@dynamic-labs-wallet/forward-mpc-client 0.5.4 → 0.6.0

package/dist/index.d.cts

@@ -91,6 +91,7 @@ declare class ForwardMPCClient extends EventEmitter {
         roomUuid: string;
         traceContext?: TraceContext;
         userId?: string;
+        walletId?: string;
         environmentId?: string;
     }): Promise<any>;
     /**
@@ -284,7 +285,11 @@ declare const ErrorCode: {
     readonly HANDSHAKE_FAILED: "HANDSHAKE_FAILED";
     readonly HANDSHAKE_INVALID_RESPONSE: "HANDSHAKE_INVALID_RESPONSE";
     readonly ATTESTATION_FAILED: "ATTESTATION_FAILED";
+    readonly ATTESTATION_PCR_MISMATCH: "ATTESTATION_PCR_MISMATCH";
+    readonly ATTESTATION_CHALLENGE_MISMATCH: "ATTESTATION_CHALLENGE_MISMATCH";
+    readonly ATTESTATION_NONCE_MISMATCH: "ATTESTATION_NONCE_MISMATCH";
     readonly ATTESTATION_NONCE_MISSING: "ATTESTATION_NONCE_MISSING";
+    readonly ATTESTATION_DOCUMENT_MISSING: "ATTESTATION_DOCUMENT_MISSING";
     readonly REQUEST_TIMEOUT: "REQUEST_TIMEOUT";
     readonly SESSION_DISPOSED: "SESSION_DISPOSED";
     readonly SERVER_ERROR: "SERVER_ERROR";
@@ -293,6 +298,25 @@ declare const ErrorCode: {
     readonly UNSUPPORTED_ALGORITHM: "UNSUPPORTED_ALGORITHM";
 };
 type ErrorCode = (typeof ErrorCode)[keyof typeof ErrorCode];
+/**
+ * Focused subset of ErrorCode for attestation verification failures.
+ * Use with `error.code` to distinguish failure modes on SessionAttestationError.
+ */
+declare const AttestationErrorCode: {
+    /** Generic / unrecognised attestation failure */
+    readonly FAILED: "ATTESTATION_FAILED";
+    /** PCR8 hash mismatch — enclave measurement changed */
+    readonly PCR_MISMATCH: "ATTESTATION_PCR_MISMATCH";
+    /** Challenge / ciphertext binding mismatch */
+    readonly CHALLENGE_MISMATCH: "ATTESTATION_CHALLENGE_MISMATCH";
+    /** Nonce value mismatch — possible tampering */
+    readonly NONCE_MISMATCH: "ATTESTATION_NONCE_MISMATCH";
+    /** Nonce field missing from attestation document */
+    readonly NONCE_MISSING: "ATTESTATION_NONCE_MISSING";
+    /** Server did not return an attestation document */
+    readonly DOCUMENT_MISSING: "ATTESTATION_DOCUMENT_MISSING";
+};
+type AttestationErrorCode = (typeof AttestationErrorCode)[keyof typeof AttestationErrorCode];
 declare const ForwardMPCErrorType: {
     readonly TRANSPORT: "transport";
     readonly SESSION: "session";
@@ -337,11 +361,14 @@ declare class SessionHandshakeError extends SessionError {
 declare class SessionHandshakeInvalidResponseError extends SessionError {
     constructor(context?: Record<string, unknown>);
 }
+/**
+ * Attestation verification failure.
+ * Use `error.code` to distinguish failure reasons (e.g. ATTESTATION_PCR_MISMATCH)
+ * and `error.cause` to inspect the original verifier error.
+ */
 declare class SessionAttestationError extends SessionError {
-    constructor(context?: Record<string, unknown>);
-}
-declare class SessionAttestationNonceMissingError extends SessionError {
-    constructor(context?: Record<string, unknown>);
+    readonly cause?: unknown;
+    constructor(message?: string, code?: ErrorCode, context?: Record<string, unknown>, cause?: unknown);
 }
 declare class SessionRequestTimeoutError extends SessionError {
     constructor(context?: Record<string, unknown>);
@@ -403,4 +430,4 @@ declare class NitroAttestationVerifier implements AttestationVerifier {
     verify(attestationDocBase64: string, expectedChallenge: string, nonce: Uint8Array): Promise<AttestationVerificationResult>;
 }
 
