@dexterai/vault 0.3.1 → 0.3.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/dist/instructions/index.cjs +1015 -984
  2. package/dist/instructions/index.d.cts +42 -1
  3. package/dist/instructions/index.d.ts +42 -1
  4. package/dist/instructions/index.js +1018 -988
  5. package/package.json +1 -1
package/dist/instructions/index.cjs CHANGED
@@ -43,11 +43,13 @@ __export(instructions_exports, {
43
43
  buildRevokeSessionKeyInstruction: () => buildRevokeSessionKeyInstruction,
44
44
  buildRotateDexterAuthorityInstruction: () => buildRotateDexterAuthorityInstruction,
45
45
  buildRotatePasskeyInstruction: () => buildRotatePasskeyInstruction,
46
+ buildSetSwigAtomicFromIdentity: () => buildSetSwigAtomicFromIdentity,
46
47
  buildSetSwigAtomicInstruction: () => buildSetSwigAtomicInstruction,
47
48
  buildSetSwigInstruction: () => buildSetSwigInstruction,
48
49
  buildSettleTabVoucherInstruction: () => buildSettleTabVoucherInstruction,
49
50
  buildSettleVoucherInstruction: () => buildSettleVoucherInstruction,
50
51
  buildSwigCreationBundle: () => buildSwigCreationBundle,
52
+ deriveSwigId: () => deriveSwigId,
51
53
  deriveSwigWalletAddress: () => deriveSwigWalletAddress,
52
54
  deriveVaultPda: () => deriveVaultPda,
53
55
  expectedSwigAddressFor: () => expectedSwigAddressFor,
@@ -162,389 +164,12 @@ function buildSetSwigInstruction(p) {
162
164
  }
163
165
 
164
166
  // src/instructions/setSwigAtomic.ts
165
- var import_web34 = require("@solana/web3.js");
166
- var SET_SWIG_ATOMIC_DISCRIMINATOR = new Uint8Array([
167
- 119,
168
- 111,
169
- 247,
170
- 215,
171
- 190,
172
- 3,
173
- 170,
174
- 23
175
- ]);
176
- function buildSetSwigAtomicInstruction(params) {
177
- if (params.swigId.length !== 32) {
178
- throw new Error(`swigId must be 32 bytes, got ${params.swigId.length}`);
179
- }
180
- if (params.authenticatorData.length < 37) {
181
- throw new Error(`authenticatorData must be at least 37 bytes`);
182
- }
183
- const cdj = params.clientDataJSON;
184
- const ad = params.authenticatorData;
185
- const dataLen = 8 + // discriminator
186
- 32 + // swig_id
187
- 1 + // swig_account_bump
188
- 1 + // swig_wallet_address_bump
189
- 32 + // dexter_master_pubkey
190
- 4 + cdj.length + // client_data_json (len-prefixed)
191
- 4 + ad.length;
192
- const data = new Uint8Array(dataLen);
193
- const view = new DataView(data.buffer);
194
- let off = 0;
195
- data.set(SET_SWIG_ATOMIC_DISCRIMINATOR, off);
196
- off += 8;
197
- data.set(params.swigId, off);
198
- off += 32;
199
- data[off++] = params.swigAccountBump;
200
- data[off++] = params.swigWalletAddressBump;
201
- data.set(params.dexterMasterPubkey.toBytes(), off);
202
- off += 32;
203
- view.setUint32(off, cdj.length, true);
204
- off += 4;
205
- data.set(cdj, off);
206
- off += cdj.length;
207
- view.setUint32(off, ad.length, true);
208
- off += 4;
209
- data.set(ad, off);
210
- off += ad.length;
211
- if (off !== dataLen) throw new Error(`internal: byte offset mismatch (${off} vs ${dataLen})`);
212
- return new import_web34.TransactionInstruction({
213
- programId: DEXTER_VAULT_PROGRAM_ID,
214
- keys: [
215
- { pubkey: params.vaultPda, isSigner: false, isWritable: true },
216
- { pubkey: params.feePayer, isSigner: true, isWritable: true },
217
- { pubkey: params.swigAddress, isSigner: false, isWritable: true },
218
- { pubkey: params.swigWalletAddress, isSigner: false, isWritable: true },
219
- { pubkey: SWIG_PROGRAM_ID, isSigner: false, isWritable: false },
220
- { pubkey: import_web34.SystemProgram.programId, isSigner: false, isWritable: false },
221
- { pubkey: import_web34.SYSVAR_INSTRUCTIONS_PUBKEY, isSigner: false, isWritable: false }
222
- ],
223
- data: Buffer.from(data)
224
- });
225
- }
226
-
227
- // src/instructions/registerSession.ts
228
167
  var import_web35 = require("@solana/web3.js");
229
- function encodeU64LE(value) {
230
- const buf = new Uint8Array(8);
231
- new DataView(buf.buffer).setBigUint64(0, value, true);
232
- return buf;
233
- }
234
- function encodeI64LE(value) {
235
- const buf = new Uint8Array(8);
236
- new DataView(buf.buffer).setBigInt64(0, value, true);
237
- return buf;
238
- }
239
- function encodeU32LE(value) {
240
- const buf = new Uint8Array(4);
241
- new DataView(buf.buffer).setUint32(0, value >>> 0, true);
242
- return buf;
243
- }
244
- function encodeVecU8(bytes) {
245
- const out = new Uint8Array(4 + bytes.length);
246
- new DataView(out.buffer).setUint32(0, bytes.length >>> 0, true);
247
- out.set(bytes, 4);
248
- return out;
249
- }
250
- function concatBytes(...parts) {
251
- const total = parts.reduce((n, p) => n + p.length, 0);
252
- const out = new Uint8Array(total);
253
- let o2 = 0;
254
- for (const p of parts) {
255
- out.set(p, o2);
256
- o2 += p.length;
257
- }
258
- return out;
259
- }
260
- function buildRegisterSessionKeyInstruction(args) {
261
- if (args.sessionPubkey.length !== 32) {
262
- throw new Error(`sessionPubkey must be 32 bytes, got ${args.sessionPubkey.length}`);
263
- }
264
- const data = concatBytes(
265
- DISCRIMINATORS.register_session_key,
266
- args.sessionPubkey,
267
- encodeU64LE(args.maxAmount),
268
- encodeI64LE(args.expiresAt),
269
- args.allowedCounterparty.toBytes(),
270
- encodeU32LE(args.nonce),
271
- encodeVecU8(args.clientDataJSON),
272
- encodeVecU8(args.authenticatorData)
273
- );
274
- return new import_web35.TransactionInstruction({
275
- keys: [
276
- { pubkey: args.vaultPda, isSigner: false, isWritable: true },
277
- { pubkey: INSTRUCTIONS_SYSVAR_ID, isSigner: false, isWritable: false }
278
- ],
279
- programId: DEXTER_VAULT_PROGRAM_ID,
280
- data: Buffer.from(data)
281
- });
282
- }
283
-
284
- // src/instructions/revokeSession.ts
285
- var import_web36 = require("@solana/web3.js");
286
- function encodeVecU82(bytes) {
287
- const out = new Uint8Array(4 + bytes.length);
288
- new DataView(out.buffer).setUint32(0, bytes.length >>> 0, true);
289
- out.set(bytes, 4);
290
- return out;
291
- }
292
- function concatBytes2(...parts) {
293
- const total = parts.reduce((n, p) => n + p.length, 0);
294
- const out = new Uint8Array(total);
295
- let o2 = 0;
296
- for (const p of parts) {
297
- out.set(p, o2);
298
- o2 += p.length;
299
- }
300
- return out;
301
- }
302
- function buildRevokeSessionKeyInstruction(args) {
303
- const data = concatBytes2(
304
- DISCRIMINATORS.revoke_session_key,
305
- encodeVecU82(args.clientDataJSON),
306
- encodeVecU82(args.authenticatorData)
307
- );
308
- return new import_web36.TransactionInstruction({
309
- keys: [
310
- { pubkey: args.vaultPda, isSigner: false, isWritable: true },
311
- { pubkey: INSTRUCTIONS_SYSVAR_ID, isSigner: false, isWritable: false }
312
- ],
313
- programId: DEXTER_VAULT_PROGRAM_ID,
314
- data: Buffer.from(data)
315
- });
316
- }
317
-
318
- // src/instructions/settleVoucher.ts
319
- var import_web37 = require("@solana/web3.js");
320
- function encodeU64(value) {
321
- const out = Buffer.alloc(8);
322
- out.writeBigUInt64LE(value, 0);
323
- return out;
324
- }
325
- function encodeBool(value) {
326
- return Buffer.from([value ? 1 : 0]);
327
- }
328
- function buildSettleVoucherInstruction(p) {
329
- const argsBuf = Buffer.concat([encodeU64(p.amount), encodeBool(p.increment)]);
330
- const data = Buffer.concat([Buffer.from(DISCRIMINATORS.settle_voucher), argsBuf]);
331
- return new import_web37.TransactionInstruction({
332
- programId: DEXTER_VAULT_PROGRAM_ID,
333
- keys: [
334
- { pubkey: p.vaultPda, isSigner: false, isWritable: true },
335
- { pubkey: p.dexterAuthority, isSigner: true, isWritable: false }
336
- ],
337
- data
338
- });
339
- }
340
-
341
- // src/instructions/settleTabVoucher.ts
342
- var import_web39 = require("@solana/web3.js");
343
168
 
344
- // src/instructions/withdraw.ts
345
- var import_web38 = require("@solana/web3.js");
346
- function encodeBytesVec2(buf) {
347
- const out = Buffer.alloc(4 + buf.length);
348
- out.writeUInt32LE(buf.length, 0);
349
- Buffer.from(buf).copy(out, 4);
350
- return out;
351
- }
352
- function encodeU642(value) {
353
- const out = Buffer.alloc(8);
354
- out.writeBigUInt64LE(value, 0);
355
- return out;
356
- }
357
- function encodeI64(value) {
358
- const out = Buffer.alloc(8);
359
- out.writeBigInt64LE(value, 0);
360
- return out;
361
- }
362
- function encodePubkey2(key) {
363
- return Buffer.from(key.toBytes());
364
- }
365
- function deriveSwigWalletAddress(swigAddress) {
366
- const [pda] = import_web38.PublicKey.findProgramAddressSync(
367
- [Buffer.from("swig-wallet-address"), swigAddress.toBuffer()],
368
- SWIG_PROGRAM_ID
369
- );
370
- return pda;
371
- }
372
- function buildRequestWithdrawalInstruction(p) {
373
- const argsBuf = Buffer.concat([
374
- encodeU642(p.amount),
375
- encodePubkey2(p.destination),
376
- encodeI64(p.signedAt),
377
- encodeBytesVec2(p.clientDataJSON),
378
- encodeBytesVec2(p.authenticatorData)
379
- ]);
380
- const data = Buffer.concat([Buffer.from(DISCRIMINATORS.request_withdrawal), argsBuf]);
381
- return new import_web38.TransactionInstruction({
382
- programId: DEXTER_VAULT_PROGRAM_ID,
383
- keys: [
384
- { pubkey: p.vaultPda, isSigner: false, isWritable: true },
385
- { pubkey: import_web38.SYSVAR_INSTRUCTIONS_PUBKEY, isSigner: false, isWritable: false }
386
- ],
387
- data
388
- });
389
- }
390
- function buildFinalizeWithdrawalInstruction(p) {
391
- const argsBuf = Buffer.concat([
392
- encodeBytesVec2(p.clientDataJSON),
393
- encodeBytesVec2(p.authenticatorData)
394
- ]);
395
- const data = Buffer.concat([Buffer.from(DISCRIMINATORS.finalize_withdrawal), argsBuf]);
396
- const swigWalletAddress = deriveSwigWalletAddress(p.swigAddress);
