npm - @dexterai/vault - Versions diffs - 0.2.0 → 0.3.0 - Mend

@dexterai/vault 0.2.0 → 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

package/dist/instructions/index.cjs +93 -26
package/dist/instructions/index.d.cts +49 -1
package/dist/instructions/index.d.ts +49 -1
package/dist/instructions/index.js +100 -31
package/dist/signers/browser/index.cjs +1 -0
package/dist/signers/browser/index.d.cts +8 -0
package/dist/signers/browser/index.d.ts +8 -0
package/dist/signers/browser/index.js +1 -0
package/package.json +1 -1

package/dist/instructions/index.cjs CHANGED Viewed

@@ -30,6 +30,7 @@ var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: tru
 // src/instructions/index.ts
 var instructions_exports = {};
 __export(instructions_exports, {
+  SET_SWIG_ATOMIC_DISCRIMINATOR: () => SET_SWIG_ATOMIC_DISCRIMINATOR,
   SWIG_PROGRAM_EXEC_MARKERS: () => SWIG_PROGRAM_EXEC_MARKERS,
   SWIG_PROGRAM_EXEC_PREFIX: () => SWIG_PROGRAM_EXEC_PREFIX,
   SWIG_PROGRAM_EXEC_PREFIX_SETTLE_TAB: () => SWIG_PROGRAM_EXEC_PREFIX_SETTLE_TAB,
@@ -42,6 +43,7 @@ __export(instructions_exports, {
   buildRevokeSessionKeyInstruction: () => buildRevokeSessionKeyInstruction,
   buildRotateDexterAuthorityInstruction: () => buildRotateDexterAuthorityInstruction,
   buildRotatePasskeyInstruction: () => buildRotatePasskeyInstruction,
+  buildSetSwigAtomicInstruction: () => buildSetSwigAtomicInstruction,
   buildSetSwigInstruction: () => buildSetSwigInstruction,
   buildSettleTabVoucherInstruction: () => buildSettleTabVoucherInstruction,
   buildSettleVoucherInstruction: () => buildSettleVoucherInstruction,
@@ -159,8 +161,71 @@ function buildSetSwigInstruction(p) {
   });
 }
-// src/instructions/registerSession.ts
+// src/instructions/setSwigAtomic.ts
 var import_web34 = require("@solana/web3.js");
+var SET_SWIG_ATOMIC_DISCRIMINATOR = new Uint8Array([
+  119,
+  111,
+  247,
+  215,
+  190,
+  3,
+  170,
+  23
+]);
+function buildSetSwigAtomicInstruction(params) {
+  if (params.swigId.length !== 32) {
+    throw new Error(`swigId must be 32 bytes, got ${params.swigId.length}`);
+  }
+  if (params.authenticatorData.length < 37) {
+    throw new Error(`authenticatorData must be at least 37 bytes`);
+  }
+  const cdj = params.clientDataJSON;
+  const ad = params.authenticatorData;
+  const dataLen = 8 + // discriminator
+  32 + // swig_id
+  1 + // swig_account_bump
+  1 + // swig_wallet_address_bump
+  32 + // dexter_master_pubkey
+  4 + cdj.length + // client_data_json (len-prefixed)
+  4 + ad.length;
+  const data = new Uint8Array(dataLen);
+  const view = new DataView(data.buffer);
+  let off = 0;
+  data.set(SET_SWIG_ATOMIC_DISCRIMINATOR, off);
+  off += 8;
+  data.set(params.swigId, off);
+  off += 32;
+  data[off++] = params.swigAccountBump;
+  data[off++] = params.swigWalletAddressBump;
+  data.set(params.dexterMasterPubkey.toBytes(), off);
+  off += 32;
+  view.setUint32(off, cdj.length, true);
+  off += 4;
+  data.set(cdj, off);
+  off += cdj.length;
+  view.setUint32(off, ad.length, true);
+  off += 4;
+  data.set(ad, off);
+  off += ad.length;
+  if (off !== dataLen) throw new Error(`internal: byte offset mismatch (${off} vs ${dataLen})`);
+  return new import_web34.TransactionInstruction({
+    programId: DEXTER_VAULT_PROGRAM_ID,
+    keys: [
+      { pubkey: params.vaultPda, isSigner: false, isWritable: true },
+      { pubkey: params.feePayer, isSigner: true, isWritable: true },
+      { pubkey: params.swigAddress, isSigner: false, isWritable: true },
+      { pubkey: params.swigWalletAddress, isSigner: false, isWritable: true },
+      { pubkey: SWIG_PROGRAM_ID, isSigner: false, isWritable: false },
+      { pubkey: import_web34.SystemProgram.programId, isSigner: false, isWritable: false },
+      { pubkey: import_web34.SYSVAR_INSTRUCTIONS_PUBKEY, isSigner: false, isWritable: false }
+    ],
+    data: Buffer.from(data)
+  });
+}
+// src/instructions/registerSession.ts
+var import_web35 = require("@solana/web3.js");
 function encodeU64LE(value) {
   const buf = new Uint8Array(8);
   new DataView(buf.buffer).setBigUint64(0, value, true);
@@ -206,7 +271,7 @@ function buildRegisterSessionKeyInstruction(args) {
     encodeVecU8(args.clientDataJSON),
     encodeVecU8(args.authenticatorData)
   );
-  return new import_web34.TransactionInstruction({
+  return new import_web35.TransactionInstruction({
     keys: [
       { pubkey: args.vaultPda, isSigner: false, isWritable: true },
       { pubkey: INSTRUCTIONS_SYSVAR_ID, isSigner: false, isWritable: false }
