@guveno/wallet-sdk 1.0.0

package/dist/api/types.d.ts

@@ -0,0 +1,237 @@
+import type { SupportedChain, SupportedNetwork, WalletRecordAddressExport } from '../types.js';
+import type { BitcoinOutput, SigningPayload } from '../signing/types.js';
+export type ApiCompanyRole = 'owner' | 'admin' | 'tech' | 'manager' | 'signer' | 'viewer';
+export type ApiWalletType = 'single_key' | 'mpc_threshold';
+export type ApiRecordStatus = 'active' | 'archived';
+/**
+ * Chains the Guveno product API can custody and return. Equivalent to
+ * {@link SupportedChain} — every chain the API custodies (Ethereum, Bitcoin, XRP,
+ * Polkadot) the SDK can also derive addresses and sign transactions for locally.
+ */
+export type ApiChain = SupportedChain;
+/** Networks the product API can return. Equivalent to {@link SupportedNetwork} (includes Polkadot's Paseo testnet). */
+export type ApiNetwork = SupportedNetwork;
+export interface ApiCompanyMembership {
+    id: number;
+    name: string;
+    role: ApiCompanyRole;
+}
+export interface ApiUserEncryptionKey {
+    id: string;
+    publicKey: string;
+    encryptedPrivateKeyJson: Record<string, unknown>;
+    createdAt: string;
+    updatedAt: string;
+}
+export interface ApiUser {
+    id: number;
+    email: string;
+    company: ApiCompanyMembership | null;
+    encryptionKey: ApiUserEncryptionKey | null;
+    createdAt: string;
+    updatedAt: string;
+}
+export interface ApiAuthResponse {
+    accessToken: string;
+    tokenType: 'Bearer';
+    expiresIn: string;
+    user: ApiUser;
+}
+export interface ApiSession extends ApiAuthResponse {
+    baseUrl: string;
+    authenticatedAt: string;
+}
+export interface ApiSignupResponse {
+    email: string;
+    verificationRequired: true;
+}
+export interface ApiVerifyEmailInput {
+    email: string;
+    code: string;
+}
+export interface ApiKeySummary {
+    id: string;
+    fingerprint: string;
+    createdAt: string;
+    updatedAt: string;
+}
+export interface ApiKeyAccess {
+    id: string;
+    keyId: string;
+    userId: number;
+    createdAt: string;
+    updatedAt: string;
+}
+/**
+ * A key grant including the encrypted custody secret. Returned only by
+ * {@link GuvenoApiClient.getWalletKeySecret} (`GET /wallets/:id/secret`), which
+ * requires an interactive user session and audits each access.
+ */
+export interface ApiWalletKeySecret extends ApiKeyAccess {
+    encryptedSecretJson: Record<string, unknown>;
+}
+export interface ApiWalletSummary {
+    id: number;
+    keyId: string | null;
+    name: string;
+    chain: ApiChain;
+    network: ApiNetwork;
+    type: ApiWalletType;
+    threshold: number | null;
+    status: ApiRecordStatus;
+    archivedAt: string | null;
+    addressCount: number;
+    createdAt: string;
+    updatedAt: string;
+}
+export interface ApiWalletDetail extends ApiWalletSummary {
+    key: ApiKeySummary | null;
+    keyAccess: ApiKeyAccess | null;
+}
+export interface ApiWalletAddress {
+    id: number;
+    walletId: number;
+    chain: ApiChain;
+    network: ApiNetwork;
+    address: string;
+    derivationPath: string;
+    accountIndex: number;
+    label: string | null;
+    status: ApiRecordStatus;
+    archivedAt: string | null;
+    createdAt: string;
+    updatedAt: string;
+}
+export interface ApiPageInfo {
+    nextCursor: string | null;
+    hasNextPage: boolean;
+}
+export interface ApiClientOptions {
+    baseUrl?: string;
+    accessToken?: string;
+    /**
+     * A `gv_live_...` API key, used as the bearer token for headless/automated
+     * callers (e.g. an exchange hot wallet). Equivalent to passing it as
+     * `accessToken`; `accessToken` wins if both are set.
+     */
+    apiKey?: string;
+    fetchImpl?: typeof fetch;
+}
+export interface ApiEmailPasswordInput {
+    email: string;
+    password: string;
+}
+export interface CreateApiWalletInput {
+    name: string;
+    chain: SupportedChain;
+    network: SupportedNetwork;
+    type?: ApiWalletType;
+    threshold?: number | null;
+    keyFingerprint: string;
+    encryptedSecretJson: Record<string, unknown>;
+    addresses: WalletRecordAddressExport[];
+}
+export interface UpdateApiWalletInput {
+    name?: string;
+    addresses?: WalletRecordAddressExport[];
+}
+export interface ListApiWalletOptions {
+    limit?: number;
+    cursor?: string;
+    chain?: ApiChain;
+    network?: ApiNetwork;
+}
+export interface ListApiAddressOptions {
+    limit?: number;
+    cursor?: string;
+}
+export interface ApiSessionStore {
+    read(): Promise<ApiSession | null>;
+    write(session: ApiSession): Promise<void>;
+    clear(): Promise<void>;
+}
+export type ApiWebhookType = 'slack' | 'telegram' | 'api';
+export type ApiWebhookEventType = 'deposit.detected' | 'deposit.confirmed' | 'deposit.rejected' | 'withdrawal.broadcast' | 'withdrawal.confirmed' | 'withdrawal.rejected';
+export declare const WEBHOOK_EVENT_TYPES: ApiWebhookEventType[];
+export interface ApiWebhook {
+    id: number;
+    type: ApiWebhookType;
+    events: string[];
+    enabled: boolean;
+    config: Record<string, unknown>;
+    createdAt: string;
+    updatedAt: string;
+}
+/** Returned only once, at creation time. `signingSecret` is never exposed again. */
+export interface ApiWebhookWithSecret extends ApiWebhook {
+    signingSecret: string;
+}
+export interface CreateApiWebhookInput {
+    type: ApiWebhookType;
+    config: Record<string, unknown>;
+    events: string[];
+    enabled?: boolean;
+}
+export type ApiWebhookDeliveryStatus = 'pending' | 'delivered' | 'failed';
+export interface ApiWebhookDelivery {
+    id: number;
+    webhookId: number;
+    eventId: string;
+    eventType: string | null;
+    status: ApiWebhookDeliveryStatus;
+    attempts: number;
+    responseCode: number | null;
+    lastError: string | null;
+    nextAttemptAt: string;
+    createdAt: string;
+    updatedAt: string;
+}
+export interface ListApiWebhookDeliveryOptions {
+    limit?: number;
+}
+export type ApiWithdrawalStatus = 'prepared' | 'broadcast' | 'confirmed' | 'rejected';
+export interface ApiWithdrawal {
+    id: number;
+    addressId: number;
+    assetId: number;
+    network: string;
+    toAddress: string | null;
+    outputs: BitcoinOutput[] | null;
+    destinationTag: number | null;
+    amount: string;
+    status: ApiWithdrawalStatus;
+    rejectionReason: string | null;
+    txHash: string | null;
+    expiresAt: string;
+    createdAt: string;
+    updatedAt: string;
+}
+export interface PrepareWithdrawalInput {
+    addressId: number;
+    assetId: number;
+    toAddress?: string;
+    amount?: string;
+    outputs?: BitcoinOutput[];
+    destinationTag?: number;
+    /** Replay-safe key; sent in the body. Falls back to a generated UUID in the hot wallet. */
+    idempotencyKey?: string;
+}
+export interface PrepareWithdrawalResult {
+    withdrawal: ApiWithdrawal;
+    signingPayload: SigningPayload;
+}
+export interface BroadcastWithdrawalInput {
+    withdrawalId: number;
+    signedRawTx: string;
+    idempotencyKey?: string;
+}
+export interface ListApiWithdrawalOptions {
+    walletId?: number;
+    addressId?: number;
+    chain?: ApiChain;
+    network?: ApiNetwork;
+    status?: ApiWithdrawalStatus;
+    limit?: number;
+    cursor?: string;
+}
+//# sourceMappingURL=types.d.ts.map

