@entros/pulse-sdk 1.4.1 → 1.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. package/dist/index.d.mts +12 -0
  2. package/dist/index.d.ts +12 -0
  3. package/dist/index.js +2306 -57
  4. package/dist/index.js.map +1 -1
  5. package/dist/index.mjs +2306 -57
  6. package/dist/index.mjs.map +1 -1
  7. package/package.json +1 -1
package/dist/index.js CHANGED
@@ -1364,6 +1364,2255 @@ async function generateSolanaProof(current, previous, wasmPath, zkeyPath, thresh
1364
1364
  return serializeProof(proof, publicSignals);
1365
1365
  }
1366
1366
 
1367
+ // src/protocol/idl/entros_anchor.json
1368
+ var entros_anchor_default = {
1369
+ address: "GZYwTp2ozeuRA5Gof9vs4ya961aANcJBdUzB7LN6q4b2",
1370
+ metadata: {
1371
+ name: "entros_anchor",
1372
+ version: "0.1.0",
1373
+ spec: "0.1.0",
1374
+ description: "Non-transferable identity token for Entros Protocol"
1375
+ },
1376
+ docs: [
1377
+ "Mint account space for Token-2022 with NonTransferable extension.",
1378
+ "Base mint = 82 bytes, account type = 1 byte, extension type (2) + length (2) = 4 bytes,",
1379
+ "NonTransferable data = 0 bytes. Plus multisig padding from Token-2022.",
1380
+ "We use a constant derived from the Token-2022 spec."
1381
+ ],
1382
+ instructions: [
1383
+ {
1384
+ name: "authorize_new_wallet",
1385
+ docs: [
1386
+ "Authorize a new wallet by 2 signers. This can be done many times before invoking migrate_identity()"
1387
+ ],
1388
+ discriminator: [
1389
+ 178,
1390
+ 186,
1391
+ 185,
1392
+ 108,
1393
+ 51,
1394
+ 219,
1395
+ 107,
1396
+ 197
1397
+ ],
1398
+ accounts: [
1399
+ {
1400
+ name: "signer",
1401
+ writable: true,
1402
+ signer: true
1403
+ },
1404
+ {
1405
+ name: "identity_state",
1406
+ writable: true,
1407
+ pda: {
1408
+ seeds: [
1409
+ {
1410
+ kind: "const",
1411
+ value: [
1412
+ 105,
1413
+ 100,
1414
+ 101,
1415
+ 110,
1416
+ 116,
1417
+ 105,
1418
+ 116,
1419
+ 121
1420
+ ]
1421
+ },
1422
+ {
1423
+ kind: "account",
1424
+ path: "signer"
1425
+ }
1426
+ ]
1427
+ }
1428
+ },
1429
+ {
1430
+ name: "signer_new",
1431
+ writable: true,
1432
+ signer: true
1433
+ },
1434
+ {
1435
+ name: "token_program"
1436
+ },
1437
+ {
1438
+ name: "mint",
1439
+ writable: true,
1440
+ pda: {
1441
+ seeds: [
1442
+ {
1443
+ kind: "const",
1444
+ value: [
1445
+ 109,
1446
+ 105,
1447
+ 110,
1448
+ 116
1449
+ ]
1450
+ },
1451
+ {
1452
+ kind: "account",
1453
+ path: "signer"
1454
+ }
1455
+ ]
1456
+ }
1457
+ },
1458
+ {
1459
+ name: "token_account",
1460
+ writable: true,
1461
+ pda: {
1462
+ seeds: [
1463
+ {
1464
+ kind: "account",
1465
+ path: "signer"
1466
+ },
1467
+ {
1468
+ kind: "account",
1469
+ path: "token_program"
1470
+ },
1471
+ {
1472
+ kind: "account",
1473
+ path: "mint"
1474
+ }
1475
+ ],
1476
+ program: {
1477
+ kind: "const",
1478
+ value: [
1479
+ 140,
1480
+ 151,
1481
+ 37,
1482
+ 143,
1483
+ 78,
1484
+ 36,
1485
+ 137,
1486
+ 241,
1487
+ 187,
1488
+ 61,
1489
+ 16,
1490
+ 41,
1491
+ 20,
1492
+ 142,
1493
+ 13,
1494
+ 131,
1495
+ 11,
1496
+ 90,
1497
+ 19,
1498
+ 153,
1499
+ 218,
1500
+ 255,
1501
+ 16,
1502
+ 132,
1503
+ 4,
1504
+ 142,
1505
+ 123,
1506
+ 216,
1507
+ 219,
1508
+ 233,
1509
+ 248,
1510
+ 89
1511
+ ]
1512
+ }
1513
+ }
1514
+ }
1515
+ ],
1516
+ args: []
1517
+ },
1518
+ {
1519
+ name: "migrate_identity",
1520
+ docs: [
1521
+ "Migrate from an user's old Anchor IdentityState PDA to a new one",
1522
+ "After this function call, the orphaned 0-balance ATA, pointing at a closed mint, locks ~0.002 SOL of rent. This ATA can be recovered by the old wallet calling closeAccount()"
1523
+ ],
1524
+ discriminator: [
1525
+ 161,
1526
+ 192,
1527
+ 70,
1528
+ 80,
1529
+ 47,
1530
+ 37,
1531
+ 26,
1532
+ 10
1533
+ ],
1534
+ accounts: [
1535
+ {
1536
+ name: "user",
1537
+ writable: true,
1538
+ signer: true
1539
+ },
1540
+ {
1541
+ name: "identity_state",
1542
+ writable: true,
1543
+ pda: {
1544
+ seeds: [
1545
+ {
1546
+ kind: "const",
1547
+ value: [
1548
+ 105,
1549
+ 100,
1550
+ 101,
1551
+ 110,
1552
+ 116,
1553
+ 105,
1554
+ 116,
1555
+ 121
1556
+ ]
1557
+ },
1558
+ {
1559
+ kind: "account",
1560
+ path: "user"
1561
+ }
1562
+ ]
1563
+ }
1564
+ },
1565
+ {
1566
+ name: "mint",
1567
+ docs: [
1568
+ "initialization ordering. PDA seeds ensure uniqueness per user."
