@getpara/core-sdk 2.0.0-alpha.53 → 2.0.0-alpha.54

package/dist/cjs/shares/enclave.js

@@ -0,0 +1,266 @@
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var __async = (__this, __arguments, generator) => {
+  return new Promise((resolve, reject) => {
+    var fulfilled = (value) => {
+      try {
+        step(generator.next(value));
+      } catch (e) {
+        reject(e);
+      }
+    };
+    var rejected = (value) => {
+      try {
+        step(generator.throw(value));
+      } catch (e) {
+        reject(e);
+      }
+    };
+    var step = (x) => x.done ? resolve(x.value) : Promise.resolve(x.value).then(fulfilled, rejected);
+    step((generator = generator.apply(__this, __arguments)).next());
+  });
+};
+var enclave_exports = {};
+__export(enclave_exports, {
+  EnclaveClient: () => EnclaveClient
+});
+module.exports = __toCommonJS(enclave_exports);
+class EnclaveClient {
+  constructor({
+    userManagementClient,
+    retrieveJwt,
+    persistJwt,
+    retrieveRefreshJwt,
+    persistRefreshJwt
+  }) {
+    this.enclavePublicKey = null;
+    this.frontendKeyPair = null;
+    this.userManagementClient = userManagementClient;
+    this.retrieveJwt = retrieveJwt;
+    this.persistJwt = persistJwt;
+    this.retrieveRefreshJwt = retrieveRefreshJwt;
+    this.persistRefreshJwt = persistRefreshJwt;
+  }
+  refreshJwt() {
+    return __async(this, null, function* () {
+      const frontendKeyPair = yield this.generateFrontendKeyPair();
+      const responsePublicKeyPEM = yield this.exportPublicKeyToPEM(frontendKeyPair.publicKey);
+      const payload = {
+        refreshJwt: this.retrieveRefreshJwt(),
+        responsePublicKey: responsePublicKeyPEM
+      };
+      const encryptedPayload = yield this.encryptForEnclave(JSON.stringify(payload));
+      const response = yield this.userManagementClient.refreshEnclaveJwt(JSON.stringify(encryptedPayload));
+      const decryptedResponse = yield this.decryptForFrontend(JSON.parse(response.payload));
+      this.persistJwt(decryptedResponse.jwt);
+      this.persistRefreshJwt(decryptedResponse.refreshJwt);
+    });
+  }
+  withJwtRefreshRetry(fn) {
+    return __async(this, null, function* () {
+      try {
+        return yield fn();
+      } catch (error) {
+        yield this.refreshJwt();
+        return yield fn();
+      }
+    });
+  }
+  issueEnclaveJwt() {
+    return __async(this, null, function* () {
+      const frontendKeyPair = yield this.generateFrontendKeyPair();
+      const responsePublicKeyPEM = yield this.exportPublicKeyToPEM(frontendKeyPair.publicKey);
+      const payload = {
+        responsePublicKey: responsePublicKeyPEM
+      };
+      const encryptedPayload = yield this.encryptForEnclave(JSON.stringify(payload));
+      const response = yield this.userManagementClient.issueEnclaveJwt(JSON.stringify(encryptedPayload));
+      const decryptedResponse = yield this.decryptForFrontend(JSON.parse(response));
+      this.persistJwt(decryptedResponse.jwt);
+    });
+  }
+  /**
+   * Generate a P-256 keypair for the frontend to receive encrypted responses
+   */
+  generateFrontendKeyPair() {
+    return __async(this, null, function* () {
+      if (this.frontendKeyPair) {
+        return this.frontendKeyPair;
+      }
