@cogcoin/client 0.5.6 → 0.5.7

package/dist/wallet/runtime.js

@@ -1,21 +1,63 @@
+import { join } from "node:path";
 import { resolveCogcoinPathsForTesting } from "../app-paths.js";
+function resolveSeedLayout(sharedStateRoot, sharedRuntimeRoot, seedName) {
+    if (seedName === "main") {
+        return {
+            seedKind: "main",
+            walletStateRoot: sharedStateRoot,
+            walletRuntimeRoot: sharedRuntimeRoot,
+        };
+    }
+    return {
+        seedKind: "imported",
+        walletStateRoot: join(sharedStateRoot, "seeds", seedName),
+        walletRuntimeRoot: join(sharedRuntimeRoot, "seeds", seedName),
+    };
+}
+export function deriveWalletRuntimePathsForSeed(basePaths, seedName) {
+    const resolvedSeedName = seedName ?? "main";
+    const seedLayout = resolveSeedLayout(basePaths.stateRoot, basePaths.runtimeRoot, resolvedSeedName);
+    return {
+        ...basePaths,
+        walletRuntimeRoot: seedLayout.walletRuntimeRoot,
+        walletStateRoot: seedLayout.walletStateRoot,
+        selectedSeedName: resolvedSeedName,
+        selectedSeedKind: seedLayout.seedKind,
+        walletStateDirectory: seedLayout.walletStateRoot,
+        walletStatePath: join(seedLayout.walletStateRoot, "wallet-state.enc"),
+        walletStateBackupPath: join(seedLayout.walletStateRoot, "wallet-state.enc.bak"),
+        walletInitPendingPath: join(seedLayout.walletStateRoot, "wallet-init-pending.enc"),
+        walletInitPendingBackupPath: join(seedLayout.walletStateRoot, "wallet-init-pending.enc.bak"),
+        walletUnlockSessionPath: join(seedLayout.walletRuntimeRoot, "wallet-unlock-session.enc"),
+        walletExplicitLockPath: join(seedLayout.walletRuntimeRoot, "wallet-explicit-lock.json"),
+        miningRoot: join(seedLayout.walletRuntimeRoot, "mining"),
+        miningStatusPath: join(seedLayout.walletRuntimeRoot, "mining", "status.json"),
+        miningEventsPath: join(seedLayout.walletRuntimeRoot, "mining", "events.jsonl"),
+    };
+}
 export function resolveWalletRuntimePathsForTesting(resolution = {}) {
     const paths = resolveCogcoinPathsForTesting(resolution);
-    return {
+    return deriveWalletRuntimePathsForSeed({
         dataRoot: paths.dataRoot,
         clientDataDir: paths.clientDataDir,
         clientConfigPath: paths.clientConfigPath,
         runtimeRoot: paths.runtimeRoot,
+        walletRuntimeRoot: paths.runtimeRoot,
         hooksRoot: paths.hooksRoot,
         stateRoot: paths.stateRoot,
+        walletStateRoot: paths.stateRoot,
+        seedRegistryPath: join(paths.stateRoot, "seed-index.json"),
+        selectedSeedName: "main",
+        selectedSeedKind: "main",
         bitcoinDataDir: paths.bitcoinDataDir,
         indexerRoot: paths.indexerRoot,
-        walletStatePath: paths.walletStatePath,
-        walletStateBackupPath: paths.walletStateBackupPath,
-        walletInitPendingPath: paths.walletInitPendingPath,
-        walletInitPendingBackupPath: paths.walletInitPendingBackupPath,
-        walletUnlockSessionPath: paths.walletUnlockSessionPath,
-        walletExplicitLockPath: paths.walletExplicitLockPath,
+        walletStateDirectory: paths.stateRoot,
+        walletStatePath: join(paths.stateRoot, "wallet-state.enc"),
+        walletStateBackupPath: join(paths.stateRoot, "wallet-state.enc.bak"),
+        walletInitPendingPath: join(paths.stateRoot, "wallet-init-pending.enc"),
+        walletInitPendingBackupPath: join(paths.stateRoot, "wallet-init-pending.enc.bak"),
+        walletUnlockSessionPath: join(paths.runtimeRoot, "wallet-unlock-session.enc"),
+        walletExplicitLockPath: join(paths.runtimeRoot, "wallet-explicit-lock.json"),
         walletControlLockPath: paths.walletControlLockPath,
         bitcoindLockPath: paths.bitcoindLockPath,
         bitcoindStatusPath: paths.bitcoindStatusPath,
@@ -24,9 +66,9 @@ export function resolveWalletRuntimePathsForTesting(resolution = {}) {
         hooksMiningDir: paths.hooksMiningDir,
         hooksMiningEntrypointPath: paths.hooksMiningEntrypointPath,
         hooksMiningPackageJsonPath: paths.hooksMiningPackageJsonPath,
-        miningRoot: paths.miningRoot,
-        miningStatusPath: paths.miningStatusPath,
-        miningEventsPath: paths.miningEventsPath,
+        miningRoot: join(paths.runtimeRoot, "mining"),
+        miningStatusPath: join(paths.runtimeRoot, "mining", "status.json"),
+        miningEventsPath: join(paths.runtimeRoot, "mining", "events.jsonl"),
         miningControlLockPath: paths.miningControlLockPath,
-    };
+    }, resolution.seedName);
 }

