@dynamic-labs-sdk/solana 1.17.0 → 1.18.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/{addSolanaWalletStandardExtension-jxPULYI0.esm.js → addSolanaWalletStandardExtension-BGeu9CyF.esm.js} +3 -3
- package/dist/{addSolanaWalletStandardExtension-jxPULYI0.esm.js.map → addSolanaWalletStandardExtension-BGeu9CyF.esm.js.map} +1 -1
- package/dist/{addSolanaWalletStandardExtension-Cx9fyyS3.cjs → addSolanaWalletStandardExtension-DjnLEEh4.cjs} +3 -3
- package/dist/{addSolanaWalletStandardExtension-Cx9fyyS3.cjs.map → addSolanaWalletStandardExtension-DjnLEEh4.cjs.map} +1 -1
- package/dist/{addWaasSolanaExtension-CA2poieU.esm.js → addWaasSolanaExtension-CzXKrlYb.esm.js} +2 -2
- package/dist/{addWaasSolanaExtension-CA2poieU.esm.js.map → addWaasSolanaExtension-CzXKrlYb.esm.js.map} +1 -1
- package/dist/{addWaasSolanaExtension-hOB10HA-.cjs → addWaasSolanaExtension-DIOlU-AN.cjs} +2 -2
- package/dist/{addWaasSolanaExtension-hOB10HA-.cjs.map → addWaasSolanaExtension-DIOlU-AN.cjs.map} +1 -1
- package/dist/{createWalletProviderFromSolanaStandardWallet-DmmM6Suh.esm.js → createWalletProviderFromSolanaStandardWallet-CKgaSEl8.esm.js} +2 -2
- package/dist/{createWalletProviderFromSolanaStandardWallet-DmmM6Suh.esm.js.map → createWalletProviderFromSolanaStandardWallet-CKgaSEl8.esm.js.map} +1 -1
- package/dist/{createWalletProviderFromSolanaStandardWallet-C9CKmWdX.cjs → createWalletProviderFromSolanaStandardWallet-Dd2TVV2b.cjs} +2 -2
- package/dist/{createWalletProviderFromSolanaStandardWallet-C9CKmWdX.cjs.map → createWalletProviderFromSolanaStandardWallet-Dd2TVV2b.cjs.map} +1 -1
- package/dist/index.cjs +355 -5
- package/dist/index.cjs.map +1 -1
- package/dist/index.esm.js +355 -5
- package/dist/index.esm.js.map +1 -1
- package/dist/metamask.cjs +2 -2
- package/dist/metamask.esm.js +2 -2
- package/dist/phantomRedirect/errors/PhantomInvalidEncryptionPublicKeyError.d.ts +5 -0
- package/dist/phantomRedirect/errors/PhantomInvalidEncryptionPublicKeyError.d.ts.map +1 -0
- package/dist/phantomRedirect/utils/crypto/createNaClSharedSecret/createNaClSharedSecret.d.ts +6 -1
- package/dist/phantomRedirect/utils/crypto/createNaClSharedSecret/createNaClSharedSecret.d.ts.map +1 -1
- package/dist/{solanaTransferAmount-BUwYKL-l.esm.js → solanaTransferAmount-DX35Wg5S.esm.js} +2 -2
- package/dist/{solanaTransferAmount-BUwYKL-l.esm.js.map → solanaTransferAmount-DX35Wg5S.esm.js.map} +1 -1
- package/dist/{solanaTransferAmount-Fq-SN353.cjs → solanaTransferAmount-vxHlmm9z.cjs} +2 -2
- package/dist/{solanaTransferAmount-Fq-SN353.cjs.map → solanaTransferAmount-vxHlmm9z.cjs.map} +1 -1
- package/dist/tsconfig.lib.tsbuildinfo +1 -1
- package/dist/waas.cjs +2 -2
- package/dist/waas.esm.js +2 -2
- package/dist/walletConnect.cjs +1 -1
- package/dist/walletConnect.esm.js +1 -1
- package/dist/walletStandard.cjs +3 -3
- package/dist/walletStandard.esm.js +3 -3
- package/package.json +6 -6
package/dist/index.esm.js
CHANGED
|
@@ -1,8 +1,8 @@
|
|
|
1
|
-
import { a as NotSolanaProviderError, c as isSolanaWalletAccount, d as registerSolanaNetworkProviderBuilder, f as name, i as isSolanaGasSponsorshipEnabled, l as isVersionedTransaction, n as solanaExecuteSwapTransaction, o as isSolanaWalletProvider, p as version, r as signAndSendTransaction, s as solanaConfirmTransaction, t as solanaTransferAmount, u as getSolanaConnection } from "./solanaTransferAmount-
|
|
1
|
+
