@gvnrdao/dh-sdk 0.0.288 → 0.0.289

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (76) hide show
  1. package/browser/dist/833.browser.js +1 -1
  2. package/browser/dist/browser.js +1 -1
  3. package/browser/dist/browser.js.LICENSE.txt +5 -10
  4. package/dist/constants/chunks/contract-abis.d.ts +20 -0
  5. package/dist/constants/chunks/deployment-addresses.d.ts +79 -0
  6. package/dist/constants/chunks/encrypted-provider-params.d.ts +21 -0
  7. package/dist/constants/chunks/environment.browser.d.ts +44 -0
  8. package/dist/constants/chunks/environment.d.ts +57 -0
  9. package/dist/constants/chunks/network-configs.d.ts +72 -0
  10. package/dist/constants/chunks/sdk-config.d.ts +33 -0
  11. package/dist/constants/chunks/sdk-limits.d.ts +66 -0
  12. package/dist/constants/index.d.ts +15 -0
  13. package/dist/contracts/typechain-contracts/common.d.ts +50 -0
  14. package/dist/contracts/typechain-contracts/factories/src/psm/SimplePSMV2__factory.d.ts +1996 -0
  15. package/dist/contracts/typechain-contracts/src/psm/SimplePSMV2.d.ts +1198 -0
  16. package/dist/deployments.js +21 -45
  17. package/dist/deployments.mjs +21 -45
  18. package/dist/graphs/client.d.ts +22 -0
  19. package/dist/graphs/diamond-hands.d.ts +259 -0
  20. package/dist/index.d.ts +56 -0
  21. package/dist/index.js +1123 -628
  22. package/dist/index.mjs +1123 -628
  23. package/dist/interfaces/chunks/btc.i.d.ts +36 -0
  24. package/dist/interfaces/chunks/config.i.d.ts +270 -0
  25. package/dist/interfaces/chunks/contract-interactions.i.d.ts +64 -0
  26. package/dist/interfaces/chunks/contract-types.i.d.ts +171 -0
  27. package/dist/interfaces/chunks/lit-actions-results.i.d.ts +165 -0
  28. package/dist/interfaces/chunks/lit-actions.i.d.ts +98 -0
  29. package/dist/interfaces/chunks/loan-operations.i.d.ts +331 -0
  30. package/dist/interfaces/chunks/pkp-integration.i.d.ts +87 -0
  31. package/dist/interfaces/chunks/position-query.i.d.ts +76 -0
  32. package/dist/interfaces/chunks/requests.i.d.ts +55 -0
  33. package/dist/interfaces/chunks/ucd-minting.i.d.ts +34 -0
  34. package/dist/interfaces/chunks/utility.i.d.ts +64 -0
  35. package/dist/interfaces/index.d.ts +17 -0
  36. package/dist/modules/bitcoin/bitcoin-operations.module.d.ts +254 -0
  37. package/dist/modules/cache/cache-manager.module.d.ts +259 -0
  38. package/dist/modules/contract/contract-manager.module.d.ts +152 -0
  39. package/dist/modules/diamond-hands-sdk.d.ts +969 -0
  40. package/dist/modules/loan/loan-creator.module.d.ts +132 -0
  41. package/dist/modules/loan/loan-query.module.d.ts +204 -0
  42. package/dist/modules/mock/mock-token-manager.module.d.ts +83 -0
  43. package/dist/modules/pkp/pkp-manager.module.d.ts +136 -0
  44. package/dist/modules/withdrawal-address/withdrawal-address.module.d.ts +78 -0
  45. package/dist/protocol/protocol-pause.d.ts +19 -0
  46. package/dist/server.d.ts +17 -0
  47. package/dist/types/authorization-params.d.ts +160 -0
  48. package/dist/types/branded/domain-values.d.ts +138 -0
  49. package/dist/types/branded/ids.d.ts +23 -0
  50. package/dist/types/event-types.d.ts +261 -0
  51. package/dist/types/graph-dtos.d.ts +228 -0
  52. package/dist/types/loanStatus.d.ts +10 -0
  53. package/dist/types/protocol-event-types.d.ts +99 -0
  54. package/dist/types/result.d.ts +120 -0
  55. package/dist/utils/address-conversion.utils.d.ts +51 -0
  56. package/dist/utils/bitcoin-address-cache.utils.d.ts +87 -0
  57. package/dist/utils/bitcoin-provider.utils.d.ts +84 -0
  58. package/dist/utils/btc-withdrawal-message.d.ts +60 -0
  59. package/dist/utils/chunks/bitcoin-utils.d.ts +85 -0
  60. package/dist/utils/chunks/eip1559-broadcast.utils.d.ts +33 -0
  61. package/dist/utils/eip712-login.d.ts +34 -0
  62. package/dist/utils/error-handler.d.ts +106 -0
  63. package/dist/utils/ethers-interop.utils.d.ts +146 -0
  64. package/dist/utils/extend-authorization.utils.d.ts +61 -0
  65. package/dist/utils/lit-signature.utils.d.ts +6 -0
  66. package/dist/utils/logger.utils.d.ts +142 -0
  67. package/dist/utils/mint-authorization.utils.d.ts +248 -0
  68. package/dist/utils/position-delegate.utils.d.ts +41 -0
  69. package/dist/utils/quantum-timing.d.ts +75 -0
  70. package/dist/utils/server-session.d.ts +50 -0
  71. package/dist/utils/service-endpoint-policy.d.ts +16 -0
  72. package/dist/utils/signature-tempering.utils.d.ts +34 -0
  73. package/dist/utils/telegram-messaging.utils.d.ts +188 -0
  74. package/package.json +1 -1
  75. package/browser/dist/397.browser.js +0 -2
  76. package/browser/dist/397.browser.js.LICENSE.txt +0 -1
@@ -0,0 +1,248 @@
1
+ /**
2
+ * UCD Mint Authorization Utilities
3
+ *
4
+ * Generates authorization signatures for UCD mint requests
5
+ * that can be verified by the ucd-mint-validator LIT Action.