package/dist/wallet/state/provider.d.ts

@@ -11,6 +11,7 @@ export type LinuxSecretToolRunner = (args: readonly string[], options?: LinuxSec
 export interface DefaultWalletSecretProviderFactoryOptions {
     platform?: NodeJS.Platform;
     linuxSecretToolRunner?: LinuxSecretToolRunner;
+    stateRoot?: string;
 }
 export interface WalletSecretReference {
     kind: string;

package/dist/wallet/state/provider.js

@@ -1,6 +1,6 @@
 import { createHash, randomUUID } from "node:crypto";
 import { execFile, spawn } from "node:child_process";
-import { mkdir, readFile, rm } from "node:fs/promises";
+import { access, constants, mkdir, readFile, rm } from "node:fs/promises";
 import { dirname, join } from "node:path";
 import { promisify } from "node:util";
 import { resolveWalletRuntimePathsForTesting } from "../runtime.js";
@@ -42,6 +42,15 @@ function createLinuxSecretToolAttributes(keyId) {
 function createLinuxSecretToolError(message, cause) {
     return cause === undefined ? new Error(message) : new Error(message, { cause });
 }
+function isWalletSecretProviderMessage(error, message) {
+    return error instanceof Error && error.message === message;
+}
+function sanitizeSecretKeyId(keyId) {
+    return keyId.replace(/[^a-zA-Z0-9._-]+/g, "-");
+}
+function resolveSecretDirectoryPath(options) {
+    return join(options.stateRoot ?? resolveWalletRuntimePathsForTesting().stateRoot, "secrets");
+}
 function isLinuxSecretServiceUnavailableMessage(stderr) {
     const normalized = stderr.trim().toLowerCase();
     if (normalized.length === 0) {
@@ -233,6 +242,110 @@ class LinuxSecretToolWalletSecretProvider {
         }
     }
 }
+class LinuxLocalFileWalletSecretProvider {
+    kind = "linux-local-file";
+    #directoryPath;
+    constructor(directoryPath) {
+        this.#directoryPath = directoryPath;
+    }
+    #resolveSecretPath(keyId) {
+        return join(this.#directoryPath, `${sanitizeSecretKeyId(keyId)}.secret`);
+    }
+    async hasSecret(keyId) {
+        try {
+            await access(this.#resolveSecretPath(keyId), constants.F_OK);
+            return true;
+        }
+        catch {
+            return false;
+        }
+    }
+    async loadSecret(keyId) {
+        try {
+            const encoded = await readFile(this.#resolveSecretPath(keyId), "utf8");
+            return base64ToBytes(encoded.trim());
+        }
+        catch (error) {
+            if (error instanceof Error && "code" in error && error.code === "ENOENT") {
+                throw new Error(`wallet_secret_missing_${keyId}`);
+            }
+            throw createLinuxSecretToolError("wallet_secret_provider_linux_runtime_error", error);
+        }
+    }
+    async storeSecret(keyId, secret) {
+        try {
+            await mkdir(this.#directoryPath, { recursive: true, mode: 0o700 });
+            await writeFileAtomic(this.#resolveSecretPath(keyId), `${bytesToBase64(secret)}\n`, { mode: 0o600 });
+        }
+        catch (error) {
+            throw createLinuxSecretToolError("wallet_secret_provider_linux_runtime_error", error);
+        }
+    }
+    async deleteSecret(keyId) {
+        await rm(this.#resolveSecretPath(keyId), { force: true }).catch(() => undefined);
+    }
+}
+class LinuxFallbackWalletSecretProvider {
+    kind = "linux-secret-service-fallback";
+    #secretService;
+    #fileProvider;
+    constructor(options) {
+        this.#secretService = options.secretService;
+        this.#fileProvider = options.fileProvider;
+    }
+    async #loadFromFileOrRethrow(keyId, error) {
+        try {
+            return await this.#fileProvider.loadSecret(keyId);
+        }
+        catch (fileError) {
+            if (isWalletSecretProviderMessage(fileError, `wallet_secret_missing_${keyId}`)
+                && (error.message === "wallet_secret_provider_linux_secret_tool_missing"
+                    || error.message === "wallet_secret_provider_linux_secret_service_unavailable")) {
+                throw error;
+            }
+            throw fileError;
+        }
+    }
+    async loadSecret(keyId) {
+        try {
+            return await this.#secretService.loadSecret(keyId);
+        }
+        catch (error) {
+            if (!(error instanceof Error)) {
+                throw error;
+            }
+            if (error.message === "wallet_secret_provider_linux_secret_tool_missing"
+                || error.message === "wallet_secret_provider_linux_secret_service_unavailable"
+                || error.message === `wallet_secret_missing_${keyId}`) {
+                return await this.#loadFromFileOrRethrow(keyId, error);
+            }
+            if (error.message === "wallet_secret_provider_linux_runtime_error"
+                && await this.#fileProvider.hasSecret(keyId)) {
+                return await this.#fileProvider.loadSecret(keyId);
+            }
+            throw error;
+        }
+    }
+    async storeSecret(keyId, secret) {
+        try {
+            await this.#secretService.storeSecret(keyId, secret);
+        }
+        catch (error) {
+            if (isWalletSecretProviderMessage(error, "wallet_secret_provider_linux_secret_tool_missing")
+                || isWalletSecretProviderMessage(error, "wallet_secret_provider_linux_secret_service_unavailable")) {
+                await this.#fileProvider.storeSecret(keyId, secret);
+                return;
+            }
+            throw error;
+        }
+    }
+    async deleteSecret(keyId) {
+        await Promise.allSettled([
+            this.#secretService.deleteSecret(keyId),
+            this.#fileProvider.deleteSecret(keyId),
+        ]);
+    }
+}
 class WindowsDpapiWalletSecretProvider {
     kind = "windows-dpapi";
     #directoryPath;
@@ -276,10 +389,13 @@ function createWalletSecretProviderForPlatform(platform, options = {}) {
         return new MacOsKeychainWalletSecretProvider();
     }
     if (platform === "win32") {
-        return new WindowsDpapiWalletSecretProvider(join(resolveWalletRuntimePathsForTesting().stateRoot, "secrets"));
+        return new WindowsDpapiWalletSecretProvider(resolveSecretDirectoryPath(options));
     }
     if (platform === "linux") {
-        return new LinuxSecretToolWalletSecretProvider(options.linuxSecretToolRunner);
+        return new LinuxFallbackWalletSecretProvider({
+            secretService: new LinuxSecretToolWalletSecretProvider(options.linuxSecretToolRunner),
+            fileProvider: new LinuxLocalFileWalletSecretProvider(resolveSecretDirectoryPath(options)),
+        });
     }
     throw new Error(`wallet_secret_provider_unsupported_${platform}`);
 }

