@cubist-labs/cubesigner-sdk-viem 0.4.183-0

package/README.md

@@ -0,0 +1,51 @@
+# CubeSigner Plugin for Viem
+
+This package exposes a single `CubeSignerSource` class which implements
+a custom source in Viem, backed by CubeSigner.
+
+## Simple example usage
+
+```typescript
+import { type CustomSource, createWalletClient, http, publicActions } from "viem";
+import { CubeSignerClient } from "@cubist-labs/cubesigner-sdk";
+import { CubeSignerSource } from "@cubist-labs/cubesigner-sdk-viem";
+import { sepolia } from "viem/chains";
+import { toAccount } from "viem/accounts";
+
+const client = await CubeSignerClient.create(...); // must have permissions to sign with `key`
+const key = ...; // A CubeSigner key object or a string of an address in your org
+const chain = sepolia; // use an object from "viem/chains"
+
+const account = toAccount(new CubeSignerSource(key, client) as CustomSource);
+
+// Create a WalletClient to perform actions
+const walletClient = createWalletClient({
+  account,
+  chain,
+  transport: http(), // uses Viem's default RPC provider
+}).extend(publicActions);
+
+// Sign transaction as usual:
+const tx = await walletClient.prepareTransactionRequest({
+  to: "0x96be1e4c198ecb1a55e769f653b1934950294f19",
+  value: 0n,
+});
+
+const signature = await walletClient.signTransaction(tx);
+...
+```
+
+Check out our [Viem example](../../examples/viem/src/index.ts) or the unit tests
+in the `test` folder for more examples.
+
+The [@cubist-labs/cubesigner-sdk](https://www.npmjs.com/package/@cubist-labs/cubesigner-sdk) contains more details on how to create signer sessions.
+
+## Supported Transactions
+
+Please note that CubeSigner only supports legacy or EIP-1559 EVM
+transactions with an explicitly defined `type` field. It's recommended to use
+`prepareTransactionRequest` before signing to fill this field.
+
+Transactions must take place on a specific chain---either use a client which
+holds a specific chain, or ensure your transaction has the `chainId` field
+defined.

package/dist/index.d.ts

@@ -0,0 +1,55 @@
+import { type Address, type CustomSource } from "viem";
+import { type CubeSignerClient, type EvmSignerOptions, type Key } from "@cubist-labs/cubesigner-sdk";
+/**
+ * A class to wrap a CubeSigner key and client into a Viem {@link CustomSource}.
+ * Use Viem's `toAccount` to convert this to a Viem Account.
+ */
+export declare class CubeSignerSource implements CustomSource {
+    #private;
+    /** The address the wallet is associated with. */
+    readonly address: Address;
+    /**
+     * Construct a Viem {@link CustomSource} around a CubeSigner key and client.
+     * Use Viem's `toAccount` to convert this to a Viem Account.
+     *
+     * @param address The EVM address this wallet is associated with
+     * @param client The session used for signing. Must have necessary scopes.
+     * @param options MFA options for the client to respect
+     * @throws {Error} if the address is not a valid EVM address
+     */
+    constructor(address: Key | string, client: CubeSignerClient, options?: EvmSignerOptions);
+    /**
+     * Signs arbitrary messages. This uses CubeSigner's EIP-191 signing endpoint.
+     * The key (for this session) must have the `"AllowRawBlobSigning"` or
+     * `"AllowEip191Signing"` policy attached.
+     *
+     * @param root Object around the message
+     * @param root.message The message to sign
+     * @returns The signature
+     */
+    signMessage: CustomSource["signMessage"];
+    /**
+     * Signs EIP-712 typed data. This uses CubeSigner's EIP-712 signing endpoint.
+     * The key (for this session) must have the `"AllowRawBlobSigning"` or
+     * `"AllowEip712Signing"` policy attached.
+     * `chainId` must be specified within the `domain`.
+     *
+     * @param parameters Typed data
+     * @returns signature for the typed data
+     */
+    signTypedData: CustomSource["signTypedData"];
+    /**
+     * It is recommended to use `prepareTransactionRequest` on your request
+     * before calling this function.
+     *
+     * Sign a transaction. This method will block if the key requires MFA approval.
+     * `type` and `chainId` must be defined. Only supports type "legacy" or "eip1559".
+     *
+     * @param transaction The transaction to sign
+     * @param options Contains an optional custom serializer
+     * @returns Signed transaction
+     * @throws {Error} if transaction.type isn't "legacy" or "eip1559", or if "chainId" isn't specified
+     */
+    signTransaction: CustomSource["signTransaction"];
+}
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,KAAK,OAAO,EACZ,KAAK,YAAY,EAUlB,MAAM,MAAM,CAAC;AACd,OAAO,EACL,KAAK,gBAAgB,EAIrB,KAAK,gBAAgB,EACrB,KAAK,GAAG,EACT,MAAM,6BAA6B,CAAC;AAErC;;;GAGG;AACH,qBAAa,gBAAiB,YAAW,YAAY;;IAInD,iDAAiD;IACjD,SAAgB,OAAO,EAAE,OAAO,CAAC;IAEjC;;;;;;;;OAQG;gBACS,OAAO,EAAE,GAAG,GAAG,MAAM,EAAE,MAAM,EAAE,gBAAgB,EAAE,OAAO,CAAC,EAAE,gBAAgB;IAYvF;;;;;;;;OAQG;IACI,WAAW,EAAE,YAAY,CAAC,aAAa,CAAC,CAa7C;IAEF;;;;;;;;OAQG;IACI,aAAa,EAAE,YAAY,CAAC,eAAe,CAAC,CAYjD;IAEF;;;;;;;;;;;OAWG;IACI,eAAe,EAAE,YAAY,CAAC,iBAAiB,CAAC,CAsBrD;CACH"}

package/dist/index.js

@@ -0,0 +1,129 @@
+var __classPrivateFieldSet = (this && this.__classPrivateFieldSet) || function (receiver, state, value, kind, f) {
+    if (kind === "m") throw new TypeError("Private method is not writable");
+    if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a setter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot write private member to an object whose class did not declare it");
+    return (kind === "a" ? f.call(receiver, value) : f ? f.value = value : state.set(receiver, value)), value;
+};
+var __classPrivateFieldGet = (this && this.__classPrivateFieldGet) || function (receiver, state, kind, f) {
+    if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a getter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot read private member from an object whose class did not declare it");
+    return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver);
+};
+var _CubeSignerSource_signer;
+import { bytesToHex, formatTransactionRequest, getAddress, isHex, parseTransaction, serializeTransaction, stringToHex, } from "viem";
+import { EvmSigner, } from "@cubist-labs/cubesigner-sdk";
+/**
+ * A class to wrap a CubeSigner key and client into a Viem {@link CustomSource}.
