@did-btcr2/aggregation 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (233) hide show
  1. package/LICENSE +373 -0
  2. package/README.md +19 -0
  3. package/dist/.tsbuildinfo +1 -0
  4. package/dist/browser.js +24017 -0
  5. package/dist/browser.mjs +24011 -0
  6. package/dist/cjs/index.js +5690 -0
  7. package/dist/cjs/package.json +1 -0
  8. package/dist/esm/beacon-strategy.js +76 -0
  9. package/dist/esm/beacon-strategy.js.map +1 -0
  10. package/dist/esm/cohort.js +316 -0
  11. package/dist/esm/cohort.js.map +1 -0
  12. package/dist/esm/conditions.js +102 -0
  13. package/dist/esm/conditions.js.map +1 -0
  14. package/dist/esm/errors.js +22 -0
  15. package/dist/esm/errors.js.map +1 -0
  16. package/dist/esm/fallback-spend.js +132 -0
  17. package/dist/esm/fallback-spend.js.map +1 -0
  18. package/dist/esm/index.js +21 -0
  19. package/dist/esm/index.js.map +1 -0
  20. package/dist/esm/logger.js +15 -0
  21. package/dist/esm/logger.js.map +1 -0
  22. package/dist/esm/messages/base.js +36 -0
  23. package/dist/esm/messages/base.js.map +1 -0
  24. package/dist/esm/messages/bodies.js +149 -0
  25. package/dist/esm/messages/bodies.js.map +1 -0
  26. package/dist/esm/messages/constants.js +37 -0
  27. package/dist/esm/messages/constants.js.map +1 -0
  28. package/dist/esm/messages/factories.js +139 -0
  29. package/dist/esm/messages/factories.js.map +1 -0
  30. package/dist/esm/messages/guards.js +40 -0
  31. package/dist/esm/messages/guards.js.map +1 -0
  32. package/dist/esm/messages/index.js +6 -0
  33. package/dist/esm/messages/index.js.map +1 -0
  34. package/dist/esm/participant.js +588 -0
  35. package/dist/esm/participant.js.map +1 -0
  36. package/dist/esm/phases.js +45 -0
  37. package/dist/esm/phases.js.map +1 -0
  38. package/dist/esm/recovery-policy.js +156 -0
  39. package/dist/esm/recovery-policy.js.map +1 -0
  40. package/dist/esm/recovery-spend.js +106 -0
  41. package/dist/esm/recovery-spend.js.map +1 -0
  42. package/dist/esm/runner/aggregation-runner.js +75 -0
  43. package/dist/esm/runner/aggregation-runner.js.map +1 -0
  44. package/dist/esm/runner/events.js +2 -0
  45. package/dist/esm/runner/events.js.map +1 -0
  46. package/dist/esm/runner/index.js +6 -0
  47. package/dist/esm/runner/index.js.map +1 -0
  48. package/dist/esm/runner/participant-runner.js +407 -0
  49. package/dist/esm/runner/participant-runner.js.map +1 -0
  50. package/dist/esm/runner/service-runner.js +701 -0
  51. package/dist/esm/runner/service-runner.js.map +1 -0
  52. package/dist/esm/runner/typed-emitter.js +80 -0
  53. package/dist/esm/runner/typed-emitter.js.map +1 -0
  54. package/dist/esm/service.js +774 -0
  55. package/dist/esm/service.js.map +1 -0
  56. package/dist/esm/signer.js +33 -0
  57. package/dist/esm/signer.js.map +1 -0
  58. package/dist/esm/signing-session.js +195 -0
  59. package/dist/esm/signing-session.js.map +1 -0
  60. package/dist/esm/transport/didcomm.js +41 -0
  61. package/dist/esm/transport/didcomm.js.map +1 -0
  62. package/dist/esm/transport/error.js +12 -0
  63. package/dist/esm/transport/error.js.map +1 -0
  64. package/dist/esm/transport/factory.js +29 -0
  65. package/dist/esm/transport/factory.js.map +1 -0
  66. package/dist/esm/transport/http/client.js +342 -0
  67. package/dist/esm/transport/http/client.js.map +1 -0
  68. package/dist/esm/transport/http/envelope.js +126 -0
  69. package/dist/esm/transport/http/envelope.js.map +1 -0
  70. package/dist/esm/transport/http/errors.js +11 -0
  71. package/dist/esm/transport/http/errors.js.map +1 -0
  72. package/dist/esm/transport/http/inbox-buffer.js +45 -0
  73. package/dist/esm/transport/http/inbox-buffer.js.map +1 -0
  74. package/dist/esm/transport/http/index.js +12 -0
  75. package/dist/esm/transport/http/index.js.map +1 -0
  76. package/dist/esm/transport/http/nonce-cache.js +38 -0
  77. package/dist/esm/transport/http/nonce-cache.js.map +1 -0
  78. package/dist/esm/transport/http/protocol.js +28 -0
  79. package/dist/esm/transport/http/protocol.js.map +1 -0
  80. package/dist/esm/transport/http/rate-limiter.js +45 -0
  81. package/dist/esm/transport/http/rate-limiter.js.map +1 -0
  82. package/dist/esm/transport/http/request-auth.js +100 -0
  83. package/dist/esm/transport/http/request-auth.js.map +1 -0
  84. package/dist/esm/transport/http/server.js +475 -0
  85. package/dist/esm/transport/http/server.js.map +1 -0
  86. package/dist/esm/transport/http/sse-stream.js +110 -0
  87. package/dist/esm/transport/http/sse-stream.js.map +1 -0
  88. package/dist/esm/transport/http/sse-writer.js +25 -0
  89. package/dist/esm/transport/http/sse-writer.js.map +1 -0
  90. package/dist/esm/transport/in-memory.js +149 -0
  91. package/dist/esm/transport/in-memory.js.map +1 -0
  92. package/dist/esm/transport/index.js +8 -0
  93. package/dist/esm/transport/index.js.map +1 -0
  94. package/dist/esm/transport/nostr.js +491 -0
  95. package/dist/esm/transport/nostr.js.map +1 -0
  96. package/dist/esm/transport/transport.js +2 -0
  97. package/dist/esm/transport/transport.js.map +1 -0
  98. package/dist/types/beacon-strategy.d.ts +56 -0
  99. package/dist/types/beacon-strategy.d.ts.map +1 -0
  100. package/dist/types/cohort.d.ts +188 -0
  101. package/dist/types/cohort.d.ts.map +1 -0
  102. package/dist/types/conditions.d.ts +86 -0
  103. package/dist/types/conditions.d.ts.map +1 -0
  104. package/dist/types/errors.d.ts +14 -0
  105. package/dist/types/errors.d.ts.map +1 -0
  106. package/dist/types/fallback-spend.d.ts +94 -0
  107. package/dist/types/fallback-spend.d.ts.map +1 -0
  108. package/dist/types/index.d.ts +17 -0
  109. package/dist/types/index.d.ts.map +1 -0
  110. package/dist/types/logger.d.ts +22 -0
  111. package/dist/types/logger.d.ts.map +1 -0
  112. package/dist/types/messages/base.d.ts +58 -0
  113. package/dist/types/messages/base.d.ts.map +1 -0
  114. package/dist/types/messages/bodies.d.ts +177 -0
  115. package/dist/types/messages/bodies.d.ts.map +1 -0
  116. package/dist/types/messages/constants.d.ts +31 -0
  117. package/dist/types/messages/constants.d.ts.map +1 -0
  118. package/dist/types/messages/factories.d.ts +217 -0
  119. package/dist/types/messages/factories.d.ts.map +1 -0
  120. package/dist/types/messages/guards.d.ts +11 -0
  121. package/dist/types/messages/guards.d.ts.map +1 -0
  122. package/dist/types/messages/index.d.ts +6 -0