6
+ * Also includes withdrawal authorization utilities.
7
+ */
8
+ import { type Provider, type Signer } from "ethers";
9
+ /**
10
+ * Owner Authorization Interface (matches lit-actions)
11
+ */
12
+ export interface MintOwnerAuthorization {
13
+ positionId: string;
14
+ timestamp: number;
15
+ chainId: number;
16
+ amount: string;
17
+ action: string;
18
+ signature: string;
19
+ }
20
+ /**
21
+ * Build the mint authorization message hash without signing.
22
+ *
23
+ * Use this when signing with a smart contract wallet (e.g. Safe) that
24
+ * needs to wrap the hash in its own domain before signing.
25
+ *
26
+ * Returns the raw hash AND the timestamp so both can be passed to
27
+ * generateMintAuthorization via the pre-computed signature overload.
28
+ *
29
+ * @param positionId - Position identifier
30
+ * @param amount - Amount to mint in wei (bigint)
31
+ * @param chainId - Chain ID for cross-chain replay protection
32
+ * @returns { hash, timestamp } — pass these to Safe for signing
33
+ */
34
+ export declare function buildMintAuthorizationHash(positionId: string, amount: bigint, chainId: number): {
35
+ hash: string;
36
+ timestamp: number;
37
+ };
38
+ /**
39
+ * Generate mint authorization signature
40
+ *
41
+ * Creates a signature that matches the format expected by
42
+ * AuthorizationModule.verifyMintAuthorization in lit-actions.
43
+ *
44
+ * Message structure:
45
+ * solidityKeccak256(
46
+ * ["bytes32", "uint256", "uint256", "uint256", "bytes32"],
47
+ * [positionId, timestamp, chainId, amount, actionHash]
48
+ * )
49
+ *
50
+ * Where:
51
+ * - actionHash = keccak256("mint-ucd")
52
+ * - Signer address is recovered from signature by LIT Action
53
+ * - LIT Action validates recovered address === position owner
54
+ *
55
+ * @param positionId - Position identifier
56
+ * @param amount - Amount to mint in wei (bigint)
57
+ * @param chainId - Chain ID for cross-chain replay protection
58
+ * @param signerOrPrecomputed - Either an ethers Signer (EOA) or { timestamp, signature } for smart contract wallets
59
+ * @returns Authorization object with signature
60
+ */
61
+ export declare function generateMintAuthorization(positionId: string, amount: bigint, chainId: number, signerOrPrecomputed: Signer | {
62
+ timestamp: number;
63
+ signature: string;
64
+ }): Promise<MintOwnerAuthorization>;
65
+ /**
66
+ * Payment Authorization Interface (matches lit-actions)
67
+ */
68
+ export interface PaymentOwnerAuthorization {
69
+ positionId: string;
70
+ timestamp: number;
71
+ chainId: number;
72
+ amount: string;
73
+ action: string;
74
+ signature: string;
75
+ }
76
+ /**
77
+ * Extend Position Authorization Interface (matches lit-actions)
78
+ */
79
+ export interface ExtendOwnerAuthorization {
80
+ positionId: string;
81
+ timestamp: number;
82
+ chainId: number;
83
+ selectedTerm: number;
84
+ action: string;
85
+ signature: string;
86
+ }
87
+ /**
88
+ * Balance Confirmation Authorization Interface
89
+ * For permissionless balance confirmation with quantum security
90
+ */
91
+ export interface BalanceConfirmationAuthorization {
92
+ positionId: string;
93
+ timestamp: number;
94
+ chainId: number;
95
+ caller: string;
96
+ action: string;
97
+ signature: string;
98
+ }
99
+ /**
100
+ * Generate payment authorization signature
101
+ *
102
+ * Creates a signature that matches the format expected by
103
+ * process-payment-validator LIT Action.