+ * Use Viem's `toAccount` to convert this to a Viem Account.
+ */
+export class CubeSignerSource {
+    /**
+     * Construct a Viem {@link CustomSource} around a CubeSigner key and client.
+     * Use Viem's `toAccount` to convert this to a Viem Account.
+     *
+     * @param address The EVM address this wallet is associated with
+     * @param client The session used for signing. Must have necessary scopes.
+     * @param options MFA options for the client to respect
+     * @throws {Error} if the address is not a valid EVM address
+     */
+    constructor(address, client, options) {
+        /** The internal CubeSigner signer used. */
+        _CubeSignerSource_signer.set(this, void 0);
+        /**
+         * Signs arbitrary messages. This uses CubeSigner's EIP-191 signing endpoint.
+         * The key (for this session) must have the `"AllowRawBlobSigning"` or
+         * `"AllowEip191Signing"` policy attached.
+         *
+         * @param root Object around the message
+         * @param root.message The message to sign
+         * @returns The signature
+         */
+        this.signMessage = async ({ message }) => {
+            let hex;
+            if (typeof message === "string") {
+                hex = stringToHex(message);
+            }
+            else if (isHex(message.raw)) {
+                hex = message.raw;
+            }
+            else {
+                hex = bytesToHex(message.raw);
+            }
+            const signature = await __classPrivateFieldGet(this, _CubeSignerSource_signer, "f").signEip191({ data: hex });
+            return ensureHex(signature);
+        };
+        /**
+         * Signs EIP-712 typed data. This uses CubeSigner's EIP-712 signing endpoint.
+         * The key (for this session) must have the `"AllowRawBlobSigning"` or
+         * `"AllowEip712Signing"` policy attached.
+         * `chainId` must be specified within the `domain`.
+         *
+         * @param parameters Typed data
+         * @returns signature for the typed data
+         */
+        this.signTypedData = async (parameters) => {
+            assert(parameters.domain, "`domain` must be defined");
+            const castedParameters = parameters;
+            assert(castedParameters.domain.chainId, "`domain.chainId` must be defined");
+            const signature = await __classPrivateFieldGet(this, _CubeSignerSource_signer, "f").signEip712({
+                chain_id: Number(castedParameters.domain.chainId),
+                typed_data: castedParameters,
+            });
+            return ensureHex(signature);
+        };
+        /**
+         * It is recommended to use `prepareTransactionRequest` on your request
+         * before calling this function.
+         *
+         * Sign a transaction. This method will block if the key requires MFA approval.
+         * `type` and `chainId` must be defined. Only supports type "legacy" or "eip1559".
+         *
+         * @param transaction The transaction to sign
+         * @param options Contains an optional custom serializer
+         * @returns Signed transaction
+         * @throws {Error} if transaction.type isn't "legacy" or "eip1559", or if "chainId" isn't specified
+         */
+        this.signTransaction = async (transaction, options) => {
+            assert(transaction.type === "legacy" || transaction.type === "eip1559", `Unsupported transaction type '${transaction.type}', CubeSigner only supports type 'legacy' or 'eip1559'")}'`);
+            assert(transaction.chainId, "`chainId` must be defined");
+            const formatted = formatTransactionRequest(transaction);
+            const rlpSignedTransaction = await __classPrivateFieldGet(this, _CubeSignerSource_signer, "f").signTransaction({
+                chain_id: transaction.chainId,
+                tx: formatted,
+            });
+            // CubeSigner returns an RLP-encoded transaction. Since Viem allows users to pass a custom serializer, we will
+            // now unserialize and reserialize with Viem's serializer.
+            const { r, s, v, yParity, ...parsedTransaction } = parseTransaction(ensureHex(rlpSignedTransaction));
+            const serializer = options?.serializer ?? serializeTransaction;
+            return await serializer(parsedTransaction, { r, s, v, yParity });
+        };
+        __classPrivateFieldSet(this, _CubeSignerSource_signer, new EvmSigner(address, client, options), "f");
+        // NOTE: `getAddress` will checksum the address and throw if it's an invalid EVM address.