  123. package/dist/types/messages/index.d.ts.map +1 -0
  124. package/dist/types/participant.d.ts +162 -0
  125. package/dist/types/participant.d.ts.map +1 -0
  126. package/dist/types/phases.d.ts +55 -0
  127. package/dist/types/phases.d.ts.map +1 -0
  128. package/dist/types/recovery-policy.d.ts +132 -0
  129. package/dist/types/recovery-policy.d.ts.map +1 -0
  130. package/dist/types/recovery-spend.d.ts +94 -0
  131. package/dist/types/recovery-spend.d.ts.map +1 -0
  132. package/dist/types/runner/aggregation-runner.d.ts +72 -0
  133. package/dist/types/runner/aggregation-runner.d.ts.map +1 -0
  134. package/dist/types/runner/events.d.ts +147 -0
  135. package/dist/types/runner/events.d.ts.map +1 -0
  136. package/dist/types/runner/index.d.ts +6 -0
  137. package/dist/types/runner/index.d.ts.map +1 -0
  138. package/dist/types/runner/participant-runner.d.ts +122 -0
  139. package/dist/types/runner/participant-runner.d.ts.map +1 -0
  140. package/dist/types/runner/service-runner.d.ts +228 -0
  141. package/dist/types/runner/service-runner.d.ts.map +1 -0
  142. package/dist/types/runner/typed-emitter.d.ts +41 -0
  143. package/dist/types/runner/typed-emitter.d.ts.map +1 -0
  144. package/dist/types/service.d.ts +177 -0
  145. package/dist/types/service.d.ts.map +1 -0
  146. package/dist/types/signer.d.ts +50 -0
  147. package/dist/types/signer.d.ts.map +1 -0
  148. package/dist/types/signing-session.d.ts +81 -0
  149. package/dist/types/signing-session.d.ts.map +1 -0
  150. package/dist/types/transport/didcomm.d.ts +23 -0
  151. package/dist/types/transport/didcomm.d.ts.map +1 -0
  152. package/dist/types/transport/error.d.ts +8 -0
  153. package/dist/types/transport/error.d.ts.map +1 -0
  154. package/dist/types/transport/factory.d.ts +28 -0
  155. package/dist/types/transport/factory.d.ts.map +1 -0
  156. package/dist/types/transport/http/client.d.ts +56 -0
  157. package/dist/types/transport/http/client.d.ts.map +1 -0
  158. package/dist/types/transport/http/envelope.d.ts +64 -0
  159. package/dist/types/transport/http/envelope.d.ts.map +1 -0
  160. package/dist/types/transport/http/errors.d.ts +9 -0
  161. package/dist/types/transport/http/errors.d.ts.map +1 -0
  162. package/dist/types/transport/http/inbox-buffer.d.ts +32 -0
  163. package/dist/types/transport/http/inbox-buffer.d.ts.map +1 -0
  164. package/dist/types/transport/http/index.d.ts +12 -0
  165. package/dist/types/transport/http/index.d.ts.map +1 -0
  166. package/dist/types/transport/http/nonce-cache.d.ts +26 -0
  167. package/dist/types/transport/http/nonce-cache.d.ts.map +1 -0
  168. package/dist/types/transport/http/protocol.d.ts +53 -0
  169. package/dist/types/transport/http/protocol.d.ts.map +1 -0
  170. package/dist/types/transport/http/rate-limiter.d.ts +41 -0
  171. package/dist/types/transport/http/rate-limiter.d.ts.map +1 -0
  172. package/dist/types/transport/http/request-auth.d.ts +50 -0
  173. package/dist/types/transport/http/request-auth.d.ts.map +1 -0
  174. package/dist/types/transport/http/server.d.ts +118 -0
  175. package/dist/types/transport/http/server.d.ts.map +1 -0
  176. package/dist/types/transport/http/sse-stream.d.ts +34 -0
  177. package/dist/types/transport/http/sse-stream.d.ts.map +1 -0
  178. package/dist/types/transport/http/sse-writer.d.ts +12 -0
  179. package/dist/types/transport/http/sse-writer.d.ts.map +1 -0
  180. package/dist/types/transport/in-memory.d.ts +64 -0
  181. package/dist/types/transport/in-memory.d.ts.map +1 -0
  182. package/dist/types/transport/index.d.ts +8 -0
  183. package/dist/types/transport/index.d.ts.map +1 -0
  184. package/dist/types/transport/nostr.d.ts +153 -0
  185. package/dist/types/transport/nostr.d.ts.map +1 -0
  186. package/dist/types/transport/transport.d.ts +62 -0
  187. package/dist/types/transport/transport.d.ts.map +1 -0
  188. package/package.json +128 -0
  189. package/src/beacon-strategy.ts +142 -0
  190. package/src/cohort.ts +422 -0
  191. package/src/conditions.ts +172 -0
  192. package/src/errors.ts +25 -0
  193. package/src/fallback-spend.ts +223 -0
  194. package/src/index.ts +23 -0
  195. package/src/logger.ts +33 -0
  196. package/src/messages/base.ts +80 -0
  197. package/src/messages/bodies.ts +328 -0
  198. package/src/messages/constants.ts +40 -0
  199. package/src/messages/factories.ts +297 -0
  200. package/src/messages/guards.ts +61 -0
  201. package/src/messages/index.ts +5 -0
  202. package/src/participant.ts +779 -0
  203. package/src/phases.ts +91 -0
  204. package/src/recovery-policy.ts +237 -0
  205. package/src/recovery-spend.ts +192 -0
  206. package/src/runner/aggregation-runner.ts +125 -0
  207. package/src/runner/events.ts +129 -0
  208. package/src/runner/index.ts +5 -0
  209. package/src/runner/participant-runner.ts +488 -0
  210. package/src/runner/service-runner.ts +891 -0
  211. package/src/runner/typed-emitter.ts +87 -0
  212. package/src/service.ts +1000 -0
  213. package/src/signer.ts +67 -0
  214. package/src/signing-session.ts +290 -0
  215. package/src/transport/didcomm.ts +59 -0
  216. package/src/transport/error.ts +13 -0
  217. package/src/transport/factory.ts +65 -0
  218. package/src/transport/http/client.ts +409 -0
  219. package/src/transport/http/envelope.ts +204 -0
  220. package/src/transport/http/errors.ts +11 -0
  221. package/src/transport/http/inbox-buffer.ts +53 -0
  222. package/src/transport/http/index.ts +11 -0
  223. package/src/transport/http/nonce-cache.ts +43 -0
  224. package/src/transport/http/protocol.ts +57 -0
  225. package/src/transport/http/rate-limiter.ts +75 -0
  226. package/src/transport/http/request-auth.ts +164 -0
  227. package/src/transport/http/server.ts +617 -0
  228. package/src/transport/http/sse-stream.ts +121 -0
  229. package/src/transport/http/sse-writer.ts +23 -0
  230. package/src/transport/in-memory.ts +178 -0
  231. package/src/transport/index.ts +7 -0
  232. package/src/transport/nostr.ts +576 -0
  233. package/src/transport/transport.ts +79 -0
@@ -0,0 +1,55 @@
1
+ /**
2
+ * Phases for the did:btcr2 Aggregate Beacon protocol.
3
+ *
4
+ * The protocol has two roles (AggregationService and AggregationParticipant)
5
+ * which experience different phases for the same cohort. Each role has its own
6
+ * phase enum.
7
+ *
8
+ * The signing session has its own phase enum because MuSig2 signing is a
9
+ * sub-protocol within the larger aggregation protocol.
