@dexterai/vault 0.1.0

package/dist/messages/index.cjs

@@ -0,0 +1,156 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// src/messages/index.ts
+var messages_exports = {};
+__export(messages_exports, {
+  buildSetSwigOperationMessage: () => buildSetSwigOperationMessage,
+  buildVoucherMessage: () => buildVoucherMessage,
+  sessionRegisterMessage: () => sessionRegisterMessage,
+  sessionRevokeMessage: () => sessionRevokeMessage,
+  voucherPayloadMessage: () => voucherPayloadMessage
+});
+module.exports = __toCommonJS(messages_exports);
+
+// src/constants/index.ts
+var import_web3 = require("@solana/web3.js");
+var DEXTER_VAULT_PROGRAM_ID = new import_web3.PublicKey(
+  "Hg3wRaydFtJhYrdvYrKECacpJYDsC9Px7yKmpncj2fhc"
+);
+var SWIG_PROGRAM_ID = new import_web3.PublicKey(
+  "swigypWHEksbC64pWKwah1WTeh9JXwx8H1rJHLdbQMB"
+);
+var SECP256R1_PROGRAM_ID = new import_web3.PublicKey(
+  "Secp256r1SigVerify1111111111111111111111111"
+);
+var ED25519_PROGRAM_ID = new import_web3.PublicKey(
+  "Ed25519SigVerify111111111111111111111111111"
+);
+var INSTRUCTIONS_SYSVAR_ID = new import_web3.PublicKey(
+  "Sysvar1nstructions1111111111111111111111111"
+);
+var VAULT_SEED_PREFIX = Buffer.from("vault");
+var DISCRIMINATORS = Object.freeze({
+  initialize_vault: Uint8Array.from([48, 191, 163, 44, 71, 129, 63, 164]),
+  set_swig: Uint8Array.from([253, 229, 89, 206, 192, 118, 137, 165]),
+  settle_voucher: Uint8Array.from([144, 176, 128, 220, 156, 79, 41, 54]),
+  request_withdrawal: Uint8Array.from([251, 85, 121, 205, 56, 201, 12, 177]),
+  finalize_withdrawal: Uint8Array.from([178, 87, 206, 68, 201, 186, 164, 232]),
+  force_release: Uint8Array.from([122, 190, 243, 252, 54, 202, 208, 234]),
+  rotate_passkey: Uint8Array.from([28, 134, 49, 89, 196, 34, 58, 174]),
+  rotate_dexter_authority: Uint8Array.from([145, 60, 4, 119, 180, 205, 236, 134]),
+  prove_passkey: Uint8Array.from([35, 175, 41, 143, 201, 118, 49, 184]),
+  settle_tab_voucher: Uint8Array.from([173, 22, 98, 31, 110, 129, 59, 161]),
+  register_session_key: Uint8Array.from([69, 94, 60, 44, 49, 199, 183, 233]),
+  revoke_session_key: Uint8Array.from([81, 192, 32, 110, 104, 116, 144, 151])
+});
+var OTS_SESSION_REGISTER_V1_DOMAIN = (() => {
+  const buf = new Uint8Array(32);
+  buf.set(new TextEncoder().encode("OTS_SESSION_REGISTER_V1"), 0);
+  return buf;
+})();
+var OTS_SESSION_REVOKE_V1_DOMAIN = (() => {
+  const buf = new Uint8Array(32);
+  buf.set(new TextEncoder().encode("OTS_SESSION_REVOKE_V1"), 0);
+  return buf;
+})();
+
+// src/messages/session.ts
+function sessionRegisterMessage(args) {
+  if (args.sessionPubkey.length !== 32) {
+    throw new Error(`sessionPubkey must be 32 bytes, got ${args.sessionPubkey.length}`);
+  }
+  const buf = new Uint8Array(180);
+  const view = new DataView(buf.buffer);
+  let o = 0;
+  buf.set(OTS_SESSION_REGISTER_V1_DOMAIN, o);
+  o += 32;
+  buf.set(args.programId.toBytes(), o);
+  o += 32;
+  buf.set(args.vaultPda.toBytes(), o);
+  o += 32;
+  buf.set(args.sessionPubkey, o);
+  o += 32;
+  view.setBigUint64(o, args.maxAmount, true);
+  o += 8;
+  view.setBigInt64(o, args.expiresAt, true);
+  o += 8;
+  buf.set(args.allowedCounterparty.toBytes(), o);
+  o += 32;
+  view.setUint32(o, args.nonce >>> 0, true);
+  o += 4;
+  if (o !== 180) {
+    throw new Error(`internal: session register message wrong length ${o}, expected 180`);
+  }
+  return buf;
+}
+function sessionRevokeMessage(args) {
+  if (args.sessionPubkey.length !== 32) {
