@distilled.cloud/coinbase 0.0.0 → 0.2.5-alpha2

package/lib/category.d.ts

@@ -0,0 +1,5 @@
+/**
+ * Re-export the shared category system from sdk-core.
+ */
+export * from "@distilled.cloud/core/category";
+//# sourceMappingURL=category.d.ts.map

package/lib/category.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"category.d.ts","sourceRoot":"","sources":["../src/category.ts"],"names":[],"mappings":"AAAA;;GAEG;AACH,cAAc,gCAAgC,CAAC"}

package/lib/category.js

@@ -0,0 +1,5 @@
+/**
+ * Re-export the shared category system from sdk-core.
+ */
+export * from "@distilled.cloud/core/category";
+//# sourceMappingURL=category.js.map

package/lib/category.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"category.js","sourceRoot":"","sources":["../src/category.ts"],"names":[],"mappings":"AAAA;;GAEG;AACH,cAAc,gCAAgC,CAAC"}

package/lib/client.d.ts

@@ -0,0 +1,45 @@
+/**
+ * Coinbase CDP API Client.
+ *
+ * Wraps the shared REST client from sdk-core with Coinbase CDP-specific
+ * error matching, JWT authentication, and credential handling.
+ *
+ * ## Authentication
+ *
+ * The Coinbase CDP API uses JWT bearer tokens for authentication. The JWT is
+ * signed using your CDP API Key Secret (ES256 or Ed25519) and includes:
+ *
+ * - `sub`: Your CDP API Key ID
+ * - `iss`: "cdp"
+ * - `exp`: Current time + 120 seconds
+ *
+ * Some sensitive wallet operations additionally require an `X-Wallet-Auth`
+ * header signed with your Wallet Secret.
+ *
+ * ## Error Handling
+ *
+ * Coinbase CDP errors have the shape:
+ * ```json
+ * {
+ *   "errorType": "invalid_request",
+ *   "errorMessage": "Invalid request.",
+ *   "correlationId": "41deb8d59a9dc9a7-IAD",
+ *   "errorLink": "https://docs.cdp.coinbase.com/api-reference/v2/errors#invalid-request"
+ * }
+ * ```
+ *
+ * Errors are dispatched first by `errorType`, then by HTTP status code.
+ */
+import * as Effect from "effect/Effect";
+import * as Schema from "effect/Schema";
+export { UnknownCoinbaseError } from "./errors.ts";
+/**
+ * Coinbase CDP API client.
+ *
+ * Uses JWT bearer token authentication signed with your CDP API Key Secret.
+ */
+export declare const API: {
+    make: <I extends Schema.Top, O extends Schema.Top, const E extends readonly import("@distilled.cloud/core/client").ApiErrorClass[] = readonly []>(configFn: () => import("@distilled.cloud/core/client").OperationConfig<I, O, E>) => any;
+    makePaginated: <I extends Schema.Top, O extends Schema.Top, const E extends readonly import("@distilled.cloud/core/client").ApiErrorClass[] = readonly []>(configFn: () => import("@distilled.cloud/core/client").PaginatedOperationConfig<I, O, E>, paginateFn?: ((baseFn: (input: any) => Effect.Effect<any, any, any>, input: any, pagination: import("@distilled.cloud/core/pagination").PaginatedTrait) => import("effect/Stream").Stream<any, any, any>) | undefined) => any;
+};
+//# sourceMappingURL=client.d.ts.map

package/lib/client.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"client.d.ts","sourceRoot":"","sources":["../src/client.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA+BG;AACH,OAAO,KAAK,MAAM,MAAM,eAAe,CAAC;AACxC,OAAO,KAAK,MAAM,MAAM,eAAe,CAAC;AAexC,OAAO,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAC;AAgOnD;;;;GAIG;AACH,eAAO,MAAM,GAAG;;;CAYd,CAAC"}

