npm - @empereur-rouge/pms-sdk - Versions diffs - 0.3.8 → 0.5.0 - Mend

@empereur-rouge/pms-sdk 0.3.8 → 0.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/dist/index.js CHANGED Viewed

@@ -9,6 +9,7 @@ import { wordlist } from "@scure/bip39/wordlists/english";
 // src/utils.ts
 import { sha256 } from "@noble/hashes/sha2";
 import { bytesToHex, hexToBytes } from "@noble/hashes/utils";
+import { base64, bech32m } from "@scure/base";
 function sha256Hash(data) {
   return sha256(data);
 }
@@ -21,12 +22,103 @@ function fromHex(hex) {
 function encodeUtf8(str) {
   return new TextEncoder().encode(str);
 }
-function computeBlockId(parents, payloadJson, nonce) {
-  const parentsStr = parents.sort().join(",");
-  const payloadStr = payloadJson ?? "";
-  const content = `${parentsStr}|${payloadStr}|${nonce}`;
-  const hash = sha256Hash(encodeUtf8(content));
-  return toHex(hash);
+function toBase64(bytes) {
+  return base64.encode(bytes);
+}
+function txSigningMessage(networkId, inputs, outputs, fee) {
+  const canonInputs = inputs.map((i) => ({
+    out: { txid: i.out.txid, index: i.out.index }
+  }));
+  const canonOutputs = outputs.map((o) => {
+    const out = {
+      address: o.address,
+      amount: o.amount
+    };
+    if (o.asset_id !== void 0 && o.asset_id !== null) {
+      out.asset_id = o.asset_id;
+    }
+    if (o.locked_until !== void 0 && o.locked_until !== null) {
+      out.locked_until = o.locked_until;
+    }
+    if (o.spend_condition !== void 0 && o.spend_condition !== null) {
+      out.spend_condition = o.spend_condition;
+    }
+    if (o.created_at !== void 0 && o.created_at !== null) {
+      out.created_at = o.created_at;
+    }
+    return out;
+  });
+  const canon = {
+    network_id: networkId,
+    inputs: canonInputs,
+    outputs: canonOutputs,
+    fee
+  };
+  return toHex(sha256Hash(encodeUtf8(JSON.stringify(canon))));
+}
+var PLAIN_VARIANT_TO_PAYLOAD_TYPE = {
+  Genesis: "Genesis",
+  Mint: "Mint",
+  TxUtxo: "Transaction",
+  Milestone: "Milestone",
+  Nft: "Nft",
+  ConfigUpdate: "ConfigUpdate",
+  Reward: "Reward",
+  EncryptedReward: "EncryptedReward",
+  TokenCreate: "TokenCreate",
+  BridgeLock: "BridgeLock",
+  BridgeMint: "BridgeMint",
+  Freeze: "Freeze",
+  Unfreeze: "Unfreeze",
+  Seize: "Seize",
+  Reverse: "Reverse",
+  ContractRegister: "ContractRegister",
+  ContractUpdate: "ContractUpdate",
+  LedgerOwnershipTransfer: "LedgerOwnershipTransfer",
+  CoordinatorKeyRotate: "CoordinatorKeyRotate"
+};
+var EMPTY_COMMITMENT = "0000000000000000000000000000000000000000000000000000000000000000";
+function computeBlockId(parents, payload, nonce) {
+  let payload_type;
+  let commitment;
+  let len_hint;
+  let key_version;
+  if (payload === void 0 || payload === null) {
+    payload_type = "None";
+    commitment = EMPTY_COMMITMENT;
+    len_hint = 0;
+    key_version = 0;
+  } else if ("Plain" in payload) {
+    const plain = payload.Plain;
+    const variant = typeof plain === "string" ? plain : Object.keys(plain)[0];
+    payload_type = PLAIN_VARIANT_TO_PAYLOAD_TYPE[variant] ?? variant;
+    const plainBytes = encodeUtf8(JSON.stringify(plain));
+    commitment = toHex(sha256Hash(plainBytes));
+    len_hint = plainBytes.length;
+    key_version = 0;
+  } else {
+    const enc = payload.Encrypted;
+    payload_type = "Encrypted";
+    commitment = enc.commitment;
+    len_hint = enc.ciphertext_b64.length;
+    key_version = enc.key_version;
+  }
+  const head = {
+    parents,
+    nonce,
+    envelope: { payload_type, commitment, len_hint, key_version }
+  };
+  return toHex(sha256Hash(encodeUtf8(JSON.stringify(head))));
+}
+function x25519FromAddress(address) {
+  try {
+    const decoded = bech32m.decode(address, false);