package/dist/api/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/api/types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAE,gBAAgB,EAAE,yBAAyB,EAAE,MAAM,aAAa,CAAC;AAC/F,OAAO,KAAK,EAAE,aAAa,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;AAEzE,MAAM,MAAM,cAAc,GAAG,OAAO,GAAG,OAAO,GAAG,MAAM,GAAG,SAAS,GAAG,QAAQ,GAAG,QAAQ,CAAC;AAC1F,MAAM,MAAM,aAAa,GAAG,YAAY,GAAG,eAAe,CAAC;AAC3D,MAAM,MAAM,eAAe,GAAG,QAAQ,GAAG,UAAU,CAAC;AAEpD;;;;GAIG;AACH,MAAM,MAAM,QAAQ,GAAG,cAAc,CAAC;AAEtC,uHAAuH;AACvH,MAAM,MAAM,UAAU,GAAG,gBAAgB,CAAC;AAE1C,MAAM,WAAW,oBAAoB;IACnC,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,cAAc,CAAC;CACtB;AAED,MAAM,WAAW,oBAAoB;IACnC,EAAE,EAAE,MAAM,CAAC;IACX,SAAS,EAAE,MAAM,CAAC;IAClB,uBAAuB,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACjD,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,OAAO;IACtB,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,CAAC;IACd,OAAO,EAAE,oBAAoB,GAAG,IAAI,CAAC;IACrC,aAAa,EAAE,oBAAoB,GAAG,IAAI,CAAC;IAC3C,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,eAAe;IAC9B,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,EAAE,QAAQ,CAAC;IACpB,SAAS,EAAE,MAAM,CAAC;IAClB,IAAI,EAAE,OAAO,CAAC;CACf;AAED,MAAM,WAAW,UAAW,SAAQ,eAAe;IACjD,OAAO,EAAE,MAAM,CAAC;IAChB,eAAe,EAAE,MAAM,CAAC;CACzB;AAID,MAAM,WAAW,iBAAiB;IAChC,KAAK,EAAE,MAAM,CAAC;IACd,oBAAoB,EAAE,IAAI,CAAC;CAC5B;AAED,MAAM,WAAW,mBAAmB;IAClC,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,MAAM,CAAC;CACd;AAED,MAAM,WAAW,aAAa;IAC5B,EAAE,EAAE,MAAM,CAAC;IACX,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,YAAY;IAC3B,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,EAAE,MAAM,CAAC;IACf,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED;;;;GAIG;AACH,MAAM,WAAW,kBAAmB,SAAQ,YAAY;IACtD,mBAAmB,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CAC9C;AAED,MAAM,WAAW,gBAAgB;IAC/B,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,QAAQ,CAAC;IAChB,OAAO,EAAE,UAAU,CAAC;IACpB,IAAI,EAAE,aAAa,CAAC;IACpB,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,MAAM,EAAE,eAAe,CAAC;IACxB,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,YAAY,EAAE,MAAM,CAAC;IACrB,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,eAAgB,SAAQ,gBAAgB;IACvD,GAAG,EAAE,aAAa,GAAG,IAAI,CAAC;IAC1B,SAAS,EAAE,YAAY,GAAG,IAAI,CAAC;CAChC;AAED,MAAM,WAAW,gBAAgB;IAC/B,EAAE,EAAE,MAAM,CAAC;IACX,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,QAAQ,CAAC;IAChB,OAAO,EAAE,UAAU,CAAC;IACpB,OAAO,EAAE,MAAM,CAAC;IAChB,cAAc,EAAE,MAAM,CAAC;IACvB,YAAY,EAAE,MAAM,CAAC;IACrB,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,MAAM,EAAE,eAAe,CAAC;IACxB,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,WAAW;IAC1B,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,WAAW,EAAE,OAAO,CAAC;CACtB;AAED,MAAM,WAAW,gBAAgB;IAC/B,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB;;;;OAIG;IACH,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,SAAS,CAAC,EAAE,OAAO,KAAK,CAAC;CAC1B;AAED,MAAM,WAAW,qBAAqB;IACpC,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,WAAW,oBAAoB;IACnC,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,cAAc,CAAC;IACtB,OAAO,EAAE,gBAAgB,CAAC;IAC1B,IAAI,CAAC,EAAE,aAAa,CAAC;IACrB,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,cAAc,EAAE,MAAM,CAAC;IACvB,mBAAmB,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAC7C,SAAS,EAAE,yBAAyB,EAAE,CAAC;CACxC;AAED,MAAM,WAAW,oBAAoB;IACnC,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,SAAS,CAAC,EAAE,yBAAyB,EAAE,CAAC;CACzC;AAED,MAAM,WAAW,oBAAoB;IACnC,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,KAAK,CAAC,EAAE,QAAQ,CAAC;IACjB,OAAO,CAAC,EAAE,UAAU,CAAC;CACtB;AAED,MAAM,WAAW,qBAAqB;IACpC,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,eAAe;IAC9B,IAAI,IAAI,OAAO,CAAC,UAAU,GAAG,IAAI,CAAC,CAAC;IACnC,KAAK,CAAC,OAAO,EAAE,UAAU,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAC1C,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC;CACxB;AAED,MAAM,MAAM,cAAc,GAAG,OAAO,GAAG,UAAU,GAAG,KAAK,CAAC;AAE1D,MAAM,MAAM,mBAAmB,GAC3B,kBAAkB,GAClB,mBAAmB,GACnB,kBAAkB,GAClB,sBAAsB,GACtB,sBAAsB,GACtB,qBAAqB,CAAC;AAE1B,eAAO,MAAM,mBAAmB,EAAE,mBAAmB,EAOpD,CAAC;AAEF,MAAM,WAAW,UAAU;IACzB,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,cAAc,CAAC;IACrB,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,OAAO,EAAE,OAAO,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAChC,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,oFAAoF;AACpF,MAAM,WAAW,oBAAqB,SAAQ,UAAU;IACtD,aAAa,EAAE,MAAM,CAAC;CACvB;AAED,MAAM,WAAW,qBAAqB;IACpC,IAAI,EAAE,cAAc,CAAC;IACrB,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAChC,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,OAAO,CAAC,EAAE,OAAO,CAAC;CACnB;AAED,MAAM,MAAM,wBAAwB,GAAG,SAAS,GAAG,WAAW,GAAG,QAAQ,CAAC;AAE1E,MAAM,WAAW,kBAAkB;IACjC,EAAE,EAAE,MAAM,CAAC;IACX,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,MAAM,EAAE,wBAAwB,CAAC;IACjC,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5B,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,aAAa,EAAE,MAAM,CAAC;IACtB,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,6BAA6B;IAC5C,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,MAAM,mBAAmB,GAAG,UAAU,GAAG,WAAW,GAAG,WAAW,GAAG,UAAU,CAAC;AAEtF,MAAM,WAAW,aAAa;IAC5B,EAAE,EAAE,MAAM,CAAC;IACX,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,OAAO,EAAE,aAAa,EAAE,GAAG,IAAI,CAAC;IAChC,cAAc,EAAE,MAAM,GAAG,IAAI,CAAC;IAC9B,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,EAAE,mBAAmB,CAAC;IAC5B,eAAe,EAAE,MAAM,GAAG,IAAI,CAAC;IAC/B,MAAM,EAAE,MAAM,GAAG,IAAI,CAAC;IACtB,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,sBAAsB;IACrC,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,OAAO,CAAC,EAAE,aAAa,EAAE,CAAC;IAC1B,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,2FAA2F;IAC3F,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB;AAED,MAAM,WAAW,uBAAuB;IACtC,UAAU,EAAE,aAAa,CAAC;IAC1B,cAAc,EAAE,cAAc,CAAC;CAChC;AAED,MAAM,WAAW,wBAAwB;IACvC,YAAY,EAAE,MAAM,CAAC;IACrB,WAAW,EAAE,MAAM,CAAC;IACpB,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB;AAED,MAAM,WAAW,wBAAwB;IACvC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,KAAK,CAAC,EAAE,QAAQ,CAAC;IACjB,OAAO,CAAC,EAAE,UAAU,CAAC;IACrB,MAAM,CAAC,EAAE,mBAAmB,CAAC;IAC7B,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB"}