-export { type AttestationVerificationConfig, type AttestationVerificationResult, type AttestationVerifier, ClientError, type ClientEvents, ClientSessionEstablishFailedError, ClientUnsupportedAlgorithmError, type ClientV2Events, ErrorCode, type ExternalLogger, ForwardMPCClient, type ForwardMPCClientOptions, ForwardMPCClientSingleton, ForwardMPCClientV2, type ForwardMPCClientV2Options, ForwardMPCError, ForwardMPCErrorType, type KeygenParams, type KeygenResult, NitroAttestationVerifier, type ReceiveKeyParams, type ReceiveKeyResult, SessionAttestationError, SessionAttestationNonceMissingError, SessionDisposedError, SessionError, SessionHandshakeError, SessionHandshakeInvalidResponseError, SessionMessageParseError, SessionRemoteError, SessionRequestTimeoutError, SessionServerError, type SignMessageParams, type SignMessageResult, TransportConnectionError, TransportConnectionTimeoutError, TransportError, TransportNotConnectedError };
+export { AttestationErrorCode, type AttestationVerificationConfig, type AttestationVerificationResult, type AttestationVerifier, ClientError, type ClientEvents, ClientSessionEstablishFailedError, ClientUnsupportedAlgorithmError, type ClientV2Events, ErrorCode, type ExternalLogger, ForwardMPCClient, type ForwardMPCClientOptions, ForwardMPCClientSingleton, ForwardMPCClientV2, type ForwardMPCClientV2Options, ForwardMPCError, ForwardMPCErrorType, type KeygenParams, type KeygenResult, NitroAttestationVerifier, type ReceiveKeyParams, type ReceiveKeyResult, SessionAttestationError, SessionDisposedError, SessionError, SessionHandshakeError, SessionHandshakeInvalidResponseError, SessionMessageParseError, SessionRemoteError, SessionRequestTimeoutError, SessionServerError, type SignMessageParams, type SignMessageResult, TransportConnectionError, TransportConnectionTimeoutError, TransportError, TransportNotConnectedError };

