@getalby/lightning-tools 8.0.0 → 8.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/402/l402.cjs +102 -0
- package/dist/cjs/402/l402.cjs.map +1 -1
- package/dist/cjs/402/x402.cjs +539 -509
- package/dist/cjs/402/x402.cjs.map +1 -1
- package/dist/cjs/402.cjs +157 -16
- package/dist/cjs/402.cjs.map +1 -1
- package/dist/cjs/bolt11.cjs +526 -518
- package/dist/cjs/bolt11.cjs.map +1 -1
- package/dist/cjs/index.cjs +624 -482
- package/dist/cjs/index.cjs.map +1 -1
- package/dist/cjs/lnurl.cjs +14 -7
- package/dist/cjs/lnurl.cjs.map +1 -1
- package/dist/esm/402/l402.js +98 -1
- package/dist/esm/402/l402.js.map +1 -1
- package/dist/esm/402/x402.js +539 -510
- package/dist/esm/402/x402.js.map +1 -1
- package/dist/esm/402.js +152 -17
- package/dist/esm/402.js.map +1 -1
- package/dist/esm/bolt11.js +526 -519
- package/dist/esm/bolt11.js.map +1 -1
- package/dist/esm/index.js +618 -483
- package/dist/esm/index.js.map +1 -1
- package/dist/esm/lnurl.js +14 -7
- package/dist/esm/lnurl.js.map +1 -1
- package/dist/lightning-tools.umd.js +3 -3
- package/dist/lightning-tools.umd.js.map +1 -1
- package/dist/types/402/l402.d.ts +39 -1
- package/dist/types/402/x402.d.ts +20 -1
- package/dist/types/402.d.ts +58 -2
- package/dist/types/bolt11.d.ts +2 -1
- package/dist/types/index.d.ts +59 -2
- package/package.json +1 -1
package/dist/cjs/index.cjs
CHANGED
|
@@ -1,5 +1,312 @@
|
|
|
1
1
|
'use strict';
|
|
2
2
|
|
|
3
|
+
function bytes(b, ...lengths) {
|
|
4
|
+
if (!(b instanceof Uint8Array))
|
|
5
|
+
throw new Error('Expected Uint8Array');
|
|
6
|
+
if (lengths.length > 0 && !lengths.includes(b.length))
|
|
7
|
+
throw new Error(`Expected Uint8Array of length ${lengths}, not of length=${b.length}`);
|
|
8
|
+
}
|
|
9
|
+
function exists(instance, checkFinished = true) {
|
|
10
|
+
if (instance.destroyed)
|
|
11
|
+
throw new Error('Hash instance has been destroyed');
|
|
12
|
+
if (checkFinished && instance.finished)
|
|
13
|
+
throw new Error('Hash#digest() has already been called');
|
|
14
|
+
}
|
|
15
|
+
function output(out, instance) {
|
|
16
|
+
bytes(out);
|
|
17
|
+
const min = instance.outputLen;
|
|
18
|
+
if (out.length < min) {
|
|
19
|
+
throw new Error(`digestInto() expects output buffer of length at least ${min}`);
|
|
20
|
+
}
|
|
21
|
+
}
|
|
22
|
+
|
|
23
|
+
/*! noble-hashes - MIT License (c) 2022 Paul Miller (paulmillr.com) */
|
|
24
|
+
// We use WebCrypto aka globalThis.crypto, which exists in browsers and node.js 16+.
|
|
25
|
+
// node.js versions earlier than v19 don't declare it in global scope.
|
|
26
|
+
// For node.js, package.json#exports field mapping rewrites import
|
|
27
|
+
// from `crypto` to `cryptoNode`, which imports native module.
|
|
28
|
+
// Makes the utils un-importable in browsers without a bundler.
|
|
29
|
+
// Once node.js 18 is deprecated, we can just drop the import.
|
|
30
|
+
const u8a = (a) => a instanceof Uint8Array;
|
|
31
|
+
// Cast array to view
|
|
32
|
+
const createView = (arr) => new DataView(arr.buffer, arr.byteOffset, arr.byteLength);
|
|
33
|
+
// The rotate right (circular right shift) operation for uint32
|
|
34
|
+
const rotr = (word, shift) => (word << (32 - shift)) | (word >>> shift);
|
|
35
|
+
// big-endian hardware is rare. Just in case someone still decides to run hashes:
|
|
36
|
+
// early-throw an error because we don't support BE yet.
|
|
37
|
+
const isLE = new Uint8Array(new Uint32Array([0x11223344]).buffer)[0] === 0x44;
|
|
38
|
+
if (!isLE)
|
|
39
|
+
throw new Error('Non little-endian hardware is not supported');
|
|
40
|
+
const hexes = /* @__PURE__ */ Array.from({ length: 256 }, (_, i) => i.toString(16).padStart(2, '0'));
|
|
41
|
+
/**
|
|
42
|
+
* @example bytesToHex(Uint8Array.from([0xca, 0xfe, 0x01, 0x23])) // 'cafe0123'
|
|
43
|
+
*/
|
|
44
|
+
function bytesToHex(bytes) {
|
|
45
|
+
if (!u8a(bytes))
|
|
46
|
+
throw new Error('Uint8Array expected');
|
|
47
|
+
// pre-caching improves the speed 6x
|
|
48
|
+
let hex = '';
|
|
49
|
+
for (let i = 0; i < bytes.length; i++) {
|
|
50
|
+
hex += hexes[bytes[i]];
|
|
51
|
+
}
|
|
52
|
+
return hex;
|
|
53
|
+
}
|
|
54
|
+
/**
|
|
55
|
+
* @example utf8ToBytes('abc') // new Uint8Array([97, 98, 99])
|
|
56
|
+
*/
|
|
57
|
+
function utf8ToBytes(str) {
|
|
58
|
+
if (typeof str !== 'string')
|
|
59
|
+
throw new Error(`utf8ToBytes expected string, got ${typeof str}`);
|
|
60
|
+
return new Uint8Array(new TextEncoder().encode(str)); // https://bugzil.la/1681809
|
|
61
|
+
}
|
|
62
|
+
/**
|
|
63
|
+
* Normalizes (non-hex) string or Uint8Array to Uint8Array.
|
|
64
|
+
* Warning: when Uint8Array is passed, it would NOT get copied.
|
|
65
|
+
* Keep in mind for future mutable operations.