104
+ *
105
+ * Message structure:
106
+ * solidityKeccak256(
107
+ * ["bytes32", "uint256", "uint256", "uint256", "bytes32"],
108
+ * [positionId, timestamp, chainId, amount, actionHash]
109
+ * )
110
+ *
111
+ * Where:
112
+ * - actionHash = keccak256("make-payment")
113
+ * - Signer address is recovered from signature by LIT Action
114
+ * - LIT Action validates recovered address === position owner
115
+ */
116
+ export declare function generatePaymentAuthorization(positionId: string, amount: bigint, chainId: number, signer: Signer): Promise<PaymentOwnerAuthorization>;
117
+ /**
118
+ * Generate extend position authorization signature
119
+ *
120
+ * Creates a signature that matches the format expected by
121
+ * extend-position-validator LIT Action.
122
+ *
123
+ * Message structure:
124
+ * solidityKeccak256(
125
+ * ["bytes32", "uint256", "uint256", "uint256", "bytes32"],
126
+ * [positionId, timestamp, chainId, selectedTerm, actionHash]
127
+ * )
128
+ *
129
+ * Where:
130
+ * - actionHash = keccak256("extend-position")
131
+ * - Signer address is recovered from signature by LIT Action
132
+ * - LIT Action validates recovered address === position owner
133
+ */
134
+ export declare function generateExtendAuthorization(positionId: string, selectedTerm: number, chainId: number, signer: Signer): Promise<ExtendOwnerAuthorization>;
135
+ /**
136
+ * Optional Chipotle service fallback for `getPKPPublicKeyFromTokenId`.
137
+ *
138
+ * Chipotle PKPs have no on-chain `getPubkey(tokenId)` lookup, so when the
139
+ * SDK's in-memory `pkp-data` cache is empty (page reload, new device, cleared
140
+ * browser data) we recover the public key by re-running pkp-validator via the
141
+ * lit-ops-server `/api/lit/pkp/derive-public-key` endpoint. Chipotle key
142
+ * derivation is deterministic from `pkpId`, so this returns the same key.
143
+ */
144
+ export interface ChipotleServiceFallback {
145
+ serviceEndpoint: string;
146
+ /** Returns `Authorization`-style headers for the lit-ops-server request. */
147
+ getAuthHeader?: () => Promise<Record<string, string>>;
148
+ borrowerAddress?: string;
149
+ timeoutMs?: number;
150
+ debug?: boolean;
151
+ }
152
+ /**
153
+ * Get PKP public key from PKP token ID.
154
+ *
155
+ * For legacy PKPs minted as NFTs on Chronicle Yellowstone: looks up
156
+ * via `getPubkey(tokenId)` on the supplied PKP NFT contract.
157
+ *
158
+ * For Chipotle PKPs (ABI-encoded ETH address): there is no on-chain lookup, so
159
+ * if `chipotleFallback.serviceEndpoint` is configured, the public key is
160
+ * derived by calling lit-ops-server. If the fallback is not configured, this
161
+ * throws with a clear diagnostic.
162
+ *
163
+ * @param pkpTokenId - PKP token ID (bytes32 hex string)
164
+ * @param provider - Ethereum provider connected to the PKP NFT chain (legacy PKPs only)
165
+ * @param pkpNftContractAddress - PKP NFT contract address on that chain (legacy PKPs only)
166
+ * @param chipotleFallback - Service-mode fallback used when pkpTokenId is a Chipotle id
167
+ * @returns PKP public key as hex string with '0x' prefix
168
+ */
169
+ export declare function getPKPPublicKeyFromTokenId(pkpTokenId: string, provider?: Provider, pkpNftContractAddress?: string, chipotleFallback?: ChipotleServiceFallback): Promise<string>;
170
+ /**
171
+ * Withdraw Owner Authorization Interface (matches lit-actions)
172
+ */
173
+ export interface WithdrawOwnerAuthorization {
174
+ positionId: string;
175
+ timestamp: number;
176
+ chainId: number;
177
+ amount: string;
178
+ action: string;
179
+ signature: string;
180
+ }
181
+ /**
182
+ * Build the withdraw authorization message hash without signing.
183
+ *
184
+ * Use this when signing with a smart contract wallet (e.g. Safe) that
185
+ * needs to wrap the hash in its own domain before signing.