+    throw new Error(`sessionPubkey must be 32 bytes, got ${args.sessionPubkey.length}`);
+  }
+  const buf = new Uint8Array(128);
+  let o = 0;
+  buf.set(OTS_SESSION_REVOKE_V1_DOMAIN, o);
+  o += 32;
+  buf.set(args.programId.toBytes(), o);
+  o += 32;
+  buf.set(args.vaultPda.toBytes(), o);
+  o += 32;
+  buf.set(args.sessionPubkey, o);
+  o += 32;
+  if (o !== 128) {
+    throw new Error(`internal: session revoke message wrong length ${o}, expected 128`);
+  }
+  return buf;
+}
+
+// src/messages/voucher.ts
+function voucherPayloadMessage(p) {
+  if (p.channelId.length !== 32) {
+    throw new Error(`channelId must be 32 bytes, got ${p.channelId.length}`);
+  }
+  const buf = new Uint8Array(44);
+  const view = new DataView(buf.buffer);
+  buf.set(p.channelId, 0);
+  view.setBigUint64(32, p.cumulativeAmount, true);
+  view.setUint32(40, p.sequenceNumber >>> 0, true);
+  return buf;
+}
+function buildVoucherMessage(channelId, cumulativeAmount, sequenceNumber) {
+  return voucherPayloadMessage({ channelId, cumulativeAmount, sequenceNumber });
+}
+
+// src/messages/operations.ts
+var import_web32 = require("@solana/web3.js");
+function buildSetSwigOperationMessage(swigStatePda) {
+  const prefix = Buffer.from("set_swig", "utf8");
+  const addressBytes = new import_web32.PublicKey(swigStatePda).toBytes();
+  const out = new Uint8Array(prefix.length + addressBytes.length);
+  out.set(prefix, 0);
+  out.set(addressBytes, prefix.length);
+  return out;
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  buildSetSwigOperationMessage,
+  buildVoucherMessage,
+  sessionRegisterMessage,
+  sessionRevokeMessage,
+  voucherPayloadMessage
+});

package/dist/messages/index.d.cts

@@ -0,0 +1,89 @@
+import { PublicKey } from '@solana/web3.js';
+
+/**
+ * Byte-deterministic session-key message builders.
+ *
+ * MUST match the on-chain Rust handlers byte-for-byte:
+ *   - register_session_key.rs::build_registration_message → sessionRegisterMessage (180 bytes)
+ *   - revoke_session_key.rs::build_revocation_message     → sessionRevokeMessage (128 bytes)
+ *
+ * Any drift makes every signature look forged to the on-chain handler.
+ */
+
+interface SessionRegisterMessageArgs {
+    programId: PublicKey;
+    vaultPda: PublicKey;
+    sessionPubkey: Uint8Array;
+    maxAmount: bigint;
+    expiresAt: bigint;
+    allowedCounterparty: PublicKey;
+    nonce: number;
+}
+/**
+ * 180-byte session registration message. Layout:
+ *    0   32  domain separator (REGISTER_DOMAIN)
+ *   32   32  program_id
+ *   64   32  vault_pda
+ *   96   32  session_pubkey
+ *  128    8  max_amount (u64 LE)
+ *  136    8  expires_at (i64 LE)
+ *  144   32  allowed_counterparty
+ *  176    4  nonce (u32 LE)
+ *                                    ────
+ *                                    180
+ */
+declare function sessionRegisterMessage(args: SessionRegisterMessageArgs): Uint8Array;
+interface SessionRevokeMessageArgs {
+    programId: PublicKey;
+    vaultPda: PublicKey;
+    sessionPubkey: Uint8Array;
+}
+/**
+ * 128-byte session revocation message. Layout:
+ *    0   32  domain separator (REVOKE_DOMAIN)
+ *   32   32  program_id
+ *   64   32  vault_pda
+ *   96   32  session_pubkey
+ *                                    ────
+ *                                    128
+ */
+declare function sessionRevokeMessage(args: SessionRevokeMessageArgs): Uint8Array;
+
+/**
+ * 44-byte voucher payload — the canonical bytes the session key signs per
+ * stream chunk.
