@enbox/dwn-server 0.0.2 → 0.0.4

package/dist/esm/src/rate-limiter.js

@@ -0,0 +1,116 @@
+/**
+ * Token-bucket rate limiter with per-key state tracking and automatic cleanup.
+ *
+ * Each key (IP address or tenant DID) has its own bucket that refills at a
+ * fixed rate. When a request arrives, a token is consumed. If the bucket is
+ * empty, the request is rejected with a retry-after hint.
+ *
+ * Stale buckets are periodically purged to prevent unbounded memory growth.
+ *
+ * @see https://github.com/enboxorg/enbox/issues/326
+ */
+export class RateLimiter {
+    #refillRate;
+    #maxTokens;
+    #buckets = new Map();
+    #cleanupInterval;
+    /** Stale buckets older than 5 minutes are purged. */
+    static STALE_THRESHOLD_MS = 5 * 60 * 1000;
+    /** Cleanup runs every 60 seconds. */
+    static CLEANUP_INTERVAL_MS = 60 * 1000;
+    constructor(config) {
+        this.#refillRate = config.refillRate;
+        this.#maxTokens = config.maxTokens;
+        // Start periodic cleanup.
+        this.#cleanupInterval = setInterval(() => {
+            this.#cleanup();
+        }, RateLimiter.CLEANUP_INTERVAL_MS);
+    }
+    /**
+     * Attempts to consume a token for the given key.
+     * @returns `{ allowed: true }` if the request is permitted, or
+     *          `{ allowed: false, retryAfterMs }` if the rate limit is exceeded.
+     */
+    consume(key) {
+        const now = Date.now();
+        let bucket = this.#buckets.get(key);
+        if (bucket === undefined) {
+            bucket = { tokens: this.#maxTokens, lastRefill: now };
+            this.#buckets.set(key, bucket);
+        }
+        // Refill tokens based on elapsed time.
+        const elapsed = (now - bucket.lastRefill) / 1000;
+        bucket.tokens = Math.min(this.#maxTokens, bucket.tokens + elapsed * this.#refillRate);
+        bucket.lastRefill = now;
+        if (bucket.tokens >= 1) {
+            bucket.tokens -= 1;
+            return { allowed: true };
+        }
+        // Calculate how long until one token is available.
+        const deficit = 1 - bucket.tokens;
+        const retryAfterMs = Math.ceil((deficit / this.#refillRate) * 1000);
+        return { allowed: false, retryAfterMs };
+    }
+    /**
+     * Returns the number of keys currently being tracked.
+     */
+    get size() {
+        return this.#buckets.size;
+    }
+    /**
+     * Returns the current token count for a key, or `undefined` if not tracked.
+     */
+    getTokens(key) {
+        const bucket = this.#buckets.get(key);
+        if (bucket === undefined) {
+            return undefined;
+        }
+        // Refill to return current state.
+        const elapsed = (Date.now() - bucket.lastRefill) / 1000;
+        return Math.min(this.#maxTokens, bucket.tokens + elapsed * this.#refillRate);
+    }
+    /**
+     * Reconfigures the rate limiter with new settings. Existing buckets are
+     * retained but will use the new `refillRate` and `maxTokens` going forward.
+     *
+     * @see https://github.com/enboxorg/enbox/issues/389
+     */
+    reconfigure(config) {
+        this.#refillRate = config.refillRate;
+        this.#maxTokens = config.maxTokens;
+    }
+    /**
+     * Returns the current configuration of this rate limiter.
+     */
+    get config() {
+        return {
+            refillRate: this.#refillRate,
+            maxTokens: this.#maxTokens,
+        };
+    }
+    /**
+     * Stops the periodic cleanup timer. Call this when shutting down.
+     */
+    destroy() {
+        if (this.#cleanupInterval) {
+            clearInterval(this.#cleanupInterval);
+            this.#cleanupInterval = undefined;
+        }
+        this.#buckets.clear();
+    }
+    /**
+     * Removes buckets that have been at max capacity for longer than the stale threshold.
+     */
+    #cleanup() {
+        const now = Date.now();
+        for (const [key, bucket] of this.#buckets) {
+            const elapsed = (now - bucket.lastRefill) / 1000;
+            const currentTokens = Math.min(this.#maxTokens, bucket.tokens + elapsed * this.#refillRate);
+            const timeSinceLastUse = now - bucket.lastRefill;
+            if (currentTokens >= this.#maxTokens && timeSinceLastUse > RateLimiter.STALE_THRESHOLD_MS) {
+                this.#buckets.delete(key);
+            }
+        }
+    }
+}
+//# sourceMappingURL=rate-limiter.js.map

package/dist/esm/src/rate-limiter.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"rate-limiter.js","sourceRoot":"","sources":["../../../src/rate-limiter.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAcH,MAAM,OAAO,WAAW;IACtB,WAAW,CAAS;IACpB,UAAU,CAAS;IACnB,QAAQ,GAAwB,IAAI,GAAG,EAAE,CAAC;IAC1C,gBAAgB,CAA6C;IAE7D,qDAAqD;IAC7C,MAAM,CAAU,kBAAkB,GAAG,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC;IAC3D,qCAAqC;IAC7B,MAAM,CAAU,mBAAmB,GAAG,EAAE,GAAG,IAAI,CAAC;IAExD,YAAmB,MAAyB;QAC1C,IAAI,CAAC,WAAW,GAAG,MAAM,CAAC,UAAU,CAAC;QACrC,IAAI,CAAC,UAAU,GAAG,MAAM,CAAC,SAAS,CAAC;QAEnC,0BAA0B;QAC1B,IAAI,CAAC,gBAAgB,GAAG,WAAW,CAAC,GAAS,EAAE;YAC7C,IAAI,CAAC,QAAQ,EAAE,CAAC;QAClB,CAAC,EAAE,WAAW,CAAC,mBAAmB,CAAC,CAAC;IACtC,CAAC;IAED;;;;OAIG;IACI,OAAO,CAAC,GAAW;QACxB,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,IAAI,MAAM,GAAG,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAEpC,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;YACzB,MAAM,GAAG,EAAE,MAAM,EAAE,IAAI,CAAC,UAAU,EAAE,UAAU,EAAE,GAAG,EAAE,CAAC;YACtD,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;QACjC,CAAC;QAED,uCAAuC;QACvC,MAAM,OAAO,GAAG,CAAC,GAAG,GAAG,MAAM,CAAC,UAAU,CAAC,GAAG,IAAI,CAAC;QACjD,MAAM,CAAC,MAAM,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,UAAU,EAAE,MAAM,CAAC,MAAM,GAAG,OAAO,GAAG,IAAI,CAAC,WAAW,CAAC,CAAC;QACtF,MAAM,CAAC,UAAU,GAAG,GAAG,CAAC;QAExB,IAAI,MAAM,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;YACvB,MAAM,CAAC,MAAM,IAAI,CAAC,CAAC;YACnB,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;QAC3B,CAAC;QAED,mDAAmD;QACnD,MAAM,OAAO,GAAG,CAAC,GAAG,MAAM,CAAC,MAAM,CAAC;QAClC,MAAM,YAAY,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,OAAO,GAAG,IAAI,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC,CAAC;QACpE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,YAAY,EAAE,CAAC;IAC1C,CAAC;IAED;;OAEG;IACH,IAAW,IAAI;QACb,OAAO,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC;IAC5B,CAAC;IAED;;OAEG;IACI,SAAS,CAAC,GAAW;QAC1B,MAAM,MAAM,GAAG,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACtC,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;YACzB,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,kCAAkC;QAClC,MAAM,OAAO,GAAG,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,MAAM,CAAC,UAAU,CAAC,GAAG,IAAI,CAAC;QACxD,OAAO,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,UAAU,EAAE,MAAM,CAAC,MAAM,GAAG,OAAO,GAAG,IAAI,CAAC,WAAW,CAAC,CAAC;IAC/E,CAAC;IAED;;;;;OAKG;IACI,WAAW,CAAC,MAAyB;QAC1C,IAAI,CAAC,WAAW,GAAG,MAAM,CAAC,UAAU,CAAC;QACrC,IAAI,CAAC,UAAU,GAAG,MAAM,CAAC,SAAS,CAAC;IACrC,CAAC;IAED;;OAEG;IACH,IAAW,MAAM;QACf,OAAO;YACL,UAAU,EAAG,IAAI,CAAC,WAAW;YAC7B,SAAS,EAAI,IAAI,CAAC,UAAU;SAC7B,CAAC;IACJ,CAAC;IAED;;OAEG;IACI,OAAO;QACZ,IAAI,IAAI,CAAC,gBAAgB,EAAE,CAAC;YAC1B,aAAa,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;YACrC,IAAI,CAAC,gBAAgB,GAAG,SAAS,CAAC;QACpC,CAAC;QACD,IAAI,CAAC,QAAQ,CAAC,KAAK,EAAE,CAAC;IACxB,CAAC;IAED;;OAEG;IACH,QAAQ;QACN,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,KAAK,MAAM,CAAC,GAAG,EAAE,MAAM,CAAC,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YAC1C,MAAM,OAAO,GAAG,CAAC,GAAG,GAAG,MAAM,CAAC,UAAU,CAAC,GAAG,IAAI,CAAC;YACjD,MAAM,aAAa,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,UAAU,EAAE,MAAM,CAAC,MAAM,GAAG,OAAO,GAAG,IAAI,CAAC,WAAW,CAAC,CAAC;YAC5F,MAAM,gBAAgB,GAAG,GAAG,GAAG,MAAM,CAAC,UAAU,CAAC;YACjD,IAAI,aAAa,IAAI,IAAI,CAAC,UAAU,IAAI,gBAAgB,GAAG,WAAW,CAAC,kBAAkB,EAAE,CAAC;gBAC1F,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YAC5B,CAAC;QACH,CAAC;IACH,CAAC"}