package/dist/api/types.js

@@ -0,0 +1,9 @@
+export const WEBHOOK_EVENT_TYPES = [
+    'deposit.detected',
+    'deposit.confirmed',
+    'deposit.rejected',
+    'withdrawal.broadcast',
+    'withdrawal.confirmed',
+    'withdrawal.rejected'
+];
+//# sourceMappingURL=types.js.map

package/dist/api/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/api/types.ts"],"names":[],"mappings":"AA6LA,MAAM,CAAC,MAAM,mBAAmB,GAA0B;IACxD,kBAAkB;IAClB,mBAAmB;IACnB,kBAAkB;IAClB,sBAAsB;IACtB,sBAAsB;IACtB,qBAAqB;CACtB,CAAC"}

package/dist/chains.d.ts

@@ -0,0 +1,25 @@
+import type { SupportedChain, SupportedNetwork } from './types.js';
+export declare const SUPPORTED_CHAINS: readonly ["ethereum", "bitcoin", "xrp", "polkadot"];
+export declare const SUPPORTED_NETWORKS: readonly ["mainnet", "sepolia", "testnet", "paseo"];
+export declare const DEFAULT_CHAIN: SupportedChain;
+export declare const DEFAULT_NETWORK: SupportedNetwork;
+export interface ChainDefinition {
+    id: SupportedChain;
+    displayName: string;
+    derivationPathPrefix: string;
+    testnetDerivationPathPrefix?: string;
+    addressStyle: string;
+}
+export declare const CHAIN_DEFINITIONS: Record<SupportedChain, ChainDefinition>;
+/**
+ * SS58 address prefix per network. The 32-byte public key is the real account
+ * identity (the server matches on it), so the prefix only changes the rendered
+ * string: 0 for Polkadot mainnet, 42 for the Paseo testnet (generic Substrate).
+ */
+export declare const POLKADOT_SS58_FORMAT: Partial<Record<SupportedNetwork, number>>;
+export declare function isSupportedChain(value: string): value is SupportedChain;
+export declare function assertSupportedChain(value: string | undefined): SupportedChain;
+export declare function getChainDefinition(chain: SupportedChain): ChainDefinition;
+export declare function isSupportedNetwork(value: string): value is SupportedNetwork;
+export declare function assertSupportedNetwork(value: string | undefined): SupportedNetwork;
+//# sourceMappingURL=chains.d.ts.map