+ *
+ * Layout:
+ *    0   32  channel_id
+ *   32    8  cumulative_amount (u64 LE)
+ *   40    4  sequence_number (u32 LE)
+ *                                    ───
+ *                                    44
+ *
+ * NOTE: production calls this under two names — `voucherPayloadMessage`
+ * (x402) and `buildVoucherMessage` (dexter-api, dexter-facilitator). Both
+ * are exported here, pointing at the same function. Don't bikeshed.
+ */
+interface VoucherPayloadBytes {
+    channelId: Uint8Array;
+    cumulativeAmount: bigint;
+    sequenceNumber: number;
+}
+declare function voucherPayloadMessage(p: VoucherPayloadBytes): Uint8Array;
+/** Positional alias for the dexter-api/dexter-facilitator call shape. */
+declare function buildVoucherMessage(channelId: Uint8Array, cumulativeAmount: bigint, sequenceNumber: number): Uint8Array;
+
+/**
+ * Per-vault-operation message helpers.
+ *
+ * These are what the user's passkey signs for instructions that the
+ * on-chain handler verifies via the secp256r1 precompile sibling.
+ */
+/**
+ * Message format for the `set_swig` instruction:
+ *
+ *   bytes("set_swig") || swigStatePda (32 bytes)
+ */
+declare function buildSetSwigOperationMessage(swigStatePda: string): Uint8Array;
+
+export { type SessionRegisterMessageArgs, type SessionRevokeMessageArgs, type VoucherPayloadBytes, buildSetSwigOperationMessage, buildVoucherMessage, sessionRegisterMessage, sessionRevokeMessage, voucherPayloadMessage };

package/dist/messages/index.d.ts

@@ -0,0 +1,89 @@
+import { PublicKey } from '@solana/web3.js';
+
+/**
+ * Byte-deterministic session-key message builders.
+ *
+ * MUST match the on-chain Rust handlers byte-for-byte:
+ *   - register_session_key.rs::build_registration_message → sessionRegisterMessage (180 bytes)
+ *   - revoke_session_key.rs::build_revocation_message     → sessionRevokeMessage (128 bytes)
+ *
+ * Any drift makes every signature look forged to the on-chain handler.
+ */
+
+interface SessionRegisterMessageArgs {
+    programId: PublicKey;
+    vaultPda: PublicKey;
+    sessionPubkey: Uint8Array;
+    maxAmount: bigint;
+    expiresAt: bigint;
+    allowedCounterparty: PublicKey;
+    nonce: number;
+}
+/**
+ * 180-byte session registration message. Layout:
+ *    0   32  domain separator (REGISTER_DOMAIN)
+ *   32   32  program_id
+ *   64   32  vault_pda
+ *   96   32  session_pubkey
+ *  128    8  max_amount (u64 LE)
+ *  136    8  expires_at (i64 LE)
+ *  144   32  allowed_counterparty
+ *  176    4  nonce (u32 LE)
+ *                                    ────
+ *                                    180
+ */
+declare function sessionRegisterMessage(args: SessionRegisterMessageArgs): Uint8Array;
+interface SessionRevokeMessageArgs {
+    programId: PublicKey;
+    vaultPda: PublicKey;
+    sessionPubkey: Uint8Array;
+}
+/**
+ * 128-byte session revocation message. Layout:
+ *    0   32  domain separator (REVOKE_DOMAIN)
+ *   32   32  program_id
+ *   64   32  vault_pda
+ *   96   32  session_pubkey
+ *                                    ────
+ *                                    128
+ */
+declare function sessionRevokeMessage(args: SessionRevokeMessageArgs): Uint8Array;
+
+/**
+ * 44-byte voucher payload — the canonical bytes the session key signs per
+ * stream chunk.