397
- return new import_web38.TransactionInstruction({
398
- programId: DEXTER_VAULT_PROGRAM_ID,
399
- keys: [
400
- { pubkey: p.swigAddress, isSigner: false, isWritable: false },
401
- { pubkey: swigWalletAddress, isSigner: false, isWritable: false },
402
- { pubkey: p.vaultPda, isSigner: false, isWritable: true },
403
- { pubkey: import_web38.SYSVAR_INSTRUCTIONS_PUBKEY, isSigner: false, isWritable: false }
404
- ],
405
- data
406
- });
407
- }
408
- function buildForceReleaseInstruction(p) {
409
- const argsBuf = Buffer.concat([
410
- encodeBytesVec2(p.clientDataJSON),
411
- encodeBytesVec2(p.authenticatorData)
412
- ]);
413
- const data = Buffer.concat([Buffer.from(DISCRIMINATORS.force_release), argsBuf]);
414
- return new import_web38.TransactionInstruction({
415
- programId: DEXTER_VAULT_PROGRAM_ID,
416
- keys: [
417
- { pubkey: p.vaultPda, isSigner: false, isWritable: true },
418
- { pubkey: import_web38.SYSVAR_INSTRUCTIONS_PUBKEY, isSigner: false, isWritable: false }
419
- ],
420
- data
421
- });
422
- }
423
-
424
- // src/instructions/settleTabVoucher.ts
425
- function encodeFixedBytes2(buf, len) {
426
- if (buf.length !== len) {
427
- throw new Error(`expected ${len} bytes, got ${buf.length}`);
428
- }
429
- return Buffer.from(buf);
430
- }
431
- function encodeU643(value) {
432
- const out = Buffer.alloc(8);
433
- out.writeBigUInt64LE(value, 0);
434
- return out;
435
- }
436
- function encodeU322(value) {
437
- const out = Buffer.alloc(4);
438
- out.writeUInt32LE(value >>> 0, 0);
439
- return out;
440
- }
441
- function buildSettleTabVoucherInstruction(p) {
442
- if (p.channelId.length !== 32) {
443
- throw new Error(`channelId must be 32 bytes, got ${p.channelId.length}`);
444
- }
445
- const argsBuf = Buffer.concat([
446
- encodeFixedBytes2(p.channelId, 32),
447
- encodeU643(p.cumulativeAmount),
448
- encodeU322(p.sequenceNumber)
449
- ]);
450
- const data = Buffer.concat([Buffer.from(DISCRIMINATORS.settle_tab_voucher), argsBuf]);
451
- const swigWalletAddress = deriveSwigWalletAddress(p.swigAddress);
452
- return new import_web39.TransactionInstruction({
453
- programId: DEXTER_VAULT_PROGRAM_ID,
454
- keys: [
455
- { pubkey: p.swigAddress, isSigner: false, isWritable: false },
456
- { pubkey: swigWalletAddress, isSigner: false, isWritable: false },
457
- { pubkey: p.vaultPda, isSigner: false, isWritable: true },
458
- { pubkey: p.dexterAuthority, isSigner: true, isWritable: false },
459
- { pubkey: import_web39.SYSVAR_INSTRUCTIONS_PUBKEY, isSigner: false, isWritable: false }
460
- ],
461
- data
462
- });
463
- }
464
-
465
- // src/instructions/rotate.ts
466
- var import_web310 = require("@solana/web3.js");
467
- function encodeBytesVec3(buf) {
468
- const out = Buffer.alloc(4 + buf.length);
469
- out.writeUInt32LE(buf.length, 0);
470
- Buffer.from(buf).copy(out, 4);
471
- return out;
472
- }
473
- function encodeFixedBytes3(buf, len) {
474
- if (buf.length !== len) {
475
- throw new Error(`expected ${len} bytes, got ${buf.length}`);
476
- }
477
- return Buffer.from(buf);
478
- }
479
- function encodePubkey3(key) {
480
- return Buffer.from(key.toBytes());
481
- }
482
- function buildRotatePasskeyInstruction(p) {
483
- const argsBuf = Buffer.concat([
484
- encodeFixedBytes3(p.newPasskeyPubkey, 33),
485
- encodeBytesVec3(p.clientDataJSON),
486
- encodeBytesVec3(p.authenticatorData)
487
- ]);
488
- const data = Buffer.concat([Buffer.from(DISCRIMINATORS.rotate_passkey), argsBuf]);
489
- return new import_web310.TransactionInstruction({
490
- programId: DEXTER_VAULT_PROGRAM_ID,
491
- keys: [
492
- { pubkey: p.vaultPda, isSigner: false, isWritable: true },
493
- { pubkey: import_web310.SYSVAR_INSTRUCTIONS_PUBKEY, isSigner: false, isWritable: false }
494
- ],
495
- data
496
- });
497
- }
498
- function buildRotateDexterAuthorityInstruction(p) {
499
- const data = Buffer.concat([
500
- Buffer.from(DISCRIMINATORS.rotate_dexter_authority),
501
- encodePubkey3(p.newDexterAuthority)
502
- ]);
503
- return new import_web310.TransactionInstruction({
504
- programId: DEXTER_VAULT_PROGRAM_ID,
505
- keys: [
506
- { pubkey: p.vaultPda, isSigner: false, isWritable: true },
507
- { pubkey: p.currentDexterAuthority, isSigner: true, isWritable: false }
508
- ],
509
- data
510
- });
511
- }
512
-
513
- // src/instructions/provePasskey.ts
514
- var import_web311 = require("@solana/web3.js");
515
- function encodeBytesVec4(buf) {
516
- const out = Buffer.alloc(4 + buf.length);
517
- out.writeUInt32LE(buf.length, 0);
518
- Buffer.from(buf).copy(out, 4);
519
- return out;
520
- }
521
- function encodeFixedBytes4(buf, len) {
522
- if (buf.length !== len) {
523
- throw new Error(`expected ${len} bytes, got ${buf.length}`);
524
- }
525
- return Buffer.from(buf);
526
- }
527
- function buildProvePasskeyInstruction(p) {
528
- const argsBuf = Buffer.concat([
529
- encodeFixedBytes4(p.challenge, 32),
530
- encodeBytesVec4(p.clientDataJSON),
531
- encodeBytesVec4(p.authenticatorData)
532
- ]);
533
- const data = Buffer.concat([Buffer.from(DISCRIMINATORS.prove_passkey), argsBuf]);
534
- return new import_web311.TransactionInstruction({
535
- programId: DEXTER_VAULT_PROGRAM_ID,
536
- keys: [
537
- { pubkey: p.vaultPda, isSigner: false, isWritable: false },
538
- { pubkey: import_web311.SYSVAR_INSTRUCTIONS_PUBKEY, isSigner: false, isWritable: false }
539
- ],
540
- data
541
- });
542
- }
543
-
544
- // src/instructions/swigBundle.ts
545
- var import_node_crypto = require("crypto");
546
- var import_kit = require("@swig-wallet/kit");
547
- var import_lib = require("@swig-wallet/lib");
169
+ // src/instructions/swigBundle.ts
170
+ var import_node_crypto = require("crypto");
171
+ var import_kit = require("@swig-wallet/kit");
172
+ var import_lib = require("@swig-wallet/lib");
548
173
 
549
174
  // node_modules/@solana/addresses/node_modules/@solana/errors/dist/index.node.mjs
550
175
  var SOLANA_ERROR__BLOCK_HEIGHT_EXCEEDED = 1;
@@ -4412,650 +4037,1054 @@ var SolanaErrorMessages5 = {
4412
4037
  [SOLANA_ERROR__TRANSACTION__SIGNATURES_MISSING5]: "Transaction is missing signatures for addresses: $addresses.",
4413
4038
  [SOLANA_ERROR__TRANSACTION__VERSION_NUMBER_OUT_OF_RANGE5]: "Transaction version must be in the range [0, 127]. `$actualVersion` given"
4414
4039
  };
4415
- var START_INDEX5 = "i";
4416
- var TYPE5 = "t";
4417
- function getHumanReadableErrorMessage5(code, context = {}) {
4418
- const messageFormatString = SolanaErrorMessages5[code];
4419
- if (messageFormatString.length === 0) {
4420
- return "";
4040
+ var START_INDEX5 = "i";
4041
+ var TYPE5 = "t";
4042
+ function getHumanReadableErrorMessage5(code, context = {}) {
4043
+ const messageFormatString = SolanaErrorMessages5[code];
4044
+ if (messageFormatString.length === 0) {
4045
+ return "";
4046
+ }
4047
+ let state;
4048
+ function commitStateUpTo(endIndex) {
4049
+ if (state[TYPE5] === 2) {
4050
+ const variableName = messageFormatString.slice(state[START_INDEX5] + 1, endIndex);
4051
+ fragments.push(
4052
+ variableName in context ? (
4053
+ // eslint-disable-next-line @typescript-eslint/restrict-template-expressions
4054
+ `${context[variableName]}`
4055
+ ) : `$${variableName}`
4056
+ );
4057
+ } else if (state[TYPE5] === 1) {
4058
+ fragments.push(messageFormatString.slice(state[START_INDEX5], endIndex));
4059
+ }
4060
+ }
4061
+ const fragments = [];
4062
+ messageFormatString.split("").forEach((char, ii) => {
4063
+ if (ii === 0) {
4064
+ state = {
4065
+ [START_INDEX5]: 0,
4066
+ [TYPE5]: messageFormatString[0] === "\\" ? 0 : messageFormatString[0] === "$" ? 2 : 1
4067
+ /* Text */
4068
+ };
4069
+ return;
4070
+ }
4071
+ let nextState;
4072
+ switch (state[TYPE5]) {
4073
+ case 0:
4074
+ nextState = {
4075
+ [START_INDEX5]: ii,
4076
+ [TYPE5]: 1
4077
+ /* Text */
4078
+ };
4079
+ break;
4080
+ case 1:
4081
+ if (char === "\\") {
4082
+ nextState = {
4083
+ [START_INDEX5]: ii,
4084
+ [TYPE5]: 0
4085
+ /* EscapeSequence */
4086
+ };
4087
+ } else if (char === "$") {
4088
+ nextState = {
4089
+ [START_INDEX5]: ii,
4090
+ [TYPE5]: 2
4091
+ /* Variable */
4092
+ };
4093
+ }
4094
+ break;
4095
+ case 2:
4096
+ if (char === "\\") {
4097
+ nextState = {
4098
+ [START_INDEX5]: ii,
4099
+ [TYPE5]: 0
4100
+ /* EscapeSequence */
4101
+ };
4102
+ } else if (char === "$") {
4103
+ nextState = {
4104
+ [START_INDEX5]: ii,
4105
+ [TYPE5]: 2
4106
+ /* Variable */
4107
+ };
4108
+ } else if (!char.match(/\w/)) {
4109
+ nextState = {
4110
+ [START_INDEX5]: ii,
4111
+ [TYPE5]: 1
4112
+ /* Text */
4113
+ };
4114
+ }
4115
+ break;
4116
+ }
4117
+ if (nextState) {
4118
+ if (state !== nextState) {
4119
+ commitStateUpTo(ii);
4120
+ }
4121
+ state = nextState;
4122
+ }
4123
+ });
4124
+ commitStateUpTo();
4125
+ return fragments.join("");
4126
+ }
4127
+ function getErrorMessage5(code, context = {}) {
4128
+ if (process.env.NODE_ENV !== "production") {
4129
+ return getHumanReadableErrorMessage5(code, context);
4130
+ } else {
4131
+ let decodingAdviceMessage = `Solana error #${code}; Decode this error by running \`npx @solana/errors decode -- ${code}`;
4132
+ if (Object.keys(context).length) {
4133
+ decodingAdviceMessage += ` '${encodeContextObject5(context)}'`;
4134
+ }
4135
+ return `${decodingAdviceMessage}\``;
4136
+ }
4137
+ }
4138
+ var SolanaError5 = class extends Error {
4139
+ /**
4140
+ * Indicates the root cause of this {@link SolanaError}, if any.
4141
+ *
4142
+ * For example, a transaction error might have an instruction error as its root cause. In this
4143
+ * case, you will be able to access the instruction error on the transaction error as `cause`.