package/lib/client.js

@@ -0,0 +1,244 @@
+/**
+ * Coinbase CDP API Client.
+ *
+ * Wraps the shared REST client from sdk-core with Coinbase CDP-specific
+ * error matching, JWT authentication, and credential handling.
+ *
+ * ## Authentication
+ *
+ * The Coinbase CDP API uses JWT bearer tokens for authentication. The JWT is
+ * signed using your CDP API Key Secret (ES256 or Ed25519) and includes:
+ *
+ * - `sub`: Your CDP API Key ID
+ * - `iss`: "cdp"
+ * - `exp`: Current time + 120 seconds
+ *
+ * Some sensitive wallet operations additionally require an `X-Wallet-Auth`
+ * header signed with your Wallet Secret.
+ *
+ * ## Error Handling
+ *
+ * Coinbase CDP errors have the shape:
+ * ```json
+ * {
+ *   "errorType": "invalid_request",
+ *   "errorMessage": "Invalid request.",
+ *   "correlationId": "41deb8d59a9dc9a7-IAD",
+ *   "errorLink": "https://docs.cdp.coinbase.com/api-reference/v2/errors#invalid-request"
+ * }
+ * ```
+ *
+ * Errors are dispatched first by `errorType`, then by HTTP status code.
+ */
+import * as Effect from "effect/Effect";
+import * as Schema from "effect/Schema";
+import * as crypto from "node:crypto";
+import { makeAPI } from "@distilled.cloud/core/client";
+import { HTTP_STATUS_MAP, COINBASE_HTTP_STATUS_MAP, ERROR_TYPE_MAP, STANDARD_ERROR_TYPE_MAP, UnknownCoinbaseError, CoinbaseParseError, } from "./errors.js";
+import { Credentials } from "./credentials.js";
+// Re-export for convenience
+export { UnknownCoinbaseError } from "./errors.js";
+// ============================================================================
+// JWT generation for Coinbase CDP API authentication
+// ============================================================================
+/**
+ * Base64url-encode a buffer.
+ */
+const base64url = (buf) => Buffer.from(buf)
+    .toString("base64")
+    .replace(/\+/g, "-")
+    .replace(/\//g, "_")
+    .replace(/=+$/, "");
+/**
+ * Generate a random hex nonce.
+ */
+const randomNonce = () => crypto.randomBytes(16).toString("hex");
+/**
+ * Detect key type and return the appropriate signing algorithm and key object.
+ */
+const resolveSigningKey = (apiKeySecret) => {
+    // Try EC (ES256) first — PEM format
+    if (apiKeySecret.includes("-----BEGIN")) {
+        return {
+            algorithm: "ES256",
+            jwsAlg: "ES256",
+            key: crypto.createPrivateKey(apiKeySecret),
+        };
+    }
+    // Ed25519 — base64 encoded 64-byte key (32 seed + 32 public)
+    const keyBytes = Buffer.from(apiKeySecret, "base64");
+    if (keyBytes.length === 64) {
+        // Extract the 32-byte seed (private key)
+        const seed = keyBytes.subarray(0, 32);
+        // Import as Ed25519 private key using PKCS8 DER wrapping
+        // Ed25519 PKCS8 prefix: 302e020100300506032b657004220420
+        const pkcs8Prefix = Buffer.from("302e020100300506032b657004220420", "hex");
+        const pkcs8Der = Buffer.concat([pkcs8Prefix, seed]);
+        return {
+            algorithm: "EdDSA",
+            jwsAlg: "EdDSA",
+            key: crypto.createPrivateKey({
+                key: pkcs8Der,
+                format: "der",
+                type: "pkcs8",
+            }),
+        };
+    }
+    throw new Error("Unsupported CDP API Key Secret format. Expected EC PEM or Ed25519 base64.");
+};
+/**
+ * Generate a JWT bearer token for Coinbase CDP API authentication.
+ *
+ * The JWT includes:
+ * - header: { alg, kid, typ: "JWT", nonce }
+ * - payload: { sub, iss: "cdp", iat, nbf, exp }
+ */
+const generateJwt = (apiKeyId, apiKeySecret) => {
+    const { jwsAlg, key } = resolveSigningKey(apiKeySecret);
+    const now = Math.floor(Date.now() / 1000);
+    const header = {
+        alg: jwsAlg,
+        kid: apiKeyId,
+        typ: "JWT",
+        nonce: randomNonce(),
+    };
+    const payload = {
+        sub: apiKeyId,
+        iss: "cdp",
+        iat: now,
+        nbf: now,
+        exp: now + 120,
+    };
+    const headerB64 = base64url(Buffer.from(JSON.stringify(header)));
+    const payloadB64 = base64url(Buffer.from(JSON.stringify(payload)));
+    const signingInput = `${headerB64}.${payloadB64}`;
+    let signature;
+    if (jwsAlg === "ES256") {
+        // ES256 uses SHA-256 with ECDSA, needs IEEE P1363 format (not DER)
+        const sign = crypto.createSign("SHA256");
+        sign.update(signingInput);
+        const derSig = sign.sign(key);
+        // Convert DER signature to IEEE P1363 (raw r||s) format
+        signature = derToP1363(derSig, 32);
+    }
+    else {
+        // EdDSA (Ed25519) uses sign directly
+        signature = Buffer.from(crypto.sign(null, Buffer.from(signingInput), key));
+    }
+    return `${signingInput}.${base64url(signature)}`;
+};
+/**
