q as DEVICE_ACCOUNT_WASM_HASH, E as EnrolledPasskey, F as FACTORY_CONTRACT_ID, r as InMemoryWalletRegistry, s as InstructionAccount, t as InstructionData, N as NATIVE_SAC_ID, u as NetworkEnv, v as PasskeyApprovable, w as PasskeyEnrollParams, x as PasskeySigner, y as PasskeySignerOptions, z as RecoverSolanaOptions, B as RecoverStellarOptions, G as RecoveryOptions, H as SECP256R1_PROGRAM_ID, J as SOLANA_NETWORKS, K as STELLAR_NETWORKS, L as SolanaAdapter, M as SolanaAdapterOptions, O as SolanaNetwork, Q as SolanaRelayer, T as SolanaRelayerOptions, U as StaticIdentity, V as StellarRelayer, X as StellarRelayerOptions, Y as anchorDiscriminator, Z as approveDeviceEverywhere, _ as base64urlEncode, $ as batchChallenge, a0 as buildSecp256r1Instruction, a1 as compressedPubkey, a2 as encodeLowSSignature, a3 as lowS, a4 as recoverCandidatePublicKeys, a5 as serializeInstructions, a6 as webauthnDigest } from './Cavos-x9qFpOvJ.js';
|
|
3
3
|
import { Signer, ArraySignatureType } from 'starknet';
|
|
4
|
+
import { rpc, xdr } from '@stellar/stellar-sdk';
|
|
4
5
|
import '@solana/web3.js';
|
|
5
6
|
|
|
6
7
|
interface CavosAuthOptions {
|
|
@@ -91,6 +92,13 @@ declare function deriveAddressSeed({ userId, appSalt }: IdentityInput): bigint;
|
|
|
91
92
|
* address on each chain (different address spaces, one identity).
|
|
92
93
|
*/
|
|
93
94
|
declare function deriveAddressSeedSolana({ userId, appSalt }: IdentityInput): Uint8Array;
|
|
95
|
+
/**
|
|
96
|
+
* Stellar variant: a 32-byte `address_seed` used as the Soroban account's seed
|
|
97
|
+
* and folded (with the initial device signer) into the factory deploy salt.
|
|
98
|
+
* Same identity input as the other chains, SHA-256 hashed, with a Stellar-scoped
|
|
99
|
+
* domain so the same user maps to a distinct address per chain.
|
|
100
|
+
*/
|
|
101
|
+
declare function deriveAddressSeedStellar({ userId, appSalt }: IdentityInput): Uint8Array;
|
|
94
102
|
|
|
95
103
|
interface HttpWalletRegistryOptions {
|
|
96
104
|
/** Cavos backend base URL (e.g. https://cavos.xyz). */
|
|
@@ -249,6 +257,21 @@ declare class StarknetAdapter implements ChainAdapter {
|
|
|
249
257
|
buildRemoveSigner(accountAddress: string, signer: DevicePublicKey): ChainCall;
|
|
250
258
|
isAuthorizedSigner(accountAddress: string, signer: DevicePublicKey): Promise<boolean>;
|
|
251
259
|
buildSignature(txHash: bigint): Promise<string[]>;
|
|
260
|
+
buildAddApprover(accountAddress: string, passkey: DevicePublicKey): ChainCall;
|
|
261
|
+
buildRemoveApprover(accountAddress: string, passkey: DevicePublicKey): ChainCall;
|
|
262
|
+
isApprover(accountAddress: string, passkey: DevicePublicKey): Promise<boolean>;
|
|
263
|
+
/** True if the account has at least one passkey registered as an approver.