|
|
66
|
+
*/
|
|
67
|
+
function toBytes(data) {
|
|
68
|
+
if (typeof data === 'string')
|
|
69
|
+
data = utf8ToBytes(data);
|
|
70
|
+
if (!u8a(data))
|
|
71
|
+
throw new Error(`expected Uint8Array, got ${typeof data}`);
|
|
72
|
+
return data;
|
|
73
|
+
}
|
|
74
|
+
// For runtime check if class implements interface
|
|
75
|
+
class Hash {
|
|
76
|
+
// Safe version that clones internal state
|
|
77
|
+
clone() {
|
|
78
|
+
return this._cloneInto();
|
|
79
|
+
}
|
|
80
|
+
}
|
|
81
|
+
function wrapConstructor(hashCons) {
|
|
82
|
+
const hashC = (msg) => hashCons().update(toBytes(msg)).digest();
|
|
83
|
+
const tmp = hashCons();
|
|
84
|
+
hashC.outputLen = tmp.outputLen;
|
|
85
|
+
hashC.blockLen = tmp.blockLen;
|
|
86
|
+
hashC.create = () => hashCons();
|
|
87
|
+
return hashC;
|
|
88
|
+
}
|
|
89
|
+
|
|
90
|
+
// Polyfill for Safari 14
|
|
91
|
+
function setBigUint64(view, byteOffset, value, isLE) {
|
|
92
|
+
if (typeof view.setBigUint64 === 'function')
|
|
93
|
+
return view.setBigUint64(byteOffset, value, isLE);
|
|
94
|
+
const _32n = BigInt(32);
|
|
95
|
+
const _u32_max = BigInt(0xffffffff);
|
|
96
|
+
const wh = Number((value >> _32n) & _u32_max);
|
|
97
|
+
const wl = Number(value & _u32_max);
|
|
98
|
+
const h = isLE ? 4 : 0;
|
|
99
|
+
const l = isLE ? 0 : 4;
|
|
100
|
+
view.setUint32(byteOffset + h, wh, isLE);
|
|
101
|
+
view.setUint32(byteOffset + l, wl, isLE);
|
|
102
|
+
}
|
|
103
|
+
// Base SHA2 class (RFC 6234)
|
|
104
|
+
class SHA2 extends Hash {
|
|
105
|
+
constructor(blockLen, outputLen, padOffset, isLE) {
|
|
106
|
+
super();
|
|
107
|
+
this.blockLen = blockLen;
|
|
108
|
+
this.outputLen = outputLen;
|
|
109
|
+
this.padOffset = padOffset;
|
|
110
|
+
this.isLE = isLE;
|
|
111
|
+
this.finished = false;
|
|
112
|
+
this.length = 0;
|
|
113
|
+
this.pos = 0;
|
|
114
|
+
this.destroyed = false;
|
|
115
|
+
this.buffer = new Uint8Array(blockLen);
|
|
116
|
+
this.view = createView(this.buffer);
|
|
117
|
+
}
|
|
118
|
+
update(data) {
|
|
119
|
+
exists(this);
|
|
120
|
+
const { view, buffer, blockLen } = this;
|
|
121
|
+
data = toBytes(data);
|
|
122
|
+
const len = data.length;
|
|
123
|
+
for (let pos = 0; pos < len;) {
|
|
124
|
+
const take = Math.min(blockLen - this.pos, len - pos);
|
|
125
|
+
// Fast path: we have at least one block in input, cast it to view and process
|
|
126
|
+
if (take === blockLen) {
|
|
127
|
+
const dataView = createView(data);
|
|
128
|
+
for (; blockLen <= len - pos; pos += blockLen)
|
|
129
|
+
this.process(dataView, pos);
|
|
130
|
+
continue;
|
|
131
|
+
}
|
|
132
|
+
buffer.set(data.subarray(pos, pos + take), this.pos);
|
|
133
|
+
this.pos += take;
|
|
134
|
+
pos += take;
|
|
135
|
+
if (this.pos === blockLen) {
|
|
136
|
+
this.process(view, 0);
|
|
137
|
+
this.pos = 0;
|
|
138
|
+
}
|
|
139
|
+
}
|
|
140
|
+
this.length += data.length;
|
|
141
|
+
this.roundClean();
|
|
142
|
+
return this;
|
|
143
|
+
}
|
|
144
|
+
digestInto(out) {
|
|
145
|
+
exists(this);
|
|
146
|
+
output(out, this);
|
|
147
|
+
this.finished = true;
|
|
148
|
+
// Padding
|
|
149
|
+
// We can avoid allocation of buffer for padding completely if it
|
|
150
|
+
// was previously not allocated here. But it won't change performance.
|
|
151
|
+
const { buffer, view, blockLen, isLE } = this;
|
|
152
|
+
let { pos } = this;
|
|
153
|
+
// append the bit '1' to the message
|
|
154
|
+
buffer[pos++] = 0b10000000;
|
|
155
|
+
this.buffer.subarray(pos).fill(0);
|
|
156
|
+
// we have less than padOffset left in buffer, so we cannot put length in current block, need process it and pad again
|
|
157
|
+
if (this.padOffset > blockLen - pos) {
|
|
158
|
+
this.process(view, 0);
|
|
159
|
+
pos = 0;
|
|
160
|
+
}
|
|
161
|
+
// Pad until full block byte with zeros
|
|
162
|
+
for (let i = pos; i < blockLen; i++)
|
|
163
|
+
buffer[i] = 0;
|
|
164
|
+
// Note: sha512 requires length to be 128bit integer, but length in JS will overflow before that
|
|
165
|
+
// You need to write around 2 exabytes (u64_max / 8 / (1024**6)) for this to happen.
|
|
166
|
+
// So we just write lowest 64 bits of that value.
|
|
167
|
+
setBigUint64(view, blockLen - 8, BigInt(this.length * 8), isLE);
|
|
168
|
+
this.process(view, 0);
|
|
169
|
+
const oview = createView(out);
|
|
170
|
+
const len = this.outputLen;
|
|
171
|
+
// NOTE: we do division by 4 later, which should be fused in single op with modulo by JIT
|
|
172
|
+
if (len % 4)
|
|
173
|
+
throw new Error('_sha2: outputLen should be aligned to 32bit');
|
|
174
|
+
const outLen = len / 4;
|
|
175
|
+
const state = this.get();
|
|
176
|
+
if (outLen > state.length)
|
|
177
|
+
throw new Error('_sha2: outputLen bigger than state');
|
|
178
|
+
for (let i = 0; i < outLen; i++)
|
|
179
|
+
oview.setUint32(4 * i, state[i], isLE);
|
|
180
|
+
}
|
|
181
|
+
digest() {
|
|
182
|
+
const { buffer, outputLen } = this;
|
|
183
|
+
this.digestInto(buffer);
|
|
184
|
+
const res = buffer.slice(0, outputLen);
|
|
185
|
+
this.destroy();
|
|
186
|
+
return res;
|
|
187
|
+
}
|
|
188
|
+
_cloneInto(to) {
|
|
189
|
+
to || (to = new this.constructor());
|
|
190
|
+
to.set(...this.get());
|
|
191
|
+
const { blockLen, buffer, length, finished, destroyed, pos } = this;
|
|
192
|
+
to.length = length;
|
|
193
|
+
to.pos = pos;
|
|
194
|
+
to.finished = finished;
|
|
195
|
+
to.destroyed = destroyed;
|
|
196
|
+
if (length % blockLen)
|
|
197
|
+
to.buffer.set(buffer);
|
|
198
|
+
return to;
|
|
199
|
+
}
|
|
200
|
+
}
|
|
201
|
+
|
|
202
|
+
// SHA2-256 need to try 2^128 hashes to execute birthday attack.
|
|
203
|
+
// BTC network is doing 2^67 hashes/sec as per early 2023.
|
|
204
|
+
// Choice: a ? b : c
|
|
205
|
+
const Chi = (a, b, c) => (a & b) ^ (~a & c);
|
|
206
|
+
// Majority function, true if any two inpust is true
|
|
207
|
+
const Maj = (a, b, c) => (a & b) ^ (a & c) ^ (b & c);
|
|
208
|
+
// Round constants:
|
|
209
|
+
// first 32 bits of the fractional parts of the cube roots of the first 64 primes 2..311)
|
|
210
|
+
// prettier-ignore
|
|
211
|
+
const SHA256_K = /* @__PURE__ */ new Uint32Array([
|
|
212
|
+
0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
|
|
213
|
+
0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
|
|
214
|
+
0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
|
|
215
|
+
0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
|
|
216
|
+
0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
|
|
217
|
+
0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
|
|
218
|
+
0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
|
|
219
|
+
0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
|
|
220
|
+
]);
|
|
221
|
+
// Initial state (first 32 bits of the fractional parts of the square roots of the first 8 primes 2..19):
|
|
222
|
+
// prettier-ignore
|
|
223
|
+
const IV = /* @__PURE__ */ new Uint32Array([
|
|
224
|
+
0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a, 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19
|
|
225
|
+
]);
|
|
226
|
+
// Temporary buffer, not used to store anything between runs
|
|
227
|
+
// Named this way because it matches specification.
|
|
228
|
+
const SHA256_W = /* @__PURE__ */ new Uint32Array(64);
|
|
229
|
+
class SHA256 extends SHA2 {
|
|
230
|
+
constructor() {
|
|
231
|
+
super(64, 32, 8, false);
|
|
232
|
+
// We cannot use array here since array allows indexing by variable
|
|
233
|
+
// which means optimizer/compiler cannot use registers.
