@coinbase/cdp-app-attest 0.0.98 → 0.0.99

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/dist/types/index.d.ts +185 -0
  2. package/package.json +2 -2
package/dist/types/index.d.ts CHANGED
@@ -1,43 +1,228 @@
1
+ /**
2
+ * Android integrity data returned from createAssertion() method.
3
+ *
4
+ * Contains a Play Integrity token that proves app and device integrity.
5
+ * Unlike iOS assertions, these are fresh tokens generated per request.
6
+ */
1
7
  declare interface AndroidIntegrityData {
8
+ /**
9
+ * Base64-encoded Play Integrity Standard API token.
10
+ * This is a fresh token generated per request, not a cryptographic assertion.
11
+ * The backend validates it with Google's servers.
12
+ */
2
13
  integrityToken: string;
3
14
  }
4
15
 
16
+ /**
17
+ * Result from the createAssertion() method.
18
+ *
19
+ * Contains platform-specific proof of authenticity to include in API requests.
20
+ * Either ios or android field will be populated, never both.
21
+ */
5
22
  export declare interface AssertionResult {
23
+ /** iOS assertion data (only present on iOS) */
6
24
  ios?: IOSAssertionData;
25
+ /**
26
+ * Android integrity token (only present on Android).
27
+ * This is a fresh Play Integrity token, not an assertion.
28
+ */
7
29
  android?: AndroidIntegrityData;
8
30
  }
9
31
 
32
+ /**
33
+ * Attest the app instance with a server-provided challenge (iOS only).
34
+ *
35
+ * iOS: Generates a device key, attests it with Apple, and returns attestation data
36
+ * to be exchanged with your backend for key registration.
37
+ *
38
+ * Android: Not used. Android uses Play Integrity Standard API tokens sent
39
+ * directly in request headers (via createAssertion).
40
+ *
41
+ * This method handles key management internally:
42
+ * - Generates a new key on first use (iOS)
43
+ * - Caches the key for subsequent assertions (iOS)
44
+ *
45
+ * @param challenge - Server-provided challenge (base64-encoded)
46
+ * @returns Promise resolving to attestation result (iOS only)
47
+ * @throws Error if attestation fails or device doesn't support attestation
48
+ */
10
49
  export declare function attest(challenge: string): Promise<AttestationResult>;
11
50
 
51
+ /**
52
+ * Result from the attest() method.
53
+ *
54
+ * Contains platform-specific attestation data to be exchanged with backend.
55
+ * iOS only - Android does not use attestation exchange.
56
+ */
12
57
  export declare interface AttestationResult {
58
+ /**
59
+ * iOS attestation data (only present on iOS).
60
+ * Android does not use the attestation exchange flow.
61
+ */
13
62
  ios?: IOSAttestationData;
14
63
  }
15
64
 
65
+ /**
66
+ * Clears all attestation state, allowing re-attestation with a new key.
67
+ *
68
+ * **When to use:**
69
+ * - Backend returns "Attestation key not found" (public key expired or lost)
70
+ * - You need to re-attest after attestation public key expiry
71
+ * - Testing/debugging scenarios
72
+ *
73
+ * **Important:** After clearing attestation, you MUST call `attest()` again to
74
+ * generate a new key and perform fresh attestation. Until then, `createAssertion()`
75
+ * will fail.
76
+ *
77
+ * This clears:
78
+ * - Swift's internal keyId (used for generating assertions)
79
+ * - SDK's registration confirmation flag (indicating backend has the public key)
80
+ *
81
+ * @returns Promise that resolves when attestation state is cleared
82
+ * @throws Error if the native module doesn't support clearing
83
+ *
84
+ * @example
85
+ * ```typescript
86
+ * // Handle "key not found" error from backend
87
+ * try {
88
+ * const assertion = await createAssertion(clientData);
89
+ * } catch (error) {
90
+ * if (error.message.includes('key not found')) {
91
+ * await clearAttestation();
92
+ * // Re-attest with new key
93
+ * const attestation = await attest(challenge);
94
+ * await registerAttestation(projectId, attestation);
95
+ * await confirmRegistration(attestation.ios.keyId);
96
+ * }
97
+ * }
98
+ * ```
99
+ */
16
100
  export declare function clearAttestation(): Promise<void>;
17
101
 
102
+ /**
103
+ * Mark attestation as successfully registered with backend (iOS only).
104
+ *
105
+ * Only call this AFTER the backend successfully responds to the attestation
106
+ * registration request. Do NOT call before sending to backend or while waiting
107
+ * for response.
108
+ *
109
+ * This flag indicates that the device's public key is registered server-side
110
+ * and assertions can be validated.
111
+ *
112
+ * @param keyId - The key ID that was registered with the backend
113
+ * @returns Promise that resolves when the registration is marked as confirmed
114
+ *
115
+ * @example
116
+ * ```typescript
117
+ * const attestation = await attest(challenge);
118
+ * await registerAttestation(projectId, attestation); // Wait for backend success
119
+ * await confirmRegistration(attestation.ios.keyId); // Only after backend responds
120
+ * ```
121
+ */
18
122
  export declare function confirmRegistration(keyId: string): Promise<void>;
19
123
 
