npm - @dynamic-labs-wallet/forward-mpc-client - Versions diffs - 0.3.0 → 0.5.0 - Mend

@dynamic-labs-wallet/forward-mpc-client 0.3.0 → 0.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/dist/index.js CHANGED Viewed

@@ -1,11 +1,13 @@
-import { EventEmitter } from 'eventemitter3';
+import EventEmitter2, { EventEmitter } from 'eventemitter3';
 import * as ws from 'ws';
-import { messageRegistry, generateMlKem768Keypair, HandshakeV1RequestMessage, decapsulateMlKem768, encryptKeyshare, SignMessageV1RequestMessage, encryptKeygenInit, KeygenV1RequestMessage, decryptKeygenResult, ReceiveKeyV1RequestMessage } from '@dynamic-labs-wallet/forward-mpc-shared';
+import { messageRegistry, generateMlKem768Keypair, HandshakeV1RequestMessage, decapsulateMlKem768, encryptKeyshare, SignMessageV1RequestMessage, encryptKeygenInit, KeygenV1RequestMessage, decryptKeygenResult, ReceiveKeyV1RequestMessage, WebSocketCloseCode, fromDynamicSigningAlgorithm } from '@dynamic-labs-wallet/forward-mpc-shared';
 import init, { PCRs, validateAttestationDocPcrs, getUserData, getNonce } from '@evervault/wasm-attestation-bindings';
 import { sha256 } from '@noble/hashes/sha2.js';
 import { randomBytes, hexToBytes } from '@noble/hashes/utils.js';
 import { either } from 'fp-ts';
 import { SigningAlgorithm } from '@dynamic-labs-wallet/core';
+export { SigningAlgorithm } from '@dynamic-labs-wallet/core';
+import { WebSocket } from 'isows';
 var __defProp = Object.defineProperty;
 var __name = (target, value) => __defProp(target, "name", { value, configurable: true });
@@ -19,7 +21,7 @@ var NitroAttestationVerifier = class {
     __name(this, "NitroAttestationVerifier");
   }
   config;
-  wasmInitialized = false;
+  wasmInitPromise = null;
   constructor(config) {
     this.config = {
       strictCertValidation: true,
@@ -28,17 +30,16 @@ var NitroAttestationVerifier = class {
     };
   }
   /**
-  * Initialize WASM module if not already initialized
+  * Initialises the WASM module exactly once. Concurrent callers share the
+  * same in-flight promise, preventing duplicate initialisation.
+  * On failure the promise is cleared so the next call may retry.
   */
-  async ensureWasmInitialized() {
-    if (!this.wasmInitialized) {
-      try {
-        await init();
-        this.wasmInitialized = true;
-      } catch (error) {
-        throw new Error(`Failed to initialize WASM module: ${error instanceof Error ? error.message : "Unknown error"}`);
-      }
-    }
+  ensureWasmInitialized() {
+    this.wasmInitPromise ??= init().then(() => void 0).catch((error) => {
+      this.wasmInitPromise = null;
+      throw new Error(`Failed to initialize WASM module: ${error instanceof Error ? error.message : "Unknown error"}`);
+    });
+    return this.wasmInitPromise;
   }
   /**
   * Verify an attestation document using Evervault WASM bindings
@@ -46,9 +47,9 @@ var NitroAttestationVerifier = class {
   *
   * @param attestationDocBase64 - Base64-encoded attestation document
   * @param expectedChallenge - Expected challenge (ciphertext hash)
-  * @param expectedNonce - Expected nonce (REQUIRED for security)
+  * @param nonce - Expected nonce (REQUIRED for security)
   */
-  async verify(attestationDocBase64, expectedChallenge, expectedNonce) {
+  async verify(attestationDocBase64, expectedChallenge, nonce) {
     try {
       await this.ensureWasmInitialized();
       const expectedPcrs = PCRs.empty();
@@ -65,37 +66,44 @@ var NitroAttestationVerifier = class {
           timestamp: Date.now()
         };
       }
-      if (expectedChallenge) {
-        try {
-          const userData = getUserData(attestationDocBase64);
-          if (!userData) {
-            return {
-              valid: false,
-              errors: [
-                "No user data found in attestation document"
-              ],
-              timestamp: Date.now()
-            };
-          }
-          const userDataString = new TextDecoder("utf-8").decode(userData);
-          if (!userDataString.includes(expectedChallenge)) {
-            return {
-              valid: false,
-              errors: [
-                "Ciphertext hash verification failed - challenge not found in attestation user data"
-              ],
