@ghostspeak/sdk 2.0.6 → 2.0.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (117) hide show
  1. package/README.md +152 -30
  2. package/dist/GhostSpeakClient-CWmGaM9Q.d.ts +1007 -0
  3. package/dist/StakingModule-C5rzuOWb.d.ts +2526 -0
  4. package/dist/{agent-M74TCRON.js → agent-5YLZ7DAC.js} +4 -4
  5. package/dist/{agent-M74TCRON.js.map → agent-5YLZ7DAC.js.map} +1 -1
  6. package/dist/batch-operations-45CQFEID.js +4 -0
  7. package/dist/batch-operations-45CQFEID.js.map +1 -0
  8. package/dist/browser.d.ts +45 -554
  9. package/dist/browser.js +15 -842
  10. package/dist/browser.js.map +1 -1
  11. package/dist/chunk-AL3HQN73.js +754 -0
  12. package/dist/chunk-AL3HQN73.js.map +1 -0
  13. package/dist/chunk-BF3IQ35I.js +284 -0
  14. package/dist/chunk-BF3IQ35I.js.map +1 -0
  15. package/dist/chunk-BQDGRTVP.js +168 -0
  16. package/dist/chunk-BQDGRTVP.js.map +1 -0
  17. package/dist/chunk-C5CDA3WX.js +7314 -0
  18. package/dist/chunk-C5CDA3WX.js.map +1 -0
  19. package/dist/chunk-E3FD2CNY.js +1869 -0
  20. package/dist/chunk-E3FD2CNY.js.map +1 -0
  21. package/dist/{chunk-F3DZMBUA.js → chunk-G7S6B6WB.js} +327 -493
  22. package/dist/chunk-G7S6B6WB.js.map +1 -0
  23. package/dist/chunk-IHVDQ4YI.js +4231 -0
  24. package/dist/chunk-IHVDQ4YI.js.map +1 -0
  25. package/dist/chunk-JV2SWONF.js +98 -0
  26. package/dist/chunk-JV2SWONF.js.map +1 -0
  27. package/dist/chunk-KB6CKIUK.js +231 -0
  28. package/dist/chunk-KB6CKIUK.js.map +1 -0
  29. package/dist/chunk-S74EH3KD.js +7890 -0
  30. package/dist/chunk-S74EH3KD.js.map +1 -0
  31. package/dist/chunk-SFTSZ3LC.js +156 -0
  32. package/dist/chunk-SFTSZ3LC.js.map +1 -0
  33. package/dist/chunk-SKMJJ3Q6.js +125 -0
  34. package/dist/chunk-SKMJJ3Q6.js.map +1 -0
  35. package/dist/chunk-SZGFSCNU.js +3682 -0
  36. package/dist/chunk-SZGFSCNU.js.map +1 -0
  37. package/dist/chunk-TTB4OS2D.js +69 -0
  38. package/dist/chunk-TTB4OS2D.js.map +1 -0
  39. package/dist/chunk-UP2VWCW5.js +33 -0
  40. package/dist/{chunk-NSBPE2FW.js.map → chunk-UP2VWCW5.js.map} +1 -1
  41. package/dist/{chunk-UJUGGLMT.js → chunk-VQZQCHUT.js} +5 -5
  42. package/dist/{chunk-UJUGGLMT.js.map → chunk-VQZQCHUT.js.map} +1 -1
  43. package/dist/client.d.ts +5 -4
  44. package/dist/client.js +11 -10
  45. package/dist/createAgentAuthorization-ULG47ZJI.js +5 -0
  46. package/dist/createAgentAuthorization-ULG47ZJI.js.map +1 -0
  47. package/dist/credentials.js +1 -1
  48. package/dist/crypto.js +2 -2
  49. package/dist/errors.js +1 -1
  50. package/dist/feature-flags-B1g0DCPe.d.ts +1181 -0
  51. package/dist/generated-EG5USUFG.js +9 -0
  52. package/dist/{generated-VNLHMR6Y.js.map → generated-EG5USUFG.js.map} +1 -1
  53. package/dist/{ghostspeak_wasm-SB2RPJ3D.js → ghostspeak_wasm-F227HOSM.js} +3 -3