4144
+ */
4145
+ cause = this.cause;
4146
+ /**
4147
+ * Contains context that can assist in understanding or recovering from a {@link SolanaError}.
4148
+ */
4149
+ context;
4150
+ constructor(...[code, contextAndErrorOptions]) {
4151
+ let context;
4152
+ let errorOptions;
4153
+ if (contextAndErrorOptions) {
4154
+ const { cause, ...contextRest } = contextAndErrorOptions;
4155
+ if (cause) {
4156
+ errorOptions = { cause };
4157
+ }
4158
+ if (Object.keys(contextRest).length > 0) {
4159
+ context = contextRest;
4160
+ }
4161
+ }
4162
+ const message = getErrorMessage5(code, context);
4163
+ super(message, errorOptions);
4164
+ this.context = {
4165
+ __code: code,
4166
+ ...context
4167
+ };
4168
+ this.name = "SolanaError";
4169
+ }
4170
+ };
4171
+
4172
+ // node_modules/@solana/rpc-transport-http/dist/index.node.mjs
4173
+ var DISALLOWED_HEADERS = {
4174
+ accept: true,
4175
+ "content-length": true,
4176
+ "content-type": true
4177
+ };
4178
+ var FORBIDDEN_HEADERS = /* @__PURE__ */ Object.assign(
4179
+ {
4180
+ "accept-charset": true,
4181
+ "access-control-request-headers": true,
4182
+ "access-control-request-method": true,
4183
+ connection: true,
4184
+ "content-length": true,
4185
+ cookie: true,
4186
+ date: true,
4187
+ dnt: true,
4188
+ expect: true,
4189
+ host: true,
4190
+ "keep-alive": true,
4191
+ origin: true,
4192
+ "permissions-policy": true,
4193
+ // Prefix matching is implemented in code, below.
4194
+ // 'proxy-': true,
4195
+ // 'sec-': true,
4196
+ referer: true,
4197
+ te: true,
4198
+ trailer: true,
4199
+ "transfer-encoding": true,
4200
+ upgrade: true,
4201
+ via: true
4202
+ },
4203
+ void 0
4204
+ );
4205
+ function assertIsAllowedHttpRequestHeaders(headers) {
4206
+ const badHeaders = Object.keys(headers).filter((headerName) => {
4207
+ const lowercaseHeaderName = headerName.toLowerCase();
4208
+ return DISALLOWED_HEADERS[headerName.toLowerCase()] === true || FORBIDDEN_HEADERS[headerName.toLowerCase()] === true || lowercaseHeaderName.startsWith("proxy-") || lowercaseHeaderName.startsWith("sec-");
4209
+ });
4210
+ if (badHeaders.length > 0) {
4211
+ throw new SolanaError5(SOLANA_ERROR__RPC__TRANSPORT_HTTP_HEADER_FORBIDDEN5, {
4212
+ headers: badHeaders
4213
+ });
4214
+ }
4215
+ }
4216
+ function normalizeHeaders(headers) {
4217
+ const out = {};
4218
+ for (const headerName in headers) {
4219
+ out[headerName.toLowerCase()] = headers[headerName];
4220
+ }
4221
+ return out;
4222
+ }
4223
+ function createHttpTransport(config) {
4224
+ if (process.env.NODE_ENV !== "production" && false) ;
4225
+ const { fromJson, headers, toJson, url } = config;
4226
+ if (process.env.NODE_ENV !== "production" && headers) {
4227
+ assertIsAllowedHttpRequestHeaders(headers);
4228
+ }
4229
+ let dispatcherConfig;
4230
+ if ("dispatcher_NODE_ONLY" in config) {
4231
+ dispatcherConfig = { dispatcher: config.dispatcher_NODE_ONLY };
4232
+ }
4233
+ const customHeaders = headers && normalizeHeaders(headers);
4234
+ return async function makeHttpRequest({
4235
+ payload,
4236
+ signal
4237
+ }) {
4238
+ const body = toJson ? toJson(payload) : JSON.stringify(payload);
4239
+ const requestInfo = {
4240
+ ...dispatcherConfig,
4241
+ body,
4242
+ headers: {
4243
+ ...customHeaders,
4244
+ // Keep these headers lowercase so they will override any user-supplied headers above.
4245
+ accept: "application/json",
4246
+ "content-length": body.length.toString(),
4247
+ "content-type": "application/json; charset=utf-8"
4248
+ },
4249
+ method: "POST",
4250
+ signal
4251
+ };
4252
+ const response = await fetch(url, requestInfo);
4253
+ if (!response.ok) {
4254
+ throw new SolanaError5(SOLANA_ERROR__RPC__TRANSPORT_HTTP_ERROR5, {
4255
+ headers: response.headers,
4256
+ message: response.statusText,
4257
+ statusCode: response.status
4258
+ });
4259
+ }
4260
+ if (fromJson) {
4261
+ return fromJson(await response.text(), payload);
4262
+ }
4263
+ return await response.json();
4264
+ };
4265
+ }
4266
+ var SOLANA_RPC_METHODS = [
4267
+ "getAccountInfo",
4268
+ "getBalance",
4269
+ "getBlock",
4270
+ "getBlockCommitment",
4271
+ "getBlockHeight",
4272
+ "getBlockProduction",
4273
+ "getBlocks",
4274
+ "getBlocksWithLimit",
4275
+ "getBlockTime",
4276
+ "getClusterNodes",
4277
+ "getEpochInfo",
4278
+ "getEpochSchedule",
4279
+ "getFeeForMessage",
4280
+ "getFirstAvailableBlock",
4281
+ "getGenesisHash",
4282
+ "getHealth",
4283
+ "getHighestSnapshotSlot",
4284
+ "getIdentity",
4285
+ "getInflationGovernor",
4286
+ "getInflationRate",
4287
+ "getInflationReward",
4288
+ "getLargestAccounts",
4289
+ "getLatestBlockhash",
4290
+ "getLeaderSchedule",
4291
+ "getMaxRetransmitSlot",
4292
+ "getMaxShredInsertSlot",
4293
+ "getMinimumBalanceForRentExemption",
4294
+ "getMultipleAccounts",
4295
+ "getProgramAccounts",
4296
+ "getRecentPerformanceSamples",
4297
+ "getRecentPrioritizationFees",
4298
+ "getSignaturesForAddress",
4299
+ "getSignatureStatuses",
4300
+ "getSlot",
4301
+ "getSlotLeader",
4302
+ "getSlotLeaders",
4303
+ "getStakeMinimumDelegation",
4304
+ "getSupply",
4305
+ "getTokenAccountBalance",
4306
+ "getTokenAccountsByDelegate",
4307
+ "getTokenAccountsByOwner",
4308
+ "getTokenLargestAccounts",
4309
+ "getTokenSupply",
4310
+ "getTransaction",
4311
+ "getTransactionCount",
4312
+ "getVersion",
4313
+ "getVoteAccounts",
4314
+ "index",
4315
+ "isBlockhashValid",
4316
+ "minimumLedgerSlot",
4317
+ "requestAirdrop",
4318
+ "sendTransaction",
4319
+ "simulateTransaction"
4320
+ ];
4321
+ function isSolanaRequest(payload) {
4322
+ return isJsonRpcPayload(payload) && SOLANA_RPC_METHODS.includes(payload.method);
4323
+ }
4324
+ function createHttpTransportForSolanaRpc(config) {
4325
+ return createHttpTransport({
4326
+ ...config,
4327
+ fromJson: (rawResponse, payload) => isSolanaRequest(payload) ? parseJsonWithBigInts(rawResponse) : JSON.parse(rawResponse),
4328
+ toJson: (payload) => isSolanaRequest(payload) ? stringifyJsonWithBigints(payload) : JSON.stringify(payload)
4329
+ });
4330
+ }
4331
+
4332
+ // node_modules/@solana/rpc/dist/index.node.mjs
4333
+ var import_events = require("events");
4334
+
4335
+ // node_modules/@solana/fast-stable-stringify/dist/index.node.mjs
4336
+ var objToString = Object.prototype.toString;
4337
+ var objKeys = Object.keys || function(obj) {
4338
+ const keys = [];
4339
+ for (const name in obj) {
4340
+ keys.push(name);
4341
+ }
4342
+ return keys;
4343
+ };
4344
+ function stringify(val, isArrayProp) {
4345
+ let i, max, str, keys, key, propVal, toStr;
4346
+ if (val === true) {
4347
+ return "true";
4348
+ }
4349
+ if (val === false) {
4350
+ return "false";
4351
+ }
4352
+ switch (typeof val) {
4353
+ case "object":
4354
+ if (val === null) {
4355
+ return null;
4356
+ } else if ("toJSON" in val && typeof val.toJSON === "function") {
4357
+ return stringify(val.toJSON(), isArrayProp);
4358
+ } else {
4359
+ toStr = objToString.call(val);
4360
+ if (toStr === "[object Array]") {
4361
+ str = "[";
4362
+ max = val.length - 1;
4363
+ for (i = 0; i < max; i++) {
4364
+ str += stringify(val[i], true) + ",";
4365
+ }
4366
+ if (max > -1) {
4367
+ str += stringify(val[i], true);
4368
+ }
4369
+ return str + "]";
4370
+ } else if (toStr === "[object Object]") {
4371
+ keys = objKeys(val).sort();
4372
+ max = keys.length;
4373
+ str = "";
4374
+ i = 0;
4375
+ while (i < max) {
4376
+ key = keys[i];
4377
+ propVal = stringify(val[key], false);
4378
+ if (propVal !== void 0) {
4379
+ if (str) {
4380
+ str += ",";
4381
+ }
4382
+ str += JSON.stringify(key) + ":" + propVal;
4383
+ }
4384
+ i++;
4385
+ }
4386
+ return "{" + str + "}";
4387
+ } else {
4388
+ return JSON.stringify(val);
4389
+ }
4390
+ }
4391
+ case "function":
4392
+ case "undefined":
4393
+ return isArrayProp ? null : void 0;
4394
+ case "bigint":
4395
+ return `${val.toString()}n`;
4396
+ case "string":
4397
+ return JSON.stringify(val);
4398
+ default:
4399
+ return isFinite(val) ? val : null;
4400
+ }
4401
+ }
4402
+ function index_default(val) {
4403
+ const returnVal = stringify(val, false);
4404
+ if (returnVal !== void 0) {
4405
+ return "" + returnVal;
4406
+ }
4407
+ }
4408
+
4409
+ // node_modules/@solana/rpc/dist/index.node.mjs
4410
+ function createSolanaJsonRpcIntegerOverflowError(methodName, keyPath, value) {
4411
+ let argumentLabel = "";
4412
+ if (typeof keyPath[0] === "number") {
4413
+ const argPosition = keyPath[0] + 1;
4414
+ const lastDigit = argPosition % 10;
4415
+ const lastTwoDigits = argPosition % 100;
4416
+ if (lastDigit == 1 && lastTwoDigits != 11) {
4417
+ argumentLabel = argPosition + "st";
4418
+ } else if (lastDigit == 2 && lastTwoDigits != 12) {
4419
+ argumentLabel = argPosition + "nd";
4420
+ } else if (lastDigit == 3 && lastTwoDigits != 13) {
4421
+ argumentLabel = argPosition + "rd";
4422
+ } else {
4423
+ argumentLabel = argPosition + "th";
4424
+ }
4425
+ } else {
4426
+ argumentLabel = `\`${keyPath[0].toString()}\``;
4427
+ }
4428
+ const path = keyPath.length > 1 ? keyPath.slice(1).map((pathPart) => typeof pathPart === "number" ? `[${pathPart}]` : pathPart).join(".") : void 0;
4429
+ const error = new SolanaError4(SOLANA_ERROR__RPC__INTEGER_OVERFLOW4, {
4430
+ argumentLabel,
4431
+ keyPath,
4432
+ methodName,
4433