|
|
234
|
+
this.A = IV[0] | 0;
|
|
235
|
+
this.B = IV[1] | 0;
|
|
236
|
+
this.C = IV[2] | 0;
|
|
237
|
+
this.D = IV[3] | 0;
|
|
238
|
+
this.E = IV[4] | 0;
|
|
239
|
+
this.F = IV[5] | 0;
|
|
240
|
+
this.G = IV[6] | 0;
|
|
241
|
+
this.H = IV[7] | 0;
|
|
242
|
+
}
|
|
243
|
+
get() {
|
|
244
|
+
const { A, B, C, D, E, F, G, H } = this;
|
|
245
|
+
return [A, B, C, D, E, F, G, H];
|
|
246
|
+
}
|
|
247
|
+
// prettier-ignore
|
|
248
|
+
set(A, B, C, D, E, F, G, H) {
|
|
249
|
+
this.A = A | 0;
|
|
250
|
+
this.B = B | 0;
|
|
251
|
+
this.C = C | 0;
|
|
252
|
+
this.D = D | 0;
|
|
253
|
+
this.E = E | 0;
|
|
254
|
+
this.F = F | 0;
|
|
255
|
+
this.G = G | 0;
|
|
256
|
+
this.H = H | 0;
|
|
257
|
+
}
|
|
258
|
+
process(view, offset) {
|
|
259
|
+
// Extend the first 16 words into the remaining 48 words w[16..63] of the message schedule array
|
|
260
|
+
for (let i = 0; i < 16; i++, offset += 4)
|
|
261
|
+
SHA256_W[i] = view.getUint32(offset, false);
|
|
262
|
+
for (let i = 16; i < 64; i++) {
|
|
263
|
+
const W15 = SHA256_W[i - 15];
|
|
264
|
+
const W2 = SHA256_W[i - 2];
|
|
265
|
+
const s0 = rotr(W15, 7) ^ rotr(W15, 18) ^ (W15 >>> 3);
|
|
266
|
+
const s1 = rotr(W2, 17) ^ rotr(W2, 19) ^ (W2 >>> 10);
|
|
267
|
+
SHA256_W[i] = (s1 + SHA256_W[i - 7] + s0 + SHA256_W[i - 16]) | 0;
|
|
268
|
+
}
|
|
269
|
+
// Compression function main loop, 64 rounds
|
|
270
|
+
let { A, B, C, D, E, F, G, H } = this;
|
|
271
|
+
for (let i = 0; i < 64; i++) {
|
|
272
|
+
const sigma1 = rotr(E, 6) ^ rotr(E, 11) ^ rotr(E, 25);
|
|
273
|
+
const T1 = (H + sigma1 + Chi(E, F, G) + SHA256_K[i] + SHA256_W[i]) | 0;
|
|
274
|
+
const sigma0 = rotr(A, 2) ^ rotr(A, 13) ^ rotr(A, 22);
|
|
275
|
+
const T2 = (sigma0 + Maj(A, B, C)) | 0;
|
|
276
|
+
H = G;
|
|
277
|
+
G = F;
|
|
278
|
+
F = E;
|
|
279
|
+
E = (D + T1) | 0;
|
|
280
|
+
D = C;
|
|
281
|
+
C = B;
|
|
282
|
+
B = A;
|
|
283
|
+
A = (T1 + T2) | 0;
|
|
284
|
+
}
|
|
285
|
+
// Add the compressed chunk to the current hash value
|
|
286
|
+
A = (A + this.A) | 0;
|
|
287
|
+
B = (B + this.B) | 0;
|
|
288
|
+
C = (C + this.C) | 0;
|
|
289
|
+
D = (D + this.D) | 0;
|
|
290
|
+
E = (E + this.E) | 0;
|
|
291
|
+
F = (F + this.F) | 0;
|
|
292
|
+
G = (G + this.G) | 0;
|
|
293
|
+
H = (H + this.H) | 0;
|
|
294
|
+
this.set(A, B, C, D, E, F, G, H);
|
|
295
|
+
}
|
|
296
|
+
roundClean() {
|
|
297
|
+
SHA256_W.fill(0);
|
|
298
|
+
}
|
|
299
|
+
destroy() {
|
|
300
|
+
this.set(0, 0, 0, 0, 0, 0, 0, 0);
|
|
301
|
+
this.buffer.fill(0);
|
|
302
|
+
}
|
|
303
|
+
}
|
|
304
|
+
/**
|
|
305
|
+
* SHA2-256 hash function
|
|
306
|
+
* @param message - data that would be hashed
|
|
307
|
+
*/
|
|
308
|
+
const sha256 = /* @__PURE__ */ wrapConstructor(() => new SHA256());
|
|
309
|
+
|
|
3
310
|
var lib = {};
|
|
4
311
|
|
|
5
312
|
var hasRequiredLib;
|
|
@@ -699,483 +1006,189 @@ function requireBolt11 () {
|
|
|
699
1006
|
coinNetwork = network;
|
|
700
1007
|
}
|
|
701
1008
|
if (!coinNetwork || coinNetwork.bech32 !== bech32Prefix) {
|
|
702
|
-
throw new Error('Unknown coin bech32 prefix')
|
|
703
|
-
}
|
|
704
|
-
sections.push({
|
|
705
|
-
name: 'coin_network',
|
|
706
|
-
letters: bech32Prefix,
|
|
707
|
-
value: coinNetwork
|
|
708
|
-
});
|
|
709
|
-
|
|
710
|
-
// amount section
|
|
711
|
-
const value = prefixMatches[2];
|
|
712
|
-
let millisatoshis;
|
|
713
|
-
if (value) {
|
|
714
|
-
const divisor = prefixMatches[3];
|
|
715
|
-
millisatoshis = hrpToMillisat(value + divisor, true);
|
|
716
|
-
sections.push({
|
|
717
|
-
name: 'amount',
|
|
718
|
-
letters: prefixMatches[2] + prefixMatches[3],
|
|
719
|
-
value: millisatoshis
|
|
720
|
-
});
|
|
721
|
-
} else {
|
|
722
|
-
millisatoshis = null;
|
|
723
|
-
}
|
|
724
|
-
|
|
725
|
-
// "1" separator
|
|
726
|
-
sections.push({
|
|
727
|
-
name: 'separator',
|
|
728
|
-
letters: '1'
|
|
729
|
-
});
|
|
730
|
-
|
|
731
|
-
// timestamp
|
|
732
|
-
const timestamp = wordsToIntBE(words.slice(0, 7));
|
|
733
|
-
words = words.slice(7); // trim off the left 7 words
|
|
734
|
-
sections.push({
|
|
735
|
-
name: 'timestamp',
|
|
736
|
-
letters: letters.slice(0, 7),
|
|
737
|
-
value: timestamp
|
|
738
|
-
});
|
|
739
|
-
letters = letters.slice(7);
|
|
740
|
-
|
|
741
|
-
let tagName, parser, tagLength, tagWords;
|
|
742
|
-
// we have no tag count to go on, so just keep hacking off words
|
|
743
|
-
// until we have none.
