npm - @fogo/sessions-sdk - Versions diffs - 0.0.12 → 0.0.14 - Mend

@fogo/sessions-sdk 0.0.12 → 0.0.14

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (15) hide show

package/esm/index.js CHANGED Viewed

@@ -1,28 +1,32 @@
 import { AnchorProvider, BorshAccountsCoder } from "@coral-xyz/anchor";
-import { DomainRegistryIdl, SessionManagerProgram, SessionManagerIdl, IntentTransferProgram, } from "@fogo/sessions-idls";
+import { DomainRegistryIdl, IntentTransferProgram, SessionManagerIdl, SessionManagerProgram, } from "@fogo/sessions-idls";
 import { findMetadataPda, safeFetchMetadata, } from "@metaplex-foundation/mpl-token-metadata";
 import { publicKey as metaplexPublicKey } from "@metaplex-foundation/umi";
 import { createUmi } from "@metaplex-foundation/umi-bundle-defaults";
 import { sha256 } from "@noble/hashes/sha2";
 import { fromLegacyPublicKey } from "@solana/compat";
-import { generateKeyPair, getAddressFromPublicKey, getProgramDerivedAddress, } from "@solana/kit";
+import { generateKeyPair, getAddressFromPublicKey, getProgramDerivedAddress, verifySignature, } from "@solana/kit";
 import { createAssociatedTokenAccountIdempotentInstruction, getAssociatedTokenAddressSync, getMint, } from "@solana/spl-token";
 import { Ed25519Program, PublicKey } from "@solana/web3.js";
 import BN from "bn.js";
+import bs58 from "bs58";
 import { z } from "zod";
 import { TransactionResultType } from "./adapter.js";
-export { TransactionResultType, createSolanaWalletAdapter, } from "./adapter.js";
+import { importKey, signMessageWithKey, verifyMessageWithKey, } from "./crypto.js";
+export { createSolanaWalletAdapter, TransactionResultType, } from "./adapter.js";
 const MESSAGE_HEADER = `Fogo Sessions:
 Signing this intent will allow this app to interact with your on-chain balances. Please make sure you trust this app and the domain in the message matches the domain of the current web application.
 `;
 const UNLIMITED_TOKEN_PERMISSIONS_VALUE = "this app may spend any amount of any token";
 const TOKENLESS_PERMISSIONS_VALUE = "this app may not spend any tokens";
 const CURRENT_MAJOR = "0";
-const CURRENT_MINOR = "1";
+const CURRENT_MINOR = "3";
 const CURRENT_INTENT_TRANSFER_MAJOR = "0";
 const CURRENT_INTENT_TRANSFER_MINOR = "1";
 export const establishSession = async (options) => {
-    const sessionKey = await generateKeyPair();
+    const sessionKey = options.createUnsafeExtractableSessionKey
+        ? await crypto.subtle.generateKey("Ed25519", true, ["sign", "verify"])
+        : await generateKeyPair();
     if (options.unlimited) {
         return sendSessionEstablishTransaction(options, sessionKey, await Promise.all([
             buildIntentInstruction(options, sessionKey),
@@ -63,9 +67,26 @@ export const replaceSession = async (options) => establishSession({
     ...options,
     walletPublicKey: options.session.walletPublicKey,
 });
+export const revokeSession = async (options) => {
+    if (options.session.sessionInfo.minor >= 2) {
+        const instruction = await new SessionManagerProgram(new AnchorProvider(options.adapter.connection, {}, {})).methods
+            .revokeSession()
+            .accounts({
+            sponsor: options.session.sessionInfo.sponsor,
+            session: options.session.sessionPublicKey,
+        })
+            .instruction();
+        return options.adapter.sendTransaction(options.session.sessionKey, [
+            instruction,
+        ]);
+    }
+    else {
+        return;
+    }
+};
 export const reestablishSession = async (adapter, walletPublicKey, sessionKey) => createSession(adapter, walletPublicKey, sessionKey);
 export const getSessionAccount = async (connection, sessionPublicKey) => {
-    const result = await connection.getAccountInfo(sessionPublicKey);
+    const result = await connection.getAccountInfo(sessionPublicKey, "confirmed");
     return result === null
         ? undefined
         : sessionInfoSchema.parse(new BorshAccountsCoder(SessionManagerIdl).decode("Session", result.data));
@@ -86,49 +107,153 @@ const createSession = async (adapter, walletPublicKey, sessionKey) => {
 };
 const sessionInfoSchema = z
     .object({
-    session_info: z.object({
-        authorized_programs: z.union([
-            z.object({
-                Specific: z.object({
-                    0: z.array(z.object({
-                        program_id: z.instanceof(PublicKey),
-                        signer_pda: z.instanceof(PublicKey),
-                    })),
+    session_info: z.union([
+        z.object({
+            V1: z.object({
+                "0": z.object({
+                    authorized_programs: z.union([
+                        z.object({
+                            Specific: z.object({
+                                0: z.array(z.object({
+                                    program_id: z.instanceof(PublicKey),
+                                    signer_pda: z.instanceof(PublicKey),
+                                })),
+                            }),
+                        }),
+                        z.object({
+                            All: z.object({}),
+                        }),
+                    ]),
+                    authorized_tokens: z.union([
+                        z.object({ Specific: z.object({}) }),
+                        z.object({ All: z.object({}) }),
+                    ]),
+                    expiration: z.instanceof(BN),
+                    extra: z.object({
+                        0: z.unknown(),
+                    }),
+                    user: z.instanceof(PublicKey),
                 }),
             }),
-            z.object({
-                All: z.object({}),
+        }),
+        z.object({
+            V2: z.object({
+                "0": z.union([
+                    z.object({
+                        Revoked: z.instanceof(BN),
