npm - @dynamic-labs-wallet/forward-mpc-client - Versions diffs - 0.5.5 → 0.6.0 - Mend

@dynamic-labs-wallet/forward-mpc-client 0.5.5 → 0.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/dist/index.cjs CHANGED Viewed

@@ -515,6 +515,7 @@ var ForwardMPCClient = class extends EventEmitter2.EventEmitter {
       roomUuid: params.roomUuid,
       traceContext: params.traceContext,
       userId: params.userId,
+      walletId: params.walletId,
       environmentId: params.environmentId
     });
     return this.sendRequest(request);
@@ -617,7 +618,11 @@ var ErrorCode = {
   HANDSHAKE_FAILED: "HANDSHAKE_FAILED",
   HANDSHAKE_INVALID_RESPONSE: "HANDSHAKE_INVALID_RESPONSE",
   ATTESTATION_FAILED: "ATTESTATION_FAILED",
+  ATTESTATION_PCR_MISMATCH: "ATTESTATION_PCR_MISMATCH",
+  ATTESTATION_CHALLENGE_MISMATCH: "ATTESTATION_CHALLENGE_MISMATCH",
+  ATTESTATION_NONCE_MISMATCH: "ATTESTATION_NONCE_MISMATCH",
   ATTESTATION_NONCE_MISSING: "ATTESTATION_NONCE_MISSING",
+  ATTESTATION_DOCUMENT_MISSING: "ATTESTATION_DOCUMENT_MISSING",
   REQUEST_TIMEOUT: "REQUEST_TIMEOUT",
   SESSION_DISPOSED: "SESSION_DISPOSED",
   SERVER_ERROR: "SERVER_ERROR",
@@ -626,6 +631,20 @@ var ErrorCode = {
   SESSION_ESTABLISH_FAILED: "SESSION_ESTABLISH_FAILED",
   UNSUPPORTED_ALGORITHM: "UNSUPPORTED_ALGORITHM"
 };
+var AttestationErrorCode = {
+  /** Generic / unrecognised attestation failure */
+  FAILED: ErrorCode.ATTESTATION_FAILED,
+  /** PCR8 hash mismatch — enclave measurement changed */
+  PCR_MISMATCH: ErrorCode.ATTESTATION_PCR_MISMATCH,
+  /** Challenge / ciphertext binding mismatch */
+  CHALLENGE_MISMATCH: ErrorCode.ATTESTATION_CHALLENGE_MISMATCH,
+  /** Nonce value mismatch — possible tampering */
+  NONCE_MISMATCH: ErrorCode.ATTESTATION_NONCE_MISMATCH,
+  /** Nonce field missing from attestation document */
+  NONCE_MISSING: ErrorCode.ATTESTATION_NONCE_MISSING,
+  /** Server did not return an attestation document */
+  DOCUMENT_MISSING: ErrorCode.ATTESTATION_DOCUMENT_MISSING
+};
 var ForwardMPCErrorType = {
   TRANSPORT: "transport",
   SESSION: "session",
@@ -728,16 +747,12 @@ var SessionAttestationError = class extends SessionError {
   static {
     __name(this, "SessionAttestationError");
   }
-  constructor(context) {
-    super("Attestation verification failed", ErrorCode.ATTESTATION_FAILED, context);
-  }
-};
-var SessionAttestationNonceMissingError = class extends SessionError {
-  static {
-    __name(this, "SessionAttestationNonceMissingError");
-  }
-  constructor(context) {
-    super("Nonce missing from attestation document", ErrorCode.ATTESTATION_NONCE_MISSING, context);
+  cause;
+  constructor(message = "Attestation verification failed", code = ErrorCode.ATTESTATION_FAILED, context, cause) {
+    super(message, code, context);
+    if (cause !== void 0) {
+      this.cause = cause;
+    }
   }
 };
 var SessionRequestTimeoutError = class extends SessionError {
@@ -1028,9 +1043,7 @@ var Session = class _Session {
       if (!data.attestationDoc) {
         sharedSecret.fill(0);
         nonceBytes.fill(0);
-        throw new SessionAttestationError({
-          reason: "Server did not return an attestation document"
-        });
+        throw new SessionAttestationError("Server did not return an attestation document", ErrorCode.ATTESTATION_DOCUMENT_MISSING);
       }
       try {
         await _Session.verifyAttestation(data.attestationDoc, cipherText, nonceBytes, options.attestationVerifier);
@@ -1162,10 +1175,29 @@ var Session = class _Session {
     const expectedChallenge = Array.from(challengeHash).map((b) => b.toString(16).padStart(2, "0")).join("");
     const result = await verifier.verify(attestationDocBase64, expectedChallenge, nonce);
     if (!result.valid) {
-      throw new SessionAttestationError({
+      const primaryError = result.errors[0] || "";
+      throw new SessionAttestationError("Attestation verification failed", _Session.classifyAttestationError(primaryError), {
         errors: result.errors
-      });
+      }, primaryError);
+    }
+  }
+  /**
+  * Classifies an attestation verifier error message into a specific ErrorCode.
+  */
+  static classifyAttestationError(primaryError) {
+    if (primaryError.includes("PCR verification failed")) {
+      return ErrorCode.ATTESTATION_PCR_MISMATCH;
+    }
+    if (primaryError.includes("challenge mismatch") || primaryError.includes("ciphertext hash") || primaryError.includes("user data") || primaryError.includes("ciphertext binding")) {
+      return ErrorCode.ATTESTATION_CHALLENGE_MISMATCH;
+    }
+    if (primaryError.includes("No nonce found")) {
+      return ErrorCode.ATTESTATION_NONCE_MISSING;
+    }
+    if (primaryError.includes("nonce mismatch") || primaryError.includes("Nonce length mismatch") || primaryError.includes("Nonce verification failed")) {
+      return ErrorCode.ATTESTATION_NONCE_MISMATCH;
     }
+    return ErrorCode.ATTESTATION_FAILED;
   }
 };
@@ -1413,6 +1445,7 @@ Object.defineProperty(exports, "SigningAlgorithm", {
   enumerable: true,
   get: function () { return core.SigningAlgorithm; }
 });
+exports.AttestationErrorCode = AttestationErrorCode;
 exports.ClientError = ClientError;
 exports.ClientSessionEstablishFailedError = ClientSessionEstablishFailedError;
 exports.ClientUnsupportedAlgorithmError = ClientUnsupportedAlgorithmError;
@@ -1424,7 +1457,6 @@ exports.ForwardMPCError = ForwardMPCError;
 exports.ForwardMPCErrorType = ForwardMPCErrorType;
 exports.NitroAttestationVerifier = NitroAttestationVerifier;
 exports.SessionAttestationError = SessionAttestationError;
-exports.SessionAttestationNonceMissingError = SessionAttestationNonceMissingError;
 exports.SessionDisposedError = SessionDisposedError;
 exports.SessionError = SessionError;
 exports.SessionHandshakeError = SessionHandshakeError;