+        this.address = getAddress(__classPrivateFieldGet(this, _CubeSignerSource_signer, "f").address);
+        // Scope these functions to properly resolve `this`
+        this.signMessage = this.signMessage.bind(this);
+        this.signTransaction = this.signTransaction.bind(this);
+        this.signTypedData = this.signTypedData.bind(this);
+    }
+}
+_CubeSignerSource_signer = new WeakMap();
+/**
+ * @param input A hex string
+ * @returns the input, type narrowed to Hex
+ * @throws {Error} if input is not Hex
+ */
+function ensureHex(input) {
+    assert(isHex(input), `${input} is not hex`);
+    return input;
+}
+/**
+ * @param value A value that is expected to be truthy
+ * @param message The error message if the value is falsy
+ * @throws {Error} if value is not truthy
+ */
+function assert(value, message) {
+    if (!value) {
+        throw new Error(message);
+    }
+}
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi9zcmMvaW5kZXgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7Ozs7Ozs7O0FBQUEsT0FBTyxFQUtMLFVBQVUsRUFDVix3QkFBd0IsRUFDeEIsVUFBVSxFQUNWLEtBQUssRUFDTCxnQkFBZ0IsRUFDaEIsb0JBQW9CLEVBQ3BCLFdBQVcsR0FDWixNQUFNLE1BQU0sQ0FBQztBQUNkLE9BQU8sRUFJTCxTQUFTLEdBR1YsTUFBTSw2QkFBNkIsQ0FBQztBQUVyQzs7O0dBR0c7QUFDSCxNQUFNLE9BQU8sZ0JBQWdCO0lBTzNCOzs7Ozs7OztPQVFHO0lBQ0gsWUFBWSxPQUFxQixFQUFFLE1BQXdCLEVBQUUsT0FBMEI7UUFmdkYsMkNBQTJDO1FBQ2xDLDJDQUFtQjtRQTBCNUI7Ozs7Ozs7O1dBUUc7UUFDSSxnQkFBVyxHQUFnQyxLQUFLLEVBQUUsRUFBRSxPQUFPLEVBQUUsRUFBRSxFQUFFO1lBQ3RFLElBQUksR0FBRyxDQUFDO1lBQ1IsSUFBSSxPQUFPLE9BQU8sS0FBSyxRQUFRLEVBQUUsQ0FBQztnQkFDaEMsR0FBRyxHQUFHLFdBQVcsQ0FBQyxPQUFPLENBQUMsQ0FBQztZQUM3QixDQUFDO2lCQUFNLElBQUksS0FBSyxDQUFDLE9BQU8sQ0FBQyxHQUFHLENBQUMsRUFBRSxDQUFDO2dCQUM5QixHQUFHLEdBQUcsT0FBTyxDQUFDLEdBQUcsQ0FBQztZQUNwQixDQUFDO2lCQUFNLENBQUM7Z0JBQ04sR0FBRyxHQUFHLFVBQVUsQ0FBQyxPQUFPLENBQUMsR0FBRyxDQUFDLENBQUM7WUFDaEMsQ0FBQztZQUVELE1BQU0sU0FBUyxHQUFHLE1BQU0sdUJBQUEsSUFBSSxnQ0FBUSxDQUFDLFVBQVUsQ0FBQyxFQUFFLElBQUksRUFBRSxHQUFHLEVBQUUsQ0FBQyxDQUFDO1lBRS9ELE9BQU8sU0FBUyxDQUFDLFNBQVMsQ0FBQyxDQUFDO1FBQzlCLENBQUMsQ0FBQztRQUVGOzs7Ozs7OztXQVFHO1FBQ0ksa0JBQWEsR0FBa0MsS0FBSyxFQUFFLFVBQVUsRUFBRSxFQUFFO1lBQ3pFLE1BQU0sQ0FBQyxVQUFVLENBQUMsTUFBTSxFQUFFLDBCQUEwQixDQUFDLENBQUM7WUFFdEQsTUFBTSxnQkFBZ0IsR0FBRyxVQUE2QyxDQUFDO1lBQ3ZFLE1BQU0sQ0FBQyxnQkFBZ0IsQ0FBQyxNQUFNLENBQUMsT0FBTyxFQUFFLGtDQUFrQyxDQUFDLENBQUM7WUFFNUUsTUFBTSxTQUFTLEdBQUcsTUFBTSx1QkFBQSxJQUFJLGdDQUFRLENBQUMsVUFBVSxDQUFDO2dCQUM5QyxRQUFRLEVBQUUsTUFBTSxDQUFDLGdCQUFnQixDQUFDLE1BQU0sQ0FBQyxPQUFPLENBQUM7Z0JBQ2pELFVBQVUsRUFBRSxnQkFBZ0I7YUFDN0IsQ0FBQyxDQUFDO1lBRUgsT0FBTyxTQUFTLENBQUMsU0FBUyxDQUFDLENBQUM7UUFDOUIsQ0FBQyxDQUFDO1FBRUY7Ozs7Ozs7Ozs7O1dBV0c7UUFDSSxvQkFBZSxHQUFvQyxLQUFLLEVBQUUsV0FBVyxFQUFFLE9BQU8sRUFBRSxFQUFFO1lBQ3ZGLE1BQU0sQ0FDSixXQUFXLENBQUMsSUFBSSxLQUFLLFFBQVEsSUFBSSxXQUFXLENBQUMsSUFBSSxLQUFLLFNBQVMsRUFDL0QsaUNBQWlDLFdBQVcsQ0FBQyxJQUFJLDREQUE0RCxDQUM5RyxDQUFDO1lBRUYsTUFBTSxDQUFDLFdBQVcsQ0FBQyxPQUFPLEVBQUUsMkJBQTJCLENBQUMsQ0FBQztZQUV6RCxNQUFNLFNBQVMsR0FBRyx3QkFBd0IsQ0FBQyxXQUFXLENBQUMsQ0FBQztZQUN4RCxNQUFNLG9CQUFvQixHQUFHLE1BQU0sdUJBQUEsSUFBSSxnQ0FBUSxDQUFDLGVBQWUsQ0FBQztnQkFDOUQsUUFBUSxFQUFFLFdBQVcsQ0FBQyxPQUFPO2dCQUM3QixFQUFFLEVBQUUsU0FBaUM7YUFDdEMsQ0FBQyxDQUFDO1lBRUgsOEdBQThHO1lBQzlHLDBEQUEwRDtZQUMxRCxNQUFNLEVBQUUsQ0FBQyxFQUFFLENBQUMsRUFBRSxDQUFDLEVBQUUsT0FBTyxFQUFFLEdBQUcsaUJBQWlCLEVBQUUsR0FBRyxnQkFBZ0IsQ0FDakUsU0FBUyxDQUFDLG9CQUFvQixDQUFDLENBQ2hDLENBQUM7WUFDRixNQUFNLFVBQVUsR0FBRyxPQUFPLEVBQUUsVUFBVSxJQUFJLG9CQUFvQixDQUFDO1lBRS9ELE9BQU8sTUFBTSxVQUFVLENBQUMsaUJBQWlCLEVBQUUsRUFBRSxDQUFDLEVBQUUsQ0FBQyxFQUFFLENBQUMsRUFBRSxPQUFPLEVBQWUsQ0FBQyxDQUFDO1FBQ2hGLENBQUMsQ0FBQztRQTVGQSx1QkFBQSxJQUFJLDRCQUFXLElBQUksU0FBUyxDQUFDLE9BQU8sRUFBRSxNQUFNLEVBQUUsT0FBTyxDQUFDLE1BQUEsQ0FBQztRQUV2RCx5RkFBeUY7UUFDekYsSUFBSSxDQUFDLE9BQU8sR0FBRyxVQUFVLENBQUMsdUJBQUEsSUFBSSxnQ0FBUSxDQUFDLE9BQU8sQ0FBQyxDQUFDO1FBRWhELG1EQUFtRDtRQUNuRCxJQUFJLENBQUMsV0FBVyxHQUFHLElBQUksQ0FBQyxXQUFXLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxDQUFDO1FBQy9DLElBQUksQ0FBQyxlQUFlLEdBQUcsSUFBSSxDQUFDLGVBQWUsQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLENBQUM7UUFDdkQsSUFBSSxDQUFDLGFBQWEsR0FBRyxJQUFJLENBQUMsYUFBYSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsQ0FBQztJQUNyRCxDQUFDO0NBb0ZGOztBQUVEOzs7O0dBSUc7QUFDSCxTQUFTLFNBQVMsQ0FBQyxLQUFhO0lBQzlCLE1BQU0sQ0FBQyxLQUFLLENBQUMsS0FBSyxDQUFDLEVBQUUsR0FBRyxLQUFLLGFBQWEsQ0FBQyxDQUFDO0lBQzVDLE9BQU8sS0FBSyxDQUFDO0FBQ2YsQ0FBQztBQUVEOzs7O0dBSUc7QUFDSCxTQUFTLE1BQU0sQ0FBQyxLQUFjLEVBQUUsT0FBZTtJQUM3QyxJQUFJLENBQUMsS0FBSyxFQUFFLENBQUM7UUFDWCxNQUFNLElBQUksS0FBSyxDQUFDLE9BQU8sQ0FBQyxDQUFDO0lBQzNCLENBQUM7QUFDSCxDQUFDIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0IHtcbiAgdHlwZSBBZGRyZXNzLFxuICB0eXBlIEN1c3RvbVNvdXJjZSxcbiAgdHlwZSBIZXgsXG4gIHR5cGUgU2lnbmF0dXJlLFxuICBieXRlc1RvSGV4LFxuICBmb3JtYXRUcmFuc2FjdGlvblJlcXVlc3QsXG4gIGdldEFkZHJlc3MsXG4gIGlzSGV4LFxuICBwYXJzZVRyYW5zYWN0aW9uLFxuICBzZXJpYWxpemVUcmFuc2FjdGlvbixcbiAgc3RyaW5nVG9IZXgsXG59IGZyb20gXCJ2aWVtXCI7XG5pbXBvcnQge1xuICB0eXBlIEN1YmVTaWduZXJDbGllbnQsXG4gIHR5cGUgRWlwNzEyU2lnblJlcXVlc3QsXG4gIHR5cGUgRXZtU2lnblJlcXVlc3QsXG4gIEV2bVNpZ25lcixcbiAgdHlwZSBFdm1TaWduZXJPcHRpb25zLFxuICB0eXBlIEtleSxcbn0gZnJvbSBcIkBjdWJpc3QtbGFicy9jdWJlc2lnbmVyLXNka1wiO1xuXG4vKipcbiAqIEEgY2xhc3MgdG8gd3JhcCBhIEN1YmVTaWduZXIga2V5IGFuZCBjbGllbnQgaW50byBhIFZpZW0ge0BsaW5rIEN1c3RvbVNvdXJjZX0uXG4gKiBVc2UgVmllbSdzIGB0b0FjY291bnRgIHRvIGNvbnZlcnQgdGhpcyB0byBhIFZpZW0gQWNjb3VudC5cbiAqL1xuZXhwb3J0IGNsYXNzIEN1YmVTaWduZXJTb3VyY2UgaW1wbGVtZW50cyBDdXN0b21Tb3VyY2Uge1xuICAvKiogVGhlIGludGVybmFsIEN1YmVTaWduZXIgc2lnbmVyIHVzZWQuICovXG4gIHJlYWRvbmx5ICNzaWduZXI6IEV2bVNpZ25lcjtcblxuICAvKiogVGhlIGFkZHJlc3MgdGhlIHdhbGxldCBpcyBhc3NvY2lhdGVkIHdpdGguICovXG4gIHB1YmxpYyByZWFkb25seSBhZGRyZXNzOiBBZGRyZXNzO1xuXG4gIC8qKlxuICAgKiBDb25zdHJ1Y3QgYSBWaWVtIHtAbGluayBDdXN0b21Tb3VyY2V9IGFyb3VuZCBhIEN1YmVTaWduZXIga2V5IGFuZCBjbGllbnQuXG4gICAqIFVzZSBWaWVtJ3MgYHRvQWNjb3VudGAgdG8gY29udmVydCB0aGlzIHRvIGEgVmllbSBBY2NvdW50LlxuICAgKlxuICAgKiBAcGFyYW0gYWRkcmVzcyBUaGUgRVZNIGFkZHJlc3MgdGhpcyB3YWxsZXQgaXMgYXNzb2NpYXRlZCB3aXRoXG4gICAqIEBwYXJhbSBjbGllbnQgVGhlIHNlc3Npb24gdXNlZCBmb3Igc2lnbmluZy4gTXVzdCBoYXZlIG5lY2Vzc2FyeSBzY29wZXMuXG4gICAqIEBwYXJhbSBvcHRpb25zIE1GQSBvcHRpb25zIGZvciB0aGUgY2xpZW50IHRvIHJlc3BlY3RcbiAgICogQHRocm93cyB7RXJyb3J9IGlmIHRoZSBhZGRyZXNzIGlzIG5vdCBhIHZhbGlkIEVWTSBhZGRyZXNzXG4gICAqL1xuICBjb25zdHJ1Y3RvcihhZGRyZXNzOiBLZXkgfCBzdHJpbmcsIGNsaWVudDogQ3ViZVNpZ25lckNsaWVudCwgb3B0aW9ucz86IEV2bVNpZ25lck9wdGlvbnMpIHtcbiAgICB0aGlzLiNzaWduZXIgPSBuZXcgRXZtU2lnbmVyKGFkZHJlc3MsIGNsaWVudCwgb3B0aW9ucyk7XG5cbiAgICAvLyBOT1RFOiBgZ2V0QWRkcmVzc2Agd2lsbCBjaGVja3N1bSB0aGUgYWRkcmVzcyBhbmQgdGhyb3cgaWYgaXQncyBhbiBpbnZhbGlkIEVWTSBhZGRyZXNzLlxuICAgIHRoaXMuYWRkcmVzcyA9IGdldEFkZHJlc3ModGhpcy4jc2lnbmVyLmFkZHJlc3MpO1xuXG4gICAgLy8gU2NvcGUgdGhlc2UgZnVuY3Rpb25zIHRvIHByb3Blcmx5IHJlc29sdmUgYHRoaXNgXG4gICAgdGhpcy5zaWduTWVzc2FnZSA9IHRoaXMuc2lnbk1lc3NhZ2UuYmluZCh0aGlzKTtcbiAgICB0aGlzLnNpZ25UcmFuc2FjdGlvbiA9IHRoaXMuc2lnblRyYW5zYWN0aW9uLmJpbmQodGhpcyk7XG4gICAgdGhpcy5zaWduVHlwZWREYXRhID0gdGhpcy5zaWduVHlwZWREYXRhLmJpbmQodGhpcyk7XG4gIH1cblxuICAvKipcbiAgICogU2lnbnMgYXJiaXRyYXJ5IG1lc3NhZ2VzLiBUaGlzIHVzZXMgQ3ViZVNpZ25lcidzIEVJUC0xOTEgc2lnbmluZyBlbmRwb2ludC5cbiAgICogVGhlIGtleSAoZm9yIHRoaXMgc2Vzc2lvbikgbXVzdCBoYXZlIHRoZSBgXCJBbGxvd1Jhd0Jsb2JTaWduaW5nXCJgIG9yXG4gICAqIGBcIkFsbG93RWlwMTkxU2lnbmluZ1wiYCBwb2xpY3kgYXR0YWNoZWQuXG4gICAqXG4gICAqIEBwYXJhbSByb290IE9iamVjdCBhcm91bmQgdGhlIG1lc3NhZ2VcbiAgICogQHBhcmFtIHJvb3QubWVzc2FnZSBUaGUgbWVzc2FnZSB0byBzaWduXG4gICAqIEByZXR1cm5zIFRoZSBzaWduYXR1cmVcbiAgICovXG4gIHB1YmxpYyBzaWduTWVzc2FnZTogQ3VzdG9tU291cmNlW1wic2lnbk1lc3NhZ2VcIl0gPSBhc3luYyAoeyBtZXNzYWdlIH0pID0+IHtcbiAgICBsZXQgaGV4O1xuICAgIGlmICh0eXBlb2YgbWVzc2FnZSA9PT0gXCJzdHJpbmdcIikge1xuICAgICAgaGV4ID0gc3RyaW5nVG9IZXgobWVzc2FnZSk7XG4gICAgfSBlbHNlIGlmIChpc0hleChtZXNzYWdlLnJhdykpIHtcbiAgICAgIGhleCA9IG1lc3NhZ2UucmF3O1xuICAgIH0gZWxzZSB7XG4gICAgICBoZXggPSBieXRlc1RvSGV4KG1lc3NhZ2UucmF3KTtcbiAgICB9XG5cbiAgICBjb25zdCBzaWduYXR1cmUgPSBhd2FpdCB0aGlzLiNzaWduZXIuc2lnbkVpcDE5MSh7IGRhdGE6IGhleCB9KTtcblxuICAgIHJldHVybiBlbnN1cmVIZXgoc2lnbmF0dXJlKTtcbiAgfTtcblxuICAvKipcbiAgICogU2lnbnMgRUlQLTcxMiB0eXBlZCBkYXRhLiBUaGlzIHVzZXMgQ3ViZVNpZ25lcidzIEVJUC03MTIgc2lnbmluZyBlbmRwb2ludC5cbiAgICogVGhlIGtleSAoZm9yIHRoaXMgc2Vzc2lvbikgbXVzdCBoYXZlIHRoZSBgXCJBbGxvd1Jhd0Jsb2JTaWduaW5nXCJgIG9yXG4gICAqIGBcIkFsbG93RWlwNzEyU2lnbmluZ1wiYCBwb2xpY3kgYXR0YWNoZWQuXG4gICAqIGBjaGFpbklkYCBtdXN0IGJlIHNwZWNpZmllZCB3aXRoaW4gdGhlIGBkb21haW5gLlxuICAgKlxuICAgKiBAcGFyYW0gcGFyYW1ldGVycyBUeXBlZCBkYXRhXG4gICAqIEByZXR1cm5zIHNpZ25hdHVyZSBmb3IgdGhlIHR5cGVkIGRhdGFcbiAgICovXG4gIHB1YmxpYyBzaWduVHlwZWREYXRhOiBDdXN0b21Tb3VyY2VbXCJzaWduVHlwZWREYXRhXCJdID0gYXN5bmMgKHBhcmFtZXRlcnMpID0+IHtcbiAgICBhc3NlcnQocGFyYW1ldGVycy5kb21haW4sIFwiYGRvbWFpbmAgbXVzdCBiZSBkZWZpbmVkXCIpO1xuXG4gICAgY29uc3QgY2FzdGVkUGFyYW1ldGVycyA9IHBhcmFtZXRlcnMgYXMgRWlwNzEyU2lnblJlcXVlc3RbXCJ0eXBlZF9kYXRhXCJdO1xuICAgIGFzc2VydChjYXN0ZWRQYXJhbWV0ZXJzLmRvbWFpbi5jaGFpbklkLCBcImBkb21haW4uY2hhaW5JZGAgbXVzdCBiZSBkZWZpbmVkXCIpO1xuXG4gICAgY29uc3Qgc2lnbmF0dXJlID0gYXdhaXQgdGhpcy4jc2lnbmVyLnNpZ25FaXA3MTIoe1xuICAgICAgY2hhaW5faWQ6IE51bWJlcihjYXN0ZWRQYXJhbWV0ZXJzLmRvbWFpbi5jaGFpbklkKSxcbiAgICAgIHR5cGVkX2RhdGE6IGNhc3RlZFBhcmFtZXRlcnMsXG4gICAgfSk7XG5cbiAgICByZXR1cm4gZW5zdXJlSGV4KHNpZ25hdHVyZSk7XG4gIH07XG5cbiAgLyoqXG4gICAqIEl0IGlzIHJlY29tbWVuZGVkIHRvIHVzZSBgcHJlcGFyZVRyYW5zYWN0aW9uUmVxdWVzdGAgb24geW91ciByZXF1ZXN0XG4gICAqIGJlZm9yZSBjYWxsaW5nIHRoaXMgZnVuY3Rpb24uXG4gICAqXG4gICAqIFNpZ24gYSB0cmFuc2FjdGlvbi4gVGhpcyBtZXRob2Qgd2lsbCBibG9jayBpZiB0aGUga2V5IHJlcXVpcmVzIE1GQSBhcHByb3ZhbC5cbiAgICogYHR5cGVgIGFuZCBgY2hhaW5JZGAgbXVzdCBiZSBkZWZpbmVkLiBPbmx5IHN1cHBvcnRzIHR5cGUgXCJsZWdhY3lcIiBvciBcImVpcDE1NTlcIi5cbiAgICpcbiAgICogQHBhcmFtIHRyYW5zYWN0aW9uIFRoZSB0cmFuc2FjdGlvbiB0byBzaWduXG4gICAqIEBwYXJhbSBvcHRpb25zIENvbnRhaW5zIGFuIG9wdGlvbmFsIGN1c3RvbSBzZXJpYWxpemVyXG4gICAqIEByZXR1cm5zIFNpZ25lZCB0cmFuc2FjdGlvblxuICAgKiBAdGhyb3dzIHtFcnJvcn0gaWYgdHJhbnNhY3Rpb24udHlwZSBpc24ndCBcImxlZ2FjeVwiIG9yIFwiZWlwMTU1OVwiLCBvciBpZiBcImNoYWluSWRcIiBpc24ndCBzcGVjaWZpZWRcbiAgICovXG4gIHB1YmxpYyBzaWduVHJhbnNhY3Rpb246IEN1c3RvbVNvdXJjZVtcInNpZ25UcmFuc2FjdGlvblwiXSA9IGFzeW5jICh0cmFuc2FjdGlvbiwgb3B0aW9ucykgPT4ge1xuICAgIGFzc2VydChcbiAgICAgIHRyYW5zYWN0aW9uLnR5cGUgPT09IFwibGVnYWN5XCIgfHwgdHJhbnNhY3Rpb24udHlwZSA9PT0gXCJlaXAxNTU5XCIsXG4gICAgICBgVW5zdXBwb3J0ZWQgdHJhbnNhY3Rpb24gdHlwZSAnJHt0cmFuc2FjdGlvbi50eXBlfScsIEN1YmVTaWduZXIgb25seSBzdXBwb3J0cyB0eXBlICdsZWdhY3knIG9yICdlaXAxNTU5J1wiKX0nYCxcbiAgICApO1xuXG4gICAgYXNzZXJ0KHRyYW5zYWN0aW9uLmNoYWluSWQsIFwiYGNoYWluSWRgIG11c3QgYmUgZGVmaW5lZFwiKTtcblxuICAgIGNvbnN0IGZvcm1hdHRlZCA9IGZvcm1hdFRyYW5zYWN0aW9uUmVxdWVzdCh0cmFuc2FjdGlvbik7XG4gICAgY29uc3QgcmxwU2lnbmVkVHJhbnNhY3Rpb24gPSBhd2FpdCB0aGlzLiNzaWduZXIuc2lnblRyYW5zYWN0aW9uKHtcbiAgICAgIGNoYWluX2lkOiB0cmFuc2FjdGlvbi5jaGFpbklkLFxuICAgICAgdHg6IGZvcm1hdHRlZCBhcyBFdm1TaWduUmVxdWVzdFtcInR4XCJdLFxuICAgIH0pO1xuXG4gICAgLy8gQ3ViZVNpZ25lciByZXR1cm5zIGFuIFJMUC1lbmNvZGVkIHRyYW5zYWN0aW9uLiBTaW5jZSBWaWVtIGFsbG93cyB1c2VycyB