+                    }),
+                    z.object({
+                        Active: z.object({
+                            "0": z.object({
+                                authorized_programs: z.union([
+                                    z.object({
+                                        Specific: z.object({
+                                            0: z.array(z.object({
+                                                program_id: z.instanceof(PublicKey),
+                                                signer_pda: z.instanceof(PublicKey),
+                                            })),
+                                        }),
+                                    }),
+                                    z.object({
+                                        All: z.object({}),
+                                    }),
+                                ]),
+                                authorized_tokens: z.union([
+                                    z.object({ Specific: z.object({}) }),
+                                    z.object({ All: z.object({}) }),
+                                ]),
+                                expiration: z.instanceof(BN),
+                                extra: z.object({
+                                    0: z.unknown(),
+                                }),
+                                user: z.instanceof(PublicKey),
+                            }),
+                        }),
+                    }),
+                ]),
             }),
-        ]),
-        authorized_tokens: z.union([
-            z.object({ Specific: z.object({}) }),
-            z.object({ All: z.object({}) }),
-        ]),
-        expiration: z.instanceof(BN),
-        extra: z.object({
-            0: z.unknown(),
         }),
-        major: z.number(),
-        minor: z.number(),
-        user: z.instanceof(PublicKey),
-    }),
+        z.object({
+            V3: z.object({
+                "0": z.union([
+                    z.object({
+                        Revoked: z.instanceof(BN),
+                    }),
+                    z.object({
+                        Active: z.object({
+                            "0": z.object({
+                                authorized_programs: z.union([
+                                    z.object({
+                                        Specific: z.object({
+                                            0: z.array(z.object({
+                                                program_id: z.instanceof(PublicKey),
+                                                signer_pda: z.instanceof(PublicKey),
+                                            })),
+                                        }),
+                                    }),
+                                    z.object({
+                                        All: z.object({}),
+                                    }),
+                                ]),
+                                authorized_tokens: z.union([
+                                    z.object({
+                                        Specific: z.object({
+                                            "0": z.array(z.instanceof(PublicKey)),
+                                        }),
+                                    }),
+                                    z.object({ All: z.object({}) }),
+                                ]),
+                                expiration: z.instanceof(BN),
+                                extra: z.object({
+                                    0: z.unknown(),
+                                }),
+                                user: z.instanceof(PublicKey),
+                            }),
+                        }),
+                    }),
+                ]),
+            }),
+        }),
+    ]),
+    major: z.number(),
+    sponsor: z.instanceof(PublicKey),
 })
-    .transform(({ session_info }) => ({
-    authorizedPrograms: "All" in session_info.authorized_programs
-        ? AuthorizedPrograms.All()
-        : AuthorizedPrograms.Specific(session_info.authorized_programs.Specific[0].map(({ program_id, signer_pda }) => ({
-            programId: program_id,
-            signerPda: signer_pda,
-        }))),
-    authorizedTokens: "All" in session_info.authorized_tokens
-        ? AuthorizedTokens.All
-        : AuthorizedTokens.Specific,
-    expiration: new Date(Number(session_info.expiration) * 1000),
-    extra: session_info.extra[0],
-    major: session_info.major,
-    minor: session_info.minor,
-    user: session_info.user,
-}));
+    .transform(({ session_info, major, sponsor }) => {
+    let activeSessionInfo;
+    let minor;
+    if ("V1" in session_info) {
+        activeSessionInfo = session_info.V1["0"];
+        minor = 1;
+    }
+    else if ("V2" in session_info && "Active" in session_info.V2["0"]) {
+        activeSessionInfo = session_info.V2["0"].Active["0"];
+        minor = 2;
+    }
+    else if ("V3" in session_info && "Active" in session_info.V3["0"]) {
+        activeSessionInfo = session_info.V3["0"].Active["0"];
+        minor = 3;
+    }
+    else {
+        return;
+    }
+    return {
+        authorizedPrograms: "All" in activeSessionInfo.authorized_programs
+            ? AuthorizedPrograms.All()
+            : AuthorizedPrograms.Specific(activeSessionInfo.authorized_programs.Specific[0].map(({ program_id, signer_pda }) => ({
+                programId: program_id,
+                signerPda: signer_pda,
+            }))),
+        authorizedTokens: "All" in activeSessionInfo.authorized_tokens
+            ? AuthorizedTokens.All
+            : AuthorizedTokens.Specific,
+        expiration: new Date(Number(activeSessionInfo.expiration) * 1000),
+        extra: activeSessionInfo.extra[0],
+        major: major,
+        minor: minor,
+        user: activeSessionInfo.user,