  54. package/dist/{ghostspeak_wasm-SB2RPJ3D.js.map → ghostspeak_wasm-F227HOSM.js.map} +1 -1
  55. package/dist/index.d.ts +1209 -1506
  56. package/dist/index.js +600 -3532
  57. package/dist/index.js.map +1 -1
  58. package/dist/metafile-esm.json +1 -1
  59. package/dist/minimal/core-minimal.d.ts +2383 -1264
  60. package/dist/minimal/core-minimal.js +9 -9
  61. package/dist/minimal/core-minimal.js.map +1 -1
  62. package/dist/nacl-fast-W5BJ3KZ2.js +2229 -0
  63. package/dist/nacl-fast-W5BJ3KZ2.js.map +1 -0
  64. package/dist/pda-4KP7CURF.js +4 -0
  65. package/dist/pda-4KP7CURF.js.map +1 -0
  66. package/dist/pda-Ce7VYg4T.d.ts +25 -0
  67. package/dist/reputation-types-Yebf0Rm_.d.ts +1071 -0
  68. package/dist/revokeAuthorization-OK7E7OK3.js +5 -0
  69. package/dist/revokeAuthorization-OK7E7OK3.js.map +1 -0
  70. package/dist/signature-verification-DGxR4aYQ.d.ts +448 -0
  71. package/dist/types.js +1 -1
  72. package/dist/updateReputationWithAuth-Y4ONEVSP.js +5 -0
  73. package/dist/updateReputationWithAuth-Y4ONEVSP.js.map +1 -0
  74. package/dist/utils.d.ts +69 -203
  75. package/dist/utils.js +15 -153
  76. package/dist/utils.js.map +1 -1
  77. package/package.json +24 -31
  78. package/dist/.tsbuildinfo +0 -1
  79. package/dist/GhostSpeakClient-D_66Uzsf.d.ts +0 -707
  80. package/dist/GovernanceModule-DQYYys-H.d.ts +0 -1766
  81. package/dist/chunk-APCKGD23.js +0 -1328
  82. package/dist/chunk-APCKGD23.js.map +0 -1
  83. package/dist/chunk-ASQXX4IT.js +0 -572
  84. package/dist/chunk-ASQXX4IT.js.map +0 -1
  85. package/dist/chunk-COGZFWOT.js +0 -19657
  86. package/dist/chunk-COGZFWOT.js.map +0 -1
  87. package/dist/chunk-F3DZMBUA.js.map +0 -1
  88. package/dist/chunk-GMHIUK2R.js +0 -7526
  89. package/dist/chunk-GMHIUK2R.js.map +0 -1
  90. package/dist/chunk-IAWBZYPE.js +0 -356
  91. package/dist/chunk-IAWBZYPE.js.map +0 -1
  92. package/dist/chunk-NSBPE2FW.js +0 -15
  93. package/dist/chunk-OWYHJG6H.js +0 -13311
  94. package/dist/chunk-OWYHJG6H.js.map +0 -1
  95. package/dist/chunk-RDDPOFR5.js +0 -3
  96. package/dist/chunk-RDDPOFR5.js.map +0 -1
  97. package/dist/chunk-RERCHKZP.js +0 -35
  98. package/dist/chunk-RERCHKZP.js.map +0 -1
  99. package/dist/chunk-TVVGXYCI.js +0 -2887
  100. package/dist/chunk-TVVGXYCI.js.map +0 -1
  101. package/dist/chunk-ZGP5552B.js +0 -377
  102. package/dist/chunk-ZGP5552B.js.map +0 -1
  103. package/dist/chunk-ZWOYNHVK.js +0 -196
  104. package/dist/chunk-ZWOYNHVK.js.map +0 -1
  105. package/dist/dist/.tsbuildinfo +0 -1
  106. package/dist/elgamal-VZLWB3XK.js +0 -5
  107. package/dist/elgamal-VZLWB3XK.js.map +0 -1
  108. package/dist/feature-flags-V722ZuXO.d.ts +0 -3512
  109. package/dist/generated-VNLHMR6Y.js +0 -5