package/dist/index.d.ts

@@ -91,6 +91,7 @@ declare class ForwardMPCClient extends EventEmitter {
         roomUuid: string;
         traceContext?: TraceContext;
         userId?: string;
+        walletId?: string;
         environmentId?: string;
     }): Promise<any>;
     /**
@@ -284,7 +285,11 @@ declare const ErrorCode: {
     readonly HANDSHAKE_FAILED: "HANDSHAKE_FAILED";
     readonly HANDSHAKE_INVALID_RESPONSE: "HANDSHAKE_INVALID_RESPONSE";
     readonly ATTESTATION_FAILED: "ATTESTATION_FAILED";
+    readonly ATTESTATION_PCR_MISMATCH: "ATTESTATION_PCR_MISMATCH";
+    readonly ATTESTATION_CHALLENGE_MISMATCH: "ATTESTATION_CHALLENGE_MISMATCH";
+    readonly ATTESTATION_NONCE_MISMATCH: "ATTESTATION_NONCE_MISMATCH";
     readonly ATTESTATION_NONCE_MISSING: "ATTESTATION_NONCE_MISSING";
+    readonly ATTESTATION_DOCUMENT_MISSING: "ATTESTATION_DOCUMENT_MISSING";
     readonly REQUEST_TIMEOUT: "REQUEST_TIMEOUT";
     readonly SESSION_DISPOSED: "SESSION_DISPOSED";
     readonly SERVER_ERROR: "SERVER_ERROR";
@@ -293,6 +298,25 @@ declare const ErrorCode: {
     readonly UNSUPPORTED_ALGORITHM: "UNSUPPORTED_ALGORITHM";
 };
 type ErrorCode = (typeof ErrorCode)[keyof typeof ErrorCode];
+/**
+ * Focused subset of ErrorCode for attestation verification failures.
+ * Use with `error.code` to distinguish failure modes on SessionAttestationError.
+ */
+declare const AttestationErrorCode: {
+    /** Generic / unrecognised attestation failure */
+    readonly FAILED: "ATTESTATION_FAILED";
+    /** PCR8 hash mismatch — enclave measurement changed */
+    readonly PCR_MISMATCH: "ATTESTATION_PCR_MISMATCH";
+    /** Challenge / ciphertext binding mismatch */
+    readonly CHALLENGE_MISMATCH: "ATTESTATION_CHALLENGE_MISMATCH";
+    /** Nonce value mismatch — possible tampering */
+    readonly NONCE_MISMATCH: "ATTESTATION_NONCE_MISMATCH";
+    /** Nonce field missing from attestation document */
+    readonly NONCE_MISSING: "ATTESTATION_NONCE_MISSING";
+    /** Server did not return an attestation document */
+    readonly DOCUMENT_MISSING: "ATTESTATION_DOCUMENT_MISSING";
+};
+type AttestationErrorCode = (typeof AttestationErrorCode)[keyof typeof AttestationErrorCode];
 declare const ForwardMPCErrorType: {
     readonly TRANSPORT: "transport";
     readonly SESSION: "session";
@@ -337,11 +361,14 @@ declare class SessionHandshakeError extends SessionError {
 declare class SessionHandshakeInvalidResponseError extends SessionError {
     constructor(context?: Record<string, unknown>);
 }
+/**
+ * Attestation verification failure.
+ * Use `error.code` to distinguish failure reasons (e.g. ATTESTATION_PCR_MISMATCH)
+ * and `error.cause` to inspect the original verifier error.
+ */
 declare class SessionAttestationError extends SessionError {
-    constructor(context?: Record<string, unknown>);
-}
-declare class SessionAttestationNonceMissingError extends SessionError {
-    constructor(context?: Record<string, unknown>);
+    readonly cause?: unknown;
+    constructor(message?: string, code?: ErrorCode, context?: Record<string, unknown>, cause?: unknown);
 }
 declare class SessionRequestTimeoutError extends SessionError {
     constructor(context?: Record<string, unknown>);
@@ -403,4 +430,4 @@ declare class NitroAttestationVerifier implements AttestationVerifier {
     verify(attestationDocBase64: string, expectedChallenge: string, nonce: Uint8Array): Promise<AttestationVerificationResult>;
 }
 
-export { type AttestationVerificationConfig, type AttestationVerificationResult, type AttestationVerifier, ClientError, type ClientEvents, ClientSessionEstablishFailedError, ClientUnsupportedAlgorithmError, type ClientV2Events, ErrorCode, type ExternalLogger, ForwardMPCClient, type ForwardMPCClientOptions, ForwardMPCClientSingleton, ForwardMPCClientV2, type ForwardMPCClientV2Options, ForwardMPCError, ForwardMPCErrorType, type KeygenParams, type KeygenResult, NitroAttestationVerifier, type ReceiveKeyParams, type ReceiveKeyResult, SessionAttestationError, SessionAttestationNonceMissingError, SessionDisposedError, SessionError, SessionHandshakeError, SessionHandshakeInvalidResponseError, SessionMessageParseError, SessionRemoteError, SessionRequestTimeoutError, SessionServerError, type SignMessageParams, type SignMessageResult, TransportConnectionError, TransportConnectionTimeoutError, TransportError, TransportNotConnectedError };
+export { AttestationErrorCode, type AttestationVerificationConfig, type AttestationVerificationResult, type AttestationVerifier, ClientError, type ClientEvents, ClientSessionEstablishFailedError, ClientUnsupportedAlgorithmError, type ClientV2Events, ErrorCode, type ExternalLogger, ForwardMPCClient, type ForwardMPCClientOptions, ForwardMPCClientSingleton, ForwardMPCClientV2, type ForwardMPCClientV2Options, ForwardMPCError, ForwardMPCErrorType, type KeygenParams, type KeygenResult, NitroAttestationVerifier, type ReceiveKeyParams, type ReceiveKeyResult, SessionAttestationError, SessionDisposedError, SessionError, SessionHandshakeError, SessionHandshakeInvalidResponseError, SessionMessageParseError, SessionRemoteError, SessionRequestTimeoutError, SessionServerError, type SignMessageParams, type SignMessageResult, TransportConnectionError, TransportConnectionTimeoutError, TransportError, TransportNotConnectedError };