+        sponsor,
+    };
+});
 export var AuthorizedProgramsType;
 (function (AuthorizedProgramsType) {
     AuthorizedProgramsType[AuthorizedProgramsType["All"] = 0] = "All";
@@ -181,6 +306,36 @@ const getTokenInfo = async (adapter, limits) => {
         };
     }));
 };
+const serializeU16LE = (value) => {
+    const result = new ArrayBuffer(2);
+    new DataView(result).setUint16(0, value, true); // littleEndian = true
+    return new Uint8Array(result);
+};
+// Some wallets add a prefix to the messag before signing, for example Ledger through Phantom
+const addOffchainMessagePrefixToMessageIfNeeded = async (walletPublicKey, signature, message) => {
+    const publicKey = await crypto.subtle.importKey("raw", walletPublicKey.toBytes(), { name: "Ed25519" }, true, ["verify"]);
+    if (await verifySignature(publicKey, signature, message)) {
+        return message;
+    }
+    else {
+        // Source: https://github.com/anza-xyz/solana-sdk/blob/master/offchain-message/src/lib.rs#L162
+        const messageWithOffchainMessagePrefix = Uint8Array.from([
+            // eslint-disable-next-line unicorn/number-literal-case
+            0xff,
+            ...new TextEncoder().encode("solana offchain"),
+            0,
+            1,
+            ...serializeU16LE(message.length),
+            ...message,
+        ]);
+        if (await verifySignature(publicKey, signature, messageWithOffchainMessagePrefix)) {
+            return messageWithOffchainMessagePrefix;
+        }
+        else {
+            throw new Error("The signature provided by the browser wallet is not valid");
+        }
+    }
+};
 const buildIntentInstruction = async (options, sessionKey, tokens) => {
     const message = await buildMessage({
         chainId: options.adapter.chainId,
@@ -194,7 +349,7 @@ const buildIntentInstruction = async (options, sessionKey, tokens) => {
     return Ed25519Program.createInstructionWithPublicKey({
         publicKey: options.walletPublicKey.toBytes(),
         signature: intentSignature,
-        message: message,
+        message: await addOffchainMessagePrefixToMessageIfNeeded(options.walletPublicKey, intentSignature, message),
     });
 };
 const buildMessage = async (body) => new TextEncoder().encode([
@@ -206,9 +361,20 @@ const buildMessage = async (body) => new TextEncoder().encode([
         expires: body.expires.toISOString(),
         session_key: await getAddressFromPublicKey(body.sessionKey.publicKey),
         tokens: serializeTokenList(body.tokens),
-        ...(body.extra && { extra: body.extra }),
     }),
+    body.extra && serializeExtra(body.extra),
 ].join("\n"));
+const serializeExtra = (extra) => {
+    for (const [key, value] of Object.entries(extra)) {
+        if (!/^[a-z]+(_[a-z0-9]+)*$/.test(key)) {
+            throw new Error(`Extra key must be a snake_case string: ${key}`);
+        }
+        if (value.includes("\n")) {
+            throw new Error(`Extra value must not contain a line break: ${value}`);
+        }
+    }
+    return serializeKV(extra);
+};
 const serializeKV = (data) => Object.entries(data)
     .map(([key, value]) => [key, ":", value.startsWith("\n") ? "" : " ", value].join(""))
     .join("\n");
@@ -342,7 +508,7 @@ const buildTransferIntentInstruction = async (program, options, symbol) => {
     return Ed25519Program.createInstructionWithPublicKey({
         publicKey: options.walletPublicKey.toBytes(),
         signature: intentSignature,
-        message: message,
+        message: await addOffchainMessagePrefixToMessageIfNeeded(options.walletPublicKey, intentSignature, message),
     });
 };
 const getNonce = async (program, walletPublicKey) => {
@@ -352,3 +518,50 @@ const getNonce = async (program, walletPublicKey) => {
     });
     return program.account.nonce.fetchNullable(noncePda);
 };
+const loginTokenPayloadSchema = z.object({
+    iat: z.number(),
+    sessionPublicKey: z.string(),
+});
+/**
+ * Create a login token signed with the session key
+ * @param session - The session to create a login token for
+ * @returns The login token
+ */
+export const createLogInToken = async (session) => {
+    const payload = {
+        // ...we can pass any arbitrary data we want to sign here...
+        iat: Date.now(),
+        sessionPublicKey: session.sessionPublicKey.toBase58(),
+    };
+    const message = JSON.stringify(payload);
+    // Sign the payload with the session private key
+    const signature = await signMessageWithKey(session.sessionKey, message);
+    // Return base58(message) + base58(signature)
+    return `${bs58.encode(new TextEncoder().encode(message))}.${signature}`;
+};
+/**
+ * Verify a login token
+ * @param token - The login token to verify against the session public key
+ * @param connection - The connection to use to get the session account
+ * @returns The session account if the token is valid, otherwise undefined
+ */
+export const verifyLogInToken = async (token, connection) => {
+    const [rawMessage, signature] = token.split(".");
+    if (!rawMessage || !signature)
+        return;
+    // Decode + parse payload
+    const messageStr = new TextDecoder().decode(bs58.decode(rawMessage));
+    const payload = loginTokenPayloadSchema.parse(JSON.parse(messageStr));
+    // Verify signature with sessionPublicKey
+    const sessionCryptoKey = await importKey(payload.sessionPublicKey);
+    const isValid = await verifyMessageWithKey(sessionCryptoKey, messageStr, signature);
+    if (!isValid)
+        return;
+    const sessionAccount = await getSessionAccount(connection, new PublicKey(payload.sessionPublicKey));
+    if (!sessionAccount)
+        return;
+    if (sessionAccount.expiration.getTime() < Date.now()) {
+        throw new Error("The session associated with this login token has expired");
+    }
+    return sessionAccount;
+};