package/dist/wallet/state/seed-index.d.ts

@@ -0,0 +1,43 @@
+import type { WalletSeedKind, WalletRuntimePaths } from "../runtime.js";
+import { type RawWalletStateEnvelope } from "./storage.js";
+export interface WalletSeedRecord {
+    name: string;
+    kind: WalletSeedKind;
+    walletRootId: string;
+    createdAtUnixMs: number;
+    restoredAtUnixMs: number | null;
+}
+export interface WalletSeedIndexV1 {
+    schemaVersion: 1;
+    lastWrittenAtUnixMs: number;
+    seeds: WalletSeedRecord[];
+}
+export declare function normalizeWalletSeedName(name: string): string;
+export declare function isValidWalletSeedName(name: string): boolean;
+export declare function assertValidImportedWalletSeedName(name: string): string;
+export declare function findWalletSeedRecord(index: WalletSeedIndexV1, seedName: string): WalletSeedRecord | null;
+export declare function loadWalletSeedIndex(options: {
+    paths: Pick<WalletRuntimePaths, "seedRegistryPath" | "walletStatePath" | "walletStateBackupPath">;
+    nowUnixMs?: number;
+    loadRawWalletStateEnvelope?: (paths: {
+        primaryPath: string;
+        backupPath: string;
+    }) => Promise<RawWalletStateEnvelope | null>;
+}): Promise<WalletSeedIndexV1>;
+export declare function saveWalletSeedIndex(paths: Pick<WalletRuntimePaths, "seedRegistryPath">, index: WalletSeedIndexV1): Promise<void>;
+export declare function ensureMainWalletSeedIndexRecord(options: {
+    paths: Pick<WalletRuntimePaths, "seedRegistryPath" | "walletStatePath" | "walletStateBackupPath">;
+    walletRootId: string;
+    nowUnixMs?: number;
+}): Promise<WalletSeedIndexV1>;
+export declare function addImportedWalletSeedRecord(options: {
+    paths: Pick<WalletRuntimePaths, "seedRegistryPath" | "walletStatePath" | "walletStateBackupPath">;
+    seedName: string;
+    walletRootId: string;
+    nowUnixMs?: number;
+}): Promise<WalletSeedIndexV1>;
+export declare function removeWalletSeedRecord(options: {
+    paths: Pick<WalletRuntimePaths, "seedRegistryPath" | "walletStatePath" | "walletStateBackupPath">;
+    seedName: string;
+    nowUnixMs?: number;
+}): Promise<WalletSeedIndexV1>;