+ *
+ * Layout:
+ *    0   32  channel_id
+ *   32    8  cumulative_amount (u64 LE)
+ *   40    4  sequence_number (u32 LE)
+ *                                    ───
+ *                                    44
+ *
+ * NOTE: production calls this under two names — `voucherPayloadMessage`
+ * (x402) and `buildVoucherMessage` (dexter-api, dexter-facilitator). Both
+ * are exported here, pointing at the same function. Don't bikeshed.
+ */
+interface VoucherPayloadBytes {
+    channelId: Uint8Array;
+    cumulativeAmount: bigint;
+    sequenceNumber: number;
+}
+declare function voucherPayloadMessage(p: VoucherPayloadBytes): Uint8Array;
+/** Positional alias for the dexter-api/dexter-facilitator call shape. */
+declare function buildVoucherMessage(channelId: Uint8Array, cumulativeAmount: bigint, sequenceNumber: number): Uint8Array;
+
+/**
+ * Per-vault-operation message helpers.
+ *
+ * These are what the user's passkey signs for instructions that the
+ * on-chain handler verifies via the secp256r1 precompile sibling.
+ */
+/**
+ * Message format for the `set_swig` instruction:
+ *
+ *   bytes("set_swig") || swigStatePda (32 bytes)
+ */
+declare function buildSetSwigOperationMessage(swigStatePda: string): Uint8Array;
+
+export { type SessionRegisterMessageArgs, type SessionRevokeMessageArgs, type VoucherPayloadBytes, buildSetSwigOperationMessage, buildVoucherMessage, sessionRegisterMessage, sessionRevokeMessage, voucherPayloadMessage };

package/dist/messages/index.js

@@ -0,0 +1,125 @@
+// src/constants/index.ts
+import { PublicKey } from "@solana/web3.js";
+var DEXTER_VAULT_PROGRAM_ID = new PublicKey(
+  "Hg3wRaydFtJhYrdvYrKECacpJYDsC9Px7yKmpncj2fhc"
+);
+var SWIG_PROGRAM_ID = new PublicKey(
+  "swigypWHEksbC64pWKwah1WTeh9JXwx8H1rJHLdbQMB"
+);
+var SECP256R1_PROGRAM_ID = new PublicKey(
+  "Secp256r1SigVerify1111111111111111111111111"
+);
+var ED25519_PROGRAM_ID = new PublicKey(
+  "Ed25519SigVerify111111111111111111111111111"
+);
+var INSTRUCTIONS_SYSVAR_ID = new PublicKey(
+  "Sysvar1nstructions1111111111111111111111111"
+);
+var VAULT_SEED_PREFIX = Buffer.from("vault");
+var DISCRIMINATORS = Object.freeze({
+  initialize_vault: Uint8Array.from([48, 191, 163, 44, 71, 129, 63, 164]),
+  set_swig: Uint8Array.from([253, 229, 89, 206, 192, 118, 137, 165]),
+  settle_voucher: Uint8Array.from([144, 176, 128, 220, 156, 79, 41, 54]),
+  request_withdrawal: Uint8Array.from([251, 85, 121, 205, 56, 201, 12, 177]),
+  finalize_withdrawal: Uint8Array.from([178, 87, 206, 68, 201, 186, 164, 232]),
+  force_release: Uint8Array.from([122, 190, 243, 252, 54, 202, 208, 234]),
+  rotate_passkey: Uint8Array.from([28, 134, 49, 89, 196, 34, 58, 174]),
+  rotate_dexter_authority: Uint8Array.from([145, 60, 4, 119, 180, 205, 236, 134]),
+  prove_passkey: Uint8Array.from([35, 175, 41, 143, 201, 118, 49, 184]),
+  settle_tab_voucher: Uint8Array.from([173, 22, 98, 31, 110, 129, 59, 161]),
+  register_session_key: Uint8Array.from([69, 94, 60, 44, 49, 199, 183, 233]),
+  revoke_session_key: Uint8Array.from([81, 192, 32, 110, 104, 116, 144, 151])
+});
+var OTS_SESSION_REGISTER_V1_DOMAIN = (() => {
+  const buf = new Uint8Array(32);
+  buf.set(new TextEncoder().encode("OTS_SESSION_REGISTER_V1"), 0);
+  return buf;
+})();
+var OTS_SESSION_REVOKE_V1_DOMAIN = (() => {