+ * Convert a DER-encoded ECDSA signature to IEEE P1363 (raw r||s) format.
+ * JWS requires P1363 format for ES256.
+ */
+const derToP1363 = (derSig, componentLength) => {
+    // DER format: 30 <len> 02 <rLen> <r> 02 <sLen> <s>
+    let offset = 2; // skip 30 <len>
+    if (derSig[1] & 0x80)
+        offset += derSig[1] & 0x7f;
+    // Read r
+    offset++; // skip 02
+    const rLen = derSig[offset++];
+    const r = derSig.subarray(offset, offset + rLen);
+    offset += rLen;
+    // Read s
+    offset++; // skip 02
+    const sLen = derSig[offset++];
+    const s = derSig.subarray(offset, offset + sLen);
+    // Pad or trim to componentLength
+    const result = Buffer.alloc(componentLength * 2);
+    const rPadded = r.length > componentLength ? r.subarray(r.length - componentLength) : r;
+    const sPadded = s.length > componentLength ? s.subarray(s.length - componentLength) : s;
+    rPadded.copy(result, componentLength - rPadded.length);
+    sPadded.copy(result, componentLength * 2 - sPadded.length);
+    return result;
+};
+// ============================================================================
+// Error response parsing
+// ============================================================================
+/**
+ * Coinbase CDP API Error Response Schema.
+ *
+ * All Coinbase CDP errors have the same envelope:
+ * { errorType, errorMessage, correlationId?, errorLink? }
+ */
+const CoinbaseErrorResponse = Schema.Struct({
+    errorType: Schema.String,
+    errorMessage: Schema.String,
+    correlationId: Schema.optional(Schema.String),
+    errorLink: Schema.optional(Schema.String),
+});
+/**
+ * Match a Coinbase CDP API error response to the appropriate typed error class.
+ *
+ * Dispatches errors by:
+ * 1. The `errorType` field for Coinbase-specific errors (e.g., "already_exists", "policy_violation")
+ * 2. The `errorType` field for standard errors mapped to core classes (e.g., "not_found" → NotFound)
+ * 3. Standard HTTP status codes mapped from core (400, 401, 403, 404, etc.)
+ * 4. Coinbase-specific HTTP status codes (402)
+ * 5. Falls back to UnknownCoinbaseError for unrecognized errors
+ */
+const matchError = (status, errorBody) => {
+    try {
+        const parsed = Schema.decodeUnknownSync(CoinbaseErrorResponse)(errorBody);
+        const errorProps = {
+            errorType: parsed.errorType,
+            errorMessage: parsed.errorMessage,
+            correlationId: parsed.correlationId,
+            errorLink: parsed.errorLink,
+        };
+        // 1. Match by Coinbase-specific error type first
+        const TypedErrorClass = ERROR_TYPE_MAP[parsed.errorType];
+        if (TypedErrorClass) {
+            return Effect.fail(new TypedErrorClass(errorProps));
+        }
+        // 2. Match standard error types to core HTTP error classes
+        // Maps error types like "not_found", "forbidden", "unauthorized", "invalid_request",
+        // "rate_limit_exceeded", "internal_server_error", "bad_gateway", "service_unavailable"
+        // to their corresponding core HTTP error classes.
+        const StandardErrorClass = STANDARD_ERROR_TYPE_MAP[parsed.errorType];
+        if (StandardErrorClass) {
+            return Effect.fail(new StandardErrorClass({ message: parsed.errorMessage ?? "" }));
+        }
+        // 3. Fall back to HTTP status code mapping from core
+        const CoreErrorClass = HTTP_STATUS_MAP[status];
+        if (CoreErrorClass) {
+            return Effect.fail(new CoreErrorClass({ message: parsed.errorMessage ?? "" }));
+        }
+        // 4. Coinbase-specific HTTP status codes (402)
+        const CoinbaseErrorClass = COINBASE_HTTP_STATUS_MAP[status];
+        if (CoinbaseErrorClass) {
+            return Effect.fail(new CoinbaseErrorClass(errorProps));
+        }
+        // 5. Fall back to unknown error
+        return Effect.fail(new UnknownCoinbaseError({
+            ...errorProps,
+            body: errorBody,
+        }));
+    }
+    catch {
+        return Effect.fail(new UnknownCoinbaseError({ body: errorBody }));
+    }
+};
+// ============================================================================
+// API client factory
+// ============================================================================
+/**
+ * Coinbase CDP API client.
+ *
+ * Uses JWT bearer token authentication signed with your CDP API Key Secret.
+ */
+export const API = makeAPI({
+    credentials: Credentials,
+    getBaseUrl: (creds) => creds.apiBaseUrl,
+    getAuthHeaders: (creds) => {
+        const c = creds;
+        const jwt = generateJwt(c.apiKeyId, c.apiKeySecret);
+        return {
+            Authorization: `Bearer ${jwt}`,
+        };
+    },
+    matchError,
+    ParseError: CoinbaseParseError,
+});
+//# sourceMappingURL=client.js.map