+ optionalPathLabel: path ? ` at path \`${path}\`` : "",
4434
+ value,
4435
+ ...path !== void 0 ? { path } : void 0
4436
+ });
4437
+ safeCaptureStackTrace2(error, createSolanaJsonRpcIntegerOverflowError);
4438
+ return error;
4439
+ }
4440
+ var DEFAULT_RPC_CONFIG = {
4441
+ defaultCommitment: "confirmed",
4442
+ onIntegerOverflow(request, keyPath, value) {
4443
+ throw createSolanaJsonRpcIntegerOverflowError(request.methodName, keyPath, value);
4444
+ }
4445
+ };
4446
+ var e2 = class extends globalThis.AbortController {
4447
+ constructor(...t) {
4448
+ super(...t), (0, import_events.setMaxListeners)(Number.MAX_SAFE_INTEGER, this.signal);
4421
4449
  }
4422
- let state;
4423
- function commitStateUpTo(endIndex) {
4424
- if (state[TYPE5] === 2) {
4425
- const variableName = messageFormatString.slice(state[START_INDEX5] + 1, endIndex);
4426
- fragments.push(
4427
- variableName in context ? (
4428
- // eslint-disable-next-line @typescript-eslint/restrict-template-expressions
4429
- `${context[variableName]}`
4430
- ) : `$${variableName}`
4431
- );
4432
- } else if (state[TYPE5] === 1) {
4433
- fragments.push(messageFormatString.slice(state[START_INDEX5], endIndex));
4450
+ };
4451
+ var EXPLICIT_ABORT_TOKEN;
4452
+ function createExplicitAbortToken() {
4453
+ return process.env.NODE_ENV !== "production" ? {
4454
+ EXPLICIT_ABORT_TOKEN: "This object is thrown from the request that underlies a series of coalesced requests when the last request in that series aborts"
4455
+ } : {};
4456
+ }
4457
+ function getRpcTransportWithRequestCoalescing(transport, getDeduplicationKey) {
4458
+ let coalescedRequestsByDeduplicationKey;
4459
+ return async function makeCoalescedHttpRequest(request) {
4460
+ const { payload, signal } = request;
4461
+ const deduplicationKey = getDeduplicationKey(payload);
4462
+ if (deduplicationKey === void 0) {
4463
+ return await transport(request);
4464
+ }
4465
+ if (!coalescedRequestsByDeduplicationKey) {
4466
+ queueMicrotask(() => {
4467
+ coalescedRequestsByDeduplicationKey = void 0;
4468
+ });
4469
+ coalescedRequestsByDeduplicationKey = {};
4470
+ }
4471
+ if (coalescedRequestsByDeduplicationKey[deduplicationKey] == null) {
4472
+ const abortController = new e2();
4473
+ const responsePromise = (async () => {
4474
+ try {
4475
+ return await transport({
4476
+ ...request,
4477
+ signal: abortController.signal
4478
+ });
4479
+ } catch (e22) {
4480
+ if (e22 === (EXPLICIT_ABORT_TOKEN ||= createExplicitAbortToken())) {
4481
+ return;
4482
+ }
4483
+ throw e22;
4484
+ }
4485
+ })();
4486
+ coalescedRequestsByDeduplicationKey[deduplicationKey] = {
4487
+ abortController,
4488
+ numConsumers: 0,
4489
+ responsePromise
4490
+ };
4491
+ }
4492
+ const coalescedRequest = coalescedRequestsByDeduplicationKey[deduplicationKey];
4493
+ coalescedRequest.numConsumers++;
4494
+ if (signal) {
4495
+ const responsePromise = coalescedRequest.responsePromise;
4496
+ return await new Promise((resolve, reject) => {
4497
+ const handleAbort = (e22) => {
4498
+ signal.removeEventListener("abort", handleAbort);
4499
+ coalescedRequest.numConsumers -= 1;
4500
+ queueMicrotask(() => {
4501
+ if (coalescedRequest.numConsumers === 0) {
4502
+ const abortController = coalescedRequest.abortController;
4503
+ abortController.abort(EXPLICIT_ABORT_TOKEN ||= createExplicitAbortToken());
4504
+ }
4505
+ });
4506
+ reject(e22.target.reason);
4507
+ };
4508
+ signal.addEventListener("abort", handleAbort);
4509
+ responsePromise.then(resolve).catch(reject).finally(() => {
4510
+ signal.removeEventListener("abort", handleAbort);
4511
+ });
4512
+ });
4513
+ } else {
4514
+ return await coalescedRequest.responsePromise;
4434
4515
  }
4516
+ };
4517
+ }
4518
+ function getSolanaRpcPayloadDeduplicationKey(payload) {
4519
+ return isJsonRpcPayload(payload) ? index_default([payload.method, payload.params]) : void 0;
4520
+ }
4521
+ function normalizeHeaders2(headers) {
4522
+ const out = {};
4523
+ for (const headerName in headers) {
4524
+ out[headerName.toLowerCase()] = headers[headerName];
4525
+ }
4526
+ return out;
4527
+ }
4528
+ function createDefaultRpcTransport(config) {
4529
+ return pipe(
4530
+ createHttpTransportForSolanaRpc({
4531
+ ...config,
4532
+ headers: {
4533
+ ...{
4534
+ // Keep these headers lowercase so they will be overridden by any user-supplied headers below.
4535
+ "accept-encoding": (
4536
+ // Natively supported by Node LTS v20.18.0 and above.
4537
+ "br,gzip,deflate"
4538
+ )
4539
+ // Brotli, gzip, and Deflate, in that order.
4540
+ },
4541
+ ...config.headers ? normalizeHeaders2(config.headers) : void 0,
4542
+ ...{
4543
+ // Keep these headers lowercase so they will override any user-supplied headers above.
4544
+ "solana-client": `js/${"2.3.0"}`
4545
+ }
4546
+ }
4547
+ }),
4548
+ (transport) => getRpcTransportWithRequestCoalescing(transport, getSolanaRpcPayloadDeduplicationKey)
4549
+ );
4550
+ }
4551
+ function createSolanaRpc(clusterUrl, config) {
4552
+ return createSolanaRpcFromTransport(createDefaultRpcTransport({ url: clusterUrl, ...config }));
4553
+ }
4554
+ function createSolanaRpcFromTransport(transport) {
4555
+ return createRpc({
4556
+ api: createSolanaRpcApi(DEFAULT_RPC_CONFIG),
4557
+ transport
4558
+ });
4559
+ }
4560
+
4561
+ // src/instructions/swigBundle.ts
4562
+ var bs58Module = __toESM(require("bs58"), 1);
4563
+ var import_web34 = require("@solana/web3.js");
4564
+ var bs58 = bs58Module.default ?? bs58Module;
4565
+ var SWIG_ID_DOMAIN = "dexter-swig-id:v1:";
4566
+ var DEFAULT_SESSION_TTL_SECONDS = BigInt(30 * 24 * 60 * 60);
4567
+ var DEFAULT_SPEND_LIMIT_ATOMIC = BigInt(1e9);
4568
+ var SWIG_PROGRAM_EXEC_PREFIX = new Uint8Array([
4569
+ 178,
4570
+ 87,
4571
+ 206,
4572
+ 68,
4573
+ 201,
4574
+ 186,
4575
+ 164,
4576
+ 232
4577
+ ]);
4578
+ var SWIG_PROGRAM_EXEC_PREFIX_SETTLE_TAB = new Uint8Array([
4579
+ 173,
4580
+ 22,
4581
+ 98,
4582
+ 31,
4583
+ 110,
4584
+ 129,
4585
+ 59,
4586
+ 161
4587
+ ]);
4588
+ var SWIG_PROGRAM_EXEC_MARKERS = [
4589
+ SWIG_PROGRAM_EXEC_PREFIX,
4590
+ SWIG_PROGRAM_EXEC_PREFIX_SETTLE_TAB
4591
+ ];
4592
+ function deriveSwigId(identitySeed, hmacKey) {
4593
+ if (hmacKey.length !== 32) {
4594
+ throw new Error(`hmacKey must be 32 bytes, got ${hmacKey.length}`);
4435
4595
  }
4436
- const fragments = [];
4437
- messageFormatString.split("").forEach((char, ii) => {
4438
- if (ii === 0) {
4439
- state = {
4440
- [START_INDEX5]: 0,
4441
- [TYPE5]: messageFormatString[0] === "\\" ? 0 : messageFormatString[0] === "$" ? 2 : 1
4442
- /* Text */
4443
- };
4444
- return;
4445
- }
4446
- let nextState;
4447
- switch (state[TYPE5]) {
4448
- case 0:
4449
- nextState = {
4450
- [START_INDEX5]: ii,
4451
- [TYPE5]: 1
4452
- /* Text */
4596
+ return (0, import_node_crypto.createHmac)("sha256", Buffer.from(hmacKey)).update(SWIG_ID_DOMAIN).update(Buffer.from(identitySeed)).digest();
4597
+ }
4598
+ async function buildSwigCreationBundle(params) {
4599
+ const {
4600
+ feePayer,
4601
+ dexterMasterPubkey,
4602
+ identitySeed,
4603
+ hmacKey,
4604
+ sessionTtlSeconds = DEFAULT_SESSION_TTL_SECONDS,
4605
+ spendLimitAtomic = DEFAULT_SPEND_LIMIT_ATOMIC
4606
+ } = params;
4607
+ const swigId = deriveSwigId(identitySeed, hmacKey);
4608
+ const swigPda = await (0, import_kit.findSwigPda)(swigId);
4609
+ const swigAddressStr = String(swigPda);
4610
+ const feePayerBytes = bs58.decode(feePayer);
4611
+ const vaultProgramIdBytes = Uint8Array.from(DEXTER_VAULT_PROGRAM_ID.toBytes());
4612
+ const dexterPubkeyBytes = bs58.decode(dexterMasterPubkey);
4613
+ const bootstrapAuthorityInfo = (0, import_lib.createEd25519AuthorityInfo)(feePayerBytes);
4614
+ const bootstrapActions = import_lib.Actions.set().manageAuthority().get();
4615
+ const vaultAuthorityInfo = (0, import_lib.createProgramExecAuthorityInfo)(
4616
+ vaultProgramIdBytes,
4617
+ SWIG_PROGRAM_EXEC_PREFIX
4618
+ );
4619
+ const vaultActions = import_lib.Actions.set().all().get();
4620
+ const vaultTabSettleAuthorityInfo = (0, import_lib.createProgramExecAuthorityInfo)(
4621
+ vaultProgramIdBytes,
4622
+ SWIG_PROGRAM_EXEC_PREFIX_SETTLE_TAB
4623
+ );
4624
+ const vaultTabSettleActions = import_lib.Actions.set().all().get();
4625
+ const sessionAuthorityInfo = (0, import_lib.createEd25519SessionAuthorityInfo)(
4626
+ dexterPubkeyBytes,
4627
+ sessionTtlSeconds
4628
+ );
4629
+ const sessionActions = import_lib.Actions.set().tokenLimit({ mint: bs58.decode(USDC_MAINNET), amount: spendLimitAtomic }).programAll().get();
4630
+ const builder = (0, import_lib.getCreateSwigWithMultipleAuthoritiesInstructionContextBuilder)({
4631
+ payer: address(feePayer),
4632
+ swigAddress: address(swigAddressStr),
4633
+ id: swigId,
4634
+ actions: bootstrapActions,
4635
+ authorityInfo: bootstrapAuthorityInfo,
4636
+ options: {}
4637
+ }).addAuthority(vaultAuthorityInfo, vaultActions).addAuthority(sessionAuthorityInfo, sessionActions).addAuthority(vaultTabSettleAuthorityInfo, vaultTabSettleActions);
4638
+ const contexts = await builder.getInstructionContexts();
4639
+ const instructions = contexts.flatMap((ctx) => (0, import_kit.getInstructionsFromContext)(ctx));
4640
+ return {
4641
+ swigAddress: swigAddressStr,
4642
+ swigIdBase58: bs58.encode(swigId),
4643
+ instructions
4644
+ };
4645