|
|
744
|
-
while (words.length > 0) {
|
|
745
|
-
const tagCode = words[0].toString();
|
|
746
|
-
tagName = TAGNAMES[tagCode] || 'unknown_tag';
|
|
747
|
-
parser = TAGPARSERS[tagCode] || getUnknownParser(tagCode);
|
|
748
|
-
words = words.slice(1);
|
|
749
|
-
|
|
750
|
-
tagLength = wordsToIntBE(words.slice(0, 2));
|
|
751
|
-
words = words.slice(2);
|
|
752
|
-
|
|
753
|
-
tagWords = words.slice(0, tagLength);
|
|
754
|
-
words = words.slice(tagLength);
|
|
755
|
-
|
|
756
|
-
sections.push({
|
|
757
|
-
name: tagName,
|
|
758
|
-
tag: letters[0],
|
|
759
|
-
letters: letters.slice(0, 1 + 2 + tagLength),
|
|
760
|
-
value: parser(tagWords) // see: parsers for more comments
|
|
761
|
-
});
|
|
762
|
-
letters = letters.slice(1 + 2 + tagLength);
|
|
763
|
-
}
|
|
764
|
-
|
|
765
|
-
// signature
|
|
766
|
-
sections.push({
|
|
767
|
-
name: 'signature',
|
|
768
|
-
letters: letters.slice(0, 104),
|
|
769
|
-
value: hex.encode(bech32.fromWordsUnsafe(sigWords))
|
|
770
|
-
});
|
|
771
|
-
letters = letters.slice(104);
|
|
772
|
-
|
|
773
|
-
// checksum
|
|
774
|
-
sections.push({
|
|
775
|
-
name: 'checksum',
|
|
776
|
-
letters: letters
|
|
777
|
-
});
|
|
778
|
-
|
|
779
|
-
let result = {
|
|
780
|
-
paymentRequest,
|
|
781
|
-
sections,
|
|
782
|
-
|
|
783
|
-
get expiry() {
|
|
784
|
-
let exp = sections.find(s => s.name === 'expiry');
|
|
785
|
-
if (exp) return getValue('timestamp') + exp.value
|
|
786
|
-
},
|
|
787
|
-
|
|
788
|
-
get route_hints() {
|
|
789
|
-
return sections.filter(s => s.name === 'route_hint').map(s => s.value)
|
|
790
|
-
}
|
|
791
|
-
};
|
|
792
|
-
|
|
793
|
-
for (let name in TAGCODES) {
|
|
794
|
-
if (name === 'route_hint') {
|
|
795
|
-
// route hints can be multiple, so this won't work for them
|
|
796
|
-
continue
|
|
797
|
-
}
|
|
798
|
-
|
|
799
|
-
Object.defineProperty(result, name, {
|
|
800
|
-
get() {
|
|
801
|
-
return getValue(name)
|
|
802
|
-
}
|
|
803
|
-
});
|
|
804
|
-
}
|
|
805
|
-
|
|
806
|
-
return result
|
|
807
|
-
|
|
808
|
-
function getValue(name) {
|
|
809
|
-
let section = sections.find(s => s.name === name);
|
|
810
|
-
return section ? section.value : undefined
|
|
811
|
-
}
|
|
812
|
-
}
|
|
813
|
-
|
|
814
|
-
bolt11 = {
|
|
815
|
-
decode,
|
|
816
|
-
hrpToMillisat
|
|
817
|
-
};
|
|
818
|
-
return bolt11;
|
|
819
|
-
}
|
|
820
|
-
|
|
821
|
-
var bolt11Exports = requireBolt11();
|
|
822
|
-
|
|
823
|
-
// from https://stackoverflow.com/a/50868276
|
|
824
|
-
const fromHexString = (hexString) => Uint8Array.from(hexString.match(/.{1,2}/g).map((byte) => parseInt(byte, 16)));
|
|
825
|
-
const decodeInvoice = (paymentRequest) => {
|
|
826
|
-
if (!paymentRequest)
|
|
827
|
-
return null;
|
|
828
|
-
try {
|
|
829
|
-
const decoded = bolt11Exports.decode(paymentRequest);
|
|
830
|
-
if (!decoded || !decoded.sections)
|
|
831
|
-
return null;
|
|
832
|
-
const hashTag = decoded.sections.find((value) => value.name === "payment_hash");
|
|
833
|
-
if (hashTag?.name !== "payment_hash" || !hashTag.value)
|
|
834
|
-
return null;
|
|
835
|
-
const paymentHash = hashTag.value;
|
|
836
|
-
let satoshi = 0;
|
|
837
|
-
let millisatoshi = 0;
|
|
838
|
-
let amountRaw = "0";
|
|
839
|
-
const amountTag = decoded.sections.find((value) => value.name === "amount");
|
|
840
|
-
if (amountTag?.name === "amount" && amountTag.value) {
|
|
841
|
-
amountRaw = amountTag.value;
|
|
842
|
-
millisatoshi = parseInt(amountTag.value);
|
|
843
|
-
satoshi = parseInt(amountTag.value) / 1000; // millisats
|
|
844
|
-
}
|
|
845
|
-
const timestampTag = decoded.sections.find((value) => value.name === "timestamp");
|
|
846
|
-
if (timestampTag?.name !== "timestamp" || !timestampTag.value)
|
|
847
|
-
return null;
|
|
848
|
-
const timestamp = timestampTag.value;
|
|
849
|
-
let expiry;
|
|
850
|
-
const expiryTag = decoded.sections.find((value) => value.name === "expiry");
|
|
851
|
-
if (expiryTag?.name === "expiry") {
|
|
852
|
-
expiry = expiryTag.value;
|
|
853
|
-
}
|
|
854
|
-
const descriptionTag = decoded.sections.find((value) => value.name === "description");
|
|
855
|
-
const description = descriptionTag?.name === "description"
|
|
856
|
-
? descriptionTag?.value
|
|
857
|
-
: undefined;
|
|
858
|
-
return {
|
|
859
|
-
paymentHash,
|
|
860
|
-
satoshi,
|
|
861
|
-
millisatoshi,
|
|
862
|
-
amountRaw,
|
|
863
|
-
timestamp,
|
|
864
|
-
expiry,
|
|
865
|
-
description,
|
|
866
|
-
};
|
|
867
|
-
}
|
|
868
|
-
catch {
|
|
869
|
-
return null;
|
|
870
|
-
}
|
|
871
|
-
};
|
|
1009
|
+
throw new Error('Unknown coin bech32 prefix')
|
|
1010
|
+
}
|
|
1011
|
+
sections.push({
|
|
1012
|
+
name: 'coin_network',
|
|
1013
|
+
letters: bech32Prefix,
|
|
1014
|
+
value: coinNetwork
|
|
1015
|
+
});
|
|
872
1016
|
|
|
873
|
-
|
|
874
|
-
|
|
875
|
-
|
|
876
|
-
|
|
877
|
-
|
|
878
|
-
|
|
879
|
-
|
|
880
|
-
|
|
881
|
-
|
|
882
|
-
|
|
883
|
-
|
|
884
|
-
}
|
|
885
|
-
|
|
886
|
-
|
|
887
|
-
const min = instance.outputLen;
|
|
888
|
-
if (out.length < min) {
|
|
889
|
-
throw new Error(`digestInto() expects output buffer of length at least ${min}`);
|
|
890
|
-
}
|
|
891
|
-
}
|
|
1017
|
+
// amount section
|
|
1018
|
+
const value = prefixMatches[2];
|
|
1019
|
+
let millisatoshis;
|
|
1020
|
+
if (value) {
|
|
1021
|
+
const divisor = prefixMatches[3];
|
|
1022
|
+
millisatoshis = hrpToMillisat(value + divisor, true);
|
|
1023
|
+
sections.push({
|
|
1024
|
+
name: 'amount',
|
|
1025
|
+
letters: prefixMatches[2] + prefixMatches[3],
|
|
1026
|
+
value: millisatoshis
|
|
1027
|
+
});
|
|
1028
|
+
} else {
|
|
1029
|
+
millisatoshis = null;
|
|
1030
|
+
}
|
|
892
1031
|
|
|
893
|
-
|
|
894
|
-
|
|
895
|
-
|
|
896
|
-
|
|
897
|
-
|
|
898
|
-
// Makes the utils un-importable in browsers without a bundler.
|
|
899
|
-
// Once node.js 18 is deprecated, we can just drop the import.
|
|
900
|
-
const u8a = (a) => a instanceof Uint8Array;
|
|
901
|
-
// Cast array to view
|
|
902
|
-
const createView = (arr) => new DataView(arr.buffer, arr.byteOffset, arr.byteLength);
|
|
903
|
-
// The rotate right (circular right shift) operation for uint32
|
|
904
|
-
const rotr = (word, shift) => (word << (32 - shift)) | (word >>> shift);
|
|
905
|
-
// big-endian hardware is rare. Just in case someone still decides to run hashes:
|
|
906
|
-
// early-throw an error because we don't support BE yet.
|
|
907
|
-
const isLE = new Uint8Array(new Uint32Array([0x11223344]).buffer)[0] === 0x44;
|
|
908
|
-
if (!isLE)
|
|
909
|
-
throw new Error('Non little-endian hardware is not supported');
|
|
910
|
-
const hexes = /* @__PURE__ */ Array.from({ length: 256 }, (_, i) => i.toString(16).padStart(2, '0'));
|
|
911
|
-
/**
|
|
912
|
-
* @example bytesToHex(Uint8Array.from([0xca, 0xfe, 0x01, 0x23])) // 'cafe0123'
|
|
913
|
-
*/
|
|
914
|
-
function bytesToHex(bytes) {
|
|
915
|
-
if (!u8a(bytes))
|
|
916
|
-
throw new Error('Uint8Array expected');
|
|
917
|
-
// pre-caching improves the speed 6x
|
|
918
|
-
let hex = '';
|
|
919
|
-
for (let i = 0; i < bytes.length; i++) {
|
|
920
|
-
hex += hexes[bytes[i]];
|
|
921
|
-
}
|
|
922
|
-
return hex;
|
|
923
|
-
}
|
|
924
|
-
/**
|
|
925
|
-
* @example utf8ToBytes('abc') // new Uint8Array([97, 98, 99])
|
|
926
|
-
*/
|
|
927
|
-
function utf8ToBytes(str) {
|
|
928
|
-
if (typeof str !== 'string')
|
|
929
|
-
throw new Error(`utf8ToBytes expected string, got ${typeof str}`);
|
|
930
|
-
return new Uint8Array(new TextEncoder().encode(str)); // https://bugzil.la/1681809
|
|
931
|
-
}
|
|
932
|
-
/**
|
|
933
|
-
* Normalizes (non-hex) string or Uint8Array to Uint8Array.
|
|
934
|
-
* Warning: when Uint8Array is passed, it would NOT get copied.