10
+ */
11
+ export type ServiceCohortPhaseType = 'Created' | 'Advertised' | 'CohortSet' | 'CollectingUpdates' | 'UpdatesCollected' | 'DataDistributed' | 'Validated' | 'SigningStarted' | 'NoncesCollected' | 'AwaitingPartialSigs' | 'FallbackRequested' | 'Complete' | 'Failed';
12
+ export declare enum ServiceCohortPhase {
13
+ Created = "Created",
14
+ Advertised = "Advertised",
15
+ CohortSet = "CohortSet",
16
+ CollectingUpdates = "CollectingUpdates",
17
+ UpdatesCollected = "UpdatesCollected",
18
+ DataDistributed = "DataDistributed",
19
+ Validated = "Validated",
20
+ SigningStarted = "SigningStarted",
21
+ NoncesCollected = "NoncesCollected",
22
+ AwaitingPartialSigs = "AwaitingPartialSigs",
23
+ /** Optimistic n-of-n key path abandoned; collecting k-of-n fallback signatures (ADR 042). */
24
+ FallbackRequested = "FallbackRequested",
25
+ Complete = "Complete",
26
+ Failed = "Failed"
27
+ }
28
+ export type ParticipantCohortPhaseType = 'Discovered' | 'OptedIn' | 'CohortReady' | 'UpdateSubmitted' | 'NonIncluded' | 'AwaitingValidation' | 'ValidationSent' | 'AwaitingSigning' | 'NonceSent' | 'AwaitingPartialSig' | 'AwaitingFallbackSig' | 'Complete' | 'Failed';
29
+ export declare enum ParticipantCohortPhase {
30
+ Discovered = "Discovered",
31
+ OptedIn = "OptedIn",
32
+ CohortReady = "CohortReady",
33
+ UpdateSubmitted = "UpdateSubmitted",
34
+ /** Member declined to submit an update this round (cooperative non-inclusion); still signs. */
35
+ NonIncluded = "NonIncluded",
36
+ AwaitingValidation = "AwaitingValidation",
37
+ ValidationSent = "ValidationSent",
38
+ AwaitingSigning = "AwaitingSigning",
39
+ NonceSent = "NonceSent",
40
+ AwaitingPartialSig = "AwaitingPartialSig",
41
+ /** Service fell back to the k-of-n script path; member can sign the fallback (ADR 042). */
42
+ AwaitingFallbackSig = "AwaitingFallbackSig",
43
+ Complete = "Complete",
44
+ Failed = "Failed"
45
+ }
46
+ export type SigningSessionPhaseType = 'AwaitingNonceContributions' | 'NonceContributionsReceived' | 'AwaitingPartialSignatures' | 'PartialSignaturesReceived' | 'Complete' | 'Failed';
47
+ export declare enum SigningSessionPhase {
48
+ AwaitingNonceContributions = "AwaitingNonceContributions",
49
+ NonceContributionsReceived = "NonceContributionsReceived",
50
+ AwaitingPartialSignatures = "AwaitingPartialSignatures",
51
+ PartialSignaturesReceived = "PartialSignaturesReceived",
52
+ Complete = "Complete",
53
+ Failed = "Failed"
54
+ }
55
+ //# sourceMappingURL=phases.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"phases.d.ts","sourceRoot":"","sources":["../../src/phases.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AACH,MAAM,MAAM,sBAAsB,GAC9B,SAAS,GACT,YAAY,GACZ,WAAW,GACX,mBAAmB,GACnB,kBAAkB,GAClB,iBAAiB,GACjB,WAAW,GACX,gBAAgB,GAChB,iBAAiB,GACjB,qBAAqB,GACrB,mBAAmB,GACnB,UAAU,GACV,QAAQ,CAAC;AAEb,oBAAY,kBAAkB;IAC5B,OAAO,YAAY;IACnB,UAAU,eAAe;IACzB,SAAS,cAAc;IACvB,iBAAiB,sBAAsB;IACvC,gBAAgB,qBAAqB;IACrC,eAAe,oBAAoB;IACnC,SAAS,cAAc;IACvB,cAAc,mBAAmB;IACjC,eAAe,oBAAoB;IACnC,mBAAmB,wBAAwB;IAC3C,6FAA6F;IAC7F,iBAAiB,sBAAsB;IACvC,QAAQ,aAAa;IACrB,MAAM,WAAW;CAClB;AAED,MAAM,MAAM,0BAA0B,GAClC,YAAY,GACZ,SAAS,GACT,aAAa,GACb,iBAAiB,GACjB,aAAa,GACb,oBAAoB,GACpB,gBAAgB,GAChB,iBAAiB,GACjB,WAAW,GACX,oBAAoB,GACpB,qBAAqB,GACrB,UAAU,GACV,QAAQ,CAAC;AAEb,oBAAY,sBAAsB;IAChC,UAAU,eAAe;IACzB,OAAO,YAAY;IACnB,WAAW,gBAAgB;IAC3B,eAAe,oBAAoB;IACnC,+FAA+F;IAC/F,WAAW,gBAAgB;IAC3B,kBAAkB,uBAAuB;IACzC,cAAc,mBAAmB;IACjC,eAAe,oBAAoB;IACnC,SAAS,cAAc;IACvB,kBAAkB,uBAAuB;IACzC,2FAA2F;IAC3F,mBAAmB,wBAAwB;IAC3C,QAAQ,aAAa;IACrB,MAAM,WAAW;CAClB;AAED,MAAM,MAAM,uBAAuB,GAC/B,4BAA4B,GAC5B,4BAA4B,GAC5B,2BAA2B,GAC3B,2BAA2B,GAC3B,UAAU,GACV,QAAQ,CAAC;AAEb,oBAAY,mBAAmB;IAC7B,0BAA0B,+BAA+B;IACzD,0BAA0B,+BAA+B;IACzD,yBAAyB,8BAA8B;IACvD,yBAAyB,8BAA8B;IACvD,QAAQ,aAAa;IACrB,MAAM,WAAW;CAClB"}
@@ -0,0 +1,132 @@
1
+ /**
2
+ * Recovery policy for aggregate beacon outputs.
3
+ *
4
+ * An aggregate beacon UTXO is a Taproot output whose key path is the cohort's
5
+ * n-of-n MuSig2 aggregate key. A key-path-only output can be spent only with a
6
+ * signature from every cohort member, so a single missing signer would lock the
7
+ * funds forever. To prevent that, the output commits to a script tree with two
8
+ * leaves:
9
+ * - a k-of-n fallback leaf (`p2tr_ms`, BIP-342 CHECKSIGADD): any k cohort members
10
+ * can still push the announcement through if some signers go missing, so the
11
+ * beacon stays live without waiting out the timelock.
12
+ * - a CSV recovery leaf: after a relative-timelock delay the funder can reclaim
13
+ * the UTXO unilaterally with its own recovery key, so funds are never
14
+ * permanently stranded even if fewer than k members remain.
15
+ *
16
+ * This module is the seam between the funding model and the concrete script
17
+ * leaves. Only `operator-funded` is implemented today (the k-of-n fallback leaf
18
+ * plus one CSV leaf keyed to the operator's recovery key). A future
19
+ * `participant-funded` model can be added as another case returning
20
+ * per-participant refund leaves, without touching the cohort, service, or
21
+ * signing code. See ADR 042.
22
+ */
23
+ /**
24
+ * Who funds the beacon UTXO and holds the recovery path.
25
+ * - `operator-funded`: the service operator funds the UTXO and holds a single
26
+ * CSV recovery key. Implemented.
27
+ * - `participant-funded`: reserved for per-participant funding with
28
+ * per-participant refund leaves. Not implemented.
29
+ */
30
+ export type FundingModel = 'operator-funded' | 'participant-funded';
31
+ /** Default funding model when an advert/config leaves it unspecified. */
32
+ export declare const DEFAULT_FUNDING_MODEL: FundingModel;
33
+ /**
34
+ * Default relative-timelock (in blocks) before operator recovery is spendable.
35
+ * About one day at 10-minute blocks. Operators set their own per-cohort value;
36
+ * this is only a convenience default for callers.