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@fogo/sessions-sdk",
-  "version": "0.0.12",
+  "version": "0.0.14",
   "description": "A set of utilities for integrating with Fogo sessions",
   "keywords": [
     "fogo",
@@ -24,16 +24,6 @@
         "types": "./cjs/index.d.ts",
         "default": "./cjs/index.js"
       }
-    },
-    "./paymaster": {
-      "import": {
-        "types": "./esm/paymaster.d.ts",
-        "default": "./esm/paymaster.js"
-      },
-      "require": {
-        "types": "./cjs/paymaster.d.ts",
-        "default": "./cjs/paymaster.js"
-      }
     }
   },
   "dependencies": {
@@ -41,6 +31,7 @@
     "@metaplex-foundation/mpl-token-metadata": "^3.4.0",
     "@metaplex-foundation/umi": "^1.2.0",
     "@metaplex-foundation/umi-bundle-defaults": "^1.2.0",
+    "@noble/hashes": "^1.8.0",
     "@solana/compat": "^2.1.1",
     "@solana/kit": "^2.1.1",
     "@solana/spl-token": "^0.4.13",
@@ -48,6 +39,6 @@
     "bn.js": "^5.1.2",
     "bs58": "^6.0.0",
     "zod": "^3.25.62",
-    "@fogo/sessions-idls": "^0.0.4"
+    "@fogo/sessions-idls": "^0.0.5"
   }
 }

