@cubist-labs/cubesigner-sdk 0.4.241 → 0.4.246

package/src/policy.ts

@@ -21,7 +21,7 @@ import type {
   PolicyInfo,
 } from ".";
 
-import { loadSubtleCrypto } from ".";
+import { loadSubtleCrypto, encodeToHex, decodeFromHex } from ".";
 
 /**
  * Named policy rule type.
@@ -104,7 +104,7 @@ export async function uploadWasmFunction(
   // get the SHA-256 hash of the function to get the upload url.
   const subtle = await loadSubtleCrypto();
   const hashBytes = await subtle.digest("SHA-256", policy);
-  const hash = "0x" + Buffer.from(hashBytes).toString("hex");
+  const hash = encodeToHex(new Uint8Array(hashBytes));
 
   // get the upload URL
   const { signed_url } = await apiClient.wasmPolicyUpload({ hash });
@@ -619,28 +619,46 @@ export class C2FInvocation {
     return this.#data.response;
   }
 
-  /** @returns The standard output stream. Usually a UTF-8 encoded string. */
-  get stdout(): Buffer {
-    return this.fromHex(this.#data.stdout);
+  /**
+   * The standard output stream as raw bytes. Usually a UTF-8 encoded string,
+   * use {@link TextDecoder} to decode.
+   *
+   * @returns The standard output stream.
+   */
+  get stdoutBytes(): Uint8Array {
+    return decodeFromHex(this.#data.stdout);
   }
 
-  /** @returns The standard error stream. Usually a UTF-8 encoded string. */
-  get stderr(): Buffer {
-    return this.fromHex(this.#data.stderr);
+  /**
+   * The standard error stream as raw bytes. Usually a UTF-8 encoded string, use
+   * {@link TextDecoder} to decode.
+   *
+   * @returns The standard error stream.
+   */
+  get stderrBytes(): Uint8Array {
+    return decodeFromHex(this.#data.stderr);
   }
 
-  // --------------------------------------------------------------------------
-  // -- INTERNAL --------------------------------------------------------------
-  // --------------------------------------------------------------------------
+  /**
+   * The standard output stream as a Buffer. Usually a UTF-8 encoded string.
+   *
+   * @returns The standard output stream.
+   * @deprecated Use {@link stdoutBytes} instead for browser compatibility.
+   */
+  get stdout(): Buffer {
+    // eslint-disable-next-line no-restricted-globals -- Buffer return type preserved for backwards compatibility
+    return Buffer.from(this.stdoutBytes);
+  }
 
   /**
-   * Helper method for converting hex-encoded data to a `Buffer`.
+   * The standard error stream as a Buffer. Usually a UTF-8 encoded string.
    *
-   * @param hex The hex-encoded data.
-   * @returns The data.
+   * @returns The standard error stream.
+   * @deprecated Use {@link stderrBytes} instead for browser compatibility.
    */
-  private fromHex(hex: string): Buffer {
-    return Buffer.from(hex.startsWith("0x") ? hex.slice(2) : hex, "hex");
+  get stderr(): Buffer {
+    // eslint-disable-next-line no-restricted-globals -- Buffer return type preserved for backwards compatibility
+    return Buffer.from(this.stderrBytes);
   }
 
   /**

package/src/response.ts

@@ -1,7 +1,7 @@
 import type { MfaVote, EnvInterface, MfaReceipts, MfaRequired } from ".";
-import { CubeSignerClient, isManyMfaReceipts } from ".";
+import { CubeSignerClient, MultiRegionEnv, isManyMfaReceipts } from ".";
 import { encodeToBase64Url } from "./util";
-import type { AcceptedResponse } from "./schema_types";
+import type { AcceptedResponse, AcceptedValue, BinanceDryRun, SignDryRun } from "./schema_types";
 
 /**
  * Response type, which can be either a value of type {@link U}
@@ -29,54 +29,100 @@ export type MapFn<U, V> = (u: U) => V;
  * @returns Response whose value for status code 200 is mapped from U to V
  */
 export function mapResponse<U, V>(resp: Response<U>, mapFn: MapFn<U, V>): Response<V> {
-  if ((resp as AcceptedResponse).accepted?.MfaRequired) {
+  if (asAccepted(resp) !== undefined) {
     return resp as AcceptedResponse;
   } else {
     return mapFn(resp as U);
   }
 }
 