+    const bytes = bech32m.fromWords(decoded.words);
+    if (bytes.length !== 52) return void 0;
+    return toHex(bytes.slice(20));
+  } catch {
+    return void 0;
+  }
 }
 function parseAmount(amount) {
   const [whole, frac = ""] = amount.split(".");
@@ -39,6 +131,47 @@ function formatAmount(sats) {
   const fracStr = frac.toString().padStart(8, "0");
   return `${whole}.${fracStr}`;
 }
+var DAY_MS = 864e5;
+function multisigAddress(m, pubkeys) {
+  const normalized = pubkeys.map((pk) => {
+    const t = pk.trim();
+    return (t.startsWith("0x") ? t.slice(2) : t).toLowerCase();
+  }).sort();
+  const parts = [
+    encodeUtf8("pms-multisig-v1"),
+    new Uint8Array([m, normalized.length]),
+    ...normalized.map((pk) => encodeUtf8(pk))
+  ];
+  const total = parts.reduce((n, p) => n + p.length, 0);
+  const buf = new Uint8Array(total);
+  let off = 0;
+  for (const p of parts) {
+    buf.set(p, off);
+    off += p.length;
+  }
+  return `msig1${toHex(sha256Hash(buf).slice(0, 20))}`;
+}
+function hashlockHash(preimage) {
+  const bytes = typeof preimage === "string" ? encodeUtf8(preimage) : preimage;
+  return toHex(sha256Hash(bytes));
+}
+function effectiveValue(amount, createdAtMs, nowMs, bpsPerDay) {
+  if (createdAtMs === void 0 || createdAtMs === null || !bpsPerDay) {
+    return amount;
+  }
+  const elapsed = nowMs - createdAtMs;
+  const days = elapsed > 0 ? BigInt(Math.floor(elapsed / DAY_MS)) : 0n;
+  if (days === 0n) return amount;
+  const sats = parseAmount(amount);
+  const scaled = sats * 10000n - sats * BigInt(bpsPerDay) * days;
+  if (scaled <= 0n) return "0.00000000";
+  return formatAmount(scaled / 10000n);
+}
+function spendableUtxos(utxos, nowMs = Date.now()) {
+  return utxos.filter(
+    (u) => u.locked_until === void 0 || u.locked_until === null || u.locked_until <= nowMs
+  );
+}
 // src/wallet.ts
 var PmsWallet = class _PmsWallet {
@@ -213,11 +346,33 @@ var PmsWallet = class _PmsWallet {
 function isValidMnemonic(mnemonic) {
   return validateMnemonic(mnemonic.trim().toLowerCase(), wordlist);
 }
+function makeUnlock(signers, txHashHex, opts) {
+  if (signers.length === 0) {
+    throw new Error("makeUnlock: at least one signer is required");
+  }
+  const msg = encodeUtf8(txHashHex);
+  const sign = (w) => toBase64(fromHex(w.sign(msg)));
+  const [primary, ...rest] = signers;
+  const unlock = {
+    pubkey_hex: primary.publicKeyHex,
+    signature_b64: sign(primary)
+  };
+  if (rest.length > 0) {
+    unlock.cosigners = rest.map((w) => ({
+      pubkey_hex: w.publicKeyHex,
+      signature_b64: sign(w)
+    }));
+  }
+  if (opts?.preimageHex !== void 0) {
+    unlock.preimage_hex = opts.preimageHex;
+  }
+  return unlock;
+}
 // src/types.ts
 var DEFAULT_CONFIG = {
   networkId: "pms-mainnet",
-  protocolVersion: 1,
+  protocolVersion: 3,
   timeout: 3e4,
   seedNodes: [],
   enableRacing: true,
@@ -232,13 +387,13 @@ import { gcm } from "@noble/ciphers/aes.js";
 import { hkdf as hkdf2 } from "@noble/hashes/hkdf";
 import { sha256 as sha2563 } from "@noble/hashes/sha2";
 import { randomBytes, bytesToHex as bytesToHex2, hexToBytes as hexToBytes2 } from "@noble/hashes/utils";
-import { base64 } from "@scure/base";
+import { base64 as base642 } from "@scure/base";
 var SCHEME = "x25519+aes256gcm";
 var HKDF_SALT = new TextEncoder().encode("pms-dek-wrap");
 var HKDF_INFO_KEK = new TextEncoder().encode("kek-v1");
 var HKDF_INFO_KID = new TextEncoder().encode("kid-v1");
 function fromBase64(str) {
-  return base64.decode(str);
+  return base642.decode(str);
 }
 function sha256Hex(data) {
   return bytesToHex2(sha2563(data));
@@ -403,11 +558,24 @@ var PmsClient = class {
   }
   /**
    * Récupère les UTXOs d'une adresse.
