@dynamic-labs-wallet/forward-mpc-client 0.9.0 → 0.10.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.cjs +132 -9
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.cts +3 -179
- package/dist/index.d.ts +3 -179
- package/dist/index.js +132 -9
- package/dist/index.js.map +1 -1
- package/dist/utils-D77Qzra4.d.cts +189 -0
- package/dist/utils-D77Qzra4.d.ts +189 -0
- package/dist/utils.cjs +148 -0
- package/dist/utils.cjs.map +1 -0
- package/dist/utils.d.cts +2 -0
- package/dist/utils.d.ts +2 -0
- package/dist/utils.js +144 -0
- package/dist/utils.js.map +1 -0
- package/package.json +8 -2
package/dist/index.cjs
CHANGED
|
@@ -42,6 +42,96 @@ var __name = (target, value) => __defProp(target, "name", { value, configurable:
|
|
|
42
42
|
var ATTESTATION_CONSTANTS = {
|
|
43
43
|
// Maximum age of attestation document in milliseconds
|
|
44
44
|
MAX_ATTESTATION_AGE: 5 * 60 * 1e3};
|
|
45
|
+
|
|
46
|
+
// src/attestation/attestationDocReader.ts
|
|
47
|
+
var PCRS_LABEL_AND_MAP_HEADER = new Uint8Array([
|
|
48
|
+
100,
|
|
49
|
+
112,
|
|
50
|
+
99,
|
|
51
|
+
114,
|
|
52
|
+
115,
|
|
53
|
+
176
|
|
54
|
+
]);
|
|
55
|
+
var BSTR_48_PREFIX = new Uint8Array([
|
|
56
|
+
88,
|
|
57
|
+
48
|
|
58
|
+
]);
|
|
59
|
+
var PCR_VALUE_BYTES = 48;
|
|
60
|
+
var PCR_ENTRIES = 16;
|
|
61
|
+
var TRACKED_PCRS = /* @__PURE__ */ new Set([
|
|
62
|
+
0,
|
|
63
|
+
1,
|
|
64
|
+
2,
|
|
65
|
+
8
|
|
66
|
+
]);
|
|
67
|
+
function decodeBase64ToBytes(base64) {
|
|
68
|
+
if (typeof atob !== "undefined") {
|
|
69
|
+
const binary = atob(base64);
|
|
70
|
+
const out = new Uint8Array(binary.length);
|
|
71
|
+
for (let i = 0; i < binary.length; i++) {
|
|
72
|
+
out[i] = binary.codePointAt(i) ?? 0;
|
|
73
|
+
}
|
|
74
|
+
return out;
|
|
75
|
+
}
|
|
76
|
+
return new Uint8Array(Buffer.from(base64, "base64"));
|
|
77
|
+
}
|
|
78
|
+
__name(decodeBase64ToBytes, "decodeBase64ToBytes");
|
|
79
|
+
function bytesToHex(bytes) {
|
|
80
|
+
let out = "";
|
|
81
|
+
for (const b of bytes) {
|
|
82
|
+
out += b.toString(16).padStart(2, "0");
|
|
83
|
+
}
|
|
84
|
+
return out;
|
|
85
|
+
}
|
|
86
|
+
__name(bytesToHex, "bytesToHex");
|
|
87
|
+
function findMarker(haystack, needle) {
|
|
88
|
+
outer: for (let i = 0; i <= haystack.length - needle.length; i++) {
|
|
89
|
+
for (let j = 0; j < needle.length; j++) {
|
|
90
|
+
if (haystack[i + j] !== needle[j]) continue outer;
|
|
91
|
+
}
|
|
92
|
+
return i;
|
|
93
|
+
}
|
|
94
|
+
return -1;
|
|
95
|
+
}
|
|
96
|
+
__name(findMarker, "findMarker");
|
|
97
|
+
function extractPcrsFromAttestationDoc(attestationDocBase64) {
|
|
98
|
+
const pcrs = {};
|
|
99
|
+
if (!attestationDocBase64) return pcrs;
|
|
100
|
+
try {
|
|
101
|
+
const bytes = decodeBase64ToBytes(attestationDocBase64);
|
|
102
|
+
const markerIdx = findMarker(bytes, PCRS_LABEL_AND_MAP_HEADER);
|
|
103
|
+
if (markerIdx < 0) return pcrs;
|
|
104
|
+
let pos = markerIdx + PCRS_LABEL_AND_MAP_HEADER.length;
|
|
105
|
+
for (let i = 0; i < PCR_ENTRIES; i++) {
|
|
106
|
+
if (pos + 1 + BSTR_48_PREFIX.length + PCR_VALUE_BYTES > bytes.length) {
|
|
107
|
+
break;
|
|
108
|
+
}
|
|
109
|
+
const key = bytes[pos++];
|
|
110
|
+