import { a as NotSolanaProviderError, c as isSolanaWalletAccount, d as registerSolanaNetworkProviderBuilder, f as name, i as isSolanaGasSponsorshipEnabled, l as isVersionedTransaction, n as solanaExecuteSwapTransaction, o as isSolanaWalletProvider, p as version, r as signAndSendTransaction, s as solanaConfirmTransaction, t as solanaTransferAmount, u as getSolanaConnection } from "./solanaTransferAmount-DX35Wg5S.esm.js";
|
|
2
2
|
import { t as assertBufferAvailable } from "./assertBufferAvailable-b4xOlERy.esm.js";
|
|
3
|
-
import { n as SponsorTransactionError, t as addWaasSolanaExtension } from "./addWaasSolanaExtension-
|
|
4
|
-
import "./createWalletProviderFromSolanaStandardWallet-
|
|
5
|
-
import { t as addSolanaWalletStandardExtension } from "./addSolanaWalletStandardExtension-
|
|
3
|
+
import { n as SponsorTransactionError, t as addWaasSolanaExtension } from "./addWaasSolanaExtension-CzXKrlYb.esm.js";
|
|
4
|
+
import "./createWalletProviderFromSolanaStandardWallet-CKgaSEl8.esm.js";
|
|
5
|
+
import { t as addSolanaWalletStandardExtension } from "./addSolanaWalletStandardExtension-BGeu9CyF.esm.js";
|
|
6
6
|
import { assertPackageVersion } from "@dynamic-labs-sdk/assert-package-version";
|
|
7
7
|
import { MethodNotImplementedError, WalletProviderPriority, assertDefined, createApiClient, createDeferredPromise, createRuntimeServiceAccessKey, createStorageKeySchema, emitEvent, formatWalletProviderGroupKey, formatWalletProviderKey, getActiveNetworkIdFromLastKnownRegistry, getBuffer, getCore, getDefaultClient, getNetworkProviders, getWalletProviderFromWalletAccount, getWalletProviderRegistry, hasExtension, randomString, registerExtension } from "@dynamic-labs-sdk/client/core";
|
|
8
8
|
import { BaseError, FeeEstimationFailedError, InvalidParamError, SimulationFailedError, getActiveNetworkData, getDefaultClient as getDefaultClient$1, onEvent, onceEvent } from "@dynamic-labs-sdk/client";
|
|
@@ -331,18 +331,368 @@ const broadcastPhantomEvent = ({ args, event }, client) => {
|
|
|
331
331
|
});
|
|
332
332
|
};
|
|
333
333
|
|
|
334
|
+
//#endregion
|
|
335
|
+
//#region src/phantomRedirect/errors/PhantomInvalidEncryptionPublicKeyError.ts
|
|
336
|
+
var PhantomInvalidEncryptionPublicKeyError = class extends BaseError {
|
|
337
|
+
constructor() {
|
|
338
|
+
super({
|
|
339
|
+
cause: null,
|
|
340
|
+
code: "phantom_invalid_encryption_public_key_error",
|
|
341
|
+
docsUrl: null,
|
|
342
|
+
name: "PhantomInvalidEncryptionPublicKeyError",
|
|
343
|
+
shortMessage: "Invalid Phantom encryption public key (low-order point rejected)."
|
|
344
|
+
});
|
|
345
|
+
}
|
|
346
|
+
};
|
|
347
|
+
|
|
334
348
|
//#endregion
|
|
335
349
|
//#region src/phantomRedirect/utils/crypto/createNaClSharedSecret/createNaClSharedSecret.ts
|
|
336
350
|
/**
|
|
351
|
+
* The length, in bytes, of a Curve25519 public key.
|
|
352
|
+
*/
|
|
353
|
+
const CURVE25519_PUBLIC_KEY_LENGTH = 32;
|
|
354
|
+
/**
|
|
355
|
+
* The complete set of known Curve25519 low-order point encodings.
|
|
356
|
+
*
|
|
357
|
+
* A malicious Phantom redirect can supply one of these as
|
|
358
|
+
* `phantom_encryption_public_key`. X25519 with a low-order base point produces
|
|
359
|
+
* a small, universally-known shared secret (independent of our secret key),
|
|
360
|
+
* letting an attacker decrypt/forge the connect response and overwrite the
|
|
361
|
+
* connected wallet address. We reject them before deriving the box secret.