package/lib/client.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"client.js","sourceRoot":"","sources":["../src/client.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA+BG;AACH,OAAO,KAAK,MAAM,MAAM,eAAe,CAAC;AACxC,OAAO,KAAK,MAAM,MAAM,eAAe,CAAC;AACxC,OAAO,KAAK,MAAM,MAAM,aAAa,CAAC;AACtC,OAAO,EAAE,OAAO,EAAE,MAAM,8BAA8B,CAAC;AACvD,OAAO,EACL,eAAe,EACf,wBAAwB,EACxB,cAAc,EACd,uBAAuB,EACvB,oBAAoB,EACpB,kBAAkB,GACnB,MAAM,aAAa,CAAC;AAErB,OAAO,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAE/C,4BAA4B;AAC5B,OAAO,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAC;AAEnD,+EAA+E;AAC/E,qDAAqD;AACrD,+EAA+E;AAE/E;;GAEG;AACH,MAAM,SAAS,GAAG,CAAC,GAAwB,EAAU,EAAE,CACrD,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC;KACb,QAAQ,CAAC,QAAQ,CAAC;KAClB,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;KACnB,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;KACnB,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;AAExB;;GAEG;AACH,MAAM,WAAW,GAAG,GAAW,EAAE,CAAC,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;AAEzE;;GAEG;AACH,MAAM,iBAAiB,GAAG,CACxB,YAAoB,EAC0C,EAAE;IAChE,oCAAoC;IACpC,IAAI,YAAY,CAAC,QAAQ,CAAC,YAAY,CAAC,EAAE,CAAC;QACxC,OAAO;YACL,SAAS,EAAE,OAAO;YAClB,MAAM,EAAE,OAAO;YACf,GAAG,EAAE,MAAM,CAAC,gBAAgB,CAAC,YAAY,CAAC;SAC3C,CAAC;IACJ,CAAC;IAED,6DAA6D;IAC7D,MAAM,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,YAAY,EAAE,QAAQ,CAAC,CAAC;IACrD,IAAI,QAAQ,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;QAC3B,yCAAyC;QACzC,MAAM,IAAI,GAAG,QAAQ,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QACtC,yDAAyD;QACzD,yDAAyD;QACzD,MAAM,WAAW,GAAG,MAAM,CAAC,IAAI,CAAC,kCAAkC,EAAE,KAAK,CAAC,CAAC;QAC3E,MAAM,QAAQ,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,WAAW,EAAE,IAAI,CAAC,CAAC,CAAC;QACpD,OAAO;YACL,SAAS,EAAE,OAAO;YAClB,MAAM,EAAE,OAAO;YACf,GAAG,EAAE,MAAM,CAAC,gBAAgB,CAAC;gBAC3B,GAAG,EAAE,QAAQ;gBACb,MAAM,EAAE,KAAK;gBACb,IAAI,EAAE,OAAO;aACd,CAAC;SACH,CAAC;IACJ,CAAC;IAED,MAAM,IAAI,KAAK,CACb,2EAA2E,CAC5E,CAAC;AACJ,CAAC,CAAC;AAEF;;;;;;GAMG;AACH,MAAM,WAAW,GAAG,CAAC,QAAgB,EAAE,YAAoB,EAAU,EAAE;IACrE,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,GAAG,iBAAiB,CAAC,YAAY,CAAC,CAAC;IAExD,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;IAC1C,MAAM,MAAM,GAAG;QACb,GAAG,EAAE,MAAM;QACX,GAAG,EAAE,QAAQ;QACb,GAAG,EAAE,KAAK;QACV,KAAK,EAAE,WAAW,EAAE;KACrB,CAAC;IACF,MAAM,OAAO,GAAG;QACd,GAAG,EAAE,QAAQ;QACb,GAAG,EAAE,KAAK;QACV,GAAG,EAAE,GAAG;QACR,GAAG,EAAE,GAAG;QACR,GAAG,EAAE,GAAG,GAAG,GAAG;KACf,CAAC;IAEF,MAAM,SAAS,GAAG,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;IACjE,MAAM,UAAU,GAAG,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;IACnE,MAAM,YAAY,GAAG,GAAG,SAAS,IAAI,UAAU,EAAE,CAAC;IAElD,IAAI,SAAiB,CAAC;IACtB,IAAI,MAAM,KAAK,OAAO,EAAE,CAAC;QACvB,mEAAmE;QACnE,MAAM,IAAI,GAAG,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;QACzC,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;QAC1B,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAC9B,wDAAwD;QACxD,SAAS,GAAG,UAAU,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;IACrC,CAAC;SAAM,CAAC;QACN,qCAAqC;QACrC,SAAS,GAAG,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC;IAC7E,CAAC;IAED,OAAO,GAAG,YAAY,IAAI,SAAS,CAAC,SAAS,CAAC,EAAE,CAAC;AACnD,CAAC,CAAC;AAEF;;;GAGG;AACH,MAAM,UAAU,GAAG,CAAC,MAAc,EAAE,eAAuB,EAAU,EAAE;IACrE,mDAAmD;IACnD,IAAI,MAAM,GAAG,CAAC,CAAC,CAAC,gBAAgB;IAChC,IAAI,MAAM,CAAC,CAAC,CAAE,GAAG,IAAI;QAAE,MAAM,IAAI,MAAM,CAAC,CAAC,CAAE,GAAG,IAAI,CAAC;IAEnD,SAAS;IACT,MAAM,EAAE,CAAC,CAAC,UAAU;IACpB,MAAM,IAAI,GAAG,MAAM,CAAC,MAAM,EAAE,CAAE,CAAC;IAC/B,MAAM,CAAC,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,EAAE,MAAM,GAAG,IAAI,CAAC,CAAC;IACjD,MAAM,IAAI,IAAI,CAAC;IAEf,SAAS;IACT,MAAM,EAAE,CAAC,CAAC,UAAU;IACpB,MAAM,IAAI,GAAG,MAAM,CAAC,MAAM,EAAE,CAAE,CAAC;IAC/B,MAAM,CAAC,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,EAAE,MAAM,GAAG,IAAI,CAAC,CAAC;IAEjD,iCAAiC;IACjC,MAAM,MAAM,GAAG,MAAM,CAAC,KAAK,CAAC,eAAe,GAAG,CAAC,CAAC,CAAC;IACjD,MAAM,OAAO,GACX,CAAC,CAAC,MAAM,GAAG,eAAe,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,GAAG,eAAe,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAC1E,MAAM,OAAO,GACX,CAAC,CAAC,MAAM,GAAG,eAAe,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,GAAG,eAAe,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAC1E,OAAO,CAAC,IAAI,CAAC,MAAM,EAAE,eAAe,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IACvD,OAAO,CAAC,IAAI,CAAC,MAAM,EAAE,eAAe,GAAG,CAAC,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IAC3D,OAAO,MAAM,CAAC;AAChB,CAAC,CAAC;AAEF,+EAA+E;AAC/E,yBAAyB;AACzB,+EAA+E;AAE/E;;;;;GAKG;AACH,MAAM,qBAAqB,GAAG,MAAM,CAAC,MAAM,CAAC;IAC1C,SAAS,EAAE,MAAM,CAAC,MAAM;IACxB,YAAY,EAAE,MAAM,CAAC,MAAM;IAC3B,aAAa,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC;IAC7C,SAAS,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC;CAC1C,CAAC,CAAC;AAEH;;;;;;;;;GASG;AACH,MAAM,UAAU,GAAG,CACjB,MAAc,EACd,SAAkB,EACa,EAAE;IACjC,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,CAAC,iBAAiB,CAAC,qBAAqB,CAAC,CAAC,SAAS,CAAC,CAAC;QAC1E,MAAM,UAAU,GAAG;YACjB,SAAS,EAAE,MAAM,CAAC,SAAS;YAC3B,YAAY,EAAE,MAAM,CAAC,YAAY;YACjC,aAAa,EAAE,MAAM,CAAC,aAAa;YACnC,SAAS,EAAE,MAAM,CAAC,SAAS;SAC5B,CAAC;QAEF,iDAAiD;QACjD,MAAM,eAAe,GAAG,cAAc,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QACzD,IAAI,eAAe,EAAE,CAAC;YACpB,OAAO,MAAM,CAAC,IAAI,CAAC,IAAI,eAAe,CAAC,UAAU,CAAC,CAAC,CAAC;QACtD,CAAC;QAED,2DAA2D;QAC3D,qFAAqF;QACrF,uFAAuF;QACvF,kDAAkD;QAClD,MAAM,kBAAkB,GAAG,uBAAuB,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QACrE,IAAI,kBAAkB,EAAE,CAAC;YACvB,OAAO,MAAM,CAAC,IAAI,CAChB,IAAI,kBAAkB,CAAC,EAAE,OAAO,EAAE,MAAM,CAAC,YAAY,IAAI,EAAE,EAAE,CAAC,CAC/D,CAAC;QACJ,CAAC;QAED,qDAAqD;QACrD,MAAM,cAAc,GAAI,eAAuB,CAAC,MAAM,CAAC,CAAC;QACxD,IAAI,cAAc,EAAE,CAAC;YACnB,OAAO,MAAM,CAAC,IAAI,CAChB,IAAI,cAAc,CAAC,EAAE,OAAO,EAAE,MAAM,CAAC,YAAY,IAAI,EAAE,EAAE,CAAC,CAC3D,CAAC;QACJ,CAAC;QAED,+CAA+C;QAC/C,MAAM,kBAAkB,GAAI,wBAAgC,CAAC,MAAM,CAAC,CAAC;QACrE,IAAI,kBAAkB,EAAE,CAAC;YACvB,OAAO,MAAM,CAAC,IAAI,CAAC,IAAI,kBAAkB,CAAC,UAAU,CAAC,CAAC,CAAC;QACzD,CAAC;QAED,gCAAgC;QAChC,OAAO,MAAM,CAAC,IAAI,CAChB,IAAI,oBAAoB,CAAC;YACvB,GAAG,UAAU;YACb,IAAI,EAAE,SAAS;SAChB,CAAC,CACH,CAAC;IACJ,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,MAAM,CAAC,IAAI,CAAC,IAAI,oBAAoB,CAAC,EAAE,IAAI,EAAE,SAAS,EAAE,CAAC,CAAC,CAAC;IACpE,CAAC;AACH,CAAC,CAAC;AAEF,+EAA+E;AAC/E,qBAAqB;AACrB,+EAA+E;AAE/E;;;;GAIG;AACH,MAAM,CAAC,MAAM,GAAG,GAAG,OAAO,CAAC;IACzB,WAAW,EAAE,WAAkB;IAC/B,UAAU,EAAE,CAAC,KAAU,EAAE,EAAE,CAAE,KAAgB,CAAC,UAAU;IACxD,cAAc,EAAE,CAAC,KAAU,EAAE,EAAE;QAC7B,MAAM,CAAC,GAAG,KAAe,CAAC;QAC1B,MAAM,GAAG,GAAG,WAAW,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC,YAAY,CAAC,CAAC;QACpD,OAAO;YACL,aAAa,EAAE,UAAU,GAAG,EAAE;SAC/B,CAAC;IACJ,CAAC;IACD,UAAU;IACV,UAAU,EAAE,kBAAyB;CACtC,CAAC,CAAC"}

