@dynamic-labs-wallet/forward-mpc-shared 0.7.0 → 0.7.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.cjs +69 -20
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.cts +15 -4
- package/dist/index.d.ts +15 -4
- package/dist/index.js +68 -22
- package/dist/index.js.map +1 -1
- package/package.json +2 -2
package/dist/index.d.cts
CHANGED
|
@@ -108,6 +108,18 @@ declare const TraceContextCodec: io_ts.UnionC<[io_ts.PartialC<{
|
|
|
108
108
|
*/
|
|
109
109
|
declare const OptionalStringCodec: io_ts.UnionC<[io_ts.StringC, io_ts.UndefinedC]>;
|
|
110
110
|
|
|
111
|
+
/**
|
|
112
|
+
* Creates an io-ts codec that validates an integer is within [min, max].
|
|
113
|
+
* Rejects non-integer numbers, NaN, and Infinity.
|
|
114
|
+
*/
|
|
115
|
+
declare function BoundedIntCodec(name: string, min: number, max: number): Type<number, number, unknown>;
|
|
116
|
+
|
|
117
|
+
/**
|
|
118
|
+
* Validates a relay domain: must be a well-formed domain (via DomainCodec)
|
|
119
|
+
* AND must not resolve to a private/loopback/link-local address.
|
|
120
|
+
*/
|
|
121
|
+
declare const RelayDomainCodec: Type<string, string, unknown>;
|
|
122
|
+
|
|
111
123
|
/**
|
|
112
124
|
* ReceiveKey Response Runtime Data
|
|
113
125
|
*/
|
|
@@ -191,9 +203,6 @@ interface ReceiveKeyRequestWire {
|
|
|
191
203
|
environmentId?: string;
|
|
192
204
|
traceContext?: TraceContext;
|
|
193
205
|
}
|
|
194
|
-
/**
|
|
195
|
-
* ReceiveKey V1 Request Schema
|
|
196
|
-
*/
|
|
197
206
|
declare const ReceiveKeyRequestSchema: io_ts.Type<any, any, unknown>;
|
|
198
207
|
type ReceiveKeyRequest = TypeOf<typeof ReceiveKeyRequestSchema>;
|
|
199
208
|
/**
|
|
@@ -267,6 +276,8 @@ declare const KeygenV1ResponseMessage: {
|
|
|
267
276
|
}>;
|
|
268
277
|
};
|
|
269
278
|
|
|
279
|
+
/** Upper bound for MPC party count — generous ceiling above any real ceremony. */
|
|
280
|
+
declare const MAX_KEYGEN_PARTIES = 10;
|
|
270
281
|
/**
|
|
271
282
|
* Keygen Request Runtime Data
|
|
272
283
|
* Supports ECDSA and BIP340 algorithms only
|
|
@@ -1599,4 +1610,4 @@ declare class SigningAlgorithmRegistry {
|
|
|
1599
1610
|
}
|
|
1600
1611
|
declare const signingAlgorithmRegistry: SigningAlgorithmRegistry;
|
|
1601
1612
|
|
|
1602
|
-
export { AES_256_GCM_KEY_SIZE, AES_256_GCM_NONCE_SIZE, AES_256_GCM_TAG_SIZE, ALGORITHMS, ALL_MESSAGE_CLASSES, ALL_MESSAGE_KEYS, ALL_SIGNING_ALGORITHM_NAMES, ALL_SIGNING_ALGORITHM_SCHEMA, type AllMessageTypes, type AllSigningAlgorithmSchemas, BIP340SigningAlgorithm, BaseMessage, BaseSigningAlgorithm, type BaseWebSocketMessage, type ConnectionAckRequest, type ConnectionAckRequestData, ConnectionAckRequestSchema, type ConnectionAckRequestWire, type ConnectionAckResponse, type ConnectionAckResponseData, ConnectionAckResponseSchema, type ConnectionAckResponseWire, ConnectionAckV1RequestMessage, ConnectionAckV1ResponseMessage, type DecryptPayloadOptions, type DecryptedSecretShare, EcdsaSigningAlgorithm, Ed25519SigningAlgorithm, type EncryptPayloadOptions, type EncryptedPayload, EncryptedPayloadCodec, EncryptionPurpose, type ErrorResponse, HKDF_SALT_SIZE, type HandshakeRequest, type HandshakeRequestData, HandshakeRequestSchema, type HandshakeRequestWire, type HandshakeResponse, type