37
+ */
38
+ export declare const DEFAULT_RECOVERY_SEQUENCE = 144;
39
+ /**
40
+ * Maximum allowed `recoverySequence`, 0xffff (65535 blocks, about 455 days).
41
+ *
42
+ * The value is a BIP-68 block-based relative timelock and is placed directly in
43
+ * the spending input's nSequence. BIP-68 only uses the low 16 bits as the value
44
+ * when the type flag (bit 22) is clear, so constraining to [1, 0xffff] keeps the
45
+ * timelock block-based and, critically, leaves the disable flag (bit 31) clear.
46
+ * A value with bit 31 set would disable CHECKSEQUENCEVERIFY entirely, letting the
47
+ * recovery key spend with no delay; an upper bound of 0xffff makes that
48
+ * unrepresentable.
49
+ */
50
+ export declare const MAX_RECOVERY_SEQUENCE = 65535;
51
+ /** Inputs needed to build the CSV recovery leaf. */
52
+ export interface RecoveryPolicyParams {
53
+ /** Operator recovery key, x-only (32 bytes). Spends the recovery leaf via CHECKSIG. */
54
+ recoveryKey: Uint8Array;
55
+ /**
56
+ * Relative-timelock value (BIP-68 nSequence) the recovery spend must wait,
57
+ * encoded into the leaf as `<recoverySequence> CHECKSEQUENCEVERIFY`.
58
+ */
59
+ recoverySequence: number;
60
+ }
61
+ /** Inputs needed to build the k-of-n fallback leaf. */
62
+ export interface FallbackPolicyParams {
63
+ /**
64
+ * The cohort's participant public keys (compressed secp256k1, 33 bytes each).
65
+ * Sorted internally per BIP-327 and reduced to x-only so the leaf is
66
+ * deterministic regardless of the order keys are supplied in.
67
+ */
68
+ cohortKeys: Uint8Array[];
69
+ /**
70
+ * Number of signers (k) the fallback leaf requires, 1..n. This is the
71
+ * resolved threshold; callers that carry an advertised-or-default value should
72
+ * resolve it with {@link resolveFallbackThreshold} first.
73
+ */
74
+ fallbackThreshold: number;
75
+ }
76
+ /** All inputs the beacon output's script tree commits to (fallback leaf + recovery leaf). */
77
+ export interface BeaconLeafParams extends RecoveryPolicyParams, FallbackPolicyParams {
78
+ }
79
+ /** A single Taproot script-tree leaf, spent at the default tapscript leaf version (0xc0). */
80
+ export interface TaprootScriptLeaf {
81
+ script: Uint8Array;
82
+ }
83
+ /** BIP-341 default tapscript leaf version. */
84
+ export declare const TAPROOT_LEAF_VERSION = 192;
85
+ /**
86
+ * BIP-341 tapleaf hash: `taggedHash("TapLeaf", leafVersion || compactSize(len) || script)`.
87
+ * Used to key a script-path signature to its leaf when assembling the witness
88
+ * for a script-path spend (the fallback and recovery spend builders).
89
+ */
90
+ export declare function tapLeafHash(script: Uint8Array, leafVersion?: number): Uint8Array;
91
+ /**
92
+ * Resolve the effective fallback threshold k from an advertised value and the
93
+ * cohort size n. When unadvertised it defaults to n-1 (tolerate one missing or
94
+ * defecting signer, the cheapest useful fallback witness), floored at 1. Both
95
+ * the service and every participant resolve this identically so they derive the
96
+ * same beacon address.
97
+ */
98
+ export declare function resolveFallbackThreshold(advertised: number | undefined, n: number): number;
99
+ /**
100
+ * Build the k-of-n fallback leaf script: a BIP-342 `p2tr_ms` CHECKSIGADD
101
+ * multisig over the cohort's x-only keys. Any k members can spend this leaf to
102
+ * push the announcement through when the optimistic n-of-n key path stalls.
103
+ *
104
+ * The keys are sorted per BIP-327 (matching the MuSig2 internal-key ordering)
105
+ * and reduced to x-only, so the leaf is identical for every party that builds it.
106
+ */
107
+ export declare function buildFallbackLeaf(params: FallbackPolicyParams): Uint8Array;
108
+ /**
109
+ * Build the CSV recovery leaf script:
110
+ * `<recoverySequence> CHECKSEQUENCEVERIFY DROP <recoveryKey> CHECKSIG`.
111
+ *
112
+ * After `recoverySequence` blocks (relative to the UTXO's confirmation) the
113
+ * holder of `recoveryKey` can spend the output via the script path.
114
+ */
115
+ export declare function buildRecoveryScript(params: RecoveryPolicyParams): Uint8Array;
116
+ /**
117
+ * Build the Taproot script-tree leaves for a funding model. The returned leaves
118
+ * are the script tree the beacon output key commits to alongside the cohort's
119
+ * MuSig2 internal key.
120
+ *
121
+ * Canonical leaf order is fallback (k-of-n, leaf A) then CSV recovery (leaf B).
122
+ * For the current two-leaf tree the Merkle root is order-invariant (a TapBranch
123
+ * sorts its two child hashes), but fixing the order keeps the construction
124
+ * deterministic and reviewable, and is consensus-affecting should the tree ever
125
+ * grow past two leaves.
126
+ *
127
+ * @throws {AggregationCohortError} when the funding model is reserved (e.g.
128
+ * `participant-funded`) or unknown, or when the fallback/recovery params are
129
+ * invalid.
130
+ */
131
+ export declare function buildRecoveryLeaves(fundingModel: FundingModel, params: BeaconLeafParams): TaprootScriptLeaf[];
132
+ //# sourceMappingURL=recovery-policy.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"recovery-policy.d.ts","sourceRoot":"","sources":["../../src/recovery-policy.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;GAqBG;AAQH;;;;;;GAMG;AACH,MAAM,MAAM,YAAY,GAAG,iBAAiB,GAAG,oBAAoB,CAAC;AAEpE,yEAAyE;AACzE,eAAO,MAAM,qBAAqB,EAAE,YAAgC,CAAC;AAErE;;;;GAIG;AACH,eAAO,MAAM,yBAAyB,MAAM,CAAC;AAE7C;;;;;;;;;;GAUG;AACH,eAAO,MAAM,qBAAqB,QAAS,CAAC;AAE5C,oDAAoD;AACpD,MAAM,WAAW,oBAAoB;IACnC,uFAAuF;IACvF,WAAW,EAAE,UAAU,CAAC;IACxB;;;OAGG;IACH,gBAAgB,EAAE,MAAM,CAAC;CAC1B;AAED,uDAAuD;AACvD,MAAM,WAAW,oBAAoB;IACnC;;;;OAIG;IACH,UAAU,EAAE,UAAU,EAAE,CAAC;IACzB;;;;OAIG;IACH,iBAAiB,EAAE,MAAM,CAAC;CAC3B;AAED,6FAA6F;AAC7F,MAAM,WAAW,gBAAiB,SAAQ,oBAAoB,EAAE,oBAAoB;CAAG;AAEvF,6FAA6F;AAC7F,MAAM,WAAW,iBAAiB;IAChC,MAAM,EAAE,UAAU,CAAC;CACpB;AAED,8CAA8C;AAC9C,eAAO,MAAM,oBAAoB,MAAO,CAAC;AASzC;;;;GAIG;AACH,wBAAgB,WAAW,CAAC,MAAM,EAAE,UAAU,EAAE,WAAW,GAAE,MAA6B,GAAG,UAAU,CAKtG;AAED;;;;;;GAMG;AACH,wBAAgB,wBAAwB,CAAC,UAAU,EAAE,MAAM,GAAG,SAAS,EAAE,CAAC,EAAE,MAAM,GAAG,MAAM,CAE1F;AA0BD;;;;;;;GAOG;AACH,wBAAgB,iBAAiB,CAAC,MAAM,EAAE,oBAAoB,GAAG,UAAU,CAI1E;AAiBD;;;;;;GAMG;AACH,wBAAgB,mBAAmB,CAAC,MAAM,EAAE,oBAAoB,GAAG,UAAU,CAS5E;AAED;;;;;;;;;;;;;;GAcG;AACH,wBAAgB,mBAAmB,CACjC,YAAY,EAAE,YAAY,EAC1B,MAAM,EAAE,gBAAgB,GACvB,iBAAiB,EAAE,CAkBrB"}
@@ -0,0 +1,94 @@
1
+ /**
2
+ * Recovery spend builder for aggregate beacon outputs.