1569
+ ],
1570
+ writable: true,
1571
+ pda: {
1572
+ seeds: [
1573
+ {
1574
+ kind: "const",
1575
+ value: [
1576
+ 109,
1577
+ 105,
1578
+ 110,
1579
+ 116
1580
+ ]
1581
+ },
1582
+ {
1583
+ kind: "account",
1584
+ path: "user"
1585
+ }
1586
+ ]
1587
+ }
1588
+ },
1589
+ {
1590
+ name: "mint_authority",
1591
+ pda: {
1592
+ seeds: [
1593
+ {
1594
+ kind: "const",
1595
+ value: [
1596
+ 109,
1597
+ 105,
1598
+ 110,
1599
+ 116,
1600
+ 95,
1601
+ 97,
1602
+ 117,
1603
+ 116,
1604
+ 104,
1605
+ 111,
1606
+ 114,
1607
+ 105,
1608
+ 116,
1609
+ 121
1610
+ ]
1611
+ }
1612
+ ]
1613
+ }
1614
+ },
1615
+ {
1616
+ name: "token_account",
1617
+ writable: true
1618
+ },
1619
+ {
1620
+ name: "associated_token_program",
1621
+ address: "ATokenGPvbdGVxr1b2hvZbsiqW5xWH25efTNsLJA8knL"
1622
+ },
1623
+ {
1624
+ name: "token_program"
1625
+ },
1626
+ {
1627
+ name: "system_program",
1628
+ address: "11111111111111111111111111111111"
1629
+ },
1630
+ {
1631
+ name: "protocol_config",
1632
+ pda: {
1633
+ seeds: [
1634
+ {
1635
+ kind: "const",
1636
+ value: [
1637
+ 112,
1638
+ 114,
1639
+ 111,
1640
+ 116,
1641
+ 111,
1642
+ 99,
1643
+ 111,
1644
+ 108,
1645
+ 95,
1646
+ 99,
1647
+ 111,
1648
+ 110,
1649
+ 102,
1650
+ 105,
1651
+ 103
1652
+ ]
1653
+ }
1654
+ ],
1655
+ program: {
1656
+ kind: "const",
1657
+ value: [
1658
+ 81,
1659
+ 130,
1660
+ 250,
1661
+ 230,
1662
+ 30,
1663
+ 253,
1664
+ 246,
1665
+ 69,
1666
+ 82,
1667
+ 96,
1668
+ 7,
1669
+ 173,
1670
+ 78,
1671
+ 160,
1672
+ 131,
1673
+ 188,
1674
+ 70,
1675
+ 106,
1676
+ 173,
1677
+ 59,
1678
+ 102,
1679
+ 163,
1680
+ 198,
1681
+ 189,
1682
+ 82,
1683
+ 37,
1684
+ 225,
1685
+ 38,
1686
+ 52,
1687
+ 233,
1688
+ 157,
1689
+ 117
1690
+ ]
1691
+ }
1692
+ }
1693
+ },
1694
+ {
1695
+ name: "treasury",
1696
+ writable: true,
1697
+ pda: {
1698
+ seeds: [
1699
+ {
1700
+ kind: "const",
1701
+ value: [
1702
+ 112,
1703
+ 114,
1704
+ 111,
1705
+ 116,
1706
+ 111,
1707
+ 99,
1708
+ 111,
1709
+ 108,
1710
+ 95,
1711
+ 116,
1712
+ 114,
1713
+ 101,
1714
+ 97,
1715
+ 115,
1716
+ 117,
1717
+ 114,
1718
+ 121
1719
+ ]
1720
+ }
1721
+ ],
1722
+ program: {
1723
+ kind: "const",
1724
+ value: [
1725
+ 81,
1726
+ 130,
1727
+ 250,
1728
+ 230,
1729
+ 30,
1730
+ 253,
1731
+ 246,
1732
+ 69,
1733
+ 82,
1734
+ 96,
1735
+ 7,
1736
+ 173,
1737
+ 78,
1738
+ 160,
1739
+ 131,
1740
+ 188,
1741
+ 70,
1742
+ 106,
1743
+ 173,
1744
+ 59,
1745
+ 102,
1746
+ 163,
1747
+ 198,
1748
+ 189,
1749
+ 82,
1750
+ 37,
1751
+ 225,
1752
+ 38,
1753
+ 52,
1754
+ 233,
1755
+ 157,
1756
+ 117
1757
+ ]
1758
+ }
1759
+ }
1760
+ },
1761
+ {
1762
+ name: "wallet_old",
1763
+ writable: true
1764
+ },
1765
+ {
1766
+ name: "identity_state_old",
1767
+ writable: true,
1768
+ pda: {
1769
+ seeds: [
1770
+ {
1771
+ kind: "const",
1772
+ value: [
1773
+ 105,
1774
+ 100,
1775
+ 101,
1776
+ 110,
1777
+ 116,
1778
+ 105,
1779
+ 116,
1780
+ 121
1781
+ ]
1782
+ },
1783
+ {
1784
+ kind: "account",
1785
+ path: "wallet_old"
1786
+ }
1787
+ ]
1788
+ }
1789
+ },
1790
+ {
1791
+ name: "mint_old",
1792
+ writable: true,
1793
+ pda: {
1794
+ seeds: [
1795
+ {
1796
+ kind: "const",
1797
+ value: [
1798
+ 109,
1799
+ 105,
1800
+ 110,
1801
+ 116
1802
+ ]
1803
+ },
1804
+ {
1805
+ kind: "account",
1806
+ path: "wallet_old"
1807
+ }
1808
+ ]
1809
+ }
1810
+ },
1811
+ {
1812
+ name: "token_account_old",
1813
+ writable: true,
1814
+ pda: {
1815
+ seeds: [
1816
+ {
1817
+ kind: "account",
1818
+ path: "wallet_old"
1819
+ },
1820
+ {
1821
+ kind: "account",
1822
+ path: "token_program"
1823
+ },
1824
+ {
1825
+ kind: "account",
1826
+ path: "mint_old"
1827
+ }
1828
+ ],
1829
+ program: {
1830
+ kind: "const",
1831
+ value: [
1832
+ 140,
1833
+ 151,
1834
+ 37,
1835
+ 143,
1836
+ 78,
1837
+ 36,
1838
+ 137,
1839
+ 241,
1840
+ 187,
1841
+ 61,
1842
+ 16,
1843
+ 41,
1844
+ 20,
1845
+ 142,
1846
+ 13,
1847
+ 131,
1848
+ 11,
1849
+ 90,
1850
+ 19,
1851
+ 153,
1852
+ 218,
1853
+ 255,
1854
+ 16,
1855
+ 132,
1856
+ 4,
1857
+ 142,
1858
+ 123,
1859
+ 216,
1860
+ 219,
1861
+ 233,
1862
+ 248,
1863
+ 89
1864
+ ]
1865
+ }
1866
+ }
1867
+ }
1868
+ ],
1869
+ args: []
1870
+ },
1871
+ {
1872
+ name: "mint_anchor",
1873
+ docs: [
1874
+ "Mint a new Entros Anchor identity for the caller.",
1875
+ "Creates a NonTransferable Token-2022 mint, mints 1 token to the user's ATA,",
1876
+ "and initializes the IdentityState PDA."
1877
+ ],
1878
+ discriminator: [
1879
+ 68,
1880
+ 56,
1881
+ 113,
1882
+ 102,
1883
+ 236,
1884
+ 152,
1885
+ 146,
1886
+ 60
1887
+ ],
1888
+ accounts: [
1889
+ {
1890
+ name: "user",
1891
+ writable: true,
1892
+ signer: true
1893
+ },
1894
+ {
1895
+ name: "identity_state",
1896
+ writable: true,
1897
+ pda: {
1898
+ seeds: [
1899
+ {
1900
+ kind: "const",
1901
+ value: [
1902
+ 105,
1903
+ 100,
1904
+ 101,
1905
+ 110,
1906
+ 116,
1907
+ 105,
1908
+ 116,
1909
+ 121
1910
+ ]
1911
+ },
1912
+ {
1913
+ kind: "account",
1914
+ path: "user"
1915
+ }
1916
+ ]
1917
+ }
1918
+ },
1919
+ {
1920
+ name: "mint",
1921
+ docs: [
1922
+ "initialization ordering. PDA seeds ensure uniqueness per user."
1923
+ ],
1924
+ writable: true,
1925
+ pda: {
1926
+ seeds: [
1927
+ {
1928
+ kind: "const",
1929
+ value: [
1930
+ 109,
1931
+ 105,
1932
+ 110,
1933
+ 116
1934
+ ]
1935
+ },
1936
+ {
1937
+ kind: "account",
1938
+ path: "user"
1939
+ }
1940
+ ]
1941
+ }
1942
+ },
1943
+ {
1944
+ name: "mint_authority",
1945
+ pda: {
1946
+ seeds: [
1947
+ {
1948
+ kind: "const",
1949
+ value: [
1950
+ 109,
1951
+ 105,
1952
+ 110,
1953
+ 116,
1954
+ 95,
1955
+ 97,
1956
+ 117,
1957
+ 116,
1958
+ 104,
1959
+ 111,
1960
+ 114,
1961
+ 105,
1962
+ 116,
1963
+ 121
1964
+ ]
1965
+ }
1966
+ ]
1967
+ }
1968
+ },
1969
+ {
1970
+ name: "token_account",
1971
+ writable: true
1972
+ },
1973
+ {
1974
+ name: "associated_token_program",
1975
+ address: "ATokenGPvbdGVxr1b2hvZbsiqW5xWH25efTNsLJA8knL"
1976
+ },
1977
+ {
1978
+ name: "token_program"
1979
+ },
1980
+ {
1981
+ name: "system_program",
1982
+ address: "11111111111111111111111111111111"
1983
+ },
1984
+ {
1985
+ name: "protocol_config",
1986
+ pda: {
1987
+ seeds: [
1988
+ {
1989
+ kind: "const",
1990
+ value: [
1991
+ 112,
1992
+ 114,
1993
+ 111,
1994
+ 116,
1995
+ 111,
1996
+ 99,
1997
+ 111,
1998
+ 108,
1999
+ 95,
2000
+ 99,
2001
+ 111,
2002
+ 110,
2003
+ 102,
2004
+ 105,
2005
+ 103
2006
+ ]
2007
+ }
2008
+ ],
2009
+ program: {
2010
+ kind: "const",
2011
+ value: [
2012
+ 81,
2013
+ 130,
2014
+ 250,
2015
+ 230,
2016
+ 30,
2017
+ 253,
2018
+ 246,
2019
+ 69,
2020
+ 82,
2021
+ 96,
2022
+ 7,
2023
+ 173,
2024
+ 78,
2025
+ 160,
2026
+ 131,
2027
+ 188,
2028
+ 70,
2029
+ 106,
2030
+ 173,
2031
+ 59,
2032
+ 102,
2033
+ 163,
2034
+ 198,
2035
+ 189,
2036
+ 82,
2037
+ 37,
2038
+ 225,
2039
+ 38,
2040
+ 52,
2041
+ 233,
2042
+ 157,
2043
+ 117
2044
+ ]
2045
+ }
2046
+ }
2047
+ },
2048
+ {
2049
+ name: "treasury",
2050
+ writable: true,
2051
+ pda: {
2052
+ seeds: [
2053
+ {
2054
+ kind: "const",
2055
+ value: [
2056
+ 112,
2057
+ 114,
2058
+ 111,
2059
+ 116,
2060
+ 111,
2061
+ 99,
2062
+ 111,
2063
+ 108,
2064
+ 95,
2065
+ 116,
2066
+ 114,
2067
+ 101,
2068
+ 97,
2069
+ 115,
2070
+ 117,
2071
+ 114,
2072
+ 121
2073
+ ]
2074
+ }
2075
+ ],
2076
+ program: {
2077
+ kind: "const",
2078
+ value: [
2079
+ 81,
2080
+ 130,
2081
+ 250,
2082
+ 230,
2083
+ 30,
2084
+ 253,
2085
+ 246,
2086
+ 69,
2087
+ 82,
2088
+ 96,
2089
+ 7,
2090
+ 173,
2091
+ 78,
2092
+ 160,
2093
+ 131,
2094
+ 188,
2095
+ 70,
2096
+ 106,
2097
+ 173,
2098
+ 59,
2099
+ 102,
2100
+ 163,
2101
+ 198,
2102
+ 189,
2103
+ 82,
2104
+ 37,
2105
+ 225,
2106
+ 38,
2107
+ 52,
2108
+ 233,
2109
+ 157,
2110
+ 117
2111
+ ]
2112
+ }
2113
+ }
2114
+ },
2115
+ {
2116
+ name: "instructions_sysvar",
2117
+ docs: [
2118
+ "receipt verification (master-list #146 Phase 3) to inspect the",
2119
+ "preceding Ed25519Program::verify instruction in the same tx.",
2120
+ "Address is constrained to the canonical sysvar pubkey, so the",
2121
+ "program is guaranteed to be reading the real sysvar regardless of",
2122
+ "what the client passes."