|
|
264
|
+
* Lets the UI decide whether to offer passkey approval before prompting. */
|
|
265
|
+
hasPasskeyApprover(accountAddress: string): Promise<boolean>;
|
|
266
|
+
getPasskeyNonce(accountAddress: string): Promise<bigint>;
|
|
267
|
+
/** This chain's leaf for approving `add_signer(newSigner)` at `nonce`:
|
|
268
|
+
* `sha256(new_x || new_y || nonce)` (coords 32B BE, nonce 16B BE). The batch
|
|
269
|
+
* challenge the passkey signs is `sha256(concat(leaves))` across chains. */
|
|
270
|
+
passkeyLeaf(newSigner: DevicePublicKey, nonce: bigint): Uint8Array;
|
|
271
|
+
/** Passkey-authorized `add_signer` call. `leaves`/`leafIndex` place this chain's
|
|
272
|
+
* leaf in the multi-chain batch (single chain → `[leaf]`, index 0). `yParity`
|
|
273
|
+
* matches the raw `(r, s)` — the contract normalizes high-S internally. */
|
|
274
|
+
buildAddSignerViaPasskey(accountAddress: string, newSigner: DevicePublicKey, nonce: bigint, leaves: Uint8Array[], leafIndex: number, assertion: PasskeyAssertion, yParity: boolean): ChainCall;
|
|
252
275
|
}
|
|
253
276
|
|
|
254
277
|
/**
|
|
@@ -290,11 +313,114 @@ declare const UDC_ADDRESS = "0x041a78e741e5af2fec34b695679bc6891742439f7afb8484e
|
|
|
290
313
|
* DeviceAccount class hash, per network. Populated from
|
|
291
314
|
* `account-contracts/starknet/deployments/<network>.json` after declaring.
|
|
292
315
|
*
|
|
293
|
-
*
|
|
294
|
-
*
|
|
316
|
+
* Sepolia re-declared 2026-07-01 with the passkey-approval surface + BATCHED
|
|
317
|
+
* multi-chain challenge (one passkey prompt approves a device on all chains).
|
|
318
|
+
* Mainnet still runs the prior class (no passkey) until it is re-declared.
|
|
295
319
|
*/
|
|
296
320
|
declare const DEVICE_ACCOUNT_CLASS_HASH: Record<StarknetNetwork, string>;
|
|
297
321
|
|
|
322
|
+
interface StellarAdapterOptions {
|
|
323
|
+
network: StellarNetwork;
|
|
324
|
+
/** RPC override (else the network default). */
|
|
325
|
+
rpcUrl?: string;
|
|
326
|
+
/** Factory contract id override (else the per-network default). */
|
|
327
|
+
factoryId?: string;
|
|
328
|
+
/** The device signer that authorizes account operations. */
|
|
329
|
+
signer: DeviceSigner;
|
|
330
|
+
}
|
|
331
|
+
/**
|
|
332
|
+
* Stellar / Soroban implementation of the Cavos device-account surface. Unlike
|
|
333
|
+
* Starknet (`buildSignature(txHash: bigint)`) the Soroban signing unit is a
|
|
334
|
+
* 32-byte Soroban *auth-entry* preimage, so — as the Solana adapter did for its
|
|
335
|
+
* own model — this adapter exposes chain-native methods rather than the generic
|
|
336
|
+
* `ChainAdapter` shape. Its job:
|
|
337
|
+
* - derive the deterministic account address off-chain (matches the factory),
|
|
338
|
+
* - build the factory/account/token invocations as host functions, and
|
|
339
|
+
* - sign a Soroban authorization entry with the silent P-256 device key,
|
|
340
|
+
* producing the `Vec<DeviceSignature>` ScVal that the contract's
|
|
341
|
+
* `__check_auth` verifies.
|
|
342
|
+
*/
|
|
343
|
+
declare class StellarAdapter {
|
|
344
|
+
readonly chain: "stellar";
|
|
345
|
+
readonly network: StellarNetwork;
|
|
346
|
+
readonly passphrase: string;
|
|
347
|
+
private readonly rpcUrl;
|
|
348
|
+
private readonly factoryId;
|
|
349
|
+
private readonly signer;
|
|
350
|
+
private _server?;
|
|
351
|
+
constructor(opts: StellarAdapterOptions);
|
|
352
|
+
server(): rpc.Server;
|
|
353
|
+
private networkId;
|
|
354
|
+
/**
|
|
355
|
+
* Deterministic account address for `(addressSeed, initialSigner)` — computed
|
|
356
|
+
* off-chain, byte-identical to the factory's on-chain `account_address`.
|
|
357
|
+
* `contractId = sha256(HashIdPreimage(networkId, factory, salt))` with
|
|
358
|
+
* `salt = sha256(addressSeed || sec1(initialSigner))`.