3
+ *
4
+ * An aggregate beacon UTXO is a Taproot output whose key path is the cohort's
5
+ * n-of-n MuSig2 aggregate key and whose script path carries a timelocked
6
+ * recovery leaf (see {@link ./recovery-policy.ts} and ADR 042). When the
7
+ * optimistic cooperative key-path spend cannot complete (a missing or defecting
8
+ * signer), the funder reclaims the UTXO via the recovery leaf after the
9
+ * relative-timelock delay.
10
+ *
11
+ * This module builds and signs that script-path spend. It is pure with respect
12
+ * to the network: it takes a UTXO reference plus the cohort and recovery
13
+ * parameters and returns a finalized {@link Transaction}; broadcasting and
14
+ * confirmation are the caller's concern. The recovery key path is a single
15
+ * BIP-340 Schnorr signature, so unlike the MuSig2 key path it can be driven by
16
+ * an opaque or HSM-backed signer.
17
+ *
18
+ * The relative timelock is enforced by consensus (BIP-68/112): the spend is only
19
+ * valid once the UTXO has `recoverySequence` confirmations, and the input's
20
+ * nSequence is set accordingly. The transaction version is 2 so BIP-68 applies.
21
+ */
22
+ import { Transaction } from '@scure/btc-signer';
23
+ import type { FundingModel } from './recovery-policy.js';
24
+ /** Reference to the beacon UTXO being recovered. */
25
+ export interface BeaconUtxoRef {
26
+ /** Transaction id (Esplora display-order hex), as returned by the REST UTXO endpoint. */
27
+ txid: string;
28
+ /** Output index within that transaction. */
29
+ vout: number;
30
+ /** Value of the beacon UTXO in satoshis. */
31
+ value: bigint;
32
+ }
33
+ /** Inputs to {@link buildRecoverySpend}. */
34
+ export interface RecoverySpendParams {
35
+ /**
36
+ * The cohort's participant public keys (compressed secp256k1). Sorted
37
+ * internally per BIP-327 so the reconstructed internal key matches the one the
38
+ * beacon address was derived from.
39
+ */
40
+ cohortKeys: Uint8Array[];
41
+ /** Operator recovery secret key (32 bytes). Its x-only public key must equal {@link recoveryKey}. */
42
+ recoverySecretKey: Uint8Array;
43
+ /** Operator recovery key, x-only (32 bytes), as committed in the recovery leaf. */
44
+ recoveryKey: Uint8Array;
45
+ /** Relative-timelock (BIP-68 nSequence) the recovery leaf enforces. */
46
+ recoverySequence: number;
47
+ /**
48
+ * The advertised k of the k-of-n fallback leaf the beacon output also commits
49
+ * to, or omit to use the same n-1 default the cohort applies. Resolved against
50
+ * `cohortKeys.length` exactly as the cohort does, so the reconstructed script
51
+ * tree and control block match the funded address.
52
+ */
53
+ fallbackThreshold?: number;
54
+ /** Funding model governing the recovery leaves. Defaults to 'operator-funded'. */
55
+ fundingModel?: FundingModel;
56
+ /** Bitcoin network name (bitcoin/mainnet, mutinynet, signet, testnet, regtest). */
57
+ network: string;
58
+ /**
59
+ * The beacon UTXO being recovered.
60
+ *
61
+ * Precondition: the on-chain output at this `txid:vout` MUST have been funded
62
+ * to the beacon address derived from these same `cohortKeys`, `recoveryKey`,
63
+ * `recoverySequence`, and `fundingModel`. If it was funded under different
64
+ * parameters the reconstructed `witnessUtxo.script` will not match the chain,
65
+ * the signature will be invalid, and the spend will be rejected. Pass
66
+ * {@link beaconAddress} to assert this reconstruction up front.
67
+ */
68
+ utxo: BeaconUtxoRef;
69
+ /** Address receiving the recovered funds. */
70
+ destinationAddress: string;
71
+ /** Absolute fee (satoshis) deducted from the recovered value. */
72
+ fee: bigint;
73
+ /**
74
+ * Optional: the cohort's funded beacon address. When provided, the builder
75
+ * asserts that the address it reconstructs from the cohort and recovery params
76
+ * equals it, catching a caller mismatch before producing an unspendable tx.
77
+ */
78
+ beaconAddress?: string;
79
+ }
80
+ /**
81
+ * Build and sign a script-path recovery spend of an aggregate beacon UTXO.
82
+ *
83
+ * Reconstructs the same Taproot output the cohort funded (MuSig2 internal key +
84
+ * recovery script tree), spends it through the recovery leaf with the operator's
85
+ * recovery key, and finalizes the witness (signature + leaf script + control
86
+ * block). The returned transaction is ready to broadcast once the UTXO has
87
+ * `recoverySequence` confirmations.
88
+ *
89
+ * @throws {AggregationCohortError} when the recovery secret key does not match
90
+ * the committed recovery key, when there are no cohort keys, or when the fee
91
+ * exceeds the UTXO value.
92
+ */
93
+ export declare function buildRecoverySpend(params: RecoverySpendParams): Transaction;
94
+ //# sourceMappingURL=recovery-spend.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"recovery-spend.d.ts","sourceRoot":"","sources":["../../src/recovery-spend.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;GAoBG;AAIH,OAAO,EAAQ,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAGtD,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AAGzD,oDAAoD;AACpD,MAAM,WAAW,aAAa;IAC5B,yFAAyF;IACzF,IAAI,EAAE,MAAM,CAAC;IACb,4CAA4C;IAC5C,IAAI,EAAE,MAAM,CAAC;IACb,4CAA4C;IAC5C,KAAK,EAAE,MAAM,CAAC;CACf;AAED,4CAA4C;AAC5C,MAAM,WAAW,mBAAmB;IAClC;;;;OAIG;IACH,UAAU,EAAE,UAAU,EAAE,CAAC;IACzB,qGAAqG;IACrG,iBAAiB,EAAE,UAAU,CAAC;IAC9B,mFAAmF;IACnF,WAAW,EAAE,UAAU,CAAC;IACxB,uEAAuE;IACvE,gBAAgB,EAAE,MAAM,CAAC;IACzB;;;;;OAKG;IACH,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,kFAAkF;IAClF,YAAY,CAAC,EAAE,YAAY,CAAC;IAC5B,mFAAmF;IACnF,OAAO,EAAE,MAAM,CAAC;IAChB;;;;;;;;;OASG;IACH,IAAI,EAAE,aAAa,CAAC;IACpB,6CAA6C;IAC7C,kBAAkB,EAAE,MAAM,CAAC;IAC3B,iEAAiE;IACjE,GAAG,EAAE,MAAM,CAAC;IACZ;;;;OAIG;IACH,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB;AAaD;;;;;;;;;;;;GAYG;AACH,wBAAgB,kBAAkB,CAAC,MAAM,EAAE,mBAAmB,GAAG,WAAW,CA+E3E"}
@@ -0,0 +1,72 @@
1
+ import type { SchnorrKeyPair } from '@did-btcr2/keypair';
2
+ import type { AggregationResult } from '../service.js';
3
+ import type { OnProvideUpdate } from './participant-runner.js';
4
+ import type { OnProvideTxData } from './service-runner.js';
5
+ import type { FeeEstimator } from '@did-btcr2/bitcoin';
6
+ /** Identity (DID + keys) for one actor in an {@link AggregationRunner.solo} run. */
7
+ export interface SoloActor {
8
+ did: string;
9
+ keys: SchnorrKeyPair;
10
+ }
11
+ /** Options for {@link AggregationRunner.solo}. */
12
+ export interface SoloCohortOptions {
13
+ /** The coordinating service identity. */
14
+ service: SoloActor;
15
+ /** The single participant identity (the lone signer of the cohort). */
16
+ participant: SoloActor;
17
+ /**
18
+ * Bitcoin network and beacon type (`'CASBeacon'` | `'SMTBeacon'`) for the
19
+ * cohort. Recovery params are optional here: in a solo run the service actor
20
+ * is the operator and holds full keys, so when `recoveryKey` is omitted the
21
+ * service's own x-only key is used as the CSV recovery key (it can actually
22
+ * perform the recovery), with {@link DEFAULT_RECOVERY_SEQUENCE} as the delay.