+      this.frontendKeyPair = yield crypto.subtle.generateKey({ name: "ECDH", namedCurve: "P-256" }, true, ["deriveBits"]);
+      return this.frontendKeyPair;
+    });
+  }
+  /**
+   * Get the enclave's public key from the user-management service
+   */
+  getEnclavePublicKey() {
+    return __async(this, null, function* () {
+      if (this.enclavePublicKey) {
+        return this.enclavePublicKey;
+      }
+      const response = yield this.userManagementClient.getEnclavePublicKey();
+      this.enclavePublicKey = response.publicKey;
+      return this.enclavePublicKey;
+    });
+  }
+  /**
+   * Import a PEM-formatted public key for use with Web Crypto API
+   */
+  importPublicKeyFromPEM(pemString) {
+    return __async(this, null, function* () {
+      const pemContents = pemString.replace("-----BEGIN PUBLIC KEY-----", "").replace("-----END PUBLIC KEY-----", "").replace(/\s/g, "");
+      const keyData = Uint8Array.from(atob(pemContents), (c) => c.charCodeAt(0));
+      return yield crypto.subtle.importKey("spki", keyData, { name: "ECDH", namedCurve: "P-256" }, false, []);
+    });
+  }
+  /**
+   * Export a public key to PEM format
+   */
+  exportPublicKeyToPEM(publicKey) {
+    return __async(this, null, function* () {
+      const exported = yield crypto.subtle.exportKey("spki", publicKey);
+      const exportedAsBase64 = btoa(String.fromCharCode(...new Uint8Array(exported)));
+      return `-----BEGIN PUBLIC KEY-----
+${exportedAsBase64}
+-----END PUBLIC KEY-----`;
+    });
+  }
+  /**
+   * Encrypt data using P-256 ECIES for the enclave
+   */
+  encryptForEnclave(plaintext) {
+    return __async(this, null, function* () {
+      const enclavePublicKeyPEM = yield this.getEnclavePublicKey();
+      const enclavePublicKey = yield this.importPublicKeyFromPEM(enclavePublicKeyPEM);
+      const ephemeralKeyPair = yield crypto.subtle.generateKey({ name: "ECDH", namedCurve: "P-256" }, true, ["deriveBits"]);
+      const sharedSecretBits = yield crypto.subtle.deriveBits(
+        { name: "ECDH", public: enclavePublicKey },
+        ephemeralKeyPair.privateKey,
+        256
+        // 32 bytes = 256 bits
+      );
+      const encryptionKeyBuffer = yield crypto.subtle.digest("SHA-256", sharedSecretBits);
+      const encryptionKey = yield crypto.subtle.importKey("raw", encryptionKeyBuffer, { name: "AES-GCM" }, false, ["encrypt"]);
+      const iv = crypto.getRandomValues(new Uint8Array(12));
+      const encrypted = yield crypto.subtle.encrypt(
+        { name: "AES-GCM", iv },
+        encryptionKey,
+        new TextEncoder().encode(plaintext)
+      );
+      const encryptedArray = new Uint8Array(encrypted);
+      const combined = new Uint8Array(iv.length + encryptedArray.length);
+      combined.set(iv);
+      combined.set(encryptedArray, iv.length);
+      const ephemeralPublicKeyBuffer = yield crypto.subtle.exportKey("spki", ephemeralKeyPair.publicKey);
+      return {
+        encryptedData: btoa(String.fromCharCode(...combined)),
+        keyId: "",
+        // Will be set by the enclave
+        algorithm: "ECIES-P256-AES256-SHA256",
+        ephemeral: btoa(String.fromCharCode(...new Uint8Array(ephemeralPublicKeyBuffer)))
+      };
+    });
+  }
+  /**
+   * Decrypt response encrypted for the frontend
+   */
+  decryptForFrontend(encryptedPayload) {
+    return __async(this, null, function* () {