+  const buf = new Uint8Array(32);
+  buf.set(new TextEncoder().encode("OTS_SESSION_REVOKE_V1"), 0);
+  return buf;
+})();
+
+// src/messages/session.ts
+function sessionRegisterMessage(args) {
+  if (args.sessionPubkey.length !== 32) {
+    throw new Error(`sessionPubkey must be 32 bytes, got ${args.sessionPubkey.length}`);
+  }
+  const buf = new Uint8Array(180);
+  const view = new DataView(buf.buffer);
+  let o = 0;
+  buf.set(OTS_SESSION_REGISTER_V1_DOMAIN, o);
+  o += 32;
+  buf.set(args.programId.toBytes(), o);
+  o += 32;
+  buf.set(args.vaultPda.toBytes(), o);
+  o += 32;
+  buf.set(args.sessionPubkey, o);
+  o += 32;
+  view.setBigUint64(o, args.maxAmount, true);
+  o += 8;
+  view.setBigInt64(o, args.expiresAt, true);
+  o += 8;
+  buf.set(args.allowedCounterparty.toBytes(), o);
+  o += 32;
+  view.setUint32(o, args.nonce >>> 0, true);
+  o += 4;
+  if (o !== 180) {
+    throw new Error(`internal: session register message wrong length ${o}, expected 180`);
+  }
+  return buf;
+}
+function sessionRevokeMessage(args) {
+  if (args.sessionPubkey.length !== 32) {
+    throw new Error(`sessionPubkey must be 32 bytes, got ${args.sessionPubkey.length}`);
+  }
+  const buf = new Uint8Array(128);
+  let o = 0;
+  buf.set(OTS_SESSION_REVOKE_V1_DOMAIN, o);
+  o += 32;
+  buf.set(args.programId.toBytes(), o);
+  o += 32;
+  buf.set(args.vaultPda.toBytes(), o);
+  o += 32;
+  buf.set(args.sessionPubkey, o);
+  o += 32;
+  if (o !== 128) {
+    throw new Error(`internal: session revoke message wrong length ${o}, expected 128`);
+  }
+  return buf;
+}
+
+// src/messages/voucher.ts
+function voucherPayloadMessage(p) {
+  if (p.channelId.length !== 32) {
+    throw new Error(`channelId must be 32 bytes, got ${p.channelId.length}`);
+  }
+  const buf = new Uint8Array(44);
+  const view = new DataView(buf.buffer);
+  buf.set(p.channelId, 0);
+  view.setBigUint64(32, p.cumulativeAmount, true);
+  view.setUint32(40, p.sequenceNumber >>> 0, true);
+  return buf;
+}
+function buildVoucherMessage(channelId, cumulativeAmount, sequenceNumber) {
+  return voucherPayloadMessage({ channelId, cumulativeAmount, sequenceNumber });
+}
+
+// src/messages/operations.ts
+import { PublicKey as PublicKey2 } from "@solana/web3.js";
+function buildSetSwigOperationMessage(swigStatePda) {
+  const prefix = Buffer.from("set_swig", "utf8");
+  const addressBytes = new PublicKey2(swigStatePda).toBytes();
+  const out = new Uint8Array(prefix.length + addressBytes.length);
+  out.set(prefix, 0);
+  out.set(addressBytes, prefix.length);
+  return out;
+}
+export {
+  buildSetSwigOperationMessage,
+  buildVoucherMessage,
+  sessionRegisterMessage,
+  sessionRevokeMessage,
+  voucherPayloadMessage
+};

package/dist/precompile/index.cjs

@@ -0,0 +1,192 @@
+"use strict";
+var __create = Object.create;
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __getProtoOf = Object.getPrototypeOf;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
+  // If the importer is in node compatibility mode or this is not an ESM
+  // file that has been converted to a CommonJS file using a Babel-
+  // compatible transform (i.e. "__esModule" has not been set), then set
+  // "default" to the CommonJS "module.exports" for node compatibility.