HandshakeResponseData, HandshakeResponseSchema, type HandshakeResponseWire, HandshakeV1RequestMessage, HandshakeV1ResponseMessage, type HashAlgorithm, type IMessage, type ISigningAlgorithm, type KeygenRequest, type KeygenRequestData, KeygenRequestSchema, type KeygenRequestWire, type KeygenResponse, type KeygenResponseData, KeygenResponseSchema, type KeygenResponseWire, KeygenV1RequestMessage, KeygenV1ResponseMessage, MessageRegistry, OptionalStringCodec, type ReceiveKeyRequest, type ReceiveKeyRequestData, ReceiveKeyRequestSchema, type ReceiveKeyRequestWire, type ReceiveKeyResponse, type ReceiveKeyResponseData, ReceiveKeyResponseSchema, type ReceiveKeyResponseWire, ReceiveKeyV1RequestMessage, ReceiveKeyV1ResponseMessage, SIGNING_ALGORITHM_CLASSES, SIGNING_ALGORITHM_INSTANCES, type SecretShareData, type SignMessageRequest, type SignMessageRequestData, SignMessageRequestSchema, type SignMessageRequestWire, type SignMessageResponse, type SignMessageResponseData, SignMessageResponseSchema, type SignMessageResponseWire, SignMessageV1RequestMessage, SignMessageV1ResponseMessage, SignatureAlgoSchema, type SigningAlgorithmName, type SigningAlgorithmSchemaFor, type AllSigningAlgorithmSchemas as SigningAlgorithmSchemas, type TraceContext, TraceContextCodec, Uint32ArrayCodec, Uint8ArrayCodec, WebSocketCloseCode, type WebSocketConnectionInfo, type WebSocketError, WebSocketErrorType, assertDefined, assertNotNull, createKeyDerivationInfo, createKeygenResultFromSecretShare, decapsulateMlKem768, decryptKeygenResult, decryptPayload, deriveAESKey, encapsulateMlKem768, encryptKeygenInit, encryptKeyshare, encryptPayload, fromDynamicSigningAlgorithm, generateMlKem768Keypair, getAllSupportedMessages, getDefined, getMessageClass, isValidMessageType, isValidSigningAlgorithm, messageRegistry, parseMessageKey, signingAlgorithmRegistry, toDynamicSigningAlgorithm };
|
|
1613
|
+
export { AES_256_GCM_KEY_SIZE, AES_256_GCM_NONCE_SIZE, AES_256_GCM_TAG_SIZE, ALGORITHMS, ALL_MESSAGE_CLASSES, ALL_MESSAGE_KEYS, ALL_SIGNING_ALGORITHM_NAMES, ALL_SIGNING_ALGORITHM_SCHEMA, type AllMessageTypes, type AllSigningAlgorithmSchemas, BIP340SigningAlgorithm, BaseMessage, BaseSigningAlgorithm, type BaseWebSocketMessage, BoundedIntCodec, type ConnectionAckRequest, type ConnectionAckRequestData, ConnectionAckRequestSchema, type ConnectionAckRequestWire, type ConnectionAckResponse, type ConnectionAckResponseData, ConnectionAckResponseSchema, type ConnectionAckResponseWire, ConnectionAckV1RequestMessage, ConnectionAckV1ResponseMessage, type DecryptPayloadOptions, type DecryptedSecretShare, EcdsaSigningAlgorithm, Ed25519SigningAlgorithm, type EncryptPayloadOptions, type EncryptedPayload, EncryptedPayloadCodec, EncryptionPurpose, type ErrorResponse, HKDF_SALT_SIZE, type HandshakeRequest, type HandshakeRequestData, HandshakeRequestSchema, type HandshakeRequestWire, type HandshakeResponse, type HandshakeResponseData, HandshakeResponseSchema, type HandshakeResponseWire, HandshakeV1RequestMessage, HandshakeV1ResponseMessage, type HashAlgorithm, type IMessage, type ISigningAlgorithm, type KeygenRequest, type KeygenRequestData, KeygenRequestSchema, type KeygenRequestWire, type KeygenResponse, type KeygenResponseData, KeygenResponseSchema, type