package/dist/esm/src/registration/jwt-provider-auth-plugin.d.ts

@@ -0,0 +1,53 @@
+import type { ProviderAuthPlugin, ProviderAuthValidationResult } from './provider-auth-plugin.js';
+/**
+ * Options for creating a {@link JwtProviderAuthPlugin}.
+ * Exactly one of `secret` or `jwksUrl` must be provided.
+ */
+export type JwtProviderAuthPluginOptions = {
+    /** HMAC shared secret for HS256/HS384/HS512 tokens. */
+    secret?: string;
+    /** JWKS endpoint URL for RS256/ES256/EdDSA tokens. */
+    jwksUrl?: string;
+    /** Expected JWT `iss` claim. If set, tokens without a matching issuer are rejected. */
+    issuer?: string;
+    /** Expected JWT `aud` claim. If set, tokens without a matching audience are rejected. */
+    audience?: string;
+};
+/**
+ * Built-in {@link ProviderAuthPlugin} that validates JWT registration tokens.
+ *
+ * Supports two modes:
+ * - **HMAC secret** (`DWN_PROVIDER_AUTH_JWT_SECRET`): symmetric HS256 verification.
+ * - **JWKS URL** (`DWN_PROVIDER_AUTH_JWT_JWKS_URL`): asymmetric verification via
+ *   a remote JWKS endpoint (RS256, ES256, EdDSA, etc.). Keys are cached and
+ *   rotated automatically by `jose`.
+ *
+ * The JWT payload may include:
+ * - `sub` — mapped to `accountId` in the validation result.
+ * - `metadata` — arbitrary provider-defined object stored with the tenant.
+ *
+ * This plugin ships with `@enbox/dwn-server` and requires no external code.
+ * Providers who need custom validation logic can implement their own
+ * {@link ProviderAuthPlugin} instead.
+ */
+export declare class JwtProviderAuthPlugin implements ProviderAuthPlugin {
+    #private;
+    private constructor();
+    /**
+     * Create a {@link JwtProviderAuthPlugin} from options.
+     *
+     * @param options - Must include exactly one of `secret` or `jwksUrl`.
+     * @throws If neither `secret` nor `jwksUrl` is provided.
+     */
+    static create(options: JwtProviderAuthPluginOptions): Promise<JwtProviderAuthPlugin>;
+    /**
+     * Create a {@link JwtProviderAuthPlugin} from environment variables.
+     *
+     * Reads `DWN_PROVIDER_AUTH_JWT_SECRET`, `DWN_PROVIDER_AUTH_JWT_JWKS_URL`,
+     * and optionally `DWN_PROVIDER_AUTH_JWT_ISSUER` / `DWN_PROVIDER_AUTH_JWT_AUDIENCE`.
+     */
+    static fromEnv(): Promise<JwtProviderAuthPlugin>;
+    /** @inheritdoc */
+    validateRegistrationToken(token: string): Promise<ProviderAuthValidationResult>;
+}
+//# sourceMappingURL=jwt-provider-auth-plugin.d.ts.map

package/dist/esm/src/registration/jwt-provider-auth-plugin.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"jwt-provider-auth-plugin.d.ts","sourceRoot":"","sources":["../../../../src/registration/jwt-provider-auth-plugin.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,kBAAkB,EAAE,4BAA4B,EAAE,MAAM,2BAA2B,CAAC;AAKlG;;;GAGG;AACH,MAAM,MAAM,4BAA4B,GAAG;IACzC,uDAAuD;IACvD,MAAM,CAAC,EAAG,MAAM,CAAC;IACjB,sDAAsD;IACtD,OAAO,CAAC,EAAG,MAAM,CAAC;IAClB,uFAAuF;IACvF,MAAM,CAAC,EAAG,MAAM,CAAC;IACjB,yFAAyF;IACzF,QAAQ,CAAC,EAAG,MAAM,CAAC;CACpB,CAAC;AAEF;;;;;;;;;;;;;;;;GAgBG;AACH,qBAAa,qBAAsB,YAAW,kBAAkB;;IAK9D,OAAO;IAUP;;;;;OAKG;WACiB,MAAM,CAAC,OAAO,EAAE,4BAA4B,GAAG,OAAO,CAAC,qBAAqB,CAAC;IAiBjG;;;;;OAKG;WACiB,OAAO,IAAI,OAAO,CAAC,qBAAqB,CAAC;IAS7D,kBAAkB;IACL,yBAAyB,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,4BAA4B,CAAC;CA2B7F"}

package/dist/esm/src/registration/jwt-provider-auth-plugin.js

@@ -0,0 +1,90 @@
+import * as jose from 'jose';
+import log from 'loglevel';
+/**
+ * Built-in {@link ProviderAuthPlugin} that validates JWT registration tokens.
+ *
+ * Supports two modes:
+ * - **HMAC secret** (`DWN_PROVIDER_AUTH_JWT_SECRET`): symmetric HS256 verification.
+ * - **JWKS URL** (`DWN_PROVIDER_AUTH_JWT_JWKS_URL`): asymmetric verification via
+ *   a remote JWKS endpoint (RS256, ES256, EdDSA, etc.). Keys are cached and
+ *   rotated automatically by `jose`.
+ *
+ * The JWT payload may include:
+ * - `sub` — mapped to `accountId` in the validation result.
+ * - `metadata` — arbitrary provider-defined object stored with the tenant.
+ *
+ * This plugin ships with `@enbox/dwn-server` and requires no external code.
+ * Providers who need custom validation logic can implement their own
+ * {@link ProviderAuthPlugin} instead.
+ */
+export class JwtProviderAuthPlugin {
+    #getKey;
+    #issuer;
+    #audience;
+    constructor(getKey, issuer, audience) {
+        this.#getKey = getKey;
+        this.#issuer = issuer;
+        this.#audience = audience;
+    }
+    /**
+     * Create a {@link JwtProviderAuthPlugin} from options.
+     *
+     * @param options - Must include exactly one of `secret` or `jwksUrl`.
+     * @throws If neither `secret` nor `jwksUrl` is provided.
+     */
+    static async create(options) {
+        if (!options.secret && !options.jwksUrl) {
+            throw new Error('JwtProviderAuthPlugin: exactly one of `secret` or `jwksUrl` must be provided.');
+        }
+        let getKey;
+        if (options.secret) {
+            getKey = new TextEncoder().encode(options.secret);
+        }
+        else {
+            getKey = jose.createRemoteJWKSet(new URL(options.jwksUrl));
+        }
+        return new JwtProviderAuthPlugin(getKey, options.issuer, options.audience);
+    }
+    /**
+     * Create a {@link JwtProviderAuthPlugin} from environment variables.
+     *
+     * Reads `DWN_PROVIDER_AUTH_JWT_SECRET`, `DWN_PROVIDER_AUTH_JWT_JWKS_URL`,
+     * and optionally `DWN_PROVIDER_AUTH_JWT_ISSUER` / `DWN_PROVIDER_AUTH_JWT_AUDIENCE`.
+     */
+    static async fromEnv() {
+        return JwtProviderAuthPlugin.create({
+            secret: process.env.DWN_PROVIDER_AUTH_JWT_SECRET,
+            jwksUrl: process.env.DWN_PROVIDER_AUTH_JWT_JWKS_URL,
+            issuer: process.env.DWN_PROVIDER_AUTH_JWT_ISSUER,
+            audience: process.env.DWN_PROVIDER_AUTH_JWT_AUDIENCE,
+        });
+    }
+    /** @inheritdoc */
+    async validateRegistrationToken(token) {
+        try {
+            const verifyOptions = {};
+            if (this.#issuer !== undefined) {
+                verifyOptions.issuer = this.#issuer;
+            }
+            if (this.#audience !== undefined) {
+                verifyOptions.audience = this.#audience;
+            }
+            const { payload } = await jose.jwtVerify(token, this.#getKey, verifyOptions);
+            return {
+                isValid: true,
+                accountId: typeof payload.sub === 'string' ? payload.sub : undefined,
+                metadata: typeof payload.metadata === 'object' && payload.metadata !== null
+                    ? payload.metadata
+                    : undefined,
+            };
+        }
+        catch (error) {
+            log.debug('JWT validation failed:', error.message);
+            return {
+                isValid: false,
+                detail: error.message,
+            };
+        }
+    }
+}
+//# sourceMappingURL=jwt-provider-auth-plugin.js.map

package/dist/esm/src/registration/jwt-provider-auth-plugin.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"jwt-provider-auth-plugin.js","sourceRoot":"","sources":["../../../../src/registration/jwt-provider-auth-plugin.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,IAAI,MAAM,MAAM,CAAC;AAC7B,OAAO,GAAG,MAAM,UAAU,CAAC;AAiB3B;;;;;;;;;;;;;;;;GAgBG;AACH,MAAM,OAAO,qBAAqB;IAChC,OAAO,CAAoC;IAC3C,OAAO,CAAqB;IAC5B,SAAS,CAAqB;IAE9B,YACE,MAAyC,EACzC,MAAe,EACf,QAAiB;QAEjB,IAAI,CAAC,OAAO,GAAG,MAAM,CAAC;QACtB,IAAI,CAAC,OAAO,GAAG,MAAM,CAAC;QACtB,IAAI,CAAC,SAAS,GAAG,QAAQ,CAAC;IAC5B,CAAC;IAED;;;;;OAKG;IACI,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,OAAqC;QAC9D,IAAI,CAAC,OAAO,CAAC,MAAM,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;YACxC,MAAM,IAAI,KAAK,CACb,+EAA+E,CAChF,CAAC;QACJ,CAAC;QAED,IAAI,MAAW,CAAC;QAChB,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;YACnB,MAAM,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QACpD,CAAC;aAAM,CAAC;YACN,MAAM,GAAG,IAAI,CAAC,kBAAkB,CAAC,IAAI,GAAG,CAAC,OAAO,CAAC,OAAQ,CAAC,CAAC,CAAC;QAC9D,CAAC;QAED,OAAO,IAAI,qBAAqB,CAAC,MAAM,EAAE,OAAO,CAAC,MAAM,EAAE,OAAO,CAAC,QAAQ,CAAC,CAAC;IAC7E,CAAC;IAED;;;;;OAKG;IACI,MAAM,CAAC,KAAK,CAAC,OAAO;QACzB,OAAO,qBAAqB,CAAC,MAAM,CAAC;YAClC,MAAM,EAAK,OAAO,CAAC,GAAG,CAAC,4BAA4B;YACnD,OAAO,EAAI,OAAO,CAAC,GAAG,CAAC,8BAA8B;YACrD,MAAM,EAAK,OAAO,CAAC,GAAG,CAAC,4BAA4B;YACnD,QAAQ,EAAG,OAAO,CAAC,GAAG,CAAC,8BAA8B;SACtD,CAAC,CAAC;IACL,CAAC;IAED,kBAAkB;IACX,KAAK,CAAC,yBAAyB,CAAC,KAAa;QAClD,IAAI,CAAC;YACH,MAAM,aAAa,GAA0B,EAAE,CAAC;YAChD,IAAI,IAAI,CAAC,OAAO,KAAK,SAAS,EAAE,CAAC;gBAC/B,aAAa,CAAC,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC;YACtC,CAAC;YACD,IAAI,IAAI,CAAC,SAAS,KAAK,SAAS,EAAE,CAAC;gBACjC,aAAa,CAAC,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC;YAC1C,CAAC;YAED,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,IAAI,CAAC,OAAc,EAAE,aAAa,CAAC,CAAC;YAEpF,OAAO;gBACL,OAAO,EAAK,IAAI;gBAChB,SAAS,EAAG,OAAO,OAAO,CAAC,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS;gBACrE,QAAQ,EAAI,OAAO,OAAO,CAAC,QAAQ,KAAK,QAAQ,IAAI,OAAO,CAAC,QAAQ,KAAK,IAAI;oBAC3E,CAAC,CAAC,OAAO,CAAC,QAAmC;oBAC7C,CAAC,CAAC,SAAS;aACd,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,GAAG,CAAC,KAAK,CAAC,wBAAwB,EAAG,KAAe,CAAC,OAAO,CAAC,CAAC;YAC9D,OAAO;gBACL,OAAO,EAAG,KAAK;gBACf,MAAM,EAAK,KAAe,CAAC,OAAO;aACnC,CAAC;QACJ,CAAC;IACH,CAAC;CACF"}

