@cubist-labs/cubesigner-sdk 0.1.77 → 0.2.2

package/dist/src/schema.d.ts

@@ -6,7 +6,6 @@ export interface paths {
     "/v0/about_me": {
         /**
          * User Info
-         * @deprecated
          * @description User Info
          *
          * Retrieves information about the current user.
@@ -393,6 +392,15 @@ export interface paths {
          */
         delete: operations["revokeSessions"];
     };
+    "/v0/org/{org_id}/session/self": {
+        /**
+         * Revoke current session
+         * @description Revoke current session
+         *
+         * Immediately revokes the current session, preventing it from being used or refreshed
+         */
+        delete: operations["revokeCurrentSession"];
+    };
     "/v0/org/{org_id}/session/{session_id}": {
         /**
          * Get session information
@@ -707,6 +715,10 @@ export interface components {
             mfa_policy?: Record<string, unknown> | null;
             role: components["schemas"]["MemberRole"];
         };
+        AddThirdPartyUserResponse: {
+            /** @example User#c3b9379c-4e8c-4216-bd0a-65ace53cf98f */
+            user_id: string;
+        };
         ApprovalInfo: {
             timestamp: components["schemas"]["EpochDateTime"];
         };
@@ -856,6 +868,10 @@ export interface components {
              */
             tx: Record<string, never>;
         };
+        AvaSignResponse: {
+            /** @description The hex-encoded signature. */
+            signature: string;
+        };
         /** @description Wrapper around a zeroizing 32-byte fixed-size array */
         B32: string;
         /**
@@ -872,6 +888,10 @@ export interface components {
              */
             message_base64: string;
         };
+        BlobSignResponse: {
+            /** @description The hex-encoded signature. */
+            signature: string;
+        };
         /** @enum {string} */
         BtcSighashType: "All" | "None" | "Single" | "AllPlusAnyoneCanPay" | "NonePlusAnyoneCanPay" | "SinglePlusAnyoneCanPay";
         BtcSignRequest: {
@@ -879,6 +899,13 @@ export interface components {
             /** @description The bitcoin transaction to sign */
             tx: Record<string, never>;
         };
+        BtcSignResponse: {
+            /**
+             * @description The hex-encoded signature in compact format.
+             * @example 0x454aef27c21df7dd8f537dc869f4cd65286ce239a52d36470f4d85be85a891b02789e5ffd8560b32a98110e5d0096802e4c14145cf6c44f10a768c87755eaa4800
+             */
+            signature: string;
+        };
         BtcSignatureKind: {
             /** @description Segregated Witness */
             Segwit: {
@@ -932,6 +959,18 @@ export interface components {
             /** @enum {string} */
             type: "fido";
         };
+        CreateKeyImportKeyResponse: components["schemas"]["KeyImportKey"] & {
+            /**
+             * @description An attestation document from a secure enclave, including an
+             * RSA signing key used to sign the contents of this message.
+             */
+            enclave_attestation: string;
+            /**
+             * @description An RSA-PSS-SHA256 signature on the public key and encrypted
+             * secrets attesting to their generation inside a secure enclave.
+             */
+            enclave_signature: string;
+        };
         CreateKeyRequest: {
             /**
              * Format: int64
@@ -952,6 +991,10 @@ export interface components {
              */
             owner?: string | null;
         };
+        CreateKeyResponse: {
+            /** @description The info about the created keys */
+            keys: components["schemas"]["KeyInfo"][];
+        };
         /** @description Optional create role request body */
         CreateRoleRequest: {
             /**
@@ -960,6 +1003,19 @@ export interface components {
              */
             name: string;
         };
+        /** @description The newly created role information */
+        CreateRoleResponse: {
+            /**
+             * @description A human-readable name for the role.
+             * @example my_role
+             */
+            name?: string | null;
+            /**
+             * @description The id of the newly created role
+             * @example Role#bfe3eccb-731e-430d-b1e5-ac1363e6b06b
+             */
+            role_id: string;
+        };
         CreateTokenRequest: components["schemas"]["RatchetConfig"] & ({
             /**
              * @description A human readable description of the purpose of the key
@@ -1122,8 +1178,20 @@ export interface components {
             /** @description EIP-712 typed data. Refer to the JSON schema defined in EIP-712. */
             typed_data: Record<string, never>;
         };
+        Eip712SignResponse: {
+            /**
+             * @description Hex-encoded signature comprising 65 bytes in the format required
+             * by ecrecover: 32-byte r, 32-byte s, and one-byte recovery-id v
+             * which is either 27 or 28.