|
|
362
|
+
*
|
|
363
|
+
* Source: RFC 7748 / the canonical list of the 8 Curve25519 low-order points.
|
|
364
|
+
*/
|
|
365
|
+
const CURVE25519_LOW_ORDER_POINTS = [
|
|
366
|
+
new Uint8Array([
|
|
367
|
+
0,
|
|
368
|
+
0,
|
|
369
|
+
0,
|
|
370
|
+
0,
|
|
371
|
+
0,
|
|
372
|
+
0,
|
|
373
|
+
0,
|
|
374
|
+
0,
|
|
375
|
+
0,
|
|
376
|
+
0,
|
|
377
|
+
0,
|
|
378
|
+
0,
|
|
379
|
+
0,
|
|
380
|
+
0,
|
|
381
|
+
0,
|
|
382
|
+
0,
|
|
383
|
+
0,
|
|
384
|
+
0,
|
|
385
|
+
0,
|
|
386
|
+
0,
|
|
387
|
+
0,
|
|
388
|
+
0,
|
|
389
|
+
0,
|
|
390
|
+
0,
|
|
391
|
+
0,
|
|
392
|
+
0,
|
|
393
|
+
0,
|
|
394
|
+
0,
|
|
395
|
+
0,
|
|
396
|
+
0,
|
|
397
|
+
0,
|
|
398
|
+
0
|
|
399
|
+
]),
|
|
400
|
+
new Uint8Array([
|
|
401
|
+
1,
|
|
402
|
+
0,
|
|
403
|
+
0,
|
|
404
|
+
0,
|
|
405
|
+
0,
|
|
406
|
+
0,
|
|
407
|
+
0,
|
|
408
|
+
0,
|
|
409
|
+
0,
|
|
410
|
+
0,
|
|
411
|
+
0,
|
|
412
|
+
0,
|
|
413
|
+
0,
|
|
414
|
+
0,
|
|
415
|
+
0,
|
|
416
|
+
0,
|
|
417
|
+
0,
|
|
418
|
+
0,
|
|
419
|
+
0,
|
|
420
|
+
0,
|
|
421
|
+
0,
|
|
422
|
+
0,
|
|
423
|
+
0,
|
|
424
|
+
0,
|
|
425
|
+
0,
|
|
426
|
+
0,
|
|
427
|
+
0,
|
|
428
|
+
0,
|
|
429
|
+
0,
|
|
430
|
+
0,
|
|
431
|
+
0,
|
|
432
|
+
0
|
|
433
|
+
]),
|
|
434
|
+
new Uint8Array([
|
|
435
|
+
224,
|
|
436
|
+
235,
|
|
437
|
+
122,
|
|
438
|
+
124,
|
|
439
|
+
59,
|
|
440
|
+
65,
|
|
441
|
+
184,
|
|
442
|
+
174,
|
|
443
|
+
22,
|
|
444
|
+
86,
|
|
445
|
+
227,
|
|
446
|
+
250,
|
|
447
|
+
241,
|
|
448
|
+
159,
|
|
449
|
+
196,
|
|
450
|
+
106,
|
|
451
|
+
218,
|
|
452
|
+
9,
|
|
453
|
+
141,
|
|
454
|
+
235,
|
|
455
|
+
156,
|
|
456
|
+
50,
|
|
457
|
+
177,
|
|
458
|
+
253,
|
|
459
|
+
134,
|
|
460
|
+
98,
|
|
461
|
+
5,
|
|
462
|
+
22,
|
|
463
|
+
95,
|
|
464
|
+
73,
|
|
465
|
+
184,
|
|
466
|
+
0
|
|
467
|
+
]),
|
|
468
|
+
new Uint8Array([
|
|
469
|
+
95,
|
|
470
|
+
156,
|
|
471
|
+
149,
|
|
472
|
+
188,
|
|
473
|
+
163,
|
|
474
|
+
80,
|
|
475
|
+
140,
|
|
476
|
+
36,
|
|
477
|
+
177,
|
|
478
|
+
208,
|
|
479
|
+
177,
|
|
480
|
+
85,
|
|
481
|
+
156,
|
|
482
|
+
131,
|
|
483
|
+
239,
|
|
484
|
+
91,
|
|
485
|
+
4,
|
|
486
|
+
68,
|
|
487
|
+
92,
|
|
488
|
+
196,
|
|
489
|
+
88,
|
|
490
|
+
28,
|
|
491
|
+
142,
|
|
492
|
+
134,
|
|
493
|
+
216,
|
|
494
|
+
34,
|
|
495
|
+
78,
|
|
496
|
+
221,
|
|
497
|
+
208,
|
|
498
|
+
159,
|
|
499
|
+
17,
|
|
500
|
+
87
|
|
501
|
+
]),
|
|
502
|
+
new Uint8Array([
|
|
503
|
+
236,
|
|
504
|
+
255,
|
|
505
|
+
255,
|
|