package/dist/chains.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"chains.d.ts","sourceRoot":"","sources":["../src/chains.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,cAAc,EAAE,gBAAgB,EAAE,MAAM,YAAY,CAAC;AAEnE,eAAO,MAAM,gBAAgB,qDAAsD,CAAC;AACpF,eAAO,MAAM,kBAAkB,qDAAsD,CAAC;AACtF,eAAO,MAAM,aAAa,EAAE,cAA2B,CAAC;AACxD,eAAO,MAAM,eAAe,EAAE,gBAA4B,CAAC;AAE3D,MAAM,WAAW,eAAe;IAC9B,EAAE,EAAE,cAAc,CAAC;IACnB,WAAW,EAAE,MAAM,CAAC;IACpB,oBAAoB,EAAE,MAAM,CAAC;IAC7B,2BAA2B,CAAC,EAAE,MAAM,CAAC;IACrC,YAAY,EAAE,MAAM,CAAC;CACtB;AAED,eAAO,MAAM,iBAAiB,EAAE,MAAM,CAAC,cAAc,EAAE,eAAe,CA4BrE,CAAC;AAEF;;;;GAIG;AACH,eAAO,MAAM,oBAAoB,EAAE,OAAO,CAAC,MAAM,CAAC,gBAAgB,EAAE,MAAM,CAAC,CAG1E,CAAC;AAEF,wBAAgB,gBAAgB,CAAC,KAAK,EAAE,MAAM,GAAG,KAAK,IAAI,cAAc,CAEvE;AAED,wBAAgB,oBAAoB,CAAC,KAAK,EAAE,MAAM,GAAG,SAAS,GAAG,cAAc,CAU9E;AAED,wBAAgB,kBAAkB,CAAC,KAAK,EAAE,cAAc,GAAG,eAAe,CAEzE;AAED,wBAAgB,kBAAkB,CAAC,KAAK,EAAE,MAAM,GAAG,KAAK,IAAI,gBAAgB,CAE3E;AAED,wBAAgB,sBAAsB,CAAC,KAAK,EAAE,MAAM,GAAG,SAAS,GAAG,gBAAgB,CAQlF"}

package/dist/chains.js

@@ -0,0 +1,67 @@
+import { ValidationError } from './errors.js';
+export const SUPPORTED_CHAINS = ['ethereum', 'bitcoin', 'xrp', 'polkadot'];
+export const SUPPORTED_NETWORKS = ['mainnet', 'sepolia', 'testnet', 'paseo'];
+export const DEFAULT_CHAIN = 'ethereum';
+export const DEFAULT_NETWORK = 'mainnet';
+export const CHAIN_DEFINITIONS = {
+    ethereum: {
+        id: 'ethereum',
+        displayName: 'Ethereum',
+        derivationPathPrefix: "m/44'/60'/0'/0",
+        addressStyle: 'hex'
+    },
+    bitcoin: {
+        id: 'bitcoin',
+        displayName: 'Bitcoin',
+        derivationPathPrefix: "m/84'/0'/0'/0",
+        testnetDerivationPathPrefix: "m/84'/1'/0'/0",
+        addressStyle: 'bech32'
+    },
+    xrp: {
+        id: 'xrp',
+        displayName: 'XRP',
+        derivationPathPrefix: "m/44'/144'/0'/0",
+        addressStyle: 'classic'
+    },
+    polkadot: {
+        id: 'polkadot',
+        displayName: 'Polkadot',
+        // Substrate sr25519 accounts use junction-style soft/hard derivation rather
+        // than a BIP44 path; buildDerivationPath emits `//<index>` (a hard junction).
+        derivationPathPrefix: '//',
+        addressStyle: 'ss58'
+    }
+};
+/**
+ * SS58 address prefix per network. The 32-byte public key is the real account
+ * identity (the server matches on it), so the prefix only changes the rendered
+ * string: 0 for Polkadot mainnet, 42 for the Paseo testnet (generic Substrate).
+ */
+export const POLKADOT_SS58_FORMAT = {
+    mainnet: 0,
+    paseo: 42
+};
+export function isSupportedChain(value) {
+    return SUPPORTED_CHAINS.includes(value);
+}
+export function assertSupportedChain(value) {
+    const normalized = value?.trim().toLowerCase() ?? DEFAULT_CHAIN;
+    if (!isSupportedChain(normalized)) {
+        throw new ValidationError(`Unsupported chain "${value}". Supported chains are: ${SUPPORTED_CHAINS.join(', ')}.`);
+    }
+    return normalized;
+}
+export function getChainDefinition(chain) {
+    return CHAIN_DEFINITIONS[chain];
+}
+export function isSupportedNetwork(value) {
+    return SUPPORTED_NETWORKS.includes(value);
+}
+export function assertSupportedNetwork(value) {
+    const normalized = value?.trim().toLowerCase() ?? DEFAULT_NETWORK;
+    if (!isSupportedNetwork(normalized)) {
+        throw new ValidationError(`Unsupported network "${value}". Supported networks are: ${SUPPORTED_NETWORKS.join(', ')}.`);
+    }
+    return normalized;
+}
+//# sourceMappingURL=chains.js.map