186
+ *
187
+ * @param positionId - Position identifier
188
+ * @param amount - Amount to withdraw in satoshis (bigint)
189
+ * @param chainId - Chain ID for cross-chain replay protection
190
+ * @param destinationAddress - Bitcoin destination address
191
+ * @returns { hash, timestamp } — pass these to Safe for signing
192
+ */
193
+ export declare function buildWithdrawAuthorizationHash(positionId: string, amount: bigint, chainId: number, destinationAddress: string): {
194
+ hash: string;
195
+ timestamp: number;
196
+ };
197
+ /**
198
+ * Generate withdrawal authorization signature
199
+ *
200
+ * Creates a signature that matches the format expected by
201
+ * AuthorizationModule.verifyWithdrawAuthorization in lit-actions.
202
+ *
203
+ * Message structure:
204
+ * solidityKeccak256(
205
+ * ["bytes32", "uint256", "uint256", "uint256", "string", "bytes32"],
206
+ * [positionId, timestamp, chainId, amount, destinationAddress, actionHash]
207
+ * )
208
+ *
209
+ * Where:
210
+ * - actionHash = keccak256("withdraw-btc")
211
+ * - Signer address is recovered from signature by LIT Action
212
+ * - LIT Action validates recovered address === position owner
213
+ *
214
+ * @param positionId - Position identifier
215
+ * @param amount - Amount to withdraw in satoshis (bigint)
216
+ * @param chainId - Chain ID for cross-chain replay protection
217
+ * @param signerOrPrecomputed - Either an ethers Signer (EOA) or { timestamp, signature } for smart contract wallets
218
+ * @param destinationAddress - Bitcoin address for withdrawal
219
+ * @returns Authorization object with signature
220
+ */
221
+ export declare function generateWithdrawAuthorization(positionId: string, amount: bigint, // satoshis
222
+ chainId: number, signerOrPrecomputed: Signer | {
223
+ timestamp: number;
224
+ signature: string;
225
+ }, destinationAddress: string): Promise<WithdrawOwnerAuthorization>;
226
+ /**
227
+ * Generate balance confirmation authorization signature
228
+ *
229
+ * Creates a signature for permissionless balance confirmation with quantum security.
230
+ * Unlike mint/payment (owner-signed), this is signed by the caller (anyone).
231
+ *
232
+ * Message structure:
233
+ * solidityKeccak256(
234
+ * ["bytes32", "uint256", "uint256", "address", "bytes32"],
235
+ * [positionId, timestamp, chainId, caller, actionHash]
236
+ * )
237
+ *
238
+ * Where:
239
+ * - actionHash = keccak256("confirm-balance")
240
+ * - Signer is the caller (anyone can call permissionlessly)
241
+ * - Quantum timestamp validates timing security
242
+ *
243
+ * @param positionId - Position identifier
244
+ * @param chainId - Chain ID for cross-chain replay protection
245
+ * @param signer - Ethereum signer to sign with (the caller)
246
+ * @returns Authorization object with signature
247
+ */
248
+ export declare function generateBalanceConfirmationAuthorization(positionId: string, chainId: number, signer: Signer): Promise<BalanceConfirmationAuthorization>;
@@ -0,0 +1,41 @@
1
+ /**
2
+ * Position Delegate Utilities
3
+ *
4
+ * Helpers for registering an off-chain authorization delegate on a position.
5
+ * The delegate lets a Safe-as-borrower delegate LIT Action auth signing to a
6
+ * hot agent EOA without making that EOA a Safe owner. The delegate is read by
7
+ * the LIT Action authorization verifier as a third recovery arm after the
8
+ * EOA `position.borrower` check and the EIP-1271 smart-account fallback.
9
+ *
10
+ * State lives on `PositionDelegateRegistry` (a standalone contract), not on
11
+ * PositionManager — PositionManager is at the 24 KiB Spurious Dragon limit
12
+ * and cannot carry the additional storage + setter without going over.
13
+ */
14
+ import { type Signer, type Provider, type TransactionResponse } from "ethers";
15
+ /**
16
+ * Register (or revoke) the off-chain authorization delegate for a position.
17
+ *
18
+ * Must be called by the position's current `borrower` — for Safe-as-borrower
19
+ * setups, that means the call must go through `safe.execTransaction(...)` or
20
+ * `agentModule.execute(...)` so that `msg.sender` at the registry equals the
21
+ * Safe. Pass `ethers.constants.AddressZero` as `delegate` to revoke.
22
+ *
23
+ * @param positionId Position identifier (bytes32).
24
+ * @param delegate New delegate EOA, or zero address to clear.
25
+ * @param signer Ethers signer that will be `msg.sender` at the registry.
26
+ * @param registryAddress Deployed `PositionDelegateRegistry` address for the chain.
27
+ * @returns The submitted transaction response.