@@ -217,7 +282,7 @@ function buildRegisterSessionKeyInstruction(args) {
 }
 // src/instructions/revokeSession.ts
-var import_web35 = require("@solana/web3.js");
+var import_web36 = require("@solana/web3.js");
 function encodeVecU82(bytes) {
   const out = new Uint8Array(4 + bytes.length);
   new DataView(out.buffer).setUint32(0, bytes.length >>> 0, true);
@@ -240,7 +305,7 @@ function buildRevokeSessionKeyInstruction(args) {
     encodeVecU82(args.clientDataJSON),
     encodeVecU82(args.authenticatorData)
   );
-  return new import_web35.TransactionInstruction({
+  return new import_web36.TransactionInstruction({
     keys: [
       { pubkey: args.vaultPda, isSigner: false, isWritable: true },
       { pubkey: INSTRUCTIONS_SYSVAR_ID, isSigner: false, isWritable: false }
@@ -251,7 +316,7 @@ function buildRevokeSessionKeyInstruction(args) {
 }
 // src/instructions/settleVoucher.ts
-var import_web36 = require("@solana/web3.js");
+var import_web37 = require("@solana/web3.js");
 function encodeU64(value) {
   const out = Buffer.alloc(8);
   out.writeBigUInt64LE(value, 0);
@@ -263,7 +328,7 @@ function encodeBool(value) {
 function buildSettleVoucherInstruction(p) {
   const argsBuf = Buffer.concat([encodeU64(p.amount), encodeBool(p.increment)]);
   const data = Buffer.concat([Buffer.from(DISCRIMINATORS.settle_voucher), argsBuf]);
-  return new import_web36.TransactionInstruction({
+  return new import_web37.TransactionInstruction({
     programId: DEXTER_VAULT_PROGRAM_ID,
     keys: [
       { pubkey: p.vaultPda, isSigner: false, isWritable: true },
@@ -274,10 +339,10 @@ function buildSettleVoucherInstruction(p) {
 }
 // src/instructions/settleTabVoucher.ts
-var import_web38 = require("@solana/web3.js");
+var import_web39 = require("@solana/web3.js");
 // src/instructions/withdraw.ts
-var import_web37 = require("@solana/web3.js");
+var import_web38 = require("@solana/web3.js");
 function encodeBytesVec2(buf) {
   const out = Buffer.alloc(4 + buf.length);
   out.writeUInt32LE(buf.length, 0);
@@ -298,7 +363,7 @@ function encodePubkey2(key) {
   return Buffer.from(key.toBytes());
 }
 function deriveSwigWalletAddress(swigAddress) {
-  const [pda] = import_web37.PublicKey.findProgramAddressSync(
+  const [pda] = import_web38.PublicKey.findProgramAddressSync(
     [Buffer.from("swig-wallet-address"), swigAddress.toBuffer()],
     SWIG_PROGRAM_ID
   );
@@ -313,11 +378,11 @@ function buildRequestWithdrawalInstruction(p) {
     encodeBytesVec2(p.authenticatorData)
   ]);
   const data = Buffer.concat([Buffer.from(DISCRIMINATORS.request_withdrawal), argsBuf]);
-  return new import_web37.TransactionInstruction({
+  return new import_web38.TransactionInstruction({
     programId: DEXTER_VAULT_PROGRAM_ID,
     keys: [
       { pubkey: p.vaultPda, isSigner: false, isWritable: true },
-      { pubkey: import_web37.SYSVAR_INSTRUCTIONS_PUBKEY, isSigner: false, isWritable: false }
+      { pubkey: import_web38.SYSVAR_INSTRUCTIONS_PUBKEY, isSigner: false, isWritable: false }
     ],
     data
   });
@@ -329,13 +394,13 @@ function buildFinalizeWithdrawalInstruction(p) {
   ]);
   const data = Buffer.concat([Buffer.from(DISCRIMINATORS.finalize_withdrawal), argsBuf]);
   const swigWalletAddress = deriveSwigWalletAddress(p.swigAddress);
-  return new import_web37.TransactionInstruction({
+  return new import_web38.TransactionInstruction({
     programId: DEXTER_VAULT_PROGRAM_ID,
     keys: [
       { pubkey: p.swigAddress, isSigner: false, isWritable: false },
       { pubkey: swigWalletAddress, isSigner: false, isWritable: false },
       { pubkey: p.vaultPda, isSigner: false, isWritable: true },
-      { pubkey: import_web37.SYSVAR_INSTRUCTIONS_PUBKEY, isSigner: false, isWritable: false }
+      { pubkey: import_web38.SYSVAR_INSTRUCTIONS_PUBKEY, isSigner: false, isWritable: false }
     ],
     data
   });
@@ -346,11 +411,11 @@ function buildForceReleaseInstruction(p) {
     encodeBytesVec2(p.authenticatorData)
   ]);
   const data = Buffer.concat([Buffer.from(DISCRIMINATORS.force_release), argsBuf]);
-  return new import_web37.TransactionInstruction({
+  return new import_web38.TransactionInstruction({
     programId: DEXTER_VAULT_PROGRAM_ID,
     keys: [
       { pubkey: p.vaultPda, isSigner: false, isWritable: true },
-      { pubkey: import_web37.SYSVAR_INSTRUCTIONS_PUBKEY, isSigner: false, isWritable: false }
+      { pubkey: import_web38.SYSVAR_INSTRUCTIONS_PUBKEY, isSigner: false, isWritable: false }
     ],
     data
   });