KeygenResponseWire, KeygenV1RequestMessage, KeygenV1ResponseMessage, MAX_KEYGEN_PARTIES, MessageRegistry, OptionalStringCodec, type ReceiveKeyRequest, type ReceiveKeyRequestData, ReceiveKeyRequestSchema, type ReceiveKeyRequestWire, type ReceiveKeyResponse, type ReceiveKeyResponseData, ReceiveKeyResponseSchema, type ReceiveKeyResponseWire, ReceiveKeyV1RequestMessage, ReceiveKeyV1ResponseMessage, RelayDomainCodec, SIGNING_ALGORITHM_CLASSES, SIGNING_ALGORITHM_INSTANCES, type SecretShareData, type SignMessageRequest, type SignMessageRequestData, SignMessageRequestSchema, type SignMessageRequestWire, type SignMessageResponse, type SignMessageResponseData, SignMessageResponseSchema, type SignMessageResponseWire, SignMessageV1RequestMessage, SignMessageV1ResponseMessage, SignatureAlgoSchema, type SigningAlgorithmName, type SigningAlgorithmSchemaFor, type AllSigningAlgorithmSchemas as SigningAlgorithmSchemas, type TraceContext, TraceContextCodec, Uint32ArrayCodec, Uint8ArrayCodec, WebSocketCloseCode, type WebSocketConnectionInfo, type WebSocketError, WebSocketErrorType, assertDefined, assertNotNull, createKeyDerivationInfo, createKeygenResultFromSecretShare, decapsulateMlKem768, decryptKeygenResult, decryptPayload, deriveAESKey, encapsulateMlKem768, encryptKeygenInit, encryptKeyshare, encryptPayload, fromDynamicSigningAlgorithm, generateMlKem768Keypair, getAllSupportedMessages, getDefined, getMessageClass, isValidMessageType, isValidSigningAlgorithm, messageRegistry, parseMessageKey, signingAlgorithmRegistry, toDynamicSigningAlgorithm };
|
package/dist/index.d.ts
CHANGED
|
@@ -108,6 +108,18 @@ declare const TraceContextCodec: io_ts.UnionC<[io_ts.PartialC<{
|
|
|
108
108
|
*/
|
|
109
109
|
declare const OptionalStringCodec: io_ts.UnionC<[io_ts.StringC, io_ts.UndefinedC]>;
|
|
110
110
|
|
|
111
|
+
/**
|
|
112
|
+
* Creates an io-ts codec that validates an integer is within [min, max].
|
|
113
|
+
* Rejects non-integer numbers, NaN, and Infinity.
|
|
114
|
+
*/
|
|
115
|
+
declare function BoundedIntCodec(name: string, min: number, max: number): Type<number, number, unknown>;
|
|
116
|
+
|
|
117
|
+
/**
|
|
118
|
+
* Validates a relay domain: must be a well-formed domain (via DomainCodec)
|
|
119
|
+
* AND must not resolve to a private/loopback/link-local address.
|
|
120
|
+
*/
|
|
121
|
+
declare const RelayDomainCodec: Type<string, string, unknown>;
|
|
122
|
+
|
|
111
123
|
/**
|
|
112
124
|
* ReceiveKey Response Runtime Data
|
|
113
125
|
*/
|
|
@@ -191,9 +203,6 @@ interface ReceiveKeyRequestWire {
|
|
|
191
203
|
environmentId?: string;
|
|
192
204
|
traceContext?: TraceContext;
|
|
193
205
|
}
|
|
194
|
-
/**
|
|
195
|
-
* ReceiveKey V1 Request Schema
|
|
196
|
-
*/
|
|
197
206
|
declare const ReceiveKeyRequestSchema: io_ts.Type<any, any, unknown>;
|
|
198
207
|
type ReceiveKeyRequest = TypeOf<typeof ReceiveKeyRequestSchema>;
|
|
199
208
|
/**
|
|
@@ -267,6 +276,8 @@ declare const KeygenV1ResponseMessage: {
|
|
|
267
276
|
}>;
|
|
268
277
|
};
|
|
269
278
|
|
|
279
|
+
/** Upper bound for MPC party count — generous ceiling above any real ceremony. */
|
|
280
|
+
declare const MAX_KEYGEN_PARTIES = 10;
|
|
270
281
|
/**
|
|
271
282
|
* Keygen Request Runtime Data
|
|
272
283
|
