@fogo/sessions-sdk 0.0.12 → 0.0.13

package/esm/index.js

@@ -1,28 +1,32 @@
 import { AnchorProvider, BorshAccountsCoder } from "@coral-xyz/anchor";
-import { DomainRegistryIdl, SessionManagerProgram, SessionManagerIdl, IntentTransferProgram, } from "@fogo/sessions-idls";
+import { DomainRegistryIdl, IntentTransferProgram, SessionManagerIdl, SessionManagerProgram, } from "@fogo/sessions-idls";
 import { findMetadataPda, safeFetchMetadata, } from "@metaplex-foundation/mpl-token-metadata";
 import { publicKey as metaplexPublicKey } from "@metaplex-foundation/umi";
 import { createUmi } from "@metaplex-foundation/umi-bundle-defaults";
 import { sha256 } from "@noble/hashes/sha2";
 import { fromLegacyPublicKey } from "@solana/compat";
-import { generateKeyPair, getAddressFromPublicKey, getProgramDerivedAddress, } from "@solana/kit";
+import { generateKeyPair, getAddressFromPublicKey, getProgramDerivedAddress, verifySignature, } from "@solana/kit";
 import { createAssociatedTokenAccountIdempotentInstruction, getAssociatedTokenAddressSync, getMint, } from "@solana/spl-token";
 import { Ed25519Program, PublicKey } from "@solana/web3.js";
 import BN from "bn.js";
+import bs58 from "bs58";
 import { z } from "zod";
 import { TransactionResultType } from "./adapter.js";
-export { TransactionResultType, createSolanaWalletAdapter, } from "./adapter.js";
+import { importKey, signMessageWithKey, verifyMessageWithKey, } from "./crypto.js";
+export { createSolanaWalletAdapter, TransactionResultType, } from "./adapter.js";
 const MESSAGE_HEADER = `Fogo Sessions:
 Signing this intent will allow this app to interact with your on-chain balances. Please make sure you trust this app and the domain in the message matches the domain of the current web application.
 `;
 const UNLIMITED_TOKEN_PERMISSIONS_VALUE = "this app may spend any amount of any token";
 const TOKENLESS_PERMISSIONS_VALUE = "this app may not spend any tokens";
 const CURRENT_MAJOR = "0";
-const CURRENT_MINOR = "1";
+const CURRENT_MINOR = "2";
 const CURRENT_INTENT_TRANSFER_MAJOR = "0";
 const CURRENT_INTENT_TRANSFER_MINOR = "1";
 export const establishSession = async (options) => {
-    const sessionKey = await generateKeyPair();
+    const sessionKey = options.createUnsafeExtractableSessionKey
+        ? await crypto.subtle.generateKey("Ed25519", true, ["sign", "verify"])
+        : await generateKeyPair();
     if (options.unlimited) {
         return sendSessionEstablishTransaction(options, sessionKey, await Promise.all([
             buildIntentInstruction(options, sessionKey),
@@ -63,6 +67,23 @@ export const replaceSession = async (options) => establishSession({
     ...options,
     walletPublicKey: options.session.walletPublicKey,
 });
+export const revokeSession = async (options) => {
+    if (options.session.sessionInfo.minor >= 2) {
+        const instruction = await new SessionManagerProgram(new AnchorProvider(options.adapter.connection, {}, {})).methods
+            .revokeSession()
+            .accounts({
+            sponsor: options.session.sessionInfo.sponsor,
+            session: options.session.sessionPublicKey,
+        })
+            .instruction();
+        return options.adapter.sendTransaction(options.session.sessionKey, [
+            instruction,
+        ]);
+    }
+    else {
+        return;
+    }
+};
 export const reestablishSession = async (adapter, walletPublicKey, sessionKey) => createSession(adapter, walletPublicKey, sessionKey);
 export const getSessionAccount = async (connection, sessionPublicKey) => {
     const result = await connection.getAccountInfo(sessionPublicKey);
@@ -86,49 +107,108 @@ const createSession = async (adapter, walletPublicKey, sessionKey) => {
 };
 const sessionInfoSchema = z
     .object({
-    session_info: z.object({
-        authorized_programs: z.union([
-            z.object({
-                Specific: z.object({
-                    0: z.array(z.object({
-                        program_id: z.instanceof(PublicKey),
-                        signer_pda: z.instanceof(PublicKey),
-                    })),
+    session_info: z.union([
+        z.object({
+            V1: z.object({
+                "0": z.object({
+                    authorized_programs: z.union([
+                        z.object({
+                            Specific: z.object({
+                                0: z.array(z.object({
+                                    program_id: z.instanceof(PublicKey),
+                                    signer_pda: z.instanceof(PublicKey),
+                                })),
+                            }),