-              timestamp: Date.now()
-            };
-          }
-        } catch (error) {
+      if (!expectedChallenge) {
+        return {
+          valid: false,
+          errors: [
+            "No challenge provided \u2014 ciphertext binding cannot be verified"
+          ],
+          timestamp: Date.now()
+        };
+      }
+      try {
+        const userData = getUserData(attestationDocBase64);
+        if (!userData) {
+          return {
+            valid: false,
+            errors: [
+              "No user data found in attestation document"
+            ],
+            timestamp: Date.now()
+          };
+        }
+        const userDataString = new TextDecoder("utf-8").decode(userData);
+        if (userDataString !== expectedChallenge) {
           return {
             valid: false,
             errors: [
-              `Failed to extract or verify ciphertext hash: ${error instanceof Error ? error.message : String(error)}`
+              "Ciphertext hash verification failed - challenge mismatch in attestation user data"
             ],
             timestamp: Date.now()
           };
         }
+      } catch (error) {
+        return {
+          valid: false,
+          errors: [
+            `Failed to extract or verify ciphertext hash: ${error instanceof Error ? error.message : String(error)}`
+          ],
+          timestamp: Date.now()
+        };
       }
       try {
         const extractedNonceRaw = getNonce(attestationDocBase64);
@@ -118,8 +126,7 @@ var NitroAttestationVerifier = class {
               extractedNonce[i] = binaryString.charCodeAt(i);
             }
           } else {
-            const decodedBuffer = Buffer.from(nonceString, "base64");
-            extractedNonce = new Uint8Array(decodedBuffer);
+            extractedNonce = new Uint8Array(Buffer.from(nonceString, "base64"));
           }
         } catch (decodeError) {
           return {
@@ -130,25 +137,27 @@ var NitroAttestationVerifier = class {
             timestamp: Date.now()
           };
         }
-        if (extractedNonce.length !== expectedNonce.length) {
+        if (extractedNonce.length !== nonce.length) {
           return {
             valid: false,
             errors: [
-              `Nonce length mismatch: expected ${expectedNonce.length} bytes, got ${extractedNonce.length} bytes`
+              `Nonce length mismatch: expected ${nonce.length} bytes, got ${extractedNonce.length} bytes`
             ],
             timestamp: Date.now()
           };
         }
-        for (let i = 0; i < expectedNonce.length; i++) {
-          if (extractedNonce[i] !== expectedNonce[i]) {
-            return {
-              valid: false,
-              errors: [
-                "Nonce verification failed - nonce mismatch"
-              ],
-              timestamp: Date.now()
-            };
-          }
+        let diff = 0;
+        for (let i = 0; i < nonce.length; i++) {
+          diff |= extractedNonce[i] ^ nonce[i];
+        }
+        if (diff !== 0) {
+          return {
+            valid: false,
+            errors: [
+              "Nonce verification failed - nonce mismatch"
+            ],
+            timestamp: Date.now()
+          };
         }
       } catch (error) {
         return {
@@ -554,7 +563,800 @@ var ForwardMPCClient = class extends EventEmitter {
     }
   }
 };
+var ErrorCode = {
+  // Transport
+  CONNECTION_FAILED: "CONNECTION_FAILED",
+  CONNECTION_TIMEOUT: "CONNECTION_TIMEOUT",
+  NOT_CONNECTED: "NOT_CONNECTED",
+  // Session
+  HANDSHAKE_FAILED: "HANDSHAKE_FAILED",
+  HANDSHAKE_INVALID_RESPONSE: "HANDSHAKE_INVALID_RESPONSE",
+  ATTESTATION_FAILED: "ATTESTATION_FAILED",
+  ATTESTATION_NONCE_MISSING: "ATTESTATION_NONCE_MISSING",
+  REQUEST_TIMEOUT: "REQUEST_TIMEOUT",
+  SESSION_DISPOSED: "SESSION_DISPOSED",
+  SERVER_ERROR: "SERVER_ERROR",
+  MESSAGE_PARSE_FAILED: "MESSAGE_PARSE_FAILED",
+  // Client
+  SESSION_ESTABLISH_FAILED: "SESSION_ESTABLISH_FAILED",
+  UNSUPPORTED_ALGORITHM: "UNSUPPORTED_ALGORITHM"
+};
+var ForwardMPCErrorType = {
+  TRANSPORT: "transport",
+  SESSION: "session",
+  CLIENT: "client"
+};
+var ForwardMPCError = class extends Error {
+  static {
+    __name(this, "ForwardMPCError");
+  }
+  code;
+  type;