* Supports ECDSA and BIP340 algorithms only
|
|
@@ -1599,4 +1610,4 @@ declare class SigningAlgorithmRegistry {
|
|
|
1599
1610
|
}
|
|
1600
1611
|
declare const signingAlgorithmRegistry: SigningAlgorithmRegistry;
|
|
1601
1612
|
|
|
1602
|
-
export { AES_256_GCM_KEY_SIZE, AES_256_GCM_NONCE_SIZE, AES_256_GCM_TAG_SIZE, ALGORITHMS, ALL_MESSAGE_CLASSES, ALL_MESSAGE_KEYS, ALL_SIGNING_ALGORITHM_NAMES, ALL_SIGNING_ALGORITHM_SCHEMA, type AllMessageTypes, type AllSigningAlgorithmSchemas, BIP340SigningAlgorithm, BaseMessage, BaseSigningAlgorithm, type BaseWebSocketMessage, type ConnectionAckRequest, type ConnectionAckRequestData, ConnectionAckRequestSchema, type ConnectionAckRequestWire, type ConnectionAckResponse, type ConnectionAckResponseData, ConnectionAckResponseSchema, type ConnectionAckResponseWire, ConnectionAckV1RequestMessage, ConnectionAckV1ResponseMessage, type DecryptPayloadOptions, type DecryptedSecretShare, EcdsaSigningAlgorithm, Ed25519SigningAlgorithm, type EncryptPayloadOptions, type EncryptedPayload, EncryptedPayloadCodec, EncryptionPurpose, type ErrorResponse, HKDF_SALT_SIZE, type HandshakeRequest, type HandshakeRequestData, HandshakeRequestSchema, type HandshakeRequestWire, type HandshakeResponse, type HandshakeResponseData, HandshakeResponseSchema, type HandshakeResponseWire, HandshakeV1RequestMessage, HandshakeV1ResponseMessage, type HashAlgorithm, type IMessage, type ISigningAlgorithm, type KeygenRequest, type KeygenRequestData, KeygenRequestSchema, type KeygenRequestWire, type KeygenResponse, type KeygenResponseData, KeygenResponseSchema, type KeygenResponseWire, KeygenV1RequestMessage, KeygenV1ResponseMessage, MessageRegistry, OptionalStringCodec, type ReceiveKeyRequest, type ReceiveKeyRequestData, ReceiveKeyRequestSchema, type ReceiveKeyRequestWire, type ReceiveKeyResponse, type ReceiveKeyResponseData, ReceiveKeyResponseSchema, type ReceiveKeyResponseWire, ReceiveKeyV1RequestMessage, ReceiveKeyV1ResponseMessage, SIGNING_ALGORITHM_CLASSES, SIGNING_ALGORITHM_INSTANCES, type SecretShareData, type SignMessageRequest, type SignMessageRequestData, SignMessageRequestSchema, type SignMessageRequestWire, type SignMessageResponse, type SignMessageResponseData, SignMessageResponseSchema, type SignMessageResponseWire, SignMessageV1RequestMessage, SignMessageV1ResponseMessage, SignatureAlgoSchema, type SigningAlgorithmName, type SigningAlgorithmSchemaFor, type AllSigningAlgorithmSchemas as SigningAlgorithmSchemas, type TraceContext, TraceContextCodec, Uint32ArrayCodec, Uint8ArrayCodec, WebSocketCloseCode, type WebSocketConnectionInfo, type WebSocketError, WebSocketErrorType, assertDefined, assertNotNull, createKeyDerivationInfo, createKeygenResultFromSecretShare, decapsulateMlKem768, decryptKeygenResult, decryptPayload, deriveAESKey, encapsulateMlKem768, encryptKeygenInit, encryptKeyshare, encryptPayload, fromDynamicSigningAlgorithm, generateMlKem768Keypair, getAllSupportedMessages, getDefined, getMessageClass, isValidMessageType, isValidSigningAlgorithm, messageRegistry, parseMessageKey, signingAlgorithmRegistry, toDynamicSigningAlgorithm };
|
|
1613
|
+