2123
+ ],
2124
+ address: "Sysvar1nstructions1111111111111111111111111"
2125
+ }
2126
+ ],
2127
+ args: [
2128
+ {
2129
+ name: "initial_commitment",
2130
+ type: {
2131
+ array: [
2132
+ "u8",
2133
+ 32
2134
+ ]
2135
+ }
2136
+ }
2137
+ ]
2138
+ },
2139
+ {
2140
+ name: "reset_identity_state",
2141
+ docs: [
2142
+ "Reset the caller's identity state to a fresh baseline.",
2143
+ "",
2144
+ "Recovery path for users whose client-side fingerprint envelope is",
2145
+ "unrecoverable (cleared site data, new device, corrupted keystore).",
2146
+ 'Without this instruction the only answer is "mint a new wallet,"',
2147
+ "which discards on-chain history and the SAS attestation. Reset",
2148
+ "rotates `current_commitment` in place and zeroes verification",
2149
+ "history so a compromised wallet cannot inherit reputation.",
2150
+ "",
2151
+ "Defenses:",
2152
+ "- Signer constraint on `authority` proves wallet ownership.",
2153
+ "- 7-day cooldown (`RESET_COOLDOWN_SECS`) bounds abuse frequency.",
2154
+ "- Full zero of `verification_count`, `trust_score`, and",
2155
+ "`recent_timestamps` means an attacker who compromises the",
2156
+ "wallet key and passes Tier 1 validation starts from zero.",
2157
+ "- Verification fee charged, matching mint/update economics.",
2158
+ "",
2159
+ "No ZK proof is consumed: there is no prior fingerprint to",
2160
+ "Hamming-compare against, and the Hamming circuit's",
2161
+ "`min_distance \u2265 3` constraint would reject a same-fingerprint",
2162
+ "proof anyway. Live-humanness evidence comes from the Tier 1",
2163
+ "validation pipeline at the SAS attestation step (handled by",
2164
+ "the off-chain executor, not this instruction)."
2165
+ ],
2166
+ discriminator: [
2167
+ 26,
2168
+ 78,
2169
+ 86,
2170
+ 143,
2171
+ 247,
2172
+ 132,
2173
+ 85,
2174
+ 203
2175
+ ],
2176
+ accounts: [
2177
+ {
2178
+ name: "authority",
2179
+ writable: true,
2180
+ signer: true
2181
+ },
2182
+ {
2183
+ name: "identity_state",
2184
+ docs: [
2185
+ "may realloc legacy-layout accounts (207 or 543 bytes) to the current",
2186
+ "551-byte layout before deserialization. PDA validated by seeds;",
2187
+ "ownership verified in instruction body after deserialization."
2188
+ ],
2189
+ writable: true,
2190
+ pda: {
2191
+ seeds: [
2192
+ {
2193
+ kind: "const",
2194
+ value: [
2195
+ 105,
2196
+ 100,
2197
+ 101,
2198
+ 110,
2199
+ 116,
2200
+ 105,
2201
+ 116,
2202
+ 121
2203
+ ]
2204
+ },
2205
+ {
2206
+ kind: "account",
2207
+ path: "authority"
2208
+ }
2209
+ ]
2210
+ }
2211
+ },
2212
+ {
2213
+ name: "protocol_config",
2214
+ docs: [
2215
+ "Supplies the verification fee amount charged on reset."
2216
+ ],
2217
+ pda: {
2218
+ seeds: [
2219
+ {
2220
+ kind: "const",
2221
+ value: [
2222
+ 112,
2223
+ 114,
2224
+ 111,
2225
+ 116,
2226
+ 111,
2227
+ 99,
2228
+ 111,
2229
+ 108,
2230
+ 95,
2231
+ 99,
2232
+ 111,
2233
+ 110,
2234
+ 102,
2235
+ 105,
2236
+ 103
2237
+ ]
2238
+ }
2239
+ ],
2240
+ program: {
2241
+ kind: "const",
2242
+ value: [
2243
+ 81,
2244
+ 130,
2245
+ 250,
2246
+ 230,
2247
+ 30,
2248
+ 253,
2249
+ 246,
2250
+ 69,
2251
+ 82,
2252
+ 96,
2253
+ 7,
2254
+ 173,
2255
+ 78,
2256
+ 160,
2257
+ 131,
2258
+ 188,
2259
+ 70,
2260
+ 106,
2261
+ 173,
2262
+ 59,
2263
+ 102,
2264
+ 163,
2265
+ 198,
2266
+ 189,
2267
+ 82,
2268
+ 37,
2269
+ 225,
2270
+ 38,
2271
+ 52,
2272
+ 233,
2273
+ 157,
2274
+ 117
2275
+ ]
2276
+ }
2277
+ }
2278
+ },
2279
+ {
2280
+ name: "treasury",
2281
+ writable: true,
2282
+ pda: {
2283
+ seeds: [
2284
+ {
2285
+ kind: "const",
2286
+ value: [
2287
+ 112,
2288
+ 114,
2289
+ 111,
2290
+ 116,
2291
+ 111,
2292
+ 99,
2293
+ 111,
2294
+ 108,
2295
+ 95,
2296
+ 116,
2297
+ 114,
2298
+ 101,
2299
+ 97,
2300
+ 115,
2301
+ 117,
2302
+ 114,
2303
+ 121
2304
+ ]
2305
+ }
2306
+ ],
2307
+ program: {
2308
+ kind: "const",
2309
+ value: [
2310
+ 81,
2311
+ 130,
2312
+ 250,
2313
+ 230,
2314
+ 30,
2315
+ 253,
2316
+ 246,
2317
+ 69,
2318
+ 82,
2319
+ 96,
2320
+ 7,
2321
+ 173,
2322
+ 78,
2323
+ 160,
2324
+ 131,
2325
+ 188,
2326
+ 70,
2327
+ 106,
2328
+ 173,
2329
+ 59,
2330
+ 102,
2331
+ 163,
2332
+ 198,
2333
+ 189,
2334
+ 82,
2335
+ 37,
2336
+ 225,
2337
+ 38,
2338
+ 52,
2339
+ 233,
2340
+ 157,
2341
+ 117
2342
+ ]
2343
+ }
2344
+ }
2345
+ },
2346
+ {
2347
+ name: "system_program",
2348
+ address: "11111111111111111111111111111111"
2349
+ }
2350
+ ],
2351
+ args: [
2352
+ {
2353
+ name: "new_commitment",
2354
+ type: {
2355
+ array: [
2356
+ "u8",
2357
+ 32
2358
+ ]
2359
+ }
2360
+ }
2361
+ ]
2362
+ },
2363
+ {
2364
+ name: "update_anchor",
2365
+ docs: [
2366
+ "Update the identity state after a successful proof verification.",
2367
+ "",
2368
+ "Trust score is computed automatically from verification history and protocol config.",
2369
+ "Handles transparent migration from old (10-slot) to new (52-slot) account layouts.",
2370
+ "",
2371
+ "Requires a matching, fresh `VerificationResult` PDA (owned by entros-verifier)",
2372
+ "whose `commitment_new` equals `new_commitment` and whose `commitment_prev`",
2373
+ "equals the identity's current stored commitment. Without this binding the",
2374
+ "instruction would accept any commitment with no biometric proof \u2014 allowing",
2375
+ "trust-score farming via per-call fee payment, which contradicts the",
2376
+ "protocol's economic deterrence model. See AUDIT.md for details.",
2377
+ "",
2378
+ "The `verification_nonce` argument supplies the challenge nonce used to",
2379
+ 'derive the VerificationResult PDA (`seeds = [b"verification", authority, nonce]`).',
2380
+ "Single-use is enforced implicitly: after this call, `current_commitment`",
2381
+ "rotates to `new_commitment`, so the consumed VerificationResult's",
2382
+ "`commitment_prev` no longer matches on any future call."