package/dist/esm/src/registration/open-auth-handler.d.ts

@@ -0,0 +1,37 @@
+export declare class OpenAuthHandler {
+    #private;
+    private constructor();
+    /**
+     * Create an {@link OpenAuthHandler}.
+     *
+     * @param secret - HMAC shared secret (same as `DWN_PROVIDER_AUTH_JWT_SECRET`).
+     * @param issuer - JWT issuer claim (typically the DWN server's base URL).
+     * @param tokenTtlSeconds - Registration token lifetime in seconds. Default: 1 year.
+     */
+    static create(secret: string, issuer: string, tokenTtlSeconds?: number): OpenAuthHandler;
+    /**
+     * Handle `GET /provider-auth/authorize`.
+     *
+     * In open-auth mode this immediately generates a code and redirects back
+     * to the `redirect_uri` with `code` and `state` query parameters.
+     * No user interaction is required.
+     */
+    handleAuthorize(url: URL): Response;
+    /**
+     * Handle `POST /provider-auth/token`.
+     *
+     * Exchanges an authorization code for a JWT registration token.
+     * Request body: `{ code: string, redirectUri: string }`.
+     */
+    handleToken(req: Request): Promise<Response>;
+    /**
+     * Handle `POST /provider-auth/refresh`.
+     *
+     * Exchanges a refresh token for a new registration token.
+     * Request body: `{ refreshToken: string }`.
+     */
+    handleRefresh(req: Request): Promise<Response>;
+    /** Stops the periodic cleanup timer and clears all pending codes. */
+    destroy(): void;
+}
+//# sourceMappingURL=open-auth-handler.d.ts.map

package/dist/esm/src/registration/open-auth-handler.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"open-auth-handler.d.ts","sourceRoot":"","sources":["../../../../src/registration/open-auth-handler.ts"],"names":[],"mappings":"AA6BA,qBAAa,eAAe;;IAU1B,OAAO;IAeP;;;;;;OAMG;WACW,MAAM,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,eAAe,SAAqB,GAAG,eAAe;IAQ3G;;;;;;OAMG;IACI,eAAe,CAAC,GAAG,EAAE,GAAG,GAAG,QAAQ;IAgD1C;;;;;OAKG;IACU,WAAW,CAAC,GAAG,EAAE,OAAO,GAAG,OAAO,CAAC,QAAQ,CAAC;IAqDzD;;;;;OAKG;IACU,aAAa,CAAC,GAAG,EAAE,OAAO,GAAG,OAAO,CAAC,QAAQ,CAAC;IA0D3D,qEAAqE;IAC9D,OAAO,IAAI,IAAI;CAcvB"}

package/dist/esm/src/registration/open-auth-handler.js

@@ -0,0 +1,214 @@
+import * as jose from 'jose';
+import log from 'loglevel';
+/**
+ * Built-in "open auth" handler for DWN servers that want registration
+ * without any user authentication (open-to-all).
+ *
+ * Implements the provider-auth-v0 authorize / token / refresh endpoints
+ * locally on the DWN server. The authorize endpoint immediately returns
+ * an authorization code (no user interaction), the token endpoint exchanges
+ * it for a JWT registration token, and the refresh endpoint issues a new token.
+ *
+ * This is the simplest possible auth backend — suitable for free/public DWN
+ * providers. Providers who want real authentication (passkey, OIDC, etc.)
+ * host their own auth service and point `providerAuth.authorizeUrl` /
+ * `tokenUrl` to it instead.
+ *
+ * The JWTs issued here are verified by {@link JwtProviderAuthPlugin} using
+ * the same shared secret (`DWN_PROVIDER_AUTH_JWT_SECRET`).
+ */
+/**
+ * Maximum number of pending authorization codes held in memory.
+ * When the limit is reached, new authorize requests are rejected with 503.
+ */
+const MAX_PENDING_CODES = 10_000;
+/** Interval (ms) at which expired authorization codes are purged. */
+const CLEANUP_INTERVAL_MS = 60_000;
+export class OpenAuthHandler {
+    #secret;
+    #issuer;
+    /** Pending authorization codes. Maps code → { redirectUri, expiresAt }. */
+    #pendingCodes;
+    /** Registration token TTL in seconds. Default: 1 year. */
+    #tokenTtlSeconds;
+    /** Periodic cleanup timer for expired codes. */
+    #cleanupTimer;
+    constructor(secret, issuer, tokenTtlSeconds) {
+        this.#secret = secret;
+        this.#issuer = issuer;
+        this.#pendingCodes = new Map();
+        this.#tokenTtlSeconds = tokenTtlSeconds;
+        // Periodically purge expired codes so memory does not grow unbounded
+        // even when no new authorize requests arrive.
+        this.#cleanupTimer = setInterval(() => this.#cleanExpiredCodes(), CLEANUP_INTERVAL_MS);
+        // Allow the process to exit even if the timer is still running.
+        if (this.#cleanupTimer.unref) {
+            this.#cleanupTimer.unref();
+        }
+    }
+    /**
+     * Create an {@link OpenAuthHandler}.
+     *
+     * @param secret - HMAC shared secret (same as `DWN_PROVIDER_AUTH_JWT_SECRET`).
+     * @param issuer - JWT issuer claim (typically the DWN server's base URL).
+     * @param tokenTtlSeconds - Registration token lifetime in seconds. Default: 1 year.
+     */
+    static create(secret, issuer, tokenTtlSeconds = 365 * 24 * 60 * 60) {
+        return new OpenAuthHandler(new TextEncoder().encode(secret), issuer, tokenTtlSeconds);
+    }
+    /**
+     * Handle `GET /provider-auth/authorize`.
+     *
+     * In open-auth mode this immediately generates a code and redirects back
+     * to the `redirect_uri` with `code` and `state` query parameters.
+     * No user interaction is required.
+     */
+    handleAuthorize(url) {
+        const redirectUri = url.searchParams.get('redirect_uri');
+        const state = url.searchParams.get('state');
+        if (!redirectUri) {
+            return Response.json({ error: 'missing redirect_uri parameter' }, { status: 400 });
+        }
+        // Reject new codes when the map is at capacity to prevent memory exhaustion.
+        if (this.#pendingCodes.size >= MAX_PENDING_CODES) {
+            log.warn(`OpenAuthHandler: pending codes map is full (${MAX_PENDING_CODES}), rejecting authorize request`);
+            return Response.json({ error: 'server is busy, try again later' }, { status: 503 });
+        }
+        // Generate a random authorization code.
+        const code = crypto.randomUUID();
+        // Store the code with a 10-minute expiry.
+        this.#pendingCodes.set(code, {
+            redirectUri,
+            expiresAt: Date.now() + 10 * 60 * 1000,
+        });
+        // Periodically clean up expired codes (simple inline sweep).
+        this.#cleanExpiredCodes();
+        // Build redirect URL.
+        const redirect = new URL(redirectUri);
+        redirect.searchParams.set('code', code);
+        if (state) {
+            redirect.searchParams.set('state', state);
+        }
+        log.debug(`OpenAuthHandler: issued code ${code.slice(0, 8)}… for redirect to ${redirectUri}`);
+        return Response.json({
+            code,
+            state: state ?? undefined,
+            redirectUri: redirect.toString(),
+        });
+    }
+    /**
+     * Handle `POST /provider-auth/token`.
+     *
+     * Exchanges an authorization code for a JWT registration token.
+     * Request body: `{ code: string, redirectUri: string }`.
+     */
+    async handleToken(req) {
+        let body;
+        try {
+            body = await req.json();
+        }
+        catch {
+            return Response.json({ error: 'invalid JSON body' }, { status: 400 });
+        }
+        const { code, redirectUri } = body;
+        if (!code || !redirectUri) {
+            return Response.json({ error: 'missing code or redirectUri' }, { status: 400 });
+        }
+        // Validate the authorization code.
+        const pending = this.#pendingCodes.get(code);
+        if (!pending) {
+            return Response.json({ error: 'invalid or expired code' }, { status: 400 });
+        }
+        if (pending.redirectUri !== redirectUri) {
+            return Response.json({ error: 'redirect_uri mismatch' }, { status: 400 });
+        }
+        if (Date.now() > pending.expiresAt) {
+            this.#pendingCodes.delete(code);
+            return Response.json({ error: 'code expired' }, { status: 400 });
+        }
+        // Consume the code (one-time use).
+        this.#pendingCodes.delete(code);
+        // Generate an account ID for this session (open auth = anonymous accounts).
+        const accountId = crypto.randomUUID();
+        // Issue JWT registration token.
+        const registrationToken = await this.#signToken(accountId, this.#tokenTtlSeconds);
+        // Issue refresh token with longer TTL (2x).
+        const refreshToken = await this.#signToken(accountId, this.#tokenTtlSeconds * 2, 'refresh');
+        log.debug(`OpenAuthHandler: exchanged code for account ${accountId.slice(0, 8)}…`);
+        return Response.json({
+            registrationToken,
+            refreshToken,
+            expiresIn: this.#tokenTtlSeconds,
+            tokenType: 'bearer',
+        });
+    }
+    /**
+     * Handle `POST /provider-auth/refresh`.
+     *
+     * Exchanges a refresh token for a new registration token.
+     * Request body: `{ refreshToken: string }`.
+     */
+    async handleRefresh(req) {
+        let body;
+        try {
+            body = await req.json();
+        }
+        catch {
+            return Response.json({ error: 'invalid JSON body' }, { status: 400 });
+        }
+        if (!body.refreshToken) {
+            return Response.json({ error: 'missing refreshToken' }, { status: 400 });
+        }
+        // Verify the refresh token.
+        let payload;
+        try {
+            const result = await jose.jwtVerify(body.refreshToken, this.#secret, {
+                issuer: this.#issuer,
+            });
+            payload = result.payload;
+        }
+        catch (error) {
+            return Response.json({ error: `invalid refresh token: ${error.message}` }, { status: 400 });
+        }
+        if (payload.purpose !== 'refresh') {
+            return Response.json({ error: 'token is not a refresh token' }, { status: 400 });
+        }
+        const accountId = payload.sub ?? crypto.randomUUID();
+        // Issue new tokens.
+        const registrationToken = await this.#signToken(accountId, this.#tokenTtlSeconds);
+        const refreshToken = await this.#signToken(accountId, this.#tokenTtlSeconds * 2, 'refresh');
+        log.debug(`OpenAuthHandler: refreshed token for account ${accountId.slice(0, 8)}…`);
+        return Response.json({
+            registrationToken,
+            refreshToken,
+            expiresIn: this.#tokenTtlSeconds,
+            tokenType: 'bearer',
+        });
+    }
+    /** Sign a JWT with the shared secret. */
+    async #signToken(accountId, ttlSeconds, purpose = 'registration') {
+        return new jose.SignJWT({ purpose })
+            .setProtectedHeader({ alg: 'HS256' })
+            .setIssuer(this.#issuer)
+            .setAudience(this.#issuer)
+            .setSubject(accountId)
+            .setIssuedAt()
+            .setExpirationTime(`${ttlSeconds}s`)
+            .sign(this.#secret);
+    }
+    /** Stops the periodic cleanup timer and clears all pending codes. */
+    destroy() {
+        clearInterval(this.#cleanupTimer);
+        this.#pendingCodes.clear();
+    }
+    /** Remove expired authorization codes from the pending map. */
+    #cleanExpiredCodes() {
+        const now = Date.now();
+        for (const [code, data] of this.#pendingCodes) {
+            if (now > data.expiresAt) {
+                this.#pendingCodes.delete(code);
+            }
+        }
+    }
+}
+//# sourceMappingURL=open-auth-handler.js.map

