@dynamic-labs-sdk/solana 1.17.1 → 1.18.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/{addSolanaWalletStandardExtension-D_WVyVEx.esm.js → addSolanaWalletStandardExtension-BGeu9CyF.esm.js} +3 -3
- package/dist/{addSolanaWalletStandardExtension-D_WVyVEx.esm.js.map → addSolanaWalletStandardExtension-BGeu9CyF.esm.js.map} +1 -1
- package/dist/{addSolanaWalletStandardExtension-Dtf-b3fq.cjs → addSolanaWalletStandardExtension-DjnLEEh4.cjs} +3 -3
- package/dist/{addSolanaWalletStandardExtension-Dtf-b3fq.cjs.map → addSolanaWalletStandardExtension-DjnLEEh4.cjs.map} +1 -1
- package/dist/{addWaasSolanaExtension-BwdvB_-W.esm.js → addWaasSolanaExtension-CzXKrlYb.esm.js} +2 -2
- package/dist/{addWaasSolanaExtension-BwdvB_-W.esm.js.map → addWaasSolanaExtension-CzXKrlYb.esm.js.map} +1 -1
- package/dist/{addWaasSolanaExtension-av0ucGCH.cjs → addWaasSolanaExtension-DIOlU-AN.cjs} +2 -2
- package/dist/{addWaasSolanaExtension-av0ucGCH.cjs.map → addWaasSolanaExtension-DIOlU-AN.cjs.map} +1 -1
- package/dist/{createWalletProviderFromSolanaStandardWallet-Dtio4xHn.esm.js → createWalletProviderFromSolanaStandardWallet-CKgaSEl8.esm.js} +2 -2
- package/dist/{createWalletProviderFromSolanaStandardWallet-Dtio4xHn.esm.js.map → createWalletProviderFromSolanaStandardWallet-CKgaSEl8.esm.js.map} +1 -1
- package/dist/{createWalletProviderFromSolanaStandardWallet-CN-opURQ.cjs → createWalletProviderFromSolanaStandardWallet-Dd2TVV2b.cjs} +2 -2
- package/dist/{createWalletProviderFromSolanaStandardWallet-CN-opURQ.cjs.map → createWalletProviderFromSolanaStandardWallet-Dd2TVV2b.cjs.map} +1 -1
- package/dist/index.cjs +355 -5
- package/dist/index.cjs.map +1 -1
- package/dist/index.esm.js +355 -5
- package/dist/index.esm.js.map +1 -1
- package/dist/metamask.cjs +2 -2
- package/dist/metamask.esm.js +2 -2
- package/dist/phantomRedirect/errors/PhantomInvalidEncryptionPublicKeyError.d.ts +5 -0
- package/dist/phantomRedirect/errors/PhantomInvalidEncryptionPublicKeyError.d.ts.map +1 -0
- package/dist/phantomRedirect/utils/crypto/createNaClSharedSecret/createNaClSharedSecret.d.ts +6 -1
- package/dist/phantomRedirect/utils/crypto/createNaClSharedSecret/createNaClSharedSecret.d.ts.map +1 -1
- package/dist/{solanaTransferAmount-BSu_bMZ6.esm.js → solanaTransferAmount-DX35Wg5S.esm.js} +2 -2
- package/dist/{solanaTransferAmount-BSu_bMZ6.esm.js.map → solanaTransferAmount-DX35Wg5S.esm.js.map} +1 -1
- package/dist/{solanaTransferAmount-CgovN61n.cjs → solanaTransferAmount-vxHlmm9z.cjs} +2 -2
- package/dist/{solanaTransferAmount-CgovN61n.cjs.map → solanaTransferAmount-vxHlmm9z.cjs.map} +1 -1
- package/dist/tsconfig.lib.tsbuildinfo +1 -1
- package/dist/waas.cjs +2 -2
- package/dist/waas.esm.js +2 -2
- package/dist/walletConnect.cjs +1 -1
- package/dist/walletConnect.esm.js +1 -1
- package/dist/walletStandard.cjs +3 -3
- package/dist/walletStandard.esm.js +3 -3
- package/package.json +6 -6
