@dynamic-labs-wallet/forward-mpc-shared 0.7.0 → 0.7.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.cjs +69 -20
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.cts +15 -4
- package/dist/index.d.ts +15 -4
- package/dist/index.js +68 -22
- package/dist/index.js.map +1 -1
- package/package.json +2 -2
package/dist/index.cjs
CHANGED
|
@@ -100,6 +100,57 @@ var OptionalStringCodec = ioTs.union([
|
|
|
100
100
|
ioTs.string,
|
|
101
101
|
ioTs.undefined
|
|
102
102
|
]);
|
|
103
|
+
function BoundedIntCodec(name, min, max) {
|
|
104
|
+
return new ioTs.Type(name, (u) => typeof u === "number" && Number.isInteger(u) && u >= min && u <= max, (u, c) => {
|
|
105
|
+
if (typeof u !== "number") {
|
|
106
|
+
return ioTs.failure(u, c, `${name}: expected a number`);
|
|
107
|
+
}
|
|
108
|
+
if (!Number.isInteger(u)) {
|
|
109
|
+
return ioTs.failure(u, c, `${name}: expected an integer`);
|
|
110
|
+
}
|
|
111
|
+
if (u < min || u > max) {
|
|
112
|
+
return ioTs.failure(u, c, `${name}: value ${u} out of range [${min}, ${max}]`);
|
|
113
|
+
}
|
|
114
|
+
return ioTs.success(u);
|
|
115
|
+
}, (a) => a);
|
|
116
|
+
}
|
|
117
|
+
__name(BoundedIntCodec, "BoundedIntCodec");
|
|
118
|
+
var DomainCodec = new ioTs.Type("DomainCodec", (u) => typeof u === "string", (u, c) => {
|
|
119
|
+
if (typeof u !== "string") {
|
|
120
|
+
return ioTs.failure(u, c, "Value must be a string");
|
|
121
|
+
}
|
|
122
|
+
const domainPattern = /^[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*(?::\d{1,5})?$/;
|
|
123
|
+
if (!domainPattern.test(u)) {
|
|
124
|
+
return ioTs.failure(u, c, "Invalid domain format");
|
|
125
|
+
}
|
|
126
|
+
return ioTs.success(u);
|
|
127
|
+
}, ioTs.identity);
|
|
128
|
+
|
|
129
|
+
// src/codecs/RelayDomainCodec.ts
|
|
130
|
+
var BLOCKED_PATTERNS = [
|
|
131
|
+
/^localhost(:\d+)?$/i,
|
|
132
|
+
/^127\.\d{1,3}\.\d{1,3}\.\d{1,3}(:\d+)?$/,
|
|
133
|
+
/^0\.0\.0\.0(:\d+)?$/,
|
|
134
|
+
/^10\.\d{1,3}\.\d{1,3}\.\d{1,3}(:\d+)?$/,
|
|
135
|
+
/^172\.(1[6-9]|2\d|3[01])\.\d{1,3}\.\d{1,3}(:\d+)?$/,
|
|
136
|
+
/^192\.168\.\d{1,3}\.\d{1,3}(:\d+)?$/,
|
|
137
|
+
/^169\.254\.\d{1,3}\.\d{1,3}(:\d+)?$/,
|
|
138
|
+
/^\[::1\](:\d+)?$/,
|
|
139
|
+
/^\[fd[0-9a-f]{2}:/i,
|
|
140
|
+
/^\[fe80:/i,
|
|
141
|
+
/^instance-data\.ec2\.internal(:\d+)?$/i
|
|
142
|
+
];
|
|
143
|
+
var RelayDomainCodec = new ioTs.Type("RelayDomainCodec", (u) => typeof u === "string", (u, c) => {
|
|
144
|
+
const base = DomainCodec.decode(u);
|
|
145
|
+
if (base._tag === "Left") return base;
|
|
146
|
+
const domain = base.right;
|
|
147
|
+
for (const pattern of BLOCKED_PATTERNS) {
|
|
148
|
+
if (pattern.test(domain)) {
|
|
149
|
+
return ioTs.failure(u, c, "Relay domain must not be a private, loopback, or link-local address");