package/dist/chains.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"chains.js","sourceRoot":"","sources":["../src/chains.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAG9C,MAAM,CAAC,MAAM,gBAAgB,GAAG,CAAC,UAAU,EAAE,SAAS,EAAE,KAAK,EAAE,UAAU,CAAU,CAAC;AACpF,MAAM,CAAC,MAAM,kBAAkB,GAAG,CAAC,SAAS,EAAE,SAAS,EAAE,SAAS,EAAE,OAAO,CAAU,CAAC;AACtF,MAAM,CAAC,MAAM,aAAa,GAAmB,UAAU,CAAC;AACxD,MAAM,CAAC,MAAM,eAAe,GAAqB,SAAS,CAAC;AAU3D,MAAM,CAAC,MAAM,iBAAiB,GAA4C;IACxE,QAAQ,EAAE;QACR,EAAE,EAAE,UAAU;QACd,WAAW,EAAE,UAAU;QACvB,oBAAoB,EAAE,gBAAgB;QACtC,YAAY,EAAE,KAAK;KACpB;IACD,OAAO,EAAE;QACP,EAAE,EAAE,SAAS;QACb,WAAW,EAAE,SAAS;QACtB,oBAAoB,EAAE,eAAe;QACrC,2BAA2B,EAAE,eAAe;QAC5C,YAAY,EAAE,QAAQ;KACvB;IACD,GAAG,EAAE;QACH,EAAE,EAAE,KAAK;QACT,WAAW,EAAE,KAAK;QAClB,oBAAoB,EAAE,iBAAiB;QACvC,YAAY,EAAE,SAAS;KACxB;IACD,QAAQ,EAAE;QACR,EAAE,EAAE,UAAU;QACd,WAAW,EAAE,UAAU;QACvB,4EAA4E;QAC5E,8EAA8E;QAC9E,oBAAoB,EAAE,IAAI;QAC1B,YAAY,EAAE,MAAM;KACrB;CACF,CAAC;AAEF;;;;GAIG;AACH,MAAM,CAAC,MAAM,oBAAoB,GAA8C;IAC7E,OAAO,EAAE,CAAC;IACV,KAAK,EAAE,EAAE;CACV,CAAC;AAEF,MAAM,UAAU,gBAAgB,CAAC,KAAa;IAC5C,OAAO,gBAAgB,CAAC,QAAQ,CAAC,KAAuB,CAAC,CAAC;AAC5D,CAAC;AAED,MAAM,UAAU,oBAAoB,CAAC,KAAyB;IAC5D,MAAM,UAAU,GAAG,KAAK,EAAE,IAAI,EAAE,CAAC,WAAW,EAAE,IAAI,aAAa,CAAC;IAEhE,IAAI,CAAC,gBAAgB,CAAC,UAAU,CAAC,EAAE,CAAC;QAClC,MAAM,IAAI,eAAe,CACvB,sBAAsB,KAAK,4BAA4B,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CACtF,CAAC;IACJ,CAAC;IAED,OAAO,UAAU,CAAC;AACpB,CAAC;AAED,MAAM,UAAU,kBAAkB,CAAC,KAAqB;IACtD,OAAO,iBAAiB,CAAC,KAAK,CAAC,CAAC;AAClC,CAAC;AAED,MAAM,UAAU,kBAAkB,CAAC,KAAa;IAC9C,OAAO,kBAAkB,CAAC,QAAQ,CAAC,KAAyB,CAAC,CAAC;AAChE,CAAC;AAED,MAAM,UAAU,sBAAsB,CAAC,KAAyB;IAC9D,MAAM,UAAU,GAAG,KAAK,EAAE,IAAI,EAAE,CAAC,WAAW,EAAE,IAAI,eAAe,CAAC;IAClE,IAAI,CAAC,kBAAkB,CAAC,UAAU,CAAC,EAAE,CAAC;QACpC,MAAM,IAAI,eAAe,CACvB,wBAAwB,KAAK,8BAA8B,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAC5F,CAAC;IACJ,CAAC;IACD,OAAO,UAAU,CAAC;AACpB,CAAC"}

package/dist/constants.d.ts

@@ -0,0 +1,17 @@
+export declare const STORAGE_SCHEMA_VERSION = 3;
+export declare const DEFAULT_STORAGE_ENV_VAR = "GUVENO_WALLET_HOME";
+export declare const DEFAULT_STORAGE_DIR: string;
+export declare const DEFAULT_API_BASE_URL_ENV_VAR = "GUVENO_API_BASE_URL";
+export declare const DEFAULT_API_BASE_URL = "http://localhost:3000/api/v1";
+export declare const STORAGE_LOCK_TIMEOUT_MS = 5000;
+export declare const STORAGE_LOCK_RETRY_MS = 50;
+export declare const ENCRYPTION_ALGORITHM = "aes-256-gcm";
+export declare const ENCRYPTION_KDF = "scrypt";
+export declare const SCRYPT_PARAMS: {
+    readonly cost: 16384;
+    readonly blockSize: 8;
+    readonly parallelization: 1;
+    readonly keyLength: 32;
+};
+export declare const SUPPORTED_MNEMONIC_WORD_COUNTS: readonly [12, 24];
+//# sourceMappingURL=constants.d.ts.map

package/dist/constants.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"constants.d.ts","sourceRoot":"","sources":["../src/constants.ts"],"names":[],"mappings":"AAGA,eAAO,MAAM,sBAAsB,IAAI,CAAC;AACxC,eAAO,MAAM,uBAAuB,uBAAuB,CAAC;AAC5D,eAAO,MAAM,mBAAmB,QAAkC,CAAC;AACnE,eAAO,MAAM,4BAA4B,wBAAwB,CAAC;AAClE,eAAO,MAAM,oBAAoB,iCAAiC,CAAC;AACnE,eAAO,MAAM,uBAAuB,OAAQ,CAAC;AAC7C,eAAO,MAAM,qBAAqB,KAAK,CAAC;AACxC,eAAO,MAAM,oBAAoB,gBAAgB,CAAC;AAClD,eAAO,MAAM,cAAc,WAAW,CAAC;AACvC,eAAO,MAAM,aAAa;;;;;CAKhB,CAAC;AACX,eAAO,MAAM,8BAA8B,mBAAoB,CAAC"}

package/dist/constants.js

@@ -0,0 +1,19 @@
+import { homedir } from 'node:os';
+import path from 'node:path';
+export const STORAGE_SCHEMA_VERSION = 3;
+export const DEFAULT_STORAGE_ENV_VAR = 'GUVENO_WALLET_HOME';
+export const DEFAULT_STORAGE_DIR = path.join(homedir(), '.guveno');
+export const DEFAULT_API_BASE_URL_ENV_VAR = 'GUVENO_API_BASE_URL';
+export const DEFAULT_API_BASE_URL = 'http://localhost:3000/api/v1';
+export const STORAGE_LOCK_TIMEOUT_MS = 5_000;
+export const STORAGE_LOCK_RETRY_MS = 50;
+export const ENCRYPTION_ALGORITHM = 'aes-256-gcm';
+export const ENCRYPTION_KDF = 'scrypt';
+export const SCRYPT_PARAMS = {
+    cost: 16_384,
+    blockSize: 8,
+    parallelization: 1,
+    keyLength: 32
+};
+export const SUPPORTED_MNEMONIC_WORD_COUNTS = [12, 24];
+//# sourceMappingURL=constants.js.map