+ }
4646
+ async function expectedSwigAddressFor(identitySeed, hmacKey) {
4647
+ const swigId = deriveSwigId(identitySeed, hmacKey);
4648
+ return String(await (0, import_kit.findSwigPda)(swigId));
4649
+ }
4650
+ async function verifySwigIsOurs(params) {
4651
+ const { swigAddress, identitySeed, hmacKey, dexterMasterPubkey, rpcEndpoint } = params;
4652
+ const expected = await expectedSwigAddressFor(identitySeed, hmacKey);
4653
+ if (swigAddress !== expected) {
4654
+ return {
4655
+ ok: false,
4656
+ reason: `swig_address_mismatch: expected ${expected}, got ${swigAddress}`
4657
+ };
4658
+ }
4659
+ try {
4660
+ const rpc = createSolanaRpc(rpcEndpoint);
4661
+ const swig = await (0, import_kit.fetchNullableSwig)(rpc, address(swigAddress));
4662
+ if (swig) {
4663
+ const ourRoles = swig.findRolesByAuthorityAddress(bs58.decode(dexterMasterPubkey));
4664
+ if (!ourRoles || ourRoles.length === 0) {
4665
+ return {
4666
+ ok: false,
4667
+ reason: "swig_missing_session_master_role"
4453
4668
  };
4454
- break;
4455
- case 1:
4456
- if (char === "\\") {
4457
- nextState = {
4458
- [START_INDEX5]: ii,
4459
- [TYPE5]: 0
4460
- /* EscapeSequence */
4461
- };
4462
- } else if (char === "$") {
4463
- nextState = {
4464
- [START_INDEX5]: ii,
4465
- [TYPE5]: 2
4466
- /* Variable */
4467
- };
4468
- }
4469
- break;
4470
- case 2:
4471
- if (char === "\\") {
4472
- nextState = {
4473
- [START_INDEX5]: ii,
4474
- [TYPE5]: 0
4475
- /* EscapeSequence */
4476
- };
4477
- } else if (char === "$") {
4478
- nextState = {
4479
- [START_INDEX5]: ii,
4480
- [TYPE5]: 2
4481
- /* Variable */
4482
- };
4483
- } else if (!char.match(/\w/)) {
4484
- nextState = {
4485
- [START_INDEX5]: ii,
4486
- [TYPE5]: 1
4487
- /* Text */
4488
- };
4489
- }
4490
- break;
4491
- }
4492
- if (nextState) {
4493
- if (state !== nextState) {
4494
- commitStateUpTo(ii);
4495
4669
  }
4496
- state = nextState;
4497
4670
  }
4671
+ } catch {
4672
+ }
4673
+ return { ok: true };
4674
+ }
4675
+ function deriveVaultPda(supabaseUserId) {
4676
+ if (supabaseUserId.length !== 16) {
4677
+ throw new Error("supabaseUserId must be 16 bytes (UUID v4)");
4678
+ }
4679
+ const [pda, bump] = import_web34.PublicKey.findProgramAddressSync(
4680
+ [Buffer.from("vault"), Buffer.from(supabaseUserId)],
4681
+ DEXTER_VAULT_PROGRAM_ID
4682
+ );
4683
+ return { pda, bump };
4684
+ }
4685
+
4686
+ // src/instructions/setSwigAtomic.ts
4687
+ var SET_SWIG_ATOMIC_DISCRIMINATOR = new Uint8Array([
4688
+ 119,
4689
+ 111,
4690
+ 247,
4691
+ 215,
4692
+ 190,
4693
+ 3,
4694
+ 170,
4695
+ 23
4696
+ ]);
4697
+ function buildSetSwigAtomicInstruction(params) {
4698
+ if (params.swigId.length !== 32) {
4699
+ throw new Error(`swigId must be 32 bytes, got ${params.swigId.length}`);
4700
+ }
4701
+ if (params.authenticatorData.length < 37) {
4702
+ throw new Error(`authenticatorData must be at least 37 bytes`);
4703
+ }
4704
+ const cdj = params.clientDataJSON;
4705
+ const ad = params.authenticatorData;
4706
+ const dataLen = 8 + // discriminator
4707
+ 32 + // swig_id
4708
+ 1 + // swig_account_bump
4709
+ 1 + // swig_wallet_address_bump
4710
+ 32 + // dexter_master_pubkey
4711
+ 4 + cdj.length + // client_data_json (len-prefixed)
4712
+ 4 + ad.length;
4713
+ const data = new Uint8Array(dataLen);
4714
+ const view = new DataView(data.buffer);
4715
+ let off = 0;
4716
+ data.set(SET_SWIG_ATOMIC_DISCRIMINATOR, off);
4717
+ off += 8;
4718
+ data.set(params.swigId, off);
4719
+ off += 32;
4720
+ data[off++] = params.swigAccountBump;
4721
+ data[off++] = params.swigWalletAddressBump;
4722
+ data.set(params.dexterMasterPubkey.toBytes(), off);
4723
+ off += 32;
4724
+ view.setUint32(off, cdj.length, true);
4725
+ off += 4;
4726
+ data.set(cdj, off);
4727
+ off += cdj.length;
4728
+ view.setUint32(off, ad.length, true);
4729
+ off += 4;
4730
+ data.set(ad, off);
4731
+ off += ad.length;
4732
+ if (off !== dataLen) throw new Error(`internal: byte offset mismatch (${off} vs ${dataLen})`);
4733
+ return new import_web35.TransactionInstruction({
4734
+ programId: DEXTER_VAULT_PROGRAM_ID,
4735
+ keys: [
4736
+ { pubkey: params.vaultPda, isSigner: false, isWritable: true },
4737
+ { pubkey: params.feePayer, isSigner: true, isWritable: true },
4738
+ { pubkey: params.swigAddress, isSigner: false, isWritable: true },
4739
+ { pubkey: params.swigWalletAddress, isSigner: false, isWritable: true },
4740
+ { pubkey: SWIG_PROGRAM_ID, isSigner: false, isWritable: false },
4741
+ { pubkey: import_web35.SystemProgram.programId, isSigner: false, isWritable: true },
4742
+ { pubkey: import_web35.SYSVAR_INSTRUCTIONS_PUBKEY, isSigner: false, isWritable: false }
4743
+ ],
4744
+ data: Buffer.from(data)
4498
4745
  });
4499
- commitStateUpTo();
4500
- return fragments.join("");
4501
4746
  }
4502
- function getErrorMessage5(code, context = {}) {
4503
- if (process.env.NODE_ENV !== "production") {
4504
- return getHumanReadableErrorMessage5(code, context);
4505
- } else {
4506
- let decodingAdviceMessage = `Solana error #${code}; Decode this error by running \`npx @solana/errors decode -- ${code}`;
4507
- if (Object.keys(context).length) {
4508
- decodingAdviceMessage += ` '${encodeContextObject5(context)}'`;
4509
- }
4510
- return `${decodingAdviceMessage}\``;
4747
+ function buildSetSwigAtomicFromIdentity(params) {
4748
+ const swigId = Uint8Array.from(
4749
+ deriveSwigId(params.identitySeed, params.hmacKey)
4750
+ );
4751
+ const [swigAddress, swigAccountBump] = import_web35.PublicKey.findProgramAddressSync(
4752
+ [Buffer.from(swigId)],
4753
+ SWIG_PROGRAM_ID
4754
+ );
4755
+ const [swigWalletAddress, swigWalletAddressBump] = import_web35.PublicKey.findProgramAddressSync(
4756
+ [swigAddress.toBytes()],
4757
+ SWIG_PROGRAM_ID
4758
+ );
4759
+ return buildSetSwigAtomicInstruction({
4760
+ vaultPda: params.vaultPda,
4761
+ swigAddress,
4762
+ swigWalletAddress,
4763
+ feePayer: params.feePayer,
4764
+ dexterMasterPubkey: params.dexterMasterPubkey,
4765
+ swigId,
4766
+ swigAccountBump,
4767
+ swigWalletAddressBump,
4768
+ clientDataJSON: params.clientDataJSON,
4769
+ authenticatorData: params.authenticatorData
4770
+ });
4771
+ }
4772
+
4773
+ // src/instructions/registerSession.ts
4774
+ var import_web36 = require("@solana/web3.js");
4775
+ function encodeU64LE(value) {
4776
+ const buf = new Uint8Array(8);
4777
+ new DataView(buf.buffer).setBigUint64(0, value, true);
4778
+ return buf;
4779
+ }
4780
+ function encodeI64LE(value) {
4781
+ const buf = new Uint8Array(8);
4782
+ new DataView(buf.buffer).setBigInt64(0, value, true);
4783
+ return buf;
4784
+ }
4785
+ function encodeU32LE(value) {
4786
+ const buf = new Uint8Array(4);
4787
+ new DataView(buf.buffer).setUint32(0, value >>> 0, true);
4788
+ return buf;
4789
+ }
4790
+ function encodeVecU8(bytes) {
4791
+ const out = new Uint8Array(4 + bytes.length);
4792
+ new DataView(out.buffer).setUint32(0, bytes.length >>> 0, true);
4793
+ out.set(bytes, 4);
4794
+ return out;
4795
+ }
4796
+ function concatBytes(...parts) {
4797
+ const total = parts.reduce((n, p) => n + p.length, 0);
4798
+ const out = new Uint8Array(total);
4799
+ let o2 = 0;
4800
+ for (const p of parts) {
4801
+ out.set(p, o2);
4802
+ o2 += p.length;
4511
4803
  }
4804
+ return out;
4512
4805
  }
4513
- var SolanaError5 = class extends Error {
4514
- /**
4515
- * Indicates the root cause of this {@link SolanaError}, if any.
4516
- *
4517
- * For example, a transaction error might have an instruction error as its root cause. In this
4518
- * case, you will be able to access the instruction error on the transaction error as `cause`.
4519
- */
4520
- cause = this.cause;
4521
- /**
4522
- * Contains context that can assist in understanding or recovering from a {@link SolanaError}.
4523
- */
4524
- context;
4525
- constructor(...[code, contextAndErrorOptions]) {
4526
- let context;
4527
- let errorOptions;
4528
- if (contextAndErrorOptions) {
4529
- const { cause, ...contextRest } = contextAndErrorOptions;
4530
- if (cause) {
4531
- errorOptions = { cause };
4532
- }
4533
- if (Object.keys(contextRest).length > 0) {
4534
- context = contextRest;
4535
- }
4536
- }
4537
- const message = getErrorMessage5(code, context);
4538
- super(message, errorOptions);
4539
- this.context = {
4540
- __code: code,
4541
- ...context
4542
- };
4543
- this.name = "SolanaError";
4806
+ function buildRegisterSessionKeyInstruction(args) {
4807
+ if (args.sessionPubkey.length !== 32) {
4808
+ throw new Error(`sessionPubkey must be 32 bytes, got ${args.sessionPubkey.length}`);
4544
4809
  }
4545
- };
4546
-
4547
- // node_modules/@solana/rpc-transport-http/dist/index.node.mjs
4548
- var DISALLOWED_HEADERS = {
4549
- accept: true,
4550
- "content-length": true,
4551
- "content-type": true
4552
- };
4553
- var FORBIDDEN_HEADERS = /* @__PURE__ */ Object.assign(
4554
- {
4555
- "accept-charset": true,
4556
- "access-control-request-headers": true,
4557
- "access-control-request-method": true,
4558
- connection: true,
4559
- "content-length": true,
4560
- cookie: true,
4561
- date: true,
4562
- dnt: true,
4563
- expect: true,
4564
- host: true,
4565
- "keep-alive": true,
4566
- origin: true,
4567
- "permissions-policy": true,
4568
- // Prefix matching is implemented in code, below.