package/cjs/paymaster.d.ts DELETED Viewed

@@ -1,7 +0,0 @@
-import type { Transaction, Rpc, SolanaRpcApi } from "@solana/kit";
-import { Keypair } from "@solana/web3.js";
-export declare const sponsorAndSend: (rpc: Rpc<SolanaRpcApi>, sponsor: CryptoKeyPair, transaction: Transaction) => Promise<import("@solana/kit").Signature>;
-export declare const createPaymasterEndpoint: (options: {
-    rpc: string;
-    sponsor: Keypair;
-}) => Promise<(req: Request) => Promise<Response>>;

package/cjs/paymaster.js DELETED Viewed

@@ -1,51 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.createPaymasterEndpoint = exports.sponsorAndSend = void 0;
-const compat_1 = require("@solana/compat");
-const kit_1 = require("@solana/kit");
-const zod_1 = require("zod");
-const sponsorAndSend = async (rpc, sponsor, transaction) => rpc
-    .sendTransaction((0, kit_1.getBase64EncodedWireTransaction)(await (0, kit_1.signTransaction)([sponsor], transaction)), {
-    encoding: "base64",
-    skipPreflight: true,
-})
-    .send();
-exports.sponsorAndSend = sponsorAndSend;
-const createPaymasterEndpoint = async (options) => {
-    const rpc = (0, kit_1.createSolanaRpc)(options.rpc);
-    const sponsor = await (0, compat_1.fromLegacyKeypair)(options.sponsor);
-    return async (req) => {
-        const data = postBodySchema.parse(await req.json());
-        try {
-            const transaction = (0, kit_1.getTransactionDecoder)().decode((0, kit_1.getBase64Encoder)().encode(data.transaction));
-            try {
-                return new Response(await (0, exports.sponsorAndSend)(rpc, sponsor, transaction));
-            }
-            catch (error) {
-                // eslint-disable-next-line no-console
-                console.error(error);
-                return new Response(`Failed to sponsor and send: ${serializeError(error)}`, { status: 500 });
-            }
-        }
-        catch (error) {
-            // eslint-disable-next-line no-console
-            console.error(error);
-            return new Response("Failed to deserialize transaction", { status: 400 });
-        }
-    };
-};
-exports.createPaymasterEndpoint = createPaymasterEndpoint;
-const postBodySchema = zod_1.z.strictObject({
-    transaction: zod_1.z.string(),
-});
-const serializeError = (error) => {
-    if (error instanceof Error) {
-        return error.message;
-    }
-    else if (typeof error === "string") {
-        return error.toString();
-    }
-    else {
-        return "Unknown Error";
-    }
-};

package/esm/paymaster.d.ts DELETED Viewed

@@ -1,7 +0,0 @@
-import type { Transaction, Rpc, SolanaRpcApi } from "@solana/kit";
-import { Keypair } from "@solana/web3.js";
-export declare const sponsorAndSend: (rpc: Rpc<SolanaRpcApi>, sponsor: CryptoKeyPair, transaction: Transaction) => Promise<import("@solana/kit").Signature>;
-export declare const createPaymasterEndpoint: (options: {
-    rpc: string;
-    sponsor: Keypair;
-}) => Promise<(req: Request) => Promise<Response>>;

package/esm/paymaster.js DELETED Viewed

@@ -1,47 +0,0 @@
-import { fromLegacyKeypair } from "@solana/compat";
-import { signTransaction, createSolanaRpc, getBase64EncodedWireTransaction, getTransactionDecoder, getBase64Encoder, } from "@solana/kit";
-import { Keypair } from "@solana/web3.js";
-import { z } from "zod";
-export const sponsorAndSend = async (rpc, sponsor, transaction) => rpc
-    .sendTransaction(getBase64EncodedWireTransaction(await signTransaction([sponsor], transaction)), {
-    encoding: "base64",
-    skipPreflight: true,
-})
-    .send();
-export const createPaymasterEndpoint = async (options) => {
-    const rpc = createSolanaRpc(options.rpc);
-    const sponsor = await fromLegacyKeypair(options.sponsor);
-    return async (req) => {
-        const data = postBodySchema.parse(await req.json());
-        try {
-            const transaction = getTransactionDecoder().decode(getBase64Encoder().encode(data.transaction));
-            try {
-                return new Response(await sponsorAndSend(rpc, sponsor, transaction));
-            }
-            catch (error) {
-                // eslint-disable-next-line no-console
-                console.error(error);
-                return new Response(`Failed to sponsor and send: ${serializeError(error)}`, { status: 500 });
-            }
-        }
-        catch (error) {
-            // eslint-disable-next-line no-console
-            console.error(error);
-            return new Response("Failed to deserialize transaction", { status: 400 });
-        }
-    };
-};
-const postBodySchema = z.strictObject({
-    transaction: z.string(),
-});
-const serializeError = (error) => {
-    if (error instanceof Error) {
-        return error.message;
-    }
-    else if (typeof error === "string") {
-        return error.toString();
-    }
-    else {
-        return "Unknown Error";
-    }
-};