package/dist/constants.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"constants.js","sourceRoot":"","sources":["../src/constants.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAClC,OAAO,IAAI,MAAM,WAAW,CAAC;AAE7B,MAAM,CAAC,MAAM,sBAAsB,GAAG,CAAC,CAAC;AACxC,MAAM,CAAC,MAAM,uBAAuB,GAAG,oBAAoB,CAAC;AAC5D,MAAM,CAAC,MAAM,mBAAmB,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,EAAE,SAAS,CAAC,CAAC;AACnE,MAAM,CAAC,MAAM,4BAA4B,GAAG,qBAAqB,CAAC;AAClE,MAAM,CAAC,MAAM,oBAAoB,GAAG,8BAA8B,CAAC;AACnE,MAAM,CAAC,MAAM,uBAAuB,GAAG,KAAK,CAAC;AAC7C,MAAM,CAAC,MAAM,qBAAqB,GAAG,EAAE,CAAC;AACxC,MAAM,CAAC,MAAM,oBAAoB,GAAG,aAAa,CAAC;AAClD,MAAM,CAAC,MAAM,cAAc,GAAG,QAAQ,CAAC;AACvC,MAAM,CAAC,MAAM,aAAa,GAAG;IAC3B,IAAI,EAAE,MAAM;IACZ,SAAS,EAAE,CAAC;IACZ,eAAe,EAAE,CAAC;IAClB,SAAS,EAAE,EAAE;CACL,CAAC;AACX,MAAM,CAAC,MAAM,8BAA8B,GAAG,CAAC,EAAE,EAAE,EAAE,CAAU,CAAC"}

package/dist/crypto/sealed-box.d.ts

@@ -0,0 +1,8 @@
+export interface SealedSecretJson {
+    version: number;
+    type: 'x25519-sealed-box';
+    recipientPublicKey: string;
+    ciphertext: string;
+}
+export declare function sealSecret(mnemonic: string, recipientPublicKeyBase64: string): SealedSecretJson;
+//# sourceMappingURL=sealed-box.d.ts.map

package/dist/crypto/sealed-box.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"sealed-box.d.ts","sourceRoot":"","sources":["../../src/crypto/sealed-box.ts"],"names":[],"mappings":"AAUA,MAAM,WAAW,gBAAgB;IAC/B,OAAO,EAAE,MAAM,CAAC;IAChB,IAAI,EAAE,mBAAmB,CAAC;IAC1B,kBAAkB,EAAE,MAAM,CAAC;IAC3B,UAAU,EAAE,MAAM,CAAC;CACpB;AAiED,wBAAgB,UAAU,CAAC,QAAQ,EAAE,MAAM,EAAE,wBAAwB,EAAE,MAAM,GAAG,gBAAgB,CAmB/F"}

package/dist/crypto/sealed-box.js

@@ -0,0 +1,66 @@
+import { createCipheriv, createPublicKey, diffieHellman, generateKeyPairSync, hkdfSync, randomBytes } from 'node:crypto';
+function toBase64Url(raw) {
+    return raw.toString('base64url');
+}
+function fromBase64Url(value) {
+    return Buffer.from(value, 'base64url');
+}
+function toBase64(raw) {
+    return Buffer.from(raw).toString('base64');
+}
+function fromBase64(value) {
+    return Buffer.from(value, 'base64');
+}
+function createRawPublicKey(rawPublicKey) {
+    return createPublicKey({
+        format: 'jwk',
+        key: {
+            kty: 'OKP',
+            crv: 'X25519',
+            x: toBase64Url(rawPublicKey)
+        }
+    });
+}
+function exportRawPublicKey(publicKey) {
+    const jwk = publicKey.export({ format: 'jwk' });
+    if (typeof jwk.x !== 'string') {
+        throw new Error('Unable to export generated X25519 public key.');
+    }
+    return fromBase64Url(jwk.x);
+}
+function deriveSharedAesKey(privateKey, publicKey) {
+    const shared = diffieHellman({ privateKey, publicKey });
+    return Buffer.from(hkdfSync('sha256', shared, Buffer.alloc(0), Buffer.from('guveno-sealed-box'), 32));
+}
+function encryptPayload(aesKey, payload) {
+    const iv = randomBytes(12);
+    const cipher = createCipheriv('aes-256-gcm', aesKey, iv);
+    const ciphertext = Buffer.concat([cipher.update(payload), cipher.final()]);
+    const tag = cipher.getAuthTag();
+    return {
+        ephemeralPublicKey: '',
+        iv: toBase64(iv),
+        tag: toBase64(tag),
+        ciphertext: toBase64(ciphertext)
+    };
+}
+export function sealSecret(mnemonic, recipientPublicKeyBase64) {
+    const recipientPublicKey = createRawPublicKey(fromBase64(recipientPublicKeyBase64));
+    const { privateKey: ephemeralPrivateKey, publicKey: ephemeralPublicKey } = generateKeyPairSync('x25519');
+    const aesKey = deriveSharedAesKey(ephemeralPrivateKey, recipientPublicKey);
+    try {
+        const payload = Buffer.from(JSON.stringify({ mnemonic }), 'utf8');
+        const sealedPayload = encryptPayload(aesKey, payload);
+        sealedPayload.ephemeralPublicKey = toBase64(exportRawPublicKey(ephemeralPublicKey));
+        return {
+            version: 1,
+            type: 'x25519-sealed-box',
+            recipientPublicKey: recipientPublicKeyBase64,
+            ciphertext: toBase64(Buffer.from(JSON.stringify(sealedPayload), 'utf8'))
+        };
+    }
+    finally {
+        aesKey.fill(0);
+    }
+}
+//# sourceMappingURL=sealed-box.js.map