23
+ */
24
+ config: {
25
+ network: string;
26
+ beaconType: string;
27
+ /** Operator recovery key, x-only (64-hex). Defaults to the service actor's x-only key. */
28
+ recoveryKey?: string;
29
+ /** Relative-timelock (BIP-68) before recovery is spendable. Defaults to {@link DEFAULT_RECOVERY_SEQUENCE}. */
30
+ recoverySequence?: number;
31
+ };
32
+ /** Provide the participant's signed BTCR2 update for the cohort. */
33
+ onProvideUpdate: OnProvideUpdate;
34
+ /** Provide the Bitcoin transaction data the cohort signs. */
35
+ onProvideTxData: OnProvideTxData;
36
+ /**
37
+ * Fee estimator forwarded to {@link onProvideTxData} so the cohort transaction is
38
+ * sized at a chosen rate. Defaults to a static 5 sat/vB estimator (ADR 045).
39
+ */
40
+ feeEstimator?: FeeEstimator;
41
+ /** Optional overall wall-clock budget for the run (ms). */
42
+ cohortTtlMs?: number;
43
+ /** Optional per-phase stall timeout (ms). */
44
+ phaseTimeoutMs?: number;
45
+ }
46
+ /**
47
+ * High-level facades for driving an aggregation cohort to completion.
48
+ *
49
+ * @class AggregationRunner
50
+ */
51
+ export declare class AggregationRunner {
52
+ /**
53
+ * Run a cohort of ONE participant entirely in-process and return the
54
+ * aggregated MuSig2 result.
55
+ *
56
+ * One party plays both the coordinating service and the lone participant,
57
+ * connected over an {@link InMemoryTransport} (no relay or HTTP server). This
58
+ * makes the single-participant aggregate-beacon path (the N=1 corner of the
59
+ * two-axis beacon matrix, see ADR 037) first-class, useful for generating
60
+ * and reproducing single-participant aggregate test vectors.
61
+ *
62
+ * The service advertises a cohort with `minParticipants: 1`; the participant
63
+ * joins, submits its update, and the two complete keygen, data distribution,
64
+ * validation, and a one-signer MuSig2 P2TR key-path signing round.
65
+ *
66
+ * @param options Service + participant identities, cohort config, and the
67
+ * update / tx-data callbacks.
68
+ * @returns The {@link AggregationResult} (cohort id, aggregated signature, signed tx).
69
+ */
70
+ static solo(options: SoloCohortOptions): Promise<AggregationResult>;
71
+ }
72
+ //# sourceMappingURL=aggregation-runner.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"aggregation-runner.d.ts","sourceRoot":"","sources":["../../../src/runner/aggregation-runner.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;AAGzD,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,eAAe,CAAC;AAGvD,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,yBAAyB,CAAC;AAE/D,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAC;AAC3D,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAEvD,oFAAoF;AACpF,MAAM,WAAW,SAAS;IACxB,GAAG,EAAE,MAAM,CAAC;IACZ,IAAI,EAAE,cAAc,CAAC;CACtB;AAED,kDAAkD;AAClD,MAAM,WAAW,iBAAiB;IAChC,yCAAyC;IACzC,OAAO,EAAE,SAAS,CAAC;IACnB,uEAAuE;IACvE,WAAW,EAAE,SAAS,CAAC;IACvB;;;;;;OAMG;IACH,MAAM,EAAE;QACN,OAAO,EAAE,MAAM,CAAC;QAChB,UAAU,EAAE,MAAM,CAAC;QACnB,0FAA0F;QAC1F,WAAW,CAAC,EAAE,MAAM,CAAC;QACrB,8GAA8G;QAC9G,gBAAgB,CAAC,EAAE,MAAM,CAAC;KAC3B,CAAC;IACF,oEAAoE;IACpE,eAAe,EAAE,eAAe,CAAC;IACjC,6DAA6D;IAC7D,eAAe,EAAE,eAAe,CAAC;IACjC;;;OAGG;IACH,YAAY,CAAC,EAAE,YAAY,CAAC;IAC5B,2DAA2D;IAC3D,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,6CAA6C;IAC7C,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB;AAED;;;;GAIG;AACH,qBAAa,iBAAiB;IAC5B;;;;;;;;;;;;;;;;;OAiBG;WACU,IAAI,CAAC,OAAO,EAAE,iBAAiB,GAAG,OAAO,CAAC,iBAAiB,CAAC;CA+C1E"}
@@ -0,0 +1,147 @@
1
+ import type { SerializedSMTProof } from '@did-btcr2/smt';
2
+ import type { CohortAdvert, PendingFallbackRequest, PendingSigningRequest, PendingValidation } from '../participant.js';
3
+ import type { AggregationResult, PendingOptIn, Rejection } from '../service.js';
4
+ /**
5
+ * Sidecar data a participant keeps when a cohort completes from its
6
+ * perspective: the cohort's beacon coordinates plus the off-chain artifact it
7
+ * needs for future DID resolution (the CAS Announcement map for CAS beacons, or
8
+ * the SMT inclusion proof for SMT beacons). Emitted via `cohort-complete` and
9
+ * returned by the participant runner's join helpers.
10
+ */
11
+ export interface CohortCompleteInfo {
12
+ cohortId: string;
13
+ beaconAddress: string;
14
+ beaconType: string;
15
+ /** True if this participant submitted an update; false if it declined (non-inclusion). */
16
+ included: boolean;
17
+ /** DID to base64url update hash. Populated only for CAS beacons. */
18
+ casAnnouncement?: Record<string, string>;
19
+ /** Inclusion proof (submitter) or non-inclusion proof (decliner) for this slot. Populated only for SMT beacons. */
20
+ smtProof?: SerializedSMTProof;
21
+ }
22
+ /**
23
+ * AggregationServiceRunner events are emitted by the AggregationServiceRunner to signal important
24
+ * milestones and actions during the aggregation process. They can be listened to by external code
25
+ * to react to these events, such as logging, updating a UI, or triggering additional actions.
26
+ */
27
+ export type AggregationServiceEvents = {
28
+ /** A cohort has been created and the advert message broadcast. */
29
+ 'cohort-advertised': [{
30
+ cohortId: string;
31
+ }];
32
+ /** A participant has opted in. Fires before the accept decision callback. */
33
+ 'opt-in-received': [PendingOptIn];
34
+ /** A participant has been accepted into the cohort. */
35
+ 'participant-accepted': [{
36
+ cohortId: string;
37
+ participantDid: string;
38
+ }];
39
+ /** Keygen has been finalized: beacon address is now available. */
40
+ 'keygen-complete': [{
41
+ cohortId: string;
42
+ beaconAddress: string;
43
+ }];
44
+ /** A participant has submitted a signed update. */
45
+ 'update-received': [{
46
+ cohortId: string;
47
+ participantDid: string;
48
+ }];
49
+ /**
50
+ * An inbound message was silently dropped by the state machine (bad proof,
51
+ * oversized payload, wrong wire version, etc.). Fires for *any* rejection,
52
+ * not just SUBMIT_UPDATE.