package/dist/index.js

@@ -489,6 +489,7 @@ var ForwardMPCClient = class extends EventEmitter {
       roomUuid: params.roomUuid,
       traceContext: params.traceContext,
       userId: params.userId,
+      walletId: params.walletId,
       environmentId: params.environmentId
     });
     return this.sendRequest(request);
@@ -591,7 +592,11 @@ var ErrorCode = {
   HANDSHAKE_FAILED: "HANDSHAKE_FAILED",
   HANDSHAKE_INVALID_RESPONSE: "HANDSHAKE_INVALID_RESPONSE",
   ATTESTATION_FAILED: "ATTESTATION_FAILED",
+  ATTESTATION_PCR_MISMATCH: "ATTESTATION_PCR_MISMATCH",
+  ATTESTATION_CHALLENGE_MISMATCH: "ATTESTATION_CHALLENGE_MISMATCH",
+  ATTESTATION_NONCE_MISMATCH: "ATTESTATION_NONCE_MISMATCH",
   ATTESTATION_NONCE_MISSING: "ATTESTATION_NONCE_MISSING",
+  ATTESTATION_DOCUMENT_MISSING: "ATTESTATION_DOCUMENT_MISSING",
   REQUEST_TIMEOUT: "REQUEST_TIMEOUT",
   SESSION_DISPOSED: "SESSION_DISPOSED",
   SERVER_ERROR: "SERVER_ERROR",
@@ -600,6 +605,20 @@ var ErrorCode = {
   SESSION_ESTABLISH_FAILED: "SESSION_ESTABLISH_FAILED",
   UNSUPPORTED_ALGORITHM: "UNSUPPORTED_ALGORITHM"
 };
+var AttestationErrorCode = {
+  /** Generic / unrecognised attestation failure */
+  FAILED: ErrorCode.ATTESTATION_FAILED,
+  /** PCR8 hash mismatch — enclave measurement changed */
+  PCR_MISMATCH: ErrorCode.ATTESTATION_PCR_MISMATCH,
+  /** Challenge / ciphertext binding mismatch */
+  CHALLENGE_MISMATCH: ErrorCode.ATTESTATION_CHALLENGE_MISMATCH,
+  /** Nonce value mismatch — possible tampering */
+  NONCE_MISMATCH: ErrorCode.ATTESTATION_NONCE_MISMATCH,
+  /** Nonce field missing from attestation document */
+  NONCE_MISSING: ErrorCode.ATTESTATION_NONCE_MISSING,
+  /** Server did not return an attestation document */
+  DOCUMENT_MISSING: ErrorCode.ATTESTATION_DOCUMENT_MISSING
+};
 var ForwardMPCErrorType = {
   TRANSPORT: "transport",
   SESSION: "session",
@@ -702,16 +721,12 @@ var SessionAttestationError = class extends SessionError {
   static {
     __name(this, "SessionAttestationError");
   }
-  constructor(context) {
-    super("Attestation verification failed", ErrorCode.ATTESTATION_FAILED, context);
-  }
-};
-var SessionAttestationNonceMissingError = class extends SessionError {
-  static {
-    __name(this, "SessionAttestationNonceMissingError");
-  }
-  constructor(context) {
-    super("Nonce missing from attestation document", ErrorCode.ATTESTATION_NONCE_MISSING, context);
+  cause;
+  constructor(message = "Attestation verification failed", code = ErrorCode.ATTESTATION_FAILED, context, cause) {
+    super(message, code, context);
+    if (cause !== void 0) {
+      this.cause = cause;
+    }
   }
 };
 var SessionRequestTimeoutError = class extends SessionError {
@@ -1002,9 +1017,7 @@ var Session = class _Session {
       if (!data.attestationDoc) {
         sharedSecret.fill(0);
         nonceBytes.fill(0);
-        throw new SessionAttestationError({
-          reason: "Server did not return an attestation document"
-        });
+        throw new SessionAttestationError("Server did not return an attestation document", ErrorCode.ATTESTATION_DOCUMENT_MISSING);
       }
       try {
         await _Session.verifyAttestation(data.attestationDoc, cipherText, nonceBytes, options.attestationVerifier);
@@ -1092,7 +1105,13 @@ var Session = class _Session {
             requestId
           }));
         } else {
-          resolve(msg.getData());
+          const data = msg.getData();
+          const maybeError = data !== null && typeof data === "object" && "error" in data ? data.error : void 0;
+          if (isWebSocketError(maybeError)) {
+            reject(new SessionRemoteError(maybeError));
+          } else {
+            resolve(data);
+          }
         }
       }, "handler");
       transport.on("message", handler);
@@ -1130,10 +1149,29 @@ var Session = class _Session {
     const expectedChallenge = Array.from(challengeHash).map((b) => b.toString(16).padStart(2, "0")).join("");
     const result = await verifier.verify(attestationDocBase64, expectedChallenge, nonce);
     if (!result.valid) {
-      throw new SessionAttestationError({
+      const primaryError = result.errors[0] || "";
+      throw new SessionAttestationError("Attestation verification failed", _Session.classifyAttestationError(primaryError), {
         errors: result.errors
-      });
+      }, primaryError);
+    }
+  }
+  /**
+  * Classifies an attestation verifier error message into a specific ErrorCode.
+  */
+  static classifyAttestationError(primaryError) {
+    if (primaryError.includes("PCR verification failed")) {
+      return ErrorCode.ATTESTATION_PCR_MISMATCH;
+    }
+    if (primaryError.includes("challenge mismatch") || primaryError.includes("ciphertext hash") || primaryError.includes("user data") || primaryError.includes("ciphertext binding")) {
+      return ErrorCode.ATTESTATION_CHALLENGE_MISMATCH;
+    }
+    if (primaryError.includes("No nonce found")) {
+      return ErrorCode.ATTESTATION_NONCE_MISSING;
+    }
+    if (primaryError.includes("nonce mismatch") || primaryError.includes("Nonce length mismatch") || primaryError.includes("Nonce verification failed")) {
+      return ErrorCode.ATTESTATION_NONCE_MISMATCH;
     }
+    return ErrorCode.ATTESTATION_FAILED;
   }
 };
 