export { AES_256_GCM_KEY_SIZE, AES_256_GCM_NONCE_SIZE, AES_256_GCM_TAG_SIZE, ALGORITHMS, ALL_MESSAGE_CLASSES, ALL_MESSAGE_KEYS, ALL_SIGNING_ALGORITHM_NAMES, ALL_SIGNING_ALGORITHM_SCHEMA, type AllMessageTypes, type AllSigningAlgorithmSchemas, BIP340SigningAlgorithm, BaseMessage, BaseSigningAlgorithm, type BaseWebSocketMessage, BoundedIntCodec, type ConnectionAckRequest, type ConnectionAckRequestData, ConnectionAckRequestSchema, type ConnectionAckRequestWire, type ConnectionAckResponse, type ConnectionAckResponseData, ConnectionAckResponseSchema, type ConnectionAckResponseWire, ConnectionAckV1RequestMessage, ConnectionAckV1ResponseMessage, type DecryptPayloadOptions, type DecryptedSecretShare, EcdsaSigningAlgorithm, Ed25519SigningAlgorithm, type EncryptPayloadOptions, type EncryptedPayload, EncryptedPayloadCodec, EncryptionPurpose, type ErrorResponse, HKDF_SALT_SIZE, type HandshakeRequest, type HandshakeRequestData, HandshakeRequestSchema, type HandshakeRequestWire, type HandshakeResponse, type HandshakeResponseData, HandshakeResponseSchema, type HandshakeResponseWire, HandshakeV1RequestMessage, HandshakeV1ResponseMessage, type HashAlgorithm, type IMessage, type ISigningAlgorithm, type KeygenRequest, type KeygenRequestData, KeygenRequestSchema, type KeygenRequestWire, type KeygenResponse, type KeygenResponseData, KeygenResponseSchema, type KeygenResponseWire, KeygenV1RequestMessage, KeygenV1ResponseMessage, MAX_KEYGEN_PARTIES, MessageRegistry, OptionalStringCodec, type ReceiveKeyRequest, type ReceiveKeyRequestData, ReceiveKeyRequestSchema, type ReceiveKeyRequestWire, type ReceiveKeyResponse, type ReceiveKeyResponseData, ReceiveKeyResponseSchema, type ReceiveKeyResponseWire, ReceiveKeyV1RequestMessage, ReceiveKeyV1ResponseMessage, RelayDomainCodec, SIGNING_ALGORITHM_CLASSES, SIGNING_ALGORITHM_INSTANCES, type SecretShareData, type SignMessageRequest, type SignMessageRequestData, SignMessageRequestSchema, type SignMessageRequestWire, type SignMessageResponse, type SignMessageResponseData, SignMessageResponseSchema, type SignMessageResponseWire, SignMessageV1RequestMessage, SignMessageV1ResponseMessage, SignatureAlgoSchema, type SigningAlgorithmName, type SigningAlgorithmSchemaFor, type AllSigningAlgorithmSchemas as SigningAlgorithmSchemas, type TraceContext, TraceContextCodec, Uint32ArrayCodec, Uint8ArrayCodec, WebSocketCloseCode, type WebSocketConnectionInfo, type WebSocketError, WebSocketErrorType, assertDefined, assertNotNull, createKeyDerivationInfo, createKeygenResultFromSecretShare, decapsulateMlKem768, decryptKeygenResult, decryptPayload, deriveAESKey, encapsulateMlKem768, encryptKeygenInit, encryptKeyshare, encryptPayload, fromDynamicSigningAlgorithm, generateMlKem768Keypair, getAllSupportedMessages, getDefined, getMessageClass, isValidMessageType, isValidSigningAlgorithm, messageRegistry, parseMessageKey, signingAlgorithmRegistry, toDynamicSigningAlgorithm };
|
package/dist/index.js
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { either } from 'fp-ts';
|
|
2
|
-
import { Type, failure, success, type, partial, number, string, union, undefined as _undefined, intersection, literal,
|
|
2
|
+
import { Type, failure, success, type, partial, number, string, union, undefined as _undefined, identity, intersection, literal, unknown, array } from 'io-ts';
|
|
3
3
|
import { hexToBytes, bytesToHex, randomBytes } from '@noble/hashes/utils.js';