+      if (!this.frontendKeyPair) {
+        throw new Error("Frontend keypair not available");
+      }
+      const encryptedData = Uint8Array.from(atob(encryptedPayload.encryptedData), (c) => c.charCodeAt(0));
+      const ephemeralPublicKeyData = Uint8Array.from(atob(encryptedPayload.ephemeral), (c) => c.charCodeAt(0));
+      const ephemeralPublicKey = yield crypto.subtle.importKey(
+        "spki",
+        ephemeralPublicKeyData,
+        { name: "ECDH", namedCurve: "P-256" },
+        false,
+        []
+      );
+      const sharedSecretBits = yield crypto.subtle.deriveBits(
+        { name: "ECDH", public: ephemeralPublicKey },
+        this.frontendKeyPair.privateKey,
+        256
+      );
+      const encryptionKeyBuffer = yield crypto.subtle.digest("SHA-256", sharedSecretBits);
+      const encryptionKey = yield crypto.subtle.importKey("raw", encryptionKeyBuffer, { name: "AES-GCM" }, false, ["decrypt"]);
+      const iv = encryptedData.slice(0, 12);
+      const ciphertext = encryptedData.slice(12);
+      const decrypted = yield crypto.subtle.decrypt({ name: "AES-GCM", iv }, encryptionKey, ciphertext);
+      return JSON.parse(new TextDecoder().decode(decrypted));
+    });
+  }
+  /**
+   * Persist key shares to the enclave
+   * @param shares Array of share data to persist
+   */
+  persistShares(shares) {
+    return __async(this, null, function* () {
+      const payload = {
+        shares,
+        jwt: this.retrieveJwt()
+      };
+      const encryptedPayload = yield this.encryptForEnclave(JSON.stringify(payload));
+      const encryptedPayloadStr = JSON.stringify(encryptedPayload);
+      return yield this.userManagementClient.persistEnclaveShares(encryptedPayloadStr);
+    });
+  }
+  /**
+   * Retrieve key shares from the enclave
+   * @param query Query parameters for finding shares (single query or array of queries)
+   */
+  retrieveShares(query) {
+    return __async(this, null, function* () {
+      yield this.issueEnclaveJwt();
+      const frontendKeyPair = yield this.generateFrontendKeyPair();
+      const responsePublicKeyPEM = yield this.exportPublicKeyToPEM(frontendKeyPair.publicKey);
+      const fullQuery = query.map((q) => ({
+        userId: q.userId
+      }));
+      const payload = {
+        query: fullQuery,
+        responsePublicKey: responsePublicKeyPEM,
+        jwt: this.retrieveJwt()
+      };
+      const encryptedPayload = yield this.encryptForEnclave(JSON.stringify(payload));
+      const encryptedPayloadStr = JSON.stringify(encryptedPayload);
+      const response = yield this.userManagementClient.retrieveEnclaveShares(encryptedPayloadStr);
+      const encryptedResponse = JSON.parse(response.payload);
+      const decryptedData = yield this.decryptForFrontend(encryptedResponse);
+      return decryptedData.shares;
+    });
+  }
+  retrieveSharesWithRetry(query) {
+    return __async(this, null, function* () {
+      return yield this.withJwtRefreshRetry(() => __async(this, null, function* () {
+        return this.retrieveShares(query);
+      }));
+    });
+  }
+  persistSharesWithRetry(shares) {
+    return __async(this, null, function* () {
+      return yield this.persistShares(shares);
+    });
+  }
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  EnclaveClient
+});