2383
+ ],
2384
+ discriminator: [
2385
+ 120,
2386
+ 192,
2387
+ 72,
2388
+ 245,
2389
+ 112,
2390
+ 246,
2391
+ 119,
2392
+ 135
2393
+ ],
2394
+ accounts: [
2395
+ {
2396
+ name: "authority",
2397
+ writable: true,
2398
+ signer: true
2399
+ },
2400
+ {
2401
+ name: "identity_state",
2402
+ docs: [
2403
+ "from old (10-slot) to new (52-slot) account layouts. PDA validated by seeds.",
2404
+ "Ownership verified in instruction body after deserialization."
2405
+ ],
2406
+ writable: true,
2407
+ pda: {
2408
+ seeds: [
2409
+ {
2410
+ kind: "const",
2411
+ value: [
2412
+ 105,
2413
+ 100,
2414
+ 101,
2415
+ 110,
2416
+ 116,
2417
+ 105,
2418
+ 116,
2419
+ 121
2420
+ ]
2421
+ },
2422
+ {
2423
+ kind: "account",
2424
+ path: "authority"
2425
+ }
2426
+ ]
2427
+ }
2428
+ },
2429
+ {
2430
+ name: "verification_result",
2431
+ docs: [
2432
+ "PDA seeds validated by Anchor; layout + owner + cross-field constraints",
2433
+ "validated in instruction body. Binds the ZK proof to this specific",
2434
+ "update \u2014 without this account, update_anchor would accept any commitment",
2435
+ "with no proof."
2436
+ ],
2437
+ pda: {
2438
+ seeds: [
2439
+ {
2440
+ kind: "const",
2441
+ value: [
2442
+ 118,
2443
+ 101,
2444
+ 114,
2445
+ 105,
2446
+ 102,
2447
+ 105,
2448
+ 99,
2449
+ 97,
2450
+ 116,
2451
+ 105,
2452
+ 111,
2453
+ 110
2454
+ ]
2455
+ },
2456
+ {
2457
+ kind: "account",
2458
+ path: "authority"
2459
+ },
2460
+ {
2461
+ kind: "arg",
2462
+ path: "verification_nonce"
2463
+ }
2464
+ ],
2465
+ program: {
2466
+ kind: "const",
2467
+ value: [
2468
+ 48,
2469
+ 50,
2470
+ 94,
2471
+ 115,
2472
+ 90,
2473
+ 162,
2474
+ 108,
2475
+ 8,
2476
+ 240,
2477
+ 151,
2478
+ 76,
2479
+ 223,
2480
+ 101,
2481
+ 176,
2482
+ 170,
2483
+ 86,
2484
+ 254,
2485
+ 247,
2486
+ 252,
2487
+ 28,
2488
+ 240,
2489
+ 145,
2490
+ 60,
2491
+ 108,
2492
+ 42,
2493
+ 129,
2494
+ 105,
2495
+ 32,
2496
+ 232,
2497
+ 212,
2498
+ 226,
2499
+ 52
2500
+ ]
2501
+ }
2502
+ }
2503
+ },
2504
+ {
2505
+ name: "protocol_config",
2506
+ docs: [
2507
+ "Validated by seeds + owner via seeds::program."
2508
+ ],
2509
+ pda: {
2510
+ seeds: [
2511
+ {
2512
+ kind: "const",
2513
+ value: [
2514
+ 112,
2515
+ 114,
2516
+ 111,
2517
+ 116,
2518
+ 111,
2519
+ 99,
2520
+ 111,
2521
+ 108,
2522
+ 95,
2523
+ 99,
2524
+ 111,
2525
+ 110,
2526
+ 102,
2527
+ 105,
2528
+ 103
2529
+ ]
2530
+ }
2531
+ ],
2532
+ program: {
2533
+ kind: "const",
2534
+ value: [
2535
+ 81,
2536
+ 130,
2537
+ 250,
2538
+ 230,
2539
+ 30,
2540
+ 253,
2541
+ 246,
2542
+ 69,
2543
+ 82,
2544
+ 96,
2545
+ 7,
2546
+ 173,
2547
+ 78,
2548
+ 160,
2549
+ 131,
2550
+ 188,
2551
+ 70,
2552
+ 106,
2553
+ 173,
2554
+ 59,
2555
+ 102,
2556
+ 163,
2557
+ 198,
2558
+ 189,
2559
+ 82,
2560
+ 37,
2561
+ 225,
2562
+ 38,
2563
+ 52,
2564
+ 233,
2565
+ 157,
2566
+ 117
2567
+ ]
2568
+ }
2569
+ }
2570
+ },
2571
+ {
2572
+ name: "treasury",
2573
+ writable: true,
2574
+ pda: {
2575
+ seeds: [
2576
+ {
2577
+ kind: "const",
2578
+ value: [
2579
+ 112,
2580
+ 114,
2581
+ 111,
2582
+ 116,
2583
+ 111,
2584
+ 99,
2585
+ 111,
2586
+ 108,
2587
+ 95,
2588
+ 116,
2589
+ 114,
2590
+ 101,
2591
+ 97,
2592
+ 115,
2593
+ 117,
2594
+ 114,
2595
+ 121
2596
+ ]
2597
+ }
2598
+ ],
2599
+ program: {
2600
+ kind: "const",
2601
+ value: [
2602
+ 81,
2603
+ 130,
2604
+ 250,
2605
+ 230,
2606
+ 30,
2607
+ 253,
2608
+ 246,
2609
+ 69,
2610
+ 82,
2611
+ 96,
2612
+ 7,
2613
+ 173,
2614
+ 78,
2615
+ 160,
2616
+ 131,
2617
+ 188,
2618
+ 70,
2619
+ 106,
2620
+ 173,
2621
+ 59,
2622
+ 102,
2623
+ 163,
2624
+ 198,
2625
+ 189,
2626
+ 82,
2627
+ 37,
2628
+ 225,
2629
+ 38,
2630
+ 52,
2631
+ 233,
2632
+ 157,
2633
+ 117
2634
+ ]
2635
+ }
2636
+ }
2637
+ },
2638
+ {
2639
+ name: "system_program",
2640
+ address: "11111111111111111111111111111111"
2641
+ }
2642
+ ],
2643
+ args: [
2644
+ {
2645
+ name: "new_commitment",
2646
+ type: {
2647
+ array: [
2648
+ "u8",
2649
+ 32
2650
+ ]
2651
+ }
2652
+ },
2653
+ {
2654
+ name: "verification_nonce",
2655
+ type: {
2656
+ array: [
2657
+ "u8",
2658
+ 32
2659
+ ]
2660
+ }
2661
+ }
2662
+ ]
2663
+ }
2664
+ ],
2665
+ accounts: [
2666
+ {
2667
+ name: "IdentityState",
2668
+ discriminator: [
2669
+ 156,
2670
+ 32,
2671
+ 87,
2672
+ 93,
2673
+ 52,
2674
+ 155,
2675
+ 248,
2676
+ 207
2677
+ ]
2678
+ }
2679
+ ],
2680
+ events: [
2681
+ {
2682
+ name: "AnchorMinted",
2683
+ discriminator: [
2684
+ 11,
2685
+ 188,
2686
+ 6,
2687
+ 169,
2688
+ 20,
2689
+ 50,
2690
+ 128,
2691
+ 172
2692
+ ]
2693
+ },
2694
+ {
2695
+ name: "AnchorReset",
2696
+ discriminator: [
2697
+ 183,
2698
+ 48,
2699
+ 146,
2700
+ 155,
2701
+ 112,
2702
+ 20,
2703
+ 140,
2704
+ 31
2705
+ ]
2706
+ },
2707
+ {
2708
+ name: "AnchorUpdated",
2709
+ discriminator: [
2710
+ 112,
2711
+ 73,
2712
+ 210,
2713
+ 183,
2714
+ 57,
2715
+ 84,
2716
+ 103,
2717
+ 59
2718
+ ]
2719
+ },
2720
+ {
2721
+ name: "MigrateIdentityEvent",
2722
+ discriminator: [
2723
+ 33,
2724
+ 239,
2725
+ 166,
2726
+ 187,
2727
+ 108,
2728
+ 47,
2729
+ 49,
2730
+ 139
2731
+ ]
2732
+ }
2733
+ ],
2734
+ errors: [
2735
+ {
2736
+ code: 6e3,
2737
+ name: "InvalidCommitment",
2738
+ msg: "Invalid commitment: must be 32 non-zero bytes"
2739
+ },
2740
+ {
2741
+ code: 6001,
2742
+ name: "Unauthorized",
2743
+ msg: "Unauthorized: caller is not the identity owner"
2744
+ },
2745
+ {
2746
+ code: 6002,
2747
+ name: "ArithmeticOverflow",
2748
+ msg: "Arithmetic overflow"
2749
+ },
2750
+ {
2751
+ code: 6003,
2752
+ name: "InvalidProtocolConfig",
2753
+ msg: "Invalid protocol config account"