4569
- // 'proxy-': true,
4570
- // 'sec-': true,
4571
- referer: true,
4572
- te: true,
4573
- trailer: true,
4574
- "transfer-encoding": true,
4575
- upgrade: true,
4576
- via: true
4577
- },
4578
- void 0
4579
- );
4580
- function assertIsAllowedHttpRequestHeaders(headers) {
4581
- const badHeaders = Object.keys(headers).filter((headerName) => {
4582
- const lowercaseHeaderName = headerName.toLowerCase();
4583
- return DISALLOWED_HEADERS[headerName.toLowerCase()] === true || FORBIDDEN_HEADERS[headerName.toLowerCase()] === true || lowercaseHeaderName.startsWith("proxy-") || lowercaseHeaderName.startsWith("sec-");
4810
+ const data = concatBytes(
4811
+ DISCRIMINATORS.register_session_key,
4812
+ args.sessionPubkey,
4813
+ encodeU64LE(args.maxAmount),
4814
+ encodeI64LE(args.expiresAt),
4815
+ args.allowedCounterparty.toBytes(),
4816
+ encodeU32LE(args.nonce),
4817
+ encodeVecU8(args.clientDataJSON),
4818
+ encodeVecU8(args.authenticatorData)
4819
+ );
4820
+ return new import_web36.TransactionInstruction({
4821
+ keys: [
4822
+ { pubkey: args.vaultPda, isSigner: false, isWritable: true },
4823
+ { pubkey: INSTRUCTIONS_SYSVAR_ID, isSigner: false, isWritable: false }
4824
+ ],
4825
+ programId: DEXTER_VAULT_PROGRAM_ID,
4826
+ data: Buffer.from(data)
4584
4827
  });
4585
- if (badHeaders.length > 0) {
4586
- throw new SolanaError5(SOLANA_ERROR__RPC__TRANSPORT_HTTP_HEADER_FORBIDDEN5, {
4587
- headers: badHeaders
4588
- });
4589
- }
4590
4828
  }
4591
- function normalizeHeaders(headers) {
4592
- const out = {};
4593
- for (const headerName in headers) {
4594
- out[headerName.toLowerCase()] = headers[headerName];
4595
- }
4829
+
4830
+ // src/instructions/revokeSession.ts
4831
+ var import_web37 = require("@solana/web3.js");
4832
+ function encodeVecU82(bytes) {
4833
+ const out = new Uint8Array(4 + bytes.length);
4834
+ new DataView(out.buffer).setUint32(0, bytes.length >>> 0, true);
4835
+ out.set(bytes, 4);
4596
4836
  return out;
4597
4837
  }
4598
- function createHttpTransport(config) {
4599
- if (process.env.NODE_ENV !== "production" && false) ;
4600
- const { fromJson, headers, toJson, url } = config;
4601
- if (process.env.NODE_ENV !== "production" && headers) {
4602
- assertIsAllowedHttpRequestHeaders(headers);
4603
- }
4604
- let dispatcherConfig;
4605
- if ("dispatcher_NODE_ONLY" in config) {
4606
- dispatcherConfig = { dispatcher: config.dispatcher_NODE_ONLY };
4838
+ function concatBytes2(...parts) {
4839
+ const total = parts.reduce((n, p) => n + p.length, 0);
4840
+ const out = new Uint8Array(total);
4841
+ let o2 = 0;
4842
+ for (const p of parts) {
4843
+ out.set(p, o2);
4844
+ o2 += p.length;
4607
4845
  }
4608
- const customHeaders = headers && normalizeHeaders(headers);
4609
- return async function makeHttpRequest({
4610
- payload,
4611
- signal
4612
- }) {
4613
- const body = toJson ? toJson(payload) : JSON.stringify(payload);
4614
- const requestInfo = {
4615
- ...dispatcherConfig,
4616
- body,
4617
- headers: {
4618
- ...customHeaders,
4619
- // Keep these headers lowercase so they will override any user-supplied headers above.
4620
- accept: "application/json",
4621
- "content-length": body.length.toString(),
4622
- "content-type": "application/json; charset=utf-8"
4623
- },
4624
- method: "POST",
4625
- signal
4626
- };
4627
- const response = await fetch(url, requestInfo);
4628
- if (!response.ok) {
4629
- throw new SolanaError5(SOLANA_ERROR__RPC__TRANSPORT_HTTP_ERROR5, {
4630
- headers: response.headers,
4631
- message: response.statusText,
4632
- statusCode: response.status
4633
- });
4634
- }
4635
- if (fromJson) {
4636
- return fromJson(await response.text(), payload);
4637
- }
4638
- return await response.json();
4639
- };
4846
+ return out;
4640
4847
  }
4641
- var SOLANA_RPC_METHODS = [
4642
- "getAccountInfo",
4643
- "getBalance",
4644
- "getBlock",
4645
- "getBlockCommitment",
4646
- "getBlockHeight",
4647
- "getBlockProduction",
4648
- "getBlocks",
4649
- "getBlocksWithLimit",
4650
- "getBlockTime",
4651
- "getClusterNodes",
4652
- "getEpochInfo",
4653
- "getEpochSchedule",
4654
- "getFeeForMessage",
4655
- "getFirstAvailableBlock",
4656
- "getGenesisHash",
4657
- "getHealth",
4658
- "getHighestSnapshotSlot",
4659
- "getIdentity",
4660
- "getInflationGovernor",
4661
- "getInflationRate",
4662
- "getInflationReward",
4663
- "getLargestAccounts",
4664
- "getLatestBlockhash",
4665
- "getLeaderSchedule",
4666
- "getMaxRetransmitSlot",
4667
- "getMaxShredInsertSlot",
4668
- "getMinimumBalanceForRentExemption",
4669
- "getMultipleAccounts",
4670
- "getProgramAccounts",
4671
- "getRecentPerformanceSamples",
4672
- "getRecentPrioritizationFees",
4673
- "getSignaturesForAddress",
4674
- "getSignatureStatuses",
4675
- "getSlot",
4676
- "getSlotLeader",
4677
- "getSlotLeaders",
4678
- "getStakeMinimumDelegation",
4679
- "getSupply",
4680
- "getTokenAccountBalance",
4681
- "getTokenAccountsByDelegate",
4682
- "getTokenAccountsByOwner",
4683
- "getTokenLargestAccounts",
4684
- "getTokenSupply",
4685
- "getTransaction",
4686
- "getTransactionCount",
4687
- "getVersion",
4688
- "getVoteAccounts",
4689
- "index",
4690
- "isBlockhashValid",
4691
- "minimumLedgerSlot",
4692
- "requestAirdrop",
4693
- "sendTransaction",
4694
- "simulateTransaction"
4695
- ];
4696
- function isSolanaRequest(payload) {
4697
- return isJsonRpcPayload(payload) && SOLANA_RPC_METHODS.includes(payload.method);
4848
+ function buildRevokeSessionKeyInstruction(args) {
4849
+ const data = concatBytes2(
4850
+ DISCRIMINATORS.revoke_session_key,
4851
+ encodeVecU82(args.clientDataJSON),
4852
+ encodeVecU82(args.authenticatorData)
4853
+ );
4854
+ return new import_web37.TransactionInstruction({
4855
+ keys: [
4856
+ { pubkey: args.vaultPda, isSigner: false, isWritable: true },
4857
+ { pubkey: INSTRUCTIONS_SYSVAR_ID, isSigner: false, isWritable: false }
4858
+ ],
4859
+ programId: DEXTER_VAULT_PROGRAM_ID,
4860
+ data: Buffer.from(data)
4861
+ });
4698
4862
  }
4699
- function createHttpTransportForSolanaRpc(config) {
4700
- return createHttpTransport({
4701
- ...config,
4702
- fromJson: (rawResponse, payload) => isSolanaRequest(payload) ? parseJsonWithBigInts(rawResponse) : JSON.parse(rawResponse),
4703
- toJson: (payload) => isSolanaRequest(payload) ? stringifyJsonWithBigints(payload) : JSON.stringify(payload)
4863
+
4864
+ // src/instructions/settleVoucher.ts
4865
+ var import_web38 = require("@solana/web3.js");
4866
+ function encodeU64(value) {
4867
+ const out = Buffer.alloc(8);
4868
+ out.writeBigUInt64LE(value, 0);
4869
+ return out;
4870
+ }
4871
+ function encodeBool(value) {
4872
+ return Buffer.from([value ? 1 : 0]);
4873
+ }
4874
+ function buildSettleVoucherInstruction(p) {
4875
+ const argsBuf = Buffer.concat([encodeU64(p.amount), encodeBool(p.increment)]);
4876
+ const data = Buffer.concat([Buffer.from(DISCRIMINATORS.settle_voucher), argsBuf]);
4877
+ return new import_web38.TransactionInstruction({
4878
+ programId: DEXTER_VAULT_PROGRAM_ID,
4879
+ keys: [
4880
+ { pubkey: p.vaultPda, isSigner: false, isWritable: true },
4881
+ { pubkey: p.dexterAuthority, isSigner: true, isWritable: false }
4882
+ ],
4883
+ data
4704
4884
  });
4705
4885
  }
4706
4886
 
4707
- // node_modules/@solana/rpc/dist/index.node.mjs
4708
- var import_events = require("events");
4887
+ // src/instructions/settleTabVoucher.ts
4888
+ var import_web310 = require("@solana/web3.js");
4709
4889
 
4710
- // node_modules/@solana/fast-stable-stringify/dist/index.node.mjs
4711
- var objToString = Object.prototype.toString;
4712
- var objKeys = Object.keys || function(obj) {
4713
- const keys = [];
4714
- for (const name in obj) {
4715
- keys.push(name);
4716
- }
4717
- return keys;
4718
- };
4719
- function stringify(val, isArrayProp) {
4720
- let i, max, str, keys, key, propVal, toStr;
4721
- if (val === true) {
4722
- return "true";
4723
- }
4724
- if (val === false) {
4725
- return "false";
4726
- }
4727
- switch (typeof val) {
4728
- case "object":
4729
- if (val === null) {
4730
- return null;
4731
- } else if ("toJSON" in val && typeof val.toJSON === "function") {
4732
- return stringify(val.toJSON(), isArrayProp);
4733
- } else {
4734
- toStr = objToString.call(val);
4735
- if (toStr === "[object Array]") {
4736
- str = "[";
4737
- max = val.length - 1;
4738
- for (i = 0; i < max; i++) {
4739
- str += stringify(val[i], true) + ",";
4740
- }
4741
- if (max > -1) {
4742
- str += stringify(val[i], true);
4743
- }
4744
- return str + "]";
4745
- } else if (toStr === "[object Object]") {
4746
- keys = objKeys(val).sort();
4747
- max = keys.length;
4748
- str = "";
4749
- i = 0;
4750
- while (i < max) {
4751
- key = keys[i];
4752
- propVal = stringify(val[key], false);
4753
- if (propVal !== void 0) {
4754
- if (str) {
4755
- str += ",";
4756
- }
4757
- str += JSON.stringify(key) + ":" + propVal;
4758
- }
4759
- i++;
4760
- }
4761
- return "{" + str + "}";
4762
- } else {
4763
- return JSON.stringify(val);
4764
- }
4765
- }
4766