+                        }),
+                        z.object({
+                            All: z.object({}),
+                        }),
+                    ]),
+                    authorized_tokens: z.union([
+                        z.object({ Specific: z.object({}) }),
+                        z.object({ All: z.object({}) }),
+                    ]),
+                    expiration: z.instanceof(BN),
+                    extra: z.object({
+                        0: z.unknown(),
+                    }),
+                    user: z.instanceof(PublicKey),
                 }),
             }),
-            z.object({
-                All: z.object({}),
+        }),
+        z.object({
+            V2: z.object({
+                "0": z.union([
+                    z.object({
+                        Revoked: z.instanceof(BN),
+                    }),
+                    z.object({
+                        Active: z.object({
+                            "0": z.object({
+                                authorized_programs: z.union([
+                                    z.object({
+                                        Specific: z.object({
+                                            0: z.array(z.object({
+                                                program_id: z.instanceof(PublicKey),
+                                                signer_pda: z.instanceof(PublicKey),
+                                            })),
+                                        }),
+                                    }),
+                                    z.object({
+                                        All: z.object({}),
+                                    }),
+                                ]),
+                                authorized_tokens: z.union([
+                                    z.object({ Specific: z.object({}) }),
+                                    z.object({ All: z.object({}) }),
+                                ]),
+                                expiration: z.instanceof(BN),
+                                extra: z.object({
+                                    0: z.unknown(),
+                                }),
+                                user: z.instanceof(PublicKey),
+                            }),
+                        }),
+                    }),
+                ]),
             }),
-        ]),
-        authorized_tokens: z.union([
-            z.object({ Specific: z.object({}) }),
-            z.object({ All: z.object({}) }),
-        ]),
-        expiration: z.instanceof(BN),
-        extra: z.object({
-            0: z.unknown(),
         }),
-        major: z.number(),
-        minor: z.number(),
-        user: z.instanceof(PublicKey),
-    }),
+    ]),
+    major: z.number(),
+    sponsor: z.instanceof(PublicKey),
 })
-    .transform(({ session_info }) => ({
-    authorizedPrograms: "All" in session_info.authorized_programs
-        ? AuthorizedPrograms.All()
-        : AuthorizedPrograms.Specific(session_info.authorized_programs.Specific[0].map(({ program_id, signer_pda }) => ({
-            programId: program_id,
-            signerPda: signer_pda,
-        }))),
-    authorizedTokens: "All" in session_info.authorized_tokens
-        ? AuthorizedTokens.All
-        : AuthorizedTokens.Specific,
-    expiration: new Date(Number(session_info.expiration) * 1000),
-    extra: session_info.extra[0],
-    major: session_info.major,
-    minor: session_info.minor,
-    user: session_info.user,
-}));
+    .transform(({ session_info, major, sponsor }) => {
+    let activeSessionInfo;
+    let minor;
+    if ("V1" in session_info) {
+        activeSessionInfo = session_info.V1["0"];
+        minor = 1;
+    }
+    else if ("Active" in session_info.V2["0"]) {
+        activeSessionInfo = session_info.V2["0"].Active["0"];
+        minor = 2;
+    }
+    else {
+        return;
+    }
+    return {
+        authorizedPrograms: "All" in activeSessionInfo.authorized_programs
+            ? AuthorizedPrograms.All()
+            : AuthorizedPrograms.Specific(activeSessionInfo.authorized_programs.Specific[0].map(({ program_id, signer_pda }) => ({
+                programId: program_id,
+                signerPda: signer_pda,
+            }))),
+        authorizedTokens: "All" in activeSessionInfo.authorized_tokens
+            ? AuthorizedTokens.All
+            : AuthorizedTokens.Specific,
+        expiration: new Date(Number(activeSessionInfo.expiration) * 1000),
+        extra: activeSessionInfo.extra[0],
+        major: major,
+        minor: minor,
+        user: activeSessionInfo.user,
+        sponsor,