2754
+ },
2755
+ {
2756
+ code: 6004,
2757
+ name: "InvalidIdentityState",
2758
+ msg: "Identity state account failed to deserialize"
2759
+ },
2760
+ {
2761
+ code: 6005,
2762
+ name: "IdentitySerializationFailed",
2763
+ msg: "Identity state account failed to serialize"
2764
+ },
2765
+ {
2766
+ code: 6006,
2767
+ name: "VerificationResultWrongOwner",
2768
+ msg: "VerificationResult account is owned by the wrong program"
2769
+ },
2770
+ {
2771
+ code: 6007,
2772
+ name: "StaleVerificationResult",
2773
+ msg: "VerificationResult account has stale layout (pre-binding-patch)"
2774
+ },
2775
+ {
2776
+ code: 6008,
2777
+ name: "VerifierMismatch",
2778
+ msg: "VerificationResult verifier does not match the signing authority"
2779
+ },
2780
+ {
2781
+ code: 6009,
2782
+ name: "ProofExpired",
2783
+ msg: "Proof is too old to consume (MAX_PROOF_AGE_SECS exceeded)"
2784
+ },
2785
+ {
2786
+ code: 6010,
2787
+ name: "CommitmentMismatch",
2788
+ msg: "Proof commitment_new does not match the submitted new_commitment"
2789
+ },
2790
+ {
2791
+ code: 6011,
2792
+ name: "PrevCommitmentMismatch",
2793
+ msg: "Proof commitment_prev does not match the identity's current_commitment"
2794
+ },
2795
+ {
2796
+ code: 6012,
2797
+ name: "ResetCooldownActive",
2798
+ msg: "Reset cooldown has not elapsed since the last reset"
2799
+ },
2800
+ {
2801
+ code: 6013,
2802
+ name: "UnauthorizedNewWallet",
2803
+ msg: "caller is not authorized by the old identity"
2804
+ },
2805
+ {
2806
+ code: 6014,
2807
+ name: "ProofFromFuture",
2808
+ msg: "VerificationResult.verified_at is in the future relative to the cluster clock"
2809
+ },
2810
+ {
2811
+ code: 6015,
2812
+ name: "MissingValidatorReceipt",
2813
+ msg: "mint_anchor expected a preceding Ed25519Program::verify instruction with a validator-signed receipt; none found"
2814
+ },
2815
+ {
2816
+ code: 6016,
2817
+ name: "ReceiptValidatorMismatch",
2818
+ msg: "Receipt was signed by a key that does not match ProtocolConfig.validator_pubkey"
2819
+ },
2820
+ {
2821
+ code: 6017,
2822
+ name: "ReceiptCommitmentMismatch",
2823
+ msg: "Receipt commitment does not match the mint_anchor commitment argument"
2824
+ },
2825
+ {
2826
+ code: 6018,
2827
+ name: "ReceiptWalletMismatch",
2828
+ msg: "Receipt wallet does not match the mint signer"
2829
+ },
2830
+ {
2831
+ code: 6019,
2832
+ name: "ReceiptExpired",
2833
+ msg: "Receipt has aged past MAX_RECEIPT_AGE_SECS"
2834
+ },
2835
+ {
2836
+ code: 6020,
2837
+ name: "ReceiptFromFuture",
2838
+ msg: "Receipt validated_at is in the future relative to the cluster clock"
2839
+ },
2840
+ {
2841
+ code: 6021,
2842
+ name: "MalformedReceiptMessage",
2843
+ msg: "Receipt message has malformed length or layout"
2844
+ }
2845
+ ],
2846
+ types: [
2847
+ {
2848
+ name: "AnchorMinted",
2849
+ type: {
2850
+ kind: "struct",
2851
+ fields: [
2852
+ {
2853
+ name: "owner",
2854
+ type: "pubkey"
2855
+ },
2856
+ {
2857
+ name: "mint",
2858
+ type: "pubkey"
2859
+ },
2860
+ {
2861
+ name: "commitment",
2862
+ type: {
2863
+ array: [
2864
+ "u8",
2865
+ 32
2866
+ ]
2867
+ }
2868
+ }
2869
+ ]
2870
+ }
2871
+ },
2872
+ {
2873
+ name: "AnchorReset",
2874
+ type: {
2875
+ kind: "struct",
2876
+ fields: [
2877
+ {
2878
+ name: "owner",
2879
+ type: "pubkey"
2880
+ },
2881
+ {
2882
+ name: "mint",
2883
+ type: "pubkey"
2884
+ },
2885
+ {
2886
+ name: "commitment",
2887
+ type: {
2888
+ array: [
2889
+ "u8",
2890
+ 32
2891
+ ]
2892
+ }
2893
+ }
2894
+ ]
2895
+ }
2896
+ },
2897
+ {
2898
+ name: "AnchorUpdated",
2899
+ type: {
2900
+ kind: "struct",
2901
+ fields: [
2902
+ {
2903
+ name: "owner",
2904
+ type: "pubkey"
2905
+ },
2906
+ {
2907
+ name: "verification_count",
2908
+ type: "u32"
2909
+ },
2910
+ {
2911
+ name: "trust_score",
2912
+ type: "u16"
2913
+ },
2914
+ {
2915
+ name: "commitment",
2916
+ type: {
2917
+ array: [
2918
+ "u8",
2919
+ 32
2920
+ ]
2921
+ }
2922
+ }
2923
+ ]
2924
+ }
2925
+ },
2926
+ {
2927
+ name: "IdentityState",
2928
+ type: {
2929
+ kind: "struct",
2930
+ fields: [
2931
+ {
2932
+ name: "owner",
2933
+ docs: [
2934
+ "The user's wallet pubkey"
2935
+ ],
2936
+ type: "pubkey"
2937
+ },
2938
+ {
2939
+ name: "creation_timestamp",
2940
+ docs: [
2941
+ "When the identity was first minted"
2942
+ ],
2943
+ type: "i64"
2944
+ },
2945
+ {
2946
+ name: "last_verification_timestamp",
2947
+ docs: [
2948
+ "Most recent successful verification"
2949
+ ],
2950
+ type: "i64"
2951
+ },
2952
+ {
2953
+ name: "verification_count",
2954
+ docs: [
2955
+ "Total successful verifications"
2956
+ ],
2957
+ type: "u32"
2958
+ },
2959
+ {
2960
+ name: "trust_score",
2961
+ docs: [
2962
+ "Computed reputation metric"
2963
+ ],
2964
+ type: "u16"
2965
+ },
2966
+ {
2967
+ name: "current_commitment",
2968
+ docs: [
2969
+ "Latest Poseidon commitment H_TBH"
2970
+ ],
2971
+ type: {
2972
+ array: [
2973
+ "u8",
2974
+ 32
2975
+ ]
2976
+ }
2977
+ },
2978
+ {
2979
+ name: "mint",
2980
+ docs: [
2981
+ "The NonTransferable mint associated with this identity"
2982
+ ],
2983
+ type: "pubkey"
2984
+ },
2985
+ {
2986
+ name: "bump",
2987
+ docs: [
2988
+ "PDA bump seed"
2989
+ ],
2990
+ type: "u8"
2991
+ },
2992
+ {
2993
+ name: "recent_timestamps",
2994
+ docs: [
2995
+ "Timestamps of last 52 verifications (newest at index 0).",
2996
+ "52 slots covers 1 year of weekly or 4+ years of monthly verifications.",
2997
+ "Older entries contribute negligible score due to exponential recency decay."
