@dynamic-labs-wallet/forward-mpc-client 0.5.5 → 0.7.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.cjs +99 -16
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.cts +89 -5
- package/dist/index.d.ts +89 -5
- package/dist/index.js +96 -16
- package/dist/index.js.map +1 -1
- package/package.json +2 -2
package/dist/index.cjs
CHANGED
|
@@ -515,6 +515,7 @@ var ForwardMPCClient = class extends EventEmitter2.EventEmitter {
|
|
|
515
515
|
roomUuid: params.roomUuid,
|
|
516
516
|
traceContext: params.traceContext,
|
|
517
517
|
userId: params.userId,
|
|
518
|
+
walletId: params.walletId,
|
|
518
519
|
environmentId: params.environmentId
|
|
519
520
|
});
|
|
520
521
|
return this.sendRequest(request);
|
|
@@ -617,7 +618,11 @@ var ErrorCode = {
|
|
|
617
618
|
HANDSHAKE_FAILED: "HANDSHAKE_FAILED",
|
|
618
619
|
HANDSHAKE_INVALID_RESPONSE: "HANDSHAKE_INVALID_RESPONSE",
|
|
619
620
|
ATTESTATION_FAILED: "ATTESTATION_FAILED",
|
|
621
|
+
ATTESTATION_PCR_MISMATCH: "ATTESTATION_PCR_MISMATCH",
|
|
622
|
+
ATTESTATION_CHALLENGE_MISMATCH: "ATTESTATION_CHALLENGE_MISMATCH",
|
|
623
|
+
ATTESTATION_NONCE_MISMATCH: "ATTESTATION_NONCE_MISMATCH",
|
|
620
624
|
ATTESTATION_NONCE_MISSING: "ATTESTATION_NONCE_MISSING",
|
|
625
|
+
ATTESTATION_DOCUMENT_MISSING: "ATTESTATION_DOCUMENT_MISSING",
|
|
621
626
|
REQUEST_TIMEOUT: "REQUEST_TIMEOUT",
|
|
622
627
|
SESSION_DISPOSED: "SESSION_DISPOSED",
|
|
623
628
|
SERVER_ERROR: "SERVER_ERROR",
|
|
@@ -626,6 +631,20 @@ var ErrorCode = {
|
|
|
626
631
|
SESSION_ESTABLISH_FAILED: "SESSION_ESTABLISH_FAILED",
|
|
627
632
|
UNSUPPORTED_ALGORITHM: "UNSUPPORTED_ALGORITHM"
|
|
628
633
|
};
|
|
634
|
+
var AttestationErrorCode = {
|
|
635
|
+
/** Generic / unrecognised attestation failure */
|
|
636
|
+
FAILED: ErrorCode.ATTESTATION_FAILED,
|
|
637
|
+
/** PCR8 hash mismatch — enclave measurement changed */
|
|
638
|
+
PCR_MISMATCH: ErrorCode.ATTESTATION_PCR_MISMATCH,
|
|
639
|
+
/** Challenge / ciphertext binding mismatch */
|
|
640
|
+
CHALLENGE_MISMATCH: ErrorCode.ATTESTATION_CHALLENGE_MISMATCH,
|
|
641
|
+
/** Nonce value mismatch — possible tampering */
|
|
642
|
+
NONCE_MISMATCH: ErrorCode.ATTESTATION_NONCE_MISMATCH,
|
|
643
|
+
/** Nonce field missing from attestation document */
|
|
644
|
+
NONCE_MISSING: ErrorCode.ATTESTATION_NONCE_MISSING,
|
|
645
|
+
/** Server did not return an attestation document */
|
|
646
|
+
DOCUMENT_MISSING: ErrorCode.ATTESTATION_DOCUMENT_MISSING
|
|
647
|
+
};
|
|
629
648
|
var ForwardMPCErrorType = {
|
|
630
649
|
TRANSPORT: "transport",
|
|
631
650
|
SESSION: "session",
|
|
@@ -728,16 +747,12 @@ var SessionAttestationError = class extends SessionError {
|
|
|
728
747
|
static {
|
|
729
748
|
__name(this, "SessionAttestationError");
|
|
730
749
|
}
|
|
731
|
-
|
|
732
|
-
|
|
733
|
-
|
|
734
|
-
|
|
735
|
-
|
|
736
|
-
|
|
737
|
-
__name(this, "SessionAttestationNonceMissingError");
|
|
738
|
-
}
|
|
739
|
-
constructor(context) {
|
|
740
|
-
super("Nonce missing from attestation document", ErrorCode.ATTESTATION_NONCE_MISSING, context);
|
|
750
|
+
cause;
|
|
751
|
+
constructor(message = "Attestation verification failed", code = ErrorCode.ATTESTATION_FAILED, context, cause) {