+    };
+});
 export var AuthorizedProgramsType;
 (function (AuthorizedProgramsType) {
     AuthorizedProgramsType[AuthorizedProgramsType["All"] = 0] = "All";
@@ -181,6 +261,36 @@ const getTokenInfo = async (adapter, limits) => {
         };
     }));
 };
+const serializeU16LE = (value) => {
+    const result = new ArrayBuffer(2);
+    new DataView(result).setUint16(0, value, true); // littleEndian = true
+    return new Uint8Array(result);
+};
+// Some wallets add a prefix to the messag before signing, for example Ledger through Phantom
+const addOffchainMessagePrefixToMessageIfNeeded = async (walletPublicKey, signature, message) => {
+    const publicKey = await crypto.subtle.importKey("raw", walletPublicKey.toBytes(), { name: "Ed25519" }, true, ["verify"]);
+    if (await verifySignature(publicKey, signature, message)) {
+        return message;
+    }
+    else {
+        // Source: https://github.com/anza-xyz/solana-sdk/blob/master/offchain-message/src/lib.rs#L162
+        const messageWithOffchainMessagePrefix = Uint8Array.from([
+            // eslint-disable-next-line unicorn/number-literal-case
+            0xff,
+            ...new TextEncoder().encode("solana offchain"),
+            0,
+            1,
+            ...serializeU16LE(message.length),
+            ...message,
+        ]);
+        if (await verifySignature(publicKey, signature, messageWithOffchainMessagePrefix)) {
+            return messageWithOffchainMessagePrefix;
+        }
+        else {
+            throw new Error("The signature provided by the browser wallet is not valid");
+        }
+    }
+};
 const buildIntentInstruction = async (options, sessionKey, tokens) => {
     const message = await buildMessage({
         chainId: options.adapter.chainId,
@@ -194,7 +304,7 @@ const buildIntentInstruction = async (options, sessionKey, tokens) => {
     return Ed25519Program.createInstructionWithPublicKey({
         publicKey: options.walletPublicKey.toBytes(),
         signature: intentSignature,
-        message: message,
+        message: await addOffchainMessagePrefixToMessageIfNeeded(options.walletPublicKey, intentSignature, message),
     });
 };
 const buildMessage = async (body) => new TextEncoder().encode([
@@ -342,7 +452,7 @@ const buildTransferIntentInstruction = async (program, options, symbol) => {
     return Ed25519Program.createInstructionWithPublicKey({
         publicKey: options.walletPublicKey.toBytes(),
         signature: intentSignature,
-        message: message,
+        message: await addOffchainMessagePrefixToMessageIfNeeded(options.walletPublicKey, intentSignature, message),
     });
 };
 const getNonce = async (program, walletPublicKey) => {
@@ -352,3 +462,44 @@ const getNonce = async (program, walletPublicKey) => {
     });
     return program.account.nonce.fetchNullable(noncePda);
 };
+const loginTokenPayloadSchema = z.object({
+    iat: z.number(),
+    sessionPublicKey: z.string(),
+});
+/**
+ * Create a login token signed with the session key
+ * @param session - The session to create a login token for
+ * @returns The login token
+ */
+export const createLogInToken = async (session) => {
+    const payload = {
+        // ...we can pass any arbitrary data we want to sign here...
+        iat: Date.now(),
+        sessionPublicKey: session.sessionPublicKey.toBase58(),
+    };
+    const message = JSON.stringify(payload);
+    // Sign the payload with the session private key
+    const signature = await signMessageWithKey(session.sessionKey, message);
+    // Return base58(message) + base58(signature)
+    return `${bs58.encode(new TextEncoder().encode(message))}.${signature}`;
+};
+/**
+ * Verify a login token
+ * @param token - The login token to verify against the session public key
+ * @param connection - The connection to use to get the session account
+ * @returns The session account if the token is valid, otherwise undefined
+ */
+export const verifyLogInToken = async (token, connection) => {
+    const [rawMessage, signature] = token.split(".");
+    if (!rawMessage || !signature)
+        return;
+    // Decode + parse payload
+    const messageStr = new TextDecoder().decode(bs58.decode(rawMessage));
+    const payload = loginTokenPayloadSchema.parse(JSON.parse(messageStr));
+    // Verify signature with sessionPublicKey
+    const sessionCryptoKey = await importKey(payload.sessionPublicKey);
+    const isValid = await verifyMessageWithKey(sessionCryptoKey, messageStr, signature);
+    if (!isValid)
+        return;
+    return getSessionAccount(connection, new PublicKey(payload.sessionPublicKey));
+};