+             * @example 0x4355c47d63924e8a72e509b65029052eb6c299d53a04e167c5775fd466751c9d07299936d304c153f6443dfa05f40ff007d72911b6f72307f996231605b915621c
+             */
+            signature: string;
+        };
         /** @default null */
         Empty: Record<string, unknown> | null;
+        EmptyImpl: {
+            status: string;
+        };
         /**
          * @description Epoch is a quoted `uint64`.
          * @example 256
@@ -1173,6 +1241,13 @@ export interface components {
              */
             tx: Record<string, never>;
         };
+        Eth1SignResponse: {
+            /**
+             * @description Hex-encoded RLP encoding of the transaction and its signature
+             * @example 0x22895118000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000e000000000000000000000000000000000000000000000000000000000000001201d58656b0e22aaa68fdc692db41979098c3886ed33015d7467de9211609cdac000000000000000000000000000000000000000000000000000000000000000308b0c2900324d3ff9adfba7fdfe5af3f9b2cdbeef7b280437bbf1b1c59a093d615afe3e5dfed9622b540cdd9b49b3c5ad00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002001000000000000000000000049011adbcc3bc9c0307bb07f37dda1a1a9c69d2e0000000000000000000000000000000000000000000000000000000000000060903db8525674b8e7904f9b7d7d9ec55a0a42d33cf58be25469b0c21bbb6d06172bc5bb5fd1aed8e4f35936968958116b0619553c2cb1c52e7323074c6f8eb3d5a7074fc6580148df907837fa3b164ad7fbc2288dad1e8a5b021095b57c8a36d4
+             */
+            rlp_signed_tx: string;
+        };
         /**
          * @example {
          *   "eth2_sign_request": {
@@ -1202,18 +1277,39 @@ export interface components {
             eth2_sign_request: Record<string, never>;
             network: components["schemas"]["Network"];
         };
+        Eth2SignResponse: {
+            /**
+             * @description Hex encoded signature prefixed with 0x e.g. "0x0000..."
+             * @example 0xb4f2ef9d12a54e1f569596c07c97d6d730535b6ffc0d287761dc78103a86326782471a04c75ce7a6faea08ca9a4a0830031cdcb893da8711d54aa22619f1a7e71b8185ddf4c6bfd9babbd735960e35e56bd6eeb89625b04850e7a9ef8846e549
+             */
+            signature: string;
+        };
         /** @description Sent from the client to the server to answer a fido challenge */
         FidoAssertAnswer: {
             /** @description The ID of the challenge that was returned from the POST endpoint */
             challenge_id: string;
             credential: components["schemas"]["PublicKeyCredential"];
         };
+        FidoAssertChallenge: {
+            /** @description The id of the challenge. Must be supplied when answering the challenge. */
+            challenge_id: string;
+            options: components["schemas"]["PublicKeyCredentialRequestOptions"];
+        };
         /** @description Sent from the client to the server to answer a fido challenge */
         FidoCreateChallengeAnswer: {
             /** @description The ID of the challenge that was returned from the POST endpoint */
             challenge_id: string;
             credential: components["schemas"]["PublicKeyCredential"];
         };
+        /**
+         * @description Sent by the server to the client. Contains the challenge data that must be
+         * used to generate a new credential
+         */
+        FidoCreateChallengeResponse: {
+            /** @description The id of the challenge. Must be supplied when answering the challenge. */
+            challenge_id: string;
+            options: components["schemas"]["PublicKeyCredentialCreationOptions"];
+        };
         /** @description Declares intent to register a new FIDO key */
         FidoCreateRequest: {
             /**
@@ -1271,6 +1367,10 @@ export interface components {
         GetKeysInOrgRequest: {
             key_type?: components["schemas"]["KeyType"] | null;
         };
+        GetUsersInOrgResponse: {
+            /** @description The list of users in the org */
+            users: components["schemas"]["UserIdInfo"][];
+        };
         /** @description Stats pertaining the the sender `cube3signer` instance */
         HeartbeatRequest: {
             /**
@@ -1496,6 +1596,9 @@ export interface components {
              */
             purpose: string;
         };
+        KeyInfos: {
+            keys: components["schemas"]["KeyInfo"][];
+        };
         /** @enum {string} */
         KeyType: "SecpEthAddr" | "SecpBtc" | "SecpBtcTest" | "SecpAvaAddr" | "SecpAvaTestAddr" | "BlsPub" | "BlsInactive" | "Ed25519SolanaAddr" | "Ed25519SuiAddr" | "Ed25519AptosAddr" | "Ed25519CardanoAddrVk" | "Ed25519StellarAddr" | "Mnemonic" | "Stark";
         /**
@@ -1505,6 +1608,13 @@ export interface components {
          * so that they can pass this back to us as a url query parameter.