@@ -1377,6 +1415,6 @@ var ForwardMPCClientSingleton = class extends ForwardMPCClientV2 {
   }
 };
 
-export { ClientError, ClientSessionEstablishFailedError, ClientUnsupportedAlgorithmError, ErrorCode, ForwardMPCClient, ForwardMPCClientSingleton, ForwardMPCClientV2, ForwardMPCError, ForwardMPCErrorType, NitroAttestationVerifier, SessionAttestationError, SessionAttestationNonceMissingError, SessionDisposedError, SessionError, SessionHandshakeError, SessionHandshakeInvalidResponseError, SessionMessageParseError, SessionRemoteError, SessionRequestTimeoutError, SessionServerError, TransportConnectionError, TransportConnectionTimeoutError, TransportError, TransportNotConnectedError };
+export { AttestationErrorCode, ClientError, ClientSessionEstablishFailedError, ClientUnsupportedAlgorithmError, ErrorCode, ForwardMPCClient, ForwardMPCClientSingleton, ForwardMPCClientV2, ForwardMPCError, ForwardMPCErrorType, NitroAttestationVerifier, SessionAttestationError, SessionDisposedError, SessionError, SessionHandshakeError, SessionHandshakeInvalidResponseError, SessionMessageParseError, SessionRemoteError, SessionRequestTimeoutError, SessionServerError, TransportConnectionError, TransportConnectionTimeoutError, TransportError, TransportNotConnectedError };
 //# sourceMappingURL=index.js.map
 //# sourceMappingURL=index.js.map