2998
+ ],
2999
+ type: {
3000
+ array: [
3001
+ "i64",
3002
+ 52
3003
+ ]
3004
+ }
3005
+ },
3006
+ {
3007
+ name: "last_reset_timestamp",
3008
+ docs: [
3009
+ "Most recent `reset_identity_state` invocation. Zero when the identity",
3010
+ "has never been reset (including freshly minted accounts and accounts",
3011
+ "created before this field existed and then realloc'd in-place)."
3012
+ ],
3013
+ type: "i64"
3014
+ },
3015
+ {
3016
+ name: "new_wallet",
3017
+ docs: [
3018
+ "new wallet for migrate_identity()"
3019
+ ],
3020
+ type: "pubkey"
3021
+ }
3022
+ ]
3023
+ }
3024
+ },
3025
+ {
3026
+ name: "MigrateIdentityEvent",
3027
+ type: {
3028
+ kind: "struct",
3029
+ fields: [
3030
+ {
3031
+ name: "wallet_old",
3032
+ type: "pubkey"
3033
+ },
3034
+ {
3035
+ name: "wallet_new",
3036
+ type: "pubkey"
3037
+ },
3038
+ {
3039
+ name: "identity_old",
3040
+ type: "pubkey"
3041
+ },
3042
+ {
3043
+ name: "identity_new",
3044
+ type: "pubkey"
3045
+ }
3046
+ ]
3047
+ }
3048
+ }
3049
+ ]
3050
+ };
3051
+
3052
+ // src/protocol/idl/entros_verifier.json
3053
+ var entros_verifier_default = {
3054
+ address: "4F97jNoxQzT2qRbkWpW3ztC3Nz2TtKj3rnKG8ExgnrfV",
3055
+ metadata: {
3056
+ name: "entros_verifier",
3057
+ version: "0.1.0",
3058
+ spec: "0.1.0",
3059
+ description: "ZK proof verification program for Entros Protocol"
3060
+ },
3061
+ instructions: [
3062
+ {
3063
+ name: "close_challenge",
3064
+ docs: [
3065
+ "Close a used or expired challenge account to reclaim rent."
3066
+ ],
3067
+ discriminator: [
3068
+ 29,
3069
+ 156,
3070
+ 109,
3071
+ 17,
3072
+ 41,
3073
+ 99,
3074
+ 71,
3075
+ 236
3076
+ ],
3077
+ accounts: [
3078
+ {
3079
+ name: "challenger",
3080
+ writable: true,
3081
+ signer: true
3082
+ },
3083
+ {
3084
+ name: "challenge",
3085
+ writable: true
3086
+ }
3087
+ ],
3088
+ args: []
3089
+ },
3090
+ {
3091
+ name: "close_verification_result",
3092
+ docs: [
3093
+ "Close a verification result account to reclaim rent."
3094
+ ],
3095
+ discriminator: [
3096
+ 202,
3097
+ 203,
3098
+ 62,
3099
+ 127,
3100
+ 7,
3101
+ 157,
3102
+ 143,
3103
+ 12
3104
+ ],
3105
+ accounts: [
3106
+ {
3107
+ name: "verifier",
3108
+ writable: true,
3109
+ signer: true
3110
+ },
3111
+ {
3112
+ name: "verification_result",
3113
+ writable: true
3114
+ }
3115
+ ],
3116
+ args: []
3117
+ },
3118
+ {
3119
+ name: "create_challenge",
3120
+ docs: [
3121
+ "Create a verification challenge with a client-generated nonce."
3122
+ ],
3123
+ discriminator: [
3124
+ 170,
3125
+ 244,
3126
+ 47,
3127
+ 1,
3128
+ 1,
3129
+ 15,
3130
+ 173,
3131
+ 239
3132
+ ],
3133
+ accounts: [
3134
+ {
3135
+ name: "challenger",
3136
+ writable: true,
3137
+ signer: true
3138
+ },
3139
+ {
3140
+ name: "challenge",
3141
+ writable: true,
3142
+ pda: {
3143
+ seeds: [
3144
+ {
3145
+ kind: "const",
3146
+ value: [
3147
+ 99,
3148
+ 104,
3149
+ 97,
3150
+ 108,
3151
+ 108,
3152
+ 101,
3153
+ 110,
3154
+ 103,
3155
+ 101
3156
+ ]
3157
+ },
3158
+ {
3159
+ kind: "account",
3160
+ path: "challenger"
3161
+ },
3162
+ {
3163
+ kind: "arg",
3164
+ path: "nonce"
3165
+ }
3166
+ ]
3167
+ }
3168
+ },
3169
+ {
3170
+ name: "system_program",
3171
+ address: "11111111111111111111111111111111"
3172
+ }
3173
+ ],
3174
+ args: [
3175
+ {
3176
+ name: "nonce",
3177
+ type: {
3178
+ array: [
3179
+ "u8",
3180
+ 32
3181
+ ]
3182
+ }
3183
+ }
3184
+ ]
3185
+ },
3186
+ {
3187
+ name: "verify_proof",
3188
+ docs: [
3189
+ "Verify a proof against a challenge.",
3190
+ "Validates the challenge is unused and not expired, runs mock verification,",
3191
+ "and stores the result."
3192
+ ],
3193
+ discriminator: [
3194
+ 217,
3195
+ 211,
3196
+ 191,
3197
+ 110,
3198
+ 144,
3199
+ 13,
3200
+ 186,
3201
+ 98
3202
+ ],
3203
+ accounts: [
3204
+ {
3205
+ name: "verifier",
3206
+ writable: true,
3207
+ signer: true
3208
+ },
3209
+ {
3210
+ name: "challenge",
3211
+ writable: true,
3212
+ pda: {
3213
+ seeds: [
3214
+ {
3215
+ kind: "const",
3216
+ value: [
3217
+ 99,
3218
+ 104,
3219
+ 97,
3220
+ 108,
3221
+ 108,
3222
+ 101,
3223
+ 110,
3224
+ 103,
3225
+ 101
3226
+ ]
3227
+ },
3228
+ {
3229
+ kind: "account",
3230
+ path: "verifier"
3231
+ },
3232
+ {
3233
+ kind: "arg",
3234
+ path: "nonce"
3235
+ }
3236
+ ]
3237
+ }
3238
+ },
3239
+ {
3240
+ name: "verification_result",
3241
+ writable: true,
3242
+ pda: {
3243
+ seeds: [
3244
+ {
3245
+ kind: "const",
3246
+ value: [
3247
+ 118,
3248
+ 101,
3249
+ 114,
3250
+ 105,
3251
+ 102,
3252
+ 105,
3253
+ 99,
3254
+ 97,
3255
+ 116,
3256
+ 105,
3257
+ 111,
3258
+ 110
3259
+ ]
3260
+ },
3261
+ {
3262
+ kind: "account",
3263
+ path: "verifier"
3264
+ },
3265
+ {
3266
+ kind: "arg",
3267
+ path: "nonce"
3268
+ }
3269
+ ]
3270
+ }
3271
+ },
3272
+ {
3273
+ name: "system_program",
3274
+ address: "11111111111111111111111111111111"
3275
+ }
3276
+ ],
3277
+ args: [
3278
+ {
3279
+ name: "proof_bytes",
3280
+ type: "bytes"
3281
+ },
3282
+ {
3283
+ name: "public_inputs",
3284
+ type: {
3285
+ vec: {
3286
+ array: [
3287
+ "u8",
3288
+ 32
3289
+ ]
3290
+ }
3291
+ }
3292
+ },
3293
+ {
3294
+ name: "nonce",
3295
+ type: {
3296
+ array: [
3297
+ "u8",
3298
+ 32
3299
+ ]
3300
+ }
3301
+ }
3302
+ ]
3303
+ }
3304
+ ],
3305
+ accounts: [
3306
+ {
3307
+ name: "Challenge",
3308
+ discriminator: [
3309
+ 119,
3310
+ 250,
3311
+ 161,
3312
+ 121,
3313
+ 119,
3314
+ 81,
3315
+ 22,
3316
+ 208
3317
+ ]
3318
+ },
3319
+ {
3320
