npm - @chainlink/cre-sdk - Versions diffs - 1.6.0-alpha.1 → 1.6.0-alpha.2 - Mend

@chainlink/cre-sdk 1.6.0-alpha.1 → 1.6.0-alpha.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (94) hide show

package/dist/sdk/don-info.d.ts ADDED Viewed

@@ -0,0 +1,10 @@
+export type Environment = {
+    chainSelector: bigint;
+    registryAddress: string;
+};
+export type Zone = {
+    environment: Environment;
+    donID: number;
+};
+export declare function productionEnvironment(): Environment;
+export declare function zoneFromEnvironment(environment: Environment, donID: number): Zone;

package/dist/sdk/don-info.js ADDED Viewed

@@ -0,0 +1,9 @@
+export function productionEnvironment() {
+    return {
+        chainSelector: 5009297550715157269n,
+        registryAddress: '0x76c9cf548b4179F8901cda1f8623568b58215E62',
+    };
+}
+export function zoneFromEnvironment(environment, donID) {
+    return { environment, donID };
+}

package/dist/sdk/errors.d.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { type SecretRequest } from '../generated/sdk/v1alpha/sdk_pb';
+import type { SecretRequest } from '../generated/sdk/v1alpha/sdk_pb';
 export declare class DonModeError extends Error {
     constructor();
 }
@@ -10,3 +10,26 @@ export declare class SecretsError extends Error {
     error: string;
     constructor(secretRequest: SecretRequest, error: string);
 }
+export declare class NullReportError extends Error {
+    constructor();
+}
+export declare class WrongSignatureCountError extends Error {
+    constructor();
+}
+export declare class ParseSignatureError extends Error {
+    constructor();
+}
+export declare class RecoverSignerError extends Error {
+    constructor();
+}
+export declare class UnknownSignerError extends Error {
+    constructor();
+}
+export declare class DuplicateSignerError extends Error {
+    constructor();
+}
+export declare class RawReportTooShortError extends Error {
+    readonly need: number;
+    readonly got: number;
+    constructor(need: number, got: number);
+}

package/dist/sdk/errors.js CHANGED Viewed

@@ -1,4 +1,3 @@
-import { Mode } from '../generated/sdk/v1alpha/sdk_pb';
 export class DonModeError extends Error {
     constructor() {
         super('cannot use Runtime inside RunInNodeMode');
@@ -21,3 +20,49 @@ export class SecretsError extends Error {
         this.name = 'SecretsError';
     }
 }
+export class NullReportError extends Error {
+    constructor() {
+        super('null report');
+        this.name = 'NullReportError';
+    }
+}
+export class WrongSignatureCountError extends Error {
+    constructor() {
+        super('wrong number of signatures');
+        this.name = 'WrongSignatureCountError';
+    }
+}
+export class ParseSignatureError extends Error {
+    constructor() {
+        super('failed to parse signature');
+        this.name = 'ParseSignatureError';
+    }
+}
+export class RecoverSignerError extends Error {
+    constructor() {
+        super('failed to recover signer address from signature');
+        this.name = 'RecoverSignerError';
+    }
+}
+export class UnknownSignerError extends Error {
+    constructor() {
+        super('invalid signature');
+        this.name = 'UnknownSignerError';
+    }
+}
+export class DuplicateSignerError extends Error {
+    constructor() {
+        super('duplicate signer');
+        this.name = 'DuplicateSignerError';
+    }
+}
+export class RawReportTooShortError extends Error {
+    need;
+    got;
+    constructor(need, got) {
+        super(`raw report too short to contain metadata header: need ${need} bytes, got ${got}`);
+        this.need = need;
+        this.got = got;
+        this.name = 'RawReportTooShortError';
+    }
+}

package/dist/sdk/index.d.ts CHANGED Viewed

@@ -1,4 +1,6 @@
 export * from './cre';
+export * from './don-info';
+export * from './errors';
 export * from './report';
 export type * from './runtime';
 export * from './runtime';