|
|
150
|
+
}
|
|
151
|
+
}
|
|
152
|
+
return ioTs.success(domain);
|
|
153
|
+
}, ioTs.identity);
|
|
103
154
|
function buildMessageSchema(messageType, version, additionalFields = {}, ...additionalSchemas) {
|
|
104
155
|
const schema = ioTs.type({
|
|
105
156
|
type: ioTs.literal(messageType),
|
|
@@ -437,16 +488,6 @@ var WebSocketCloseCode = {
|
|
|
437
488
|
/** Abnormal closure — no close frame (network drop, etc.). */
|
|
438
489
|
ABNORMAL: 1006
|
|
439
490
|
};
|
|
440
|
-
var DomainCodec = new ioTs.Type("DomainCodec", (u) => typeof u === "string", (u, c) => {
|
|
441
|
-
if (typeof u !== "string") {
|
|
442
|
-
return ioTs.failure(u, c, "Value must be a string");
|
|
443
|
-
}
|
|
444
|
-
const domainPattern = /^[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*(?::\d{1,5})?$/;
|
|
445
|
-
if (!domainPattern.test(u)) {
|
|
446
|
-
return ioTs.failure(u, c, "Invalid domain format");
|
|
447
|
-
}
|
|
448
|
-
return ioTs.success(u);
|
|
449
|
-
}, ioTs.identity);
|
|
450
491
|
var Uint8ArrayOrHexCodec = new ioTs.Type(
|
|
451
492
|
"Uint8ArrayOrHex",
|
|
452
493
|
(u) => u instanceof Uint8Array,
|
|
@@ -479,7 +520,7 @@ var Uint8ArrayOrHexCodec = new ioTs.Type(
|
|
|
479
520
|
|
|
480
521
|
// src/messages/SignMessageV1Request.ts
|
|
481
522
|
var SignMessageRequestSchema = buildMessageSchema("signMessage", 1, {
|
|
482
|
-
relayDomain:
|
|
523
|
+
relayDomain: RelayDomainCodec,
|
|
483
524
|
keyshare: EncryptedPayloadCodec,
|
|
484
525
|
message: Uint8ArrayOrHexCodec,
|
|
485
526
|
roomUuid: ioTs.string,
|
|
@@ -567,11 +608,14 @@ var ConnectionAckV1ResponseMessage = createSimpleMessage({
|
|
|
567
608
|
version: 1,
|
|
568
609
|
schema: ConnectionAckResponseSchema
|
|
569
610
|
});
|
|
611
|
+
var MAX_KEYGEN_PARTIES = 10;
|
|
612
|
+
var NumPartiesCodec = BoundedIntCodec("numParties", 2, MAX_KEYGEN_PARTIES);
|
|
613
|
+
var ThresholdCodec = BoundedIntCodec("threshold", 1, MAX_KEYGEN_PARTIES);
|
|
570
614
|
var BaseKeygenParamsCodec = ioTs.type({
|
|
571
|
-
relayDomain:
|
|
615
|
+
relayDomain: RelayDomainCodec,
|
|
572
616
|
roomUuid: ioTs.string,
|
|
573
|
-
numParties:
|
|
574
|
-
threshold:
|
|
617
|
+
numParties: NumPartiesCodec,
|
|
618
|
+
threshold: ThresholdCodec,
|
|
575
619
|
keygenInit: EncryptedPayloadCodec,
|
|
576
620
|
keygenIds: ioTs.array(ioTs.string),
|
|
577
621
|
userId: OptionalStringCodec,
|
|
@@ -591,10 +635,10 @@ var KeygenAlgoParamsCodec = ioTs.union([
|
|
|
591
635
|
BIP340KeygenParamsCodec
|
|
592
636
|
]);
|
|
593
637
|
var KeygenRequestSchema = buildMessageSchema("keygen", 1, {
|
|
594
|
-
relayDomain:
|
|
638
|
+
relayDomain: RelayDomainCodec,
|
|
595
639
|
roomUuid: ioTs.string,
|
|
596
|
-
numParties:
|
|
597
|
-
threshold:
|
|
640
|
+