package/dist/index.cjs
CHANGED
|
@@ -1,9 +1,9 @@
|
|
|
1
1
|
const require_chunk = require('./chunk-CbDLau6x.cjs');
|
|
2
|
-
const require_solanaTransferAmount = require('./solanaTransferAmount-
|
|
2
|
+
const require_solanaTransferAmount = require('./solanaTransferAmount-vxHlmm9z.cjs');
|
|
3
3
|
const require_assertBufferAvailable = require('./assertBufferAvailable-BPIt9Mmr.cjs');
|
|
4
|
-
const require_addWaasSolanaExtension = require('./addWaasSolanaExtension-
|
|
5
|
-
require('./createWalletProviderFromSolanaStandardWallet-
|
|
6
|
-
const require_addSolanaWalletStandardExtension = require('./addSolanaWalletStandardExtension-
|
|
4
|
+
const require_addWaasSolanaExtension = require('./addWaasSolanaExtension-DIOlU-AN.cjs');
|
|
5
|
+
require('./createWalletProviderFromSolanaStandardWallet-Dd2TVV2b.cjs');
|
|
6
|
+
const require_addSolanaWalletStandardExtension = require('./addSolanaWalletStandardExtension-DjnLEEh4.cjs');
|
|
7
7
|
let _dynamic_labs_sdk_assert_package_version = require("@dynamic-labs-sdk/assert-package-version");
|
|
8
8
|
let _dynamic_labs_sdk_client_core = require("@dynamic-labs-sdk/client/core");
|
|
9
9
|
let _dynamic_labs_sdk_client = require("@dynamic-labs-sdk/client");
|
|
@@ -335,18 +335,368 @@ const broadcastPhantomEvent = ({ args, event }, client) => {
|
|
|
335
335
|
});
|
|
336
336
|
};
|
|
337
337
|
|
|
338
|
+
//#endregion
|
|
339
|
+
//#region src/phantomRedirect/errors/PhantomInvalidEncryptionPublicKeyError.ts
|
|
340
|
+
var PhantomInvalidEncryptionPublicKeyError = class extends _dynamic_labs_sdk_client.BaseError {
|
|
341
|
+
constructor() {
|
|
342
|
+
super({
|
|
343
|
+
cause: null,
|
|
344
|
+
code: "phantom_invalid_encryption_public_key_error",
|
|
345
|
+
docsUrl: null,
|
|
346
|
+
name: "PhantomInvalidEncryptionPublicKeyError",
|
|
347
|
+
shortMessage: "Invalid Phantom encryption public key (low-order point rejected)."
|
|
348
|
+
});
|
|
349
|
+
}
|
|
350
|
+
};
|
|
351
|
+
|
|
338
352
|
//#endregion
|
|
339
353
|
//#region src/phantomRedirect/utils/crypto/createNaClSharedSecret/createNaClSharedSecret.ts
|
|
340
354
|
/**
|
|
355
|
+
* The length, in bytes, of a Curve25519 public key.
|
|
356
|
+
*/
|
|
357
|
+
const CURVE25519_PUBLIC_KEY_LENGTH = 32;
|
|
358
|
+
/**
|
|
359
|
+
* The complete set of known Curve25519 low-order point encodings.
|
|
360
|
+
*
|
|
361
|
+
* A malicious Phantom redirect can supply one of these as
|
|
362
|
+
* `phantom_encryption_public_key`. X25519 with a low-order base point produces
|
|
363
|
+
* a small, universally-known shared secret (independent of our secret key),
|
|
364
|
+
* letting an attacker decrypt/forge the connect response and overwrite the
|
|
365
|
+
* connected wallet address. We reject them before deriving the box secret.
|
|
366
|
+
*
|
|
367
|
+
* Source: RFC 7748 / the canonical list of the 8 Curve25519 low-order points.