package/dist/sdk/index.js CHANGED Viewed

@@ -1,4 +1,6 @@
 export * from './cre';
+export * from './don-info';
+export * from './errors';
 export * from './report';
 export * from './runtime';
 export * from './types/bufbuild-types';

package/dist/sdk/report-internals.d.ts ADDED Viewed

@@ -0,0 +1,6 @@
+import type { Address } from 'viem';
+export type DonInfo = {
+    f: number;
+    signers: Map<Address, number>;
+};
+export declare var donInfoCache: Map<string, DonInfo>;

package/dist/sdk/report-internals.js ADDED Viewed

@@ -0,0 +1,3 @@
+// Do not re-export in index.ts to avoid exposing it to the public API.
+// donInfoCache exists outside Report to allow testing to clear the cache.
+export var donInfoCache = new Map();

package/dist/sdk/report.d.ts CHANGED Viewed

@@ -1,6 +1,44 @@
 import { type ReportResponse, type ReportResponseJson } from '../generated/sdk/v1alpha/sdk_pb';
+import { type Environment, type Zone } from './don-info';
+import type { BaseRuntime } from './runtime';
+export type ReportParseConfig = {
+    acceptedZones?: Zone[];
+    acceptedEnvironments?: Environment[];
+    skipSignatureVerification?: boolean;
+};
+export declare const REPORT_METADATA_HEADER_LENGTH = 109;
+export type ReportMetadataHeader = {
+    version: number;
+    executionId: string;
+    timestamp: number;
+    donId: number;
+    donConfigVersion: number;
+    workflowId: string;
+    workflowName: string;
+    workflowOwner: string;
+    reportId: string;
+    body: Uint8Array;
+};
 export declare class Report {
     private readonly report;
+    private cachedHeader;
     constructor(report: ReportResponse | ReportResponseJson);
+    static parse(runtime: BaseRuntime<unknown>, rawReport: Uint8Array, signatures: Uint8Array[], reportContext: Uint8Array, config?: ReportParseConfig): Promise<Report>;
+    private parseHeader;
+    private verifySignaturesWithConfig;
+    seqNr(): bigint;
+    configDigest(): Uint8Array;
+    reportContext(): Uint8Array;
+    rawReport(): Uint8Array;
+    version(): number;
+    executionId(): string;
+    timestamp(): number;
+    donId(): number;
+    donConfigVersion(): number;
+    workflowId(): string;
+    workflowName(): string;
+    workflowOwner(): string;
+    reportId(): string;
+    body(): Uint8Array;
     x_generatedCodeOnly_unwrap(): ReportResponse;
 }