package/dist/esm/src/registration/open-auth-handler.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"open-auth-handler.js","sourceRoot":"","sources":["../../../../src/registration/open-auth-handler.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,IAAI,MAAM,MAAM,CAAC;AAC7B,OAAO,GAAG,MAAM,UAAU,CAAC;AAE3B;;;;;;;;;;;;;;;;GAgBG;AACH;;;GAGG;AACH,MAAM,iBAAiB,GAAG,MAAM,CAAC;AAEjC,qEAAqE;AACrE,MAAM,mBAAmB,GAAG,MAAM,CAAC;AAEnC,MAAM,OAAO,eAAe;IAC1B,OAAO,CAAa;IACpB,OAAO,CAAS;IAChB,2EAA2E;IAC3E,aAAa,CAA0D;IACvE,0DAA0D;IAC1D,gBAAgB,CAAS;IACzB,gDAAgD;IAChD,aAAa,CAAiC;IAE9C,YAAoB,MAAkB,EAAE,MAAc,EAAE,eAAuB;QAC7E,IAAI,CAAC,OAAO,GAAG,MAAM,CAAC;QACtB,IAAI,CAAC,OAAO,GAAG,MAAM,CAAC;QACtB,IAAI,CAAC,aAAa,GAAG,IAAI,GAAG,EAAE,CAAC;QAC/B,IAAI,CAAC,gBAAgB,GAAG,eAAe,CAAC;QAExC,qEAAqE;QACrE,8CAA8C;QAC9C,IAAI,CAAC,aAAa,GAAG,WAAW,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,kBAAkB,EAAE,EAAE,mBAAmB,CAAC,CAAC;QACvF,gEAAgE;QAChE,IAAI,IAAI,CAAC,aAAa,CAAC,KAAK,EAAE,CAAC;YAC7B,IAAI,CAAC,aAAa,CAAC,KAAK,EAAE,CAAC;QAC7B,CAAC;IACH,CAAC;IAED;;;;;;OAMG;IACI,MAAM,CAAC,MAAM,CAAC,MAAc,EAAE,MAAc,EAAE,eAAe,GAAG,GAAG,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE;QACvF,OAAO,IAAI,eAAe,CACxB,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,EAChC,MAAM,EACN,eAAe,CAChB,CAAC;IACJ,CAAC;IAED;;;;;;OAMG;IACI,eAAe,CAAC,GAAQ;QAC7B,MAAM,WAAW,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;QACzD,MAAM,KAAK,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QAE5C,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,OAAO,QAAQ,CAAC,IAAI,CAClB,EAAE,KAAK,EAAE,gCAAgC,EAAE,EAC3C,EAAE,MAAM,EAAE,GAAG,EAAE,CAChB,CAAC;QACJ,CAAC;QAED,6EAA6E;QAC7E,IAAI,IAAI,CAAC,aAAa,CAAC,IAAI,IAAI,iBAAiB,EAAE,CAAC;YACjD,GAAG,CAAC,IAAI,CAAC,+CAA+C,iBAAiB,gCAAgC,CAAC,CAAC;YAC3G,OAAO,QAAQ,CAAC,IAAI,CAClB,EAAE,KAAK,EAAE,iCAAiC,EAAE,EAC5C,EAAE,MAAM,EAAE,GAAG,EAAE,CAChB,CAAC;QACJ,CAAC;QAED,wCAAwC;QACxC,MAAM,IAAI,GAAG,MAAM,CAAC,UAAU,EAAE,CAAC;QAEjC,0CAA0C;QAC1C,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,IAAI,EAAE;YAC3B,WAAW;YACX,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI;SACvC,CAAC,CAAC;QAEH,6DAA6D;QAC7D,IAAI,CAAC,kBAAkB,EAAE,CAAC;QAE1B,sBAAsB;QACtB,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC,WAAW,CAAC,CAAC;QACtC,QAAQ,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;QACxC,IAAI,KAAK,EAAE,CAAC;YACV,QAAQ,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;QAC5C,CAAC;QAED,GAAG,CAAC,KAAK,CAAC,gCAAgC,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,qBAAqB,WAAW,EAAE,CAAC,CAAC;QAE9F,OAAO,QAAQ,CAAC,IAAI,CAAC;YACnB,IAAI;YACJ,KAAK,EAAS,KAAK,IAAI,SAAS;YAChC,WAAW,EAAG,QAAQ,CAAC,QAAQ,EAAE;SAClC,CAAC,CAAC;IACL,CAAC;IAED;;;;;OAKG;IACI,KAAK,CAAC,WAAW,CAAC,GAAY;QACnC,IAAI,IAA6C,CAAC;QAClD,IAAI,CAAC;YACH,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,EAA6C,CAAC;QACrE,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,QAAQ,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,mBAAmB,EAAE,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC;QACxE,CAAC;QAED,MAAM,EAAE,IAAI,EAAE,WAAW,EAAE,GAAG,IAAI,CAAC;QACnC,IAAI,CAAC,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;YAC1B,OAAO,QAAQ,CAAC,IAAI,CAClB,EAAE,KAAK,EAAE,6BAA6B,EAAE,EACxC,EAAE,MAAM,EAAE,GAAG,EAAE,CAChB,CAAC;QACJ,CAAC;QAED,mCAAmC;QACnC,MAAM,OAAO,GAAG,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QAC7C,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,OAAO,QAAQ,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,yBAAyB,EAAE,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC;QAC9E,CAAC;QAED,IAAI,OAAO,CAAC,WAAW,KAAK,WAAW,EAAE,CAAC;YACxC,OAAO,QAAQ,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,uBAAuB,EAAE,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC;QAC5E,CAAC;QAED,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,OAAO,CAAC,SAAS,EAAE,CAAC;YACnC,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;YAChC,OAAO,QAAQ,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,cAAc,EAAE,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC;QACnE,CAAC;QAED,mCAAmC;QACnC,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QAEhC,4EAA4E;QAC5E,MAAM,SAAS,GAAG,MAAM,CAAC,UAAU,EAAE,CAAC;QAEtC,gCAAgC;QAChC,MAAM,iBAAiB,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,SAAS,EAAE,IAAI,CAAC,gBAAgB,CAAC,CAAC;QAElF,4CAA4C;QAC5C,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,SAAS,EAAE,IAAI,CAAC,gBAAgB,GAAG,CAAC,EAAE,SAAS,CAAC,CAAC;QAE5F,GAAG,CAAC,KAAK,CAAC,+CAA+C,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC;QAEnF,OAAO,QAAQ,CAAC,IAAI,CAAC;YACnB,iBAAiB;YACjB,YAAY;YACZ,SAAS,EAAG,IAAI,CAAC,gBAAgB;YACjC,SAAS,EAAG,QAAQ;SACrB,CAAC,CAAC;IACL,CAAC;IAED;;;;;OAKG;IACI,KAAK,CAAC,aAAa,CAAC,GAAY;QACrC,IAAI,IAA+B,CAAC;QACpC,IAAI,CAAC;YACH,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,EAA+B,CAAC;QACvD,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,QAAQ,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,mBAAmB,EAAE,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC;QACxE,CAAC;QAED,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,CAAC;YACvB,OAAO,QAAQ,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,sBAAsB,EAAE,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC;QAC3E,CAAC;QAED,4BAA4B;QAC5B,IAAI,OAAwB,CAAC;QAC7B,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,YAAY,EAAE,IAAI,CAAC,OAAO,EAAE;gBACnE,MAAM,EAAE,IAAI,CAAC,OAAO;aACrB,CAAC,CAAC;YACH,OAAO,GAAG,MAAM,CAAC,OAAO,CAAC;QAC3B,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,QAAQ,CAAC,IAAI,CAClB,EAAE,KAAK,EAAE,0BAA2B,KAAe,CAAC,OAAO,EAAE,EAAE,EAC/D,EAAE,MAAM,EAAE,GAAG,EAAE,CAChB,CAAC;QACJ,CAAC;QAED,IAAI,OAAO,CAAC,OAAO,KAAK,SAAS,EAAE,CAAC;YAClC,OAAO,QAAQ,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,8BAA8B,EAAE,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC;QACnF,CAAC;QAED,MAAM,SAAS,GAAG,OAAO,CAAC,GAAG,IAAI,MAAM,CAAC,UAAU,EAAE,CAAC;QAErD,oBAAoB;QACpB,MAAM,iBAAiB,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,SAAS,EAAE,IAAI,CAAC,gBAAgB,CAAC,CAAC;QAClF,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,SAAS,EAAE,IAAI,CAAC,gBAAgB,GAAG,CAAC,EAAE,SAAS,CAAC,CAAC;QAE5F,GAAG,CAAC,KAAK,CAAC,gDAAgD,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC;QAEpF,OAAO,QAAQ,CAAC,IAAI,CAAC;YACnB,iBAAiB;YACjB,YAAY;YACZ,SAAS,EAAG,IAAI,CAAC,gBAAgB;YACjC,SAAS,EAAG,QAAQ;SACrB,CAAC,CAAC;IACL,CAAC;IAED,yCAAyC;IACzC,KAAK,CAAC,UAAU,CAAC,SAAiB,EAAE,UAAkB,EAAE,OAAO,GAAG,cAAc;QAC9E,OAAO,IAAI,IAAI,CAAC,OAAO,CAAC,EAAE,OAAO,EAAE,CAAC;aACjC,kBAAkB,CAAC,EAAE,GAAG,EAAE,OAAO,EAAE,CAAC;aACpC,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC;aACvB,WAAW,CAAC,IAAI,CAAC,OAAO,CAAC;aACzB,UAAU,CAAC,SAAS,CAAC;aACrB,WAAW,EAAE;aACb,iBAAiB,CAAC,GAAG,UAAU,GAAG,CAAC;aACnC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IACxB,CAAC;IAED,qEAAqE;IAC9D,OAAO;QACZ,aAAa,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;QAClC,IAAI,CAAC,aAAa,CAAC,KAAK,EAAE,CAAC;IAC7B,CAAC;IAED,+DAA+D;IAC/D,kBAAkB;QAChB,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,KAAK,MAAM,CAAC,IAAI,EAAE,IAAI,CAAC,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC;YAC9C,IAAI,GAAG,GAAG,IAAI,CAAC,SAAS,EAAE,CAAC;gBACzB,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;YAClC,CAAC;QACH,CAAC;IACH,CAAC;CACF"}