28
+ */
29
+ export declare function setPositionDelegate(positionId: string, delegate: string, signer: Signer, registryAddress: string): Promise<TransactionResponse>;
30
+ /**
31
+ * Read the currently registered delegate for a position.
32
+ *
33
+ * Returns the zero address when no delegate has been registered. Pure view;
34
+ * any provider works (signer not required).
35
+ *
36
+ * @param positionId Position identifier (bytes32).
37
+ * @param provider Ethers provider or signer.
38
+ * @param registryAddress Deployed `PositionDelegateRegistry` address.
39
+ * @returns The delegate EOA, or zero address if none.
40
+ */
41
+ export declare function getPositionDelegate(positionId: string, provider: Provider | Signer, registryAddress: string): Promise<string>;
@@ -0,0 +1,75 @@
1
+ /**
2
+ * Quantum Timing Utility
3
+ *
4
+ * Shared utility for calculating valid quantum timestamps across SDK, tests, and lit-ops.
5
+ *
6
+ * NEW QUANTUM PROTOCOL (60-second 3-window system):
7
+ * - SDK signs for NEXT quantum immediately (no waiting)
8
+ * - 60-second quantum windows
9
+ * - 3-quantum validation (past, current, next) = 180s total validity
10
+ * - Dead zones: first 8s and last 8s of each quantum
11
+ * - Users can operate once per 60 seconds per position
12
+ *
13
+ * Architecture:
14
+ * - SDK uses this to calculate NEXT quantum immediately
15
+ * - Tests use this to generate valid timestamps
16
+ * - LIT Actions validate 3-quantum window with dead zone protection
17
+ */
18
+ /**
19
+ * Calculate a valid quantum timestamp for NEXT quantum (NO WAITING)
20
+ *
21
+ * NEW 60-second quantum system:
22
+ * - Returns NEXT quantum boundary immediately
23
+ * - No waiting for optimal moment
24
+ * - Signature valid for 180 seconds (3 quantums: PAST, CURRENT, NEXT)
25
+ * - User can sign immediately, operation executes within 3-quantum window
26
+ *
27
+ * @returns Promise<number> - Next quantum boundary timestamp
28
+ */
29
+ export declare function calculateValidQuantumTimestamp(): Promise<number>;
30
+ /**
31
+ * Check if a timestamp is in the safe work zone (outside dead zones)
32
+ *
33
+ * @param timestamp - Unix timestamp to check
34
+ * @returns boolean - True if in safe zone (8-52s of any quantum)
35
+ */
36
+ export declare function isInSafeWorkZone(timestamp: number): boolean;
37
+ /**
38
+ * Get current quantum without waiting
39
+ *
40
+ * @returns number - Current quantum timestamp
41
+ */
42
+ export declare function getCurrentQuantum(): number;
43
+ /**
44
+ * Get seconds remaining in current quantum
45
+ *
46
+ * @returns number - Seconds until quantum expires
47
+ */
48
+ export declare function getSecondsUntilQuantumExpiry(): number;
49
+ /**
50
+ * Calculate next quantum timestamp WITHOUT waiting (60-second system)
51
+ *
52
+ * Returns NEXT quantum boundary immediately.
53
+ * No waiting, no optimal moment calculation.
54
+ * Signature valid for 180 seconds (3 quantums).
55
+ *
56
+ * @returns number - Next quantum boundary timestamp
57
+ */
58
+ export declare function calculateNextQuantumTimestamp(): number;
59
+ /**
60
+ * Wait until specific timestamp is reached
61
+ *
62
+ * @param targetTimestamp - Unix timestamp to wait for
63
+ */
64
+ export declare function waitUntilTimestamp(targetTimestamp: number): Promise<void>;
65
+ /**
66
+ * Validate quantum timing (60-second 3-quantum system)
67
+ *
68
+ * Validates that a signed timestamp falls within valid 3-quantum window.
69
+ * With 60-second quantums, signatures are valid for 180 seconds (PAST, CURRENT, NEXT).
70
+ *
71
+ * @param signedTimestamp - Timestamp that was signed by user
72
+ * @param bufferSeconds - Unused in new system (kept for API compatibility)
73
+ * @throws Error if timestamp is invalid
74
+ */
75
+ export declare function validateQuantumTiming(signedTimestamp: number, _bufferSeconds?: number): void;
@@ -0,0 +1,50 @@
1
+ /**
2
+ * In-memory session JWT manager for lit-ops-server.
3
+ *
4
+ * The server's `POST /api/auth/login` route accepts an EIP-712-signed
5
+ * `DhServerLogin` envelope and returns an HS256 JWT with a 15-minute TTL.