package/dist/sdk/report.js CHANGED Viewed

@@ -1,12 +1,499 @@
-import { fromJson } from '@bufbuild/protobuf';
-import { ReportResponseSchema, } from '../generated/sdk/v1alpha/sdk_pb';
+import { create, fromJson } from '@bufbuild/protobuf';
+import { BinaryReader, WireType } from '@bufbuild/protobuf/wire';
+import { AnySchema } from '@bufbuild/protobuf/wkt';
+import { AttributedSignatureSchema, AwaitCapabilitiesRequestSchema, CapabilityRequestSchema, ReportResponseSchema, } from '../generated/sdk/v1alpha/sdk_pb';
+import { concatHex, getAddress, hexToBytes, keccak256, recoverAddress, toHex } from 'viem';
+import { productionEnvironment } from './don-info';
+import { DuplicateSignerError, NullReportError, ParseSignatureError, RawReportTooShortError, RecoverSignerError, UnknownSignerError, WrongSignatureCountError, } from './errors';
+import { donInfoCache } from './report-internals';
+const GET_DON_SELECTOR = new Uint8Array([0x23, 0x53, 0x74, 0x05]);
+const GET_NODES_BY_P2P_IDS_SELECTOR = new Uint8Array([0x05, 0xa5, 0x19, 0x66]);
+function cacheKey(env, donID) {
+    return `${env.chainSelector.toString()}:${donID}`;
+}
+function normalizeRegistryHex(addr) {
+    return addr
+        .trim()
+        .replace(/^0[xX]/, '')
+        .toLowerCase();
+}
+function isProductionEnvironmentForReport(env) {
+    const pe = productionEnvironment();
+    return (env.chainSelector === pe.chainSelector &&
+        normalizeRegistryHex(env.registryAddress) === normalizeRegistryHex(pe.registryAddress));
+}
+function decodeRegistryAddress(registryAddress) {
+    const hex = normalizeRegistryHex(registryAddress);
+    if (hex.length !== 40) {
+        throw new Error(`invalid registry address ${JSON.stringify(registryAddress)}`);
+    }
+    return hexToBytes(`0x${hex}`);
+}
+function padUint256(v) {
+    const n = typeof v === 'bigint' ? v : BigInt(v);
+    const b = new Uint8Array(32);
+    const view = new DataView(b.buffer);
+    view.setBigUint64(24, n, false);
+    return b;
+}
+function bytesToBigIntBE(word) {
+    let x = 0n;
+    for (let i = 0; i < word.length; i++) {
+        x = (x << 8n) | BigInt(word[i]);
+    }
+    return x;
+}
+function readUint256AsInt(word) {
+    const b = bytesToBigIntBE(word);
+    if (b > BigInt(Number.MAX_SAFE_INTEGER)) {
+        throw new Error('ABI uint256 value too large for Number');
+    }
+    return Number(b);
+}
+function protoVarint(v) {
+    const out = [];
+    let n = typeof v === 'bigint' ? v : BigInt(v);
+    while (n >= 128n) {
+        out.push(Number(n & 0x7fn) | 0x80);
+        n >>= 7n;
+    }
+    out.push(Number(n));
+    return out;
+}
+function protoTag(field, wireType) {
+    return protoVarint((field << 3) | wireType);
+}
+function protoLenBytes(data) {
+    return [...protoVarint(data.length), ...data];
+}
+function buildCallContractRequestBytes(registryAddr, callData) {
+    const callMsg = new Uint8Array([
+        ...protoTag(2, 2),
+        ...protoLenBytes(registryAddr),
+        ...protoTag(3, 2),
+        ...protoLenBytes(callData),
+    ]);
+    const bigInt = new Uint8Array([
+        ...protoTag(1, 2),
+        ...protoLenBytes(new Uint8Array([0x03])),
+        ...protoTag(2, 0),
+        ...protoVarint(0xffffffffffffffffn),
+    ]);
+    return new Uint8Array([
+        ...protoTag(2, 2),
+        ...protoLenBytes(bigInt),
+        ...protoTag(1, 2),
+        ...protoLenBytes(callMsg),
+    ]);
+}
+function decodeCallContractReplyData(bytes) {
+    const reader = new BinaryReader(bytes);
+    while (reader.pos < reader.len) {
+        const [fieldNo, wireType] = reader.tag();
+        if (fieldNo === 1 && wireType === WireType.LengthDelimited) {
+            return reader.bytes();
+        }
+        reader.skip(wireType);
+    }
+    throw new Error('data field not found in CallContractReply');
+}
+const CALL_CONTRACT_REQUEST_TYPE_URL = 'type.googleapis.com/capabilities.blockchain.evm.v1alpha.CallContractRequest';