if (bytes[pos] !== BSTR_48_PREFIX[0] || bytes[pos + 1] !== BSTR_48_PREFIX[1]) {
|
|
111
|
+
break;
|
|
112
|
+
}
|
|
113
|
+
pos += BSTR_48_PREFIX.length;
|
|
114
|
+
const value = bytes.subarray(pos, pos + PCR_VALUE_BYTES);
|
|
115
|
+
pos += PCR_VALUE_BYTES;
|
|
116
|
+
if (TRACKED_PCRS.has(key)) {
|
|
117
|
+
pcrs[key] = bytesToHex(value);
|
|
118
|
+
}
|
|
119
|
+
}
|
|
120
|
+
} catch {
|
|
121
|
+
}
|
|
122
|
+
return pcrs;
|
|
123
|
+
}
|
|
124
|
+
__name(extractPcrsFromAttestationDoc, "extractPcrsFromAttestationDoc");
|
|
125
|
+
function formatPcrMismatchDetail(expectedPcr8, receivedPcrs) {
|
|
126
|
+
const receivedParts = [];
|
|
127
|
+
if (receivedPcrs[8] !== void 0) receivedParts.push(`pcr8=${receivedPcrs[8]}`);
|
|
128
|
+
if (receivedPcrs[0] !== void 0) receivedParts.push(`pcr0=${receivedPcrs[0]}`);
|
|
129
|
+
if (receivedPcrs[1] !== void 0) receivedParts.push(`pcr1=${receivedPcrs[1]}`);
|
|
130
|
+
if (receivedPcrs[2] !== void 0) receivedParts.push(`pcr2=${receivedPcrs[2]}`);
|
|
131
|
+
const received = receivedParts.length > 0 ? receivedParts.join(", ") : "unavailable";
|
|
132
|
+
return `expected pcr8=${expectedPcr8}; received ${received}`;
|
|
133
|
+
}
|
|
134
|
+
__name(formatPcrMismatchDetail, "formatPcrMismatchDetail");
|
|
45
135
|
var NitroAttestationVerifier = class {
|
|
46
136
|
static {
|
|
47
137
|
__name(this, "NitroAttestationVerifier");
|
|
@@ -111,10 +201,12 @@ var NitroAttestationVerifier = class {
|
|
|
111
201
|
expectedPcrs
|
|
112
202
|
]);
|
|
113
203
|
if (!isValid) {
|
|
204
|
+
const receivedPcrs = extractPcrsFromAttestationDoc(attestationDocBase64);
|
|
205
|
+
const detail = formatPcrMismatchDetail(this.config.expectedPcr8, receivedPcrs);
|
|
114
206
|
return {
|
|
115
207
|
valid: false,
|
|
116
208
|
errors: [
|
|
117
|
-
|
|
209
|
+
`Attestation document PCR verification failed (${detail})`
|
|
118
210
|
],
|
|
119
211
|
timestamp: Date.now()
|
|
120
212
|
};
|
|
@@ -617,6 +709,8 @@ var ForwardMPCClient = class extends EventEmitter2.EventEmitter {
|
|
|
617
709
|
}
|
|
618
710
|
}
|
|
619
711
|
};
|
|
712
|
+
|
|
713
|
+
// src/client-v2/errors.ts
|
|
620
714
|
var ErrorCode = {
|
|
621
715
|
// Transport
|
|
622
716
|
CONNECTION_FAILED: "CONNECTION_FAILED",
|
|
@@ -823,6 +917,21 @@ var ClientSessionEstablishFailedError = class extends ClientError {
|
|
|
823
917
|
super("Failed to establish session", ErrorCode.SESSION_ESTABLISH_FAILED, context);
|
|
824
918
|
}
|
|
825
919
|
};
|
|
920
|
+
var FORWARD_MPC_ERROR_NAMES = /* @__PURE__ */ new Set([
|
|
921
|
+
"TransportConnectionError",
|
|
922
|
+
"TransportConnectionTimeoutError",
|
|
923
|
+
"TransportNotConnectedError",
|
|
924
|
+
"SessionHandshakeError",
|
|
925
|
+
"SessionHandshakeInvalidResponseError",
|
|
926
|
+
"SessionAttestationError",
|
|
927
|
+
"SessionRequestTimeoutError",
|
|
928
|
+
"SessionDisposedError",
|
|
929
|
+
"SessionServerError",
|
|
930
|
+
"SessionMessageParseError",
|
|
931
|
+
"SessionRemoteError",
|
|
932
|
+
"ClientUnsupportedAlgorithmError",
|
|
933
|
+
"ClientSessionEstablishFailedError"
|
|
934
|
+
]);
|
|
826
935
|
|
|
827
936
|
// src/client-v2/transport.ts
|
|
828
937
|