+   *
+   * Depuis dag-pms v0.10.0, chaque UTXO expose aussi ses contraintes de
+   * dépense : `locked_until` (time-lock), `spend_condition`
+   * (MultiSig/HashLock) et `created_at` (base du demurrage). Utiliser
+   * [`spendableUtxos`] pour exclure les UTXOs encore verrouillés avant
+   * toute sélection de coins côté client.
    */
   async getUtxos(address) {
     const res = await this.fetch(`/v1/wallet/${address}/utxos`, void 0, { idempotent: true });
     return res.utxos ?? [];
   }
+  /**
+   * Dernier snapshot de preuve de réserves ancré (protocole 2.6,
+   * `GET /v1/reserves/latest`). 404 si aucun snapshot n'a encore été ancré.
+   */
+  async getLatestReserves() {
+    return this.fetch("/v1/reserves/latest", void 0, { idempotent: true });
+  }
   // ═══════════════════════════════════════════════════════════════════════
   // Wallet API (Custodial — Server-Side)
   // ═══════════════════════════════════════════════════════════════════════
@@ -864,101 +1032,83 @@ var PmsClient = class {
   }
   /**
    * Envoie des tokens à une adresse.
-   * Construit automatiquement la transaction, la signe et la soumet.
+   *
+   * Flux aligné sur dag-pms v0.9.0 (single-writer + vérification des
+   * signatures de transaction par l'engine) :
+   * 1. `POST /v1/tx/prepare` — le serveur sélectionne les UTXOs et calcule
+   *    les frais.
+   * 2. Vérification défensive côté client : l'output destinataire demandé
+   *    existe bien, et le `tx_hash` retourné correspond au message canonique
+   *    recalculé localement (`txSigningMessage`). On ne signe JAMAIS un hash
+   *    opaque non vérifié.
+   * 3. Le wallet signe la TRANSACTION (unlocks) — pas le bloc. C'est le
+   *    serveur qui forge et signe le bloc (single-writer enforcement).
+   * 4. `POST /v1/wallet/tx/send` avec la TX signée + les clés X25519 des
+   *    destinataires pour le chiffrement du payload.
+   *
+   * @param params.to - Adresse destinataire (Bech32m de préférence)
+   * @param params.amount - Montant décimal (ex: "10.0")
+   * @param params.wallet - Wallet signataire (propriétaire des UTXOs)
+   * @param params.assetId - Asset ID optionnel (undefined = PMS natif)
+   * @returns `{id, status, block_id}` — id du bloc forgé par le serveur
    */
   async send(params) {
-    const { to, amount, wallet, memo: _memo } = params;
-    const utxos = await this.getUtxos(wallet.address);
-    if (utxos.length === 0) {
-      throw new Error("No UTXOs available");
-    }
-    const netConfig = await this.getNetworkConfig();
-    const baseFeeSats = parseAmount(netConfig.base_fee || "0");
-    const feeRateBps = BigInt(netConfig.fee_rate_bps || 0);
-    const amountSats = parseAmount(amount);
-    const variableFee = amountSats * feeRateBps / 10000n;
-    const fee = baseFeeSats + variableFee;
-    const totalNeeded = amountSats + fee;
-    let selectedSats = 0n;
-    const selectedUtxos = [];
-    for (const utxo of utxos) {
-      selectedUtxos.push(utxo);
-      selectedSats += parseAmount(utxo.amount || "0");
-      if (selectedSats >= totalNeeded) break;
+    const { to, amount, wallet, assetId } = params;
+    const prepareBody = {
+      from: wallet.address,
+      to,
+      amount
+    };
+    if (assetId !== void 0) {
+      prepareBody.asset_id = assetId;
     }
-    if (selectedSats < totalNeeded) {
+    const prepared = await this.prepareTx(prepareBody);
+    const { unsigned_tx, tx_hash } = prepared;
+    const requestedSats = parseAmount(amount);
+    const recipientOutput = unsigned_tx.outputs.find(
+      (o) => o.address === to && (o.asset_id ?? void 0) === (assetId ?? void 0) && parseAmount(o.amount) >= requestedSats
+    );
+    if (!recipientOutput) {
       throw new Error(
-        `Insufficient balance: have ${formatAmount(selectedSats)}, need ${formatAmount(totalNeeded)} (incl. fee ${formatAmount(fee)})`