|
|
368
|
+
*/
|
|
369
|
+
const CURVE25519_LOW_ORDER_POINTS = [
|
|
370
|
+
new Uint8Array([
|
|
371
|
+
0,
|
|
372
|
+
0,
|
|
373
|
+
0,
|
|
374
|
+
0,
|
|
375
|
+
0,
|
|
376
|
+
0,
|
|
377
|
+
0,
|
|
378
|
+
0,
|
|
379
|
+
0,
|
|
380
|
+
0,
|
|
381
|
+
0,
|
|
382
|
+
0,
|
|
383
|
+
0,
|
|
384
|
+
0,
|
|
385
|
+
0,
|
|
386
|
+
0,
|
|
387
|
+
0,
|
|
388
|
+
0,
|
|
389
|
+
0,
|
|
390
|
+
0,
|
|
391
|
+
0,
|
|
392
|
+
0,
|
|
393
|
+
0,
|
|
394
|
+
0,
|
|
395
|
+
0,
|
|
396
|
+
0,
|
|
397
|
+
0,
|
|
398
|
+
0,
|
|
399
|
+
0,
|
|
400
|
+
0,
|
|
401
|
+
0,
|
|
402
|
+
0
|
|
403
|
+
]),
|
|
404
|
+
new Uint8Array([
|
|
405
|
+
1,
|
|
406
|
+
0,
|
|
407
|
+
0,
|
|
408
|
+
0,
|
|
409
|
+
0,
|
|
410
|
+
0,
|
|
411
|
+
0,
|
|
412
|
+
0,
|
|
413
|
+
0,
|
|
414
|
+
0,
|
|
415
|
+
0,
|
|
416
|
+
0,
|
|
417
|
+
0,
|
|
418
|
+
0,
|
|
419
|
+
0,
|
|
420
|
+
0,
|
|
421
|
+
0,
|
|
422
|
+
0,
|
|
423
|
+
0,
|
|
424
|
+
0,
|
|
425
|
+
0,
|
|
426
|
+
0,
|
|
427
|
+
0,
|
|
428
|
+
0,
|
|
429
|
+
0,
|
|
430
|
+
0,
|
|
431
|
+
0,
|
|
432
|
+
0,
|
|
433
|
+
0,
|
|
434
|
+
0,
|
|
435
|
+
0,
|
|
436
|
+
0
|
|
437
|
+
]),
|
|
438
|
+
new Uint8Array([
|
|
439
|
+
224,
|
|
440
|
+
235,
|
|
441
|
+
122,
|
|
442
|
+
124,
|
|
443
|
+
59,
|
|
444
|
+
65,
|
|
445
|
+
184,
|
|
446
|
+
174,
|
|
447
|
+
22,
|
|
448
|
+
86,
|
|
449
|
+
227,
|
|
450
|
+
250,
|
|
451
|
+
241,
|
|
452
|
+
159,
|
|
453
|
+
196,
|
|
454
|
+
106,
|
|
455
|
+
218,
|
|
456
|
+
9,
|
|
457
|
+
141,
|
|
458
|
+
235,
|
|
459
|
+
156,
|
|
460
|
+
50,
|
|
461
|
+
177,
|
|
462
|
+
253,
|
|
463
|
+
134,
|
|
464
|
+
98,
|
|
465
|
+
5,
|
|
466
|
+
22,
|
|
467
|
+
95,
|
|
468
|
+
73,
|
|
469
|
+
184,
|
|
470
|
+
0
|
|
471
|
+
]),
|
|
472
|
+
new Uint8Array([
|
|
473
|
+
95,
|
|
474
|
+
156,
|
|
475
|
+
149,
|
|
476
|
+
188,
|
|
477
|
+
163,
|
|
478
|
+
80,
|
|
479
|
+
140,
|
|
480
|
+
36,
|
|
481
|
+
177,
|
|
482
|
+
208,
|
|
483
|
+
177,
|
|
484
|
+
85,
|
|
485
|
+
156,
|
|
486
|
+
131,
|
|
487
|
+
239,
|
|
488
|
+
91,
|
|
489
|
+
4,
|
|
490
|
+
68,
|
|
491
|
+
92,
|
|
492
|
+
196,
|
|
493
|
+
88,
|
|
494
|
+
28,
|
|
495
|
+
142,
|
|
496
|
+
134,
|
|
497
|
+
216,
|
|
498
|
+
34,
|
|
499
|
+
78,
|
|
500
|
+
221,
|
|
501
|
+
208,
|
|
502
|
+
159,
|
|
503
|
+
17,
|
|
504
|
+
87
|
|
505
|
+
]),
|
|
506
|
+
new Uint8Array([
|
|
507
|
+
236,
|
|
508
|
+
255,
|
|
509
|
+
255,
|
|
510
|
+
255,
|
|
511
|
+
255,
|
|
512
|
+
255,
|
|
513