var ForwardMPCTransport = class extends EventEmitter2__default.default {
|
|
@@ -1450,8 +1559,22 @@ var ForwardMPCClientSingleton = class extends ForwardMPCClientV2 {
|
|
|
1450
1559
|
};
|
|
1451
1560
|
|
|
1452
1561
|
// src/client-v2/error-classification.ts
|
|
1562
|
+
function matchesForwardMpcErrorClass(error, ctor, name) {
|
|
1563
|
+
if (error instanceof ctor) {
|
|
1564
|
+
return true;
|
|
1565
|
+
}
|
|
1566
|
+
return error instanceof Error && error.name === name && typeof error.code === "string";
|
|
1567
|
+
}
|
|
1568
|
+
__name(matchesForwardMpcErrorClass, "matchesForwardMpcErrorClass");
|
|
1569
|
+
function matchesAnyForwardMpcError(error) {
|
|
1570
|
+
if (error instanceof ForwardMPCError) {
|
|
1571
|
+
return true;
|
|
1572
|
+
}
|
|
1573
|
+
return error instanceof Error && FORWARD_MPC_ERROR_NAMES.has(error.name) && typeof error.code === "string";
|
|
1574
|
+
}
|
|
1575
|
+
__name(matchesAnyForwardMpcError, "matchesAnyForwardMpcError");
|
|
1453
1576
|
function classifyForwardMpcError(error) {
|
|
1454
|
-
if (error
|
|
1577
|
+
if (matchesForwardMpcErrorClass(error, SessionAttestationError, "SessionAttestationError")) {
|
|
1455
1578
|
return {
|
|
1456
1579
|
errorType: "ATTESTATION_FAILURE",
|
|
1457
1580
|
errorCode: error.code,
|
|
@@ -1461,22 +1584,22 @@ function classifyForwardMpcError(error) {
|
|
|
1461
1584
|
shouldFallback: true
|
|
1462
1585
|
};
|
|
1463
1586
|
}
|
|
1464
|
-
if (error
|
|
1587
|
+
if (matchesForwardMpcErrorClass(error, SessionRequestTimeoutError, "SessionRequestTimeoutError")) {
|
|
1465
1588
|
return {
|
|
1466
1589
|
errorType: "FORWARD_MPC_TIMEOUT",
|
|
1467
1590
|
errorCode: error.code,
|
|
1468
1591
|
errorMessage: error.message,
|
|
1469
1592
|
sessionEstablished: true,
|
|
1470
|
-
shouldFallback:
|
|
1593
|
+
shouldFallback: true
|
|
1471
1594
|
};
|
|
1472
1595
|
}
|
|
1473
|
-
if (error
|
|
1596
|
+
if (matchesAnyForwardMpcError(error)) {
|
|
1474
1597
|
return {
|
|
1475
1598
|
errorType: "FORWARD_MPC_ERROR",
|
|
1476
1599
|
errorCode: error.code,
|
|
1477
1600
|
errorMessage: error.message,
|
|
1478
1601
|
sessionEstablished: true,
|
|
1479
|
-
shouldFallback:
|
|
1602
|
+
shouldFallback: true
|
|
1480
1603
|
};
|
|
1481
1604
|
}
|
|
1482
1605
|
return {
|
|
@@ -1484,16 +1607,16 @@ function classifyForwardMpcError(error) {
|
|
|
1484
1607
|
errorCode: void 0,
|
|
1485
1608
|
errorMessage: error instanceof Error ? error.message : String(error),
|
|
1486
1609
|
sessionEstablished: false,
|
|
1487
|
-
shouldFallback:
|
|
1610
|
+
shouldFallback: true
|
|
1488
1611
|
};
|
|
1489
1612
|
}
|
|
1490
1613
|
__name(classifyForwardMpcError, "classifyForwardMpcError");
|
|
1491
1614
|
function isForwardMpcError(error) {
|
|
1492
|
-
return error
|
|
1615
|
+
return matchesAnyForwardMpcError(error);
|
|
1493
1616
|
}
|
|
1494
1617
|
__name(isForwardMpcError, "isForwardMpcError");
|
|
1495
1618
|
function isAttestationError(error) {
|
|
1496
|
-
return error
|
|
1619
|
+
return matchesForwardMpcErrorClass(error, SessionAttestationError, "SessionAttestationError");
|
|
1497
1620
|
}
|
|
1498
1621
|
__name(isAttestationError, "isAttestationError");
|
|
1499
1622
|
|