0byBwYXNzIGEgY3VzdG9tIHNlcmlhbGl6ZXIsIHdlIHdpbGxcbiAgICAvLyBub3cgdW5zZXJpYWxpemUgYW5kIHJlc2VyaWFsaXplIHdpdGggVmllbSdzIHNlcmlhbGl6ZXIuXG4gICAgY29uc3QgeyByLCBzLCB2LCB5UGFyaXR5LCAuLi5wYXJzZWRUcmFuc2FjdGlvbiB9ID0gcGFyc2VUcmFuc2FjdGlvbihcbiAgICAgIGVuc3VyZUhleChybHBTaWduZWRUcmFuc2FjdGlvbiksXG4gICAgKTtcbiAgICBjb25zdCBzZXJpYWxpemVyID0gb3B0aW9ucz8uc2VyaWFsaXplciA/PyBzZXJpYWxpemVUcmFuc2FjdGlvbjtcblxuICAgIHJldHVybiBhd2FpdCBzZXJpYWxpemVyKHBhcnNlZFRyYW5zYWN0aW9uLCB7IHIsIHMsIHYsIHlQYXJpdHkgfSBhcyBTaWduYXR1cmUpO1xuICB9O1xufVxuXG4vKipcbiAqIEBwYXJhbSBpbnB1dCBBIGhleCBzdHJpbmdcbiAqIEByZXR1cm5zIHRoZSBpbnB1dCwgdHlwZSBuYXJyb3dlZCB0byBIZXhcbiAqIEB0aHJvd3Mge0Vycm9yfSBpZiBpbnB1dCBpcyBub3QgSGV4XG4gKi9cbmZ1bmN0aW9uIGVuc3VyZUhleChpbnB1dDogc3RyaW5nKTogSGV4IHtcbiAgYXNzZXJ0KGlzSGV4KGlucHV0KSwgYCR7aW5wdXR9IGlzIG5vdCBoZXhgKTtcbiAgcmV0dXJuIGlucHV0O1xufVxuXG4vKipcbiAqIEBwYXJhbSB2YWx1ZSBBIHZhbHVlIHRoYXQgaXMgZXhwZWN0ZWQgdG8gYmUgdHJ1dGh5XG4gKiBAcGFyYW0gbWVzc2FnZSBUaGUgZXJyb3IgbWVzc2FnZSBpZiB0aGUgdmFsdWUgaXMgZmFsc3lcbiAqIEB0aHJvd3Mge0Vycm9yfSBpZiB2YWx1ZSBpcyBub3QgdHJ1dGh5XG4gKi9cbmZ1bmN0aW9uIGFzc2VydCh2YWx1ZTogdW5rbm93biwgbWVzc2FnZTogc3RyaW5nKTogYXNzZXJ0cyB2YWx1ZSB7XG4gIGlmICghdmFsdWUpIHtcbiAgICB0aHJvdyBuZXcgRXJyb3IobWVzc2FnZSk7XG4gIH1cbn1cbiJdfQ==

package/package.json

@@ -0,0 +1,38 @@
+{
+  "name": "@cubist-labs/cubesigner-sdk-viem",
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/cubist-labs/CubeSigner-TypeScript-SDK.git",
+    "directory": "packages/viem"
+  },
+  "version": "0.4.183-0",
+  "type": "module",
+  "description": "Viem CustomSource implementation",
+  "license": "MIT OR Apache-2.0",
+  "author": "Cubist, Inc.",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "files": [
+    "tsconfig.json",
+    "src/**",
+    "dist/**",
+    "../../NOTICE",
+    "../../LICENSE-APACHE",
+    "../../LICENSE-MIT"
+  ],
+  "scripts": {
+    "build": "tsc",
+    "prepack": "tsc",
+    "test": "jest --maxWorkers=1"
+  },
+  "directories": {
+    "test": "test"
+  },
+  "peerDependencies": {
+    "@cubist-labs/cubesigner-sdk": "^0.4.183-0",
+    "viem": "^2.38.2"
+  },
+  "devDependencies": {
+    "@cubist-labs/cubesigner-sdk-fs-storage": "^0.4.183-0"
+  }
+}

package/src/index.ts

@@ -0,0 +1,158 @@
+import {
+  type Address,
+  type CustomSource,
+  type Hex,
+  type Signature,
+  bytesToHex,
+  formatTransactionRequest,
+  getAddress,
+  isHex,
+  parseTransaction,
+  serializeTransaction,
+  stringToHex,
+} from "viem";
+import {
+  type CubeSignerClient,
+  type Eip712SignRequest,
+  type EvmSignRequest,
+  EvmSigner,
+  type EvmSignerOptions,
+  type Key,
+} from "@cubist-labs/cubesigner-sdk";
+
+/**
+ * A class to wrap a CubeSigner key and client into a Viem {@link CustomSource}.