+        `Prepared transaction does not contain the requested output (to=${to}, amount=${amount}, asset=${assetId ?? "PMS"}). Refusing to sign a transaction that does not pay the intended recipient.`
       );
     }
-    const outputs = [
-      { address: to, amount: formatAmount(amountSats) }
-    ];
-    if (fee > 0n) {
-      outputs.push({
-        address: netConfig.fee_recipient,
-        amount: formatAmount(fee)
-      });
-    }
-    const change = selectedSats - amountSats - fee;
-    if (change > 0n) {
-      outputs.push({ address: wallet.address, amount: formatAmount(change) });
+    const localHash = txSigningMessage(
+      this.config.networkId,
+      unsigned_tx.inputs,
+      unsigned_tx.outputs,
+      unsigned_tx.fee
+    );
+    if (localHash !== tx_hash) {
+      throw new Error(
+        `tx_hash mismatch: server returned ${tx_hash}, locally computed ${localHash}. Either the client networkId ("${this.config.networkId}") does not match the node's network, or the server response was tampered with. Refusing to sign.`
+      );
     }
-    const inputs = selectedUtxos.map((utxo) => ({
-      out: {
-        txid: utxo.outpoint.txid,
-        index: utxo.outpoint.index
-      }
-    }));
-    const txCanonical = {
-      inputs,
-      outputs,
-      fee: formatAmount(fee)
-    };
-    const txMessage = JSON.stringify(txCanonical);
-    const txSignatureHex = wallet.sign(encodeUtf8(txMessage));
-    const txSigBytes = fromHex(txSignatureHex);
-    const txSigB64 = btoa(String.fromCharCode(...txSigBytes));
-    const unlocks = inputs.map(() => ({
+    const sigHex = wallet.sign(encodeUtf8(tx_hash));
+    const sigB64 = toBase64(fromHex(sigHex));
+    const unlocks = unsigned_tx.inputs.map(() => ({
       pubkey_hex: wallet.publicKeyHex,
-      signature_b64: txSigB64
+      signature_b64: sigB64
     }));
     const tx = {
-      inputs,
-      outputs,
-      fee: formatAmount(fee),
+      inputs: unsigned_tx.inputs,
+      outputs: unsigned_tx.outputs,
+      fee: unsigned_tx.fee,
       unlocks
     };
-    const tips = await this.getTips();
-    const parents = tips.slice(0, 2);
-    const payload = { Plain: { TxUtxo: tx } };
-    const payloadJson = JSON.stringify(payload);
-    let nonce = 0;
-    let blockId = computeBlockId(parents, payloadJson, nonce);
-    const canonicalView = {
-      id: blockId,
-      parents,
-      payload_json: payloadJson,
-      nonce,
-      network_id: this.config.networkId,
-      protocol_version: this.config.protocolVersion,
-      signer_pk_hex: wallet.publicKeyHex
-    };
-    const messageToSign = JSON.stringify(canonicalView);
-    const signatureHex = wallet.sign(encodeUtf8(messageToSign));
-    const signatureBytes = fromHex(signatureHex);
-    const signatureB64 = btoa(String.fromCharCode(...signatureBytes));
-    const wireBlock = {
-      id: blockId,
-      parents,
-      payload_json: payloadJson,
-      nonce,
-      network_id: this.config.networkId,
-      protocol_version: this.config.protocolVersion,
-      signer_pk_hex: wallet.publicKeyHex,
-      signature_hex: signatureB64
-    };
-    return this.submitBlock(wireBlock);
+    const recipientsXpk = [wallet.x25519PublicKeyHex];
+    const toXpk = x25519FromAddress(to);
+    if (toXpk && !recipientsXpk.includes(toXpk)) {
+      recipientsXpk.push(toXpk);
+    }
+    const resp = await this.fetch(
+      "/v1/wallet/tx/send",
+      {
+        method: "POST",
+        body: JSON.stringify({ tx, recipients_xpk: recipientsXpk })
+      }
+    );
+    return { ...resp, block_id: resp.id };
   }
   // ═══════════════════════════════════════════════════════════════════════
   // Méthodes NFT Cube (Burn et Mint spécialisé)
@@ -966,7 +1116,15 @@ var PmsClient = class {
   /**
    * Transférer un NFT à un autre propriétaire.
    * Prend en charge le re-chiffrement des métadonnées via le coordinateur.