@@ -384,21 +449,21 @@ function buildSettleTabVoucherInstruction(p) {
   ]);
   const data = Buffer.concat([Buffer.from(DISCRIMINATORS.settle_tab_voucher), argsBuf]);
   const swigWalletAddress = deriveSwigWalletAddress(p.swigAddress);
-  return new import_web38.TransactionInstruction({
+  return new import_web39.TransactionInstruction({
     programId: DEXTER_VAULT_PROGRAM_ID,
     keys: [
       { pubkey: p.swigAddress, isSigner: false, isWritable: false },
       { pubkey: swigWalletAddress, isSigner: false, isWritable: false },
       { pubkey: p.vaultPda, isSigner: false, isWritable: true },
       { pubkey: p.dexterAuthority, isSigner: true, isWritable: false },
-      { pubkey: import_web38.SYSVAR_INSTRUCTIONS_PUBKEY, isSigner: false, isWritable: false }
+      { pubkey: import_web39.SYSVAR_INSTRUCTIONS_PUBKEY, isSigner: false, isWritable: false }
     ],
     data
   });
 }
 // src/instructions/rotate.ts
-var import_web39 = require("@solana/web3.js");
+var import_web310 = require("@solana/web3.js");
 function encodeBytesVec3(buf) {
   const out = Buffer.alloc(4 + buf.length);
   out.writeUInt32LE(buf.length, 0);
@@ -421,11 +486,11 @@ function buildRotatePasskeyInstruction(p) {
     encodeBytesVec3(p.authenticatorData)
   ]);
   const data = Buffer.concat([Buffer.from(DISCRIMINATORS.rotate_passkey), argsBuf]);
-  return new import_web39.TransactionInstruction({
+  return new import_web310.TransactionInstruction({
     programId: DEXTER_VAULT_PROGRAM_ID,
     keys: [
       { pubkey: p.vaultPda, isSigner: false, isWritable: true },
-      { pubkey: import_web39.SYSVAR_INSTRUCTIONS_PUBKEY, isSigner: false, isWritable: false }
+      { pubkey: import_web310.SYSVAR_INSTRUCTIONS_PUBKEY, isSigner: false, isWritable: false }
     ],
     data
   });
@@ -435,7 +500,7 @@ function buildRotateDexterAuthorityInstruction(p) {
     Buffer.from(DISCRIMINATORS.rotate_dexter_authority),
     encodePubkey3(p.newDexterAuthority)
   ]);
-  return new import_web39.TransactionInstruction({
+  return new import_web310.TransactionInstruction({
     programId: DEXTER_VAULT_PROGRAM_ID,
     keys: [
       { pubkey: p.vaultPda, isSigner: false, isWritable: true },
@@ -446,7 +511,7 @@ function buildRotateDexterAuthorityInstruction(p) {
 }
 // src/instructions/provePasskey.ts
-var import_web310 = require("@solana/web3.js");
+var import_web311 = require("@solana/web3.js");
 function encodeBytesVec4(buf) {
   const out = Buffer.alloc(4 + buf.length);
   out.writeUInt32LE(buf.length, 0);
@@ -466,11 +531,11 @@ function buildProvePasskeyInstruction(p) {
     encodeBytesVec4(p.authenticatorData)
   ]);
   const data = Buffer.concat([Buffer.from(DISCRIMINATORS.prove_passkey), argsBuf]);
-  return new import_web310.TransactionInstruction({
+  return new import_web311.TransactionInstruction({
     programId: DEXTER_VAULT_PROGRAM_ID,
     keys: [
       { pubkey: p.vaultPda, isSigner: false, isWritable: false },
-      { pubkey: import_web310.SYSVAR_INSTRUCTIONS_PUBKEY, isSigner: false, isWritable: false }
+      { pubkey: import_web311.SYSVAR_INSTRUCTIONS_PUBKEY, isSigner: false, isWritable: false }
     ],
     data
   });
@@ -4870,7 +4935,7 @@ function createSolanaRpcFromTransport(transport) {
 // src/instructions/swigBundle.ts
 var bs58Module = __toESM(require("bs58"), 1);
-var import_web311 = require("@solana/web3.js");
+var import_web312 = require("@solana/web3.js");
 var bs58 = bs58Module.default ?? bs58Module;
 var SWIG_ID_DOMAIN = "dexter-swig-id:v1:";
 var DEFAULT_SESSION_TTL_SECONDS = BigInt(30 * 24 * 60 * 60);
@@ -4986,7 +5051,7 @@ function deriveVaultPda(supabaseUserId) {
   if (supabaseUserId.length !== 16) {
     throw new Error("supabaseUserId must be 16 bytes (UUID v4)");
   }
-  const [pda, bump] = import_web311.PublicKey.findProgramAddressSync(
+  const [pda, bump] = import_web312.PublicKey.findProgramAddressSync(
     [Buffer.from("vault"), Buffer.from(supabaseUserId)],
     DEXTER_VAULT_PROGRAM_ID
   );
@@ -4994,6 +5059,7 @@ function deriveVaultPda(supabaseUserId) {
 }
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {
+  SET_SWIG_ATOMIC_DISCRIMINATOR,
   SWIG_PROGRAM_EXEC_MARKERS,
   SWIG_PROGRAM_EXEC_PREFIX,
   SWIG_PROGRAM_EXEC_PREFIX_SETTLE_TAB,
@@ -5006,6 +5072,7 @@ function deriveVaultPda(supabaseUserId) {
   buildRevokeSessionKeyInstruction,
   buildRotateDexterAuthorityInstruction,
   buildRotatePasskeyInstruction,
+  buildSetSwigAtomicInstruction,
   buildSetSwigInstruction,
   buildSettleTabVoucherInstruction,
   buildSettleVoucherInstruction,