+  context;
+  constructor(message, code, type, context) {
+    super(message);
+    this.name = this.constructor.name;
+    this.code = code;
+    this.type = type;
+    this.context = context;
+    Object.setPrototypeOf(this, new.target.prototype);
+  }
+  toJSON() {
+    return {
+      name: this.name,
+      message: this.message,
+      code: this.code,
+      type: this.type,
+      stack: this.stack,
+      context: this.context
+    };
+  }
+};
+var TransportError = class extends ForwardMPCError {
+  static {
+    __name(this, "TransportError");
+  }
+  constructor(message, code, context) {
+    super(message, code, ForwardMPCErrorType.TRANSPORT, context);
+  }
+};
+var SessionError = class extends ForwardMPCError {
+  static {
+    __name(this, "SessionError");
+  }
+  constructor(message, code, context) {
+    super(message, code, ForwardMPCErrorType.SESSION, context);
+  }
+};
+var ClientError = class extends ForwardMPCError {
+  static {
+    __name(this, "ClientError");
+  }
+  constructor(message, code, context) {
+    super(message, code, ForwardMPCErrorType.CLIENT, context);
+  }
+};
+var TransportConnectionError = class extends TransportError {
+  static {
+    __name(this, "TransportConnectionError");
+  }
+  constructor(context) {
+    super("WebSocket connection failed", ErrorCode.CONNECTION_FAILED, context);
+  }
+};
+var TransportConnectionTimeoutError = class extends TransportError {
+  static {
+    __name(this, "TransportConnectionTimeoutError");
+  }
+  constructor(context) {
+    super("WebSocket connection timed out", ErrorCode.CONNECTION_TIMEOUT, context);
+  }
+};
+var TransportNotConnectedError = class extends TransportError {
+  static {
+    __name(this, "TransportNotConnectedError");
+  }
+  constructor(context) {
+    super("WebSocket is not connected", ErrorCode.NOT_CONNECTED, context);
+  }
+};
+var SessionHandshakeError = class extends SessionError {
+  static {
+    __name(this, "SessionHandshakeError");
+  }
+  constructor(reason, context) {
+    super(`ML-KEM-768 handshake failed: ${reason}`, ErrorCode.HANDSHAKE_FAILED, {
+      reason,
+      ...context
+    });
+  }
+};
+var SessionHandshakeInvalidResponseError = class extends SessionError {
+  static {
+    __name(this, "SessionHandshakeInvalidResponseError");
+  }
+  constructor(context) {
+    super("Handshake response was invalid or incomplete", ErrorCode.HANDSHAKE_INVALID_RESPONSE, context);
+  }
+};
+var SessionAttestationError = class extends SessionError {
+  static {
+    __name(this, "SessionAttestationError");
+  }
+  constructor(context) {
+    super("Attestation verification failed", ErrorCode.ATTESTATION_FAILED, context);
+  }
+};
+var SessionAttestationNonceMissingError = class extends SessionError {
+  static {
+    __name(this, "SessionAttestationNonceMissingError");
+  }
+  constructor(context) {
+    super("Nonce missing from attestation document", ErrorCode.ATTESTATION_NONCE_MISSING, context);
+  }
+};
+var SessionRequestTimeoutError = class extends SessionError {
+  static {
+    __name(this, "SessionRequestTimeoutError");
+  }
+  constructor(context) {
+    super("Request timed out waiting for server response", ErrorCode.REQUEST_TIMEOUT, context);
+  }
+};
+var SessionDisposedError = class extends SessionError {
+  static {
+    __name(this, "SessionDisposedError");
+  }
+  constructor(context) {
+    super("Session has been disposed", ErrorCode.SESSION_DISPOSED, context);
+  }
+};
+var SessionServerError = class extends SessionError {
+  static {
+    __name(this, "SessionServerError");
+  }
+  constructor(reason, context) {
+    super(`Server returned an error response: ${reason}`, ErrorCode.SERVER_ERROR, {
+      reason,
+      ...context
+    });
+  }
+};
+var SessionMessageParseError = class extends SessionError {
+  static {
+    __name(this, "SessionMessageParseError");
+  }
+  constructor(context) {
+    super("Failed to parse server message", ErrorCode.MESSAGE_PARSE_FAILED, context);
+  }
+};
+var SessionRemoteError = class extends SessionError {
+  static {
+    __name(this, "SessionRemoteError");
+  }
+  serverError;
+  constructor(serverError, context) {
+    super(serverError.message, ErrorCode.SERVER_ERROR, context), this.serverError = serverError;