53
+ */
54
+ 'message-rejected': [Rejection & {
55
+ cohortId: string;
56
+ }];
57
+ /** Aggregated data has been distributed to all participants for validation. */
58
+ 'data-distributed': [{
59
+ cohortId: string;
60
+ }];
61
+ /** A participant has acknowledged validation (approved or rejected). */
62
+ 'validation-received': [{
63
+ cohortId: string;
64
+ participantDid: string;
65
+ approved: boolean;
66
+ }];
67
+ /** Signing has started: auth requests sent to participants. */
68
+ 'signing-started': [{
69
+ cohortId: string;
70
+ sessionId: string;
71
+ }];
72
+ /**
73
+ * The optimistic n-of-n key path was abandoned and the k-of-n fallback
74
+ * (script-path) signing round started (ADR 042). After this, the cohort
75
+ * completes via the fallback once k members sign.
76
+ */
77
+ 'fallback-started': [{
78
+ cohortId: string;
79
+ sessionId: string;
80
+ }];
81
+ /** A participant has contributed their MuSig2 nonce. */
82
+ 'nonce-received': [{
83
+ cohortId: string;
84
+ participantDid: string;
85
+ }];
86
+ /** Signing complete: final aggregated signature is ready to broadcast. */
87
+ 'signing-complete': [AggregationResult];
88
+ /** Cohort transitioned to Failed phase (e.g. a participant rejected validation). */
89
+ 'cohort-failed': [{
90
+ cohortId: string;
91
+ reason: string;
92
+ }];
93
+ /** A non-fatal error occurred. Fatal errors reject the run() promise. */
94
+ 'error': [Error];
95
+ };
96
+ /**
97
+ * AggregationParticipantRunner events are emitted by the AggregationParticipantRunner to signal
98
+ * important milestones and actions during the participant's involvement in the aggregation process.
99
+ * They can be listened to by external code to react to these events, such as logging, updating a
100
+ * UI, or triggering additional actions.
101
+ */
102
+ export type AggregationParticipantEvents = {
103
+ /** A new cohort advert was discovered. Fires before the shouldJoin filter. */
104
+ 'cohort-discovered': [CohortAdvert];
105
+ /** Participant has opted in to a cohort. */
106
+ 'cohort-joined': [{
107
+ cohortId: string;
108
+ }];
109
+ /** Cohort keygen is complete: beacon address is now available. */
110
+ 'cohort-ready': [{
111
+ cohortId: string;
112
+ beaconAddress: string;
113
+ }];
114
+ /** Participant has submitted their signed update. */
115
+ 'update-submitted': [{
116
+ cohortId: string;
117
+ }];
118
+ /** Participant declined to submit an update this round (cooperative non-inclusion). */
119
+ 'update-declined': [{
120
+ cohortId: string;
121
+ }];
122
+ /** Aggregated data has arrived for validation. Fires before the validate callback. */
123
+ 'validation-requested': [PendingValidation];
124
+ /** Signing request has arrived. Fires before the sign approval callback. */
125
+ 'signing-requested': [PendingSigningRequest];
126
+ /**
127
+ * A fallback (k-of-n script-path) signing request has arrived because the
128
+ * service abandoned the optimistic key path (ADR 042). Fires before the sign
129
+ * approval callback; approving signs the fallback spend.
130
+ */
131
+ 'fallback-requested': [PendingFallbackRequest];
132
+ /**
133
+ * Cohort signing is complete from this participant's perspective.
134
+ * Includes the aggregated sidecar data the participant needs to keep for
135
+ * future DID resolution: the CAS Announcement map (for CAS beacons) or the
136
+ * SMT inclusion proof (for SMT beacons).
137
+ */
138
+ 'cohort-complete': [CohortCompleteInfo];
139
+ /** Cohort failed (rejected validation, signing error, etc.). */
140
+ 'cohort-failed': [{
141
+ cohortId: string;
142
+ reason: string;
143
+ }];
144
+ /** A non-fatal error occurred. */
145
+ 'error': [Error];
146
+ };
147
+ //# sourceMappingURL=events.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"events.d.ts","sourceRoot":"","sources":["../../../src/runner/events.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,gBAAgB,CAAC;AACzD,OAAO,KAAK,EAAE,YAAY,EAAE,sBAAsB,EAAE,qBAAqB,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAC;AACxH,OAAO,KAAK,EAAE,iBAAiB,EAAE,YAAY,EAAE,SAAS,EAAE,MAAM,eAAe,CAAC;AAEhF;;;;;;GAMG;AACH,MAAM,WAAW,kBAAkB;IACjC,QAAQ,EAAE,MAAM,CAAC;IACjB,aAAa,EAAE,MAAM,CAAC;IACtB,UAAU,EAAE,MAAM,CAAC;IACnB,0FAA0F;IAC1F,QAAQ,EAAE,OAAO,CAAC;IAClB,oEAAoE;IACpE,eAAe,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACzC,mHAAmH;IACnH,QAAQ,CAAC,EAAE,kBAAkB,CAAC;CAC/B;AAED;;;;GAIG;AACH,MAAM,MAAM,wBAAwB,GAAG;IACrC,kEAAkE;IAClE,mBAAmB,EAAE,CAAC;QAAE,QAAQ,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAE5C,6EAA6E;IAC7E,iBAAiB,EAAE,CAAC,YAAY,CAAC,CAAC;IAElC,uDAAuD;IACvD,sBAAsB,EAAE,CAAC;QAAE,QAAQ,EAAE,MAAM,CAAC;QAAC,cAAc,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAEvE,kEAAkE;IAClE,iBAAiB,EAAE,CAAC;QAAE,QAAQ,EAAE,MAAM,CAAC;QAAC,aAAa,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAEjE,mDAAmD;IACnD,iBAAiB,EAAE,CAAC;QAAE,QAAQ,EAAE,MAAM,CAAC;QAAC,cAAc,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAElE;;;;OAIG;IACH,kBAAkB,EAAE,CAAC,SAAS,GAAG;QAAE,QAAQ,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAEvD,+EAA+E;IAC/E,kBAAkB,EAAE,CAAC;QAAE,QAAQ,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAE3C,wEAAwE;IACxE,qBAAqB,EAAE,CAAC;QAAE,QAAQ,EAAE,MAAM,CAAC;QAAC,cAAc,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,OAAO,CAAA;KAAE,CAAC,CAAC;IAEzF,+DAA+D;IAC/D,iBAAiB,EAAE,CAAC;QAAE,QAAQ,EAAE,MAAM,CAAC;QAAC,SAAS,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAE7D;;;;OAIG;IACH,kBAAkB,EAAE,CAAC;QAAE,QAAQ,EAAE,MAAM,CAAC;QAAC,SAAS,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAE9D,wDAAwD;IACxD,gBAAgB,EAAE,CAAC;QAAE,QAAQ,EAAE,MAAM,CAAC;QAAC,cAAc,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAEjE,0EAA0E;IAC1E,kBAAkB,EAAE,CAAC,iBAAiB,CAAC,CAAC;IAExC,oFAAoF;IACpF,eAAe,EAAE,CAAC;QAAE,QAAQ,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAExD,yEAAyE;IACzE,OAAO,EAAE,CAAC,KAAK,CAAC,CAAC;CAClB,CAAC;AAEF;;;;;GAKG;AACH,MAAM,MAAM,4BAA4B,GAAG;IACzC,8EAA8E;IAC9E,mBAAmB,EAAE,CAAC,YAAY,CAAC,CAAC;IAEpC,4CAA4C;IAC5C,eAAe,EAAE,CAAC;QAAE,QAAQ,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAExC,kEAAkE;IAClE,cAAc,EAAE,CAAC;QAAE,QAAQ,EAAE,MAAM,CAAC;QAAC,aAAa,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAE9D,qDAAqD;IACrD,kBAAkB,EAAE,CAAC;QAAE,QAAQ,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAE3C,uFAAuF;IACvF,iBAAiB,EAAE,CAAC;QAAE,QAAQ,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAE1C,sFAAsF;IACtF,sBAAsB,EAAE,CAAC,iBAAiB,CAAC,CAAC;IAE5C,4EAA4E;IAC5E,mBAAmB,EAAE,CAAC,qBAAqB,CAAC,CAAC;IAE7C;;;;OAIG;IACH,oBAAoB,EAAE,CAAC,sBAAsB,CAAC,CAAC;IAE/C;;;;;OAKG;IACH,iBAAiB,EAAE,CAAC,kBAAkB,CAAC,CAAC;IAExC,gEAAgE;IAChE,eAAe,EAAE,CAAC;QAAE,QAAQ,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAExD,kCAAkC;IAClC,OAAO,EAAE,CAAC,KAAK,CAAC,CAAC;CAClB,CAAC"}