+  isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
+  mod
+));
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// src/precompile/index.ts
+var precompile_exports = {};
+__export(precompile_exports, {
+  COMPRESSED_PUBKEY_SERIALIZED_SIZE: () => COMPRESSED_PUBKEY_SERIALIZED_SIZE,
+  PRECOMPILE_DATA_START: () => PRECOMPILE_DATA_START,
+  SIGNATURE_OFFSETS_SERIALIZED_SIZE: () => SIGNATURE_OFFSETS_SERIALIZED_SIZE,
+  SIGNATURE_SERIALIZED_SIZE: () => SIGNATURE_SERIALIZED_SIZE,
+  buildEd25519VerifyInstruction: () => buildEd25519VerifyInstruction,
+  buildPrecompileMessage: () => buildPrecompileMessage,
+  buildSecp256r1VerifyInstruction: () => buildSecp256r1VerifyInstruction
+});
+module.exports = __toCommonJS(precompile_exports);
+
+// src/precompile/secp256r1.ts
+var import_web32 = require("@solana/web3.js");
+
+// src/constants/index.ts
+var import_web3 = require("@solana/web3.js");
+var DEXTER_VAULT_PROGRAM_ID = new import_web3.PublicKey(
+  "Hg3wRaydFtJhYrdvYrKECacpJYDsC9Px7yKmpncj2fhc"
+);
+var SWIG_PROGRAM_ID = new import_web3.PublicKey(
+  "swigypWHEksbC64pWKwah1WTeh9JXwx8H1rJHLdbQMB"
+);
+var SECP256R1_PROGRAM_ID = new import_web3.PublicKey(
+  "Secp256r1SigVerify1111111111111111111111111"
+);
+var ED25519_PROGRAM_ID = new import_web3.PublicKey(
+  "Ed25519SigVerify111111111111111111111111111"
+);
+var INSTRUCTIONS_SYSVAR_ID = new import_web3.PublicKey(
+  "Sysvar1nstructions1111111111111111111111111"
+);
+var VAULT_SEED_PREFIX = Buffer.from("vault");
+var DISCRIMINATORS = Object.freeze({
+  initialize_vault: Uint8Array.from([48, 191, 163, 44, 71, 129, 63, 164]),
+  set_swig: Uint8Array.from([253, 229, 89, 206, 192, 118, 137, 165]),
+  settle_voucher: Uint8Array.from([144, 176, 128, 220, 156, 79, 41, 54]),
+  request_withdrawal: Uint8Array.from([251, 85, 121, 205, 56, 201, 12, 177]),
+  finalize_withdrawal: Uint8Array.from([178, 87, 206, 68, 201, 186, 164, 232]),
+  force_release: Uint8Array.from([122, 190, 243, 252, 54, 202, 208, 234]),
+  rotate_passkey: Uint8Array.from([28, 134, 49, 89, 196, 34, 58, 174]),
+  rotate_dexter_authority: Uint8Array.from([145, 60, 4, 119, 180, 205, 236, 134]),
+  prove_passkey: Uint8Array.from([35, 175, 41, 143, 201, 118, 49, 184]),
+  settle_tab_voucher: Uint8Array.from([173, 22, 98, 31, 110, 129, 59, 161]),
+  register_session_key: Uint8Array.from([69, 94, 60, 44, 49, 199, 183, 233]),
+  revoke_session_key: Uint8Array.from([81, 192, 32, 110, 104, 116, 144, 151])
+});
+var OTS_SESSION_REGISTER_V1_DOMAIN = (() => {
+  const buf = new Uint8Array(32);
+  buf.set(new TextEncoder().encode("OTS_SESSION_REGISTER_V1"), 0);
+  return buf;
+})();
+var OTS_SESSION_REVOKE_V1_DOMAIN = (() => {
+  const buf = new Uint8Array(32);
+  buf.set(new TextEncoder().encode("OTS_SESSION_REVOKE_V1"), 0);
+  return buf;
+})();
+
+// src/precompile/secp256r1.ts
+var SIGNATURE_OFFSETS_SERIALIZED_SIZE = 14;
+var SIGNATURE_SERIALIZED_SIZE = 64;
+var COMPRESSED_PUBKEY_SERIALIZED_SIZE = 33;