+ name: "VerificationResult",
3321
+ discriminator: [
3322
+ 104,
3323
+ 111,
3324
+ 80,
3325
+ 172,
3326
+ 219,
3327
+ 191,
3328
+ 162,
3329
+ 38
3330
+ ]
3331
+ }
3332
+ ],
3333
+ events: [
3334
+ {
3335
+ name: "ChallengeCreated",
3336
+ discriminator: [
3337
+ 166,
3338
+ 178,
3339
+ 174,
3340
+ 178,
3341
+ 11,
3342
+ 172,
3343
+ 98,
3344
+ 243
3345
+ ]
3346
+ },
3347
+ {
3348
+ name: "VerificationComplete",
3349
+ discriminator: [
3350
+ 22,
3351
+ 74,
3352
+ 77,
3353
+ 232,
3354
+ 220,
3355
+ 46,
3356
+ 59,
3357
+ 120
3358
+ ]
3359
+ }
3360
+ ],
3361
+ errors: [
3362
+ {
3363
+ code: 6e3,
3364
+ name: "InvalidProofFormat",
3365
+ msg: "Invalid proof format"
3366
+ },
3367
+ {
3368
+ code: 6001,
3369
+ name: "ProofVerificationFailed",
3370
+ msg: "Proof verification failed"
3371
+ },
3372
+ {
3373
+ code: 6002,
3374
+ name: "ChallengeExpired",
3375
+ msg: "Challenge has expired"
3376
+ },
3377
+ {
3378
+ code: 6003,
3379
+ name: "ChallengeAlreadyUsed",
3380
+ msg: "Challenge already used"
3381
+ },
3382
+ {
3383
+ code: 6004,
3384
+ name: "InvalidPublicInputs",
3385
+ msg: "Invalid public inputs"
3386
+ },
3387
+ {
3388
+ code: 6005,
3389
+ name: "ChallengeNotUsed",
3390
+ msg: "Challenge must be used before closing"
3391
+ },
3392
+ {
3393
+ code: 6006,
3394
+ name: "InvalidNonce",
3395
+ msg: "Invalid nonce: must not be all zeros"
3396
+ },
3397
+ {
3398
+ code: 6007,
3399
+ name: "ArithmeticOverflow",
3400
+ msg: "Arithmetic overflow"
3401
+ }
3402
+ ],
3403
+ types: [
3404
+ {
3405
+ name: "Challenge",
3406
+ type: {
3407
+ kind: "struct",
3408
+ fields: [
3409
+ {
3410
+ name: "challenger",
3411
+ docs: [
3412
+ "The user who requested the challenge"
3413
+ ],
3414
+ type: "pubkey"
3415
+ },
3416
+ {
3417
+ name: "nonce",
3418
+ docs: [
3419
+ "Random nonce for anti-replay"
3420
+ ],
3421
+ type: {
3422
+ array: [
3423
+ "u8",
3424
+ 32
3425
+ ]
3426
+ }
3427
+ },
3428
+ {
3429
+ name: "created_at",
3430
+ docs: [
3431
+ "Unix timestamp when challenge was created"
3432
+ ],
3433
+ type: "i64"
3434
+ },
3435
+ {
3436
+ name: "expires_at",
3437
+ docs: [
3438
+ "Unix timestamp when challenge expires"
3439
+ ],
3440
+ type: "i64"
3441
+ },
3442
+ {
3443
+ name: "used",
3444
+ docs: [
3445
+ "Whether this challenge has been consumed"
3446
+ ],
3447
+ type: "bool"
3448
+ },
3449
+ {
3450
+ name: "bump",
3451
+ docs: [
3452
+ "PDA bump seed"
3453
+ ],
3454
+ type: "u8"
3455
+ }
3456
+ ]
3457
+ }
3458
+ },
3459
+ {
3460
+ name: "ChallengeCreated",
3461
+ type: {
3462
+ kind: "struct",
3463
+ fields: [
3464
+ {
3465
+ name: "challenger",
3466
+ type: "pubkey"
3467
+ },
3468
+ {
3469
+ name: "nonce",
3470
+ type: {
3471
+ array: [
3472
+ "u8",
3473
+ 32
3474
+ ]
3475
+ }
3476
+ },
3477
+ {
3478
+ name: "expires_at",
3479
+ type: "i64"
3480
+ }
3481
+ ]
3482
+ }
3483
+ },
3484
+ {
3485
+ name: "VerificationComplete",
3486
+ type: {
3487
+ kind: "struct",
3488
+ fields: [
3489
+ {
3490
+ name: "verifier",
3491
+ type: "pubkey"
3492
+ },
3493
+ {
3494
+ name: "is_valid",
3495
+ type: "bool"
3496
+ },
3497
+ {
3498
+ name: "nonce",
3499
+ type: {
3500
+ array: [
3501
+ "u8",
3502
+ 32
3503
+ ]
3504
+ }
3505
+ }
3506
+ ]
3507
+ }
3508
+ },
3509
+ {
3510
+ name: "VerificationResult",
3511
+ type: {
3512
+ kind: "struct",
3513
+ fields: [
3514
+ {
3515
+ name: "verifier",
3516
+ docs: [
3517
+ "Who submitted the proof"
3518
+ ],
3519
+ type: "pubkey"
3520
+ },
3521
+ {
3522
+ name: "proof_hash",
3523
+ docs: [
3524
+ "Hash of the proof bytes for audit trail"
3525
+ ],
3526
+ type: {
3527
+ array: [
3528
+ "u8",
3529
+ 32
3530
+ ]
3531
+ }
3532
+ },
3533
+ {
3534
+ name: "verified_at",
3535
+ docs: [
3536
+ "Unix timestamp of verification"
3537
+ ],
3538
+ type: "i64"
3539
+ },
3540
+ {
3541
+ name: "is_valid",
3542
+ docs: [
3543
+ "Whether the proof was valid.",
3544
+ "Always true for persisted records \u2014 invalid proofs revert the transaction",
3545
+ "and never create a VerificationResult. Retained for account layout stability."
3546
+ ],
3547
+ type: "bool"
3548
+ },
3549
+ {
3550
+ name: "challenge_nonce",
3551
+ docs: [
3552
+ "The challenge nonce that was consumed"
3553
+ ],
3554
+ type: {
3555
+ array: [
3556
+ "u8",
3557
+ 32
3558
+ ]
3559
+ }
3560
+ },
3561
+ {
3562
+ name: "bump",
3563
+ docs: [
3564
+ "PDA bump seed"
3565
+ ],
3566
+ type: "u8"
3567
+ },
3568
+ {
3569
+ name: "commitment_new",
3570
+ docs: [
3571
+ "New fingerprint commitment from public_inputs[0]. Read cross-program",
3572
+ "by entros-anchor::update_anchor to bind the proof to the identity update."
3573
+ ],
3574
+ type: {
3575
+ array: [
3576
+ "u8",
3577
+ 32
3578
+ ]
3579
+ }
3580
+ },
3581
+ {
3582
+ name: "commitment_prev",
3583
+ docs: [
3584
+ "Previous fingerprint commitment from public_inputs[1]. Read cross-program",
3585
+ "by entros-anchor::update_anchor to bind to the identity's stored commitment."
3586
+ ],
3587
+ type: {
3588
+ array: [
3589
+ "u8",
3590
+ 32
3591
+ ]
3592
+ }
3593
+ },
3594
+ {
3595
+ name: "threshold",
3596
+ docs: [
3597
+ "Hamming threshold from public_inputs[2]. Bounded at proof time to prevent",
3598
+ "attacker-chosen circuit parameters."
3599
+ ],
3600
+ type: "u16"
3601
+ },
3602
+ {
3603
+ name: "min_distance",
3604
+ docs: [
3605
+ "Hamming min_distance from public_inputs[3]. Bounded at proof time to",
3606
+ "prevent replay (Hamming=0) attacks via attacker-chosen min_distance=0."