|
|
935
|
-
* Keep in mind for future mutable operations.
|
|
936
|
-
*/
|
|
937
|
-
function toBytes(data) {
|
|
938
|
-
if (typeof data === 'string')
|
|
939
|
-
data = utf8ToBytes(data);
|
|
940
|
-
if (!u8a(data))
|
|
941
|
-
throw new Error(`expected Uint8Array, got ${typeof data}`);
|
|
942
|
-
return data;
|
|
943
|
-
}
|
|
944
|
-
// For runtime check if class implements interface
|
|
945
|
-
class Hash {
|
|
946
|
-
// Safe version that clones internal state
|
|
947
|
-
clone() {
|
|
948
|
-
return this._cloneInto();
|
|
949
|
-
}
|
|
950
|
-
}
|
|
951
|
-
function wrapConstructor(hashCons) {
|
|
952
|
-
const hashC = (msg) => hashCons().update(toBytes(msg)).digest();
|
|
953
|
-
const tmp = hashCons();
|
|
954
|
-
hashC.outputLen = tmp.outputLen;
|
|
955
|
-
hashC.blockLen = tmp.blockLen;
|
|
956
|
-
hashC.create = () => hashCons();
|
|
957
|
-
return hashC;
|
|
958
|
-
}
|
|
1032
|
+
// "1" separator
|
|
1033
|
+
sections.push({
|
|
1034
|
+
name: 'separator',
|
|
1035
|
+
letters: '1'
|
|
1036
|
+
});
|
|
959
1037
|
|
|
960
|
-
//
|
|
961
|
-
|
|
962
|
-
|
|
963
|
-
|
|
964
|
-
|
|
965
|
-
|
|
966
|
-
|
|
967
|
-
|
|
968
|
-
|
|
969
|
-
|
|
970
|
-
|
|
971
|
-
|
|
972
|
-
|
|
973
|
-
|
|
974
|
-
|
|
975
|
-
|
|
976
|
-
|
|
977
|
-
|
|
978
|
-
|
|
979
|
-
|
|
980
|
-
|
|
981
|
-
|
|
982
|
-
|
|
983
|
-
|
|
984
|
-
|
|
985
|
-
|
|
986
|
-
|
|
987
|
-
|
|
988
|
-
|
|
989
|
-
|
|
990
|
-
|
|
991
|
-
|
|
992
|
-
|
|
993
|
-
|
|
994
|
-
|
|
995
|
-
|
|
996
|
-
|
|
997
|
-
|
|
998
|
-
|
|
999
|
-
|
|
1000
|
-
|
|
1001
|
-
|
|
1002
|
-
|
|
1003
|
-
|
|
1004
|
-
|
|
1005
|
-
|
|
1006
|
-
|
|
1007
|
-
|
|
1008
|
-
|
|
1009
|
-
|
|
1010
|
-
|
|
1011
|
-
|
|
1012
|
-
|
|
1013
|
-
|
|
1014
|
-
|
|
1015
|
-
|
|
1016
|
-
|
|
1017
|
-
|
|
1018
|
-
|
|
1019
|
-
|
|
1020
|
-
|
|
1021
|
-
|
|
1022
|
-
|
|
1023
|
-
|
|
1024
|
-
|
|
1025
|
-
|
|
1026
|
-
|
|
1027
|
-
|
|
1028
|
-
|
|
1029
|
-
|
|
1030
|
-
|
|
1031
|
-
|
|
1032
|
-
|
|
1033
|
-
|
|
1034
|
-
|
|
1035
|
-
|
|
1036
|
-
|
|
1037
|
-
|
|
1038
|
-
|
|
1039
|
-
|
|
1040
|
-
|
|
1041
|
-
|
|
1042
|
-
|
|
1043
|
-
|
|
1044
|
-
|
|
1045
|
-
|
|
1046
|
-
|
|
1047
|
-
|
|
1048
|
-
for (let i = 0; i < outLen; i++)
|
|
1049
|
-
oview.setUint32(4 * i, state[i], isLE);
|
|
1050
|
-
}
|
|
1051
|
-
digest() {
|
|
1052
|
-
const { buffer, outputLen } = this;
|
|
1053
|
-
this.digestInto(buffer);
|
|
1054
|
-
const res = buffer.slice(0, outputLen);
|
|
1055
|
-
this.destroy();
|
|
1056
|
-
return res;
|
|
1057
|
-
}
|
|
1058
|
-
_cloneInto(to) {
|
|
1059
|
-
to || (to = new this.constructor());
|
|
1060
|
-
to.set(...this.get());
|
|
1061
|
-
const { blockLen, buffer, length, finished, destroyed, pos } = this;
|
|
1062
|
-
to.length = length;
|
|
1063
|
-
to.pos = pos;
|
|
1064
|
-
to.finished = finished;
|
|
1065
|
-
to.destroyed = destroyed;
|
|
1066
|
-
if (length % blockLen)
|
|
1067
|
-
to.buffer.set(buffer);
|
|
1068
|
-
return to;
|
|
1069
|
-
}
|
|
1038
|
+
// timestamp
|
|
1039
|
+
const timestamp = wordsToIntBE(words.slice(0, 7));
|
|
1040
|
+
words = words.slice(7); // trim off the left 7 words
|
|
1041
|
+
sections.push({
|
|
1042
|
+
name: 'timestamp',
|
|
1043
|
+
letters: letters.slice(0, 7),
|
|
1044
|
+
value: timestamp
|
|
1045
|
+
});
|
|
1046
|
+
letters = letters.slice(7);
|
|
1047
|
+
|
|
1048
|
+
let tagName, parser, tagLength, tagWords;
|
|
1049
|
+
// we have no tag count to go on, so just keep hacking off words
|
|
1050
|
+
// until we have none.
|
|
1051
|
+
while (words.length > 0) {
|
|
1052
|
+
const tagCode = words[0].toString();
|
|
1053
|
+
tagName = TAGNAMES[tagCode] || 'unknown_tag';
|
|
1054
|
+
parser = TAGPARSERS[tagCode] || getUnknownParser(tagCode);
|
|
1055
|
+
words = words.slice(1);
|
|
1056
|
+
|
|
1057
|
+
tagLength = wordsToIntBE(words.slice(0, 2));
|
|
1058
|
+
words = words.slice(2);
|
|
1059
|
+
|
|
1060
|
+
tagWords = words.slice(0, tagLength);
|
|
1061
|
+
words = words.slice(tagLength);
|
|
1062
|
+
|
|
1063
|
+
sections.push({
|
|
1064
|
+
name: tagName,
|
|
1065
|
+
tag: letters[0],
|
|
1066
|
+
letters: letters.slice(0, 1 + 2 + tagLength),
|
|
1067
|
+
value: parser(tagWords) // see: parsers for more comments
|
|
1068
|
+
});
|
|
1069
|
+
letters = letters.slice(1 + 2 + tagLength);
|
|
1070
|
+
}
|
|
1071
|
+
|
|
1072
|
+
// signature
|
|
1073
|
+
sections.push({
|
|
1074
|
+
name: 'signature',
|
|
1075
|
+
letters: letters.slice(0, 104),
|
|
1076
|
+
value: hex.encode(bech32.fromWordsUnsafe(sigWords))
|
|
1077
|
+
});
|
|
1078
|
+
letters = letters.slice(104);
|
|
1079
|
+
|
|
1080
|
+
// checksum
|
|
1081
|
+
sections.push({
|
|
1082
|
+
name: 'checksum',
|
|
1083
|
+
letters: letters
|
|
1084
|
+
});
|
|
1085
|
+
|
|
1086
|
+
let result = {
|
|
1087
|
+
paymentRequest,
|
|
1088
|
+
sections,
|
|
1089
|
+
|
|
1090
|
+
get expiry() {
|
|
1091
|
+
let exp = sections.find(s => s.name === 'expiry');
|
|
1092
|
+
if (exp) return getValue('timestamp') + exp.value
|
|
1093
|
+
},
|
|
1094
|
+
|
|
1095
|
+
get route_hints() {
|
|
1096
|
+
return sections.filter(s => s.name === 'route_hint').map(s => s.value)
|
|
1097
|
+
}
|
|
1098
|
+
};
|
|
1099
|
+
|
|
1100
|
+
for (let name in TAGCODES) {
|
|
1101
|
+
if (name === 'route_hint') {
|
|
1102
|
+
// route hints can be multiple, so this won't work for them
|
|
1103
|
+
continue
|
|
1104
|
+
}
|
|
1105
|
+
|
|
1106
|
+
Object.defineProperty(result, name, {
|
|
1107
|
+
get() {
|
|
1108
|
+
return getValue(name)
|
|
1109
|
+
}
|
|
1110
|
+
});
|
|
1111
|
+
}
|
|
1112
|
+
|
|
1113
|
+
return result
|
|
1114
|
+
|
|
1115
|
+
function getValue(name) {
|
|
1116
|
+
let section = sections.find(s => s.name === name);
|
|
1117
|
+
return section ? section.value : undefined
|
|
1118
|
+
}
|
|
1119
|
+
}
|
|
1120
|
+
|
|
1121
|
+
bolt11 = {
|
|
1122
|
+
decode,
|
|
1123
|
+
hrpToMillisat
|
|
1124
|
+
};
|
|
1125
|
+
return bolt11;
|
|
1070
1126
|
}
|
|
1071
1127
|
|
|
1072
|
-
|
|
1073
|
-
|
|
1074
|
-
//
|
|
1075
|
-
const
|
|
1076
|
-
|
|
1077
|
-
|
|
1078
|
-
|
|
1079
|
-
|
|
1080
|
-
|
|
1081
|
-
|
|
1082
|
-
|
|
1083
|
-
|
|
1084
|
-
|
|
1085
|
-
|
|
1086
|
-
|
|
1087
|
-
|
|
1088
|
-
|
|
1089
|
-
|
|
1090
|
-
|
|
1091
|
-
|
|
1092
|
-
|
|
1093
|
-
|
|
1094
|
-
|
|
1095
|
-
]);
|
|
1096
|
-
// Temporary buffer, not used to store anything between runs
|
|
1097
|
-
// Named this way because it matches specification.