+function callContract(runtime, capID, registryAddr, callData) {
+    const reqBytes = buildCallContractRequestBytes(registryAddr, callData);
+    const anyPayload = create(AnySchema, {
+        typeUrl: CALL_CONTRACT_REQUEST_TYPE_URL,
+        value: reqBytes,
+    });
+    // biome-ignore lint/suspicious/noExplicitAny: intentional bypass of typed callCapability to avoid EVM schema imports
+    const rt = runtime;
+    const callbackId = rt.nextCallId++;
+    const req = create(CapabilityRequestSchema, {
+        id: capID,
+        method: 'CallContract',
+        payload: anyPayload,
+        callbackId,
+    });
+    if (!rt.helpers.call(req)) {
+        throw new Error(`EVM capability '${capID}' not found`);
+    }
+    // Must use create() — the real WASM bridge serializes this as a protobuf message and
+    // requires a proper typed message (with $typeName). A plain { ids: [...] } object works
+    // in the test runtime but silently breaks in simulation.
+    const awaitResp = rt.helpers.await(create(AwaitCapabilitiesRequestSchema, { ids: [callbackId] }), rt.maxResponseSize);
+    const capResp = awaitResp?.responses?.[callbackId];
+    if (!capResp) {
+        throw new Error(`no response from EVM capability '${capID}'`);
+    }
+    const response = capResp.response;
+    if (response.case === 'error') {
+        throw new Error(response.value);
+    }
+    if (response.case !== 'payload') {
+        throw new Error(`unexpected response '${response.case}' from EVM capability '${capID}'`);
+    }
+    return decodeCallContractReplyData(response.value.value);
+}
+function encodeGetDONCalldata(donID) {
+    const padded = new Uint8Array(32);
+    const view = new DataView(padded.buffer);
+    view.setUint32(28, donID >>> 0, false);
+    const out = new Uint8Array(4 + 32);
+    out.set(GET_DON_SELECTOR, 0);
+    out.set(padded, 4);
+    return out;
+}
+function concatBytes(parts) {
+    const total = parts.reduce((n, p) => n + p.length, 0);
+    const r = new Uint8Array(total);
+    let o = 0;
+    for (const p of parts) {
+        r.set(p, o);
+        o += p.length;
+    }
+    return r;
+}
+function encodeGetNodesByP2PIdsCalldata(p2pIds) {
+    const chunks = [
+        GET_NODES_BY_P2P_IDS_SELECTOR,
+        padUint256(32),
+        padUint256(p2pIds.length),
+    ];
+    for (const id of p2pIds) {
+        if (id.length !== 32) {
+            throw new Error('p2p id must be 32 bytes');
+        }
+        chunks.push(new Uint8Array(id));
+    }
+    return concatBytes(chunks);
+}
+const NODE_TUPLE_HEAD_SIZE = 288;
+function fetchDONInfo(runtime, env, donID) {
+    const key = cacheKey(env, donID);
+    const hit = donInfoCache.get(key);
+    if (hit) {
+        return hit;
+    }
+    const registryAddr = decodeRegistryAddress(env.registryAddress);
+    const capID = `evm:ChainSelector:${env.chainSelector.toString()}@1.0.0`;
+    const getDONABI = callContract(runtime, capID, registryAddr, encodeGetDONCalldata(donID));
+    if (getDONABI.length < 224) {
+        throw new Error(`getDON ABI response too short: ${getDONABI.length} bytes`);
+    }
+    const f = readUint256AsInt(getDONABI.subarray(96, 128));
+    const tupleStart = 32;
+    const nodeP2PIdsPtr = readUint256AsInt(getDONABI.subarray(192, 224));
+    const nodeCountOff = tupleStart + nodeP2PIdsPtr;
+    if (nodeCountOff + 32 > getDONABI.length) {
+        throw new Error('getDON ABI: nodeP2PIds pointer out of range');
+    }
+    const nodeCount = readUint256AsInt(getDONABI.subarray(nodeCountOff, nodeCountOff + 32));
+    if (nodeCountOff + 32 + nodeCount * 32 > getDONABI.length) {
+        throw new Error('getDON ABI: nodeP2PIds data out of range');
+    }
+    const nodeP2PIds = [];
+    for (let i = 0; i < nodeCount; i++) {
+        const start = nodeCountOff + 32 + i * 32;
+        nodeP2PIds.push(getDONABI.subarray(start, start + 32));
+    }
+    if (nodeCount === 0) {
+        const info = { f, signers: new Map() };