package/dist/esm/src/registration/proof-of-work-manager.d.ts

@@ -1,4 +1,4 @@
-import type { ProofOfWorkChallengeModel } from "./proof-of-work-types.js";
+import type { ProofOfWorkChallengeModel } from '@enbox/dwn-clients';
 /**
  * Manages proof-of-work challenge difficulty and lifecycle based on solve rate.
  * Can have multiple instances each having their own desired solve rate and difficulty.

package/dist/esm/src/registration/proof-of-work-manager.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"proof-of-work-manager.d.ts","sourceRoot":"","sources":["../../../../src/registration/proof-of-work-manager.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,yBAAyB,EAAE,MAAM,0BAA0B,CAAC;AAG1E;;;GAGG;AACH,qBAAa,kBAAkB;IAE7B,gBAAuB,8BAA8B,sEAAsE;IAG3H,OAAO,CAAC,eAAe,CAIrB;IAIF,OAAO,CAAC,uBAAuB,CAAkC;IAGjE,OAAO,CAAC,aAAa,CAAC,CAAS;IAC/B,OAAO,CAAC,4BAA4B,CAAS;IAC7C,OAAO,CAAC,sCAAsC,CAAS;IACvD,OAAO,CAAC,sCAAsC,CAAS;IACvD,OAAO,CAAC,0BAA0B,CAAS;IAE3C;;OAEG;IACI,kCAAkC,EAAE,MAAM,CAAC;IAElD;;OAEG;IACI,wCAAwC,EAAE,MAAM,CAAC;IAExD;;OAEG;IACH,IAAW,8BAA8B,IAAI,MAAM,CAElD;IAED;;OAEG;IACH,IAAW,0BAA0B,IAAI,MAAM,CAE9C;IAED,OAAO;IAoBP;;;;;;;OAOG;WACiB,MAAM,CAAC,KAAK,EAAE;QAChC,0BAA0B,EAAE,MAAM,CAAC;QACnC,SAAS,EAAE,OAAO,CAAC;QACnB,8BAA8B,CAAC,EAAE,MAAM,CAAC;QACxC,4BAA4B,CAAC,EAAE,MAAM,CAAC;QACtC,aAAa,CAAC,EAAE,MAAM,CAAC;QACvB,kCAAkC,CAAC,EAAE,MAAM,CAAC;QAC5C,wCAAwC,CAAC,EAAE,MAAM,CAAA;KAClD,GAAG,OAAO,CAAC,kBAAkB,CAAC;IAwB/B;;OAEG;IACI,KAAK,IAAI,IAAI;IAKb,uBAAuB,IAAI,yBAAyB;IAO3D;;OAEG;IACU,iBAAiB,CAAC,WAAW,EAAE;QAC1C,cAAc,EAAE,MAAM,CAAC;QACvB,aAAa,EAAE,MAAM,CAAC;QACtB,WAAW,EAAE,MAAM,CAAC;KACrB,GAAG,OAAO,CAAC,IAAI,CAAC;IAkCjB;;;OAGG;IACU,iBAAiB,CAAC,aAAa,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAIpE,OAAO,CAAC,iCAAiC;IAUzC,OAAO,CAAC,wCAAwC;IAUhD,OAAO,CAAC,mCAAmC;IAS3C,OAAO,CAAC,qBAAqB;IAoB7B;;;;;;;OAOG;YACW,8BAA8B;IAyD5C;;OAEG;IACH,OAAO,CAAC,+BAA+B,CAAa;IAEpD;;OAEG;WACW,WAAW,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO;IAK/C;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,iBAAiB;CAQjC"}
+{"version":3,"file":"proof-of-work-manager.d.ts","sourceRoot":"","sources":["../../../../src/registration/proof-of-work-manager.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,yBAAyB,EAAE,MAAM,oBAAoB,CAAC;AAKpE;;;GAGG;AACH,qBAAa,kBAAkB;IAE7B,gBAAuB,8BAA8B,sEAAsE;IAG3H,OAAO,CAAC,eAAe,CAIrB;IAIF,OAAO,CAAC,uBAAuB,CAAkC;IAGjE,OAAO,CAAC,aAAa,CAAC,CAAS;IAC/B,OAAO,CAAC,4BAA4B,CAAS;IAC7C,OAAO,CAAC,sCAAsC,CAAS;IACvD,OAAO,CAAC,sCAAsC,CAAS;IACvD,OAAO,CAAC,0BAA0B,CAAS;IAE3C;;OAEG;IACI,kCAAkC,EAAE,MAAM,CAAC;IAElD;;OAEG;IACI,wCAAwC,EAAE,MAAM,CAAC;IAExD;;OAEG;IACH,IAAW,8BAA8B,IAAI,MAAM,CAElD;IAED;;OAEG;IACH,IAAW,0BAA0B,IAAI,MAAM,CAE9C;IAED,OAAO;IAoBP;;;;;;;OAOG;WACiB,MAAM,CAAC,KAAK,EAAE;QAChC,0BAA0B,EAAE,MAAM,CAAC;QACnC,SAAS,EAAE,OAAO,CAAC;QACnB,8BAA8B,CAAC,EAAE,MAAM,CAAC;QACxC,4BAA4B,CAAC,EAAE,MAAM,CAAC;QACtC,aAAa,CAAC,EAAE,MAAM,CAAC;QACvB,kCAAkC,CAAC,EAAE,MAAM,CAAC;QAC5C,wCAAwC,CAAC,EAAE,MAAM,CAAA;KAClD,GAAG,OAAO,CAAC,kBAAkB,CAAC;IAwB/B;;OAEG;IACI,KAAK,IAAI,IAAI;IAKb,uBAAuB,IAAI,yBAAyB;IAO3D;;OAEG;IACU,iBAAiB,CAAC,WAAW,EAAE;QAC1C,cAAc,EAAE,MAAM,CAAC;QACvB,aAAa,EAAE,MAAM,CAAC;QACtB,WAAW,EAAE,MAAM,CAAC;KACrB,GAAG,OAAO,CAAC,IAAI,CAAC;IAkCjB;;;OAGG;IACU,iBAAiB,CAAC,aAAa,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAIpE,OAAO,CAAC,iCAAiC;IAUzC,OAAO,CAAC,wCAAwC;IAUhD,OAAO,CAAC,mCAAmC;IAS3C,OAAO,CAAC,qBAAqB;IAoB7B;;;;;;;OAOG;YACW,8BAA8B;IAyD5C;;OAEG;IACH,OAAO,CAAC,+BAA+B,CAAa;IAEpD;;OAEG;WACW,WAAW,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO;IAK/C;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,iBAAiB;CAQjC"}

package/dist/esm/src/registration/proof-of-work-manager.js

@@ -1,5 +1,5 @@
-import { DwnServerError, DwnServerErrorCode } from "../dwn-error.js";
-import { ProofOfWork } from "./proof-of-work.js";
+import { ProofOfWork } from './proof-of-work.js';
+import { DwnServerError, DwnServerErrorCode } from '../dwn-error.js';
 /**
  * Manages proof-of-work challenge difficulty and lifecycle based on solve rate.
  * Can have multiple instances each having their own desired solve rate and difficulty.
@@ -10,7 +10,7 @@ export class ProofOfWorkManager {
     // Challenge nonces that can be used for proof-of-work.
     challengeNonces;
     // There is opportunity to improve implementation here.
-    // TODO: https://github.com/TBD54566975/dwn-server/issues/101
+    // TODO: https://github.com/enboxorg/enbox/issues/101
     proofOfWorkOfLastMinute = new Map(); // proofOfWorkId -> timestamp of proof-of-work
     // Seed to generate the challenge nonce from, this allows all DWN instances in a cluster to generate the same challenge.
     challengeSeed;