package/dist/crypto/sealed-box.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"sealed-box.js","sourceRoot":"","sources":["../../src/crypto/sealed-box.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,cAAc,EACd,eAAe,EACf,aAAa,EACb,mBAAmB,EACnB,QAAQ,EACR,WAAW,EAEZ,MAAM,aAAa,CAAC;AAgBrB,SAAS,WAAW,CAAC,GAAW;IAC9B,OAAO,GAAG,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;AACnC,CAAC;AAED,SAAS,aAAa,CAAC,KAAa;IAClC,OAAO,MAAM,CAAC,IAAI,CAAC,KAAK,EAAE,WAAW,CAAC,CAAC;AACzC,CAAC;AAED,SAAS,QAAQ,CAAC,GAAwB;IACxC,OAAO,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;AAC7C,CAAC;AAED,SAAS,UAAU,CAAC,KAAa;IAC/B,OAAO,MAAM,CAAC,IAAI,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC;AACtC,CAAC;AAED,SAAS,kBAAkB,CAAC,YAAoB;IAC9C,OAAO,eAAe,CAAC;QACrB,MAAM,EAAE,KAAK;QACb,GAAG,EAAE;YACH,GAAG,EAAE,KAAK;YACV,GAAG,EAAE,QAAQ;YACb,CAAC,EAAE,WAAW,CAAC,YAAY,CAAC;SAC7B;KACF,CAAC,CAAC;AACL,CAAC;AAED,SAAS,kBAAkB,CAAC,SAAoB;IAC9C,MAAM,GAAG,GAAG,SAAS,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,KAAK,EAAE,CAAmB,CAAC;IAElE,IAAI,OAAO,GAAG,CAAC,CAAC,KAAK,QAAQ,EAAE,CAAC;QAC9B,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;IACnE,CAAC;IAED,OAAO,aAAa,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;AAC9B,CAAC;AAED,SAAS,kBAAkB,CAAC,UAAqB,EAAE,SAAoB;IACrE,MAAM,MAAM,GAAG,aAAa,CAAC,EAAE,UAAU,EAAE,SAAS,EAAE,CAAC,CAAC;IACxD,OAAO,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,MAAM,CAAC,IAAI,CAAC,mBAAmB,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC;AACxG,CAAC;AAED,SAAS,cAAc,CAAC,MAAc,EAAE,OAAe;IACrD,MAAM,EAAE,GAAG,WAAW,CAAC,EAAE,CAAC,CAAC;IAC3B,MAAM,MAAM,GAAG,cAAc,CAAC,aAAa,EAAE,MAAM,EAAE,EAAE,CAAC,CAAC;IACzD,MAAM,UAAU,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;IAC3E,MAAM,GAAG,GAAG,MAAM,CAAC,UAAU,EAAE,CAAC;IAEhC,OAAO;QACL,kBAAkB,EAAE,EAAE;QACtB,EAAE,EAAE,QAAQ,CAAC,EAAE,CAAC;QAChB,GAAG,EAAE,QAAQ,CAAC,GAAG,CAAC;QAClB,UAAU,EAAE,QAAQ,CAAC,UAAU,CAAC;KACjC,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,UAAU,CAAC,QAAgB,EAAE,wBAAgC;IAC3E,MAAM,kBAAkB,GAAG,kBAAkB,CAAC,UAAU,CAAC,wBAAwB,CAAC,CAAC,CAAC;IACpF,MAAM,EAAE,UAAU,EAAE,mBAAmB,EAAE,SAAS,EAAE,kBAAkB,EAAE,GAAG,mBAAmB,CAAC,QAAQ,CAAC,CAAC;IACzG,MAAM,MAAM,GAAG,kBAAkB,CAAC,mBAAmB,EAAE,kBAAkB,CAAC,CAAC;IAE3E,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,QAAQ,EAAE,CAAC,EAAE,MAAM,CAAC,CAAC;QAClE,MAAM,aAAa,GAAG,cAAc,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QACtD,aAAa,CAAC,kBAAkB,GAAG,QAAQ,CAAC,kBAAkB,CAAC,kBAAkB,CAAC,CAAC,CAAC;QAEpF,OAAO;YACL,OAAO,EAAE,CAAC;YACV,IAAI,EAAE,mBAAmB;YACzB,kBAAkB,EAAE,wBAAwB;YAC5C,UAAU,EAAE,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,aAAa,CAAC,EAAE,MAAM,CAAC,CAAC;SACzE,CAAC;IACJ,CAAC;YAAS,CAAC;QACT,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACjB,CAAC;AACH,CAAC"}

package/dist/derivation.d.ts

@@ -0,0 +1,26 @@
+import type { SupportedChain, SupportedNetwork } from './types.js';
+export interface DerivationOptions {
+    chain?: SupportedChain;
+    network?: SupportedNetwork;
+    prefix?: string;
+}
+export interface DerivedAddressResult {
+    chain: SupportedChain;
+    network: SupportedNetwork;
+    address: string;
+    derivationPath: string;
+    index: number;
+}
+export declare function buildDerivationPath(index: number, options?: DerivationOptions): string;
+export declare function deriveEthereumAddress(mnemonic: string, index: number, network?: SupportedNetwork, prefix?: string): DerivedAddressResult;
+export declare function deriveBitcoinAddress(mnemonic: string, index: number, network?: SupportedNetwork, prefix?: string): DerivedAddressResult;
+export declare function deriveXrpAddress(mnemonic: string, index: number, network?: SupportedNetwork, prefix?: string): DerivedAddressResult;
+/**
+ * Derives a Polkadot (sr25519) account from a mnemonic. Unlike the secp256k1/ed25519
+ * chains this is async: schnorrkel signing initializes a WASM module that must be
+ * ready first. The account uses the substrate hard junction `//<index>`, so the same
+ * mnemonic recovers identical accounts in Polkadot-JS / Talisman.
+ */
+export declare function derivePolkadotAddress(mnemonic: string, index: number, network?: SupportedNetwork): Promise<DerivedAddressResult>;
+export declare function deriveAddress(mnemonic: string, index: number, options?: DerivationOptions): Promise<DerivedAddressResult>;
+//# sourceMappingURL=derivation.d.ts.map

package/dist/derivation.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"derivation.d.ts","sourceRoot":"","sources":["../src/derivation.ts"],"names":[],"mappings":"AAUA,OAAO,KAAK,EAAE,cAAc,EAAE,gBAAgB,EAAE,MAAM,YAAY,CAAC;AAMnE,MAAM,WAAW,iBAAiB;IAChC,KAAK,CAAC,EAAE,cAAc,CAAC;IACvB,OAAO,CAAC,EAAE,gBAAgB,CAAC;IAC3B,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,oBAAoB;IACnC,KAAK,EAAE,cAAc,CAAC;IACtB,OAAO,EAAE,gBAAgB,CAAC;IAC1B,OAAO,EAAE,MAAM,CAAC;IAChB,cAAc,EAAE,MAAM,CAAC;IACvB,KAAK,EAAE,MAAM,CAAC;CACf;AAED,wBAAgB,mBAAmB,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,GAAE,iBAAsB,GAAG,MAAM,CAsB1F;AAED,wBAAgB,qBAAqB,CACnC,QAAQ,EAAE,MAAM,EAChB,KAAK,EAAE,MAAM,EACb,OAAO,GAAE,gBAAkC,EAC3C,MAAM,SAAsD,GAC3D,oBAAoB,CAetB;AAED,wBAAgB,oBAAoB,CAClC,QAAQ,EAAE,MAAM,EAChB,KAAK,EAAE,MAAM,EACb,OAAO,GAAE,gBAAkC,EAC3C,MAAM,SAAqD,GAC1D,oBAAoB,CA0BtB;AAED,wBAAgB,gBAAgB,CAC9B,QAAQ,EAAE,MAAM,EAChB,KAAK,EAAE,MAAM,EACb,OAAO,GAAE,gBAAkC,EAC3C,MAAM,SAAiD,GACtD,oBAAoB,CAiBtB;AAED;;;;;GAKG;AACH,wBAAsB,qBAAqB,CACzC,QAAQ,EAAE,MAAM,EAChB,KAAK,EAAE,MAAM,EACb,OAAO,GAAE,gBAAkC,GAC1C,OAAO,CAAC,oBAAoB,CAAC,CAc/B;AAED,wBAAsB,aAAa,CACjC,QAAQ,EAAE,MAAM,EAChB,KAAK,EAAE,MAAM,EACb,OAAO,GAAE,iBAAsB,GAC9B,OAAO,CAAC,oBAAoB,CAAC,CAa/B"}

