npm - @cryptforge/auth - Versions diffs - 0.1.0 → 0.2.0 - Mend

@cryptforge/auth 0.1.0 → 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/README.md CHANGED Viewed

@@ -806,63 +806,6 @@ const signature = await auth.signMessage({
 // Server can verify ownership regardless of chain
 ```
-## BIP44 Document ID
-Derives a deterministic document ID using BIP44-style hierarchical derivation.
-This creates chain-independent, deterministic document IDs that can be used with Automerge or any other document system. The ID is derived from your mnemonic using BIP44 HD key derivation, ensuring the same inputs always produce the same ID.
-**How it works:** `deriveBIP44DocumentID()` generates a 32-byte seed from your mnemonic. When passed to `store.create()` as the second parameter, Automerge uses this seed with UUID v5 to create a deterministic document URL. Same seed = same document every time!
-### Path Structure
-`m/44'/[appId]'/[account]'/[purpose]/[index]`
-### Purpose Parameter Guidance
-The `purpose` parameter (4th level) can represent document types or categories. This is flexible and application-specific. Examples:
-- 0: Profile/Settings
-- 1: Notes
-- 2: Tasks
-- 3: Documents
-- 100+: Custom types
-### Parameters
-- `options.appId` - Application identifier (1000000+ recommended, will be hardened)
-- `options.account` - Account/workspace number (default: 0, hardened)
-- `options.purpose` - Document type/category (default: 0, non-hardened)
-- `options.index` - Document instance number (default: 0, non-hardened)
-### Returns
-Hex-encoded document ID (32 bytes / 64 hex chars)
-### Usage
-```typescript
-// Derive document ID
-const docId = await auth.deriveBIP44DocumentID({
-  appId: 1000000,
-  purpose: 0, // Settings type
-  index: 0, // First settings doc
-});
-// Create document with deterministic ID
-await store.create({ type: "settings", theme: "dark" }, docId);
-// Later, re-derive the same ID
-const sameId = await auth.deriveBIP44DocumentID({
-  appId: 1000000,
-  purpose: 0,
-  index: 0,
-});
-const settings = await store.get(sameId); // Gets existing doc!
-```
-See `BIP44_DOCUMENT_ID.md` for detailed documentation and examples.
 ## Browser Compatibility
 This package is **100% browser-compatible** with zero configuration:
@@ -892,6 +835,10 @@ This package is **100% browser-compatible** with zero configuration:
 All dependencies are browser-safe, audited, and actively maintained.
+## Additional Documentation
+- **[DATA_ENCRYPTION.md](./DATA_ENCRYPTION.md)** - Detailed documentation on HKDF data encryption and master public key features for chain-independent encryption and identity verification
 ## Examples
 See the complete working example in `examples/vue-electron-example/src/AuthTest.vue`.

package/dist/index.d.mts CHANGED Viewed

@@ -93,20 +93,6 @@ declare class AuthClient implements AuthAdapter {
         address: string;
         path: string;
     }>;
-    /**
-     * Derives a deterministic document ID using BIP44-style hierarchical derivation.
-     * Returns a hex-encoded ID (32 bytes / 64 hex characters).
-     * Path: m/44'/[appId]'/[account]'/[purpose]/[index]
-     * @param options - BIP44 derivation parameters (appId required, others default to 0)
-     * @returns Promise resolving to hex-encoded document ID (64 characters)
-     * @throws {Error} If wallet is locked or parameters are out of range
-     */
-    deriveBIP44DocumentID: (options: {
-        appId: number;
-        account?: number;
-        purpose?: number;
-        index?: number;
-    }) => Promise<string>;
     /**
      * Derives a data encryption key using HKDF for encrypting/decrypting data.
      * This key is deterministic (derived from mnemonic) and chain-independent.

package/dist/index.d.ts CHANGED Viewed

@@ -93,20 +93,6 @@ declare class AuthClient implements AuthAdapter {
         address: string;
         path: string;
     }>;
-    /**
-     * Derives a deterministic document ID using BIP44-style hierarchical derivation.
-     * Returns a hex-encoded ID (32 bytes / 64 hex characters).
-     * Path: m/44'/[appId]'/[account]'/[purpose]/[index]
-     * @param options - BIP44 derivation parameters (appId required, others default to 0)
-     * @returns Promise resolving to hex-encoded document ID (64 characters)
-     * @throws {Error} If wallet is locked or parameters are out of range
-     */
-    deriveBIP44DocumentID: (options: {
-        appId: number;
-        account?: number;
-        purpose?: number;
-        index?: number;
-    }) => Promise<string>;
     /**
      * Derives a data encryption key using HKDF for encrypting/decrypting data.
      * This key is deterministic (derived from mnemonic) and chain-independent.

package/dist/index.js CHANGED Viewed

@@ -351,64 +351,6 @@ var AuthClient = class {
       path: keyData.path
     };
   };
-  /**
-   * Derives a deterministic document ID using BIP44-style hierarchical derivation.
-   * Returns a hex-encoded ID (32 bytes / 64 hex characters).
-   * Path: m/44'/[appId]'/[account]'/[purpose]/[index]
-   * @param options - BIP44 derivation parameters (appId required, others default to 0)
-   * @returns Promise resolving to hex-encoded document ID (64 characters)
-   * @throws {Error} If wallet is locked or parameters are out of range
-   */
-  deriveBIP44DocumentID = async (options) => {
-    if (this.state.isLocked || !this.decryptedMnemonic) {
-      throw new Error(
-        "Wallet is locked. Call unlock() first to derive document IDs."