|
|
4
4
|
import { SigningAlgorithm } from '@dynamic-labs-wallet/primitives';
|
|
5
5
|
import { ml_kem768 } from '@noble/post-quantum/ml-kem.js';
|
|
@@ -98,6 +98,57 @@ var OptionalStringCodec = union([
|
|
|
98
98
|
string,
|
|
99
99
|
_undefined
|
|
100
100
|
]);
|
|
101
|
+
function BoundedIntCodec(name, min, max) {
|
|
102
|
+
return new Type(name, (u) => typeof u === "number" && Number.isInteger(u) && u >= min && u <= max, (u, c) => {
|
|
103
|
+
if (typeof u !== "number") {
|
|
104
|
+
return failure(u, c, `${name}: expected a number`);
|
|
105
|
+
}
|
|
106
|
+
if (!Number.isInteger(u)) {
|
|
107
|
+
return failure(u, c, `${name}: expected an integer`);
|
|
108
|
+
}
|
|
109
|
+
if (u < min || u > max) {
|
|
110
|
+
return failure(u, c, `${name}: value ${u} out of range [${min}, ${max}]`);
|
|
111
|
+
}
|
|
112
|
+
return success(u);
|
|
113
|
+
}, (a) => a);
|
|
114
|
+
}
|
|
115
|
+
__name(BoundedIntCodec, "BoundedIntCodec");
|
|
116
|
+
var DomainCodec = new Type("DomainCodec", (u) => typeof u === "string", (u, c) => {
|
|
117
|
+
if (typeof u !== "string") {
|
|
118
|
+
return failure(u, c, "Value must be a string");
|
|
119
|
+
}
|
|
120
|
+
const domainPattern = /^[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*(?::\d{1,5})?$/;
|
|
121
|
+
if (!domainPattern.test(u)) {
|
|
122
|
+
return failure(u, c, "Invalid domain format");
|
|
123
|
+
}
|
|
124
|
+
return success(u);
|
|
125
|
+
}, identity);
|
|
126
|
+
|
|
127
|
+
// src/codecs/RelayDomainCodec.ts
|
|
128
|
+
var BLOCKED_PATTERNS = [
|
|
129
|
+
/^localhost(:\d+)?$/i,
|
|
130
|
+
/^127\.\d{1,3}\.\d{1,3}\.\d{1,3}(:\d+)?$/,
|
|
131
|
+
/^0\.0\.0\.0(:\d+)?$/,
|
|
132
|
+
/^10\.\d{1,3}\.\d{1,3}\.\d{1,3}(:\d+)?$/,
|
|
133
|
+
/^172\.(1[6-9]|2\d|3[01])\.\d{1,3}\.\d{1,3}(:\d+)?$/,
|
|
134
|
+
/^192\.168\.\d{1,3}\.\d{1,3}(:\d+)?$/,
|
|
135
|
+
/^169\.254\.\d{1,3}\.\d{1,3}(:\d+)?$/,
|
|
136
|
+
/^\[::1\](:\d+)?$/,
|
|
137
|
+
/^\[fd[0-9a-f]{2}:/i,
|
|
138
|
+
/^\[fe80:/i,
|
|
139
|
+
/^instance-data\.ec2\.internal(:\d+)?$/i
|
|
140
|
+
];
|
|
141
|
+
var RelayDomainCodec = new Type("RelayDomainCodec", (u) => typeof u === "string", (u, c) => {
|
|
142
|
+
const base = DomainCodec.decode(u);
|
|
143
|
+
if (base._tag === "Left") return base;
|
|
144
|
+
const domain = base.right;
|
|
145
|
+
for (const pattern of BLOCKED_PATTERNS) {
|
|
146
|
+
if (pattern.test(domain)) {
|
|
147
|
+
return failure(u, c, "Relay domain must not be a private, loopback, or link-local address");
|
|
148
|
+
}
|
|
149
|
+
}
|
|
150
|
+
return success(domain);
|
|
151
|
+
}, identity);
|
|
101
152
|
function buildMessageSchema(messageType, version, additionalFields = {}, ...additionalSchemas) {
|
|
102
153
|
const schema = type({
|
|
103
154
|
type: literal(messageType),
|
|
@@ -435,16 +486,6 @@ var WebSocketCloseCode = {
|
|
|
435
486
|
/** Abnormal closure — no close frame (network drop, etc.). */
|
|
436
487
|
ABNORMAL: 1006
|
|
437
488
|
};
|
|
438
|
-
var DomainCodec = new Type("DomainCodec", (u) => typeof u === "string", (u, c) => {
|
|
439
|
-
if (typeof u !== "string") {
|
|
440
|
-
return failure(u, c, "Value must be a string");
|
|
441
|
-
}
|
|
442
|
-