          */
         LastEvalKey: string;
+        ListMfaResponse: {
+            /** @description All pending MFA requests */
+            mfa_requests: components["schemas"]["MfaRequestInfo"][];
+        };
+        ListTokensResponse: {
+            tokens: components["schemas"]["TokenInfo"][];
+        };
         /**
          * @description Describes whether a user in an org is an Owner or just a regular member
          * @enum {string}
@@ -1546,11 +1656,6 @@ export interface components {
          * a single OIDC user to multiple `User`s in CubeSigner
          */
         OIDCIdentity: {
-            /**
-             * @description Free-form additional user info.
-             * @example null
-             */
-            disambiguator?: string | null;
             /**
              * @description The root-level issuer who administrates this user. Frome the OIDC spec:
              * Issuer Identifier for the Issuer of the response. The iss
@@ -1644,6 +1749,80 @@ export interface components {
              */
             "page.start"?: string | null;
         };
+        /**
+         * @description Response type that wraps another type and adds base64url-encoded encrypted `last_evaluated_key`
+         * value (which can the user pass back to use as a url query parameter to continue pagination).
+         */
+        PaginatedListKeysResponse: {
+            keys: components["schemas"]["KeyInfo"][];
+        } & ({
+            /**
+             * @description If set, the content of `response` does not contain the entire result set.
+             * To fetch the next page of the result set, call the same endpoint
+             * but specify this value as the 'page.start' query parameter.
+             */
+            last_evaluated_key?: string | null;
+        });
+        /**
+         * @description Response type that wraps another type and adds base64url-encoded encrypted `last_evaluated_key`
+         * value (which can the user pass back to use as a url query parameter to continue pagination).
+         */
+        PaginatedListRoleKeysResponse: {
+            /** @description All keys in a role */
+            keys: components["schemas"]["KeyInRoleInfo"][];
+        } & ({
+            /**
+             * @description If set, the content of `response` does not contain the entire result set.
+             * To fetch the next page of the result set, call the same endpoint
+             * but specify this value as the 'page.start' query parameter.
+             */
+            last_evaluated_key?: string | null;
+        });
+        /**
+         * @description Response type that wraps another type and adds base64url-encoded encrypted `last_evaluated_key`
+         * value (which can the user pass back to use as a url query parameter to continue pagination).
+         */
+        PaginatedListRoleUsersResponse: {
+            /** @description All users in a role */
+            users: components["schemas"]["UserInRoleInfo"][];
+        } & ({
+            /**
+             * @description If set, the content of `response` does not contain the entire result set.
+             * To fetch the next page of the result set, call the same endpoint
+             * but specify this value as the 'page.start' query parameter.
+             */
+            last_evaluated_key?: string | null;
+        });
+        /**
+         * @description Response type that wraps another type and adds base64url-encoded encrypted `last_evaluated_key`
+         * value (which can the user pass back to use as a url query parameter to continue pagination).
+         */
+        PaginatedListRolesResponse: {
+            /** @description All roles in an organization. */
+            roles: components["schemas"]["RoleInfo"][];
+        } & ({
+            /**
+             * @description If set, the content of `response` does not contain the entire result set.
+             * To fetch the next page of the result set, call the same endpoint
+             * but specify this value as the 'page.start' query parameter.
+             */
+            last_evaluated_key?: string | null;
+        });
+        /**
+         * @description Response type that wraps another type and adds base64url-encoded encrypted `last_evaluated_key`
+         * value (which can the user pass back to use as a url query parameter to continue pagination).
+         */
+        PaginatedSessionsResponse: {
+            /** @description The list of sessions */
+            sessions: components["schemas"]["SessionInfo"][];
+        } & ({
+            /**
+             * @description If set, the content of `response` does not contain the entire result set.
+             * To fetch the next page of the result set, call the same endpoint
+             * but specify this value as the 'page.start' query parameter.