-      );
-    }
-    const { appId, account = 0, purpose = 0, index = 0 } = options;
-    if (appId === void 0 || appId === null) {
-      throw new Error(
-        "appId is required but was undefined. Please provide a valid appId number."
-      );
-    }
-    if (typeof appId !== "number" || isNaN(appId)) {
-      throw new Error(
-        `appId must be a valid number, received: ${typeof appId}`
-      );
-    }
-    const MAX_HARDENED = 2147483647;
-    if (appId < 0 || appId > MAX_HARDENED) {
-      throw new Error(
-        `Invalid appId: ${appId}. Must be between 0 and ${MAX_HARDENED}`
-      );
-    }
-    if (account < 0 || account > MAX_HARDENED) {
-      throw new Error(
-        `Invalid account: ${account}. Must be between 0 and ${MAX_HARDENED}`
-      );
-    }
-    if (purpose < 0 || purpose > MAX_HARDENED) {
-      throw new Error(
-        `Invalid purpose: ${purpose}. Must be between 0 and ${MAX_HARDENED}`
-      );
-    }
-    if (index < 0 || index > MAX_HARDENED) {
-      throw new Error(
-        `Invalid index: ${index}. Must be between 0 and ${MAX_HARDENED}`
-      );
-    }
-    const path = `m/44'/${appId}'/${account}'/${purpose}/${index}`;
-    const seed = (0, import_bip39.mnemonicToSeedSync)(this.decryptedMnemonic);
-    const masterKey = import_bip32.HDKey.fromMasterSeed(seed);
-    const derivedKey = masterKey.derive(path);
-    if (!derivedKey.publicKey) {
-      throw new Error(`Failed to derive key at path: ${path}`);
-    }
-    const publicKeyBuffer = new Uint8Array(derivedKey.publicKey);
-    const hashBuffer = await crypto.subtle.digest("SHA-256", publicKeyBuffer);
-    const hash = new Uint8Array(hashBuffer);
-    return bufferToHex(hash);
-  };
   /**
    * Derives a data encryption key using HKDF for encrypting/decrypting data.
    * This key is deterministic (derived from mnemonic) and chain-independent.

package/dist/index.mjs CHANGED Viewed

@@ -328,64 +328,6 @@ var AuthClient = class {
       path: keyData.path
     };
   };
-  /**
-   * Derives a deterministic document ID using BIP44-style hierarchical derivation.
-   * Returns a hex-encoded ID (32 bytes / 64 hex characters).
-   * Path: m/44'/[appId]'/[account]'/[purpose]/[index]
-   * @param options - BIP44 derivation parameters (appId required, others default to 0)
-   * @returns Promise resolving to hex-encoded document ID (64 characters)
-   * @throws {Error} If wallet is locked or parameters are out of range
-   */
-  deriveBIP44DocumentID = async (options) => {
-    if (this.state.isLocked || !this.decryptedMnemonic) {
-      throw new Error(
-        "Wallet is locked. Call unlock() first to derive document IDs."
-      );
-    }
-    const { appId, account = 0, purpose = 0, index = 0 } = options;
-    if (appId === void 0 || appId === null) {
-      throw new Error(
-        "appId is required but was undefined. Please provide a valid appId number."
-      );
-    }
-    if (typeof appId !== "number" || isNaN(appId)) {
-      throw new Error(
-        `appId must be a valid number, received: ${typeof appId}`
-      );
-    }
-    const MAX_HARDENED = 2147483647;
-    if (appId < 0 || appId > MAX_HARDENED) {
-      throw new Error(
-        `Invalid appId: ${appId}. Must be between 0 and ${MAX_HARDENED}`
-      );
-    }
-    if (account < 0 || account > MAX_HARDENED) {
-      throw new Error(
-        `Invalid account: ${account}. Must be between 0 and ${MAX_HARDENED}`
-      );
-    }
-    if (purpose < 0 || purpose > MAX_HARDENED) {
-      throw new Error(
-        `Invalid purpose: ${purpose}. Must be between 0 and ${MAX_HARDENED}`
-      );
-    }
-    if (index < 0 || index > MAX_HARDENED) {
-      throw new Error(
-        `Invalid index: ${index}. Must be between 0 and ${MAX_HARDENED}`
-      );
-    }
-    const path = `m/44'/${appId}'/${account}'/${purpose}/${index}`;
-    const seed = mnemonicToSeedSync(this.decryptedMnemonic);
-    const masterKey = HDKey.fromMasterSeed(seed);
-    const derivedKey = masterKey.derive(path);
-    if (!derivedKey.publicKey) {
-      throw new Error(`Failed to derive key at path: ${path}`);
-    }
-    const publicKeyBuffer = new Uint8Array(derivedKey.publicKey);
-    const hashBuffer = await crypto.subtle.digest("SHA-256", publicKeyBuffer);
-    const hash = new Uint8Array(hashBuffer);
-    return bufferToHex(hash);
-  };
   /**
    * Derives a data encryption key using HKDF for encrypting/decrypting data.
    * This key is deterministic (derived from mnemonic) and chain-independent.

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@cryptforge/auth",
-  "version": "0.1.0",
+  "version": "0.2.0",
   "description": "Browser-compatible authentication and key management for cryptocurrency wallets",
   "main": "./dist/index.js",
   "module": "./dist/index.mjs",
@@ -34,7 +34,7 @@
     "README.md"
   ],
   "dependencies": {
-    "@cryptforge/core": "^0.1.0",
+    "@cryptforge/core": "workspace:*",
     "@scure/bip32": "^2.0.1",
     "@scure/bip39": "^2.0.1"
   },