const domainPattern = /^[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*(?::\d{1,5})?$/;
|
|
443
|
-
if (!domainPattern.test(u)) {
|
|
444
|
-
return failure(u, c, "Invalid domain format");
|
|
445
|
-
}
|
|
446
|
-
return success(u);
|
|
447
|
-
}, identity);
|
|
448
489
|
var Uint8ArrayOrHexCodec = new Type(
|
|
449
490
|
"Uint8ArrayOrHex",
|
|
450
491
|
(u) => u instanceof Uint8Array,
|
|
@@ -477,7 +518,7 @@ var Uint8ArrayOrHexCodec = new Type(
|
|
|
477
518
|
|
|
478
519
|
// src/messages/SignMessageV1Request.ts
|
|
479
520
|
var SignMessageRequestSchema = buildMessageSchema("signMessage", 1, {
|
|
480
|
-
relayDomain:
|
|
521
|
+
relayDomain: RelayDomainCodec,
|
|
481
522
|
keyshare: EncryptedPayloadCodec,
|
|
482
523
|
message: Uint8ArrayOrHexCodec,
|
|
483
524
|
roomUuid: string,
|
|
@@ -565,11 +606,14 @@ var ConnectionAckV1ResponseMessage = createSimpleMessage({
|
|
|
565
606
|
version: 1,
|
|
566
607
|
schema: ConnectionAckResponseSchema
|
|
567
608
|
});
|
|
609
|
+
var MAX_KEYGEN_PARTIES = 10;
|
|
610
|
+
var NumPartiesCodec = BoundedIntCodec("numParties", 2, MAX_KEYGEN_PARTIES);
|
|
611
|
+
var ThresholdCodec = BoundedIntCodec("threshold", 1, MAX_KEYGEN_PARTIES);
|
|
568
612
|
var BaseKeygenParamsCodec = type({
|
|
569
|
-
relayDomain:
|
|
613
|
+
relayDomain: RelayDomainCodec,
|
|
570
614
|
roomUuid: string,
|
|
571
|
-
numParties:
|
|
572
|
-
threshold:
|
|
615
|
+
numParties: NumPartiesCodec,
|
|
616
|
+
threshold: ThresholdCodec,
|
|
573
617
|
keygenInit: EncryptedPayloadCodec,
|
|
574
618
|
keygenIds: array(string),
|
|
575
619
|
userId: OptionalStringCodec,
|
|
@@ -589,10 +633,10 @@ var KeygenAlgoParamsCodec = union([
|
|
|
589
633
|
BIP340KeygenParamsCodec
|
|
590
634
|
]);
|
|
591
635
|
var KeygenRequestSchema = buildMessageSchema("keygen", 1, {
|
|
592
|
-
relayDomain:
|
|
636
|
+
relayDomain: RelayDomainCodec,
|
|
593
637
|
roomUuid: string,
|
|
594
|
-
numParties:
|
|
595
|
-
threshold:
|
|
638
|
+
numParties: NumPartiesCodec,
|
|
639
|
+
threshold: ThresholdCodec,
|
|
596
640
|
keygenInit: EncryptedPayloadCodec,
|
|
597
641
|
keygenIds: array(string),
|
|
598
642
|
userId: OptionalStringCodec,
|
|
@@ -642,12 +686,14 @@ var KeygenV1ResponseMessage = createStandardMessage({
|
|
|
642
686
|
error: decoded.error
|
|
643
687
|
}))
|
|
644
688
|
});
|
|
689
|
+
var NumPartiesCodec2 = BoundedIntCodec("numParties", 2, MAX_KEYGEN_PARTIES);
|
|
690
|
+
var ThresholdCodec2 = BoundedIntCodec("threshold", 1, MAX_KEYGEN_PARTIES);
|
|
645
691
|
var ReceiveKeyRequestSchema = buildMessageSchema("receiveKey", 1, {
|
|
646
|
-
relayDomain:
|
|
692
|
+
relayDomain: RelayDomainCodec,
|
|
647
693
|
signingAlgo: literal("ed25519"),
|
|
648
694
|
roomUuid: string,
|
|
649
|
-
numParties:
|
|
650
|
-
threshold:
|
|
695
|
+
numParties: NumPartiesCodec2,
|
|
696
|
+
threshold: ThresholdCodec2,
|
|
651
697
|
keygenInit: EncryptedPayloadCodec,
|
|
652
698
|
keygenIds: array(string),
|
|
653
699
|
userId: OptionalStringCodec,
|
|
@@ -1019,6 +1065,6 @@ var SigningAlgorithmRegistry = class SigningAlgorithmRegistry2 {
|
|
|
1019
1065
|
};
|
|
1020
1066
|
var signingAlgorithmRegistry = new SigningAlgorithmRegistry();
|
|
1021
1067
|
|
|
1022
|
-