+ * Use Viem's `toAccount` to convert this to a Viem Account.
+ */
+export class CubeSignerSource implements CustomSource {
+  /** The internal CubeSigner signer used. */
+  readonly #signer: EvmSigner;
+
+  /** The address the wallet is associated with. */
+  public readonly address: Address;
+
+  /**
+   * Construct a Viem {@link CustomSource} around a CubeSigner key and client.
+   * Use Viem's `toAccount` to convert this to a Viem Account.
+   *
+   * @param address The EVM address this wallet is associated with
+   * @param client The session used for signing. Must have necessary scopes.
+   * @param options MFA options for the client to respect
+   * @throws {Error} if the address is not a valid EVM address
+   */
+  constructor(address: Key | string, client: CubeSignerClient, options?: EvmSignerOptions) {
+    this.#signer = new EvmSigner(address, client, options);
+
+    // NOTE: `getAddress` will checksum the address and throw if it's an invalid EVM address.
+    this.address = getAddress(this.#signer.address);
+
+    // Scope these functions to properly resolve `this`
+    this.signMessage = this.signMessage.bind(this);
+    this.signTransaction = this.signTransaction.bind(this);
+    this.signTypedData = this.signTypedData.bind(this);
+  }
+
+  /**
+   * Signs arbitrary messages. This uses CubeSigner's EIP-191 signing endpoint.
+   * The key (for this session) must have the `"AllowRawBlobSigning"` or
+   * `"AllowEip191Signing"` policy attached.
+   *
+   * @param root Object around the message
+   * @param root.message The message to sign
+   * @returns The signature
+   */
+  public signMessage: CustomSource["signMessage"] = async ({ message }) => {
+    let hex;
+    if (typeof message === "string") {
+      hex = stringToHex(message);
+    } else if (isHex(message.raw)) {
+      hex = message.raw;
+    } else {
+      hex = bytesToHex(message.raw);
+    }
+
+    const signature = await this.#signer.signEip191({ data: hex });
+
+    return ensureHex(signature);
+  };
+
+  /**
+   * Signs EIP-712 typed data. This uses CubeSigner's EIP-712 signing endpoint.
+   * The key (for this session) must have the `"AllowRawBlobSigning"` or
+   * `"AllowEip712Signing"` policy attached.
+   * `chainId` must be specified within the `domain`.
+   *
+   * @param parameters Typed data
+   * @returns signature for the typed data
+   */
+  public signTypedData: CustomSource["signTypedData"] = async (parameters) => {
+    assert(parameters.domain, "`domain` must be defined");
+
+    const castedParameters = parameters as Eip712SignRequest["typed_data"];
+    assert(castedParameters.domain.chainId, "`domain.chainId` must be defined");
+
+    const signature = await this.#signer.signEip712({
+      chain_id: Number(castedParameters.domain.chainId),
+      typed_data: castedParameters,
+    });
+
+    return ensureHex(signature);
+  };
+
+  /**
+   * It is recommended to use `prepareTransactionRequest` on your request
+   * before calling this function.
+   *
+   * Sign a transaction. This method will block if the key requires MFA approval.
+   * `type` and `chainId` must be defined. Only supports type "legacy" or "eip1559".
+   *
+   * @param transaction The transaction to sign
+   * @param options Contains an optional custom serializer
+   * @returns Signed transaction
+   * @throws {Error} if transaction.type isn't "legacy" or "eip1559", or if "chainId" isn't specified
+   */
+  public signTransaction: CustomSource["signTransaction"] = async (transaction, options) => {
+    assert(
+      transaction.type === "legacy" || transaction.type === "eip1559",
+      `Unsupported transaction type '${transaction.type}', CubeSigner only supports type 'legacy' or 'eip1559'")}'`,
+    );
+
+    assert(transaction.chainId, "`chainId` must be defined");
+
+    const formatted = formatTransactionRequest(transaction);
+    const rlpSignedTransaction = await this.#signer.signTransaction({
+      chain_id: transaction.chainId,
+      tx: formatted as EvmSignRequest["tx"],
+    });
+
+    // CubeSigner returns an RLP-encoded transaction. Since Viem allows users to pass a custom serializer, we will
+    // now unserialize and reserialize with Viem's serializer.
+    const { r, s, v, yParity, ...parsedTransaction } = parseTransaction(
+      ensureHex(rlpSignedTransaction),
+    );
+    const serializer = options?.serializer ?? serializeTransaction;
+
+    return await serializer(parsedTransaction, { r, s, v, yParity } as Signature);
+  };
+}
+
+/**
+ * @param input A hex string
+ * @returns the input, type narrowed to Hex
+ * @throws {Error} if input is not Hex
+ */
+function ensureHex(input: string): Hex {
+  assert(isHex(input), `${input} is not hex`);
+  return input;
+}
+
+/**
+ * @param value A value that is expected to be truthy
+ * @param message The error message if the value is falsy
+ * @throws {Error} if value is not truthy
+ */
+function assert(value: unknown, message: string): asserts value {
+  if (!value) {
+    throw new Error(message);
+  }
+}