|
+
255,
|
|
514
|
+
255,
|
|
515
|
+
255,
|
|
516
|
+
255,
|
|
517
|
+
255,
|
|
518
|
+
255,
|
|
519
|
+
255,
|
|
520
|
+
255,
|
|
521
|
+
255,
|
|
522
|
+
255,
|
|
523
|
+
255,
|
|
524
|
+
255,
|
|
525
|
+
255,
|
|
526
|
+
255,
|
|
527
|
+
255,
|
|
528
|
+
255,
|
|
529
|
+
255,
|
|
530
|
+
255,
|
|
531
|
+
255,
|
|
532
|
+
255,
|
|
533
|
+
255,
|
|
534
|
+
255,
|
|
535
|
+
255,
|
|
536
|
+
255,
|
|
537
|
+
255,
|
|
538
|
+
127
|
|
539
|
+
]),
|
|
540
|
+
new Uint8Array([
|
|
541
|
+
237,
|
|
542
|
+
255,
|
|
543
|
+
255,
|
|
544
|
+
255,
|
|
545
|
+
255,
|
|
546
|
+
255,
|
|
547
|
+
255,
|
|
548
|
+
255,
|
|
549
|
+
255,
|
|
550
|
+
255,
|
|
551
|
+
255,
|
|
552
|
+
255,
|
|
553
|
+
255,
|
|
554
|
+
255,
|
|
555
|
+
255,
|
|
556
|
+
255,
|
|
557
|
+
255,
|
|
558
|
+
255,
|
|
559
|
+
255,
|
|
560
|
+
255,
|
|
561
|
+
255,
|
|
562
|
+
255,
|
|
563
|
+
255,
|
|
564
|
+
255,
|
|
565
|
+
255,
|
|
566
|
+
255,
|
|
567
|
+
255,
|
|
568
|
+
255,
|
|
569
|
+
255,
|
|
570
|
+
255,
|
|
571
|
+
255,
|
|
572
|
+
127
|
|
573
|
+
]),
|
|
574
|
+
new Uint8Array([
|
|
575
|
+
238,
|
|
576
|
+
255,
|
|
577
|
+
255,
|
|
578
|
+
255,
|
|
579
|
+
255,
|
|
580
|
+
255,
|
|
581
|
+
255,
|
|
582
|
+
255,
|
|
583
|
+
255,
|
|
584
|
+
255,
|
|
585
|
+
255,
|
|
586
|
+
255,
|
|
587
|
+
255,
|
|
588
|
+
255,
|
|
589
|
+
255,
|
|
590
|
+
255,
|
|
591
|
+
255,
|
|
592
|
+
255,
|
|
593
|
+
255,
|
|
594
|
+
255,
|
|
595
|
+
255,
|
|
596
|
+
255,
|
|
597
|
+
255,
|
|
598
|
+
255,
|
|
599
|
+
255,
|
|
600
|
+
255,
|
|
601
|
+
255,
|
|
602
|
+
255,
|
|
603
|
+
255,
|
|
604
|
+
255,
|
|
605
|
+
255,
|
|
606
|
+
127
|
|
607
|
+
]),
|
|
608
|
+
new Uint8Array([
|
|
609
|
+
205,
|
|
610
|
+
235,
|
|
611
|
+
122,
|
|
612
|
+
124,
|
|
613
|
+
59,
|
|
614
|
+
65,
|
|
615
|
+
184,
|
|
616
|
+
174,
|
|
617
|
+
22,
|
|
618
|
+
86,
|
|
619
|
+
227,
|
|
620
|
+
250,
|
|
621
|
+
241,
|
|
622
|
+
159,
|
|
623
|
+
196,
|
|
624
|
+
106,
|
|
625
|
+
218,
|
|
626
|
+
9,
|
|
627
|
+
141,
|
|
628
|
+
235,
|
|
629
|
+
156,
|
|
630
|
+
50,
|
|
631
|
+
177,
|
|
632
|
+
253,
|
|
633
|
+
134,
|
|
634
|
+
98,
|
|
635
|
+
5,
|
|
636
|
+
22,
|
|
637
|
+
95,
|
|
638
|
+
73,
|
|
639
|
+
184,
|
|
640
|
+
128
|
|
641
|
+
])
|
|
642
|
+
];
|
|
643
|
+
/**
|
|
644
|
+
* Constant-time equality check for two byte arrays. No early-exit branches so
|
|
645
|
+
* comparison duration does not leak the content being compared.
