@fileverse/api 0.0.13 → 0.0.14

package/dist/index.js

@@ -1373,13 +1373,114 @@ var init_key_store = __esm({
   }
 });
 
+// src/sdk/ucan.ts
+import { sign, extractPublicKeyFromSecretKey } from "@stablelib/ed25519";
+import { toUint8Array } from "js-base64";
+function base58btcEncode(bytes) {
+  const digits = [0];
+  for (const byte of bytes) {
+    let carry = byte;
+    for (let j = 0; j < digits.length; j++) {
+      carry += digits[j] << 8;
+      digits[j] = carry % 58;
+      carry = carry / 58 | 0;
+    }
+    while (carry > 0) {
+      digits.push(carry % 58);
+      carry = carry / 58 | 0;
+    }
+  }
+  let result = "";
+  for (let i = 0; i < bytes.length && bytes[i] === 0; i++) {
+    result += BASE58_ALPHABET[0];
+  }
+  for (let i = digits.length - 1; i >= 0; i--) {
+    result += BASE58_ALPHABET[digits[i]];
+  }
+  return result;
+}
+function base64urlEncode(data) {
+  const bytes = typeof data === "string" ? new TextEncoder().encode(data) : data;
+  let binary = "";
+  for (let i = 0; i < bytes.length; i++) {
+    binary += String.fromCharCode(bytes[i]);
+  }
+  return btoa(binary).replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
+}
+async function buildAndEncode(params) {
+  const {
+    issuer,
+    audience,
+    capabilities = [],
+    lifetimeInSeconds = 30,
+    expiration,
+    notBefore,
+    facts,
+    proofs = []
+  } = params;
+  const currentTime = Math.floor(Date.now() / 1e3);
+  const exp = expiration ?? currentTime + lifetimeInSeconds;
+  const header = { alg: issuer.jwtAlg, typ: "JWT", ucv: "0.8.1" };
+  const att = capabilities.map((cap) => ({
+    with: `${cap.with.scheme}:${cap.with.hierPart}`,
+    can: [cap.can.namespace, ...cap.can.segments].join("/")
+  }));
+  const payload = {
+    iss: issuer.did(),
+    aud: audience,
+    exp,
+    att,
+    prf: proofs
+  };
+  if (notBefore !== void 0) payload.nbf = notBefore;
+  if (facts !== void 0) payload.fct = facts;
+  const encodedHeader = base64urlEncode(JSON.stringify(header));
+  const encodedPayload = base64urlEncode(JSON.stringify(payload));
+  const signedData = `${encodedHeader}.${encodedPayload}`;
+  const sig = await issuer.sign(new TextEncoder().encode(signedData));
+  const signature = base64urlEncode(sig);
+  return `${signedData}.${signature}`;
+}
+var BASE58_ALPHABET, EDWARDS_DID_PREFIX, EdKeypair;
+var init_ucan = __esm({
+  "src/sdk/ucan.ts"() {
+    "use strict";
+    init_esm_shims();
+    BASE58_ALPHABET = "123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz";
+    EDWARDS_DID_PREFIX = new Uint8Array([237, 1]);
+    EdKeypair = class _EdKeypair {
+      jwtAlg = "EdDSA";
+      secretKey;
+      publicKey;
+      constructor(secretKey, publicKey) {
+        this.secretKey = secretKey;
+        this.publicKey = publicKey;
+      }
+      static fromSecretKey(key) {
+        const secretKey = toUint8Array(key);
+        const publicKey = extractPublicKeyFromSecretKey(secretKey);
+        return new _EdKeypair(secretKey, publicKey);
+      }
+      did() {
+        const bytes = new Uint8Array(EDWARDS_DID_PREFIX.length + this.publicKey.length);
+        bytes.set(EDWARDS_DID_PREFIX);
+        bytes.set(this.publicKey, EDWARDS_DID_PREFIX.length);
+        return "did:key:z" + base58btcEncode(bytes);
+      }
+      async sign(msg) {
+        return sign(this.secretKey, msg);
+      }
+    };
+  }
+});
+
 // src/sdk/auth-token-provider.ts
-import * as ucans from "@ucans/ucans";
 var AuthTokenProvider;
 var init_auth_token_provider = __esm({
   "src/sdk/auth-token-provider.ts"() {
     "use strict";
     init_esm_shims();
+    init_ucan();