package/dist/derivation.js

@@ -0,0 +1,121 @@
+import { Keyring } from '@polkadot/keyring';
+import { cryptoWaitReady } from '@polkadot/util-crypto';
+import { mnemonicToSeedSync } from '@scure/bip39';
+import { BIP32Factory } from 'bip32';
+import { initEccLib, networks, payments } from 'bitcoinjs-lib';
+import { HDNodeWallet } from 'ethers';
+import * as ecc from 'tiny-secp256k1';
+import { Wallet as XrplWallet } from 'xrpl';
+import { DEFAULT_CHAIN, DEFAULT_NETWORK, getChainDefinition, POLKADOT_SS58_FORMAT } from './chains.js';
+import { ValidationError } from './errors.js';
+initEccLib(ecc);
+const bip32 = BIP32Factory(ecc);
+export function buildDerivationPath(index, options = {}) {
+    if (!Number.isInteger(index) || index < 0) {
+        throw new ValidationError('Account index must be a non-negative integer.');
+    }
+    const chain = options.chain ?? DEFAULT_CHAIN;
+    const network = options.network ?? DEFAULT_NETWORK;
+    // Polkadot/Substrate use junction-style derivation, not BIP44: a hard junction
+    // `//<index>` appended to the mnemonic (e.g. `//0`), so don't `/`-join a prefix.
+    if (chain === 'polkadot') {
+        return `//${index}`;
+    }
+    const definition = getChainDefinition(chain);
+    const prefix = options.prefix ??
+        (chain === 'bitcoin' && network === 'testnet'
+            ? definition.testnetDerivationPathPrefix ?? definition.derivationPathPrefix
+            : definition.derivationPathPrefix);
+    return `${prefix}/${index}`;
+}
+export function deriveEthereumAddress(mnemonic, index, network = DEFAULT_NETWORK, prefix = getChainDefinition('ethereum').derivationPathPrefix) {
+    const derivationPath = buildDerivationPath(index, {
+        chain: 'ethereum',
+        network,
+        prefix
+    });
+    const wallet = HDNodeWallet.fromPhrase(mnemonic, undefined, derivationPath);
+    return {
+        chain: 'ethereum',
+        network,
+        address: wallet.address,
+        derivationPath,
+        index
+    };
+}
+export function deriveBitcoinAddress(mnemonic, index, network = DEFAULT_NETWORK, prefix = getChainDefinition('bitcoin').derivationPathPrefix) {
+    const derivationPath = buildDerivationPath(index, {
+        chain: 'bitcoin',
+        network,
+        prefix
+    });
+    const seed = mnemonicToSeedSync(mnemonic);
+    const btcNetwork = network === 'testnet' ? networks.testnet : networks.bitcoin;
+    const root = bip32.fromSeed(Buffer.from(seed), btcNetwork);
+    const child = root.derivePath(derivationPath);
+    const payment = payments.p2wpkh({
+        pubkey: Buffer.from(child.publicKey),
+        network: btcNetwork
+    });
+    if (payment.address == null) {
+        throw new ValidationError('Unable to derive a Bitcoin address from the supplied mnemonic.');
+    }
+    return {
+        chain: 'bitcoin',
+        network,
+        address: payment.address,
+        derivationPath,
+        index
+    };
+}
+export function deriveXrpAddress(mnemonic, index, network = DEFAULT_NETWORK, prefix = getChainDefinition('xrp').derivationPathPrefix) {
+    const derivationPath = buildDerivationPath(index, {
+        chain: 'xrp',
+        network,
+        prefix
+    });
+    const wallet = XrplWallet.fromMnemonic(mnemonic, {
+        derivationPath
+    });
+    return {
+        chain: 'xrp',
+        network,
+        address: wallet.classicAddress,
+        derivationPath,
+        index
+    };
+}
+/**
+ * Derives a Polkadot (sr25519) account from a mnemonic. Unlike the secp256k1/ed25519
+ * chains this is async: schnorrkel signing initializes a WASM module that must be
+ * ready first. The account uses the substrate hard junction `//<index>`, so the same
+ * mnemonic recovers identical accounts in Polkadot-JS / Talisman.
+ */
+export async function derivePolkadotAddress(mnemonic, index, network = DEFAULT_NETWORK) {
+    const derivationPath = buildDerivationPath(index, { chain: 'polkadot', network });
+    await cryptoWaitReady();
+    const ss58Format = POLKADOT_SS58_FORMAT[network] ?? 0;
+    const keyring = new Keyring({ type: 'sr25519', ss58Format });
+    const pair = keyring.createFromUri(`${mnemonic}${derivationPath}`);
+    return {
+        chain: 'polkadot',
+        network,
+        address: pair.address,
+        derivationPath,
+        index
+    };
+}
+export async function deriveAddress(mnemonic, index, options = {}) {
+    const chain = options.chain ?? DEFAULT_CHAIN;
+    switch (chain) {
+        case 'ethereum':
+            return deriveEthereumAddress(mnemonic, index, options.network, options.prefix);
+        case 'bitcoin':
+            return deriveBitcoinAddress(mnemonic, index, options.network, options.prefix);
+        case 'xrp':
+            return deriveXrpAddress(mnemonic, index, options.network, options.prefix);
+        case 'polkadot':
+            return derivePolkadotAddress(mnemonic, index, options.network);
+    }
+}
+//# sourceMappingURL=derivation.js.map