@dexterai/vault 0.3.4 → 0.4.0

package/dist/constants/index.cjs

@@ -25,6 +25,7 @@ __export(constants_exports, {
   ED25519_PROGRAM_ID: () => ED25519_PROGRAM_ID,
   INSTRUCTIONS_SYSVAR_ID: () => INSTRUCTIONS_SYSVAR_ID,
   OTS_SESSION_REGISTER_V1_DOMAIN: () => OTS_SESSION_REGISTER_V1_DOMAIN,
+  OTS_SESSION_REGISTER_V2_DOMAIN: () => OTS_SESSION_REGISTER_V2_DOMAIN,
   OTS_SESSION_REVOKE_V1_DOMAIN: () => OTS_SESSION_REVOKE_V1_DOMAIN,
   SECP256R1_PROGRAM_ID: () => SECP256R1_PROGRAM_ID,
   SWIG_PROGRAM_ID: () => SWIG_PROGRAM_ID,
@@ -71,6 +72,11 @@ var OTS_SESSION_REGISTER_V1_DOMAIN = (() => {
   buf.set(new TextEncoder().encode("OTS_SESSION_REGISTER_V1"), 0);
   return buf;
 })();
+var OTS_SESSION_REGISTER_V2_DOMAIN = (() => {
+  const buf = new Uint8Array(32);
+  buf.set(new TextEncoder().encode("OTS_SESSION_REGISTER_V2"), 0);
+  return buf;
+})();
 var OTS_SESSION_REVOKE_V1_DOMAIN = (() => {
   const buf = new Uint8Array(32);
   buf.set(new TextEncoder().encode("OTS_SESSION_REVOKE_V1"), 0);
@@ -83,6 +89,7 @@ var OTS_SESSION_REVOKE_V1_DOMAIN = (() => {
   ED25519_PROGRAM_ID,
   INSTRUCTIONS_SYSVAR_ID,
   OTS_SESSION_REGISTER_V1_DOMAIN,
+  OTS_SESSION_REGISTER_V2_DOMAIN,
   OTS_SESSION_REVOKE_V1_DOMAIN,
   SECP256R1_PROGRAM_ID,
   SWIG_PROGRAM_ID,

package/dist/constants/index.d.cts

@@ -29,6 +29,7 @@ declare const DISCRIMINATORS: Readonly<{
     revoke_session_key: Uint8Array<ArrayBuffer>;
 }>;
 declare const OTS_SESSION_REGISTER_V1_DOMAIN: Uint8Array;
+declare const OTS_SESSION_REGISTER_V2_DOMAIN: Uint8Array;
 declare const OTS_SESSION_REVOKE_V1_DOMAIN: Uint8Array;
 
-export { DEXTER_VAULT_PROGRAM_ID, DISCRIMINATORS, ED25519_PROGRAM_ID, INSTRUCTIONS_SYSVAR_ID, OTS_SESSION_REGISTER_V1_DOMAIN, OTS_SESSION_REVOKE_V1_DOMAIN, SECP256R1_PROGRAM_ID, SWIG_PROGRAM_ID, USDC_DEVNET, USDC_MAINNET, VAULT_SEED_PREFIX };
+export { DEXTER_VAULT_PROGRAM_ID, DISCRIMINATORS, ED25519_PROGRAM_ID, INSTRUCTIONS_SYSVAR_ID, OTS_SESSION_REGISTER_V1_DOMAIN, OTS_SESSION_REGISTER_V2_DOMAIN, OTS_SESSION_REVOKE_V1_DOMAIN, SECP256R1_PROGRAM_ID, SWIG_PROGRAM_ID, USDC_DEVNET, USDC_MAINNET, VAULT_SEED_PREFIX };

package/dist/constants/index.d.ts

@@ -29,6 +29,7 @@ declare const DISCRIMINATORS: Readonly<{
     revoke_session_key: Uint8Array<ArrayBuffer>;
 }>;
 declare const OTS_SESSION_REGISTER_V1_DOMAIN: Uint8Array;
+declare const OTS_SESSION_REGISTER_V2_DOMAIN: Uint8Array;
 declare const OTS_SESSION_REVOKE_V1_DOMAIN: Uint8Array;
 