     AuthTokenProvider = class {
       DEFAULT_OPTIONS = {
         namespace: "file",
@@ -1393,7 +1494,7 @@ var init_auth_token_provider = __esm({
         this.portalAddress = portalAddress;
       }
       async getAuthToken(audienceDid, options = this.DEFAULT_OPTIONS) {
-        const ucan = await ucans.build({
+        return buildAndEncode({
           audience: audienceDid,
           issuer: this.keyPair,
           lifetimeInSeconds: 7 * 86400,
@@ -1407,7 +1508,6 @@ var init_auth_token_provider = __esm({
             }
           ]
         });
-        return ucans.encode(ucan);
       }
     };
   }
@@ -2581,7 +2681,7 @@ import { derivePBKDF2Key, encryptAesCBC } from "@fileverse/crypto/kdf";
 import { secretBoxEncrypt } from "@fileverse/crypto/nacl";
 import hkdf from "futoin-hkdf";
 import tweetnacl from "tweetnacl";
-import { fromUint8Array, toUint8Array } from "js-base64";
+import { fromUint8Array, toUint8Array as toUint8Array2 } from "js-base64";
 import { toAESKey, aesEncrypt } from "@fileverse/crypto/webcrypto";
 import axios from "axios";
 import { encodeFunctionData, parseEventLogs } from "viem";
@@ -2599,15 +2699,15 @@ var init_file_utils = __esm({
       });
     };
     getExistingEncryptionMaterial = async (existingEncryptedSecretKey, existingNonce, docId) => {
-      const derivedKey = await deriveKeyFromAg2Hash(docId, toUint8Array(existingNonce));
+      const derivedKey = await deriveKeyFromAg2Hash(docId, toUint8Array2(existingNonce));
       const secretKey = tweetnacl.secretbox.open(
-        toUint8Array(existingEncryptedSecretKey),
-        toUint8Array(existingNonce),
+        toUint8Array2(existingEncryptedSecretKey),
+        toUint8Array2(existingNonce),
         derivedKey
       );
       return {
         encryptedSecretKey: existingEncryptedSecretKey,
-        nonce: toUint8Array(existingNonce),
+        nonce: toUint8Array2(existingNonce),
         secretKey,
         derivedKey: new Uint8Array(derivedKey)
       };
@@ -2660,8 +2760,8 @@ var init_file_utils = __esm({
       const encryptedBlob = new Blob([ciphertext], { type: file2.type });
       const encryptedBlobWithAuthTagIv = await appendAuthTagIvToBlob(
         encryptedBlob,
-        toUint8Array(authTag),
-        toUint8Array(iv)
+        toUint8Array2(authTag),
+        toUint8Array2(iv)
       );
       return {
         encryptedFile: new File([encryptedBlobWithAuthTagIv], file2.name),
@@ -2707,7 +2807,7 @@ var init_file_utils = __esm({
       };
     };
     encryptTitleWithFileKey = async (args) => {
-      const key = await toAESKey(toUint8Array(args.key));
+      const key = await toAESKey(toUint8Array2(args.key));
       if (!key) throw new Error("Key is undefined");
       const titleBytes = new TextEncoder().encode(args.title);
       const encryptedTitle = await aesEncrypt(key, titleBytes, "base64");
@@ -2825,7 +2925,7 @@ var init_file_utils = __esm({
 });
 
 // src/sdk/file-manager.ts
-import { fromUint8Array as fromUint8Array2, toUint8Array as toUint8Array2 } from "js-base64";
+import { fromUint8Array as fromUint8Array2, toUint8Array as toUint8Array3 } from "js-base64";
 import { generateAESKey, exportAESKey } from "@fileverse/crypto/webcrypto";
 import { markdownToYjs } from "@fileverse/content-processor";
 var FileManager;
@@ -2846,8 +2946,8 @@ var init_file_manager = __esm({
       }
       createLocks(key, encryptedSecretKey, commentKey) {
         const appLock = {
-          lockedFileKey: this.keyStore.encryptData(toUint8Array2(key)),
-          lockedLinkKey: this.keyStore.encryptData(toUint8Array2(encryptedSecretKey)),