|
|
359
|
+
*/
|
|
360
|
+
computeAddress(addressSeed: Uint8Array, initialSigner: DevicePublicKey): string;
|
|
361
|
+
/** `salt = sha256(addressSeed(32) || sec1(initialSigner)(65))` — matches the factory. */
|
|
362
|
+
accountSalt(addressSeed: Uint8Array, initialSigner: DevicePublicKey): Buffer;
|
|
363
|
+
/** Host function: `factory.deploy(address_seed, initial_signer)`. */
|
|
364
|
+
buildDeploy(addressSeed: Uint8Array, initialSigner: DevicePublicKey): xdr.HostFunction;
|
|
365
|
+
/** Host function: `account.add_signer(new_signer)` (requires device auth). */
|
|
366
|
+
buildAddSigner(accountAddress: string, signer: DevicePublicKey): xdr.HostFunction;
|
|
367
|
+
/** Host function: `account.remove_signer(signer)` (requires device auth). */
|
|
368
|
+
buildRemoveSigner(accountAddress: string, signer: DevicePublicKey): xdr.HostFunction;
|
|
369
|
+
/** Host function: `account.add_approver(passkey)` (requires device auth). */
|
|
370
|
+
buildAddApprover(accountAddress: string, passkey: DevicePublicKey): xdr.HostFunction;
|
|
371
|
+
/** Host function: `account.remove_approver(passkey)` (requires device auth). */
|
|
372
|
+
buildRemoveApprover(accountAddress: string, passkey: DevicePublicKey): xdr.HostFunction;
|
|
373
|
+
/** This chain's leaf for approving `add_signer(newSigner)` at `nonce`:
|
|
374
|
+
* `sha256(sec1(new_signer) || nonce_be8)`. The batch challenge the passkey signs
|
|
375
|
+
* is `sha256(concat(leaves))` across chains. */
|
|
376
|
+
passkeyLeaf(newSigner: DevicePublicKey, nonce: bigint): Uint8Array;
|
|
377
|
+
/** Host function: passkey-authorized `add_signer_via_passkey` (no device auth —
|
|
378
|
+
* authorized by the embedded WebAuthn assertion, so any relayer can submit).
|
|
379
|
+
* `leaves`/`leafIndex` place this chain's leaf in the multi-chain batch. */
|
|
380
|
+
buildAddSignerViaPasskey(accountAddress: string, newSigner: DevicePublicKey, passkey: DevicePublicKey, nonce: bigint, leaves: Uint8Array[], leafIndex: number, assertion: PasskeyAssertion): xdr.HostFunction;
|
|
381
|
+
/** Read whether `passkey` is a registered approver (read-only simulation). */
|
|
382
|
+
/** True if the account has at least one passkey registered as an approver.
|
|
383
|
+
* Reads the contract's `approvers` view and checks the list is non-empty. */
|
|
384
|
+
hasPasskeyApprover(accountAddress: string, readSource: string): Promise<boolean>;
|
|
385
|
+
isApprover(accountAddress: string, passkey: DevicePublicKey, readSource: string): Promise<boolean>;
|
|
386
|
+
/** Read the current passkey-approval nonce (read-only simulation). */
|
|
387
|
+
passkeyNonce(accountAddress: string, readSource: string): Promise<bigint>;
|
|
388
|
+
/** Host function: SEP-41 `token.transfer(from=account, to, amount)` (device auth). */
|
|
389
|
+
buildTransfer(tokenId: string, accountAddress: string, destination: string, amount: bigint): xdr.HostFunction;
|
|
390
|
+
/**
|
|
391
|
+
* Sign a Soroban authorization entry with the silent device key, producing the
|
|
392
|
+
* `Vec<DeviceSignature>` the account's `__check_auth` verifies. The device
|
|
393
|
+
* signs `sha256(preimage)` (WebCrypto hashes once more internally), which is
|
|
394
|
+
* exactly what the contract recomputes. Mutates + returns the entry.
|
|
395
|
+
*/
|
|
396
|
+
signAuthEntry(entry: xdr.SorobanAuthorizationEntry, validUntilLedger: number): Promise<xdr.SorobanAuthorizationEntry>;
|
|
397
|
+
/**
|
|
398
|
+
* Read a SEP-41 token balance of `account` via a read-only simulation of
|
|
399
|
+
* `token.balance(account)`. Returns 0 when the account isn't deployed or holds
|
|
400
|
+
* none. `readSource` is any funded G-account (used only for the simulation).
|
|
401
|
+
*/
|
|
402
|
+
readBalance(tokenId: string, account: string, readSource: string): Promise<bigint>;
|
|
403
|
+
/** Whether the account contract instance exists on-chain (is deployed). */
|
|
404
|
+
isDeployed(accountAddress: string): Promise<boolean>;
|
|
405
|
+
/**
|
|
406
|
+
* Read whether `signer` is a currently-authorized signer of the account, via a
|
|
407
|
+
* read-only simulation of `account.is_authorized(signer)`. `readSource` is any
|
|
408
|
+
* funded G-account (used only for the simulation's source/sequence).