package/dist/wallet/state/seed-index.js

@@ -0,0 +1,151 @@
+import { mkdir, readFile } from "node:fs/promises";
+import { dirname } from "node:path";
+import { writeFileAtomic } from "../fs/atomic.js";
+import { extractWalletRootIdHintFromWalletStateEnvelope, loadRawWalletStateEnvelope, } from "./storage.js";
+function createEmptySeedIndex(nowUnixMs) {
+    return {
+        schemaVersion: 1,
+        lastWrittenAtUnixMs: nowUnixMs,
+        seeds: [],
+    };
+}
+function sortSeedRecords(seeds) {
+    return [...seeds].sort((left, right) => left.name.localeCompare(right.name));
+}
+async function readSeedIndexFile(path) {
+    try {
+        const parsed = JSON.parse(await readFile(path, "utf8"));
+        if (parsed?.schemaVersion !== 1 || !Array.isArray(parsed.seeds)) {
+            throw new Error("wallet_seed_index_invalid");
+        }
+        return {
+            schemaVersion: 1,
+            lastWrittenAtUnixMs: typeof parsed.lastWrittenAtUnixMs === "number" ? parsed.lastWrittenAtUnixMs : 0,
+            seeds: sortSeedRecords(parsed.seeds),
+        };
+    }
+    catch (error) {
+        if (error instanceof Error && "code" in error && error.code === "ENOENT") {
+            return null;
+        }
+        throw error;
+    }
+}
+export function normalizeWalletSeedName(name) {
+    return name.trim().toLowerCase();
+}
+export function isValidWalletSeedName(name) {
+    return /^[a-z0-9]+(?:-[a-z0-9]+)*$/.test(name);
+}
+export function assertValidImportedWalletSeedName(name) {
+    const normalized = normalizeWalletSeedName(name);
+    if (!isValidWalletSeedName(normalized)) {
+        throw new Error("wallet_seed_name_invalid");
+    }
+    if (normalized === "main") {
+        throw new Error("wallet_seed_name_reserved");
+    }
+    return normalized;
+}
+export function findWalletSeedRecord(index, seedName) {
+    const normalized = normalizeWalletSeedName(seedName);
+    return index.seeds.find((seed) => seed.name === normalized) ?? null;
+}
+export async function loadWalletSeedIndex(options) {
+    const nowUnixMs = options.nowUnixMs ?? Date.now();
+    const stored = await readSeedIndexFile(options.paths.seedRegistryPath);
+    if (stored !== null) {
+        return stored;
+    }
+    const rawEnvelope = await (options.loadRawWalletStateEnvelope ?? loadRawWalletStateEnvelope)({
+        primaryPath: options.paths.walletStatePath,
+        backupPath: options.paths.walletStateBackupPath,
+    }).catch(() => null);
+    const mainWalletRootId = extractWalletRootIdHintFromWalletStateEnvelope(rawEnvelope?.envelope ?? null);
+    if (mainWalletRootId === null) {
+        return createEmptySeedIndex(nowUnixMs);
+    }
+    return {
+        schemaVersion: 1,
+        lastWrittenAtUnixMs: nowUnixMs,
+        seeds: [{
+                name: "main",
+                kind: "main",
+                walletRootId: mainWalletRootId,
+                createdAtUnixMs: nowUnixMs,
+                restoredAtUnixMs: null,
+            }],
+    };
+}
+export async function saveWalletSeedIndex(paths, index) {
+    await mkdir(dirname(paths.seedRegistryPath), { recursive: true });
+    await writeFileAtomic(paths.seedRegistryPath, `${JSON.stringify({
+        ...index,
+        seeds: sortSeedRecords(index.seeds),
+    }, null, 2)}\n`, { mode: 0o600 });
+}
+export async function ensureMainWalletSeedIndexRecord(options) {
+    const nowUnixMs = options.nowUnixMs ?? Date.now();
+    const index = await loadWalletSeedIndex({
+        paths: options.paths,
+        nowUnixMs,
+    });
+    const existing = findWalletSeedRecord(index, "main");
+    const seeds = index.seeds.filter((seed) => seed.name !== "main");
+    seeds.push({
+        name: "main",
+        kind: "main",
+        walletRootId: options.walletRootId,
+        createdAtUnixMs: existing?.createdAtUnixMs ?? nowUnixMs,
+        restoredAtUnixMs: existing?.restoredAtUnixMs ?? null,
+    });
+    const nextIndex = {
+        schemaVersion: 1,
+        lastWrittenAtUnixMs: nowUnixMs,
+        seeds: sortSeedRecords(seeds),
+    };
+    await saveWalletSeedIndex(options.paths, nextIndex);
+    return nextIndex;
+}
+export async function addImportedWalletSeedRecord(options) {
+    const nowUnixMs = options.nowUnixMs ?? Date.now();
+    const seedName = assertValidImportedWalletSeedName(options.seedName);
+    const index = await loadWalletSeedIndex({
+        paths: options.paths,
+        nowUnixMs,
+    });
+    if (findWalletSeedRecord(index, seedName) !== null) {
+        throw new Error("wallet_seed_name_exists");
+    }
+    const nextIndex = {
+        schemaVersion: 1,
+        lastWrittenAtUnixMs: nowUnixMs,
+        seeds: sortSeedRecords([
+            ...index.seeds,
+            {
+                name: seedName,
+                kind: "imported",
+                walletRootId: options.walletRootId,
+                createdAtUnixMs: nowUnixMs,
+                restoredAtUnixMs: nowUnixMs,
+            },
+        ]),
+    };
+    await saveWalletSeedIndex(options.paths, nextIndex);
+    return nextIndex;
+}
+export async function removeWalletSeedRecord(options) {
+    const nowUnixMs = options.nowUnixMs ?? Date.now();
+    const seedName = normalizeWalletSeedName(options.seedName);
+    const index = await loadWalletSeedIndex({
+        paths: options.paths,
+        nowUnixMs,
+    });
+    const nextIndex = {
+        schemaVersion: 1,
+        lastWrittenAtUnixMs: nowUnixMs,
+        seeds: sortSeedRecords(index.seeds.filter((seed) => seed.name !== seedName)),
+    };
+    await saveWalletSeedIndex(options.paths, nextIndex);
+    return nextIndex;
+}