-export { DEXTER_VAULT_PROGRAM_ID, DISCRIMINATORS, ED25519_PROGRAM_ID, INSTRUCTIONS_SYSVAR_ID, OTS_SESSION_REGISTER_V1_DOMAIN, OTS_SESSION_REVOKE_V1_DOMAIN, SECP256R1_PROGRAM_ID, SWIG_PROGRAM_ID, USDC_DEVNET, USDC_MAINNET, VAULT_SEED_PREFIX };
+export { DEXTER_VAULT_PROGRAM_ID, DISCRIMINATORS, ED25519_PROGRAM_ID, INSTRUCTIONS_SYSVAR_ID, OTS_SESSION_REGISTER_V1_DOMAIN, OTS_SESSION_REGISTER_V2_DOMAIN, OTS_SESSION_REVOKE_V1_DOMAIN, SECP256R1_PROGRAM_ID, SWIG_PROGRAM_ID, USDC_DEVNET, USDC_MAINNET, VAULT_SEED_PREFIX };

package/dist/constants/index.js

@@ -37,6 +37,11 @@ var OTS_SESSION_REGISTER_V1_DOMAIN = (() => {
   buf.set(new TextEncoder().encode("OTS_SESSION_REGISTER_V1"), 0);
   return buf;
 })();
+var OTS_SESSION_REGISTER_V2_DOMAIN = (() => {
+  const buf = new Uint8Array(32);
+  buf.set(new TextEncoder().encode("OTS_SESSION_REGISTER_V2"), 0);
+  return buf;
+})();
 var OTS_SESSION_REVOKE_V1_DOMAIN = (() => {
   const buf = new Uint8Array(32);
   buf.set(new TextEncoder().encode("OTS_SESSION_REVOKE_V1"), 0);
@@ -48,6 +53,7 @@ export {
   ED25519_PROGRAM_ID,
   INSTRUCTIONS_SYSVAR_ID,
   OTS_SESSION_REGISTER_V1_DOMAIN,
+  OTS_SESSION_REGISTER_V2_DOMAIN,
   OTS_SESSION_REVOKE_V1_DOMAIN,
   SECP256R1_PROGRAM_ID,
   SWIG_PROGRAM_ID,

package/dist/counterfactual.cjs

@@ -79,6 +79,11 @@ var OTS_SESSION_REGISTER_V1_DOMAIN = (() => {
   buf.set(new TextEncoder().encode("OTS_SESSION_REGISTER_V1"), 0);
   return buf;
 })();
+var OTS_SESSION_REGISTER_V2_DOMAIN = (() => {
+  const buf = new Uint8Array(32);
+  buf.set(new TextEncoder().encode("OTS_SESSION_REGISTER_V2"), 0);
+  return buf;
+})();
 var OTS_SESSION_REVOKE_V1_DOMAIN = (() => {
   const buf = new Uint8Array(32);
   buf.set(new TextEncoder().encode("OTS_SESSION_REVOKE_V1"), 0);

package/dist/counterfactual.js

@@ -55,6 +55,11 @@ var OTS_SESSION_REGISTER_V1_DOMAIN = (() => {
   buf.set(new TextEncoder().encode("OTS_SESSION_REGISTER_V1"), 0);
   return buf;
 })();
+var OTS_SESSION_REGISTER_V2_DOMAIN = (() => {
+  const buf = new Uint8Array(32);
+  buf.set(new TextEncoder().encode("OTS_SESSION_REGISTER_V2"), 0);
+  return buf;
+})();
 var OTS_SESSION_REVOKE_V1_DOMAIN = (() => {
   const buf = new Uint8Array(32);
   buf.set(new TextEncoder().encode("OTS_SESSION_REVOKE_V1"), 0);