3607
+ ],
3608
+ type: "u16"
3609
+ }
3610
+ ]
3611
+ }
3612
+ }
3613
+ ]
3614
+ };
3615
+
1367
3616
  // src/submit/receipt.ts
1368
3617
  var PUBKEY_BYTES = 32;
1369
3618
  var SIGNATURE_BYTES = 64;
@@ -1404,7 +3653,38 @@ async function buildEd25519ReceiptIx(receipt) {
1404
3653
  }
1405
3654
 
1406
3655
  // src/submit/wallet.ts
3656
+ async function confirmAndCheck(connection, signature) {
3657
+ if (!signature) {
3658
+ throw new Error("confirmAndCheck called without a transaction signature");
3659
+ }
3660
+ const confirmation = await connection.confirmTransaction(signature, "confirmed");
3661
+ if (confirmation?.value?.err != null) {
3662
+ throw new Error(
3663
+ `Transaction failed on chain: ${JSON.stringify(confirmation.value.err)} (sig=${signature})`
3664
+ );
3665
+ }
3666
+ }
1407
3667
  async function requestSasAttestation(wallet, walletAddress, relayerUrl, relayerApiKey, serverNonce) {
3668
+ if (!serverNonce) {
3669
+ sdkLog("[Entros SDK] Skipping SAS attestation: no server-issued nonce");
3670
+ return void 0;
3671
+ }
3672
+ if (!wallet?.signMessage) {
3673
+ sdkLog("[Entros SDK] Skipping SAS attestation: wallet does not support signMessage");
3674
+ return void 0;
3675
+ }
3676
+ let signature;
3677
+ let message;
3678
+ try {
3679
+ const timestamp = Math.floor(Date.now() / 1e3);
3680
+ message = `Entros-ATTEST:${walletAddress}:${timestamp}`;
3681
+ const messageBytes = new TextEncoder().encode(message);
3682
+ const sigBytes = await wallet.signMessage(messageBytes);
3683
+ signature = Array.from(sigBytes).map((b) => b.toString(16).padStart(2, "0")).join("");
3684
+ } catch {
3685
+ sdkWarn("[Entros SDK] Wallet signMessage failed, skipping SAS attestation");
3686
+ return void 0;
3687
+ }
1408
3688
  try {
1409
3689
  const attestHeaders = {
1410
3690
  "Content-Type": "application/json"
@@ -1416,21 +3696,12 @@ async function requestSasAttestation(wallet, walletAddress, relayerUrl, relayerA
1416
3696
  const timer = setTimeout(() => controller.abort(), 15e3);
1417
3697
  const baseUrl = new URL(relayerUrl);
1418
3698
  const attestUrl = `${baseUrl.origin}/attest`;
1419
- const attestBody = { wallet_address: walletAddress };
1420
- if (serverNonce) attestBody.nonce = serverNonce;
1421
- if (wallet?.signMessage) {
1422
- try {
1423
- const timestamp = Math.floor(Date.now() / 1e3);
1424
- const attestMessage = `Entros-ATTEST:${walletAddress}:${timestamp}`;
1425
- const messageBytes = new TextEncoder().encode(attestMessage);
1426
- const sigBytes = await wallet.signMessage(messageBytes);
1427
- const sigHex = Array.from(sigBytes).map((b) => b.toString(16).padStart(2, "0")).join("");
1428
- attestBody.signature = sigHex;
1429
- attestBody.message = attestMessage;
1430
- } catch {
1431
- sdkWarn("Wallet signMessage failed, skipping ownership proof");
1432
- }
1433
- }
3699
+ const attestBody = {
3700
+ wallet_address: walletAddress,
3701
+ nonce: serverNonce,
3702
+ signature,
3703
+ message
3704
+ };
1434
3705
  const attestRes = await fetch(attestUrl, {
1435
3706
  method: "POST",
1436
3707
  headers: attestHeaders,
@@ -1535,24 +3806,14 @@ async function submitViaWallet(proof, commitment, options) {
1535
3806
  [new TextEncoder().encode("protocol_treasury")],
1536
3807
  registryProgramId
1537
3808
  );
1538
- const [verifierIdl, anchorIdl] = await Promise.all([
1539
- anchor.Program.fetchIdl(verifierProgramId, provider),
1540
- anchor.Program.fetchIdl(anchorProgramId, provider)
1541
- ]);
1542
- if (!verifierIdl) {
1543
- return {
1544
- success: false,
1545
- error: `Failed to fetch entros-verifier IDL from Solana (program ${PROGRAM_IDS.entrosVerifier}). Check your RPC endpoint is reachable and on the correct cluster.`
1546
- };
1547
- }
1548
- if (!anchorIdl) {
1549
- return {
1550
- success: false,
1551
- error: `Failed to fetch entros-anchor IDL from Solana (program ${PROGRAM_IDS.entrosAnchor}). Check your RPC endpoint is reachable and on the correct cluster.`
1552
- };
1553
- }
1554
- const verifierProgram = new anchor.Program(verifierIdl, provider);
1555
- const anchorProgram = new anchor.Program(anchorIdl, provider);
3809
+ const verifierProgram = new anchor.Program(
3810
+ entros_verifier_default,
3811
+ provider
3812
+ );
3813
+ const anchorProgram = new anchor.Program(
3814
+ entros_anchor_default,
3815
+ provider
3816
+ );
1556
3817
  const { Buffer: SolBuffer } = await import("buffer");
1557
3818
  const createChallengeIx = await verifierProgram.methods.createChallenge(nonce).accounts({
1558
3819
  challenger: provider.wallet.publicKey,
@@ -1587,16 +3848,12 @@ async function submitViaWallet(proof, commitment, options) {
1587
3848
  txSig = await options.wallet.sendTransaction(tx, options.connection, {
1588
3849
  skipPreflight: true
1589
3850
  });
1590
- await options.connection.confirmTransaction(txSig, "confirmed");
3851
+ await confirmAndCheck(options.connection, txSig);
1591
3852
  } else {
1592
- const anchorIdl = await anchor.Program.fetchIdl(anchorProgramId, provider);
1593
- if (!anchorIdl) {
1594
- return {
1595
- success: false,
1596
- error: `Failed to fetch entros-anchor IDL from Solana (program ${PROGRAM_IDS.entrosAnchor}). Check your RPC endpoint is reachable and on the correct cluster.`
1597
- };
1598
- }
1599
- const anchorProgram = new anchor.Program(anchorIdl, provider);
3853
+ const anchorProgram = new anchor.Program(
3854
+ entros_anchor_default,
3855
+ provider
3856
+ );
1600
3857
  const [identityPda] = PublicKey.findProgramAddressSync(
1601
3858
  [new TextEncoder().encode("identity"), provider.wallet.publicKey.toBuffer()],
1602
3859
  anchorProgramId
@@ -1669,7 +3926,7 @@ async function submitViaWallet(proof, commitment, options) {
1669
3926
  txSig = await options.wallet.sendTransaction(tx, options.connection, {
1670
3927
  skipPreflight: true
1671
3928
  });
1672
- await options.connection.confirmTransaction(txSig, "confirmed");
3929
+ await confirmAndCheck(options.connection, txSig);
1673
3930
  }
1674
3931
  const attestationTx = options.relayerUrl ? await requestSasAttestation(
1675
3932
  options.wallet,
@@ -1706,14 +3963,10 @@ async function submitResetViaWallet(commitment, options) {
1706
3963
  [new TextEncoder().encode("protocol_treasury")],
1707
3964
  registryProgramId
1708
3965
  );
1709
- const anchorIdl = await anchor.Program.fetchIdl(anchorProgramId, provider);
1710
- if (!anchorIdl) {
1711
- return {
1712
- success: false,
1713
- error: `Failed to fetch entros-anchor IDL from Solana (program ${PROGRAM_IDS.entrosAnchor}). Check your RPC endpoint is reachable and on the correct cluster.`
1714
- };
1715
- }
1716
- const anchorProgram = new anchor.Program(anchorIdl, provider);
3966
+ const anchorProgram = new anchor.Program(
3967
+ entros_anchor_default,
3968
+ provider
3969
+ );
1717
3970
  const resetIx = await anchorProgram.methods.resetIdentityState(Array.from(commitment)).accounts({
1718
3971
  authority: provider.wallet.publicKey,
1719
3972
  identityState: identityPda,
@@ -1731,7 +3984,7 @@ async function submitResetViaWallet(commitment, options) {
1731
3984
  options.connection,
1732
3985
  { skipPreflight: true }
1733
3986
  );
1734
- await options.connection.confirmTransaction(txSig, "confirmed");
3987
+ await confirmAndCheck(options.connection, txSig);
1735
3988
  const attestationTx = options.relayerUrl ? await requestSasAttestation(
1736
3989
  options.wallet,
1737
3990
  provider.wallet.publicKey.toBase58(),
@@ -1941,11 +4194,7 @@ async function fetchIdentityState(walletPubkey, connection) {
1941
4194
  );
1942
4195
  const accountInfo = await connection.getAccountInfo(identityPda);
1943
4196
  if (!accountInfo) return null;
1944
- const idl = await anchor.Program.fetchIdl(programId, {
1945
- connection
1946
- });
1947
- if (!idl) return null;
1948
- const coder = new anchor.BorshAccountsCoder(idl);
4197
+ const coder = new anchor.BorshAccountsCoder(entros_anchor_default);
1949
4198
  const decoded = coder.decode("identityState", accountInfo.data);
1950
4199
  return {
1951
4200
  owner: decoded.owner.toBase58(),