export { AES_256_GCM_KEY_SIZE, AES_256_GCM_NONCE_SIZE, AES_256_GCM_TAG_SIZE, ALGORITHMS, ALL_MESSAGE_CLASSES, ALL_MESSAGE_KEYS, ALL_SIGNING_ALGORITHM_NAMES, ALL_SIGNING_ALGORITHM_SCHEMA, BIP340SigningAlgorithm, BaseMessage, BaseSigningAlgorithm, ConnectionAckRequestSchema, ConnectionAckResponseSchema, ConnectionAckV1RequestMessage, ConnectionAckV1ResponseMessage, EcdsaSigningAlgorithm, Ed25519SigningAlgorithm, EncryptedPayloadCodec, EncryptionPurpose, HKDF_SALT_SIZE, HandshakeRequestSchema, HandshakeResponseSchema, HandshakeV1RequestMessage, HandshakeV1ResponseMessage, KeygenRequestSchema, KeygenResponseSchema, KeygenV1RequestMessage, KeygenV1ResponseMessage, MessageRegistry, OptionalStringCodec, ReceiveKeyRequestSchema, ReceiveKeyResponseSchema, ReceiveKeyV1RequestMessage, ReceiveKeyV1ResponseMessage, SIGNING_ALGORITHM_CLASSES, SIGNING_ALGORITHM_INSTANCES, SignMessageRequestSchema, SignMessageResponseSchema, SignMessageV1RequestMessage, SignMessageV1ResponseMessage, SignatureAlgoSchema, TraceContextCodec, Uint32ArrayCodec, Uint8ArrayCodec, WebSocketCloseCode, WebSocketErrorType, assertDefined, assertNotNull, createKeyDerivationInfo, createKeygenResultFromSecretShare, decapsulateMlKem768, decryptKeygenResult, decryptPayload, deriveAESKey, encapsulateMlKem768, encryptKeygenInit, encryptKeyshare, encryptPayload, fromDynamicSigningAlgorithm, generateMlKem768Keypair, getAllSupportedMessages, getDefined, getMessageClass, isValidMessageType, isValidSigningAlgorithm, messageRegistry, parseMessageKey, signingAlgorithmRegistry, toDynamicSigningAlgorithm };
|
|
1068
|
+
export { AES_256_GCM_KEY_SIZE, AES_256_GCM_NONCE_SIZE, AES_256_GCM_TAG_SIZE, ALGORITHMS, ALL_MESSAGE_CLASSES, ALL_MESSAGE_KEYS, ALL_SIGNING_ALGORITHM_NAMES, ALL_SIGNING_ALGORITHM_SCHEMA, BIP340SigningAlgorithm, BaseMessage, BaseSigningAlgorithm, BoundedIntCodec, ConnectionAckRequestSchema, ConnectionAckResponseSchema, ConnectionAckV1RequestMessage, ConnectionAckV1ResponseMessage, EcdsaSigningAlgorithm, Ed25519SigningAlgorithm, EncryptedPayloadCodec, EncryptionPurpose, HKDF_SALT_SIZE, HandshakeRequestSchema, HandshakeResponseSchema, HandshakeV1RequestMessage, HandshakeV1ResponseMessage, KeygenRequestSchema, KeygenResponseSchema, KeygenV1RequestMessage, KeygenV1ResponseMessage, MAX_KEYGEN_PARTIES, MessageRegistry, OptionalStringCodec, ReceiveKeyRequestSchema, ReceiveKeyResponseSchema, ReceiveKeyV1RequestMessage, ReceiveKeyV1ResponseMessage, RelayDomainCodec, SIGNING_ALGORITHM_CLASSES, SIGNING_ALGORITHM_INSTANCES, SignMessageRequestSchema, SignMessageResponseSchema, SignMessageV1RequestMessage, SignMessageV1ResponseMessage, SignatureAlgoSchema, TraceContextCodec, Uint32ArrayCodec, Uint8ArrayCodec, WebSocketCloseCode, WebSocketErrorType, assertDefined, assertNotNull, createKeyDerivationInfo, createKeygenResultFromSecretShare, decapsulateMlKem768, decryptKeygenResult, decryptPayload, deriveAESKey, encapsulateMlKem768, encryptKeygenInit, encryptKeyshare, encryptPayload, fromDynamicSigningAlgorithm, generateMlKem768Keypair, getAllSupportedMessages, getDefined, getMessageClass, isValidMessageType, isValidSigningAlgorithm, messageRegistry, parseMessageKey, signingAlgorithmRegistry, toDynamicSigningAlgorithm };
|
|
1023
1069
|
//# sourceMappingURL=index.js.map
|
|
1024
1070
|
//# sourceMappingURL=index.js.map
|