506
|
+
255,
|
|
507
|
+
255,
|
|
508
|
+
255,
|
|
509
|
+
255,
|
|
510
|
+
255,
|
|
511
|
+
255,
|
|
512
|
+
255,
|
|
513
|
+
255,
|
|
514
|
+
255,
|
|
515
|
+
255,
|
|
516
|
+
255,
|
|
517
|
+
255,
|
|
518
|
+
255,
|
|
519
|
+
255,
|
|
520
|
+
255,
|
|
521
|
+
255,
|
|
522
|
+
255,
|
|
523
|
+
255,
|
|
524
|
+
255,
|
|
525
|
+
255,
|
|
526
|
+
255,
|
|
527
|
+
255,
|
|
528
|
+
255,
|
|
529
|
+
255,
|
|
530
|
+
255,
|
|
531
|
+
255,
|
|
532
|
+
255,
|
|
533
|
+
255,
|
|
534
|
+
127
|
|
535
|
+
]),
|
|
536
|
+
new Uint8Array([
|
|
537
|
+
237,
|
|
538
|
+
255,
|
|
539
|
+
255,
|
|
540
|
+
255,
|
|
541
|
+
255,
|
|
542
|
+
255,
|
|
543
|
+
255,
|
|
544
|
+
255,
|
|
545
|
+
255,
|
|
546
|
+
255,
|
|
547
|
+
255,
|
|
548
|
+
255,
|
|
549
|
+
255,
|
|
550
|
+
255,
|
|
551
|
+
255,
|
|
552
|
+
255,
|
|
553
|
+
255,
|
|
554
|
+
255,
|
|
555
|
+
255,
|
|
556
|
+
255,
|
|
557
|
+
255,
|
|
558
|
+
255,
|
|
559
|
+
255,
|
|
560
|
+
255,
|
|
561
|
+
255,
|
|
562
|
+
255,
|
|
563
|
+
255,
|
|
564
|
+
255,
|
|
565
|
+
255,
|
|
566
|
+
255,
|
|
567
|
+
255,
|
|
568
|
+
127
|
|
569
|
+
]),
|
|
570
|
+
new Uint8Array([
|
|
571
|
+
238,
|
|
572
|
+
255,
|
|
573
|
+
255,
|
|
574
|
+
255,
|
|
575
|
+
255,
|
|
576
|
+
255,
|
|
577
|
+
255,
|
|
578
|
+
255,
|
|
579
|
+
255,
|
|
580
|
+
255,
|
|
581
|
+
255,
|
|
582
|
+
255,
|
|
583
|
+
255,
|
|
584
|
+
255,
|
|
585
|
+
255,
|
|
586
|
+
255,
|
|
587
|
+
255,
|
|
588
|
+
255,
|
|
589
|
+
255,
|
|
590
|
+
255,
|
|
591
|
+
255,
|
|
592
|
+
255,
|
|
593
|
+
255,
|
|
594
|
+
255,
|
|
595
|
+
255,
|
|
596
|
+
255,
|
|
597
|
+
255,
|
|
598
|
+
255,
|
|
599
|
+
255,
|
|
600
|
+
255,
|
|
601
|
+
255,
|
|
602
|
+
127
|
|
603
|
+
]),
|
|
604
|
+
new Uint8Array([
|
|
605
|
+
205,
|
|
606
|
+
235,
|
|
607
|
+
122,
|
|
608
|
+
124,
|
|
609
|
+
59,
|
|
610
|
+
65,
|
|
611
|
+
184,
|
|
612
|
+
174,
|
|
613
|
+
22,
|
|
614
|
+
86,
|
|
615
|
+
227,
|
|
616
|
+
250,
|
|
617
|
+
241,
|
|
618
|
+
159,
|
|
619
|
+
196,
|
|
620
|
+
106,
|
|
621
|
+
218,
|
|
622
|
+
9,
|
|
623
|
+
141,
|
|
624
|
+
235,
|
|
625
|
+
156,
|
|
626
|
+
50,
|
|
627
|
+
177,
|
|
628
|
+
253,
|
|
629
|
+
134,
|
|
630
|
+
98,
|
|
631
|
+
5,
|
|
632
|
+
22,
|
|
633
|
+
95,
|
|
634
|
+
73,
|
|
635
|
+
184,
|
|
636
|
+
128
|
|
637
|
+
])
|
|
638
|
+
];
|
|
639
|
+
/**
|
|
640
|
+
* Constant-time equality check for two byte arrays. No early-exit branches so
|
|
641
|
+
* comparison duration does not leak the content being compared.