|
|
1098
|
-
const SHA256_W = /* @__PURE__ */ new Uint32Array(64);
|
|
1099
|
-
class SHA256 extends SHA2 {
|
|
1100
|
-
constructor() {
|
|
1101
|
-
super(64, 32, 8, false);
|
|
1102
|
-
// We cannot use array here since array allows indexing by variable
|
|
1103
|
-
// which means optimizer/compiler cannot use registers.
|
|
1104
|
-
this.A = IV[0] | 0;
|
|
1105
|
-
this.B = IV[1] | 0;
|
|
1106
|
-
this.C = IV[2] | 0;
|
|
1107
|
-
this.D = IV[3] | 0;
|
|
1108
|
-
this.E = IV[4] | 0;
|
|
1109
|
-
this.F = IV[5] | 0;
|
|
1110
|
-
this.G = IV[6] | 0;
|
|
1111
|
-
this.H = IV[7] | 0;
|
|
1112
|
-
}
|
|
1113
|
-
get() {
|
|
1114
|
-
const { A, B, C, D, E, F, G, H } = this;
|
|
1115
|
-
return [A, B, C, D, E, F, G, H];
|
|
1116
|
-
}
|
|
1117
|
-
// prettier-ignore
|
|
1118
|
-
set(A, B, C, D, E, F, G, H) {
|
|
1119
|
-
this.A = A | 0;
|
|
1120
|
-
this.B = B | 0;
|
|
1121
|
-
this.C = C | 0;
|
|
1122
|
-
this.D = D | 0;
|
|
1123
|
-
this.E = E | 0;
|
|
1124
|
-
this.F = F | 0;
|
|
1125
|
-
this.G = G | 0;
|
|
1126
|
-
this.H = H | 0;
|
|
1127
|
-
}
|
|
1128
|
-
process(view, offset) {
|
|
1129
|
-
// Extend the first 16 words into the remaining 48 words w[16..63] of the message schedule array
|
|
1130
|
-
for (let i = 0; i < 16; i++, offset += 4)
|
|
1131
|
-
SHA256_W[i] = view.getUint32(offset, false);
|
|
1132
|
-
for (let i = 16; i < 64; i++) {
|
|
1133
|
-
const W15 = SHA256_W[i - 15];
|
|
1134
|
-
const W2 = SHA256_W[i - 2];
|
|
1135
|
-
const s0 = rotr(W15, 7) ^ rotr(W15, 18) ^ (W15 >>> 3);
|
|
1136
|
-
const s1 = rotr(W2, 17) ^ rotr(W2, 19) ^ (W2 >>> 10);
|
|
1137
|
-
SHA256_W[i] = (s1 + SHA256_W[i - 7] + s0 + SHA256_W[i - 16]) | 0;
|
|
1128
|
+
var bolt11Exports = requireBolt11();
|
|
1129
|
+
|
|
1130
|
+
// from https://stackoverflow.com/a/50868276
|
|
1131
|
+
const fromHexString = (hexString) => Uint8Array.from(hexString.match(/.{1,2}/g).map((byte) => parseInt(byte, 16)));
|
|
1132
|
+
const decodeInvoice = (paymentRequest) => {
|
|
1133
|
+
if (!paymentRequest)
|
|
1134
|
+
return null;
|
|
1135
|
+
try {
|
|
1136
|
+
const decoded = bolt11Exports.decode(paymentRequest);
|
|
1137
|
+
if (!decoded || !decoded.sections)
|
|
1138
|
+
return null;
|
|
1139
|
+
const hashTag = decoded.sections.find((value) => value.name === "payment_hash");
|
|
1140
|
+
if (hashTag?.name !== "payment_hash" || !hashTag.value)
|
|
1141
|
+
return null;
|
|
1142
|
+
const paymentHash = hashTag.value;
|
|
1143
|
+
let satoshi = 0;
|
|
1144
|
+
let millisatoshi = 0;
|
|
1145
|
+
let amountRaw = "0";
|
|
1146
|
+
const amountTag = decoded.sections.find((value) => value.name === "amount");
|
|
1147
|
+
if (amountTag?.name === "amount" && amountTag.value) {
|
|
1148
|
+
amountRaw = amountTag.value;
|
|
1149
|
+
millisatoshi = parseInt(amountTag.value);
|
|
1150
|
+
satoshi = parseInt(amountTag.value) / 1000; // millisats
|
|
1138
1151
|
}
|
|
1139
|
-
|
|
1140
|
-
|
|
1141
|
-
|
|
1142
|
-
|
|
1143
|
-
|
|
1144
|
-
|
|
1145
|
-
|
|
1146
|
-
|
|
1147
|
-
G = F;
|
|
1148
|
-
F = E;
|
|
1149
|
-
E = (D + T1) | 0;
|
|
1150
|
-
D = C;
|
|
1151
|
-
C = B;
|
|
1152
|
-
B = A;
|
|
1153
|
-
A = (T1 + T2) | 0;
|
|
1152
|
+
const timestampTag = decoded.sections.find((value) => value.name === "timestamp");
|
|
1153
|
+
if (timestampTag?.name !== "timestamp" || !timestampTag.value)
|
|
1154
|
+
return null;
|
|
1155
|
+
const timestamp = timestampTag.value;
|
|
1156
|
+
let expiry;
|
|
1157
|
+
const expiryTag = decoded.sections.find((value) => value.name === "expiry");
|
|
1158
|
+
if (expiryTag?.name === "expiry") {
|
|
1159
|
+
expiry = expiryTag.value;
|
|
1154
1160
|
}
|
|
1155
|
-
|
|
1156
|
-
|
|
1157
|
-
|
|
1158
|
-
|
|
1159
|
-
|
|
1160
|
-
|
|
1161
|
-
|
|
1162
|
-
|
|
1163
|
-
|
|
1164
|
-
|
|
1161
|
+
const descriptionTag = decoded.sections.find((value) => value.name === "description");
|
|
1162
|
+
const description = descriptionTag?.name === "description"
|
|
1163
|
+
? descriptionTag?.value
|
|
1164
|
+
: undefined;
|
|
1165
|
+
return {
|
|
1166
|
+
paymentHash,
|
|
1167
|
+
satoshi,
|
|
1168
|
+
millisatoshi,
|
|
1169
|
+
amountRaw,
|
|
1170
|
+
timestamp,
|
|
1171
|
+
expiry,
|
|
1172
|
+
description,
|
|
1173
|
+
};
|
|
1165
1174
|
}
|
|
1166
|
-
|
|
1167
|
-
|
|
1175
|
+
catch {
|
|
1176
|
+
return null;
|
|
1168
1177
|
}
|
|
1169
|
-
|
|
1170
|
-
|
|
1171
|
-
|
|
1178
|
+
};
|
|
1179
|
+
function validatePreimage(preimage, paymentHash) {
|
|
1180
|
+
try {
|
|
1181
|
+
if (!/^[0-9a-fA-F]{64}$/.test(preimage))
|
|
1182
|
+
return false;
|
|
1183
|
+
if (!/^[0-9a-fA-F]{64}$/.test(paymentHash))
|
|
1184
|
+
return false;
|
|
1185
|
+
const preimageHash = bytesToHex(sha256(fromHexString(preimage)));
|
|
1186
|
+
return paymentHash === preimageHash;
|
|
1187
|
+
}
|
|
1188
|
+
catch {
|
|
1189
|
+
return false;
|
|
1172
1190
|
}
|
|
1173
1191
|
}
|
|
1174
|
-
/**
|
|
1175
|
-
* SHA2-256 hash function
|
|
1176
|
-
* @param message - data that would be hashed
|
|
1177
|
-
*/
|
|
1178
|
-
const sha256 = /* @__PURE__ */ wrapConstructor(() => new SHA256());
|
|
1179
1192
|
|
|
1180
1193
|
class Invoice {
|
|
1181
1194
|
constructor(args) {
|
|
@@ -1215,13 +1228,7 @@ class Invoice {
|
|
|
1215
1228
|
validatePreimage(preimage) {
|
|
1216
1229
|
if (!preimage || !this.paymentHash)
|
|
1217
1230
|
return false;
|
|
1218
|
-
|
|
1219
|
-
const preimageHash = bytesToHex(sha256(fromHexString(preimage)));