6
+ * This helper:
7
+ *
8
+ * - caches the JWT until ~30s before expiry,
9
+ * - coalesces concurrent callers behind a single in-flight Promise so we
10
+ * don't spam `/api/auth/login` on parallel SDK calls,
11
+ * - exposes `getValidToken()` returning the live token and
12
+ * `getAuthHeader()` returning a ready-to-spread `{ Authorization: ... }`
13
+ * object.
14
+ *
15
+ * Browser-safe — no filesystem touches. The CLI mirrors this shape but
16
+ * persists to `~/.diamond-hands/session.json` for cross-invocation reuse.
17
+ */
18
+ import type { Signer } from "ethers";
19
+ export interface ServerSessionOptions {
20
+ signer: Signer;
21
+ serviceEndpoint: string;
22
+ chainId: number;
23
+ /** Override for tests. */
24
+ now?: () => number;
25
+ /** Override for tests. */
26
+ fetchImpl?: typeof fetch;
27
+ }
28
+ export declare class ServerSession {
29
+ private readonly signer;
30
+ private readonly serviceEndpoint;
31
+ private readonly chainId;
32
+ private readonly now;
33
+ private readonly fetchImpl;
34
+ private cached;
35
+ private inFlight;
36
+ constructor(opts: ServerSessionOptions);
37
+ /** Returns a JWT good for at least `REFRESH_LEEWAY_SECONDS` more seconds. */
38
+ getValidToken(): Promise<string>;
39
+ /** Convenience for fetch: spread directly into `headers`. */
40
+ getAuthHeader(): Promise<Record<string, string>>;
41
+ /** Drop the cached token (e.g. on 401 from server). Next call re-logs in. */
42
+ clear(): void;
43
+ /**
44
+ * Revoke the current session JWT on lit-ops-server (`POST /api/auth/logout`).
45
+ * Clears the local cache regardless of server response so the client stops
46
+ * presenting the token.
47
+ */
48
+ logout(): Promise<void>;
49
+ private getOrRefresh;
50
+ }
@@ -0,0 +1,16 @@
1
+ /**
2
+ * Refuses to send session JWTs or signed auth payloads over plaintext HTTP
3
+ * unless the endpoint is loopback. https://* is always allowed; http://localhost,
4
+ * http://127.0.0.1 (and the 127.0.0.0/8 range), and http://[::1] are allowed for
5
+ * local development; everything else throws.
6
+ *
7
+ * Audit L-10: the previous `*.localhost` wildcard was dropped. `.localhost` is reserved to
8
+ * loopback by RFC 6761, but not every resolver honours it strictly — a hostile or misconfigured
9
+ * DNS could resolve `foo.localhost` to an off-host IP and exfiltrate the cleartext token. Exact
10
+ * loopback literals + the numeric 127.0.0.0/8 range can't be DNS-hijacked.
11
+ *
12
+ * IPv4-mapped IPv6 loopback (e.g. `http://[::ffff:127.0.0.1]`) is intentionally NOT accepted: the
13
+ * URL parser normalises it to a hex form (`[::ffff:7f00:1]`) that is fragile to match safely. Use
14
+ * `127.0.0.1`, `::1`, or `localhost` for local development.
15
+ */
16
+ export declare function assertSafeServiceEndpoint(endpoint: string): void;
@@ -0,0 +1,34 @@
1
+ /**
2
+ * Signature Tempering Utility
3
+ *
4
+ * Security testing tool to intentionally corrupt signatures so tests can prove
5
+ * the on-chain validator rejects invalid signatures.
6
+ *
7
+ * WARNING: TESTING ONLY. `maybeTemperSignature` refuses to corrupt signatures
8
+ * when `NODE_ENV === "production"`, regardless of the config flag. The previous
9
+ * behavior (any caller could flip `temperSignaturesTest: true` to corrupt every
10
+ * signature) was an audit finding — the function is now defense-in-depth.
11
+ */
12
+ /**
13
+ * Tempers a signature by modifying the 3rd character with a random valid hex character
14
+ * that differs from the original.
15
+ *
16
+ * @param signature - Original signature (0x prefixed hex string)
17
+ * @returns Tempered signature with 3rd character modified
18
+ *
19
+ * @example
20
+ * const original = "0x1234567890abcdef...";
21
+ * const tempered = temperSignature(original);
22
+ * // tempered = "0x12X4567890abcdef..." where X != 3
23
+ */
24
+ export declare function temperSignature(signature: string): string;
25
+ /**
26
+ * Conditionally tempers a signature based on config flag.
27
+ * Returns original signature if tempering is disabled.