package/dist/instructions/index.d.cts CHANGED Viewed

@@ -38,6 +38,54 @@ interface SetSwigParams {
 }
 declare function buildSetSwigInstruction(p: SetSwigParams): TransactionInstruction;
+/**
+ * buildSetSwigAtomicInstruction — single-tx warmup builder.
+ *
+ * Companion of buildSetSwigInstruction. Where set_swig binds a pre-existing
+ * Swig to a vault, set_swig_atomic CREATES the Swig (with the 4-role layout
+ * buildSwigCreationBundle produces) AND binds it — all in one ix that the
+ * vault program executes via Swig CPIs.
+ *
+ * Wire format matches the on-chain Anchor handler's SetSwigAtomicArgs layout:
+ *
+ *   discriminator (8)
+ *   || swig_id (32)
+ *   || swig_account_bump (1)
+ *   || swig_wallet_address_bump (1)
+ *   || dexter_master_pubkey (32)
+ *   || client_data_json_len (4 LE) || client_data_json (variable)
+ *   || authenticator_data_len (4 LE) || authenticator_data (variable)
+ *
+ * Discriminator (locked by Anchor's sha256("global:set_swig_atomic")[0..8]):
+ *   77 6f f7 d7 be 03 aa 17
+ */
+/** Anchor instruction discriminator = sha256("global:set_swig_atomic")[0..8].
+ *  Captured from target/idl/dexter_vault.json after `anchor build` on commit 49aae30. */
+declare const SET_SWIG_ATOMIC_DISCRIMINATOR: Uint8Array<ArrayBuffer>;
+interface BuildSetSwigAtomicParams {
+    /** dexter-vault PDA — written to (vault.swig_address is updated). */
+    vaultPda: PublicKey;
+    /** Swig state account PDA (derived from swig_id + Swig program). */
+    swigAddress: PublicKey;
+    /** Swig wallet PDA (different from swigAddress — it's the spending authority address). */
+    swigWalletAddress: PublicKey;
+    /** Outer-tx signer + role-0 bootstrap authority + rent payer for the new Swig. */
+    feePayer: PublicKey;
+    /** Becomes role-2 (Ed25519Session) authority. */
+    dexterMasterPubkey: PublicKey;
+    /** 32-byte Swig ID (the seed used to derive swigAddress). */
+    swigId: Uint8Array;
+    /** Bump for swigAddress = findProgramAddress(swig_account_seeds(swigId), SWIG_PROGRAM_ID). */
+    swigAccountBump: number;
+    /** Bump for swigWalletAddress PDA. */
+    swigWalletAddressBump: number;
+    /** WebAuthn ceremony output. */
+    clientDataJSON: Uint8Array;
+    authenticatorData: Uint8Array;
+}
+declare function buildSetSwigAtomicInstruction(params: BuildSetSwigAtomicParams): TransactionInstruction;
 /**
  * register_session_key — authorize a session ed25519 key under a vault.
  *
@@ -287,4 +335,4 @@ declare function deriveVaultPda(supabaseUserId: Uint8Array): {
     bump: number;
 };
-export { type BuildRegisterSessionKeyArgs, type BuildRevokeSessionKeyArgs, type BuildSwigCreationBundleParams, type FinalizeWithdrawalParams, type ForceReleaseParams, type InitializeVaultParams, type ProvePasskeyParams, type RequestWithdrawalParams, type RotateDexterAuthorityParams, type RotatePasskeyParams, SWIG_PROGRAM_EXEC_MARKERS, SWIG_PROGRAM_EXEC_PREFIX, SWIG_PROGRAM_EXEC_PREFIX_SETTLE_TAB, type SetSwigParams, type SettleTabVoucherParams, type SettleVoucherParams, type SwigCreationBundleOutput, type SwigOwnershipCheck, buildFinalizeWithdrawalInstruction, buildForceReleaseInstruction, buildInitializeVaultInstruction, buildProvePasskeyInstruction, buildRegisterSessionKeyInstruction, buildRequestWithdrawalInstruction, buildRevokeSessionKeyInstruction, buildRotateDexterAuthorityInstruction, buildRotatePasskeyInstruction, buildSetSwigInstruction, buildSettleTabVoucherInstruction, buildSettleVoucherInstruction, buildSwigCreationBundle, deriveSwigWalletAddress, deriveVaultPda, expectedSwigAddressFor, verifySwigIsOurs };
+export { type BuildRegisterSessionKeyArgs, type BuildRevokeSessionKeyArgs, type BuildSetSwigAtomicParams, type BuildSwigCreationBundleParams, type FinalizeWithdrawalParams, type ForceReleaseParams, type InitializeVaultParams, type ProvePasskeyParams, type RequestWithdrawalParams, type RotateDexterAuthorityParams, type RotatePasskeyParams, SET_SWIG_ATOMIC_DISCRIMINATOR, SWIG_PROGRAM_EXEC_MARKERS, SWIG_PROGRAM_EXEC_PREFIX, SWIG_PROGRAM_EXEC_PREFIX_SETTLE_TAB, type SetSwigParams, type SettleTabVoucherParams, type SettleVoucherParams, type SwigCreationBundleOutput, type SwigOwnershipCheck, buildFinalizeWithdrawalInstruction, buildForceReleaseInstruction, buildInitializeVaultInstruction, buildProvePasskeyInstruction, buildRegisterSessionKeyInstruction, buildRequestWithdrawalInstruction, buildRevokeSessionKeyInstruction, buildRotateDexterAuthorityInstruction, buildRotatePasskeyInstruction, buildSetSwigAtomicInstruction, buildSetSwigInstruction, buildSettleTabVoucherInstruction, buildSettleVoucherInstruction, buildSwigCreationBundle, deriveSwigWalletAddress, deriveVaultPda, expectedSwigAddressFor, verifySwigIsOurs };