package/dist/index.cjs

@@ -81,6 +81,11 @@ var OTS_SESSION_REGISTER_V1_DOMAIN = (() => {
   buf.set(new TextEncoder().encode("OTS_SESSION_REGISTER_V1"), 0);
   return buf;
 })();
+var OTS_SESSION_REGISTER_V2_DOMAIN = (() => {
+  const buf = new Uint8Array(32);
+  buf.set(new TextEncoder().encode("OTS_SESSION_REGISTER_V2"), 0);
+  return buf;
+})();
 var OTS_SESSION_REVOKE_V1_DOMAIN = (() => {
   const buf = new Uint8Array(32);
   buf.set(new TextEncoder().encode("OTS_SESSION_REVOKE_V1"), 0);

package/dist/index.js

@@ -55,6 +55,11 @@ var OTS_SESSION_REGISTER_V1_DOMAIN = (() => {
   buf.set(new TextEncoder().encode("OTS_SESSION_REGISTER_V1"), 0);
   return buf;
 })();
+var OTS_SESSION_REGISTER_V2_DOMAIN = (() => {
+  const buf = new Uint8Array(32);
+  buf.set(new TextEncoder().encode("OTS_SESSION_REGISTER_V2"), 0);
+  return buf;
+})();
 var OTS_SESSION_REVOKE_V1_DOMAIN = (() => {
   const buf = new Uint8Array(32);
   buf.set(new TextEncoder().encode("OTS_SESSION_REVOKE_V1"), 0);

package/dist/instructions/index.cjs

@@ -98,6 +98,11 @@ var OTS_SESSION_REGISTER_V1_DOMAIN = (() => {
   buf.set(new TextEncoder().encode("OTS_SESSION_REGISTER_V1"), 0);
   return buf;
 })();
+var OTS_SESSION_REGISTER_V2_DOMAIN = (() => {
+  const buf = new Uint8Array(32);
+  buf.set(new TextEncoder().encode("OTS_SESSION_REGISTER_V2"), 0);
+  return buf;
+})();
 var OTS_SESSION_REVOKE_V1_DOMAIN = (() => {
   const buf = new Uint8Array(32);
   buf.set(new TextEncoder().encode("OTS_SESSION_REVOKE_V1"), 0);
@@ -4749,11 +4754,11 @@ function buildSetSwigAtomicFromIdentity(params) {
     deriveSwigId(params.identitySeed, params.hmacKey)
   );
   const [swigAddress, swigAccountBump] = import_web35.PublicKey.findProgramAddressSync(
-    [Buffer.from(swigId)],
+    [Buffer.from("swig"), Buffer.from(swigId)],
     SWIG_PROGRAM_ID
   );
   const [swigWalletAddress, swigWalletAddressBump] = import_web35.PublicKey.findProgramAddressSync(
-    [swigAddress.toBytes()],
+    [Buffer.from("swig-wallet-address"), swigAddress.toBytes()],
     SWIG_PROGRAM_ID
   );
   return buildSetSwigAtomicInstruction({
@@ -4814,6 +4819,7 @@ function buildRegisterSessionKeyInstruction(args) {
     encodeI64LE(args.expiresAt),
     args.allowedCounterparty.toBytes(),
     encodeU32LE(args.nonce),
+    encodeU64LE(args.maxRevolvingCapacity),
     encodeVecU8(args.clientDataJSON),
     encodeVecU8(args.authenticatorData)
   );

package/dist/instructions/index.d.cts

@@ -133,6 +133,7 @@ declare function buildSetSwigAtomicFromIdentity(params: BuildSetSwigAtomicFromId
  *   expires_at: i64
  *   allowed_counterparty: Pubkey (32 bytes)
  *   nonce: u32
+ *   max_revolving_capacity: u64
  *   client_data_json: Vec<u8>
  *   authenticator_data: Vec<u8>
  */
@@ -144,6 +145,7 @@ interface BuildRegisterSessionKeyArgs {
     expiresAt: bigint;
     allowedCounterparty: PublicKey;
     nonce: number;
+    maxRevolvingCapacity: bigint;
     clientDataJSON: Uint8Array;
     authenticatorData: Uint8Array;
 }