|
|
752
|
+
super(message, code, context);
|
|
753
|
+
if (cause !== void 0) {
|
|
754
|
+
this.cause = cause;
|
|
755
|
+
}
|
|
741
756
|
}
|
|
742
757
|
};
|
|
743
758
|
var SessionRequestTimeoutError = class extends SessionError {
|
|
@@ -1028,9 +1043,7 @@ var Session = class _Session {
|
|
|
1028
1043
|
if (!data.attestationDoc) {
|
|
1029
1044
|
sharedSecret.fill(0);
|
|
1030
1045
|
nonceBytes.fill(0);
|
|
1031
|
-
throw new SessionAttestationError(
|
|
1032
|
-
reason: "Server did not return an attestation document"
|
|
1033
|
-
});
|
|
1046
|
+
throw new SessionAttestationError("Server did not return an attestation document", ErrorCode.ATTESTATION_DOCUMENT_MISSING);
|
|
1034
1047
|
}
|
|
1035
1048
|
try {
|
|
1036
1049
|
await _Session.verifyAttestation(data.attestationDoc, cipherText, nonceBytes, options.attestationVerifier);
|
|
@@ -1162,10 +1175,29 @@ var Session = class _Session {
|
|
|
1162
1175
|
const expectedChallenge = Array.from(challengeHash).map((b) => b.toString(16).padStart(2, "0")).join("");
|
|
1163
1176
|
const result = await verifier.verify(attestationDocBase64, expectedChallenge, nonce);
|
|
1164
1177
|
if (!result.valid) {
|
|
1165
|
-
|
|
1178
|
+
const primaryError = result.errors[0] || "";
|
|
1179
|
+
throw new SessionAttestationError("Attestation verification failed", _Session.classifyAttestationError(primaryError), {
|
|
1166
1180
|
errors: result.errors
|
|
1167
|
-
});
|
|
1181
|
+
}, primaryError);
|
|
1182
|
+
}
|
|
1183
|
+
}
|
|
1184
|
+
/**
|
|
1185
|
+
* Classifies an attestation verifier error message into a specific ErrorCode.
|
|
1186
|
+
*/
|
|
1187
|
+
static classifyAttestationError(primaryError) {
|
|
1188
|
+
if (primaryError.includes("PCR verification failed")) {
|
|
1189
|
+
return ErrorCode.ATTESTATION_PCR_MISMATCH;
|
|
1190
|
+
}
|
|
1191
|
+
if (primaryError.includes("challenge mismatch") || primaryError.includes("ciphertext hash") || primaryError.includes("user data") || primaryError.includes("ciphertext binding")) {
|
|
1192
|
+
return ErrorCode.ATTESTATION_CHALLENGE_MISMATCH;
|
|
1168
1193
|
}
|
|
1194
|
+
if (primaryError.includes("No nonce found")) {
|
|
1195
|
+
return ErrorCode.ATTESTATION_NONCE_MISSING;
|
|
1196
|
+
}
|
|
1197
|
+
if (primaryError.includes("nonce mismatch") || primaryError.includes("Nonce length mismatch") || primaryError.includes("Nonce verification failed")) {
|
|
1198
|
+
return ErrorCode.ATTESTATION_NONCE_MISMATCH;
|
|
1199
|
+
}
|
|
1200
|
+
return ErrorCode.ATTESTATION_FAILED;
|
|
1169
1201
|
}
|
|
1170
1202
|
};
|
|
1171
1203
|
|
|
@@ -1409,10 +1441,59 @@ var ForwardMPCClientSingleton = class extends ForwardMPCClientV2 {
|
|
|
1409
1441
|
}
|
|
1410
1442
|
};
|
|
1411
1443
|
|
|
1444
|
+
// src/client-v2/error-classification.ts
|
|
1445
|
+
function classifyForwardMpcError(error) {
|
|
1446
|
+
if (error instanceof SessionAttestationError) {
|
|
1447
|
+
return {
|
|
1448
|
+
errorType: "ATTESTATION_FAILURE",
|
|
1449
|
+
errorCode: error.code,
|
|
1450
|
+
errorMessage: error.message,
|
|
1451
|
+
attestationErrors: error.context?.["errors"],
|
|
1452
|
+