+  }
+};
+var ClientUnsupportedAlgorithmError = class extends ClientError {
+  static {
+    __name(this, "ClientUnsupportedAlgorithmError");
+  }
+  constructor(context) {
+    super("Signing algorithm is not supported", ErrorCode.UNSUPPORTED_ALGORITHM, context);
+  }
+};
+var ClientSessionEstablishFailedError = class extends ClientError {
+  static {
+    __name(this, "ClientSessionEstablishFailedError");
+  }
+  constructor(context) {
+    super("Failed to establish session", ErrorCode.SESSION_ESTABLISH_FAILED, context);
+  }
+};
+// src/client-v2/transport.ts
+var ForwardMPCTransport = class extends EventEmitter2 {
+  static {
+    __name(this, "ForwardMPCTransport");
+  }
+  url;
+  ws = null;
+  _isConnected = false;
+  _destroyed = false;
+  _hadSuccessfulConnection = false;
+  _midSessionReconnectCount = 0;
+  _connectPromise = null;
+  options;
+  logger;
+  constructor(url, options = {}) {
+    super(), this.url = url;
+    this.logger = options.logger;
+    this.options = {
+      reconnectAttempts: options.reconnectAttempts ?? 1,
+      reconnectInterval: options.reconnectInterval ?? 1e3,
+      connectionTimeout: options.connectionTimeout ?? 1e4
+    };
+  }
+  get connected() {
+    return this._isConnected;
+  }
+  /**
+  * Opens the WebSocket connection. Concurrent callers coalesce on a single
+  * in-flight promise. `reconnectAttempts` controls how many silent retries
+  * are attempted before the promise rejects (default: 1 retry = 2 total tries).
+  */
+  async connect() {
+    this._destroyed = false;
+    if (this._isConnected) return;
+    if (this._connectPromise) return this._connectPromise;
+    this._connectPromise = this._connectWithRetry().finally(() => {
+      this._connectPromise = null;
+    });
+    return this._connectPromise;
+  }
+  disconnect() {
+    this._destroyed = true;
+    if (this.ws) {
+      this.ws.close();
+      this.ws = null;
+    }
+    this._isConnected = false;
+    this.emit("disconnected");
+  }
+  send(data) {
+    if (!this._isConnected || !this.ws) {
+      throw new TransportNotConnectedError();
+    }
+    this.ws.send(data);
+  }
+  /**
+  * Attempts the initial connection, then silently retries up to
+  * `reconnectAttempts` times before surfacing an error.
+  */
+  async _connectWithRetry() {
+    let lastError;
+    for (let attempt = 0; attempt <= this.options.reconnectAttempts; attempt++) {
+      try {
+        await this._connectOnce();
+        return;
+      } catch (error) {
+        lastError = error;
+      }
+    }
+    throw lastError;
+  }
+  _connectOnce() {
+    return new Promise((resolve, reject) => {
+      const timeoutHandle = setTimeout(() => {
+        this.ws?.close();
+        reject(new TransportConnectionTimeoutError({
+          url: this.url
+        }));
+      }, this.options.connectionTimeout);
+      this.ws = new WebSocket(this.url);
+      this.ws.onopen = () => {
+        clearTimeout(timeoutHandle);
+        this._isConnected = true;
+        this._hadSuccessfulConnection = true;
+        this._midSessionReconnectCount = 0;
+        this.logger?.info("WebSocket connected", {
+          url: this.url
+        });
+        this.emit("connected");
+        resolve();
+      };
+      this.ws.onerror = () => {
+        clearTimeout(timeoutHandle);
+        const err = new TransportConnectionError({
+          url: this.url
+        });
+        this.emit("error", err);
+        reject(err);
+      };
+      this.ws.onmessage = (event) => {
+        this.logger?.debug("WebSocket message received", {
+          data: event.data
+        });
+        this.emit("message", event.data);
+      };
+      this.ws.onclose = (event) => {
+        this._isConnected = false;
+        this.logger?.warn("WebSocket closed", {
+          url: this.url,
+          closeCode: event.code
+        });
+        if (!this._destroyed) {
+          this.emit("disconnected");
+        }
+        this.maybeReconnect(event.code);
+      };
+    });
+  }
+  /**
+  * Attempts mid-session reconnects after a drop, up to `reconnectAttempts`
+  * times. Only fires when a successful connection was previously established
+  * and the close was unexpected (not a normal or idle-timeout close).