package/dist/instructions/index.d.ts CHANGED Viewed

@@ -38,6 +38,54 @@ interface SetSwigParams {
 }
 declare function buildSetSwigInstruction(p: SetSwigParams): TransactionInstruction;
+/**
+ * buildSetSwigAtomicInstruction — single-tx warmup builder.
+ *
+ * Companion of buildSetSwigInstruction. Where set_swig binds a pre-existing
+ * Swig to a vault, set_swig_atomic CREATES the Swig (with the 4-role layout
+ * buildSwigCreationBundle produces) AND binds it — all in one ix that the
+ * vault program executes via Swig CPIs.
+ *
+ * Wire format matches the on-chain Anchor handler's SetSwigAtomicArgs layout:
+ *
+ *   discriminator (8)
+ *   || swig_id (32)
+ *   || swig_account_bump (1)
+ *   || swig_wallet_address_bump (1)
+ *   || dexter_master_pubkey (32)
+ *   || client_data_json_len (4 LE) || client_data_json (variable)
+ *   || authenticator_data_len (4 LE) || authenticator_data (variable)
+ *
+ * Discriminator (locked by Anchor's sha256("global:set_swig_atomic")[0..8]):
+ *   77 6f f7 d7 be 03 aa 17
+ */
+/** Anchor instruction discriminator = sha256("global:set_swig_atomic")[0..8].
+ *  Captured from target/idl/dexter_vault.json after `anchor build` on commit 49aae30. */
+declare const SET_SWIG_ATOMIC_DISCRIMINATOR: Uint8Array<ArrayBuffer>;
+interface BuildSetSwigAtomicParams {
+    /** dexter-vault PDA — written to (vault.swig_address is updated). */
+    vaultPda: PublicKey;
+    /** Swig state account PDA (derived from swig_id + Swig program). */
+    swigAddress: PublicKey;
+    /** Swig wallet PDA (different from swigAddress — it's the spending authority address). */
+    swigWalletAddress: PublicKey;
+    /** Outer-tx signer + role-0 bootstrap authority + rent payer for the new Swig. */
+    feePayer: PublicKey;
+    /** Becomes role-2 (Ed25519Session) authority. */
+    dexterMasterPubkey: PublicKey;
+    /** 32-byte Swig ID (the seed used to derive swigAddress). */
+    swigId: Uint8Array;
+    /** Bump for swigAddress = findProgramAddress(swig_account_seeds(swigId), SWIG_PROGRAM_ID). */
+    swigAccountBump: number;
+    /** Bump for swigWalletAddress PDA. */
+    swigWalletAddressBump: number;
+    /** WebAuthn ceremony output. */
+    clientDataJSON: Uint8Array;
+    authenticatorData: Uint8Array;
+}
+declare function buildSetSwigAtomicInstruction(params: BuildSetSwigAtomicParams): TransactionInstruction;
 /**
  * register_session_key — authorize a session ed25519 key under a vault.
  *
@@ -287,4 +335,4 @@ declare function deriveVaultPda(supabaseUserId: Uint8Array): {
     bump: number;
 };
-export { type BuildRegisterSessionKeyArgs, type BuildRevokeSessionKeyArgs, type BuildSwigCreationBundleParams, type FinalizeWithdrawalParams, type ForceReleaseParams, type InitializeVaultParams, type ProvePasskeyParams, type RequestWithdrawalParams, type RotateDexterAuthorityParams, type RotatePasskeyParams, SWIG_PROGRAM_EXEC_MARKERS, SWIG_PROGRAM_EXEC_PREFIX, SWIG_PROGRAM_EXEC_PREFIX_SETTLE_TAB, type SetSwigParams, type SettleTabVoucherParams, type SettleVoucherParams, type SwigCreationBundleOutput, type SwigOwnershipCheck, buildFinalizeWithdrawalInstruction, buildForceReleaseInstruction, buildInitializeVaultInstruction, buildProvePasskeyInstruction, buildRegisterSessionKeyInstruction, buildRequestWithdrawalInstruction, buildRevokeSessionKeyInstruction, buildRotateDexterAuthorityInstruction, buildRotatePasskeyInstruction, buildSetSwigInstruction, buildSettleTabVoucherInstruction, buildSettleVoucherInstruction, buildSwigCreationBundle, deriveSwigWalletAddress, deriveVaultPda, expectedSwigAddressFor, verifySwigIsOurs };
+export { type BuildRegisterSessionKeyArgs, type BuildRevokeSessionKeyArgs, type BuildSetSwigAtomicParams, type BuildSwigCreationBundleParams, type FinalizeWithdrawalParams, type ForceReleaseParams, type InitializeVaultParams, type ProvePasskeyParams, type RequestWithdrawalParams, type RotateDexterAuthorityParams, type RotatePasskeyParams, SET_SWIG_ATOMIC_DISCRIMINATOR, SWIG_PROGRAM_EXEC_MARKERS, SWIG_PROGRAM_EXEC_PREFIX, SWIG_PROGRAM_EXEC_PREFIX_SETTLE_TAB, type SetSwigParams, type SettleTabVoucherParams, type SettleVoucherParams, type SwigCreationBundleOutput, type SwigOwnershipCheck, buildFinalizeWithdrawalInstruction, buildForceReleaseInstruction, buildInitializeVaultInstruction, buildProvePasskeyInstruction, buildRegisterSessionKeyInstruction, buildRequestWithdrawalInstruction, buildRevokeSessionKeyInstruction, buildRotateDexterAuthorityInstruction, buildRotatePasskeyInstruction, buildSetSwigAtomicInstruction, buildSetSwigInstruction, buildSettleTabVoucherInstruction, buildSettleVoucherInstruction, buildSwigCreationBundle, deriveSwigWalletAddress, deriveVaultPda, expectedSwigAddressFor, verifySwigIsOurs };