|
|
1220
|
-
return this.paymentHash === preimageHash;
|
|
1221
|
-
}
|
|
1222
|
-
catch {
|
|
1223
|
-
return false;
|
|
1224
|
-
}
|
|
1231
|
+
return validatePreimage(preimage, this.paymentHash);
|
|
1225
1232
|
}
|
|
1226
1233
|
async verifyPayment() {
|
|
1227
1234
|
try {
|
|
@@ -1679,6 +1686,11 @@ function createGuardedWallet(wallet, maxAmountSats) {
|
|
|
1679
1686
|
};
|
|
1680
1687
|
}
|
|
1681
1688
|
|
|
1689
|
+
/**
|
|
1690
|
+
* Client: parse "www-authenticate" header from server response
|
|
1691
|
+
* @param input
|
|
1692
|
+
* @returns details from the header value (token or macaroon, invoice)
|
|
1693
|
+
*/
|
|
1682
1694
|
const parseL402 = (input) => {
|
|
1683
1695
|
// Remove the L402 and LSAT identifiers
|
|
1684
1696
|
const string = input.replace("L402", "").replace("LSAT", "").trim();
|
|
@@ -1693,6 +1705,19 @@ const parseL402 = (input) => {
|
|
|
1693
1705
|
// Value is either match[3] (double-quoted), match[4] (single-quoted), or match[5] (unquoted)
|
|
1694
1706
|
keyValuePairs[match[1]] = match[3] || match[4] || match[5];
|
|
1695
1707
|
}
|
|
1708
|
+
if (!keyValuePairs["token"] && keyValuePairs["macaroon"]) {
|
|
1709
|
+
// fallback to old naming
|
|
1710
|
+
keyValuePairs["token"] = keyValuePairs["macaroon"];
|
|
1711
|
+
delete keyValuePairs["macaroon"];
|
|
1712
|
+
}
|
|
1713
|
+
if (!("token" in keyValuePairs) ||
|
|
1714
|
+
typeof keyValuePairs["token"] !== "string") {
|
|
1715
|
+
throw new Error("No macaroon or token found in www-authenticate header");
|
|
1716
|
+
}
|
|
1717
|
+
if (!("invoice" in keyValuePairs) ||
|
|
1718
|
+
typeof keyValuePairs["invoice"] !== "string") {
|
|
1719
|
+
throw new Error("No invoice found in www-authenticate header");
|
|
1720
|
+
}
|
|
1696
1721
|
return keyValuePairs;
|
|
1697
1722
|
};
|
|
1698
1723
|
|
|
@@ -1742,7 +1767,7 @@ const buildX402PaymentSignature = (scheme, network, invoice, requirements) => {
|
|
|
1742
1767
|
return btoa(unescape(encodeURIComponent(json)));
|
|
1743
1768
|
};
|
|
1744
1769
|
|
|
1745
|
-
const
|
|
1770
|
+
const decodeX402Header = (x402Header) => {
|
|
1746
1771
|
let parsed;
|
|
1747
1772
|
try {
|
|
1748
1773
|
parsed = JSON.parse(decodeURIComponent(escape(atob(x402Header))));
|
|
@@ -1753,9 +1778,31 @@ const handleX402Payment = async (x402Header, url, fetchArgs, headers, wallet) =>
|
|
|
1753
1778
|
if (!Array.isArray(parsed.accepts) || parsed.accepts.length === 0) {
|
|
1754
1779
|
throw new Error("x402: PAYMENT-REQUIRED header contains no payment options");
|
|
1755
1780
|
}
|
|
1756
|
-
|
|
1757
|
-
|
|
1758
|
-
|
|
1781
|
+
return { accepts: parsed.accepts };
|
|
1782
|
+
};
|
|
1783
|
+
/**
|
|
1784
|
+
* Probe a PAYMENT-REQUIRED header for a lightning-payable offer without
|
|
1785
|
+
* throwing. Returns the matching requirements, or null if the header has no
|
|
1786
|
+
* lightning entry (e.g. USDC-only endpoints) or is malformed. Used by the
|
|
1787
|
+
* top-level fetch402 dispatcher to decide whether to attempt payment or hand
|
|
1788
|
+
* the 402 back to the caller.
|
|
1789
|
+
*/
|
|
1790
|
+
const findX402LightningRequirements = (x402Header) => {
|
|
1791
|
+
let accepts;
|
|
1792
|
+
try {
|
|
1793
|
+
({ accepts } = decodeX402Header(x402Header));
|
|
1794
|
+
}
|
|
1795
|
+
catch (_) {
|
|
1796
|
+
return null;
|
|
1797
|
+
}
|
|
1798
|
+
const requirements = accepts.find((e) => e?.extra?.paymentMethod === "lightning");
|
|
1799
|
+
if (!requirements?.extra?.invoice)
|
|
1800
|
+
return null;
|
|
1801
|
+
return requirements;
|
|
1802
|
+
};
|
|
1803
|
+
const handleX402Payment = async (x402Header, url, fetchArgs, headers, wallet) => {
|
|
1804
|
+
const { accepts } = decodeX402Header(x402Header);
|
|
1805
|
+
const requirements = accepts.find((e) => e?.extra?.paymentMethod === "lightning");
|
|
1759
1806
|
if (!requirements) {
|
|
1760
1807
|
throw new Error("x402: unsupported x402 network, only Bitcoin lightning network is supported.");
|
|
1761
1808
|
}
|
|
@@ -1974,24 +2021,112 @@ const fetch402 = async (url, fetchArgs, options) => {
|
|
|
1974
2021
|
const headers = new Headers(fetchArgs.headers ?? undefined);
|
|
1975
2022
|
fetchArgs.headers = headers;
|
|
1976
2023
|
const initResp = await fetch(url, fetchArgs);
|
|
2024
|
+
// L402 / LSAT: dedicated scheme, dispatch directly.
|
|
1977
2025
|
const wwwAuthHeader = initResp.headers.get("www-authenticate");
|
|
1978
2026
|
if (wwwAuthHeader) {
|
|
1979
2027
|
const trimmed = wwwAuthHeader.trimStart().toLowerCase();
|
|
1980
|
-
if (trimmed.startsWith("payment")) {
|
|
1981
|
-
return handleMppChargePayment(wwwAuthHeader, url, fetchArgs, headers, wallet);
|
|
1982
|
-
}
|
|
1983
2028
|
if (trimmed.startsWith("l402") || trimmed.startsWith("lsat")) {
|
|
1984
2029
|
return handleL402Payment(wwwAuthHeader, url, fetchArgs, headers, wallet);
|
|
1985
2030
|
}
|
|
1986
|
-
throw new Error(`fetch402: unsupported WWW-Authenticate scheme: ${wwwAuthHeader}`);
|
|
1987
2031
|
}
|
|
2032
|
+
// A server may advertise multiple payment options at once (e.g. an MPP
|
|
2033
|
+
// USDC challenge in WWW-Authenticate alongside an x402 PAYMENT-REQUIRED
|
|
2034
|
+
// header that lists both USDC and lightning). Try each lightning-payable
|
|
2035
|
+
// handler in turn; only if none matches do we hand the original 402 back
|
|
2036
|
+
// to the caller so they can decide what to do with non-lightning offers.