  110. package/dist/ipfs-types-BOt9ZNg4.d.ts +0 -592
  111. package/dist/multisigConfig-BzEhy6jy.d.ts +0 -58
  112. package/dist/pda-B_nS8SbD.d.ts +0 -114
  113. package/dist/pda-S4BFJVGE.js +0 -4
  114. package/dist/pda-S4BFJVGE.js.map +0 -1
  115. package/dist/system-addresses-BFNLEbFx.d.ts +0 -857
  116. package/dist/token-2022-rpc-RALH4RK7.js +0 -593
  117. package/dist/token-2022-rpc-RALH4RK7.js.map +0 -1
package/dist/chunk-BQDGRTVP.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../src/utils/signature-verification.ts"],"names":["authorization","buffer","data"],"mappings":";;;;;AAAA,IAAA,8BAAA,GAAA;AAAA,QAAA,CAAA,8BAAA,EAAA;AAAA,EAAA,0BAAA,EAAA,MAAA,0BAAA;AAAA,EAAA,yBAAA,EAAA,MAAA,yBAAA;AAAA,EAAA,wBAAA,EAAA,MAAA,wBAAA;AAAA,EAAA,aAAA,EAAA,MAAA,aAAA;AAAA,EAAA,kBAAA,EAAA,MAAA,kBAAA;AAAA,EAAA,wBAAA,EAAA,MAAA,wBAAA;AAAA,EAAA,sBAAA,EAAA,MAAA,sBAAA;AAAA,EAAA,sBAAA,EAAA,MAAA,sBAAA;AAAA,EAAA,wBAAA,EAAA,MAAA,wBAAA;AAAA,EAAA,4BAAA,EAAA,MAAA,4BAAA;AAAA,EAAA,4BAAA,EAAA,MAAA;AAAA,CAAA,CAAA;AAmCA,IAAM,gBAAA,GAAmB,qCAAA;AAiBlB,SAAS,2BAA2B,OAAA,EAAuC;AAChF,EAAA,MAAM,aAAuB,EAAC;AAG9B,EAAA,UAAA,CAAW,IAAA,CAAK,MAAA,CAAO,IAAA,CAAK,gBAAA,EAAkB,MAAM,CAAC,CAAA;AAGrD,EAAA,MAAM,UAAA,GAAa,IAAA,CAAK,MAAA,CAAO,OAAA,CAAQ,YAAY,CAAA;AACnD,EAAA,UAAA,CAAW,IAAA,CAAK,MAAA,CAAO,IAAA,CAAK,UAAU,CAAC,CAAA;AAGvC,EAAA,MAAM,WAAA,GAAc,IAAA,CAAK,MAAA,CAAO,OAAA,CAAQ,gBAAgB,CAAA;AACxD,EAAA,UAAA,CAAW,IAAA,CAAK,MAAA,CAAO,IAAA,CAAK,WAAW,CAAC,CAAA;AAGxC,EAAA,MAAM,gBAAA,GAAmB,MAAA,CAAO,WAAA,CAAY,CAAC,CAAA;AAC7C,EAAA,gBAAA,CAAiB,gBAAA,CAAiB,MAAA,CAAO,OAAA,CAAQ,UAAU,CAAC,CAAA;AAC5D,EAAA,UAAA,CAAW,KAAK,gBAAgB,CAAA;AAGhC,EAAA,MAAM,eAAA,GAAkB,MAAA,CAAO,WAAA,CAAY,CAAC,CAAA;AAC5C,EAAA,eAAA,CAAgB,gBAAA,CAAiB,MAAA,CAAO,OAAA,CAAQ,SAAS,CAAC,CAAA;AAC1D,EAAA,UAAA,CAAW,KAAK,eAAe,CAAA;AAG/B,EAAA,UAAA,CAAW,KAAK,MAAA,CAAO,IAAA,CAAK,OAAA,CAAQ,OAAA,EAAS,MAAM,CAAC,CAAA;AAGpD,EAAA,IAAI,QAAQ,KAAA,EAAO;AACjB,IAAA,UAAA,CAAW,KAAK,MAAA,CAAO,IAAA,CAAK,OAAA,CAAQ,KAAA,EAAO,MAAM,CAAC,CAAA;AAAA,EACpD;AAEA,EAAA,OAAO,MAAA,CAAO,OAAO,UAAU,CAAA;AACjC;AASA,eAAsB,wBAAA,CACpB,SACA,YAAA,EACqB;AAErB,EAAA,MAAM,cAAA,GAAiB,YAAA,CAAa,SAAA,CAAU,QAAA,EAAS;AACvD,EAAA,IAAI,cAAA,KAAmB,QAAQ,YAAA,EAAc;AAC3C,IAAA,MAAM,IAAI,KAAA;AAAA,MACR,CAAA,mBAAA,EAAsB,cAAc,CAAA,8BAAA,EAAiC,OAAA,CAAQ,YAAY,CAAA;AAAA,KAC3F;AAAA,EACF;AAGA,EAAA,MAAM,aAAA,GAAgB,2BAA2B,OAAO,CAAA;AAGxD,EAAA,MAAM,IAAA,GAAO,MAAM,OAAO,yBAAW,CAAA;AACrC,EAAA,MAAM,YAAY,IAAA,CAAK,IAAA,CAAK,QAAA,CAAS,aAAA,EAAe,aAAa,SAAS,CAAA;AAE1E,EAAA,OAAO,SAAA;AACT;AAQA,eAAsB,6BACpBA,cAAAA,EACkB;AAClB,EAAA,IAAI;AAEF,IAAA,MAAM,OAAA,GAAgC;AAAA,MACpC,cAAcA,cAAAA,CAAc,YAAA;AAAA,MAC5B,kBAAkBA,cAAAA,CAAc,gBAAA;AAAA,MAChC,YAAYA,cAAAA,CAAc,UAAA;AAAA,MAC1B,WAAWA,cAAAA,CAAc,SAAA;AAAA,MACzB,SAASA,cAAAA,CAAc,OAAA;AAAA,MACvB,OAAOA,cAAAA,CAAc;AAAA,KACvB;AAEA,IAAA,MAAM,aAAA,GAAgB,2BAA2B,OAAO,CAAA;AAGxD,IAAA,MAAM,IAAA,GAAO,MAAM,OAAO,yBAAW,CAAA;AACrC,IAAA,MAAM,gBAAA,GAAmB,IAAA,CAAK,MAAA,CAAOA,cAAAA,CAAc,YAAY,CAAA;AAC/D,IAAA,MAAM,OAAA,GAAU,IAAA,CAAK,IAAA,CAAK,QAAA,CAAS,MAAA;AAAA,MACjC,aAAA;AAAA,MACAA,cAAAA,CAAc,SAAA;AAAA,MACd;AAAA,KACF;AAEA,IAAA,OAAO,OAAA;AAAA,EACT,SAAS,KAAA,EAAO;AACd,IAAA,OAAA,CAAQ,KAAA,CAAM,yCAAyC,KAAK,CAAA;AAC5D,IAAA,OAAO,KAAA;AAAA,EACT;AACF;AASA,eAAsB,yBAAA,CACpB,QACA,YAAA,EACkC;AAElC,EAAA,MAAM,YAAA,GAAe,OAAA,CAAQ,YAAA,CAAa,SAAA,CAAU,UAAU,CAAA;AAG9D,EAAA,MAAM,MAAM,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,GAAA,KAAQ,GAAI,CAAA;AACxC,EAAA,MAAM,SAAA,GAAY,OAAO,SAAA,IAAa,GAAA,IAAO,OAAO,SAAA,IAAa,EAAA,GAAK,KAAK,EAAA,GAAK,EAAA,CAAA;AAGhF,EAAA,MAAM,UAAA,GAAa,OAAO,UAAA,IAAc,GAAA;AAGxC,EAAA,MAAM,OAAA,GAAyB,OAAO,OAAA,IAAW,QAAA;AAIjD,EAAA,MAAM,KAAA,GAAQ,MAAA,CAAO,KAAA,KAAU,MAAA,GAAY,OAAO,KAAA,GAAQ,SAAA;AAG1D,EAAA,MAAM,OAAA,GAAgC;AAAA,IACpC,YAAA;AAAA,IACA,kBAAkB,MAAA,CAAO,gBAAA;AAAA,IACzB,UAAA;AAAA,IACA,SAAA;AAAA,IACA,OAAA;AAAA,IACA;AAAA,GACF;AAGA,EAAA,MAAM,SAAA,GAAY,MAAM,wBAAA,CAAyB,OAAA,EAAS,YAAY,CAAA;AAGtE,EAAA,MAAMA,cAAAA,GAAyC;AAAA,IAC7C,YAAA;AAAA,IACA,kBAAkB,MAAA,CAAO,gBAAA;AAAA,IACzB,UAAA;AAAA,IACA,SAAA;AAAA,IACA,OAAA;AAAA,IACA,SAAA;AAAA,IACA,KAAA;AAAA,IACA,UAAU,MAAA,CAAO;AAAA,GACnB;AAEA,EAAA,OAAOA,cAAAA;AACT;AAOO,SAAS,aAAA,GAAwB;AAEtC,EAAA,IAAI,WAAW,MAAA,EAAQ;AACrB,IAAA,MAAMC,OAAAA,GAAS,IAAI,UAAA,CAAW,EAAE,CAAA;AAChC,IAAA,UAAA,CAAW,MAAA,CAAO,gBAAgBA,OAAM,CAAA;AACxC,IAAA,OAAO,MAAA,CAAO,IAAA,CAAKA,OAAM,CAAA,CAAE,SAAS,KAAK,CAAA;AAAA,EAC3C;AAIA,EAAA,MAAM,UAAA,GAAa,IAAA,CAAK,SAAS,CAAA,CAAE,QAAQ,CAAA;AAC3C,EAAA,MAAM,MAAA,GAAS,IAAI,UAAA,CAAW,EAAE,CAAA;AAChC,EAAA,UAAA,CAAW,SAAA,CAAU,gBAAgB,MAAM,CAAA;AAC3C,EAAA,OAAO,MAAA,CAAO,IAAA,CAAK,MAAM,CAAA,CAAE,SAAS,KAAK,CAAA;AAC3C;AAQO,SAAS,uBAAuBD,cAAAA,EASrC;AACA,EAAA,OAAO;AAAA,IACL,cAAcA,cAAAA,CAAc,YAAA;AAAA,IAC5B,kBAAkBA,cAAAA,CAAc,gBAAA;AAAA,IAChC,YAAYA,cAAAA,CAAc,UAAA;AAAA,IAC1B,WAAWA,cAAAA,CAAc,SAAA;AAAA,IACzB,SAASA,cAAAA,CAAc,OAAA;AAAA,IACvB,SAAA,EAAW,IAAA,CAAK,MAAA,CAAOA,cAAAA,CAAc,SAAS,CAAA;AAAA,IAC9C,OAAOA,cAAAA,CAAc,KAAA;AAAA,IACrB,UAAUA,cAAAA,CAAc;AAAA,GAC1B;AACF;AAQO,SAAS,yBAAyBE,KAAAA,EASb;AAC1B,EAAA,OAAO;AAAA,IACL,cAAcA,KAAAA,CAAK,YAAA;AAAA,IACnB,kBAAkBA,KAAAA,CAAK,gBAAA;AAAA,IACvB,YAAYA,KAAAA,CAAK,UAAA;AAAA,IACjB,WAAWA,KAAAA,CAAK,SAAA;AAAA,IAChB,SAASA,KAAAA,CAAK,OAAA;AAAA,IACd,SAAA,EAAW,IAAA,CAAK,MAAA,CAAOA,KAAAA,CAAK,SAAS,CAAA;AAAA,IACrC,OAAOA,KAAAA,CAAK,KAAA;AAAA,IACZ,UAAUA,KAAAA,CAAK;AAAA,GACjB;AACF;AAQA,eAAsB,mBAAmB,aAAA,EAAyD;AAChG,EAAA,MAAM,UAAA,GAAa,uBAAuB,aAAa,CAAA;AACvD,EAAA,MAAM,IAAA,GAAO,IAAA,CAAK,SAAA,CAAU,UAAU,CAAA;AACtC,EAAA,MAAM,OAAA,GAAU,IAAI,WAAA,EAAY;AAChC,EAAA,MAAM,IAAA,GAAO,OAAA,CAAQ,MAAA,CAAO,IAAI,CAAA;AAGhC,EAAA,IAAI,MAAA;AACJ,EAAA,IAAI,WAAW,MAAA,EAAQ;AACrB,IAAA,MAAA,GAAS,UAAA,CAAW,MAAA;AAAA,EACtB,CAAA,MAAO;AAEL,IAAA,MAAM,UAAA,GAAa,IAAA,CAAK,SAAS,CAAA,CAAE,QAAQ,CAAA;AAC3C,IAAA,MAAA,GAAS,UAAA,CAAW,SAAA;AAAA,EACtB;AAGA,EAAA,MAAM,aAAa,MAAM,MAAA,CAAO,MAAA,CAAO,MAAA,CAAO,WAAW,IAAI,CAAA;AAC7D,EAAA,MAAM,SAAA,GAAY,IAAI,UAAA,CAAW,UAAU,CAAA;AAE3C,EAAA,OAAO,IAAA,CAAK,OAAO,SAAS,CAAA;AAC9B;AASO,SAAS,sBAAA,CACdF,gBACA,WAAA,EACS;AACT,EAAA,MAAM,MAAM,WAAA,IAAe,IAAA,CAAK,MAAM,IAAA,CAAK,GAAA,KAAQ,GAAI,CAAA;AACvD,EAAA,OAAO,OAAOA,cAAAA,CAAc,SAAA;AAC9B;AASO,SAAS,wBAAA,CACdA,gBACA,YAAA,EACS;AACT,EAAA,OAAO,gBAAgBA,cAAAA,CAAc,UAAA;AACvC;AASO,SAAS,4BAAA,CACdA,gBACA,eAAA,EACS;AACT,EAAA,OAAOA,eAAc,OAAA,KAAY,eAAA;AACnC","file":"chunk-BQDGRTVP.js","sourcesContent":["/**\n * Agent Authorization Signature Verification\n *\n * Ed25519 signature creation and verification for GhostSpeak's\n * trustless agent pre-authorization system.\n *\n * Enables verifiable delegation of reputation update authority.\n */\n\nimport { address } from '@solana/addresses'\nimport type { Address } from '@solana/addresses'\nimport type {\n ReputationAuthorization,\n AuthorizationMessage,\n CreateAuthorizationParams,\n SolanaNetwork,\n} from '../types/authorization/authorization-types'\nimport bs58 from 'bs58'\n\n/**\n * Keypair interface for Ed25519 signing operations\n * Compatible with both legacy and modern Solana key formats\n */\nexport interface SigningKeypair {\n publicKey: {\n toBase58(): string\n toBytes(): Uint8Array\n }\n secretKey: Uint8Array\n}\n\n/**\n * Authorization message domain separator\n * Prevents signature reuse across different protocols\n */\nconst DOMAIN_SEPARATOR = 'GhostSpeak Reputation Authorization'\n\n/**\n * Create authorization message for signing\n *\n * Message format:\n * - Domain separator (prevents cross-protocol replay)\n * - Agent address (32 bytes)\n * - Authorized source (32 bytes)\n * - Index limit (8 bytes, u64 big-endian)\n * - Expiration timestamp (8 bytes, u64 big-endian)\n * - Network string (variable length)\n * - Nonce (optional, 32 bytes if present)\n *\n * @param message - Authorization message parameters\n * @returns Buffer ready for signing\n */\nexport function createAuthorizationMessage(message: AuthorizationMessage): Buffer {\n const components: Buffer[] = []\n\n // 1. Domain separator\n components.push(Buffer.from(DOMAIN_SEPARATOR, 'utf8'))\n\n // 2. Agent address (32 bytes)\n const agentBytes = bs58.decode(message.agentAddress)\n components.push(Buffer.from(agentBytes))\n\n // 3. Authorized source (32 bytes)\n const sourceBytes = bs58.decode(message.authorizedSource)\n components.push(Buffer.from(sourceBytes))\n\n // 4. Index limit (8 bytes, u64 big-endian)\n const indexLimitBuffer = Buffer.allocUnsafe(8)\n indexLimitBuffer.writeBigUInt64BE(BigInt(message.indexLimit))\n