+             */
+            last_evaluated_key?: string | null;
+        });
         /**
          * @description This type represents a wire-encodable form of the PublicKeyCredential interface
          * Clients may need to manually encode into this format to communicate with the server
@@ -1739,7 +1918,7 @@ export interface components {
              * https://www.w3.org/TR/webauthn-2/#dom-publickeycredentialcreationoptions-timeout
              */
             timeout?: number | null;
-            user?: components["schemas"]["PublicKeyCredentialUserEntity"] | null;
+            user: components["schemas"]["PublicKeyCredentialUserEntity"];
         };
         /**
          * @description This dictionary contains the attributes that are specified by a caller when
@@ -1845,7 +2024,7 @@ export interface components {
              *
              * https://www.w3.org/TR/webauthn-2/#dom-publickeycredentialrpentity-id
              */
-            id: string;
+            id?: string | null;
             /**
              * @description A human-palatable name for the entity. Its function depends on what the
              * PublicKeyCredentialEntity represents: When inherited by
@@ -1989,6 +2168,13 @@ export interface components {
          * @enum {string}
          */
         ResidentKeyRequirement: "discouraged" | "preferred" | "required";
+        RevokeTokenResponse: {
+            token?: components["schemas"]["TokenInfo"] | null;
+        };
+        RevokeTokensResponse: {
+            /** @description Tokens that were revoked. */
+            revoked: components["schemas"]["TokenInfo"][];
+        };
         RoleInfo: {
             /**
              * @description Whether the role is enabled
@@ -2002,6 +2188,22 @@ export interface components {
              * @example my_role
              */
             name?: string | null;
+            /**
+             * @description Policy that is checked whenever a key is accessed for signing via this role.
+             * @example [
+             *   {
+             *     "SourceIpAllowlist": [
+             *       "123.456.78.9/16"
+             *     ]
+             *   },
+             *   {
+             *     "RequireMfa": {
+             *       "count": 1
+             *     }
+             *   }
+             * ]
+             */
+            policy?: Record<string, never>[];
             /**
              * @description The ID of the role
              * @example Role#bfe3eccb-731e-430d-b1e5-ac1363e6b06b
@@ -2028,10 +2230,24 @@ export interface components {
              */
             session_id: string;
         };
-        SignRequest: {
-            message: Record<string, never>;
+        /** @description The response from any operation operating on multiple sessions */
+        SessionsResponse: {
+            /** @description The list of sessions */
+            sessions: components["schemas"]["SessionInfo"][];
+        };
+        /**
+         * @example {
+         *   "message_base64": "AQABA8OKVzLEjststN4xXr39kLKHT8d58eQY1QEs6MeXwEFBrxTAlULX1troLbWxuAXQqgbQofGi6z8fJi7KAAIf7YMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJK0tn39k28s+X86W47EvbRRKnYBVQ8Q/l2m1EbfT7+vAQICAAEMAgAAAGQAAAAAAAAA"
+         * }
+         */
+        SolanaSignRequest: {
+            /** @description Solana base64-encoded serialized Message */
+            message_base64: string;
+        };
+        SolanaSignResponse: {
+            /** @description The hex-encoded signature. */
+            signature: string;
         };
-        SolanaSignRequest: components["schemas"]["SignRequest"] & Record<string, never>;
         StakeRequest: {
             /**
              * Format: int64
@@ -2060,6 +2276,14 @@ export interface components {
              */
             withdrawal_addr: string;
         };
+        StakeResponse: {
+            /**
+             * @description The validator key id ("Key#...")
+             * @example Key#db1731f8-3659-45c0-885b-e11e1f5b7be2
+             */
+            created_validator_key_id: string;
+            deposit_tx: components["schemas"]["DepositTxn"];
+        };
         Status: {
             /** @description Users who are allowed to approve. Must be non-empty. */
             allowed_approvers: string[];
@@ -2099,6 +2323,18 @@ export interface components {
             /** @description The ID of the challenge that was returned from the POST endpoint */
             totp_id: string;
         };
+        TotpInfo: {
+            /**
+             * @description The ID of the TOTP challenge.
+             * @example TotpChallenge#7892ebba-563e-485b-bb7d-e26267363286
+             */
+            totp_id: string;
+            /**
+             * @description Standard TOTP url which includes everything needed to initialize TOTP.
+             * @example otpauth://totp/Cubist:alice-%40example.com?secret=DAHF7KCOTQWSOMK4XFEMNHXO4J433OD7&issuer=Cubist
+             */
+            totp_url: string;
+        };
         /** @description Options that should be set only for local devnet testing. */
         UnsafeConf: {
             /**
@@ -2145,6 +2381,22 @@ export interface components {
              */
             validator_index: string;
         };
+        /**
+         * @description Unstake responses are signed voluntary exit messages.