+        donInfoCache.set(key, info);
+        return info;
+    }
+    const getNodesABI = callContract(runtime, capID, registryAddr, encodeGetNodesByP2PIdsCalldata(nodeP2PIds));
+    if (getNodesABI.length < 64) {
+        throw new Error(`getNodesByP2PIds ABI response too short: ${getNodesABI.length} bytes`);
+    }
+    const outerPtr = readUint256AsInt(getNodesABI.subarray(0, 32));
+    if (outerPtr + 32 > getNodesABI.length) {
+        throw new Error('getNodesByP2PIds ABI: outer pointer out of range');
+    }
+    const returnedCount = readUint256AsInt(getNodesABI.subarray(outerPtr, outerPtr + 32));
+    const signers = new Map();
+    for (let i = 0; i < returnedCount; i++) {
+        const elemPtrOff = outerPtr + 32 + i * 32;
+        if (elemPtrOff + 32 > getNodesABI.length) {
+            break;
+        }
+        const elemPtr = readUint256AsInt(getNodesABI.subarray(elemPtrOff, elemPtrOff + 32));
+        const tupleBase = outerPtr + 32 + elemPtr;
+        if (tupleBase + NODE_TUPLE_HEAD_SIZE > getNodesABI.length) {
+            break;
+        }
+        const nodeOperatorId = Number(bytesToBigIntBE(getNodesABI.subarray(tupleBase, tupleBase + 32)) & 0xffffffffn);
+        const signerSlot = tupleBase + 3 * 32;
+        const addrBytes = getNodesABI.subarray(signerSlot, signerSlot + 20);
+        const addr = getAddress(toHex(addrBytes));
+        signers.set(addr, nodeOperatorId);
+    }
+    const info = { f, signers };
+    if (donID === 1 && isProductionEnvironmentForReport(env)) {
+        const patch = (hexAddr, id) => {
+            info.signers.set(getAddress(hexAddr), id);
+        };
+        patch('0xcdf20f8ffd41b02c680988b20e68735cc8c1ca17', 5 + 1);
+        patch('0xff9b062fccb2f042311343048b9518068370f837', 4 + 1);
+        patch('0xde5cd1dd4300a0b4854f8223add60d20e1dfe21b', 1 + 1);
+        patch('0x4d6cfd44f94408a39fb1af94a53c107a730ba161', 9 + 1);
+        patch('0xf3baa9a99b5ad64f50779f449bac83baac8bfdb6', 0 + 1);
+        patch('0xd7f22fb5382ff477d2ff5c702cab0ef8abf18233', 7 + 1);
+        patch('0x4d7d71c7e584cfa1f5c06275e5d283b9d3176924', 8 + 1);
+        patch('0x1a89c98e75983ec384ad8e83eaf7d0176eeaf155', 3 + 1);
+        patch('0x4f99b550623e77b807df7cbed9c79d55e1163b48', 2 + 1);
+        patch('0xe55fcaf921e76c6bbcf9415bba12b1236f07b0c3', 6 + 1);
+    }
+    donInfoCache.set(key, info);
+    return info;
+}
+function computeReportHash(rawReport, reportContext) {
+    const innerHash = keccak256(toHex(rawReport));
+    return keccak256(concatHex([innerHash, toHex(reportContext)]));
+}
+function addressKeyNo0x(addr) {
+    return addr.slice(2).toLowerCase();
+}
+async function verifySigs(report, f, signers) {
+    const required = f + 1;
+    const sigs = report.sigs;
+    if (sigs.length < required) {
+        throw new WrongSignatureCountError();
+    }
+    const reportHash = computeReportHash(report.rawReport, report.reportContext);
+    const seen = new Set();
+    const accepted = [];
+    const skipErrs = [];
+    for (let i = 0; i < sigs.length; i++) {
+        if (accepted.length === required) {
+            break;
+        }
+        const attrSig = sigs[i];
+        const sigBytes = new Uint8Array(attrSig.signature);
+        if (sigBytes.length !== 65) {
+            skipErrs.push(new ParseSignatureError());
+            continue;
+        }
+        const normalized = new Uint8Array(sigBytes);
+        if (normalized[64] === 27 || normalized[64] === 28) {
+            normalized[64] -= 27;
+        }
+        let recovered;
+        try {
+            recovered = await recoverAddress({
+                hash: reportHash,
+                signature: toHex(normalized),
+            });
+        }
+        catch {
+            skipErrs.push(new RecoverSignerError());
+            continue;
+        }
+        const key = addressKeyNo0x(recovered);
+        if (seen.has(key)) {
+            skipErrs.push(new DuplicateSignerError());