components.push(indexLimitBuffer)\n\n // 5. Expiration timestamp (8 bytes, u64 big-endian)\n const expiresAtBuffer = Buffer.allocUnsafe(8)\n expiresAtBuffer.writeBigUInt64BE(BigInt(message.expiresAt))\n components.push(expiresAtBuffer)\n\n // 6. Network string\n components.push(Buffer.from(message.network, 'utf8'))\n\n // 7. Nonce (optional, 32 bytes)\n if (message.nonce) {\n components.push(Buffer.from(message.nonce, 'utf8'))\n }\n\n return Buffer.concat(components)\n}\n\n/**\n * Sign authorization message with agent's private key\n *\n * @param message - Authorization message to sign\n * @param agentKeypair - Agent's keypair (must match message.agentAddress)\n * @returns Ed25519 signature (64 bytes)\n */\nexport async function signAuthorizationMessage(\n message: AuthorizationMessage,\n agentKeypair: SigningKeypair\n): Promise<Uint8Array> {\n // Verify keypair matches agent address\n const keypairAddress = agentKeypair.publicKey.toBase58()\n if (keypairAddress !== message.agentAddress) {\n throw new Error(\n `Keypair public key ${keypairAddress} does not match agent address ${message.agentAddress}`\n )\n }\n\n // Create message buffer\n const messageBuffer = createAuthorizationMessage(message)\n\n // Sign with Ed25519\n const nacl = await import('tweetnacl')\n const signature = nacl.sign.detached(messageBuffer, agentKeypair.secretKey)\n\n return signature\n}\n\n/**\n * Verify authorization signature\n *\n * @param authorization - Authorization to verify\n * @returns True if signature is valid\n */\nexport async function verifyAuthorizationSignature(\n authorization: ReputationAuthorization\n): Promise<boolean> {\n try {\n // Reconstruct message\n const message: AuthorizationMessage = {\n agentAddress: authorization.agentAddress,\n authorizedSource: authorization.authorizedSource,\n indexLimit: authorization.indexLimit,\n expiresAt: authorization.expiresAt,\n network: authorization.network,\n nonce: authorization.nonce,\n }\n\n const messageBuffer = createAuthorizationMessage(message)\n\n // Verify signature\n const nacl = await import('tweetnacl')\n const agentPubkeyBytes = bs58.decode(authorization.agentAddress)\n const isValid = nacl.sign.detached.verify(\n messageBuffer,\n authorization.signature,\n agentPubkeyBytes\n )\n\n return isValid\n } catch (error) {\n console.error('[Auth Signature] Verification failed:', error)\n return false\n }\n}\n\n/**\n * Create a complete authorization with signature\n *\n * @param params - Authorization parameters\n * @param agentKeypair - Agent's keypair for signing\n * @returns Complete signed authorization\n */\nexport async function createSignedAuthorization(\n params: CreateAuthorizationParams,\n agentKeypair: SigningKeypair\n): Promise<ReputationAuthorization> {\n // Get agent address from keypair\n const agentAddress = address(agentKeypair.publicKey.toBase58())\n\n // Calculate expiration\n const now = Math.floor(Date.now() / 1000)\n const expiresAt = params.expiresAt || now + (params.expiresIn || 30 * 24 * 60 * 60) // Default 30 days\n\n // Default index limit\n const indexLimit = params.indexLimit || 1000\n\n // Default network (would need to be passed or detected from cluster)\n const network: SolanaNetwork = params.network || 'devnet'\n\n // Use \"default\" nonce if not provided to avoid PDA seed length issues (64-char hex exceeds 32-byte limit)\n // Note: This matches Rust's unwrap_or(&String::from(\"default\")) behavior\n const nonce = params.nonce !== undefined ? params.nonce : \"default\"\n\n // Create message\n const message: AuthorizationMessage = {\n agentAddress,\n authorizedSource: params.authorizedSource,\n indexLimit,\n expiresAt,\n network,\n nonce,\n }\n\n // Sign message\n const signature = await signAuthorizationMessage(message, agentKeypair)\n\n // Return complete authorization\n const authorization: ReputationAuthorization = {\n agentAddress,\n authorizedSource: params.authorizedSource,\n indexLimit,\n expiresAt,\n network,\n signature,\n nonce,\n metadata: params.metadata,\n }\n\n return authorization\n}\n\n/**\n * Generate a random nonce for replay protection\n *\n * @returns 32-byte random nonce as hex string\n */\nexport function generateNonce(): string {\n // Use global crypto if available (browser/modern Node.js)\n if (globalThis.crypto) {\n const buffer = new Uint8Array(32)\n globalThis.crypto.getRandomValues(buffer)\n return Buffer.from(buffer).toString('hex')\n }\n\n // Fallback for Node.js < 19 (though we require Node 24+)\n // This branch should rarely execute but provides compatibility\n const nodeCrypto = eval('require')('crypto')\n const buffer = new Uint8Array(32)\n nodeCrypto.webcrypto.getRandomValues(buffer)\n return Buffer.from(buffer).toString('hex')\n}\n\n/**\n * Serialize authorization to JSON-safe format\n *\n * @param authorization - Authorization to serialize\n * @returns JSON-safe object (signature as base58)\n */\nexport function serializeAuthorization(authorization: ReputationAuthorization): {\n agentAddress: string\n authorizedSource: string\n indexLimit: number\n expiresAt: number\n network: SolanaNetwork\n signature: string\n nonce?: string\n metadata?: any\n} {\n return {\n agentAddress: authorization.agentAddress,\n authorizedSource: authorization.authorizedSource,\n indexLimit: authorization.indexLimit,\n expiresAt: authorization.expiresAt,\n network: authorization.network,\n signature: bs58.encode(authorization.signature),\n nonce: authorization.nonce,\n metadata: authorization.metadata,\n }\n}\n\n/**\n * Deserialize authorization from JSON format\n *\n * @param data - Serialized authorization data\n * @returns ReputationAuthorization with Uint8Array signature\n */\nexport function deserializeAuthorization(data: {\n agentAddress: string\n authorizedSource: string\n indexLimit: number\n expiresAt: number\n network: SolanaNetwork\n signature: string\n nonce?: string\n metadata?: any\n}): ReputationAuthorization {\n return {\n agentAddress: data.agentAddress as Address,\n authorizedSource: data.authorizedSource as Address,\n indexLimit: data.indexLimit,\n expiresAt: data.expiresAt,\n network: data.network,\n signature: bs58.decode(data.signature),\n nonce: data.nonce,\n metadata: data.metadata,\n }\n}\n\n/**\n * Get authorization ID (deterministic hash)\n *\n * @param authorization - Authorization to hash\n * @returns Base58-encoded SHA-256 hash\n */\nexport async function getAuthorizationId(authorization: ReputationAuthorization): Promise<string> {\n const serialized = serializeAuthorization(authorization)\n const json = JSON.stringify(serialized)\n const encoder = new TextEncoder()\n const data = encoder.encode(json)\n\n // Use global crypto if available\n let crypto: Crypto\n if (globalThis.crypto) {\n crypto = globalThis.crypto\n } else {\n // Fallback for Node.js < 19\n const nodeCrypto = eval('require')('crypto')\n crypto = nodeCrypto.webcrypto as Crypto\n }\n\n // SHA-256 hash\n const hashBuffer = await crypto.subtle.digest('SHA-256', data)\n const hashArray = new Uint8Array(hashBuffer)\n\n return bs58.encode(hashArray)\n}\n\n/**\n * Check if authorization is expired\n *\n * @param authorization - Authorization to check\n * @param currentTime - Current Unix timestamp (defaults to now)\n * @returns True if expired\n */\nexport function isAuthorizationExpired(\n authorization: ReputationAuthorization,\n currentTime?: number\n): boolean {\n const now = currentTime || Math.floor(Date.now() / 1000)\n return now >= authorization.expiresAt\n}\n\n/**\n * Check if authorization has exceeded index limit\n *\n * @param authorization - Authorization to check\n * @param currentIndex - Current usage count\n * @returns True if exhausted\n */\nexport function isAuthorizationExhausted(\n authorization: ReputationAuthorization,\n currentIndex: number\n): boolean {\n return currentIndex >= authorization.indexLimit\n}\n\n/**\n * Validate authorization network matches expected\n *\n * @param authorization - Authorization to check\n * @param expectedNetwork - Expected network\n * @returns True if networks match\n */\nexport function validateAuthorizationNetwork(\n authorization: ReputationAuthorization,\n expectedNetwork: SolanaNetwork\n): boolean {\n return authorization.network === expectedNetwork\n}\n"]}