package/lib/credentials.d.ts

@@ -0,0 +1,32 @@
+import * as Layer from "effect/Layer";
+import * as ServiceMap from "effect/ServiceMap";
+import { ConfigError } from "@distilled.cloud/core/errors";
+export declare const DEFAULT_API_BASE_URL = "https://api.cdp.coinbase.com/platform";
+export interface Config {
+    /**
+     * CDP API Key ID (UUID format or legacy `organizations/.../apiKeys/...` format).
+     */
+    readonly apiKeyId: string;
+    /**
+     * CDP API Key Secret (Ed25519 base64 or EC PEM private key).
+     * Used to sign JWT bearer tokens for API authentication.
+     */
+    readonly apiKeySecret: string;
+    /**
+     * CDP Wallet Secret (base64-encoded DER EC private key).
+     * Required only for sensitive wallet operations (POST/DELETE/PUT to account endpoints).
+     * If not provided, wallet-auth-requiring operations will fail.
+     */
+    readonly walletSecret?: string | undefined;
+    /**
+     * Base URL for the Coinbase CDP API.
+     * @default "https://api.cdp.coinbase.com/platform"
+     */
+    readonly apiBaseUrl: string;
+}
+declare const Credentials_base: ServiceMap.ServiceClass<Credentials, "CoinbaseCredentials", Config>;
+export declare class Credentials extends Credentials_base {
+}
+export declare const CredentialsFromEnv: Layer.Layer<Credentials, ConfigError, never>;
+export {};
+//# sourceMappingURL=credentials.d.ts.map