+            continue;
+        }
+        seen.add(key);
+        const nodeOperatorId = signers.get(key);
+        if (nodeOperatorId === undefined) {
+            skipErrs.push(new UnknownSignerError());
+            continue;
+        }
+        attrSig.signerId = nodeOperatorId;
+        accepted.push(attrSig);
+    }
+    if (accepted.length < required) {
+        if (skipErrs.length > 0) {
+            throw new AggregateError(skipErrs);
+        }
+        throw new WrongSignatureCountError();
+    }
+    report.sigs = accepted;
+}
+function mergeReportParseConfig(overrides) {
+    return {
+        acceptedZones: overrides?.acceptedZones ?? [],
+        acceptedEnvironments: overrides !== undefined ? (overrides.acceptedEnvironments ?? []) : [productionEnvironment()],
+        skipSignatureVerification: overrides?.skipSignatureVerification ?? false,
+    };
+}
+function normalizeDonSigners(signers) {
+    const out = new Map();
+    for (const [addr, id] of signers) {
+        out.set(addr.slice(2).toLowerCase(), id);
+    }
+    return out;
+}
+export const REPORT_METADATA_HEADER_LENGTH = 109;
+const REPORT_METADATA_OFFSETS = {
+    version: 0,
+    versionSize: 1,
+    executionId: 1,
+    executionIdSize: 32,
+    timestamp: 33,
+    timestampSize: 4,
+    donId: 37,
+    donIdSize: 4,
+    donConfigVersion: 41,
+    donConfigVersionSize: 4,
+    workflowId: 45,
+    workflowIdSize: 32,
+    workflowName: 77,
+    workflowNameSize: 10,
+    workflowOwner: 87,
+    workflowOwnerSize: 20,
+    reportId: 107,
+    reportIdSize: 2,
+    bodyStart: 109,
+};
+function encodeHexLower(bytes) {
+    let out = '';
+    for (let i = 0; i < bytes.length; i++) {
+        out += bytes[i].toString(16).padStart(2, '0');
+    }
+    return out;
+}
+function readUint32BE(raw, offset) {
+    return new DataView(raw.buffer, raw.byteOffset + offset, 4).getUint32(0, false);
+}
+function parseReportMetadataHeader(raw) {
+    if (raw === undefined || raw === null) {
+        throw new NullReportError();
+    }
+    if (raw.length < REPORT_METADATA_HEADER_LENGTH) {
+        throw new RawReportTooShortError(REPORT_METADATA_HEADER_LENGTH, raw.length);
+    }
+    const o = REPORT_METADATA_OFFSETS;
+    const workflowNameBytes = raw.subarray(o.workflowName, o.workflowName + o.workflowNameSize);
+    return {
+        version: raw[o.version],
+        executionId: encodeHexLower(raw.subarray(o.executionId, o.executionId + o.executionIdSize)),
+        timestamp: readUint32BE(raw, o.timestamp),
+        donId: readUint32BE(raw, o.donId),
+        donConfigVersion: readUint32BE(raw, o.donConfigVersion),
+        workflowId: encodeHexLower(raw.subarray(o.workflowId, o.workflowId + o.workflowIdSize)),
+        workflowName: new TextDecoder('utf-8', { fatal: false }).decode(workflowNameBytes),
+        workflowOwner: encodeHexLower(raw.subarray(o.workflowOwner, o.workflowOwner + o.workflowOwnerSize)),
+        reportId: encodeHexLower(raw.subarray(o.reportId, o.reportId + o.reportIdSize)),
+        body: raw.subarray(REPORT_METADATA_HEADER_LENGTH),
+    };
+}
 export class Report {
     report;
+    cachedHeader;
     constructor(report) {
         this.report = report.$typeName
             ? report
             : fromJson(ReportResponseSchema, report);
     }
+    static async parse(runtime, rawReport, signatures, reportContext, config) {
+        const configDigest = reportContext.length >= 32 ? reportContext.slice(0, 32) : new Uint8Array(32);
+        const seqNr = reportContext.length >= 40
+            ? new DataView(reportContext.buffer, reportContext.byteOffset + 32, 8).getBigUint64(0, false)
+            : 0n;
+        const reportResponse = create(ReportResponseSchema, {
+            configDigest,
+            seqNr,
+            reportContext,
+            rawReport,
+            sigs: signatures.map((signature) => create(AttributedSignatureSchema, { signature, signerId: 0 })),
+        });