package/dist/cjs/shares/shareDistribution.js

@@ -52,8 +52,23 @@ function distributeNewShare(_0) {
     ignoreRedistributingBackupEncryptedShare = false,
     emailProps = {},
     partnerId,
-    protocolId
+    protocolId,
+    isEnclaveUser,
+    walletScheme
   }) {
+    if (isEnclaveUser) {
+      yield ctx.enclaveClient.persistSharesWithRetry([
+        {
+          userId,
+          walletId,
+          walletScheme,
+          signer: userShare,
+          partnerId,
+          protocolId
+        }
+      ]);
+      return "";
+    }
     const publicKeysRes = yield ctx.client.getSessionPublicKeys(userId);
     const biometricEncryptedShares = publicKeysRes.data.keys.map((key) => {
       if (!key.publicKey) {

package/dist/cjs/types/assets.js

@@ -0,0 +1,15 @@
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var assets_exports = {};
+module.exports = __toCommonJS(assets_exports);

package/dist/cjs/types/events.js

@@ -33,6 +33,8 @@ var ParaEvent = ((ParaEvent2) => {
   ParaEvent2["WALLET_CREATED"] = `${EVENT_PREFIX}WalletCreated`;
   ParaEvent2["PREGEN_WALLET_CLAIMED"] = `${EVENT_PREFIX}PregenWalletClaimed`;
   ParaEvent2["GUEST_WALLETS_CREATED"] = `${EVENT_PREFIX}GuestWalletsCreated`;
+  ParaEvent2["ASSET_TRANSFERRED"] = `${EVENT_PREFIX}AssetTransferred`;
+  ParaEvent2["ONRAMP_TRANSACTION_COMPLETE"] = `${EVENT_PREFIX}OnRampTransactionComplete`;
   return ParaEvent2;
 })(ParaEvent || {});
 // Annotate the CommonJS export names for ESM import in node:

package/dist/cjs/utils/formatting.js

@@ -4,6 +4,7 @@ var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
 var __getOwnPropNames = Object.getOwnPropertyNames;
 var __getProtoOf = Object.getPrototypeOf;
 var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __pow = Math.pow;
 var __export = (target, all) => {
   for (var name in all)
     __defProp(target, name, { get: all[name], enumerable: true });
@@ -29,6 +30,8 @@ var formatting_exports = {};
 __export(formatting_exports, {
   compressPubkey: () => compressPubkey,
   decimalToHex: () => decimalToHex,
+  formatAssetQuantity: () => formatAssetQuantity,
+  formatCurrency: () => formatCurrency,
   getCosmosAddress: () => getCosmosAddress,
   hexStringToBase64: () => hexStringToBase64,
   hexToDecimal: () => hexToDecimal,
@@ -102,10 +105,48 @@ function truncateAddress(str, addressType, {
   const margin = targetLength !== void 0 ? (targetLength - minimum) / 2 : 4;
   return `${str.slice(0, minimum + margin)}...${str.slice(-1 * margin)}`;
 }
+function formatCurrency(value, { fallback = "" } = {}) {
+  if (!value) {
+    return fallback;
+  }
+  const formatter = new Intl.NumberFormat("en-US", {
+    style: "currency",
+    currency: value.currency
+  });
+  const zeroFormatter = new Intl.NumberFormat("en-US", {
+    style: "currency",
+    currency: value.currency,
+    maximumFractionDigits: 0
+  });
+  return Math.abs(value.value) < 0.01 ? zeroFormatter.format(0) : formatter.format(value.value);
+}
+const zeroAssetFormatter = new Intl.NumberFormat("en-US", {
+  style: "decimal",
+  maximumFractionDigits: 0,
+  minimumFractionDigits: 0
+});
+function formatAssetQuantity({
+  quantity,
+  symbol = "",
+  decimals,
+  fallback = ""
+}) {
+  if (!quantity) {
+    return fallback;
+  }
+  const formatter = new Intl.NumberFormat("en-US", {
+    style: "decimal",
+    maximumFractionDigits: decimals != null ? decimals : Math.abs(quantity) < 1e-3 ? 6 : 3,
+    minimumFractionDigits: decimals != null ? decimals : 3
+  });
+  return `${Math.abs(quantity) < __pow(10, -1 * (decimals != null ? decimals : 6)) ? zeroAssetFormatter.format(0) : formatter.format(quantity)}${symbol && symbol.length > 0 ? ` ${symbol}` : ""}`;
+}
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {
   compressPubkey,
   decimalToHex,
+  formatAssetQuantity,
+  formatCurrency,
   getCosmosAddress,
   hexStringToBase64,
   hexToDecimal,