+var PRECOMPILE_DATA_START = 2;
+function buildSecp256r1VerifyInstruction(publicKey, signature, message) {
+  if (publicKey.length !== COMPRESSED_PUBKEY_SERIALIZED_SIZE) {
+    throw new Error(`expected ${COMPRESSED_PUBKEY_SERIALIZED_SIZE}-byte pubkey`);
+  }
+  if (signature.length !== SIGNATURE_SERIALIZED_SIZE) {
+    throw new Error(`expected ${SIGNATURE_SERIALIZED_SIZE}-byte signature`);
+  }
+  const signatureOffset = PRECOMPILE_DATA_START + SIGNATURE_OFFSETS_SERIALIZED_SIZE;
+  const publicKeyOffset = signatureOffset + SIGNATURE_SERIALIZED_SIZE;
+  const messageOffset = publicKeyOffset + COMPRESSED_PUBKEY_SERIALIZED_SIZE;
+  const messageSize = message.length;
+  const totalLen = messageOffset + messageSize;
+  const data = Buffer.alloc(totalLen);
+  data[0] = 1;
+  data[1] = 0;
+  data.writeUInt16LE(signatureOffset, PRECOMPILE_DATA_START + 0);
+  data.writeUInt16LE(65535, PRECOMPILE_DATA_START + 2);
+  data.writeUInt16LE(publicKeyOffset, PRECOMPILE_DATA_START + 4);
+  data.writeUInt16LE(65535, PRECOMPILE_DATA_START + 6);
+  data.writeUInt16LE(messageOffset, PRECOMPILE_DATA_START + 8);
+  data.writeUInt16LE(messageSize, PRECOMPILE_DATA_START + 10);
+  data.writeUInt16LE(65535, PRECOMPILE_DATA_START + 12);
+  Buffer.from(signature).copy(data, signatureOffset);
+  Buffer.from(publicKey).copy(data, publicKeyOffset);
+  Buffer.from(message).copy(data, messageOffset);
+  return new import_web32.TransactionInstruction({
+    keys: [],
+    programId: SECP256R1_PROGRAM_ID,
+    data
+  });
+}
+async function buildPrecompileMessage(clientDataJSON, authenticatorData) {
+  const subtle = globalThis.crypto?.subtle;
+  let clientDataHash;
+  if (subtle) {
+    const buf = await subtle.digest("SHA-256", clientDataJSON);
+    clientDataHash = new Uint8Array(buf);
+  } else {
+    const { createHash } = await import("crypto");
+    clientDataHash = createHash("sha256").update(clientDataJSON).digest();
+  }
+  const out = new Uint8Array(authenticatorData.length + 32);
+  out.set(authenticatorData, 0);
+  out.set(clientDataHash, authenticatorData.length);
+  return out;
+}
+
+// src/precompile/ed25519.ts
+var import_web33 = require("@solana/web3.js");
+function buildEd25519VerifyInstruction(pubkey, signature, message) {
+  if (pubkey.length !== 32) throw new Error("pubkey must be 32 bytes");
+  if (signature.length !== 64) throw new Error("signature must be 64 bytes");
+  const NUM_SIG = 1;
+  const PADDING = 0;
+  const HEADER_LEN = 2;
+  const OFFSETS_LEN = 14;
+  const DATA_START = HEADER_LEN + OFFSETS_LEN;
+  const data = Buffer.alloc(DATA_START + pubkey.length + signature.length + message.length);
+  let off = 0;
+  data.writeUInt8(NUM_SIG, off);
+  off += 1;
+  data.writeUInt8(PADDING, off);
+  off += 1;
+  const pubkeyOffset = DATA_START;
+  const signatureOffset = pubkeyOffset + pubkey.length;
+  const messageOffset = signatureOffset + signature.length;
+  data.writeUInt16LE(signatureOffset, off);
+  off += 2;