+          lockedFileKey: this.keyStore.encryptData(toUint8Array3(key)),
+          lockedLinkKey: this.keyStore.encryptData(toUint8Array3(encryptedSecretKey)),
           lockedChatKey: this.keyStore.encryptData(commentKey)
         };
         return { appLock, ownerLock: { ...appLock } };
@@ -2884,8 +2984,8 @@ var init_file_manager = __esm({
         console.log("Submitting add file trx");
         logger.debug(`Preparing to add file ${file2.ddocId}`);
         const encryptedSecretKey = file2.linkKey;
-        const nonce = toUint8Array2(file2.linkKeyNonce);
-        const secretKey = toUint8Array2(file2.secretKey);
+        const nonce = toUint8Array3(file2.linkKeyNonce);
+        const secretKey = toUint8Array3(file2.secretKey);
         console.log("Got encrypted secret key, nonce, and secret key");
         const yJSContent = markdownToYjs(file2.content);
         console.log("Generated yjs content");
@@ -2896,7 +2996,7 @@ var init_file_manager = __esm({
         console.log("Generated comment key");
         const { appLock, ownerLock } = this.createLocks(key, encryptedSecretKey, commentKey);
         console.log("Built app lock and owner lock");
-        const linkLock = buildLinklock(secretKey, toUint8Array2(key), commentKey);
+        const linkLock = buildLinklock(secretKey, toUint8Array3(key), commentKey);
         console.log("Built link lock");
         const encryptedTitle = await encryptTitleWithFileKey({
           title: file2.title || "Untitled",
@@ -2945,13 +3045,13 @@ var init_file_manager = __esm({
       async submitUpdateFile(file2) {
         logger.debug(`Submitting update for file ${file2.ddocId} with onChainFileId ${file2.onChainFileId}`);
         const encryptedSecretKey = file2.linkKey;
-        const nonce = toUint8Array2(file2.linkKeyNonce);
-        const secretKey = toUint8Array2(file2.secretKey);
+        const nonce = toUint8Array3(file2.linkKeyNonce);
+        const secretKey = toUint8Array3(file2.secretKey);
         const yjsContent = markdownToYjs(file2.content);
         const { encryptedFile, key } = await createEncryptedContentFile(yjsContent);
-        const commentKey = toUint8Array2(file2.commentKey);
+        const commentKey = toUint8Array3(file2.commentKey);
         const { appLock, ownerLock } = this.createLocks(key, encryptedSecretKey, commentKey);
-        const linkLock = buildLinklock(secretKey, toUint8Array2(key), commentKey);
+        const linkLock = buildLinklock(secretKey, toUint8Array3(key), commentKey);
         const encryptedTitle = await encryptTitleWithFileKey({
           title: file2.title || "Untitled",
           key
@@ -2993,14 +3093,14 @@ var init_file_manager = __esm({
       async updateFile(file2) {
         logger.debug(`Updating file ${file2.ddocId} with onChainFileId ${file2.onChainFileId}`);
         const encryptedSecretKey = file2.linkKey;
-        const nonce = toUint8Array2(file2.linkKeyNonce);
-        const secretKey = toUint8Array2(file2.secretKey);
+        const nonce = toUint8Array3(file2.linkKeyNonce);
+        const secretKey = toUint8Array3(file2.secretKey);
         logger.debug(`Generating encrypted content file for file ${file2.ddocId} with onChainFileId ${file2.onChainFileId}`);
         const yjsContent = markdownToYjs(file2.content);
         const { encryptedFile, key } = await createEncryptedContentFile(yjsContent);
-        const commentKey = toUint8Array2(file2.commentKey);
+        const commentKey = toUint8Array3(file2.commentKey);
         const { appLock, ownerLock } = this.createLocks(key, encryptedSecretKey, commentKey);
-        const linkLock = buildLinklock(secretKey, toUint8Array2(key), commentKey);