sessionEstablished: false,
|
|
1453
|
+
shouldFallback: true
|
|
1454
|
+
};
|
|
1455
|
+
}
|
|
1456
|
+
if (error instanceof SessionRequestTimeoutError) {
|
|
1457
|
+
return {
|
|
1458
|
+
errorType: "FORWARD_MPC_TIMEOUT",
|
|
1459
|
+
errorCode: error.code,
|
|
1460
|
+
errorMessage: error.message,
|
|
1461
|
+
sessionEstablished: true,
|
|
1462
|
+
shouldFallback: false
|
|
1463
|
+
};
|
|
1464
|
+
}
|
|
1465
|
+
if (error instanceof ForwardMPCError) {
|
|
1466
|
+
return {
|
|
1467
|
+
errorType: "FORWARD_MPC_ERROR",
|
|
1468
|
+
errorCode: error.code,
|
|
1469
|
+
errorMessage: error.message,
|
|
1470
|
+
sessionEstablished: true,
|
|
1471
|
+
shouldFallback: false
|
|
1472
|
+
};
|
|
1473
|
+
}
|
|
1474
|
+
return {
|
|
1475
|
+
errorType: "FORWARD_MPC_ERROR",
|
|
1476
|
+
errorCode: void 0,
|
|
1477
|
+
errorMessage: error instanceof Error ? error.message : String(error),
|
|
1478
|
+
sessionEstablished: false,
|
|
1479
|
+
shouldFallback: false
|
|
1480
|
+
};
|
|
1481
|
+
}
|
|
1482
|
+
__name(classifyForwardMpcError, "classifyForwardMpcError");
|
|
1483
|
+
function isForwardMpcError(error) {
|
|
1484
|
+
return error instanceof ForwardMPCError;
|
|
1485
|
+
}
|
|
1486
|
+
__name(isForwardMpcError, "isForwardMpcError");
|
|
1487
|
+
function isAttestationError(error) {
|
|
1488
|
+
return error instanceof SessionAttestationError;
|
|
1489
|
+
}
|
|
1490
|
+
__name(isAttestationError, "isAttestationError");
|
|
1491
|
+
|
|
1412
1492
|
Object.defineProperty(exports, "SigningAlgorithm", {
|
|
1413
1493
|
enumerable: true,
|
|
1414
1494
|
get: function () { return core.SigningAlgorithm; }
|
|
1415
1495
|
});
|
|
1496
|
+
exports.AttestationErrorCode = AttestationErrorCode;
|
|
1416
1497
|
exports.ClientError = ClientError;
|
|
1417
1498
|
exports.ClientSessionEstablishFailedError = ClientSessionEstablishFailedError;
|
|
1418
1499
|
exports.ClientUnsupportedAlgorithmError = ClientUnsupportedAlgorithmError;
|
|
@@ -1424,7 +1505,6 @@ exports.ForwardMPCError = ForwardMPCError;
|
|
|
1424
1505
|
exports.ForwardMPCErrorType = ForwardMPCErrorType;
|
|
1425
1506
|
exports.NitroAttestationVerifier = NitroAttestationVerifier;
|
|
1426
1507
|
exports.SessionAttestationError = SessionAttestationError;
|
|
1427
|
-
exports.SessionAttestationNonceMissingError = SessionAttestationNonceMissingError;
|
|
1428
1508
|
exports.SessionDisposedError = SessionDisposedError;
|
|
1429
1509
|
exports.SessionError = SessionError;
|
|
1430
1510
|
exports.SessionHandshakeError = SessionHandshakeError;
|
|
@@ -1437,5 +1517,8 @@ exports.TransportConnectionError = TransportConnectionError;
|
|
|
1437
1517
|
exports.TransportConnectionTimeoutError = TransportConnectionTimeoutError;
|
|
1438
1518
|
exports.TransportError = TransportError;
|
|
1439
1519
|
exports.TransportNotConnectedError = TransportNotConnectedError;
|
|
1520
|
+
exports.classifyForwardMpcError = classifyForwardMpcError;
|
|
1521
|
+
exports.isAttestationError = isAttestationError;
|
|
1522
|
+
exports.isForwardMpcError = isForwardMpcError;
|
|
1440
1523
|
//# sourceMappingURL=index.cjs.map
|
|
1441
1524
|
//# sourceMappingURL=index.cjs.map
|