+        const merged = mergeReportParseConfig(config);
+        const report = new Report(reportResponse);
+        if (merged.skipSignatureVerification) {
+            report.donId();
+            return report;
+        }
+        await report.verifySignaturesWithConfig(runtime, merged);
+        return report;
+    }
+    parseHeader() {
+        if (this.cachedHeader !== undefined) {
+            return this.cachedHeader;
+        }
+        this.cachedHeader = parseReportMetadataHeader(this.report.rawReport);
+        return this.cachedHeader;
+    }
+    async verifySignaturesWithConfig(runtime, config) {
+        const donId = this.donId();
+        const candidates = [];
+        for (const z of config.acceptedZones) {
+            if (z.donID === donId) {
+                candidates.push(z.environment);
+            }
+        }
+        candidates.push(...config.acceptedEnvironments);
+        if (candidates.length === 0) {
+            throw new Error(`DON ID ${donId} is not in accepted zones`);
+        }
+        const fetchFailures = [];
+        let lastVerifyErr = null;
+        for (const env of candidates) {
+            let info;
+            try {
+                info = fetchDONInfo(runtime, env, donId);
+            }
+            catch (err) {
+                const msg = err instanceof Error ? err.message : String(err);
+                fetchFailures.push(new Error(`could not read from chain ${env.chainSelector} contract ${env.registryAddress}: ${msg}`));
+                continue;
+            }
+            try {
+                await verifySigs(this.report, info.f, normalizeDonSigners(info.signers));
+                return;
+            }
+            catch (err) {
+                lastVerifyErr = err instanceof Error ? err : new Error(String(err));
+            }
+        }
+        if (fetchFailures.length > 0) {
+            throw new AggregateError(fetchFailures, fetchFailures.map((e) => e.message).join('\n'));
+        }
+        if (lastVerifyErr !== null) {
+            throw lastVerifyErr;
+        }
+    }
+    seqNr() {
+        return this.report.seqNr;
+    }
+    configDigest() {
+        return this.report.configDigest;
+    }
+    reportContext() {
+        return this.report.reportContext;
+    }
+    rawReport() {
+        return this.report.rawReport;
+    }
+    version() {
+        return this.parseHeader().version;
+    }
+    executionId() {
+        return this.parseHeader().executionId;
+    }
+    timestamp() {
+        return this.parseHeader().timestamp;
+    }
+    donId() {
+        return this.parseHeader().donId;
+    }
+    donConfigVersion() {
+        return this.parseHeader().donConfigVersion;
+    }
+    workflowId() {
+        return this.parseHeader().workflowId;
+    }
+    workflowName() {
+        return this.parseHeader().workflowName;
+    }
+    workflowOwner() {
+        return this.parseHeader().workflowOwner;
+    }
+    reportId() {
+        return this.parseHeader().reportId;
+    }
+    body() {
+        return this.parseHeader().body;
+    }
     // x_generatedCodeOnly_unwrap is meant to be used by the code generator only.
     x_generatedCodeOnly_unwrap() {
         return this.report;

package/dist/sdk/testutils/test-runtime.js CHANGED Viewed

@@ -166,6 +166,10 @@ function createTestRuntimeHelpers(registry, secrets, testWriter, state, _maxResp
             return true;
         },
         await(request, maxResponseSizeBytes) {
+            if (request.$typeName !==
+                'sdk.v1alpha.AwaitCapabilitiesRequest') {
+                throw new Error('await: expected a typed AwaitCapabilitiesRequest (created via create(AwaitCapabilitiesRequestSchema, ...)); got a plain object. The real WASM bridge serializes this to binary and will fail with a plain object.');
+            }
             const responses = {};
             for (const id of request.ids) {
                 const resp = pendingCalls.get(id);