+  data.writeUInt16LE(65535, off);
+  off += 2;
+  data.writeUInt16LE(pubkeyOffset, off);
+  off += 2;
+  data.writeUInt16LE(65535, off);
+  off += 2;
+  data.writeUInt16LE(messageOffset, off);
+  off += 2;
+  data.writeUInt16LE(message.length, off);
+  off += 2;
+  data.writeUInt16LE(65535, off);
+  off += 2;
+  Buffer.from(pubkey).copy(data, pubkeyOffset);
+  Buffer.from(signature).copy(data, signatureOffset);
+  Buffer.from(message).copy(data, messageOffset);
+  return new import_web33.TransactionInstruction({
+    programId: ED25519_PROGRAM_ID,
+    keys: [],
+    data
+  });
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  COMPRESSED_PUBKEY_SERIALIZED_SIZE,
+  PRECOMPILE_DATA_START,
+  SIGNATURE_OFFSETS_SERIALIZED_SIZE,
+  SIGNATURE_SERIALIZED_SIZE,
+  buildEd25519VerifyInstruction,
+  buildPrecompileMessage,
+  buildSecp256r1VerifyInstruction
+});

package/dist/precompile/index.d.cts

@@ -0,0 +1,45 @@
+import { TransactionInstruction } from '@solana/web3.js';
+
+/**
+ * SIMD-0075 secp256r1 precompile builder + WebAuthn precompile message
+ * assembler.
+ *
+ * Place a secp256r1 verify instruction IMMEDIATELY before any vault
+ * instruction that takes a passkey-signed op (set_swig, register_session_key,
+ * revoke_session_key, request_withdrawal, finalize_withdrawal, force_release,
+ * rotate_passkey, prove_passkey). The vault program reads
+ * SYSVAR_INSTRUCTIONS to introspect the sibling and rejects unless it
+ * verifies.
+ */
+
+declare const SIGNATURE_OFFSETS_SERIALIZED_SIZE = 14;
+declare const SIGNATURE_SERIALIZED_SIZE = 64;
+declare const COMPRESSED_PUBKEY_SERIALIZED_SIZE = 33;
+declare const PRECOMPILE_DATA_START = 2;
+declare function buildSecp256r1VerifyInstruction(publicKey: Uint8Array, // 33-byte compressed P-256
+signature: Uint8Array, // 64-byte (r||s)
+message: Uint8Array): TransactionInstruction;
+/**
+ * Build the bytes the precompile verifies against the WebAuthn signature:
+ *   authenticatorData || SHA-256(clientDataJSON)
+ *
+ * Works in Node (via `node:crypto`) and the browser (via SubtleCrypto).
+ */
+declare function buildPrecompileMessage(clientDataJSON: Uint8Array, authenticatorData: Uint8Array): Promise<Uint8Array>;
+
+/**
+ * Solana Ed25519 sigverify precompile builder.
+ *
+ * Layout matches solana-sdk/sdk/src/ed25519_instruction.rs byte-for-byte:
+ *   u8 numSigs + u8 padding + 14-byte SignatureOffsets +
+ *   contiguous pubkey(32) || signature(64) || message
+ *
+ * Place this BEFORE vault::settle_tab_voucher (or any future ix needing
+ * session-key verification) in the same tx.
+ */
+
+declare function buildEd25519VerifyInstruction(pubkey: Uint8Array, // 32 bytes
+signature: Uint8Array, // 64 bytes
+message: Uint8Array): TransactionInstruction;
+
+export { COMPRESSED_PUBKEY_SERIALIZED_SIZE, PRECOMPILE_DATA_START, SIGNATURE_OFFSETS_SERIALIZED_SIZE, SIGNATURE_SERIALIZED_SIZE, buildEd25519VerifyInstruction, buildPrecompileMessage, buildSecp256r1VerifyInstruction };