package/dist/instructions/index.d.ts

@@ -133,6 +133,7 @@ declare function buildSetSwigAtomicFromIdentity(params: BuildSetSwigAtomicFromId
  *   expires_at: i64
  *   allowed_counterparty: Pubkey (32 bytes)
  *   nonce: u32
+ *   max_revolving_capacity: u64
  *   client_data_json: Vec<u8>
  *   authenticator_data: Vec<u8>
  */
@@ -144,6 +145,7 @@ interface BuildRegisterSessionKeyArgs {
     expiresAt: bigint;
     allowedCounterparty: PublicKey;
     nonce: number;
+    maxRevolvingCapacity: bigint;
     clientDataJSON: Uint8Array;
     authenticatorData: Uint8Array;
 }

package/dist/instructions/index.js

@@ -42,6 +42,11 @@ var OTS_SESSION_REGISTER_V1_DOMAIN = (() => {
   buf.set(new TextEncoder().encode("OTS_SESSION_REGISTER_V1"), 0);
   return buf;
 })();
+var OTS_SESSION_REGISTER_V2_DOMAIN = (() => {
+  const buf = new Uint8Array(32);
+  buf.set(new TextEncoder().encode("OTS_SESSION_REGISTER_V2"), 0);
+  return buf;
+})();
 var OTS_SESSION_REVOKE_V1_DOMAIN = (() => {
   const buf = new Uint8Array(32);
   buf.set(new TextEncoder().encode("OTS_SESSION_REVOKE_V1"), 0);
@@ -4711,11 +4716,11 @@ function buildSetSwigAtomicFromIdentity(params) {
     deriveSwigId(params.identitySeed, params.hmacKey)
   );
   const [swigAddress, swigAccountBump] = PublicKey5.findProgramAddressSync(
-    [Buffer.from(swigId)],
+    [Buffer.from("swig"), Buffer.from(swigId)],
     SWIG_PROGRAM_ID
   );
   const [swigWalletAddress, swigWalletAddressBump] = PublicKey5.findProgramAddressSync(
-    [swigAddress.toBytes()],
+    [Buffer.from("swig-wallet-address"), swigAddress.toBytes()],
     SWIG_PROGRAM_ID
   );
   return buildSetSwigAtomicInstruction({
@@ -4776,6 +4781,7 @@ function buildRegisterSessionKeyInstruction(args) {
     encodeI64LE(args.expiresAt),
     args.allowedCounterparty.toBytes(),
     encodeU32LE(args.nonce),
+    encodeU64LE(args.maxRevolvingCapacity),
     encodeVecU8(args.clientDataJSON),
     encodeVecU8(args.authenticatorData)
   );

package/dist/messages/index.cjs

@@ -65,6 +65,11 @@ var OTS_SESSION_REGISTER_V1_DOMAIN = (() => {
   buf.set(new TextEncoder().encode("OTS_SESSION_REGISTER_V1"), 0);
   return buf;
 })();
+var OTS_SESSION_REGISTER_V2_DOMAIN = (() => {
+  const buf = new Uint8Array(32);
+  buf.set(new TextEncoder().encode("OTS_SESSION_REGISTER_V2"), 0);
+  return buf;
+})();
 var OTS_SESSION_REVOKE_V1_DOMAIN = (() => {
   const buf = new Uint8Array(32);
   buf.set(new TextEncoder().encode("OTS_SESSION_REVOKE_V1"), 0);
@@ -76,10 +81,10 @@ function sessionRegisterMessage(args) {
   if (args.sessionPubkey.length !== 32) {
     throw new Error(`sessionPubkey must be 32 bytes, got ${args.sessionPubkey.length}`);
   }
-  const buf = new Uint8Array(180);
+  const buf = new Uint8Array(188);
   const view = new DataView(buf.buffer);
   let o = 0;
-  buf.set(OTS_SESSION_REGISTER_V1_DOMAIN, o);
+  buf.set(OTS_SESSION_REGISTER_V2_DOMAIN, o);
   o += 32;
   buf.set(args.programId.toBytes(), o);
   o += 32;
@@ -95,8 +100,10 @@ function sessionRegisterMessage(args) {
   o += 32;
   view.setUint32(o, args.nonce >>> 0, true);
   o += 4;
-  if (o !== 180) {
-    throw new Error(`internal: session register message wrong length ${o}, expected 180`);
+  view.setBigUint64(o, args.maxRevolvingCapacity, true);
+  o += 8;
+  if (o !== 188) {
+    throw new Error(`internal: session register message wrong length ${o}, expected 188`);
   }
   return buf;
 }