+        const linkLock = buildLinklock(secretKey, toUint8Array3(key), commentKey);
         const encryptedTitle = await encryptTitleWithFileKey({
           title: file2.title || "Untitled",
           key
@@ -3052,11 +3152,10 @@ var init_file_manager = __esm({
 });
 
 // src/domain/portal/publish.ts
-import { fromUint8Array as fromUint8Array3, toUint8Array as toUint8Array3 } from "js-base64";
+import { fromUint8Array as fromUint8Array3, toUint8Array as toUint8Array4 } from "js-base64";
 import { stringToBytes } from "viem";
 import { deriveHKDFKey } from "@fileverse/crypto/kdf";
 import { generateKeyPairFromSeed } from "@stablelib/ed25519";
-import * as ucans2 from "@ucans/ucans";
 async function getPortalData(fileId) {
   const file2 = await FilesModel.findByIdIncludingDeleted(fileId);
   if (!file2) {
@@ -3088,16 +3187,15 @@ var init_publish = __esm({
     init_infra();
     init_key_store();
     init_auth_token_provider();
+    init_ucan();
     init_smart_agent();
     init_file_manager();
     init_config();
     init_pimlico_utils();
     createFileManager = async (portalSeed, portalAddress, ucanSecret, privateAccountKey) => {
-      const keyPair = ucans2.EdKeypair.fromSecretKey(fromUint8Array3(ucanSecret), {
-        exportable: true
-      });
+      const keyPair = EdKeypair.fromSecretKey(fromUint8Array3(ucanSecret));
       const authTokenProvider = new AuthTokenProvider(keyPair, portalAddress);
-      const keyStore = new KeyStore(toUint8Array3(portalSeed), portalAddress, authTokenProvider);
+      const keyStore = new KeyStore(toUint8Array4(portalSeed), portalAddress, authTokenProvider);
       const agentClient = new AgentClient(authTokenProvider);
       await agentClient.initializeAgentClient(privateAccountKey);
       return new FileManager(keyStore, agentClient);
@@ -3116,7 +3214,7 @@ var init_publish = __esm({
     handleExistingFileOp = async (fileId, operation) => {
       try {
         const { file: file2, portalDetails, apiKey } = await getPortalData(fileId);
-        const apiKeySeed = toUint8Array3(apiKey);
+        const apiKeySeed = toUint8Array4(apiKey);
         const { privateAccountKey, ucanSecret } = deriveCollaboratorKeys(apiKeySeed);
         const fileManager = await createFileManager(
           portalDetails.portalSeed,
@@ -3133,7 +3231,7 @@ var init_publish = __esm({
     handleNewFileOp = async (fileId) => {
       const { file: file2, portalDetails, apiKey } = await getPortalData(fileId);
       console.log("Got portal data");
-      const apiKeySeed = toUint8Array3(apiKey);
+      const apiKeySeed = toUint8Array4(apiKey);
       const { privateAccountKey, ucanSecret } = deriveCollaboratorKeys(apiKeySeed);
       console.log("Derived collaborator keys");
       const fileManager = await createFileManager(
@@ -3147,7 +3245,7 @@ var init_publish = __esm({
     };
     getProxyAuthParams = async (fileId) => {
       const { portalDetails, apiKey } = await getPortalData(fileId);
-      const apiKeySeed = toUint8Array3(apiKey);
+      const apiKeySeed = toUint8Array4(apiKey);
       const { privateAccountKey, ucanSecret } = deriveCollaboratorKeys(apiKeySeed);
       const fileManager = await createFileManager(
         portalDetails.portalSeed,
@@ -3753,11 +3851,11 @@ init_esm_shims();
 init_esm_shims();
 init_constants();
 import axios2 from "axios";
-import { toUint8Array as toUint8Array4 } from "js-base64";
+import { toUint8Array as toUint8Array5 } from "js-base64";
 import { sha256 } from "viem";
 var fetchApiKeyData = async (apiKey) => {
   try {
-    const keyHash = sha256(toUint8Array4(apiKey));