+  */
+  maybeReconnect(closeCode) {
+    if (this._destroyed) return;
+    if (!this._hadSuccessfulConnection) return;
+    if (this._midSessionReconnectCount >= this.options.reconnectAttempts) return;
+    if (closeCode === WebSocketCloseCode.NORMAL || closeCode === WebSocketCloseCode.IDLE_TIMEOUT) {
+      this.logger?.info("WebSocket closed gracefully \u2014 not reconnecting", {
+        url: this.url,
+        closeCode
+      });
+      return;
+    }
+    this._midSessionReconnectCount++;
+    this.logger?.warn("WebSocket disconnected \u2014 attempting reconnect", {
+      url: this.url,
+      attempt: this._midSessionReconnectCount,
+      maxAttempts: this.options.reconnectAttempts
+    });
+    setTimeout(() => {
+      this._connectOnce().catch((error) => {
+        const err = error instanceof Error ? error : new Error(String(error));
+        this.logger?.error("Reconnect failed", {
+          attempt: this._midSessionReconnectCount
+        }, err);
+        this.emit("error", err);
+      });
+    }, this.options.reconnectInterval);
+  }
+};
+function isWebSocketError(v) {
+  return typeof v === "object" && v !== null && typeof v["message"] === "string" && typeof v["type"] === "string";
+}
+__name(isWebSocketError, "isWebSocketError");
+var Session = class _Session {
+  static {
+    __name(this, "Session");
+  }
+  transport;
+  _connectionId;
+  _sharedSecret;
+  requestTimeout;
+  logger;
+  _disposed = false;
+  _abort = new AbortController();
+  /**
+  * Session is only constructed with fully-validated crypto material.
+  * All handshake and attestation work is done in the static handshake() factory
+  * before this constructor is called.
+  */
+  constructor(transport, _connectionId, _sharedSecret, requestTimeout, logger) {
+    this.transport = transport;
+    this._connectionId = _connectionId;
+    this._sharedSecret = _sharedSecret;
+    this.requestTimeout = requestTimeout;
+    this.logger = logger;
+  }
+  get connectionId() {
+    return this._connectionId;
+  }
+  get sharedSecret() {
+    if (this._disposed) {
+      throw new SessionDisposedError();
+    }
+    return this._sharedSecret;
+  }
+  /**
+  * Performs the ML-KEM-768 handshake over an established transport connection
+  * and returns a fully authenticated Session. All crypto material is derived
+  * before the Session object is created — the constructor never receives
+  * partially-initialised state.
+  *
+  * Attestation is verified (when configured) before the Session is returned.
+  */
+  static async handshake(transport, traceContext, options = {}, logger) {
+    const requestTimeout = options.requestTimeout ?? 3e4;
+    const { encapsulationKey, decapsulationKey } = generateMlKem768Keypair();
+    const nonceBytes = randomBytes(32);
+    const request = new HandshakeV1RequestMessage({
+      challenge: encapsulationKey,
+      nonce: nonceBytes,
+      traceContext
+    });
+    let data;
+    try {
+      data = await _Session.doRequest(transport, request, requestTimeout);
+    } catch (error) {
+      decapsulationKey.fill(0);
+      nonceBytes.fill(0);
+      const message = error instanceof Error ? error.message : String(error);
+      throw new SessionHandshakeError(message);
+    }
+    if (!data.encapsulatedSharedSecret || !data.connectionId) {
+      decapsulationKey.fill(0);
+      nonceBytes.fill(0);
+      throw new SessionHandshakeInvalidResponseError();
+    }
+    const connectionId = data.connectionId;
+    const cipherText = hexToBytes(data.encapsulatedSharedSecret);
+    const sharedSecret = decapsulateMlKem768(decapsulationKey, cipherText);
+    decapsulationKey.fill(0);
+    if (options.attestationVerifier && !options.bypassAttestation) {
+      if (!data.attestationDoc) {
+        sharedSecret.fill(0);
+        nonceBytes.fill(0);
+        throw new SessionAttestationError({
+          reason: "Server did not return an attestation document"
+        });
+      }
+      try {
+        await _Session.verifyAttestation(data.attestationDoc, cipherText, nonceBytes, options.attestationVerifier);
+      } catch (error) {
+        sharedSecret.fill(0);
+        nonceBytes.fill(0);
+        throw error;
+      }
+    }
+    nonceBytes.fill(0);
+    logger?.debug("Handshake completed", {
+      connectionId
+    });
+    return new _Session(transport, connectionId, sharedSecret, requestTimeout, logger);
+  }
+  sendRequest(message) {
+    if (this._disposed) {
+      return Promise.reject(new SessionDisposedError());
+    }
+    return _Session.doRequest(this.transport, message, this.requestTimeout, this._abort.signal);
+  }
+  dispose() {
+    if (this._disposed) return;
+    this._disposed = true;
+    this._abort.abort();
+    this._sharedSecret.fill(0);
+    this.logger?.debug("Session disposed", {
+      connectionId: this._connectionId
+    });
+  }
+  /**
+  * Sends a single request and resolves with the decoded response data.