package/dist/instructions/index.js CHANGED Viewed

@@ -110,8 +110,75 @@ function buildSetSwigInstruction(p) {
   });
 }
+// src/instructions/setSwigAtomic.ts
+import {
+  TransactionInstruction as TransactionInstruction3,
+  SystemProgram as SystemProgram2,
+  SYSVAR_INSTRUCTIONS_PUBKEY as SYSVAR_INSTRUCTIONS_PUBKEY2
+} from "@solana/web3.js";
+var SET_SWIG_ATOMIC_DISCRIMINATOR = new Uint8Array([
+  119,
+  111,
+  247,
+  215,
+  190,
+  3,
+  170,
+  23
+]);
+function buildSetSwigAtomicInstruction(params) {
+  if (params.swigId.length !== 32) {
+    throw new Error(`swigId must be 32 bytes, got ${params.swigId.length}`);
+  }
+  if (params.authenticatorData.length < 37) {
+    throw new Error(`authenticatorData must be at least 37 bytes`);
+  }
+  const cdj = params.clientDataJSON;
+  const ad = params.authenticatorData;
+  const dataLen = 8 + // discriminator
+  32 + // swig_id
+  1 + // swig_account_bump
+  1 + // swig_wallet_address_bump
+  32 + // dexter_master_pubkey
+  4 + cdj.length + // client_data_json (len-prefixed)
+  4 + ad.length;
+  const data = new Uint8Array(dataLen);
+  const view = new DataView(data.buffer);
+  let off = 0;
+  data.set(SET_SWIG_ATOMIC_DISCRIMINATOR, off);
+  off += 8;
+  data.set(params.swigId, off);
+  off += 32;
+  data[off++] = params.swigAccountBump;
+  data[off++] = params.swigWalletAddressBump;
+  data.set(params.dexterMasterPubkey.toBytes(), off);
+  off += 32;
+  view.setUint32(off, cdj.length, true);
+  off += 4;
+  data.set(cdj, off);
+  off += cdj.length;
+  view.setUint32(off, ad.length, true);
+  off += 4;
+  data.set(ad, off);
+  off += ad.length;
+  if (off !== dataLen) throw new Error(`internal: byte offset mismatch (${off} vs ${dataLen})`);
+  return new TransactionInstruction3({
+    programId: DEXTER_VAULT_PROGRAM_ID,
+    keys: [
+      { pubkey: params.vaultPda, isSigner: false, isWritable: true },
+      { pubkey: params.feePayer, isSigner: true, isWritable: true },
+      { pubkey: params.swigAddress, isSigner: false, isWritable: true },
+      { pubkey: params.swigWalletAddress, isSigner: false, isWritable: true },
+      { pubkey: SWIG_PROGRAM_ID, isSigner: false, isWritable: false },
+      { pubkey: SystemProgram2.programId, isSigner: false, isWritable: false },
+      { pubkey: SYSVAR_INSTRUCTIONS_PUBKEY2, isSigner: false, isWritable: false }
+    ],
+    data: Buffer.from(data)
+  });
+}
 // src/instructions/registerSession.ts
-import { TransactionInstruction as TransactionInstruction3 } from "@solana/web3.js";
+import { TransactionInstruction as TransactionInstruction4 } from "@solana/web3.js";
 function encodeU64LE(value) {
   const buf = new Uint8Array(8);
   new DataView(buf.buffer).setBigUint64(0, value, true);
@@ -157,7 +224,7 @@ function buildRegisterSessionKeyInstruction(args) {
     encodeVecU8(args.clientDataJSON),
     encodeVecU8(args.authenticatorData)
   );
-  return new TransactionInstruction3({
+  return new TransactionInstruction4({
     keys: [
       { pubkey: args.vaultPda, isSigner: false, isWritable: true },
       { pubkey: INSTRUCTIONS_SYSVAR_ID, isSigner: false, isWritable: false }
@@ -168,7 +235,7 @@ function buildRegisterSessionKeyInstruction(args) {
 }
 // src/instructions/revokeSession.ts
-import { TransactionInstruction as TransactionInstruction4 } from "@solana/web3.js";
+import { TransactionInstruction as TransactionInstruction5 } from "@solana/web3.js";
 function encodeVecU82(bytes) {
   const out = new Uint8Array(4 + bytes.length);
   new DataView(out.buffer).setUint32(0, bytes.length >>> 0, true);
@@ -191,7 +258,7 @@ function buildRevokeSessionKeyInstruction(args) {
     encodeVecU82(args.clientDataJSON),
     encodeVecU82(args.authenticatorData)
   );
-  return new TransactionInstruction4({
+  return new TransactionInstruction5({
     keys: [
       { pubkey: args.vaultPda, isSigner: false, isWritable: true },
       { pubkey: INSTRUCTIONS_SYSVAR_ID, isSigner: false, isWritable: false }
@@ -202,7 +269,7 @@ function buildRevokeSessionKeyInstruction(args) {
 }
 // src/instructions/settleVoucher.ts
-import { TransactionInstruction as TransactionInstruction5 } from "@solana/web3.js";
+import { TransactionInstruction as TransactionInstruction6 } from "@solana/web3.js";
 function encodeU64(value) {
   const out = Buffer.alloc(8);
   out.writeBigUInt64LE(value, 0);
@@ -214,7 +281,7 @@ function encodeBool(value) {
 function buildSettleVoucherInstruction(p) {
   const argsBuf = Buffer.concat([encodeU64(p.amount), encodeBool(p.increment)]);
   const data = Buffer.concat([Buffer.from(DISCRIMINATORS.settle_voucher), argsBuf]);
-  return new TransactionInstruction5({
+  return new TransactionInstruction6({
     programId: DEXTER_VAULT_PROGRAM_ID,
     keys: [
       { pubkey: p.vaultPda, isSigner: false, isWritable: true },
@@ -226,15 +293,15 @@ function buildSettleVoucherInstruction(p) {
 // src/instructions/settleTabVoucher.ts
 import {
-  TransactionInstruction as TransactionInstruction7,
-  SYSVAR_INSTRUCTIONS_PUBKEY as SYSVAR_INSTRUCTIONS_PUBKEY3
+  TransactionInstruction as TransactionInstruction8,
+  SYSVAR_INSTRUCTIONS_PUBKEY as SYSVAR_INSTRUCTIONS_PUBKEY4
 } from "@solana/web3.js";
 // src/instructions/withdraw.ts
 import {
-  PublicKey as PublicKey7,
-  TransactionInstruction as TransactionInstruction6,
-  SYSVAR_INSTRUCTIONS_PUBKEY as SYSVAR_INSTRUCTIONS_PUBKEY2
+  PublicKey as PublicKey8,
+  TransactionInstruction as TransactionInstruction7,
+  SYSVAR_INSTRUCTIONS_PUBKEY as SYSVAR_INSTRUCTIONS_PUBKEY3
 } from "@solana/web3.js";
 function encodeBytesVec2(buf) {
   const out = Buffer.alloc(4 + buf.length);
@@ -256,7 +323,7 @@ function encodePubkey2(key) {
   return Buffer.from(key.toBytes());
 }
 function deriveSwigWalletAddress(swigAddress) {
-  const [pda] = PublicKey7.findProgramAddressSync(
+  const [pda] = PublicKey8.findProgramAddressSync(
     [Buffer.from("swig-wallet-address"), swigAddress.toBuffer()],
     SWIG_PROGRAM_ID
   );
@@ -271,11 +338,11 @@ function buildRequestWithdrawalInstruction(p) {
     encodeBytesVec2(p.authenticatorData)
   ]);
   const data = Buffer.concat([Buffer.from(DISCRIMINATORS.request_withdrawal), argsBuf]);
-  return new TransactionInstruction6({
+  return new TransactionInstruction7({