|
|
409
|
+
*/
|
|
410
|
+
isAuthorizedSigner(accountAddress: string, signer: DevicePublicKey, readSource: string): Promise<boolean>;
|
|
411
|
+
}
|
|
412
|
+
/** SEC-1 uncompressed P-256 public key (65 bytes: 0x04 || X || Y). */
|
|
413
|
+
declare function sec1Pubkey(pk: DevicePublicKey): Uint8Array;
|
|
414
|
+
/** Raw 64-byte `r || s`, normalized to low-S (secp256r1_verify requires it). */
|
|
415
|
+
declare function encodeLowSSignature(sig: DeviceSignature): Uint8Array;
|
|
416
|
+
/**
|
|
417
|
+
* The `Vec<DeviceSignature>` ScVal the contract's `__check_auth` decodes. Each
|
|
418
|
+
* element is a struct `{ public_key: BytesN<65>, signature: BytesN<64> }`.
|
|
419
|
+
* Soroban serializes a struct as a symbol-keyed map sorted by key; `public_key`
|
|
420
|
+
* precedes `signature`, so `nativeToScVal` (which sorts) yields the exact layout.
|
|
421
|
+
*/
|
|
422
|
+
declare function deviceSignatureScVal(pubkey: DevicePublicKey, sig: DeviceSignature): xdr.ScVal;
|
|
423
|
+
|
|
298
424
|
/**
|
|
299
425
|
* Serialize a device signature to the felt array for `tx_info.signature`:
|
|
300
426
|
* [ r_low, r_high, s_low, s_high, y_parity ]
|
|
@@ -320,4 +446,4 @@ declare function hexToBytes(hex: string): Uint8Array;
|
|
|
320
446
|
/** A felt/bigint -> 32-byte big-endian Uint8Array (the tx-hash width). */
|
|
321
447
|
declare function bigIntTo32Bytes(value: bigint): Uint8Array;
|
|
322
448
|
|
|
323
|
-
export { AuthProvider, BackupSigner, CavosAuth, type CavosAuthOptions, ChainAdapter, ChainCall, ComputeAddressParams, DEVICE_ACCOUNT_CLASS_HASH, DevicePublicKey, DeviceSignature, DeviceSigner, HttpRecoveryClient, type HttpRecoveryClientOptions, HttpWalletRegistry, type HttpWalletRegistryOptions, Identity, type IdentityInput, PendingDeviceRequest, RecoveryClient, RegisteredWallet, STARKNET_NETWORKS, StarknetAdapter, type StarknetAdapterOptions, StarknetDeviceSigner, type StarknetNetwork, UDC_ADDRESS, WalletRegistry, WebCryptoSigner, type WebCryptoSignerOptions, bigIntTo32Bytes, bytesToBigInt, bytesToHex, deriveAddressSeed, deriveAddressSeedSolana, deriveBackupKey, generateRecoveryCode, hexToBytes, recoverYParity, signatureToFelts, u256ToFelts };
|
|
449
|
+
export { AuthProvider, BackupSigner, CavosAuth, type CavosAuthOptions, ChainAdapter, ChainCall, ComputeAddressParams, DEVICE_ACCOUNT_CLASS_HASH, DevicePublicKey, DeviceSignature, DeviceSigner, HttpRecoveryClient, type HttpRecoveryClientOptions, HttpWalletRegistry, type HttpWalletRegistryOptions, Identity, type IdentityInput, PasskeyAssertion, PendingDeviceRequest, RecoveryClient, RegisteredWallet, STARKNET_NETWORKS, StarknetAdapter, type StarknetAdapterOptions, StarknetDeviceSigner, type StarknetNetwork, StellarAdapter, type StellarAdapterOptions, StellarNetwork, UDC_ADDRESS, WalletRegistry, WebCryptoSigner, type WebCryptoSignerOptions, bigIntTo32Bytes, bytesToBigInt, bytesToHex, deriveAddressSeed, deriveAddressSeedSolana, deriveAddressSeedStellar, deriveBackupKey, deviceSignatureScVal, encodeLowSSignature as encodeStellarLowSSignature, generateRecoveryCode, hexToBytes, recoverYParity, sec1Pubkey, signatureToFelts, u256ToFelts };
|