-   *
+   *
+   * @deprecated Cette méthode soumet un WireBlock signé par la clé
+   * utilisateur via `/submit/block`. Depuis dag-pms v0.9.0, l'engine tourne
+   * en mode **single-writer** : tout bloc signé par une clé non-coordinateur
+   * est rejeté. Cette méthode ne fonctionne que sur un réseau SANS
+   * single-writer enforcement. Utilisez les flux server-side
+   * (`/v1/nft/transfer/prepare` + endpoints serveur) qui forgent et signent
+   * le bloc côté coordinateur.
+   *
    * @param params - Paramètres du transfert
    * @param params.tokenId - Identifiant du NFT
    * @param params.to - Adresse du nouveau propriétaire
@@ -1002,7 +1160,7 @@ var PmsClient = class {
     const payload = { Plain: { Nft: action } };
     const payloadJson = JSON.stringify(payload);
     const nonce = 0;
-    const blockId = computeBlockId(parents, payloadJson, nonce);
+    const blockId = computeBlockId(parents, payload, nonce);
     const canonicalView = {
       id: blockId,
       parents,
@@ -1034,10 +1192,17 @@ var PmsClient = class {
    * Seul le propriétaire du NFT peut le brûler.
    * Une fois brûlé, le NFT est supprimé définitivement.
    *
-   * Pour les Cubes authentiques (avec signature Authority valide),
+   * Pour les Cubes authentiques (avec signature Authority valide),
    * un remboursement est calculé selon la formule:
    * `(weight * size * density) / 10000` PMS
-   *
+   *
+   * @deprecated Cette méthode poste un WireBlock signé par la clé
+   * utilisateur. Depuis dag-pms v0.9.0, l'engine tourne en mode
+   * **single-writer** : tout bloc signé par une clé non-coordinateur est
+   * rejeté. Cette méthode ne fonctionne que sur un réseau SANS single-writer
+   * enforcement. Le flux supporté est le burn server-side
+   * (`/v1/nft/burn-simple`), où le serveur forge et signe le bloc.
+   *
    * @param params - Paramètres du burn
    * @param params.tokenId - Identifiant du NFT à brûler
    * @param params.wallet - Wallet PMS du propriétaire (doit être l'owner actuel)
@@ -1071,7 +1236,7 @@ var PmsClient = class {
     };
     const payloadJson = JSON.stringify(payload);
     const nonce = 0;
-    const blockId = computeBlockId(parents, payloadJson, nonce);
+    const blockId = computeBlockId(parents, payload, nonce);
     const canonicalView = {
       id: blockId,
       parents,
@@ -1103,7 +1268,14 @@ var PmsClient = class {
   }
   /**
    * Brûle (détruit) plusieurs NFTs en une seule transaction.
-   *
+   *
+   * @deprecated Cette méthode poste un WireBlock signé par la clé
+   * utilisateur. Depuis dag-pms v0.9.0, l'engine tourne en mode
+   * **single-writer** : tout bloc signé par une clé non-coordinateur est
+   * rejeté. Cette méthode ne fonctionne que sur un réseau SANS single-writer
+   * enforcement. Le flux supporté est le burn server-side
+   * (`/v1/nft/burn-simple`), où le serveur forge et signe le bloc.
+   *
    * @param params - Paramètres du batch burn
    * @param params.tokenIds - Liste des Identifiants des NFTs à brûler
    * @param params.wallet - Wallet PMS du propriétaire
@@ -1128,7 +1300,7 @@ var PmsClient = class {
     };
     const payloadJson = JSON.stringify(payload);
     const nonce = 0;
-    const blockId = computeBlockId(parents, payloadJson, nonce);
+    const blockId = computeBlockId(parents, payload, nonce);
     const canonicalView = {
       id: blockId,
       parents,
@@ -1396,12 +1568,19 @@ function mergeAbortSignals(a, b) {
   return controller.signal;
 }
 export {
+  DAY_MS,
   PmsClient,
   PmsWallet,
   decryptPayload,
+  effectiveValue,
   formatAmount,
   fromHex,
+  hashlockHash,
   isValidMnemonic,
+  makeUnlock,
+  multisigAddress,
   parseAmount,
-  toHex
+  spendableUtxos,
+  toHex,
+  txSigningMessage
 };

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
     "name": "@empereur-rouge/pms-sdk",
-    "version": "0.3.8",
+    "version": "0.5.0",
     "description": "TypeScript SDK for PMS (Planetary Monetary System) — wallet management, transactions, NFTs, and DAG interactions",
     "author": "empereur-rouge",
     "license": "MIT",