+  * Used by both handshake() and sendRequest(). The optional AbortSignal
+  * allows dispose() to cancel all in-flight requests immediately.
+  */
+  static doRequest(transport, message, timeout, signal) {
+    const requestId = _Session.generateRequestId();
+    return new Promise((resolve, reject) => {
+      if (signal?.aborted) {
+        reject(new SessionDisposedError());
+        return;
+      }
+      const cleanup = /* @__PURE__ */ __name(() => {
+        clearTimeout(timeoutHandle);
+        transport.off("message", handler);
+        signal?.removeEventListener("abort", onAbort);
+      }, "cleanup");
+      const onAbort = /* @__PURE__ */ __name(() => {
+        cleanup();
+        reject(new SessionDisposedError());
+      }, "onAbort");
+      signal?.addEventListener("abort", onAbort, {
+        once: true
+      });
+      const timeoutHandle = setTimeout(() => {
+        cleanup();
+        reject(new SessionRequestTimeoutError({
+          requestId
+        }));
+      }, timeout);
+      const handler = /* @__PURE__ */ __name((rawData) => {
+        let parsed;
+        try {
+          parsed = JSON.parse(rawData);
+        } catch {
+          return;
+        }
+        if (parsed["requestId"] !== requestId) return;
+        cleanup();
+        const { requestId: _rid, ...body } = parsed;
+        let msg = null;
+        try {
+          const result = messageRegistry.decode(body);
+          if (either.isRight(result)) msg = result.right;
+        } catch {
+        }
+        if (msg === null) {
+          reject(new SessionMessageParseError({
+            requestId
+          }));
+          return;
+        }
+        if (msg.type === "error") {
+          reject(isWebSocketError(msg.error) ? new SessionRemoteError(msg.error) : new SessionMessageParseError({
+            requestId
+          }));
+        } else {
+          resolve(msg.getData());
+        }
+      }, "handler");
+      transport.on("message", handler);
+      try {
+        transport.send(_Session.serializeWithRequestId(message, requestId));
+      } catch (error) {
+        cleanup();
+        reject(error instanceof Error ? error : new Error(String(error)));
+      }
+    });
+  }
+  /**
+  * Serialises a message with the given requestId injected without mutating
+  * the original message object. Handles both encodeable (registry) messages
+  * and plain objects.
+  */
+  static serializeWithRequestId(message, requestId) {
+    const msg = message;
+    if (typeof msg["encode"] === "function") {
+      const encoded = msg["encode"]();
+      encoded["requestId"] = requestId;
+      return JSON.stringify(encoded);
+    }
+    return JSON.stringify({
+      ...msg,
+      requestId
+    });
+  }
+  static generateRequestId() {
+    const rand = randomBytes(8);
+    return `req_${Array.from(rand).map((b) => b.toString(16).padStart(2, "0")).join("")}`;
+  }
+  static async verifyAttestation(attestationDocBase64, cipherText, nonce, verifier) {
+    const challengeHash = sha256(cipherText);
+    const expectedChallenge = Array.from(challengeHash).map((b) => b.toString(16).padStart(2, "0")).join("");
+    const result = await verifier.verify(attestationDocBase64, expectedChallenge, nonce);
+    if (!result.valid) {
+      throw new SessionAttestationError({
+        errors: result.errors
+      });
+    }
+  }
+};
+// src/client-v2/logger.ts
+var Logger = class {
+  static {
+    __name(this, "Logger");
+  }
+  externalLogger;
+  MESSAGE_PREFIX = "[ForwardMPCClientV2]";
+  constructor(externalLogger) {
+    this.externalLogger = externalLogger;
+  }
+  debug(message, messageContext, error) {
+    this.externalLogger?.debug(`${this.MESSAGE_PREFIX} ${message}`, messageContext, error);
+  }
+  info(message, messageContext, error) {
+    this.externalLogger?.info(`${this.MESSAGE_PREFIX} ${message}`, messageContext, error);
+  }
+  warn(message, messageContext, error) {
+    this.externalLogger?.warn(`${this.MESSAGE_PREFIX} ${message}`, messageContext, error);
+  }
+  error(message, messageContext, error) {