package/dist/messages/index.d.cts

@@ -4,7 +4,7 @@ import { PublicKey } from '@solana/web3.js';
  * Byte-deterministic session-key message builders.
  *
  * MUST match the on-chain Rust handlers byte-for-byte:
- *   - register_session_key.rs::build_registration_message → sessionRegisterMessage (180 bytes)
+ *   - register_session_key.rs::build_registration_message → sessionRegisterMessage (188 bytes, V2)
  *   - revoke_session_key.rs::build_revocation_message     → sessionRevokeMessage (128 bytes)
  *
  * Any drift makes every signature look forged to the on-chain handler.
@@ -18,10 +18,11 @@ interface SessionRegisterMessageArgs {
     expiresAt: bigint;
     allowedCounterparty: PublicKey;
     nonce: number;
+    maxRevolvingCapacity: bigint;
 }
 /**
- * 180-byte session registration message. Layout:
- *    0   32  domain separator (REGISTER_DOMAIN)
+ * 188-byte V2 session registration message. Layout:
+ *    0   32  domain separator (OTS_SESSION_REGISTER_V2)
  *   32   32  program_id
  *   64   32  vault_pda
  *   96   32  session_pubkey
@@ -29,8 +30,9 @@ interface SessionRegisterMessageArgs {
  *  136    8  expires_at (i64 LE)
  *  144   32  allowed_counterparty
  *  176    4  nonce (u32 LE)
+ *  180    8  max_revolving_capacity (u64 LE)
  *                                    ────
- *                                    180
+ *                                    188
  */
 declare function sessionRegisterMessage(args: SessionRegisterMessageArgs): Uint8Array;
 interface SessionRevokeMessageArgs {

package/dist/messages/index.d.ts

@@ -4,7 +4,7 @@ import { PublicKey } from '@solana/web3.js';
  * Byte-deterministic session-key message builders.
  *
  * MUST match the on-chain Rust handlers byte-for-byte:
- *   - register_session_key.rs::build_registration_message → sessionRegisterMessage (180 bytes)
+ *   - register_session_key.rs::build_registration_message → sessionRegisterMessage (188 bytes, V2)
  *   - revoke_session_key.rs::build_revocation_message     → sessionRevokeMessage (128 bytes)
  *
  * Any drift makes every signature look forged to the on-chain handler.
@@ -18,10 +18,11 @@ interface SessionRegisterMessageArgs {
     expiresAt: bigint;
     allowedCounterparty: PublicKey;
     nonce: number;
+    maxRevolvingCapacity: bigint;
 }
 /**
- * 180-byte session registration message. Layout:
- *    0   32  domain separator (REGISTER_DOMAIN)
+ * 188-byte V2 session registration message. Layout:
+ *    0   32  domain separator (OTS_SESSION_REGISTER_V2)
  *   32   32  program_id
  *   64   32  vault_pda
  *   96   32  session_pubkey
@@ -29,8 +30,9 @@ interface SessionRegisterMessageArgs {
  *  136    8  expires_at (i64 LE)
  *  144   32  allowed_counterparty
  *  176    4  nonce (u32 LE)
+ *  180    8  max_revolving_capacity (u64 LE)
  *                                    ────
- *                                    180
+ *                                    188
  */
 declare function sessionRegisterMessage(args: SessionRegisterMessageArgs): Uint8Array;
 interface SessionRevokeMessageArgs {