|
|
646
|
+
*/
|
|
647
|
+
const bytesEqual = ({ a, b }) => {
|
|
648
|
+
let diff = a.length ^ b.length;
|
|
649
|
+
const length = Math.min(a.length, b.length);
|
|
650
|
+
for (let i = 0; i < length; i += 1) diff |= a[i] ^ b[i];
|
|
651
|
+
return diff === 0;
|
|
652
|
+
};
|
|
653
|
+
/**
|
|
654
|
+
* Validates that a decoded Curve25519 public key is safe to use for X25519 key
|
|
655
|
+
* agreement, rejecting low-order / contributory points.
|
|
656
|
+
*
|
|
657
|
+
* Defense in depth:
|
|
658
|
+
* 1. Enforce the canonical 32-byte length.
|
|
659
|
+
* 2. Reject the known small set of low-order point encodings (blocklist).
|
|
660
|
+
* 3. Reject any input whose raw X25519 output (`nacl.scalarMult`) is all-zero,
|
|
661
|
+
* which catches low-order inputs regardless of encoding.
|
|
662
|
+
*
|
|
663
|
+
* @param params.theirPublicKey - The decoded (32-byte) peer public key
|
|
664
|
+
* @param params.ourSecretKey - The decoded (32-byte) local secret key
|
|
665
|
+
* @throws {PhantomInvalidEncryptionPublicKeyError} If the key is invalid or low-order
|
|
666
|
+
*/
|
|
667
|
+
const assertValidCurve25519PublicKey = ({ theirPublicKey, ourSecretKey }) => {
|
|
668
|
+
if (theirPublicKey.length !== CURVE25519_PUBLIC_KEY_LENGTH) throw new PhantomInvalidEncryptionPublicKeyError();
|
|
669
|
+
for (const lowOrderPoint of CURVE25519_LOW_ORDER_POINTS) if (bytesEqual({
|
|
670
|
+
a: theirPublicKey,
|
|
671
|
+
b: lowOrderPoint
|
|
672
|
+
})) throw new PhantomInvalidEncryptionPublicKeyError();
|
|
673
|
+
const scalarMultOutput = tweetnacl.default.scalarMult(ourSecretKey, theirPublicKey);
|
|
674
|
+
if (bytesEqual({
|
|
675
|
+
a: scalarMultOutput,
|
|
676
|
+
b: new Uint8Array(scalarMultOutput.length)
|
|
677
|
+
})) throw new PhantomInvalidEncryptionPublicKeyError();
|
|
678
|
+
};
|
|
679
|
+
/**
|
|
341
680
|
* Creates a shared secret for NaCl box encryption using our secret key and their public key.
|
|
342
681
|
*
|
|
682
|
+
* Rejects low-order / invalid Curve25519 public keys before deriving the shared
|
|
683
|
+
* secret, preventing an attacker from forcing the X25519 output to a known
|
|
684
|
+
* constant via a malicious `phantom_encryption_public_key`.
|
|
685
|
+
*
|
|
343
686
|
* @param params.ourSecretKey - Our base58-encoded secret key
|
|
344
687
|
* @param params.theirPublicKey - Their base58-encoded public key
|
|
345
688
|
* @returns The base58-encoded shared secret
|
|
689
|
+
* @throws {PhantomInvalidEncryptionPublicKeyError} If their public key is invalid or a low-order point
|
|
346
690
|
* @notInstrumented
|
|
347
691
|
*/
|
|
348
692
|
const createNaClSharedSecret = ({ ourSecretKey, theirPublicKey }) => {
|
|
349
|
-
const
|
|
693
|
+
const theirPublicKeyBytes = bs58.default.decode(theirPublicKey);
|
|
694
|
+
const ourSecretKeyBytes = bs58.default.decode(ourSecretKey);
|
|
695
|
+
assertValidCurve25519PublicKey({
|
|
696
|
+
ourSecretKey: ourSecretKeyBytes,
|
|
697
|
+
theirPublicKey: theirPublicKeyBytes
|
|
698
|
+
});
|
|
699
|
+
const sharedSecret = tweetnacl.default.box.before(theirPublicKeyBytes, ourSecretKeyBytes);
|
|
350
700
|
return bs58.default.encode(sharedSecret);
|
|
351
701
|
};
|
|
352
702
|
|