package/dist/esm/src/registration/proof-of-work-manager.js.map

@@ -1 +1 @@
-{"version":3,"file":"proof-of-work-manager.js","sourceRoot":"","sources":["../../../../src/registration/proof-of-work-manager.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,kBAAkB,EAAE,MAAM,iBAAiB,CAAC;AAErE,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AAEjD;;;GAGG;AACH,MAAM,OAAO,kBAAkB;IAC7B,6DAA6D;IACtD,MAAM,CAAU,8BAA8B,GAAG,kEAAkE,CAAC;IAE3H,uDAAuD;IAC/C,eAAe,CAIrB;IAEF,uDAAuD;IACvD,6DAA6D;IACrD,uBAAuB,GAAwB,IAAI,GAAG,EAAE,CAAC,CAAC,8CAA8C;IAEhH,wHAAwH;IAChH,aAAa,CAAU;IACvB,4BAA4B,CAAS;IACrC,sCAAsC,CAAS;IAC/C,sCAAsC,CAAS;IAC/C,0BAA0B,CAAS;IAE3C;;OAEG;IACI,kCAAkC,CAAS;IAElD;;OAEG;IACI,wCAAwC,CAAS;IAExD;;OAEG;IACH,IAAW,8BAA8B;QACvC,OAAO,IAAI,CAAC,sCAAsC,CAAC;IACrD,CAAC;IAED;;OAEG;IACH,IAAW,0BAA0B;QACnC,OAAO,IAAI,CAAC,uBAAuB,CAAC,IAAI,CAAC;IAC3C,CAAC;IAED,YAAqB,KAOpB;QACC,MAAM,EAAE,0BAA0B,EAAE,8BAA8B,EAAE,GAAG,KAAK,CAAC;QAE7E,IAAI,CAAC,aAAa,GAAG,KAAK,CAAC,aAAa,CAAC;QACzC,IAAI,CAAC,eAAe,GAAG,EAAE,qBAAqB,EAAE,WAAW,CAAC,aAAa,EAAE,EAAE,CAAC;QAC9E,IAAI,CAAC,sCAAsC,GAAG,MAAM,CAAC,KAAK,8BAA8B,EAAE,CAAC,CAAC;QAC5F,IAAI,CAAC,sCAAsC,GAAG,MAAM,CAAC,KAAK,8BAA8B,EAAE,CAAC,CAAC;QAC5F,IAAI,CAAC,0BAA0B,GAAG,0BAA0B,CAAC;QAC7D,IAAI,CAAC,4BAA4B,GAAG,KAAK,CAAC,4BAA4B,CAAC;QACvE,IAAI,CAAC,kCAAkC,GAAG,KAAK,CAAC,kCAAkC,CAAC;QACnF,IAAI,CAAC,wCAAwC,GAAG,KAAK,CAAC,wCAAwC,CAAC;IACjG,CAAC;IAED;;;;;;;OAOG;IACI,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,KAQ1B;QACC,MAAM,EAAE,0BAA0B,EAAE,GAAG,KAAK,CAAC;QAE7C,MAAM,8BAA8B,GAAG,KAAK,CAAC,8BAA8B,IAAI,kBAAkB,CAAC,8BAA8B,CAAC;QACjI,MAAM,4BAA4B,GAAG,KAAK,CAAC,4BAA4B,IAAI,CAAC,CAAC,CAAC,aAAa;QAC3F,MAAM,kCAAkC,GAAG,KAAK,CAAC,kCAAkC,IAAI,EAAE,GAAG,EAAE,CAAC,CAAC,qBAAqB;QACrH,MAAM,wCAAwC,GAAG,KAAK,CAAC,wCAAwC,IAAI,EAAE,CAAC,CAAC,qBAAqB;QAE5H,MAAM,kBAAkB,GAAG,IAAI,kBAAkB,CAAC;YAChD,0BAA0B;YAC1B,8BAA8B;YAC9B,4BAA4B;YAC5B,aAAa,EAAE,KAAK,CAAC,aAAa;YAClC,kCAAkC;YAClC,wCAAwC;SACzC,CAAC,CAAC;QAEH,IAAI,KAAK,CAAC,SAAS,EAAE,CAAC;YACpB,kBAAkB,CAAC,KAAK,EAAE,CAAC;QAC7B,CAAC;QAED,OAAO,kBAAkB,CAAC;IAC5B,CAAC;IAED;;OAEG;IACI,KAAK;QACV,IAAI,CAAC,iCAAiC,EAAE,CAAC;QACzC,IAAI,CAAC,wCAAwC,EAAE,CAAC;IAClD,CAAC;IAEM,uBAAuB;QAC5B,OAAO;YACL,cAAc,EAAE,IAAI,CAAC,eAAe,CAAC,qBAAqB;YAC1D,uBAAuB,EAAE,kBAAkB,CAAC,iBAAiB,CAAC,IAAI,CAAC,8BAA8B,CAAC;SACnG,CAAC;IACJ,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,iBAAiB,CAAC,WAI9B;QACC,MAAM,EAAE,cAAc,EAAE,aAAa,EAAE,WAAW,EAAE,GAAG,WAAW,CAAC;QAEnE,IAAI,IAAI,CAAC,uBAAuB,CAAC,GAAG,CAAC,aAAa,CAAC,EAAE,CAAC;YACpD,MAAM,IAAI,cAAc,CACtB,kBAAkB,CAAC,qCAAqC,EACxD,yCAAyC,aAAa,GAAG,CAC1D,CAAC;QACJ,CAAC;QAED,yEAAyE;QACzE,IAAI,CAAC,kBAAkB,CAAC,WAAW,CAAC,aAAa,CAAC,IAAI,aAAa,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;YAClF,MAAM,IAAI,cAAc,CACtB,kBAAkB,CAAC,4CAA4C,EAC/D,iEAAiE,aAAa,GAAG,CAClF,CAAC;QACJ,CAAC;QAED,mCAAmC;QACnC,MAAM,EAAE,sBAAsB,EAAE,qBAAqB,EAAE,kBAAkB,EAAE,GAAG,IAAI,CAAC,eAAe,CAAC;QACnG,MAAM,yBAAyB,GAAG,CAAC,sBAAsB,EAAE,qBAAqB,EAAE,kBAAkB,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,KAAK,KAAK,SAAS,IAAI,KAAK,KAAK,EAAE,CAAC,CAAC;QAC3J,IAAI,CAAC,yBAAyB,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE,CAAC;YACxD,MAAM,IAAI,cAAc,CACtB,kBAAkB,CAAC,uCAAuC,EAC1D,uCAAuC,cAAc,GAAG,CACzD,CAAC;QACJ,CAAC;QAED,MAAM,uBAAuB,GAAG,IAAI,CAAC,8BAA8B,CAAC;QACpE,WAAW,CAAC,mBAAmB,CAAC,EAAE,cAAc,EAAE,aAAa,EAAE,WAAW,EAAE,uBAAuB,EAAE,CAAC,CAAC;QAEzG,IAAI,CAAC,iBAAiB,CAAC,aAAa,CAAC,CAAC;IACxC,CAAC;IAED;;;OAGG;IACI,KAAK,CAAC,iBAAiB,CAAC,aAAqB;QAClD,IAAI,CAAC,uBAAuB,CAAC,GAAG,CAAC,aAAa,EAAE,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;IAC9D,CAAC;IAEO,iCAAiC;QACvC,IAAI,CAAC;YACH,IAAI,CAAC,qBAAqB,EAAE,CAAC;QAC/B,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,KAAK,CAAC,uDAAuD,KAAK,EAAE,CAAC,CAAC;QAChF,CAAC;gBAAS,CAAC;YACT,UAAU,CAAC,KAAK,IAAI,EAAE,CAAC,IAAI,CAAC,iCAAiC,EAAE,EAAE,IAAI,CAAC,kCAAkC,GAAG,IAAI,CAAC,CAAC;QACnH,CAAC;IACH,CAAC;IAEO,wCAAwC;QAC9C,IAAI,CAAC;YACH,IAAI,CAAC,8BAA8B,EAAE,CAAC;QACxC,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,KAAK,CAAC,8DAA8D,KAAK,EAAE,CAAC,CAAC;QACvF,CAAC;gBAAS,CAAC;YACT,UAAU,CAAC,KAAK,IAAI,EAAE,CAAC,IAAI,CAAC,wCAAwC,EAAE,EAAE,IAAI,CAAC,wCAAwC,GAAG,IAAI,CAAC,CAAC;QAChI,CAAC;IACH,CAAC;IAEO,mCAAmC;QACzC,MAAM,YAAY,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;QAC5C,KAAK,MAAM,aAAa,IAAI,IAAI,CAAC,uBAAuB,CAAC,IAAI,EAAE,EAAE,CAAC;YAChE,IAAI,IAAI,CAAC,uBAAuB,CAAC,GAAG,CAAC,aAAa,CAAC,GAAG,YAAY,EAAE,CAAC;gBACnE,IAAI,CAAC,uBAAuB,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC;YACrD,CAAC;QACH,CAAC;IACH,CAAC;IAEO,qBAAqB;QAC3B,4FAA4F;QAC5F,IAAI,IAAI,CAAC,aAAa,KAAK,SAAS,EAAE,CAAC;YACrC,MAAM,wBAAwB,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,IAAI,CAAC,kCAAkC,GAAG,IAAI,CAAC,CAAC,CAAC;YAC3G,MAAM,yBAAyB,GAAG,wBAAwB,GAAG,CAAC,CAAC;YAC/D,MAAM,qBAAqB,GAAG,wBAAwB,GAAG,CAAC,CAAC;YAE3D,MAAM,sBAAsB,GAAG,WAAW,CAAC,eAAe,CAAC,CAAC,IAAI,CAAC,aAAa,EAAE,yBAAyB,CAAC,QAAQ,EAAE,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC;YAC3I,MAAM,qBAAqB,GAAG,WAAW,CAAC,eAAe,CAAC,CAAC,IAAI,CAAC,aAAa,EAAE,wBAAwB,CAAC,QAAQ,EAAE,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC;YACzI,MAAM,kBAAkB,GAAG,WAAW,CAAC,eAAe,CAAC,CAAC,IAAI,CAAC,aAAa,EAAE,qBAAqB,CAAC,QAAQ,EAAE,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC;YAEnI,IAAI,CAAC,eAAe,GAAG,EAAE,sBAAsB,EAAE,qBAAqB,EAAE,kBAAkB,EAAE,CAAC;QAC/F,CAAC;aAAM,CAAC;YACN,MAAM,iBAAiB,GAAG,WAAW,CAAC,aAAa,EAAE,CAAC;YAEtD,IAAI,CAAC,eAAe,CAAC,sBAAsB,GAAG,IAAI,CAAC,eAAe,CAAC,qBAAqB,CAAC;YACzF,IAAI,CAAC,eAAe,CAAC,qBAAqB,GAAG,iBAAiB,CAAC;QACjE,CAAC;IACH,CAAC;IAED;;;;;;;OAOG;IACK,KAAK,CAAC,8BAA8B;QAC1C,qDAAqD;QACrD,IAAI,CAAC,mCAAmC,EAAE,CAAC;QAE3C,MAAM,yBAAyB,GAAG,IAAI,CAAC,uBAAuB,CAAC,IAAI,CAAC;QAEpE,wHAAwH;QACxH,MAAM,WAAW,GAAG,SAAS,CAAC;QAC9B,MAAM,8BAA8B,GAAG,KAAK,GAAG,CAAC,IAAI,CAAC,wCAAwC,GAAG,IAAI,CAAC,CAAC,CAAC,sBAAsB;QAE7H,4EAA4E;QAC5E,kFAAkF;QAClF,IAAI,yBAAyB,GAAG,IAAI,CAAC,0BAA0B,EAAE,CAAC;YAChE,4GAA4G;YAE5G,MAAM,4CAA4C,GAAG,yBAAyB,GAAG,IAAI,CAAC,0BAA0B,CAAC;YACjH,MAAM,6DAA6D,GAC/D,CAAC,IAAI,CAAC,sCAAsC,GAAG,MAAM,CAAC,WAAW,CAAC,CAAC;gBACnE,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,4CAA4C,GAAG,IAAI,CAAC,4BAA4B,GAAG,WAAW,CAAC,CAAC,CAAC,CAAC;YAEzH,MAAM,2DAA2D,GAC7D,CAAC,IAAI,CAAC,sCAAsC,GAAG,6DAA6D,CAAC;gBAC7G,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,4BAA4B,GAAG,WAAW,CAAC,CAAC,GAAG,MAAM,CAAC,WAAW,CAAC,CAAC,CAAC;YAEhG,uIAAuI;YACvI,MAAM,uBAAuB,GAAG,2DAA2D,GAAG,MAAM,CAAC,8BAA8B,CAAC,CAAC;YAErI,IAAI,CAAC,sCAAsC,IAAI,uBAAuB,CAAC;YAEvE,mHAAmH;YACnH,IAAI,CAAC,+BAA+B,GAAG,SAAS,CAAC;QACnD,CAAC;aAAM,CAAC;YACN,0GAA0G;YAE1G,IAAI,IAAI,CAAC,sCAAsC,KAAK,IAAI,CAAC,sCAAsC,EAAE,CAAC;gBAChG,wEAAwE;gBACxE,OAAO;YACT,CAAC;YAED,IAAI,IAAI,CAAC,+BAA+B,KAAK,SAAS,EAAE,CAAC;gBACvD,MAAM,gCAAgC,GAAG,EAAE,CAAC;gBAC5C,MAAM,4CAA4C,GAC9C,IAAI,CAAC,sCAAsC,GAAG,IAAI,CAAC,sCAAsC,CAAC;gBAC9F,IAAI,CAAC,+BAA+B;sBAChC,4CAA4C,GAAG,MAAM,CAAC,gCAAgC,GAAG,8BAA8B,CAAC,CAAC;YAC/H,CAAC;YAED,mGAAmG;YACnG,MAAM,kCAAkC,GAAG,IAAI,CAAC,sCAAsC,GAAG,IAAI,CAAC,+BAA+B,CAAC;YAC9H,IAAI,kCAAkC,IAAI,IAAI,CAAC,sCAAsC,EAAE,CAAC;gBACtF,IAAI,CAAC,sCAAsC,GAAG,IAAI,CAAC,sCAAsC,CAAC;YAC5F,CAAC;iBAAM,CAAC;gBACN,IAAI,CAAC,sCAAsC,GAAG,kCAAkC,CAAC;YACnF,CAAC;QACH,CAAC;IACH,CAAC;IAED;;OAEG;IACK,+BAA+B,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;IAEpD;;OAEG;IACI,MAAM,CAAC,WAAW,CAAC,GAAW;QACnC,MAAM,MAAM,GAAG,gBAAgB,CAAC;QAChC,OAAO,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAC1B,CAAC;IAED;;OAEG;IACK,MAAM,CAAC,iBAAiB,CAAE,GAAW;QAC3C,IAAI,GAAG,GAAG,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,WAAW,EAAE,CAAC;QACzC,MAAM,YAAY,GAAG,GAAG,CAAC,MAAM,CAAC;QAChC,KAAK,IAAI,GAAG,GAAG,YAAY,EAAE,GAAG,GAAG,EAAE,EAAE,GAAG,EAAE,EAAE,CAAC;YAC7C,GAAG,GAAG,GAAG,GAAG,GAAG,CAAC;QAClB,CAAC;QACD,OAAO,GAAG,CAAC;IACb,CAAC"}
+{"version":3,"file":"proof-of-work-manager.js","sourceRoot":"","sources":["../../../../src/registration/proof-of-work-manager.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,EAAE,cAAc,EAAE,kBAAkB,EAAE,MAAM,iBAAiB,CAAC;AAErE;;;GAGG;AACH,MAAM,OAAO,kBAAkB;IAC7B,6DAA6D;IACtD,MAAM,CAAU,8BAA8B,GAAG,kEAAkE,CAAC;IAE3H,uDAAuD;IAC/C,eAAe,CAIrB;IAEF,uDAAuD;IACvD,qDAAqD;IAC7C,uBAAuB,GAAwB,IAAI,GAAG,EAAE,CAAC,CAAC,8CAA8C;IAEhH,wHAAwH;IAChH,aAAa,CAAU;IACvB,4BAA4B,CAAS;IACrC,sCAAsC,CAAS;IAC/C,sCAAsC,CAAS;IAC/C,0BAA0B,CAAS;IAE3C;;OAEG;IACI,kCAAkC,CAAS;IAElD;;OAEG;IACI,wCAAwC,CAAS;IAExD;;OAEG;IACH,IAAW,8BAA8B;QACvC,OAAO,IAAI,CAAC,sCAAsC,CAAC;IACrD,CAAC;IAED;;OAEG;IACH,IAAW,0BAA0B;QACnC,OAAO,IAAI,CAAC,uBAAuB,CAAC,IAAI,CAAC;IAC3C,CAAC;IAED,YAAqB,KAOpB;QACC,MAAM,EAAE,0BAA0B,EAAE,8BAA8B,EAAE,GAAG,KAAK,CAAC;QAE7E,IAAI,CAAC,aAAa,GAAG,KAAK,CAAC,aAAa,CAAC;QACzC,IAAI,CAAC,eAAe,GAAG,EAAE,qBAAqB,EAAE,WAAW,CAAC,aAAa,EAAE,EAAE,CAAC;QAC9E,IAAI,CAAC,sCAAsC,GAAG,MAAM,CAAC,KAAK,8BAA8B,EAAE,CAAC,CAAC;QAC5F,IAAI,CAAC,sCAAsC,GAAG,MAAM,CAAC,KAAK,8BAA8B,EAAE,CAAC,CAAC;QAC5F,IAAI,CAAC,0BAA0B,GAAG,0BAA0B,CAAC;QAC7D,IAAI,CAAC,4BAA4B,GAAG,KAAK,CAAC,4BAA4B,CAAC;QACvE,IAAI,CAAC,kCAAkC,GAAG,KAAK,CAAC,kCAAkC,CAAC;QACnF,IAAI,CAAC,wCAAwC,GAAG,KAAK,CAAC,wCAAwC,CAAC;IACjG,CAAC;IAED;;;;;;;OAOG;IACI,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,KAQ1B;QACC,MAAM,EAAE,0BAA0B,EAAE,GAAG,KAAK,CAAC;QAE7C,MAAM,8BAA8B,GAAG,KAAK,CAAC,8BAA8B,IAAI,kBAAkB,CAAC,8BAA8B,CAAC;QACjI,MAAM,4BAA4B,GAAG,KAAK,CAAC,4BAA4B,IAAI,CAAC,CAAC,CAAC,aAAa;QAC3F,MAAM,kCAAkC,GAAG,KAAK,CAAC,kCAAkC,IAAI,EAAE,GAAG,EAAE,CAAC,CAAC,qBAAqB;QACrH,MAAM,wCAAwC,GAAG,KAAK,CAAC,wCAAwC,IAAI,EAAE,CAAC,CAAC,qBAAqB;QAE5H,MAAM,kBAAkB,GAAG,IAAI,kBAAkB,CAAC;YAChD,0BAA0B;YAC1B,8BAA8B;YAC9B,4BAA4B;YAC5B,aAAa,EAAE,KAAK,CAAC,aAAa;YAClC,kCAAkC;YAClC,wCAAwC;SACzC,CAAC,CAAC;QAEH,IAAI,KAAK,CAAC,SAAS,EAAE,CAAC;YACpB,kBAAkB,CAAC,KAAK,EAAE,CAAC;QAC7B,CAAC;QAED,OAAO,kBAAkB,CAAC;IAC5B,CAAC;IAED;;OAEG;IACI,KAAK;QACV,IAAI,CAAC,iCAAiC,EAAE,CAAC;QACzC,IAAI,CAAC,wCAAwC,EAAE,CAAC;IAClD,CAAC;IAEM,uBAAuB;QAC5B,OAAO;YACL,cAAc,EAAY,IAAI,CAAC,eAAe,CAAC,qBAAqB;YACpE,uBAAuB,EAAG,kBAAkB,CAAC,iBAAiB,CAAC,IAAI,CAAC,8BAA8B,CAAC;SACpG,CAAC;IACJ,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,iBAAiB,CAAC,WAI9B;QACC,MAAM,EAAE,cAAc,EAAE,aAAa,EAAE,WAAW,EAAE,GAAG,WAAW,CAAC;QAEnE,IAAI,IAAI,CAAC,uBAAuB,CAAC,GAAG,CAAC,aAAa,CAAC,EAAE,CAAC;YACpD,MAAM,IAAI,cAAc,CACtB,kBAAkB,CAAC,qCAAqC,EACxD,yCAAyC,aAAa,GAAG,CAC1D,CAAC;QACJ,CAAC;QAED,yEAAyE;QACzE,IAAI,CAAC,kBAAkB,CAAC,WAAW,CAAC,aAAa,CAAC,IAAI,aAAa,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;YAClF,MAAM,IAAI,cAAc,CACtB,kBAAkB,CAAC,4CAA4C,EAC/D,iEAAiE,aAAa,GAAG,CAClF,CAAC;QACJ,CAAC;QAED,mCAAmC;QACnC,MAAM,EAAE,sBAAsB,EAAE,qBAAqB,EAAE,kBAAkB,EAAE,GAAG,IAAI,CAAC,eAAe,CAAC;QACnG,MAAM,yBAAyB,GAAG,CAAC,sBAAsB,EAAE,qBAAqB,EAAE,kBAAkB,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,KAAK,KAAK,SAAS,IAAI,KAAK,KAAK,EAAE,CAAC,CAAC;QAC3J,IAAI,CAAC,yBAAyB,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE,CAAC;YACxD,MAAM,IAAI,cAAc,CACtB,kBAAkB,CAAC,uCAAuC,EAC1D,uCAAuC,cAAc,GAAG,CACzD,CAAC;QACJ,CAAC;QAED,MAAM,uBAAuB,GAAG,IAAI,CAAC,8BAA8B,CAAC;QACpE,WAAW,CAAC,mBAAmB,CAAC,EAAE,cAAc,EAAE,aAAa,EAAE,WAAW,EAAE,uBAAuB,EAAE,CAAC,CAAC;QAEzG,IAAI,CAAC,iBAAiB,CAAC,aAAa,CAAC,CAAC;IACxC,CAAC;IAED;;;OAGG;IACI,KAAK,CAAC,iBAAiB,CAAC,aAAqB;QAClD,IAAI,CAAC,uBAAuB,CAAC,GAAG,CAAC,aAAa,EAAE,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;IAC9D,CAAC;IAEO,iCAAiC;QACvC,IAAI,CAAC;YACH,IAAI,CAAC,qBAAqB,EAAE,CAAC;QAC/B,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,KAAK,CAAC,uDAAuD,KAAK,EAAE,CAAC,CAAC;QAChF,CAAC;gBAAS,CAAC;YACT,UAAU,CAAC,KAAK,IAAI,EAAE,CAAC,IAAI,CAAC,iCAAiC,EAAE,EAAE,IAAI,CAAC,kCAAkC,GAAG,IAAI,CAAC,CAAC;QACnH,CAAC;IACH,CAAC;IAEO,wCAAwC;QAC9C,IAAI,CAAC;YACH,IAAI,CAAC,8BAA8B,EAAE,CAAC;QACxC,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,KAAK,CAAC,8DAA8D,KAAK,EAAE,CAAC,CAAC;QACvF,CAAC;gBAAS,CAAC;YACT,UAAU,CAAC,KAAK,IAAI,EAAE,CAAC,IAAI,CAAC,wCAAwC,EAAE,EAAE,IAAI,CAAC,wCAAwC,GAAG,IAAI,CAAC,CAAC;QAChI,CAAC;IACH,CAAC;IAEO,mCAAmC;QACzC,MAAM,YAAY,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;QAC5C,KAAK,MAAM,aAAa,IAAI,IAAI,CAAC,uBAAuB,CAAC,IAAI,EAAE,EAAE,CAAC;YAChE,IAAI,IAAI,CAAC,uBAAuB,CAAC,GAAG,CAAC,aAAa,CAAC,GAAG,YAAY,EAAE,CAAC;gBACnE,IAAI,CAAC,uBAAuB,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC;YACrD,CAAC;QACH,CAAC;IACH,CAAC;IAEO,qBAAqB;QAC3B,4FAA4F;QAC5F,IAAI,IAAI,CAAC,aAAa,KAAK,SAAS,EAAE,CAAC;YACrC,MAAM,wBAAwB,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,IAAI,CAAC,kCAAkC,GAAG,IAAI,CAAC,CAAC,CAAC;YAC3G,MAAM,yBAAyB,GAAG,wBAAwB,GAAG,CAAC,CAAC;YAC/D,MAAM,qBAAqB,GAAG,wBAAwB,GAAG,CAAC,CAAC;YAE3D,MAAM,sBAAsB,GAAG,WAAW,CAAC,eAAe,CAAC,CAAC,IAAI,CAAC,aAAa,EAAE,yBAAyB,CAAC,QAAQ,EAAE,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC;YAC3I,MAAM,qBAAqB,GAAG,WAAW,CAAC,eAAe,CAAC,CAAC,IAAI,CAAC,aAAa,EAAE,wBAAwB,CAAC,QAAQ,EAAE,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC;YACzI,MAAM,kBAAkB,GAAG,WAAW,CAAC,eAAe,CAAC,CAAC,IAAI,CAAC,aAAa,EAAE,qBAAqB,CAAC,QAAQ,EAAE,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC;YAEnI,IAAI,CAAC,eAAe,GAAG,EAAE,sBAAsB,EAAE,qBAAqB,EAAE,kBAAkB,EAAE,CAAC;QAC/F,CAAC;aAAM,CAAC;YACN,MAAM,iBAAiB,GAAG,WAAW,CAAC,aAAa,EAAE,CAAC;YAEtD,IAAI,CAAC,eAAe,CAAC,sBAAsB,GAAG,IAAI,CAAC,eAAe,CAAC,qBAAqB,CAAC;YACzF,IAAI,CAAC,eAAe,CAAC,qBAAqB,GAAG,iBAAiB,CAAC;QACjE,CAAC;IACH,CAAC;IAED;;;;;;;OAOG;IACK,KAAK,CAAC,8BAA8B;QAC1C,qDAAqD;QACrD,IAAI,CAAC,mCAAmC,EAAE,CAAC;QAE3C,MAAM,yBAAyB,GAAG,IAAI,CAAC,uBAAuB,CAAC,IAAI,CAAC;QAEpE,wHAAwH;QACxH,MAAM,WAAW,GAAG,SAAS,CAAC;QAC9B,MAAM,8BAA8B,GAAG,KAAK,GAAG,CAAC,IAAI,CAAC,wCAAwC,GAAG,IAAI,CAAC,CAAC,CAAC,sBAAsB;QAE7H,4EAA4E;QAC5E,kFAAkF;QAClF,IAAI,yBAAyB,GAAG,IAAI,CAAC,0BAA0B,EAAE,CAAC;YAChE,4GAA4G;YAE5G,MAAM,4CAA4C,GAAG,yBAAyB,GAAG,IAAI,CAAC,0BAA0B,CAAC;YACjH,MAAM,6DAA6D,GAC/D,CAAC,IAAI,CAAC,sCAAsC,GAAG,MAAM,CAAC,WAAW,CAAC,CAAC;gBACnE,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,4CAA4C,GAAG,IAAI,CAAC,4BAA4B,GAAG,WAAW,CAAC,CAAC,CAAC,CAAC;YAEzH,MAAM,2DAA2D,GAC7D,CAAC,IAAI,CAAC,sCAAsC,GAAG,6DAA6D,CAAC;gBAC7G,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,4BAA4B,GAAG,WAAW,CAAC,CAAC,GAAG,MAAM,CAAC,WAAW,CAAC,CAAC,CAAC;YAEhG,uIAAuI;YACvI,MAAM,uBAAuB,GAAG,2DAA2D,GAAG,MAAM,CAAC,8BAA8B,CAAC,CAAC;YAErI,IAAI,CAAC,sCAAsC,IAAI,uBAAuB,CAAC;YAEvE,mHAAmH;YACnH,IAAI,CAAC,+BAA+B,GAAG,SAAS,CAAC;QACnD,CAAC;aAAM,CAAC;YACN,0GAA0G;YAE1G,IAAI,IAAI,CAAC,sCAAsC,KAAK,IAAI,CAAC,sCAAsC,EAAE,CAAC;gBAChG,wEAAwE;gBACxE,OAAO;YACT,CAAC;YAED,IAAI,IAAI,CAAC,+BAA+B,KAAK,SAAS,EAAE,CAAC;gBACvD,MAAM,gCAAgC,GAAG,EAAE,CAAC;gBAC5C,MAAM,4CAA4C,GAC9C,IAAI,CAAC,sCAAsC,GAAG,IAAI,CAAC,sCAAsC,CAAC;gBAC9F,IAAI,CAAC,+BAA+B;sBAChC,4CAA4C,GAAG,MAAM,CAAC,gCAAgC,GAAG,8BAA8B,CAAC,CAAC;YAC/H,CAAC;YAED,mGAAmG;YACnG,MAAM,kCAAkC,GAAG,IAAI,CAAC,sCAAsC,GAAG,IAAI,CAAC,+BAA+B,CAAC;YAC9H,IAAI,kCAAkC,IAAI,IAAI,CAAC,sCAAsC,EAAE,CAAC;gBACtF,IAAI,CAAC,sCAAsC,GAAG,IAAI,CAAC,sCAAsC,CAAC;YAC5F,CAAC;iBAAM,CAAC;gBACN,IAAI,CAAC,sCAAsC,GAAG,kCAAkC,CAAC;YACnF,CAAC;QACH,CAAC;IACH,CAAC;IAED;;OAEG;IACK,+BAA+B,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;IAEpD;;OAEG;IACI,MAAM,CAAC,WAAW,CAAC,GAAW;QACnC,MAAM,MAAM,GAAG,gBAAgB,CAAC;QAChC,OAAO,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAC1B,CAAC;IAED;;OAEG;IACK,MAAM,CAAC,iBAAiB,CAAE,GAAW;QAC3C,IAAI,GAAG,GAAG,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,WAAW,EAAE,CAAC;QACzC,MAAM,YAAY,GAAG,GAAG,CAAC,MAAM,CAAC;QAChC,KAAK,IAAI,GAAG,GAAG,YAAY,EAAE,GAAG,GAAG,EAAE,EAAE,GAAG,EAAE,EAAE,CAAC;YAC7C,GAAG,GAAG,GAAG,GAAG,GAAG,CAAC;QAClB,CAAC;QACD,OAAO,GAAG,CAAC;IACb,CAAC"}