+/**
+ * @param resp The response to check
+ * @returns The {@link AcceptedValue} if the response status code is 202.
+ */
+function asAccepted<U>(resp: Response<U>): AcceptedValue | undefined {
+  const acceptedResp = resp as AcceptedResponse;
+  return acceptedResp.error_code === "SignDryRun" || acceptedResp.error_code === "MfaRequired"
+    ? (acceptedResp.accepted ?? undefined)
+    : undefined;
+}
+
 /**
  * A response of a CubeSigner request.
  */
 export class CubeSignerResponse<U> {
-  readonly #env: EnvInterface;
+  readonly #env: MultiRegionEnv;
   readonly #requestFn: RequestFn<U>;
-  readonly #resp: U | AcceptedResponse;
+  readonly #resp: Response<U>;
+
+  /**
+   * @returns The {@link AcceptedValue} if the response status code is 202.
+   */
+  asAccepted(): AcceptedValue | undefined {
+    return asAccepted(this.#resp);
+  }
+
+  /**
+   * @returns The associated {@link MfaRequired} value, if the response status code is 202 and the response indicates that MFA is required.
+   */
+  asMfaRequired(): MfaRequired | undefined {
+    return this.asAccepted()?.MfaRequired ?? undefined;
+  }
+
   /**
-   * Optional MFA id. Only set if there is an MFA request associated with the request
+   * @returns The associated {@link SignDryRun} value, if the response status code is 202 and the response is a dry run of a sign operation.
    */
-  readonly #mfaRequired?: MfaRequired;
+  asSignDryRun(): SignDryRun | undefined {
+    return this.asAccepted()?.SignDryRun ?? undefined;
+  }
+
+  /**
+   * @returns The associated {@link BinanceDryRun} value, if the response status code is 202 and the response is a dry run of a sign operation.
+   */
+  asBinanceDryRun(): BinanceDryRun | undefined {
+    return this.asAccepted()?.BinanceDryRun ?? undefined;
+  }
+
+  /**
+   * @returns Whether this response is a "200 Success" (in which case it is safe to call {@link data})
+   */
+  isSuccess(): boolean {
+    return this.asAccepted() === undefined;
+  }
+
+  /**
+   * @returns The underlying {@link MfaRequired} response (if any).
+   */
+  private get mfaRequired() {
+    return this.asAccepted()?.MfaRequired;
+  }
 
   /** @returns The first MFA id associated with this request (if any) */
   mfaId(): string | undefined {
-    return this.#mfaRequired?.id;
+    return this.mfaRequired?.id;
   }
 
   /** @returns The MFA ids associated with this request (if any) */
   mfaIds(): string[] {
-    return this.#mfaRequired?.ids ?? [];
+    return this.mfaRequired?.ids ?? [];
   }
 
   /** @returns True if this request requires an MFA approval */
   requiresMfa(): boolean {
-    return this.#mfaRequired !== undefined;
+    return this.mfaRequired !== undefined;
   }
 
   /**
    * @returns Session information to use for any MFA approval requests (if any was included in the response).
    */
   async mfaClient(): Promise<CubeSignerClient | undefined> {
-    if (this.#mfaRequired === undefined) return;
-    const session = (this.#resp as AcceptedResponse).accepted?.MfaRequired?.session ?? undefined;
+    if (this.mfaRequired === undefined) return;
+    const session = this.asMfaRequired()?.session ?? undefined;
     if (session === undefined) return;
 
-    const env = this.#env;
     return await CubeSignerClient.create({
-      env: {
-        "Dev-CubeSignerStack": env,
-      },
-      org_id: this.#mfaRequired.org_id,
+      env: this.#env.spec,
+      org_id: this.mfaRequired.org_id,
       session_exp: session.expiration,
       session_info: session.session_info,
       token: session.token,
@@ -86,8 +132,10 @@ export class CubeSignerResponse<U> {
 
   /** @returns The response data, if no MFA is required */
   data(): U {
-    if (this.requiresMfa()) {
-      throw new Error("Cannot call `data()` while MFA is required");
+    if (!this.isSuccess()) {
+      throw new Error(
+        "Cannot call `data()` on a 202 Accepted response; use `asMfaRequired()` or `asSignDryRun()`",
+      );
     }
     return this.#resp as U;
   }
@@ -131,7 +179,7 @@ export class CubeSignerResponse<U> {
       return this;
     }
 
-    const mfaOrgId = this.#mfaRequired!.org_id;
+    const mfaOrgId = this.mfaRequired!.org_id;
     const mfaApproval = await client.apiClient.mfaVoteTotp(mfaId, code, vote);
     const mfaConf = mfaApproval.receipt?.confirmation;
 
@@ -174,7 +222,7 @@ export class CubeSignerResponse<U> {
       return this;
     }
 
-    const mfaOrgId = this.#mfaRequired!.org_id;
+    const mfaOrgId = this.mfaRequired!.org_id;
 
     const mfaApproval = await client.apiClient.mfaVoteCs(mfaId, mfaVote);
     const mfaConf = mfaApproval.receipt?.confirmation;
@@ -211,11 +259,10 @@ export class CubeSignerResponse<U> {
    * @param resp The response as returned by the OpenAPI client.
    * @internal
    */
-  protected constructor(env: EnvInterface, requestFn: RequestFn<U>, resp: U | AcceptedResponse) {
+  protected constructor(env: MultiRegionEnv, requestFn: RequestFn<U>, resp: Response<U>) {
     this.#env = env;
     this.#requestFn = requestFn;
     this.#resp = resp;
-    this.#mfaRequired = (this.#resp as AcceptedResponse).accepted?.MfaRequired;
   }
 
   /**
@@ -230,12 +277,12 @@ export class CubeSignerResponse<U> {
    * @internal
    */
   static async create<U>(
-    env: EnvInterface,
+    env: EnvInterface | MultiRegionEnv,
     requestFn: RequestFn<U>,
     mfaReceipt?: MfaReceipts,
   ): Promise<CubeSignerResponse<U>> {
     const seed = await requestFn(this.getMfaHeaders(mfaReceipt));
-    return new CubeSignerResponse(env, requestFn, seed);
+    return new CubeSignerResponse(MultiRegionEnv.create(env), requestFn, seed);
   }
 
   /**