package/dist/messages/index.js

@@ -35,6 +35,11 @@ var OTS_SESSION_REGISTER_V1_DOMAIN = (() => {
   buf.set(new TextEncoder().encode("OTS_SESSION_REGISTER_V1"), 0);
   return buf;
 })();
+var OTS_SESSION_REGISTER_V2_DOMAIN = (() => {
+  const buf = new Uint8Array(32);
+  buf.set(new TextEncoder().encode("OTS_SESSION_REGISTER_V2"), 0);
+  return buf;
+})();
 var OTS_SESSION_REVOKE_V1_DOMAIN = (() => {
   const buf = new Uint8Array(32);
   buf.set(new TextEncoder().encode("OTS_SESSION_REVOKE_V1"), 0);
@@ -46,10 +51,10 @@ function sessionRegisterMessage(args) {
   if (args.sessionPubkey.length !== 32) {
     throw new Error(`sessionPubkey must be 32 bytes, got ${args.sessionPubkey.length}`);
   }
-  const buf = new Uint8Array(180);
+  const buf = new Uint8Array(188);
   const view = new DataView(buf.buffer);
   let o = 0;
-  buf.set(OTS_SESSION_REGISTER_V1_DOMAIN, o);
+  buf.set(OTS_SESSION_REGISTER_V2_DOMAIN, o);
   o += 32;
   buf.set(args.programId.toBytes(), o);
   o += 32;
@@ -65,8 +70,10 @@ function sessionRegisterMessage(args) {
   o += 32;
   view.setUint32(o, args.nonce >>> 0, true);
   o += 4;
-  if (o !== 180) {
-    throw new Error(`internal: session register message wrong length ${o}, expected 180`);
+  view.setBigUint64(o, args.maxRevolvingCapacity, true);
+  o += 8;
+  if (o !== 188) {
+    throw new Error(`internal: session register message wrong length ${o}, expected 188`);
   }
   return buf;
 }

package/dist/precompile/index.cjs

@@ -80,6 +80,11 @@ var OTS_SESSION_REGISTER_V1_DOMAIN = (() => {
   buf.set(new TextEncoder().encode("OTS_SESSION_REGISTER_V1"), 0);
   return buf;
 })();
+var OTS_SESSION_REGISTER_V2_DOMAIN = (() => {
+  const buf = new Uint8Array(32);
+  buf.set(new TextEncoder().encode("OTS_SESSION_REGISTER_V2"), 0);
+  return buf;
+})();
 var OTS_SESSION_REVOKE_V1_DOMAIN = (() => {
   const buf = new Uint8Array(32);
   buf.set(new TextEncoder().encode("OTS_SESSION_REVOKE_V1"), 0);

package/dist/precompile/index.js

@@ -38,6 +38,11 @@ var OTS_SESSION_REGISTER_V1_DOMAIN = (() => {
   buf.set(new TextEncoder().encode("OTS_SESSION_REGISTER_V1"), 0);
   return buf;
 })();
+var OTS_SESSION_REGISTER_V2_DOMAIN = (() => {
+  const buf = new Uint8Array(32);
+  buf.set(new TextEncoder().encode("OTS_SESSION_REGISTER_V2"), 0);
+  return buf;
+})();
 var OTS_SESSION_REVOKE_V1_DOMAIN = (() => {
   const buf = new Uint8Array(32);
   buf.set(new TextEncoder().encode("OTS_SESSION_REVOKE_V1"), 0);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@dexterai/vault",
-  "version": "0.3.4",
+  "version": "0.4.0",
   "description": "Canonical off-chain mirror of the dexter-vault Solana Anchor program — Solana instruction builders, byte-precise message encoders, account decoders, secp256r1/Ed25519 precompile helpers, counterfactual Swig derivation, and signer interfaces. The single source of truth for any TypeScript code that produces bytes the on-chain program will verify.",
   "author": "Dexter",
   "license": "MIT",