+    const keyHash = sha256(toUint8Array5(apiKey));
     const fullUrl = BASE_CONFIG.API_URL + `api-access/${keyHash}`;
     const response = await axios2.get(fullUrl);
     const { encryptedKeyMaterial, encryptedAppMaterial, id } = response.data;
@@ -3785,7 +3883,7 @@ init_saveApiKey();
 init_apikeys_model();
 init_infra();
 import { deriveHKDFKey as deriveHKDFKey2 } from "@fileverse/crypto/hkdf";
-import { toUint8Array as toUint8Array5 } from "js-base64";
+import { toUint8Array as toUint8Array6 } from "js-base64";
 import { stringToBytes as stringToBytes2 } from "viem";
 import { toAESKey as toAESKey2, aesDecrypt } from "@fileverse/crypto/webcrypto";
 var SAVED_DATA_ENCRYPTION_KEY_INFO = "SAVED_DATA_ENCRYPTION_KEY";
@@ -3810,7 +3908,7 @@ async function initializeWithData(data) {
 }
 var getAesKeyFromApiKey = async (apiKey) => {
   const rawSecret = deriveHKDFKey2(
-    toUint8Array5(apiKey),
+    toUint8Array6(apiKey),
     new Uint8Array([0]),
     stringToBytes2(SAVED_DATA_ENCRYPTION_KEY_INFO)
   );
@@ -3821,7 +3919,7 @@ var bytestToJSON = (bytes) => {
 };
 var decryptSavedData = async (apiKey, encryptedData) => {
   const aesKey = await getAesKeyFromApiKey(apiKey);
-  const decryptedBytes = await aesDecrypt(aesKey, toUint8Array5(encryptedData));
+  const decryptedBytes = await aesDecrypt(aesKey, toUint8Array6(encryptedData));
   const data = bytestToJSON(decryptedBytes);
   return data;
 };
@@ -4745,7 +4843,7 @@ __export(external_exports, {
   e164: () => e1642,
   email: () => email2,
   emoji: () => emoji2,
-  encode: () => encode3,
+  encode: () => encode2,
   encodeAsync: () => encodeAsync2,
   endsWith: () => _endsWith,
   enum: () => _enum2,
@@ -5119,7 +5217,7 @@ __export(core_exports2, {
   decode: () => decode,
   decodeAsync: () => decodeAsync,
   describe: () => describe,
-  encode: () => encode2,
+  encode: () => encode,
   encodeAsync: () => encodeAsync,
   extractDefs: () => extractDefs,
   finalize: () => finalize,
@@ -6106,7 +6204,7 @@ var _encode = (_Err) => (schema, value, _ctx) => {
   const ctx = _ctx ? Object.assign(_ctx, { direction: "backward" }) : { direction: "backward" };
   return _parse(_Err)(schema, value, ctx);
 };
-var encode2 = /* @__PURE__ */ _encode($ZodRealError);
+var encode = /* @__PURE__ */ _encode($ZodRealError);
 var _decode = (_Err) => (schema, value, _ctx) => {
   return _parse(_Err)(schema, value, _ctx);
 };
@@ -16870,7 +16968,7 @@ var parse2 = /* @__PURE__ */ _parse(ZodRealError);
 var parseAsync2 = /* @__PURE__ */ _parseAsync(ZodRealError);
 var safeParse2 = /* @__PURE__ */ _safeParse(ZodRealError);
 var safeParseAsync2 = /* @__PURE__ */ _safeParseAsync(ZodRealError);
-var encode3 = /* @__PURE__ */ _encode(ZodRealError);
+var encode2 = /* @__PURE__ */ _encode(ZodRealError);
 var decode2 = /* @__PURE__ */ _decode(ZodRealError);
 var encodeAsync2 = /* @__PURE__ */ _encodeAsync(ZodRealError);
 var decodeAsync2 = /* @__PURE__ */ _decodeAsync(ZodRealError);
@@ -16914,7 +17012,7 @@ var ZodType = /* @__PURE__ */ $constructor("ZodType", (inst, def) => {
   inst.parseAsync = async (data, params) => parseAsync2(inst, data, params, { callee: inst.parseAsync });
   inst.safeParseAsync = async (data, params) => safeParseAsync2(inst, data, params);
   inst.spa = inst.safeParseAsync;
-  inst.encode = (data, params) => encode3(inst, data, params);
+  inst.encode = (data, params) => encode2(inst, data, params);
   inst.decode = (data, params) => decode2(inst, data, params);
   inst.encodeAsync = async (data, params) => encodeAsync2(inst, data, params);
   inst.decodeAsync = async (data, params) => decodeAsync2(inst, data, params);