package/lib/credentials.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"credentials.d.ts","sourceRoot":"","sources":["../src/credentials.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,KAAK,MAAM,cAAc,CAAC;AACtC,OAAO,KAAK,UAAU,MAAM,mBAAmB,CAAC;AAChD,OAAO,EAAE,WAAW,EAAE,MAAM,8BAA8B,CAAC;AAE3D,eAAO,MAAM,oBAAoB,0CAA0C,CAAC;AAE5E,MAAM,WAAW,MAAM;IACrB;;OAEG;IACH,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAE1B;;;OAGG;IACH,QAAQ,CAAC,YAAY,EAAE,MAAM,CAAC;IAE9B;;;;OAIG;IACH,QAAQ,CAAC,YAAY,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;IAE3C;;;OAGG;IACH,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC;CAC7B;;AAED,qBAAa,WAAY,SAAQ,gBAEhC;CAAG;AAEJ,eAAO,MAAM,kBAAkB,8CA2B9B,CAAC"}

package/lib/credentials.js

@@ -0,0 +1,29 @@
+import * as Effect from "effect/Effect";
+import * as Layer from "effect/Layer";
+import * as ServiceMap from "effect/ServiceMap";
+import { ConfigError } from "@distilled.cloud/core/errors";
+export const DEFAULT_API_BASE_URL = "https://api.cdp.coinbase.com/platform";
+export class Credentials extends ServiceMap.Service()("CoinbaseCredentials") {
+}
+export const CredentialsFromEnv = Layer.effect(Credentials, Effect.gen(function* () {
+    const apiKeyId = process.env.CDP_API_KEY_ID ?? process.env.CDP_API_KEY_NAME;
+    const apiKeySecret = process.env.CDP_API_KEY_SECRET;
+    const walletSecret = process.env.CDP_WALLET_SECRET;
+    if (!apiKeyId) {
+        return yield* new ConfigError({
+            message: "CDP_API_KEY_ID (or CDP_API_KEY_NAME) environment variable is required",
+        });
+    }
+    if (!apiKeySecret) {
+        return yield* new ConfigError({
+            message: "CDP_API_KEY_SECRET environment variable is required",
+        });
+    }
+    return {
+        apiKeyId,
+        apiKeySecret,
+        walletSecret,
+        apiBaseUrl: DEFAULT_API_BASE_URL,
+    };
+}));
+//# sourceMappingURL=credentials.js.map

package/lib/credentials.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"credentials.js","sourceRoot":"","sources":["../src/credentials.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,MAAM,eAAe,CAAC;AACxC,OAAO,KAAK,KAAK,MAAM,cAAc,CAAC;AACtC,OAAO,KAAK,UAAU,MAAM,mBAAmB,CAAC;AAChD,OAAO,EAAE,WAAW,EAAE,MAAM,8BAA8B,CAAC;AAE3D,MAAM,CAAC,MAAM,oBAAoB,GAAG,uCAAuC,CAAC;AA4B5E,MAAM,OAAO,WAAY,SAAQ,UAAU,CAAC,OAAO,EAAuB,CACxE,qBAAqB,CACtB;CAAG;AAEJ,MAAM,CAAC,MAAM,kBAAkB,GAAG,KAAK,CAAC,MAAM,CAC5C,WAAW,EACX,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC;IAClB,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,cAAc,IAAI,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC;IAC5E,MAAM,YAAY,GAAG,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC;IACpD,MAAM,YAAY,GAAG,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC;IAEnD,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,OAAO,KAAK,CAAC,CAAC,IAAI,WAAW,CAAC;YAC5B,OAAO,EACL,uEAAuE;SAC1E,CAAC,CAAC;IACL,CAAC;IAED,IAAI,CAAC,YAAY,EAAE,CAAC;QAClB,OAAO,KAAK,CAAC,CAAC,IAAI,WAAW,CAAC;YAC5B,OAAO,EAAE,qDAAqD;SAC/D,CAAC,CAAC;IACL,CAAC;IAED,OAAO;QACL,QAAQ;QACR,YAAY;QACZ,YAAY;QACZ,UAAU,EAAE,oBAAoB;KACjC,CAAC;AACJ,CAAC,CAAC,CACH,CAAC"}