+         * The schema for this message is defined
+         * [here](https://github.com/ethereum/consensus-specs/blob/v1.0.1/specs/phase0/beacon-chain.md#signedvoluntaryexit).
+         * This message can be directly POSTed to the Beacon node's
+         * `/eth/v1/beacon/pool/voluntary_exits` end-point (see expected schema
+         * [here](https://ethereum.github.io/beacon-APIs/#/Beacon/submitPoolVoluntaryExit)).
+         */
+        UnstakeResponse: {
+            message: components["schemas"]["VoluntaryExit"];
+            /**
+             * @description BLS signature.
+             * @example 0x910c7cd537ed91cc8c4a82f3cbd832e9be8c24a22e9c86df479f7ce42025ea6a09619b418b666a060e260d2aae31b8e50e9d05ca3442c7eed3b507e5207e14674275f68c2ba84c4bf6b8dd364a304acac8cfab3681e2514b4400f9242bc61164
+             */
+            signature: string;
+        };
         UpdateKeyRequest: {
             /**
              * @description If set, updates the keys's `enabled` property to this value.
@@ -2199,12 +2451,52 @@ export interface components {
              */
             policy?: Record<string, never>[] | null;
         };
+        UpdateOrgResponse: {
+            /** @description The new value of the 'enabled' property */
+            enabled?: boolean | null;
+            /**
+             * @description The new human-readable name for the org (must be alphanumeric)
+             * @example my_org_name
+             */
+            name?: string | null;
+            /**
+             * @description The ID of the organization
+             * @example Org#124dfe3e-3bbd-487d-80c0-53c55e8ab87a
+             */
+            org_id: string;
+            /**
+             * @description The new value of org-wide policies
+             * @example [
+             *   {
+             *     "MaxDailyUnstake": 5
+             *   },
+             *   {
+             *     "OriginAllowlist": [
+             *       "https://example.com"
+             *     ]
+             *   }
+             * ]
+             */
+            policy?: Record<string, never>[] | null;
+        };
         UpdateRoleRequest: {
             /**
              * @description If set, updates the role's `enabled` property to this value.
              * Once disabled, a role cannot be used; and it's tokens cannot be used for signing.
              */
             enabled?: boolean | null;
+            /**
+             * @description If set, update this role's key policies (old policies will be overwritten!).
+             * Only "deny" style policies may be set.
+             * @example [
+             *   {
+             *     "SourceIpAllowlist": [
+             *       "123.456.78.9/16"
+             *     ]
+             *   }
+             * ]
+             */
+            policy?: Record<string, never>[] | null;
         };
         UserIdInfo: {
             /**
@@ -2720,6 +3012,22 @@ export interface components {
                      * @example my_role
                      */
                     name?: string | null;
+                    /**
+                     * @description Policy that is checked whenever a key is accessed for signing via this role.
+                     * @example [
+                     *   {
+                     *     "SourceIpAllowlist": [
+                     *       "123.456.78.9/16"
+                     *     ]
+                     *   },
+                     *   {
+                     *     "RequireMfa": {
+                     *       "count": 1
+                     *     }
+                     *   }
+                     * ]
+                     */
+                    policy?: Record<string, never>[];
                     /**
                      * @description The ID of the role
                      * @example Role#bfe3eccb-731e-430d-b1e5-ac1363e6b06b
@@ -2888,7 +3196,6 @@ export type external = Record<string, never>;
 export interface operations {
     /**
      * User Info
-     * @deprecated
      * @description User Info
      *
      * Retrieves information about the current user.
@@ -3847,7 +4154,7 @@ export interface operations {
             };
         };
         responses: {
-            200: components["responses"]["EmptyImpl"];
+            200: components["responses"]["RoleInfo"];
             default: {
                 content: {
                     "application/json": components["schemas"]["ErrorResponse"];
@@ -4251,6 +4558,31 @@ export interface operations {
             };
         };
     };
+    /**
+     * Revoke current session
+     * @description Revoke current session
+     *
+     * Immediately revokes the current session, preventing it from being used or refreshed
+     */
+    revokeCurrentSession: {
+        parameters: {
+            path: {
+                /**
+                 * @description Name or ID of the desired Org
+                 * @example Org#124dfe3e-3bbd-487d-80c0-53c55e8ab87a
+                 */
+                org_id: string;
+            };
+        };
+        responses: {
+            200: components["responses"]["EmptyImpl"];
+            default: {
+                content: {
+                    "application/json": components["schemas"]["ErrorResponse"];
+                };
+            };
+        };
+    };
     /**
      * Get session information
      * @description Get session information