@@ -0,0 +1,6 @@
1
+ export * from './typed-emitter.js';
2
+ export * from './events.js';
3
+ export * from './service-runner.js';
4
+ export * from './participant-runner.js';
5
+ export * from './aggregation-runner.js';
6
+ //# sourceMappingURL=index.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/runner/index.ts"],"names":[],"mappings":"AAAA,cAAc,oBAAoB,CAAC;AACnC,cAAc,aAAa,CAAC;AAC5B,cAAc,qBAAqB,CAAC;AACpC,cAAc,yBAAyB,CAAC;AACxC,cAAc,yBAAyB,CAAC"}
@@ -0,0 +1,122 @@
1
+ import type { SignedBTCR2Update } from '@did-btcr2/cryptosuite';
2
+ import type { SchnorrKeyPair } from '@did-btcr2/keypair';
3
+ import type { CohortAdvert, PendingSigningRequest, PendingValidation } from '../participant.js';
4
+ import { AggregationParticipant } from '../participant.js';
5
+ import type { Transport } from '../transport/transport.js';
6
+ import type { AggregationParticipantEvents, CohortCompleteInfo } from './events.js';
7
+ import { TypedEventEmitter } from './typed-emitter.js';
8
+ /** Decision callback: filter discovered cohorts. Default rejects all. */
9
+ export type ShouldJoin = (advert: CohortAdvert) => Promise<boolean>;
10
+ /** Data callback: provide a signed BTCR2 update for a joined cohort. */
11
+ export type OnProvideUpdate = (info: {
12
+ cohortId: string;
13
+ beaconAddress: string;
14
+ }) => Promise<SignedBTCR2Update | null>;
15
+ /** Decision callback: approve or reject aggregated data. */
16
+ export type OnValidateData = (info: PendingValidation) => Promise<{
17
+ approved: boolean;
18
+ }>;
19
+ /** Decision callback: approve or reject signing. */
20
+ export type OnApproveSigning = (info: PendingSigningRequest) => Promise<{
21
+ approved: boolean;
22
+ }>;
23
+ export interface AggregationParticipantRunnerOptions {
24
+ /** Underlying transport. */
25
+ transport: Transport;
26
+ /** Participant identity. */
27
+ did: string;
28
+ keys: SchnorrKeyPair;
29
+ /**
30
+ * Filter discovered cohorts. Returns true to join, false to skip.
31
+ * Default: rejects all cohorts (caller MUST override or no cohorts will be joined).
32
+ */
33
+ shouldJoin?: ShouldJoin;
34
+ /**
35
+ * Provide a signed BTCR2 update for the cohort.
36
+ * REQUIRED - no sensible default.
37
+ */
38
+ onProvideUpdate: OnProvideUpdate;
39
+ /**
40
+ * Approve or reject aggregated data.
41
+ * Default: approve if validation matches the submitted update's hash.
42
+ */
43
+ onValidateData?: OnValidateData;
44
+ /**
45
+ * Approve or reject the signing request.
46
+ * Default: approve.
47
+ */
48
+ onApproveSigning?: OnApproveSigning;
49
+ }
50
+ /**
51
+ * High-level facade for an Aggregation Participant.
52
+ *
53
+ * Long-running listener: waits for cohort adverts, applies the `shouldJoin`
54
+ * filter, and drives each accepted cohort through the full protocol to
55
+ * completion in parallel.
56
+ *
57
+ * @example
58
+ * ```typescript
59
+ * const transport = new NostrTransport({ relays: [RELAY] });
60
+ * transport.registerActor(myDid, myKeys);
61
+ *
62
+ * const runner = new AggregationParticipantRunner({
63
+ * transport,
64
+ * did: myDid,
65
+ * keys: myKeys,
66
+ * shouldJoin: async (advert) => advert.beaconType === 'CASBeacon',
67
+ * onProvideUpdate: async ({ beaconAddress }) => {
68
+ * return Updater.sign(myDid, unsigned, vm, secretKey);
69
+ * },
70
+ * });
71
+ *
72
+ * runner.on('cohort-complete', ({ beaconAddress }) => {
73
+ * console.log(`Add to DID document: bitcoin:${beaconAddress}`);
74
+ * });
75
+ *
76
+ * await runner.start();
77
+ * ```
78
+ *
79
+ * For full manual control, drop down to the underlying state machine via
80
+ * `runner.session`. The state machine has no transport coupling and exposes
81
+ * every protocol decision as an explicit method.
82
+ *
83
+ * @class AggregationParticipantRunner
84
+ * @extends TypedEventEmitter<AggregationParticipantEvents>
85
+ */
86
+ export declare class AggregationParticipantRunner extends TypedEventEmitter<AggregationParticipantEvents> {
87
+ #private;
88
+ /** Direct access to the underlying state machine for advanced use. */
89
+ readonly session: AggregationParticipant;
90
+ constructor(options: AggregationParticipantRunnerOptions);
91
+ /**
92
+ * Start listening for cohorts. The runner stays active until {@link stop}
93
+ * is called or the underlying transport disconnects.
94
+ */
95
+ start(): Promise<void>;
96
+ /** Stop the runner and detach transport handlers. Safe to call repeatedly. */
97
+ stop(): void;
98
+ /**
99
+ * Single-shot helper: start, join the first cohort that passes `shouldJoin`,
100
+ * drive it to completion, and resolve. Convenient for tests and demos. The
101
+ * single-cohort special case of {@link joinMatching} (count = 1).
102
+ */
103
+ static joinFirst(options: AggregationParticipantRunnerOptions): Promise<CohortCompleteInfo>;
104
+ /**
105
+ * Multi-cohort helper: start, join EVERY cohort whose advert passes
106
+ * `shouldJoin`, drive each to completion in parallel, and resolve once
107
+ * `count` cohorts have completed (the runner stops at that point). The
108
+ * N-cohort generalization of {@link joinFirst}, for a participant that joins
109
+ * several cohorts advertised by one service.
110
+ *
111
+ * For an open-ended, long-lived subscriber (no fixed count), construct an
112
+ * {@link AggregationParticipantRunner} directly, set `shouldJoin`, call
113
+ * `start()`, and listen for `cohort-complete` - the runner already drives
114
+ * any number of cohorts concurrently.
115
+ *
116
+ * @param options Participant runner options (set `shouldJoin` to select cohorts).
117
+ * @param count Number of completed cohorts to collect before resolving.
118
+ * @returns The {@link CohortCompleteInfo} for each completed cohort, in completion order.
119
+ */
120
+ static joinMatching(options: AggregationParticipantRunnerOptions, count: number): Promise<CohortCompleteInfo[]>;
121
+ }
122
+ //# sourceMappingURL=participant-runner.d.ts.map