     programId: DEXTER_VAULT_PROGRAM_ID,
     keys: [
       { pubkey: p.vaultPda, isSigner: false, isWritable: true },
-      { pubkey: SYSVAR_INSTRUCTIONS_PUBKEY2, isSigner: false, isWritable: false }
+      { pubkey: SYSVAR_INSTRUCTIONS_PUBKEY3, isSigner: false, isWritable: false }
     ],
     data
   });
@@ -287,13 +354,13 @@ function buildFinalizeWithdrawalInstruction(p) {
   ]);
   const data = Buffer.concat([Buffer.from(DISCRIMINATORS.finalize_withdrawal), argsBuf]);
   const swigWalletAddress = deriveSwigWalletAddress(p.swigAddress);
-  return new TransactionInstruction6({
+  return new TransactionInstruction7({
     programId: DEXTER_VAULT_PROGRAM_ID,
     keys: [
       { pubkey: p.swigAddress, isSigner: false, isWritable: false },
       { pubkey: swigWalletAddress, isSigner: false, isWritable: false },
       { pubkey: p.vaultPda, isSigner: false, isWritable: true },
-      { pubkey: SYSVAR_INSTRUCTIONS_PUBKEY2, isSigner: false, isWritable: false }
+      { pubkey: SYSVAR_INSTRUCTIONS_PUBKEY3, isSigner: false, isWritable: false }
     ],
     data
   });
@@ -304,11 +371,11 @@ function buildForceReleaseInstruction(p) {
     encodeBytesVec2(p.authenticatorData)
   ]);
   const data = Buffer.concat([Buffer.from(DISCRIMINATORS.force_release), argsBuf]);
-  return new TransactionInstruction6({
+  return new TransactionInstruction7({
     programId: DEXTER_VAULT_PROGRAM_ID,
     keys: [
       { pubkey: p.vaultPda, isSigner: false, isWritable: true },
-      { pubkey: SYSVAR_INSTRUCTIONS_PUBKEY2, isSigner: false, isWritable: false }
+      { pubkey: SYSVAR_INSTRUCTIONS_PUBKEY3, isSigner: false, isWritable: false }
     ],
     data
   });
@@ -342,14 +409,14 @@ function buildSettleTabVoucherInstruction(p) {
   ]);
   const data = Buffer.concat([Buffer.from(DISCRIMINATORS.settle_tab_voucher), argsBuf]);
   const swigWalletAddress = deriveSwigWalletAddress(p.swigAddress);
-  return new TransactionInstruction7({
+  return new TransactionInstruction8({
     programId: DEXTER_VAULT_PROGRAM_ID,
     keys: [
       { pubkey: p.swigAddress, isSigner: false, isWritable: false },
       { pubkey: swigWalletAddress, isSigner: false, isWritable: false },
       { pubkey: p.vaultPda, isSigner: false, isWritable: true },
       { pubkey: p.dexterAuthority, isSigner: true, isWritable: false },
-      { pubkey: SYSVAR_INSTRUCTIONS_PUBKEY3, isSigner: false, isWritable: false }
+      { pubkey: SYSVAR_INSTRUCTIONS_PUBKEY4, isSigner: false, isWritable: false }
     ],
     data
   });
@@ -357,8 +424,8 @@ function buildSettleTabVoucherInstruction(p) {
 // src/instructions/rotate.ts
 import {
-  TransactionInstruction as TransactionInstruction8,
-  SYSVAR_INSTRUCTIONS_PUBKEY as SYSVAR_INSTRUCTIONS_PUBKEY4
+  TransactionInstruction as TransactionInstruction9,
+  SYSVAR_INSTRUCTIONS_PUBKEY as SYSVAR_INSTRUCTIONS_PUBKEY5
 } from "@solana/web3.js";
 function encodeBytesVec3(buf) {
   const out = Buffer.alloc(4 + buf.length);
@@ -382,11 +449,11 @@ function buildRotatePasskeyInstruction(p) {
     encodeBytesVec3(p.authenticatorData)
   ]);
   const data = Buffer.concat([Buffer.from(DISCRIMINATORS.rotate_passkey), argsBuf]);
-  return new TransactionInstruction8({
+  return new TransactionInstruction9({
     programId: DEXTER_VAULT_PROGRAM_ID,
     keys: [
       { pubkey: p.vaultPda, isSigner: false, isWritable: true },
-      { pubkey: SYSVAR_INSTRUCTIONS_PUBKEY4, isSigner: false, isWritable: false }
+      { pubkey: SYSVAR_INSTRUCTIONS_PUBKEY5, isSigner: false, isWritable: false }
     ],
     data
   });
@@ -396,7 +463,7 @@ function buildRotateDexterAuthorityInstruction(p) {
     Buffer.from(DISCRIMINATORS.rotate_dexter_authority),
     encodePubkey3(p.newDexterAuthority)
   ]);
-  return new TransactionInstruction8({
+  return new TransactionInstruction9({
     programId: DEXTER_VAULT_PROGRAM_ID,
     keys: [
       { pubkey: p.vaultPda, isSigner: false, isWritable: true },
@@ -408,8 +475,8 @@ function buildRotateDexterAuthorityInstruction(p) {
 // src/instructions/provePasskey.ts
 import {
-  TransactionInstruction as TransactionInstruction9,
-  SYSVAR_INSTRUCTIONS_PUBKEY as SYSVAR_INSTRUCTIONS_PUBKEY5
+  TransactionInstruction as TransactionInstruction10,
+  SYSVAR_INSTRUCTIONS_PUBKEY as SYSVAR_INSTRUCTIONS_PUBKEY6
 } from "@solana/web3.js";
 function encodeBytesVec4(buf) {
   const out = Buffer.alloc(4 + buf.length);
@@ -430,11 +497,11 @@ function buildProvePasskeyInstruction(p) {
     encodeBytesVec4(p.authenticatorData)
   ]);
   const data = Buffer.concat([Buffer.from(DISCRIMINATORS.prove_passkey), argsBuf]);
-  return new TransactionInstruction9({
+  return new TransactionInstruction10({
     programId: DEXTER_VAULT_PROGRAM_ID,
     keys: [
       { pubkey: p.vaultPda, isSigner: false, isWritable: false },
-      { pubkey: SYSVAR_INSTRUCTIONS_PUBKEY5, isSigner: false, isWritable: false }
+      { pubkey: SYSVAR_INSTRUCTIONS_PUBKEY6, isSigner: false, isWritable: false }
     ],
     data
   });
@@ -4844,7 +4911,7 @@ function createSolanaRpcFromTransport(transport) {
 // src/instructions/swigBundle.ts
 import * as bs58Module from "bs58";
-import { PublicKey as PublicKey11 } from "@solana/web3.js";
+import { PublicKey as PublicKey12 } from "@solana/web3.js";
 var bs58 = bs58Module.default ?? bs58Module;
 var SWIG_ID_DOMAIN = "dexter-swig-id:v1:";
 var DEFAULT_SESSION_TTL_SECONDS = BigInt(30 * 24 * 60 * 60);
@@ -4960,13 +5027,14 @@ function deriveVaultPda(supabaseUserId) {
   if (supabaseUserId.length !== 16) {
     throw new Error("supabaseUserId must be 16 bytes (UUID v4)");
   }
-  const [pda, bump] = PublicKey11.findProgramAddressSync(
+  const [pda, bump] = PublicKey12.findProgramAddressSync(
     [Buffer.from("vault"), Buffer.from(supabaseUserId)],
     DEXTER_VAULT_PROGRAM_ID
   );
   return { pda, bump };
 }
 export {
+  SET_SWIG_ATOMIC_DISCRIMINATOR,
   SWIG_PROGRAM_EXEC_MARKERS,
   SWIG_PROGRAM_EXEC_PREFIX,
   SWIG_PROGRAM_EXEC_PREFIX_SETTLE_TAB,
@@ -4979,6 +5047,7 @@ export {
   buildRevokeSessionKeyInstruction,
   buildRotateDexterAuthorityInstruction,
   buildRotatePasskeyInstruction,
+  buildSetSwigAtomicInstruction,
   buildSetSwigInstruction,
   buildSettleTabVoucherInstruction,
   buildSettleVoucherInstruction,

