npm - @entros/pulse-sdk - Versions diffs - 3.3.0 → 3.4.0 - Mend

@entros/pulse-sdk 3.3.0 → 3.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/dist/index.mjs CHANGED Viewed

@@ -4645,6 +4645,7 @@ async function buildEd25519ReceiptIx(receipt) {
 }
 // src/identity/baseline.ts
+import { ed25519 } from "@noble/curves/ed25519";
 var BLOB_VERSION = 1;
 var ALGORITHM_AES_256_GCM = 1;
 var ENCRYPTED_BASELINE_BLOB_BYTES = 96;
@@ -4704,17 +4705,40 @@ async function deriveEncryptedBaselinePda(walletPubkey) {
     programId
   );
 }
+var WalletSignatureMismatchError = class extends Error {
+  constructor(expectedWallet) {
+    super(
+      `signMessage did not verify against the connected wallet ${expectedWallet}. A different wallet likely signed the prompt \u2014 disable other wallet extensions or set your selected wallet as the default, then retry.`
+    );
+    this.name = "WalletSignatureMismatchError";
+    this.expectedWallet = expectedWallet;
+  }
+};
 async function deriveBaselineKey(wallet) {
   if (typeof wallet.signMessage !== "function") {
     throw new Error("wallet does not support signMessage");
   }
   const message = buildDomainMessage(wallet.publicKey);
-  const signature = await wallet.signMessage(new TextEncoder().encode(message));
+  const messageBytes = new TextEncoder().encode(message);
+  const signature = await wallet.signMessage(messageBytes);
   if (!(signature instanceof Uint8Array) || signature.length !== 64) {
     throw new Error(
       `expected 64-byte Ed25519 signature, got ${signature?.length ?? "non-Uint8Array"}`
     );
   }
+  let signatureValid;
+  try {
+    signatureValid = ed25519.verify(
+      signature,
+      messageBytes,
+      wallet.publicKey.toBytes()
+    );
+  } catch {
+    signatureValid = false;
+  }
+  if (!signatureValid) {
+    throw new WalletSignatureMismatchError(wallet.publicKey.toBase58());
+  }
   const ikm = await crypto.subtle.importKey(
     "raw",
     signature,
@@ -5456,19 +5480,19 @@ async function fetchIdentityState(walletPubkey, connection) {
     const accountInfo = await connection.getAccountInfo(identityPda);
     if (!accountInfo) return null;
     const coder = new anchor.BorshAccountsCoder(entros_anchor_default);
-    const decoded = coder.decode("identityState", accountInfo.data);
+    const decoded = coder.decode("IdentityState", accountInfo.data);
     return {
       owner: decoded.owner.toBase58(),
-      creationTimestamp: decoded.creationTimestamp.toNumber(),
-      lastVerificationTimestamp: decoded.lastVerificationTimestamp.toNumber(),
-      verificationCount: decoded.verificationCount,
-      trustScore: decoded.trustScore,
-      currentCommitment: new Uint8Array(decoded.currentCommitment),
+      creationTimestamp: decoded.creation_timestamp.toNumber(),
+      lastVerificationTimestamp: decoded.last_verification_timestamp.toNumber(),
+      verificationCount: decoded.verification_count,
+      trustScore: decoded.trust_score,
+      currentCommitment: new Uint8Array(decoded.current_commitment),
       mint: decoded.mint.toBase58(),
       // Anchor's Borsh coder returns the raw BN for i64 fields; .toNumber()
       // is safe here because Unix timestamps fit in Number.MAX_SAFE_INTEGER
       // until year 275760.
-      lastResetTimestamp: decoded.lastResetTimestamp?.toNumber?.() ?? 0
+      lastResetTimestamp: decoded.last_reset_timestamp?.toNumber?.() ?? 0
     };
   } catch {
     return null;
@@ -5570,6 +5594,13 @@ async function recoverBaselineFromChain(wallet, connection) {
       key = await getOrDeriveBaselineKey(wallet);
     } catch (err) {
       const detail = err instanceof Error ? err.message : String(err);
+      if (err instanceof WalletSignatureMismatchError) {
+        return {
+          recovered: false,
+          reason: "wallet-mismatch",
+          detail
+        };
+      }
       return {
         recovered: false,
         reason: "signing-unavailable",
@@ -5849,6 +5880,7 @@ async function processSensorData(sensorData, config, wallet, connection, onProgr
   } else {
     isFirstVerification = !previousData;
   }
+  let walletMismatch = false;
   if (!isFirstVerification && !previousData && wallet && connection) {
     const baselineWallet = resolveBaselineWallet(wallet);
     if (baselineWallet) {
@@ -5858,6 +5890,7 @@ async function processSensorData(sensorData, config, wallet, connection, onProgr
         previousData = await loadVerificationData();
         sdkLog("[Entros SDK] On-chain encrypted baseline recovered");
       } else {
+        walletMismatch = recovery.reason === "wallet-mismatch";
         sdkLog(
           `[Entros SDK] On-chain encrypted baseline recovery not available (${recovery.reason ?? "unknown"})`
         );
@@ -5865,6 +5898,14 @@ async function processSensorData(sensorData, config, wallet, connection, onProgr
     }
   }
   if (!isFirstVerification && !previousData) {
+    if (walletMismatch) {
+      return {
+        success: false,
+        commitment: tbh.commitmentBytes,
+        isFirstVerification: false,
+        error: "A different wallet signed than the one connected. Another wallet extension likely intercepted the signature prompt. Sign with your connected wallet, or disable other wallet extensions (or unset their default), then try again."
+      };
+    }
     return {
       success: false,
       commitment: tbh.commitmentBytes,
@@ -6951,6 +6992,7 @@ export {
   SPEAKER_FEATURE_COUNT,
   StaleEncryptedBaselineError,
   TOUCH_FEATURE_COUNT,
+  WalletSignatureMismatchError,
   attestAgentOperator,
   bigintToBytes32,
   bytes32ToBigint,