124
+ /**
125
+ * Generate proof of authenticity for an API request.
126
+ *
127
+ * iOS: Creates a cryptographic assertion signed with the device's private key.
128
+ * Must call attest() at least once before using this method to ensure a key
129
+ * has been generated and cached.
130
+ *
131
+ * Android: Generates a fresh Play Integrity Standard API token (not an assertion).
132
+ * No prior attestation needed - tokens are generated on-demand per request.
133
+ *
134
+ * @param clientData - Client data to include (base64-encoded)
135
+ * @returns Promise resolving to platform-specific proof (assertion or integrity token)
136
+ * @throws Error if generation fails (iOS: no cached key; Android: Play Services unavailable)
137
+ */
20
138
  export declare function createAssertion(clientData: string): Promise<AssertionResult>;
21
139
 
140
+ /**
141
+ * Check if attestation is registered with backend (iOS only).
142
+ *
143
+ * Returns the key ID if attestation was successfully registered with backend.
144
+ * Returns null if:
145
+ * - Attestation hasn't been performed yet
146
+ * - Attestation failed to register with backend
147
+ * - Key was cleared via clearKey()
148
+ *
149
+ * **Note:** This checks the SDK's registration confirmation flag, not Swift's
150
+ * internal keyId. Swift may have generated a key (for createAssertion) but
151
+ * backend registration may not have completed successfully.
152
+ *
153
+ * @returns Promise resolving to the registered key ID, or null if not confirmed
154
+ *
155
+ * @example
156
+ * ```typescript
157
+ * const keyId = await getRegisteredKeyId();
158
+ * if (keyId) {
159
+ * console.log('Already registered with backend');
160
+ * } else {
161
+ * // Need to perform attestation
162
+ * }
163
+ * ```
164
+ */
22
165
  export declare function getRegisteredKeyId(): Promise<string | null>;
23
166
 
167
+ /**
168
+ * Initialize the attestation module.
169
+ *
170
+ * iOS: Optional (no initialization needed)
171
+ * Android: Required (must provide cloudProjectNumber)
172
+ *
173
+ * @param config - Platform-specific configuration
174
+ * @returns Promise that resolves when initialization is complete
175
+ * @throws Error if required configuration is missing (Android)
176
+ */
24
177
  export declare function initialize(config?: InitializeConfig): Promise<void>;
25
178
 
179
+ /**
180
+ * Configuration options for initializing the attestation module.
181
+ *
182
+ * iOS: No configuration needed (can be omitted).
183
+ * Android: Must provide cloudProjectNumber from Google Cloud Console.
184
+ */
26
185
  export declare interface InitializeConfig {
186
+ /** Cloud project number (Android only, required for Play Integrity API) */
27
187
  cloudProjectNumber?: string;
28
188
  }
29
189
 
190
+ /**
191
+ * iOS assertion data returned from createAssertion() method.
192
+ *
193
+ * Contains a cryptographic signature proving the request originates
194
+ * from a genuine attested device. Include these in request headers.
195
+ */
30
196
  declare interface IOSAssertionData {
197
+ /** Base64-encoded assertion */
31
198
  assertion: string;
199
+ /** Key identifier used for the assertion */
32
200
  keyId: string;
33
201
  }
34
202
 
203
+ /**
204
+ * iOS attestation data returned from the attest() method.
205
+ *
206
+ * This data should be sent to your backend's attestation exchange endpoint
207
+ * to register the device's public key.
208
+ */
35
209
  declare interface IOSAttestationData {
210
+ /** Key identifier */
36
211
  keyId: string;
212
+ /** Base64-encoded attestation object */
37
213
  attestation: string;
214
+ /** Bundle identifier */
38
215
  bundleId: string;
39
216
  }
40
217
 
218
+ /**
219
+ * Check if device attestation is supported on this device.
220
+ *
221
+ * iOS: Returns true if iOS 14+ and DCAppAttestService is available
222
+ * Android: Returns true if Google Play Services is available
223
+ *
224
+ * @returns Promise resolving to true if attestation is supported
225
+ */
41
226
  export declare function isSupported(): Promise<boolean>;
42
227
 
43
228
  export { }
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@coinbase/cdp-app-attest",
3
- "version": "0.0.98",
3
+ "version": "0.0.99",
4
4
  "type": "module",
5
5
  "description": "CDP native module for iOS App Attest and Android Play Integrity",
6
6
  "files": [
@@ -44,7 +44,7 @@
44
44
  "react": "*",
45
45
  "react-native": "*",
46
46
  "react-native-device-info": "^10.3.0",
47
- "@coinbase/cdp-core": "^0.0.98"
47
+ "@coinbase/cdp-core": "^0.0.99"
48
48
  },
49
49
  "devDependencies": {
50
50
  "@size-limit/preset-small-lib": "^11.2.0",