|
|
2037
|
+
// 1. MPP-lightning challenge (Payment method="lightning" intent="charge").
|
|
2038
|
+
// parseMppChallenge returns null for any other method, which lets us
|
|
2039
|
+
// fall through to x402 instead of throwing.
|
|
2040
|
+
if (wwwAuthHeader && parseMppChallenge(wwwAuthHeader)) {
|
|
2041
|
+
return handleMppChargePayment(wwwAuthHeader, url, fetchArgs, headers, wallet);
|
|
2042
|
+
}
|
|
2043
|
+
// 2. x402 PAYMENT-REQUIRED with a lightning entry in `accepts`.
|
|
1988
2044
|
const x402Header = initResp.headers.get("PAYMENT-REQUIRED");
|
|
1989
|
-
if (x402Header) {
|
|
2045
|
+
if (x402Header && findX402LightningRequirements(x402Header)) {
|
|
1990
2046
|
return handleX402Payment(x402Header, url, fetchArgs, headers, wallet);
|
|
1991
2047
|
}
|
|
1992
2048
|
return initResp;
|
|
1993
2049
|
};
|
|
1994
2050
|
|
|
2051
|
+
async function issueL402Macaroon(secret, paymentHash, params) {
|
|
2052
|
+
if (params !== undefined &&
|
|
2053
|
+
Object.prototype.hasOwnProperty.call(params, "paymentHash")) {
|
|
2054
|
+
throw new Error("paymentHash is reserved");
|
|
2055
|
+
}
|
|
2056
|
+
const payload = { ...params, paymentHash };
|
|
2057
|
+
const encoded = Buffer.from(JSON.stringify(payload)).toString("base64url");
|
|
2058
|
+
const mac = await sign(secret, encoded);
|
|
2059
|
+
return `${encoded}.${mac}`;
|
|
2060
|
+
}
|
|
2061
|
+
async function verifyL402Macaroon(secret, token) {
|
|
2062
|
+
const { timingSafeEqual } = await import('crypto');
|
|
2063
|
+
const dotIndex = token.lastIndexOf(".");
|
|
2064
|
+
if (dotIndex === -1)
|
|
2065
|
+
throw new Error("Invalid macaroon token");
|
|
2066
|
+
const encoded = token.slice(0, dotIndex);
|
|
2067
|
+
const mac = token.slice(dotIndex + 1);
|
|
2068
|
+
// Constant-time comparison to prevent timing attacks
|
|
2069
|
+
const expectedMac = await sign(secret, encoded);
|
|
2070
|
+
try {
|
|
2071
|
+
if (!timingSafeEqual(Buffer.from(mac, "hex"), Buffer.from(expectedMac, "hex"))) {
|
|
2072
|
+
throw new Error("Invalid macaroon token");
|
|
2073
|
+
}
|
|
2074
|
+
}
|
|
2075
|
+
catch (e) {
|
|
2076
|
+
throw new Error("Invalid macaroon token");
|
|
2077
|
+
}
|
|
2078
|
+
try {
|
|
2079
|
+
const parsed = JSON.parse(Buffer.from(encoded, "base64url").toString("utf8"));
|
|
2080
|
+
if (parsed === null ||
|
|
2081
|
+
typeof parsed !== "object" ||
|
|
2082
|
+
Array.isArray(parsed) ||
|
|
2083
|
+
typeof parsed.paymentHash !== "string") {
|
|
2084
|
+
throw new Error("Invalid macaroon payload");
|
|
2085
|
+
}
|
|
2086
|
+
return parsed;
|
|
2087
|
+
}
|
|
2088
|
+
catch {
|
|
2089
|
+
throw new Error("Invalid macaroon token");
|
|
2090
|
+
}
|
|
2091
|
+
}
|
|
2092
|
+
async function sign(secret, payload) {
|
|
2093
|
+
const { createHmac } = await import('crypto');
|
|
2094
|
+
return createHmac("sha256", secret).update(payload).digest("hex");
|
|
2095
|
+
}
|
|
2096
|
+
|
|
2097
|
+
/**
|
|
2098
|
+
* Server: create a WWW-Authenticate header for a given macaroon and invoice
|
|
2099
|
+
* @param args the macaroon/token and invoice generated for the client's request
|
|
2100
|
+
* @returns the header value
|
|
2101
|
+
*/
|
|
2102
|
+
const makeL402AuthenticateHeader = (args) => {
|
|
2103
|
+
if (!args.token) {
|
|
2104
|
+
throw new Error("token must be provided");
|
|
2105
|
+
}
|
|
2106
|
+
return `L402 version="0" token="${args.token}", invoice="${args.invoice}"`;
|
|
2107
|
+
};
|
|
2108
|
+
/**
|
|
2109
|
+
* Server: parse "authorization" header sent from client
|
|
2110
|
+
* @param input value from authorization header
|
|
2111
|
+
* @returns the macaroon and preimage
|
|
2112
|
+
*/
|
|
2113
|
+
function parseL402Authorization(input) {
|
|
2114
|
+
// Backwards compat: LSAT was the former name of L402
|
|
2115
|
+
const normalized = input.replace(/^LSAT /, "L402 ");
|
|
2116
|
+
const prefix = "L402 ";
|
|
2117
|
+
if (!normalized.startsWith(prefix))
|
|
2118
|
+
return null;
|
|
2119
|
+
const credentials = normalized.slice(prefix.length);
|
|
2120
|
+
const colonIndex = credentials.indexOf(":");
|
|
2121
|
+
if (colonIndex === -1) {
|
|
2122
|
+
throw new Error("Invalid authorization header value");
|
|
2123
|
+
}
|
|
2124
|
+
return {
|
|
2125
|
+
token: credentials.slice(0, colonIndex),
|
|
2126
|
+
preimage: credentials.slice(colonIndex + 1),
|
|
2127
|
+
};
|
|
2128
|
+
}
|
|
2129
|
+
|
|
1995
2130
|
const numSatsInBtc = 100000000;
|
|
1996
2131
|
const getFiatCurrencies = async () => {
|
|
1997
2132
|
const url = "https://getalby.com/api/rates";
|
|
@@ -2051,6 +2186,7 @@ exports.fetch402 = fetch402;
|
|
|
2051
2186
|
exports.fetchWithL402 = fetchWithL402;
|
|
2052
2187
|
exports.fetchWithMpp = fetchWithMpp;
|
|
2053
2188
|
exports.fetchWithX402 = fetchWithX402;
|
|
2189
|
+
exports.findX402LightningRequirements = findX402LightningRequirements;
|
|
2054
2190
|
exports.fromHexString = fromHexString;
|
|
2055
2191
|
exports.generateZapEvent = generateZapEvent;
|
|
2056
2192
|
exports.getEventHash = getEventHash;
|
|
@@ -2061,10 +2197,16 @@ exports.getFormattedFiatValue = getFormattedFiatValue;
|
|
|
2061
2197
|
exports.getSatoshiValue = getSatoshiValue;
|
|
2062
2198
|
exports.isUrl = isUrl;
|
|
2063
2199
|
exports.isValidAmount = isValidAmount;
|
|
2200
|
+
exports.issueL402Macaroon = issueL402Macaroon;
|
|
2201
|
+
exports.makeL402AuthenticateHeader = makeL402AuthenticateHeader;
|
|
2064
2202
|
exports.parseKeysendResponse = parseKeysendResponse;
|
|
2203
|
+
exports.parseL402 = parseL402;
|
|
2204
|
+
exports.parseL402Authorization = parseL402Authorization;
|
|
2065
2205
|
exports.parseLnUrlPayResponse = parseLnUrlPayResponse;
|
|
2066
2206
|
exports.parseNostrResponse = parseNostrResponse;
|
|
2067
2207
|
exports.sendBoostagram = sendBoostagram;
|
|
2068
2208
|
exports.serializeEvent = serializeEvent;
|
|
2069
2209
|
exports.validateEvent = validateEvent;
|
|
2210
|
+
exports.validatePreimage = validatePreimage;
|
|
2211
|
+
exports.verifyL402Macaroon = verifyL402Macaroon;
|
|
2070
2212
|
//# sourceMappingURL=index.cjs.map
|