28
+ *
29
+ * @param signature - Original signature
30
+ * @param shouldTemper - Whether to apply tempering
31
+ * @param operationName - Name of operation for logging (optional)
32
+ * @returns Original or tempered signature
33
+ */
34
+ export declare function maybeTemperSignature(signature: string, shouldTemper: boolean | undefined, operationName?: string): string;
@@ -0,0 +1,188 @@
1
+ /**
2
+ * Telegram Messaging Utilities
3
+ *
4
+ * Provides functionality to send messages to Telegram chats using the node-telegram-bot-api package
5
+ */
6
+ /**
7
+ * Send a message to a Telegram chat
8
+ *
9
+ * @param chatId - Telegram chat ID
10
+ * @param chatToken - Telegram bot token
11
+ * @param message - Message to send
12
+ * @param threadId - Optional thread ID for message threads in groups
13
+ * @returns Promise that resolves when message is sent, or rejects on error
14
+ */
15
+ export declare function sendTelegramMessage(chatId: string, chatToken: string, message: string, threadId?: number): Promise<void>;
16
+ /**
17
+ * Format a mint notification message
18
+ *
19
+ * @param mintAmount - Amount minted in UCD
20
+ * @param loanId - Position/loan ID
21
+ * @param txHash - Transaction hash
22
+ * @returns Formatted message string
23
+ */
24
+ export declare function formatMintMessage(mintAmount: number | string, loanId: string, txHash: string): string;
25
+ /**
26
+ * Format a partial payment notification message
27
+ *
28
+ * @param paymentAmount - Amount repaid in UCD
29
+ * @param loanId - Position/loan ID
30
+ * @param txHash - Transaction hash
31
+ * @returns Formatted message string
32
+ */
33
+ export declare function formatPartialPaymentMessage(paymentAmount: number | string, loanId: string, txHash: string): string;
34
+ /**
35
+ * Format a BTC withdrawal notification message
36
+ *
37
+ * @param withdrawalAmount - Amount withdrawn in BTC
38
+ * @param vaultAddress - Bitcoin vault address
39
+ * @param loanId - Position/loan ID
40
+ * @param destinationAddress - Bitcoin destination address
41
+ * @returns Formatted message string
42
+ */
43
+ export declare function formatWithdrawalMessage(withdrawalAmount: number | string, vaultAddress: string, loanId: string, destinationAddress: string): string;
44
+ /**
45
+ * Format a mint failure notification message
46
+ *
47
+ * @param mintAmount - Amount that failed to be minted in UCD
48
+ * @param loanId - Position/loan ID
49
+ * @returns Formatted message string
50
+ */
51
+ export declare function formatMintFailureMessage(mintAmount: number | string, loanId: string): string;
52
+ /**
53
+ * Format a partial payment failure notification message
54
+ *
55
+ * @param paymentAmount - Amount that failed to be repaid in UCD
56
+ * @param loanId - Position/loan ID
57
+ * @param txHash - Optional transaction hash if available
58
+ * @returns Formatted message string
59
+ */
60
+ export declare function formatPartialPaymentFailureMessage(paymentAmount: number | string, loanId: string, txHash?: string): string;
61
+ /**
62
+ * Format a loan creation notification message
63
+ *
64
+ * @param positionId - Position/loan ID
65
+ * @param pkpId - PKP token ID
66
+ * @param vaultAddress - Regtest BTC vault address
67
+ * @returns Formatted message string
68
+ */
69
+ export declare function formatLoanCreationMessage(positionId: string, pkpId: string, vaultAddress?: string): string;
70
+ /**
71
+ * Format a loan creation failure notification message
72
+ *
73
+ * @param error - Error description
74
+ * @returns Formatted message string
75
+ */
76
+ export declare function formatLoanCreationFailureMessage(error: string): string;
77
+ /**
78
+ * Format a BTC withdrawal notification message
79
+ *
80
+ * @param withdrawalAmount - Amount withdrawn in BTC
81
+ * @param loanId - Position/loan ID
82
+ * @param btcTxHash - Bitcoin transaction hash
83
+ * @returns Formatted message string
84
+ */
85
+ export declare function formatBTCWithdrawalMessage(withdrawalAmount: number | string, loanId: string, btcTxHash: string): string;
86
+ /**
87
+ * Format a BTC withdrawal failure notification message
88
+ *
89
+ * @param withdrawalAmount - Amount that failed to be withdrawn in BTC
90
+ * @param btcVault - Bitcoin vault address
91
+ * @param btcDestinationAddress - Bitcoin destination address
92
+ * @param loanId - Position/loan ID
93
+ * @returns Formatted message string
94
+ */
95
+ export declare function formatBTCWithdrawalFailureMessage(withdrawalAmount: number | string, btcVault: string, btcDestinationAddress: string, loanId: string): string;
96
+ /**
97
+ * Format a loan renewal success notification message