+    this.externalLogger?.error(`${this.MESSAGE_PREFIX} ${message}`, messageContext, error);
+  }
+};
+// src/client-v2/client-v2.ts
+var ForwardMPCClientV2 = class extends EventEmitter2 {
+  static {
+    __name(this, "ForwardMPCClientV2");
+  }
+  url;
+  options;
+  transport;
+  sessionOptions;
+  logger;
+  session = null;
+  _connectPromise = null;
+  _handshaking = false;
+  _disconnectedIntentionally = false;
+  constructor(url, options = {}) {
+    super();
+    this.url = url;
+    this.options = options;
+    if (options.dangerouslyBypassAttestation) {
+      console.warn("[ForwardMPCClientV2] dangerouslyBypassAttestation is enabled \u2014 attestation verification is disabled. Do not use in production.");
+    } else if (!options.attestationVerifier && !options.attestationConfig) {
+      console.warn("[ForwardMPCClientV2] No attestation verifier configured \u2014 connections will not be attested. This is insecure in production.");
+    }
+    this.logger = new Logger(this.options.logger);
+    const transportOptions = {
+      reconnectAttempts: this.options.reconnectAttempts,
+      reconnectInterval: this.options.reconnectInterval,
+      connectionTimeout: this.options.connectionTimeout,
+      logger: this.logger
+    };
+    this.transport = new ForwardMPCTransport(url, transportOptions);
+    const attestationVerifier = options.attestationVerifier ?? (options.attestationConfig ? new NitroAttestationVerifier(options.attestationConfig) : void 0);
+    this.sessionOptions = {
+      attestationVerifier,
+      bypassAttestation: options.dangerouslyBypassAttestation,
+      requestTimeout: options.requestTimeout
+    };
+    this.transport.on("connected", () => this.onTransportConnected());
+    this.transport.on("disconnected", () => this.onTransportDisconnected());
+    this.transport.on("error", (error) => this.emit("error", error));
+  }
+  get connected() {
+    return this.transport.connected && this.session !== null;
+  }
+  /**
+  * Opens the WebSocket connection and performs the ML-KEM-768 handshake.
+  * Resolves once the session is fully established (and attested, if configured).
+  * Concurrent calls coalesce on a single in-flight promise.
+  */
+  async connect(traceContext) {
+    if (this.session) return;
+    if (this._connectPromise) return this._connectPromise;
+    this._connectPromise = this._doConnect(traceContext).finally(() => {
+      this._connectPromise = null;
+    });
+    return this._connectPromise;
+  }
+  /**
+  * Disposes the current session (zeroing crypto material) and closes the transport.
+  */
+  disconnect() {
+    this._disconnectedIntentionally = true;
+    this.session?.dispose();
+    this.session = null;
+    this.transport.disconnect();
+  }
+  async signMessage(params) {
+    const session = await this.ensureSession();
+    let messageToSign;
+    if (typeof params.message === "string") {
+      const hex = params.message.startsWith("0x") ? params.message.slice(2) : params.message;
+      messageToSign = hexToBytes(hex);
+    } else {
+      messageToSign = params.message;
+    }
+    const encryptedKeyshare = encryptKeyshare(params.keyshare, session.sharedSecret, session.connectionId, fromDynamicSigningAlgorithm(params.signingAlgo));
+    const request = new SignMessageV1RequestMessage({
+      relayDomain: params.relayDomain,
+      signingAlgo: params.signingAlgo,
+      hashAlgo: params.hashAlgo,
+      derivationPath: params.derivationPath,
+      tweak: params.tweak,
+      keyshare: encryptedKeyshare,
+      message: messageToSign,
+      roomUuid: params.roomUuid,
+      traceContext: params.traceContext,
+      userId: params.userId,
+      environmentId: params.environmentId
+    });
+    const { signature } = await session.sendRequest(request);
+    if (!signature) {
+      throw new SessionServerError("No signature in response");
+    }
+    return {
+      signature
+    };
+  }
+  /**
+  * MPC key generation for ECDSA and BIP340.
+  * ED25519 is not supported here — use receiveKey() instead.