- case "function":
4767
- case "undefined":
4768
- return isArrayProp ? null : void 0;
4769
- case "bigint":
4770
- return `${val.toString()}n`;
4771
- case "string":
4772
- return JSON.stringify(val);
4773
- default:
4774
- return isFinite(val) ? val : null;
4775
- }
4890
+ // src/instructions/withdraw.ts
4891
+ var import_web39 = require("@solana/web3.js");
4892
+ function encodeBytesVec2(buf) {
4893
+ const out = Buffer.alloc(4 + buf.length);
4894
+ out.writeUInt32LE(buf.length, 0);
4895
+ Buffer.from(buf).copy(out, 4);
4896
+ return out;
4776
4897
  }
4777
- function index_default(val) {
4778
- const returnVal = stringify(val, false);
4779
- if (returnVal !== void 0) {
4780
- return "" + returnVal;
4781
- }
4898
+ function encodeU642(value) {
4899
+ const out = Buffer.alloc(8);
4900
+ out.writeBigUInt64LE(value, 0);
4901
+ return out;
4782
4902
  }
4783
-
4784
- // node_modules/@solana/rpc/dist/index.node.mjs
4785
- function createSolanaJsonRpcIntegerOverflowError(methodName, keyPath, value) {
4786
- let argumentLabel = "";
4787
- if (typeof keyPath[0] === "number") {
4788
- const argPosition = keyPath[0] + 1;
4789
- const lastDigit = argPosition % 10;
4790
- const lastTwoDigits = argPosition % 100;
4791
- if (lastDigit == 1 && lastTwoDigits != 11) {
4792
- argumentLabel = argPosition + "st";
4793
- } else if (lastDigit == 2 && lastTwoDigits != 12) {
4794
- argumentLabel = argPosition + "nd";
4795
- } else if (lastDigit == 3 && lastTwoDigits != 13) {
4796
- argumentLabel = argPosition + "rd";
4797
- } else {
4798
- argumentLabel = argPosition + "th";
4799
- }
4800
- } else {
4801
- argumentLabel = `\`${keyPath[0].toString()}\``;
4802
- }
4803
- const path = keyPath.length > 1 ? keyPath.slice(1).map((pathPart) => typeof pathPart === "number" ? `[${pathPart}]` : pathPart).join(".") : void 0;
4804
- const error = new SolanaError4(SOLANA_ERROR__RPC__INTEGER_OVERFLOW4, {
4805
- argumentLabel,
4806
- keyPath,
4807
- methodName,
4808
- optionalPathLabel: path ? ` at path \`${path}\`` : "",
4809
- value,
4810
- ...path !== void 0 ? { path } : void 0
4811
- });
4812
- safeCaptureStackTrace2(error, createSolanaJsonRpcIntegerOverflowError);
4813
- return error;
4903
+ function encodeI64(value) {
4904
+ const out = Buffer.alloc(8);
4905
+ out.writeBigInt64LE(value, 0);
4906
+ return out;
4814
4907
  }
4815
- var DEFAULT_RPC_CONFIG = {
4816
- defaultCommitment: "confirmed",
4817
- onIntegerOverflow(request, keyPath, value) {
4818
- throw createSolanaJsonRpcIntegerOverflowError(request.methodName, keyPath, value);
4819
- }
4820
- };
4821
- var e2 = class extends globalThis.AbortController {
4822
- constructor(...t) {
4823
- super(...t), (0, import_events.setMaxListeners)(Number.MAX_SAFE_INTEGER, this.signal);
4824
- }
4825
- };
4826
- var EXPLICIT_ABORT_TOKEN;
4827
- function createExplicitAbortToken() {
4828
- return process.env.NODE_ENV !== "production" ? {
4829
- EXPLICIT_ABORT_TOKEN: "This object is thrown from the request that underlies a series of coalesced requests when the last request in that series aborts"
4830
- } : {};
4908
+ function encodePubkey2(key) {
4909
+ return Buffer.from(key.toBytes());
4831
4910
  }
4832
- function getRpcTransportWithRequestCoalescing(transport, getDeduplicationKey) {
4833
- let coalescedRequestsByDeduplicationKey;
4834
- return async function makeCoalescedHttpRequest(request) {
4835
- const { payload, signal } = request;
4836
- const deduplicationKey = getDeduplicationKey(payload);
4837
- if (deduplicationKey === void 0) {
4838
- return await transport(request);
4839
- }
4840
- if (!coalescedRequestsByDeduplicationKey) {
4841
- queueMicrotask(() => {
4842
- coalescedRequestsByDeduplicationKey = void 0;
4843
- });
4844
- coalescedRequestsByDeduplicationKey = {};
4845
- }
4846
- if (coalescedRequestsByDeduplicationKey[deduplicationKey] == null) {
4847
- const abortController = new e2();
4848
- const responsePromise = (async () => {
4849
- try {
4850
- return await transport({
4851
- ...request,
4852
- signal: abortController.signal
4853
- });
4854
- } catch (e22) {
4855
- if (e22 === (EXPLICIT_ABORT_TOKEN ||= createExplicitAbortToken())) {
4856
- return;
4857
- }
4858
- throw e22;
4859
- }
4860
- })();
4861
- coalescedRequestsByDeduplicationKey[deduplicationKey] = {
4862
- abortController,
4863
- numConsumers: 0,
4864
- responsePromise
4865
- };
4866
- }
4867
- const coalescedRequest = coalescedRequestsByDeduplicationKey[deduplicationKey];
4868
- coalescedRequest.numConsumers++;
4869
- if (signal) {
4870
- const responsePromise = coalescedRequest.responsePromise;
4871
- return await new Promise((resolve, reject) => {
4872
- const handleAbort = (e22) => {
4873
- signal.removeEventListener("abort", handleAbort);
4874
- coalescedRequest.numConsumers -= 1;
4875
- queueMicrotask(() => {
4876
- if (coalescedRequest.numConsumers === 0) {
4877
- const abortController = coalescedRequest.abortController;
4878
- abortController.abort(EXPLICIT_ABORT_TOKEN ||= createExplicitAbortToken());
4879
- }
4880
- });
4881
- reject(e22.target.reason);
4882
- };
4883
- signal.addEventListener("abort", handleAbort);
4884
- responsePromise.then(resolve).catch(reject).finally(() => {
4885
- signal.removeEventListener("abort", handleAbort);
4886
- });
4887
- });
4888
- } else {
4889
- return await coalescedRequest.responsePromise;
4890
- }
4891
- };
4911
+ function deriveSwigWalletAddress(swigAddress) {
4912
+ const [pda] = import_web39.PublicKey.findProgramAddressSync(
4913
+ [Buffer.from("swig-wallet-address"), swigAddress.toBuffer()],
4914
+ SWIG_PROGRAM_ID
4915
+ );
4916
+ return pda;
4892
4917
  }
4893
- function getSolanaRpcPayloadDeduplicationKey(payload) {
4894
- return isJsonRpcPayload(payload) ? index_default([payload.method, payload.params]) : void 0;
4918
+ function buildRequestWithdrawalInstruction(p) {
4919
+ const argsBuf = Buffer.concat([
4920
+ encodeU642(p.amount),
4921
+ encodePubkey2(p.destination),
4922
+ encodeI64(p.signedAt),
4923
+ encodeBytesVec2(p.clientDataJSON),
4924
+ encodeBytesVec2(p.authenticatorData)
4925
+ ]);
4926
+ const data = Buffer.concat([Buffer.from(DISCRIMINATORS.request_withdrawal), argsBuf]);
4927
+ return new import_web39.TransactionInstruction({
4928
+ programId: DEXTER_VAULT_PROGRAM_ID,
4929
+ keys: [
4930
+ { pubkey: p.vaultPda, isSigner: false, isWritable: true },
4931
+ { pubkey: import_web39.SYSVAR_INSTRUCTIONS_PUBKEY, isSigner: false, isWritable: false }
4932
+ ],
4933
+ data
4934
+ });
4935
+ }
4936
+ function buildFinalizeWithdrawalInstruction(p) {
4937
+ const argsBuf = Buffer.concat([
4938
+ encodeBytesVec2(p.clientDataJSON),
4939
+ encodeBytesVec2(p.authenticatorData)
4940
+ ]);
4941
+ const data = Buffer.concat([Buffer.from(DISCRIMINATORS.finalize_withdrawal), argsBuf]);
4942
+ const swigWalletAddress = deriveSwigWalletAddress(p.swigAddress);
4943
+ return new import_web39.TransactionInstruction({
4944
+ programId: DEXTER_VAULT_PROGRAM_ID,
4945
+ keys: [
4946
+ { pubkey: p.swigAddress, isSigner: false, isWritable: false },
4947
+ { pubkey: swigWalletAddress, isSigner: false, isWritable: false },
4948
+ { pubkey: p.vaultPda, isSigner: false, isWritable: true },
4949
+ { pubkey: import_web39.SYSVAR_INSTRUCTIONS_PUBKEY, isSigner: false, isWritable: false }
4950
+ ],
4951
+ data
4952
+ });
4953
+ }
4954
+ function buildForceReleaseInstruction(p) {
4955
+ const argsBuf = Buffer.concat([
4956
+ encodeBytesVec2(p.clientDataJSON),
4957
+ encodeBytesVec2(p.authenticatorData)
4958
+ ]);
4959
+ const data = Buffer.concat([Buffer.from(DISCRIMINATORS.force_release), argsBuf]);
4960
+ return new import_web39.TransactionInstruction({
4961
+ programId: DEXTER_VAULT_PROGRAM_ID,
4962
+ keys: [
4963
+ { pubkey: p.vaultPda, isSigner: false, isWritable: true },
4964
+ { pubkey: import_web39.SYSVAR_INSTRUCTIONS_PUBKEY, isSigner: false, isWritable: false }
4965
+ ],
4966
+ data
4967
+ });
4895
4968
  }
4896
- function normalizeHeaders2(headers) {
4897
- const out = {};
4898
- for (const headerName in headers) {
4899
- out[headerName.toLowerCase()] = headers[headerName];
4969
+
4970
+ // src/instructions/settleTabVoucher.ts
4971
+ function encodeFixedBytes2(buf, len) {
4972
+ if (buf.length !== len) {
4973
+ throw new Error(`expected ${len} bytes, got ${buf.length}`);
4900
4974
  }
4901
- return out;
4975
+ return Buffer.from(buf);
4902
4976
  }
4903
- function createDefaultRpcTransport(config) {
4904
- return pipe(
4905
- createHttpTransportForSolanaRpc({
4906
- ...config,
4907
- headers: {
4908
- ...{
4909
- // Keep these headers lowercase so they will be overridden by any user-supplied headers below.
4910
- "accept-encoding": (
4911
- // Natively supported by Node LTS v20.18.0 and above.
4912
- "br,gzip,deflate"
4913
- )
4914
- // Brotli, gzip, and Deflate, in that order.
4915
- },
4916
- ...config.headers ? normalizeHeaders2(config.headers) : void 0,
4917
- ...{
4918
- // Keep these headers lowercase so they will override any user-supplied headers above.