package/dist/wallet/tx/anchor.d.ts

@@ -4,6 +4,7 @@ import type { RpcTransaction } from "../../bitcoind/types.js";
 import type { WalletPrompter } from "../lifecycle.js";
 import { type WalletRuntimePaths } from "../runtime.js";
 import { type WalletSecretProvider } from "../state/provider.js";
+import type { ProactiveFamilyStateRecord } from "../types.js";
 import { openWalletReadContext } from "../read/index.js";
 import { type WalletMutationRpcClient } from "./common.js";
 interface WalletAnchorRpcClient extends WalletMutationRpcClient {
@@ -36,5 +37,26 @@ export interface AnchorDomainResult {
     status: "live" | "confirmed";
     reusedExisting: boolean;
 }
+export interface ClearPendingAnchorOptions {
+    domainName: string;
+    dataDir: string;
+    databasePath: string;
+    provider?: WalletSecretProvider;
+    prompter: WalletPrompter;
+    assumeYes?: boolean;
+    nowUnixMs?: number;
+    paths?: WalletRuntimePaths;
+    openReadContext?: typeof openWalletReadContext;
+    attachService?: typeof attachOrStartManagedBitcoindService;
+    rpcFactory?: (config: Parameters<typeof createRpcClient>[0]) => WalletAnchorRpcClient;
+}
+export interface ClearPendingAnchorResult {
+    domainName: string;
+    cleared: boolean;
+    previousFamilyStatus: ProactiveFamilyStateRecord["status"] | null;
+    previousFamilyStep: ProactiveFamilyStateRecord["currentStep"] | null;
+    releasedDedicatedIndex: number | null;
+}
 export declare function anchorDomain(options: AnchorDomainOptions): Promise<AnchorDomainResult>;
+export declare function clearPendingAnchor(options: ClearPendingAnchorOptions): Promise<ClearPendingAnchorResult>;
 export {};