|
|
642
|
+
*/
|
|
643
|
+
const bytesEqual = ({ a, b }) => {
|
|
644
|
+
let diff = a.length ^ b.length;
|
|
645
|
+
const length = Math.min(a.length, b.length);
|
|
646
|
+
for (let i = 0; i < length; i += 1) diff |= a[i] ^ b[i];
|
|
647
|
+
return diff === 0;
|
|
648
|
+
};
|
|
649
|
+
/**
|
|
650
|
+
* Validates that a decoded Curve25519 public key is safe to use for X25519 key
|
|
651
|
+
* agreement, rejecting low-order / contributory points.
|
|
652
|
+
*
|
|
653
|
+
* Defense in depth:
|
|
654
|
+
* 1. Enforce the canonical 32-byte length.
|
|
655
|
+
* 2. Reject the known small set of low-order point encodings (blocklist).
|
|
656
|
+
* 3. Reject any input whose raw X25519 output (`nacl.scalarMult`) is all-zero,
|
|
657
|
+
* which catches low-order inputs regardless of encoding.
|
|
658
|
+
*
|
|
659
|
+
* @param params.theirPublicKey - The decoded (32-byte) peer public key
|
|
660
|
+
* @param params.ourSecretKey - The decoded (32-byte) local secret key
|
|
661
|
+
* @throws {PhantomInvalidEncryptionPublicKeyError} If the key is invalid or low-order
|
|
662
|
+
*/
|
|
663
|
+
const assertValidCurve25519PublicKey = ({ theirPublicKey, ourSecretKey }) => {
|
|
664
|
+
if (theirPublicKey.length !== CURVE25519_PUBLIC_KEY_LENGTH) throw new PhantomInvalidEncryptionPublicKeyError();
|
|
665
|
+
for (const lowOrderPoint of CURVE25519_LOW_ORDER_POINTS) if (bytesEqual({
|
|
666
|
+
a: theirPublicKey,
|
|
667
|
+
b: lowOrderPoint
|
|
668
|
+
})) throw new PhantomInvalidEncryptionPublicKeyError();
|
|
669
|
+
const scalarMultOutput = nacl.scalarMult(ourSecretKey, theirPublicKey);
|
|
670
|
+
if (bytesEqual({
|
|
671
|
+
a: scalarMultOutput,
|
|
672
|
+
b: new Uint8Array(scalarMultOutput.length)
|
|
673
|
+
})) throw new PhantomInvalidEncryptionPublicKeyError();
|
|
674
|
+
};
|
|
675
|
+
/**
|
|
337
676
|
* Creates a shared secret for NaCl box encryption using our secret key and their public key.
|
|
338
677
|
*
|
|
678
|
+
* Rejects low-order / invalid Curve25519 public keys before deriving the shared
|
|
679
|
+
* secret, preventing an attacker from forcing the X25519 output to a known
|
|
680
|
+
* constant via a malicious `phantom_encryption_public_key`.
|
|
681
|
+
*
|
|
339
682
|
* @param params.ourSecretKey - Our base58-encoded secret key
|
|
340
683
|
* @param params.theirPublicKey - Their base58-encoded public key
|
|
341
684
|
* @returns The base58-encoded shared secret
|
|
685
|
+
* @throws {PhantomInvalidEncryptionPublicKeyError} If their public key is invalid or a low-order point
|
|
342
686
|
* @notInstrumented
|
|
343
687
|
*/
|
|
344
688
|
const createNaClSharedSecret = ({ ourSecretKey, theirPublicKey }) => {
|
|
345
|
-
const
|
|
689
|
+
const theirPublicKeyBytes = bs58.decode(theirPublicKey);
|
|
690
|
+
const ourSecretKeyBytes = bs58.decode(ourSecretKey);
|
|
691
|
+
assertValidCurve25519PublicKey({
|
|
692
|
+
ourSecretKey: ourSecretKeyBytes,
|
|
693
|
+
theirPublicKey: theirPublicKeyBytes
|
|
694
|
+
});
|
|
695
|
+
const sharedSecret = nacl.box.before(theirPublicKeyBytes, ourSecretKeyBytes);
|
|
346
696
|
return bs58.encode(sharedSecret);
|
|
347
697
|
};
|
|
348
698
|
|