package/dist/signers/browser/index.cjs CHANGED Viewed

@@ -102,6 +102,7 @@ var WebAuthnAssertion = class {
     const compactSignature = derSignatureToCompactLowS(derSignature);
     return {
       signature: compactSignature,
+      signatureDer: derSignature,
       clientDataJSON: new Uint8Array(assertion.clientDataJSON),
       authenticatorData: new Uint8Array(assertion.authenticatorData)
     };

package/dist/signers/browser/index.d.cts CHANGED Viewed

@@ -42,6 +42,14 @@ interface WebAuthnAssertionConfig {
 interface WebAuthnAssertionResult {
     /** 64-byte compact r||s P-256 signature, lowS-normalized (SIMD-0075 requires lowS). */
     signature: Uint8Array;
+    /**
+     * Raw DER-encoded ECDSA signature as returned by the authenticator,
+     * BEFORE the compact-lowS conversion. Kept so consumers that need to
+     * forward the assertion to a WebAuthn server library (which expects
+     * DER) don't have to re-run the ceremony. The on-chain bytes are
+     * `signature` (compact); DER is for server-side verify legs.
+     */
+    signatureDer: Uint8Array;
     /** Raw clientDataJSON as returned by the authenticator. */
     clientDataJSON: Uint8Array;
     /** Raw authenticatorData as returned by the authenticator. */

package/dist/signers/browser/index.d.ts CHANGED Viewed

@@ -42,6 +42,14 @@ interface WebAuthnAssertionConfig {
 interface WebAuthnAssertionResult {
     /** 64-byte compact r||s P-256 signature, lowS-normalized (SIMD-0075 requires lowS). */
     signature: Uint8Array;
+    /**
+     * Raw DER-encoded ECDSA signature as returned by the authenticator,
+     * BEFORE the compact-lowS conversion. Kept so consumers that need to
+     * forward the assertion to a WebAuthn server library (which expects
+     * DER) don't have to re-run the ceremony. The on-chain bytes are
+     * `signature` (compact); DER is for server-side verify legs.
+     */
+    signatureDer: Uint8Array;
     /** Raw clientDataJSON as returned by the authenticator. */
     clientDataJSON: Uint8Array;
     /** Raw authenticatorData as returned by the authenticator. */

package/dist/signers/browser/index.js CHANGED Viewed

@@ -76,6 +76,7 @@ var WebAuthnAssertion = class {
     const compactSignature = derSignatureToCompactLowS(derSignature);
     return {
       signature: compactSignature,
+      signatureDer: derSignature,
       clientDataJSON: new Uint8Array(assertion.clientDataJSON),
       authenticatorData: new Uint8Array(assertion.authenticatorData)
     };

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@dexterai/vault",
-  "version": "0.2.0",
+  "version": "0.3.0",
   "description": "Canonical off-chain mirror of the dexter-vault Solana Anchor program — Solana instruction builders, byte-precise message encoders, account decoders, secp256r1/Ed25519 precompile helpers, counterfactual Swig derivation, and signer interfaces. The single source of truth for any TypeScript code that produces bytes the on-chain program will verify.",
   "author": "Dexter",
   "license": "MIT",