4919
- "solana-client": `js/${"2.3.0"}`
4920
- }
4921
- }
4922
- }),
4923
- (transport) => getRpcTransportWithRequestCoalescing(transport, getSolanaRpcPayloadDeduplicationKey)
4924
- );
4977
+ function encodeU643(value) {
4978
+ const out = Buffer.alloc(8);
4979
+ out.writeBigUInt64LE(value, 0);
4980
+ return out;
4925
4981
  }
4926
- function createSolanaRpc(clusterUrl, config) {
4927
- return createSolanaRpcFromTransport(createDefaultRpcTransport({ url: clusterUrl, ...config }));
4982
+ function encodeU322(value) {
4983
+ const out = Buffer.alloc(4);
4984
+ out.writeUInt32LE(value >>> 0, 0);
4985
+ return out;
4928
4986
  }
4929
- function createSolanaRpcFromTransport(transport) {
4930
- return createRpc({
4931
- api: createSolanaRpcApi(DEFAULT_RPC_CONFIG),
4932
- transport
4987
+ function buildSettleTabVoucherInstruction(p) {
4988
+ if (p.channelId.length !== 32) {
4989
+ throw new Error(`channelId must be 32 bytes, got ${p.channelId.length}`);
4990
+ }
4991
+ const argsBuf = Buffer.concat([
4992
+ encodeFixedBytes2(p.channelId, 32),
4993
+ encodeU643(p.cumulativeAmount),
4994
+ encodeU322(p.sequenceNumber)
4995
+ ]);
4996
+ const data = Buffer.concat([Buffer.from(DISCRIMINATORS.settle_tab_voucher), argsBuf]);
4997
+ const swigWalletAddress = deriveSwigWalletAddress(p.swigAddress);
4998
+ return new import_web310.TransactionInstruction({
4999
+ programId: DEXTER_VAULT_PROGRAM_ID,
5000
+ keys: [
5001
+ { pubkey: p.swigAddress, isSigner: false, isWritable: false },
5002
+ { pubkey: swigWalletAddress, isSigner: false, isWritable: false },
5003
+ { pubkey: p.vaultPda, isSigner: false, isWritable: true },
5004
+ { pubkey: p.dexterAuthority, isSigner: true, isWritable: false },
5005
+ { pubkey: import_web310.SYSVAR_INSTRUCTIONS_PUBKEY, isSigner: false, isWritable: false }
5006
+ ],
5007
+ data
4933
5008
  });
4934
5009
  }
4935
5010
 
4936
- // src/instructions/swigBundle.ts
4937
- var bs58Module = __toESM(require("bs58"), 1);
4938
- var import_web312 = require("@solana/web3.js");
4939
- var bs58 = bs58Module.default ?? bs58Module;
4940
- var SWIG_ID_DOMAIN = "dexter-swig-id:v1:";
4941
- var DEFAULT_SESSION_TTL_SECONDS = BigInt(30 * 24 * 60 * 60);
4942
- var DEFAULT_SPEND_LIMIT_ATOMIC = BigInt(1e9);
4943
- var SWIG_PROGRAM_EXEC_PREFIX = new Uint8Array([
4944
- 178,
4945
- 87,
4946
- 206,
4947
- 68,
4948
- 201,
4949
- 186,
4950
- 164,
4951
- 232
4952
- ]);
4953
- var SWIG_PROGRAM_EXEC_PREFIX_SETTLE_TAB = new Uint8Array([
4954
- 173,
4955
- 22,
4956
- 98,
4957
- 31,
4958
- 110,
4959
- 129,
4960
- 59,
4961
- 161
4962
- ]);
4963
- var SWIG_PROGRAM_EXEC_MARKERS = [
4964
- SWIG_PROGRAM_EXEC_PREFIX,
4965
- SWIG_PROGRAM_EXEC_PREFIX_SETTLE_TAB
4966
- ];
4967
- function deriveSwigId(identitySeed, hmacKey) {
4968
- if (hmacKey.length !== 32) {
4969
- throw new Error(`hmacKey must be 32 bytes, got ${hmacKey.length}`);
5011
+ // src/instructions/rotate.ts
5012
+ var import_web311 = require("@solana/web3.js");
5013
+ function encodeBytesVec3(buf) {
5014
+ const out = Buffer.alloc(4 + buf.length);
5015
+ out.writeUInt32LE(buf.length, 0);
5016
+ Buffer.from(buf).copy(out, 4);
5017
+ return out;
5018
+ }
5019
+ function encodeFixedBytes3(buf, len) {
5020
+ if (buf.length !== len) {
5021
+ throw new Error(`expected ${len} bytes, got ${buf.length}`);
4970
5022
  }
4971
- return (0, import_node_crypto.createHmac)("sha256", Buffer.from(hmacKey)).update(SWIG_ID_DOMAIN).update(Buffer.from(identitySeed)).digest();
5023
+ return Buffer.from(buf);
4972
5024
  }
4973
- async function buildSwigCreationBundle(params) {
4974
- const {
4975
- feePayer,
4976
- dexterMasterPubkey,
4977
- identitySeed,
4978
- hmacKey,
4979
- sessionTtlSeconds = DEFAULT_SESSION_TTL_SECONDS,
4980
- spendLimitAtomic = DEFAULT_SPEND_LIMIT_ATOMIC
4981
- } = params;
4982
- const swigId = deriveSwigId(identitySeed, hmacKey);
4983
- const swigPda = await (0, import_kit.findSwigPda)(swigId);
4984
- const swigAddressStr = String(swigPda);
4985
- const feePayerBytes = bs58.decode(feePayer);
4986
- const vaultProgramIdBytes = Uint8Array.from(DEXTER_VAULT_PROGRAM_ID.toBytes());
4987
- const dexterPubkeyBytes = bs58.decode(dexterMasterPubkey);
4988
- const bootstrapAuthorityInfo = (0, import_lib.createEd25519AuthorityInfo)(feePayerBytes);
4989
- const bootstrapActions = import_lib.Actions.set().manageAuthority().get();
4990
- const vaultAuthorityInfo = (0, import_lib.createProgramExecAuthorityInfo)(
4991
- vaultProgramIdBytes,
4992
- SWIG_PROGRAM_EXEC_PREFIX
4993
- );
4994
- const vaultActions = import_lib.Actions.set().all().get();
4995
- const vaultTabSettleAuthorityInfo = (0, import_lib.createProgramExecAuthorityInfo)(
4996
- vaultProgramIdBytes,
4997
- SWIG_PROGRAM_EXEC_PREFIX_SETTLE_TAB
4998
- );
4999
- const vaultTabSettleActions = import_lib.Actions.set().all().get();
5000
- const sessionAuthorityInfo = (0, import_lib.createEd25519SessionAuthorityInfo)(
5001
- dexterPubkeyBytes,
5002
- sessionTtlSeconds
5003
- );
5004
- const sessionActions = import_lib.Actions.set().tokenLimit({ mint: bs58.decode(USDC_MAINNET), amount: spendLimitAtomic }).programAll().get();
5005
- const builder = (0, import_lib.getCreateSwigWithMultipleAuthoritiesInstructionContextBuilder)({
5006
- payer: address(feePayer),
5007
- swigAddress: address(swigAddressStr),
5008
- id: swigId,
5009
- actions: bootstrapActions,
5010
- authorityInfo: bootstrapAuthorityInfo,
5011
- options: {}
5012
- }).addAuthority(vaultAuthorityInfo, vaultActions).addAuthority(sessionAuthorityInfo, sessionActions).addAuthority(vaultTabSettleAuthorityInfo, vaultTabSettleActions);
5013
- const contexts = await builder.getInstructionContexts();
5014
- const instructions = contexts.flatMap((ctx) => (0, import_kit.getInstructionsFromContext)(ctx));
5015
- return {
5016
- swigAddress: swigAddressStr,
5017
- swigIdBase58: bs58.encode(swigId),
5018
- instructions
5019
- };
5025
+ function encodePubkey3(key) {
5026
+ return Buffer.from(key.toBytes());
5020
5027
  }
5021
- async function expectedSwigAddressFor(identitySeed, hmacKey) {
5022
- const swigId = deriveSwigId(identitySeed, hmacKey);
5023
- return String(await (0, import_kit.findSwigPda)(swigId));
5028
+ function buildRotatePasskeyInstruction(p) {
5029
+ const argsBuf = Buffer.concat([
5030
+ encodeFixedBytes3(p.newPasskeyPubkey, 33),
5031
+ encodeBytesVec3(p.clientDataJSON),
5032
+ encodeBytesVec3(p.authenticatorData)
5033
+ ]);
5034
+ const data = Buffer.concat([Buffer.from(DISCRIMINATORS.rotate_passkey), argsBuf]);
5035
+ return new import_web311.TransactionInstruction({
5036
+ programId: DEXTER_VAULT_PROGRAM_ID,
5037
+ keys: [
5038
+ { pubkey: p.vaultPda, isSigner: false, isWritable: true },
5039
+ { pubkey: import_web311.SYSVAR_INSTRUCTIONS_PUBKEY, isSigner: false, isWritable: false }
5040
+ ],
5041
+ data
5042
+ });
5024
5043
  }
5025
- async function verifySwigIsOurs(params) {
5026
- const { swigAddress, identitySeed, hmacKey, dexterMasterPubkey, rpcEndpoint } = params;
5027
- const expected = await expectedSwigAddressFor(identitySeed, hmacKey);
5028
- if (swigAddress !== expected) {
5029
- return {
5030
- ok: false,
5031
- reason: `swig_address_mismatch: expected ${expected}, got ${swigAddress}`
5032
- };
5033
- }
5034
- try {
5035
- const rpc = createSolanaRpc(rpcEndpoint);
5036
- const swig = await (0, import_kit.fetchNullableSwig)(rpc, address(swigAddress));
5037
- if (swig) {
5038
- const ourRoles = swig.findRolesByAuthorityAddress(bs58.decode(dexterMasterPubkey));
5039
- if (!ourRoles || ourRoles.length === 0) {
5040
- return {
5041
- ok: false,
5042
- reason: "swig_missing_session_master_role"
5043
- };
5044
- }
5045
- }
5046
- } catch {
5047
- }
5048
- return { ok: true };
5044
+ function buildRotateDexterAuthorityInstruction(p) {
5045
+ const data = Buffer.concat([
5046
+ Buffer.from(DISCRIMINATORS.rotate_dexter_authority),
5047
+ encodePubkey3(p.newDexterAuthority)
5048
+ ]);
5049
+ return new import_web311.TransactionInstruction({
5050
+ programId: DEXTER_VAULT_PROGRAM_ID,
5051
+ keys: [
5052
+ { pubkey: p.vaultPda, isSigner: false, isWritable: true },
5053
+ { pubkey: p.currentDexterAuthority, isSigner: true, isWritable: false }
5054
+ ],
5055
+ data
5056
+ });
5049
5057
  }
5050
- function deriveVaultPda(supabaseUserId) {
5051
- if (supabaseUserId.length !== 16) {
5052
- throw new Error("supabaseUserId must be 16 bytes (UUID v4)");
5058
+
5059
+ // src/instructions/provePasskey.ts
5060
+ var import_web312 = require("@solana/web3.js");
5061
+ function encodeBytesVec4(buf) {
5062
+ const out = Buffer.alloc(4 + buf.length);
5063
+ out.writeUInt32LE(buf.length, 0);
5064
+ Buffer.from(buf).copy(out, 4);
5065
+ return out;
5066
+ }
5067
+ function encodeFixedBytes4(buf, len) {
5068
+ if (buf.length !== len) {
5069
+ throw new Error(`expected ${len} bytes, got ${buf.length}`);
5053
5070
  }
5054
- const [pda, bump] = import_web312.PublicKey.findProgramAddressSync(
5055
- [Buffer.from("vault"), Buffer.from(supabaseUserId)],
5056
- DEXTER_VAULT_PROGRAM_ID
5057
- );
5058
- return { pda, bump };
5071
+ return Buffer.from(buf);
5072
+ }
5073
+ function buildProvePasskeyInstruction(p) {
5074
+ const argsBuf = Buffer.concat([
5075
+ encodeFixedBytes4(p.challenge, 32),
5076
+ encodeBytesVec4(p.clientDataJSON),
5077
+ encodeBytesVec4(p.authenticatorData)
5078
+ ]);
5079
+ const data = Buffer.concat([Buffer.from(DISCRIMINATORS.prove_passkey), argsBuf]);
5080
+ return new import_web312.TransactionInstruction({
5081
+ programId: DEXTER_VAULT_PROGRAM_ID,
5082
+ keys: [
5083
+ { pubkey: p.vaultPda, isSigner: false, isWritable: false },
5084
+ { pubkey: import_web312.SYSVAR_INSTRUCTIONS_PUBKEY, isSigner: false, isWritable: false }
5085
+ ],
5086
+ data
5087
+ });
5059
5088
  }
5060
5089
  // Annotate the CommonJS export names for ESM import in node:
5061
5090
  0 && (module.exports = {
@@ -5072,11 +5101,13 @@ function deriveVaultPda(supabaseUserId) {
5072
5101
  buildRevokeSessionKeyInstruction,
5073
5102
  buildRotateDexterAuthorityInstruction,
5074
5103
  buildRotatePasskeyInstruction,
5104
+ buildSetSwigAtomicFromIdentity,
5075
5105
  buildSetSwigAtomicInstruction,
5076
5106
  buildSetSwigInstruction,
5077
5107
  buildSettleTabVoucherInstruction,
5078
5108
  buildSettleVoucherInstruction,
5079
5109
  buildSwigCreationBundle,
5110
+ deriveSwigId,
5080
5111
  deriveSwigWalletAddress,
5081
5112
  deriveVaultPda,
5082
5113
  expectedSwigAddressFor,