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@fogo/sessions-sdk",
-  "version": "0.0.12",
+  "version": "0.0.13",
   "description": "A set of utilities for integrating with Fogo sessions",
   "keywords": [
     "fogo",
@@ -24,16 +24,6 @@
         "types": "./cjs/index.d.ts",
         "default": "./cjs/index.js"
       }
-    },
-    "./paymaster": {
-      "import": {
-        "types": "./esm/paymaster.d.ts",
-        "default": "./esm/paymaster.js"
-      },
-      "require": {
-        "types": "./cjs/paymaster.d.ts",
-        "default": "./cjs/paymaster.js"
-      }
     }
   },
   "dependencies": {
@@ -48,6 +38,6 @@
     "bn.js": "^5.1.2",
     "bs58": "^6.0.0",
     "zod": "^3.25.62",
-    "@fogo/sessions-idls": "^0.0.4"
+    "@fogo/sessions-idls": "^0.0.5"
   }
 }

package/cjs/paymaster.d.ts

@@ -1,7 +0,0 @@
-import type { Transaction, Rpc, SolanaRpcApi } from "@solana/kit";
-import { Keypair } from "@solana/web3.js";
-export declare const sponsorAndSend: (rpc: Rpc<SolanaRpcApi>, sponsor: CryptoKeyPair, transaction: Transaction) => Promise<import("@solana/kit").Signature>;
-export declare const createPaymasterEndpoint: (options: {
-    rpc: string;
-    sponsor: Keypair;
-}) => Promise<(req: Request) => Promise<Response>>;

package/cjs/paymaster.js

@@ -1,51 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.createPaymasterEndpoint = exports.sponsorAndSend = void 0;
-const compat_1 = require("@solana/compat");
-const kit_1 = require("@solana/kit");
-const zod_1 = require("zod");
-const sponsorAndSend = async (rpc, sponsor, transaction) => rpc
-    .sendTransaction((0, kit_1.getBase64EncodedWireTransaction)(await (0, kit_1.signTransaction)([sponsor], transaction)), {
-    encoding: "base64",
-    skipPreflight: true,
-})
-    .send();
-exports.sponsorAndSend = sponsorAndSend;
-const createPaymasterEndpoint = async (options) => {
-    const rpc = (0, kit_1.createSolanaRpc)(options.rpc);
-    const sponsor = await (0, compat_1.fromLegacyKeypair)(options.sponsor);
-    return async (req) => {
-        const data = postBodySchema.parse(await req.json());
-        try {
-            const transaction = (0, kit_1.getTransactionDecoder)().decode((0, kit_1.getBase64Encoder)().encode(data.transaction));
-            try {
-                return new Response(await (0, exports.sponsorAndSend)(rpc, sponsor, transaction));
-            }
-            catch (error) {
-                // eslint-disable-next-line no-console
-                console.error(error);
-                return new Response(`Failed to sponsor and send: ${serializeError(error)}`, { status: 500 });
-            }
-        }
-        catch (error) {
-            // eslint-disable-next-line no-console
-            console.error(error);
-            return new Response("Failed to deserialize transaction", { status: 400 });
-        }
-    };
-};
-exports.createPaymasterEndpoint = createPaymasterEndpoint;
-const postBodySchema = zod_1.z.strictObject({
-    transaction: zod_1.z.string(),
-});
-const serializeError = (error) => {
-    if (error instanceof Error) {
-        return error.message;
-    }
-    else if (typeof error === "string") {
-        return error.toString();
-    }
-    else {
-        return "Unknown Error";
-    }
-};

package/esm/paymaster.d.ts

@@ -1,7 +0,0 @@
-import type { Transaction, Rpc, SolanaRpcApi } from "@solana/kit";
-import { Keypair } from "@solana/web3.js";
-export declare const sponsorAndSend: (rpc: Rpc<SolanaRpcApi>, sponsor: CryptoKeyPair, transaction: Transaction) => Promise<import("@solana/kit").Signature>;
-export declare const createPaymasterEndpoint: (options: {
-    rpc: string;
-    sponsor: Keypair;
-}) => Promise<(req: Request) => Promise<Response>>;

package/esm/paymaster.js

@@ -1,47 +0,0 @@
-import { fromLegacyKeypair } from "@solana/compat";
-import { signTransaction, createSolanaRpc, getBase64EncodedWireTransaction, getTransactionDecoder, getBase64Encoder, } from "@solana/kit";
-import { Keypair } from "@solana/web3.js";
-import { z } from "zod";
-export const sponsorAndSend = async (rpc, sponsor, transaction) => rpc
-    .sendTransaction(getBase64EncodedWireTransaction(await signTransaction([sponsor], transaction)), {
-    encoding: "base64",
-    skipPreflight: true,
-})
-    .send();
-export const createPaymasterEndpoint = async (options) => {
-    const rpc = createSolanaRpc(options.rpc);
-    const sponsor = await fromLegacyKeypair(options.sponsor);
-    return async (req) => {
-        const data = postBodySchema.parse(await req.json());
-        try {
-            const transaction = getTransactionDecoder().decode(getBase64Encoder().encode(data.transaction));
-            try {
-                return new Response(await sponsorAndSend(rpc, sponsor, transaction));
-            }
-            catch (error) {
-                // eslint-disable-next-line no-console
-                console.error(error);
-                return new Response(`Failed to sponsor and send: ${serializeError(error)}`, { status: 500 });
-            }
-        }
-        catch (error) {
-            // eslint-disable-next-line no-console
-            console.error(error);
-            return new Response("Failed to deserialize transaction", { status: 400 });
-        }
-    };
-};
-const postBodySchema = z.strictObject({
-    transaction: z.string(),
-});
-const serializeError = (error) => {
-    if (error instanceof Error) {
-        return error.message;
-    }
-    else if (typeof error === "string") {
-        return error.toString();
-    }
-    else {
-        return "Unknown Error";
-    }
-};