+  */
+  async keygen(params) {
+    if (params.signingAlgo === SigningAlgorithm.ED25519) {
+      throw new ClientUnsupportedAlgorithmError();
+    }
+    const session = await this.ensureSession();
+    const encryptedKeygenInit = encryptKeygenInit(params.keygenInit, session.sharedSecret, session.connectionId);
+    const request = new KeygenV1RequestMessage({
+      relayDomain: params.relayDomain,
+      signingAlgo: params.signingAlgo,
+      roomUuid: params.roomUuid,
+      numParties: params.numParties,
+      threshold: params.threshold,
+      keygenInit: encryptedKeygenInit,
+      keygenIds: params.keygenIds,
+      traceContext: params.traceContext,
+      userId: params.userId,
+      environmentId: params.environmentId
+    });
+    const { keygenResult } = await session.sendRequest(request);
+    if (!keygenResult) {
+      throw new SessionServerError("No keygen result in response");
+    }
+    return decryptKeygenResult(keygenResult, session.sharedSecret, session.connectionId);
+  }
+  /**
+  * Receives an ED25519 key generated by another party (ExportableEd25519).
+  */
+  async receiveKey(params) {
+    const session = await this.ensureSession();
+    const encryptedKeygenInit = encryptKeygenInit(params.keygenInit, session.sharedSecret, session.connectionId);
+    const request = new ReceiveKeyV1RequestMessage({
+      relayDomain: params.relayDomain,
+      signingAlgo: "ed25519",
+      roomUuid: params.roomUuid,
+      numParties: params.numParties,
+      threshold: params.threshold,
+      keygenInit: encryptedKeygenInit,
+      keygenIds: params.keygenIds,
+      traceContext: params.traceContext,
+      userId: params.userId,
+      environmentId: params.environmentId
+    });
+    const { keygenResult } = await session.sendRequest(request);
+    if (!keygenResult) {
+      throw new SessionServerError("No keygen result in response");
+    }
+    return decryptKeygenResult(keygenResult, session.sharedSecret, session.connectionId);
+  }
+  /**
+  * Ensures an active session exists, auto-connecting if needed.
+  */
+  async ensureSession() {
+    if (this.session) return this.session;
+    await this.connect();
+    if (!this.session) {
+      throw new ClientSessionEstablishFailedError();
+    }
+    return this.session;
+  }
+  async _runHandshake(traceContext) {
+    this.session = await Session.handshake(this.transport, traceContext, this.sessionOptions, this.logger);
+    this.emit("connected");
+  }
+  async _doConnect(traceContext) {
+    this._handshaking = true;
+    try {
+      await this.transport.connect();
+      await this._runHandshake(traceContext);
+    } finally {
+      this._handshaking = false;
+    }
+  }
+  /**
+  * Called when the transport connects (both initial and after auto-reconnect).
+  * The `_handshaking` flag is set synchronously at the top of `_doConnect`
+  * before any await, so it reliably indicates when we already own the handshake.
+  *
+  * For transport-initiated reconnects, `_connectPromise` is set so that
+  * concurrent `connect()` or `ensureSession()` callers coalesce on the
+  * in-flight handshake rather than initiating a second one.
+  */
+  onTransportConnected() {
+    if (this._handshaking) return;
+    this._handshaking = true;
+    const doHandshake = /* @__PURE__ */ __name(async () => {
+      try {
+        await this._runHandshake();
+      } catch (error) {
+        this.emit("error", error instanceof Error ? error : new Error(String(error)));
+      } finally {
+        this._handshaking = false;
+        this._connectPromise = null;
+      }
+    }, "doHandshake");
+    this._connectPromise = doHandshake();
+  }
+  onTransportDisconnected() {
+    const intentional = this._disconnectedIntentionally;
+    this._disconnectedIntentionally = false;
+    this.session?.dispose();
+    this.session = null;
+    if (!intentional) {
+      this.logger.warn("Unexpected WebSocket disconnect");
+    }
+    this.emit("disconnected");
+  }
+};
+// src/client-v2/singleton.ts
+var ForwardMPCClientSingleton = class extends ForwardMPCClientV2 {
+  static {
+    __name(this, "ForwardMPCClientSingleton");
+  }
+};
-export { ForwardMPCClient };
+export { ClientError, ClientSessionEstablishFailedError, ClientUnsupportedAlgorithmError, ErrorCode, ForwardMPCClient, ForwardMPCClientSingleton, ForwardMPCClientV2, ForwardMPCError, ForwardMPCErrorType, NitroAttestationVerifier, SessionAttestationError, SessionAttestationNonceMissingError, SessionDisposedError, SessionError, SessionHandshakeError, SessionHandshakeInvalidResponseError, SessionMessageParseError, SessionRemoteError, SessionRequestTimeoutError, SessionServerError, TransportConnectionError, TransportConnectionTimeoutError, TransportError, TransportNotConnectedError };
 //# sourceMappingURL=index.js.map
 //# sourceMappingURL=index.js.map