numParties: NumPartiesCodec,
|
|
641
|
+
threshold: ThresholdCodec,
|
|
598
642
|
keygenInit: EncryptedPayloadCodec,
|
|
599
643
|
keygenIds: ioTs.array(ioTs.string),
|
|
600
644
|
userId: OptionalStringCodec,
|
|
@@ -644,12 +688,14 @@ var KeygenV1ResponseMessage = createStandardMessage({
|
|
|
644
688
|
error: decoded.error
|
|
645
689
|
}))
|
|
646
690
|
});
|
|
691
|
+
var NumPartiesCodec2 = BoundedIntCodec("numParties", 2, MAX_KEYGEN_PARTIES);
|
|
692
|
+
var ThresholdCodec2 = BoundedIntCodec("threshold", 1, MAX_KEYGEN_PARTIES);
|
|
647
693
|
var ReceiveKeyRequestSchema = buildMessageSchema("receiveKey", 1, {
|
|
648
|
-
relayDomain:
|
|
694
|
+
relayDomain: RelayDomainCodec,
|
|
649
695
|
signingAlgo: ioTs.literal("ed25519"),
|
|
650
696
|
roomUuid: ioTs.string,
|
|
651
|
-
numParties:
|
|
652
|
-
threshold:
|
|
697
|
+
numParties: NumPartiesCodec2,
|
|
698
|
+
threshold: ThresholdCodec2,
|
|
653
699
|
keygenInit: EncryptedPayloadCodec,
|
|
654
700
|
keygenIds: ioTs.array(ioTs.string),
|
|
655
701
|
userId: OptionalStringCodec,
|
|
@@ -1032,6 +1078,7 @@ exports.ALL_SIGNING_ALGORITHM_SCHEMA = ALL_SIGNING_ALGORITHM_SCHEMA;
|
|
|
1032
1078
|
exports.BIP340SigningAlgorithm = BIP340SigningAlgorithm;
|
|
1033
1079
|
exports.BaseMessage = BaseMessage;
|
|
1034
1080
|
exports.BaseSigningAlgorithm = BaseSigningAlgorithm;
|
|
1081
|
+
exports.BoundedIntCodec = BoundedIntCodec;
|
|
1035
1082
|
exports.ConnectionAckRequestSchema = ConnectionAckRequestSchema;
|
|
1036
1083
|
exports.ConnectionAckResponseSchema = ConnectionAckResponseSchema;
|
|
1037
1084
|
exports.ConnectionAckV1RequestMessage = ConnectionAckV1RequestMessage;
|
|
@@ -1049,12 +1096,14 @@ exports.KeygenRequestSchema = KeygenRequestSchema;
|
|
|
1049
1096
|
exports.KeygenResponseSchema = KeygenResponseSchema;
|
|
1050
1097
|
exports.KeygenV1RequestMessage = KeygenV1RequestMessage;
|
|
1051
1098
|
exports.KeygenV1ResponseMessage = KeygenV1ResponseMessage;
|
|
1099
|
+
exports.MAX_KEYGEN_PARTIES = MAX_KEYGEN_PARTIES;
|
|
1052
1100
|
exports.MessageRegistry = MessageRegistry;
|
|
1053
1101
|
exports.OptionalStringCodec = OptionalStringCodec;
|
|
1054
1102
|
exports.ReceiveKeyRequestSchema = ReceiveKeyRequestSchema;
|
|
1055
1103
|
exports.ReceiveKeyResponseSchema = ReceiveKeyResponseSchema;
|
|
1056
1104
|
exports.ReceiveKeyV1RequestMessage = ReceiveKeyV1RequestMessage;
|
|
1057
1105
|
exports.ReceiveKeyV1ResponseMessage = ReceiveKeyV1ResponseMessage;
|
|
1106
|
+
exports.RelayDomainCodec = RelayDomainCodec;
|
|
1058
1107
|
exports.SIGNING_ALGORITHM_CLASSES = SIGNING_ALGORITHM_CLASSES;
|
|
1059
1108
|
exports.SIGNING_ALGORITHM_INSTANCES = SIGNING_ALGORITHM_INSTANCES;
|
|
1060
1109
|
exports.SignMessageRequestSchema = SignMessageRequestSchema;
|