98
+ *
99
+ * @param positionId - Position/loan ID
100
+ * @param txHash - Transaction hash
101
+ * @returns Formatted message string
102
+ */
103
+ export declare function formatLoanRenewalMessage(positionId: string, txHash: string): string;
104
+ /**
105
+ * Format a loan renewal failure notification message
106
+ *
107
+ * @param loanId - Position/loan ID
108
+ * @param error - Error description
109
+ * @returns Formatted message string
110
+ */
111
+ export declare function formatLoanRenewalFailureMessage(loanId: string, error: string): string;
112
+ /**
113
+ * Format a balance confirmation success notification message
114
+ *
115
+ * @param loanId - Position/loan ID
116
+ * @returns Formatted message string
117
+ */
118
+ export declare function formatBalanceConfirmationMessage(loanId: string): string;
119
+ /**
120
+ * Format a balance confirmation failure notification message
121
+ *
122
+ * @param loanId - Position/loan ID
123
+ * @returns Formatted message string
124
+ */
125
+ export declare function formatBalanceConfirmationFailureMessage(loanId: string): string;
126
+ /**
127
+ * Format a BTC withdrawal success notification message
128
+ *
129
+ * @param withdrawalAmount - Amount withdrawn in BTC
130
+ * @param btcVault - Bitcoin vault address
131
+ * @param btcDestinationAddress - Bitcoin destination address
132
+ * @param loanId - Position/loan ID
133
+ * @returns Formatted message string
134
+ */
135
+ export declare function formatBTCWithdrawalSuccessMessage(withdrawalAmount: number | string, btcVault: string, btcDestinationAddress: string, loanId: string, btcTxId?: string): string;
136
+ /**
137
+ * Format a liquidation skipped notification message
138
+ *
139
+ * @param loanId - Position/loan ID
140
+ * @param ratio - Current collateral ratio (as percentage)
141
+ * @param threshold - Liquidation threshold (as percentage)
142
+ * @param btcVault - Bitcoin vault address
143
+ * @param btcVaultBalance - BTC vault balance
144
+ * @param ucdDebt - UCD debt amount
145
+ * @param btcPrice - Current BTC price
146
+ * @returns Formatted message string
147
+ */
148
+ export declare function formatLiquidationSkippedMessage(loanId: string, ratio: number | string, threshold: number | string, btcVault: string, btcVaultBalance: string, ucdDebt: string, btcPrice: string): string;
149
+ /**
150
+ * Format a liquidation success notification message
151
+ *
152
+ * @param loanId - Position/loan ID
153
+ * @param ratio - Current collateral ratio (as percentage)
154
+ * @param threshold - Liquidation threshold (as percentage)
155
+ * @param btcVault - Bitcoin vault address
156
+ * @param btcVaultBalance - BTC vault balance
157
+ * @param ucdDebt - UCD debt amount
158
+ * @param btcPrice - Current BTC price
159
+ * @returns Formatted message string
160
+ */
161
+ export declare function formatLiquidationSuccessMessage(loanId: string, ratio: number | string, threshold: number | string, btcVault: string, btcVaultBalance: string, ucdDebt: string, btcPrice: string): string;
162
+ /**
163
+ * Format BTC price from satoshi value to readable USD format
164
+ *
165
+ * @param btcPriceSats - BTC price in satoshis (8 decimals)
166
+ * @returns Formatted BTC price string
167
+ */
168
+ export declare function formatBTCPrice(btcPriceSats: string | number): string;
169
+ /**
170
+ * Format BTC amount to readable BTC format
171
+ * Accepts either satoshi values (converts to BTC) or already formatted BTC values
172
+ *
173
+ * @param btcAmount - BTC amount in satoshis or already in BTC format
174
+ * @returns Formatted BTC amount string
175
+ */
176
+ export declare function formatBTCAmount(btcAmount: string | number): string;
177
+ /**
178
+ * Format a liquidation failure notification message
179
+ *
180
+ * @param loanId - Position/loan ID
181
+ * @param errorMessage - Error message describing the failure
182
+ * @param btcVault - Bitcoin vault address
183
+ * @param btcVaultBalance - BTC vault balance
184
+ * @param ucdDebt - UCD debt amount
185
+ * @param btcPrice - Current BTC price
186
+ * @returns Formatted message string
187
+ */
188
+ export declare function formatLiquidationFailureMessage(loanId: string, errorMessage: string, btcVault: string, btcVaultBalance: string, ucdDebt: string, btcPrice: string): string;
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@gvnrdao/dh-sdk",
3
- "version": "0.0.288",
3
+ "version": "0.0.289",
4
4
  "description": "TypeScript SDK for Diamond Hands Protocol - Bitcoin-backed lending with LIT Protocol PKPs",
5
5
  "main": "dist/index.js",
6
6
  "types": "dist/index.d.ts",