@haneullabs/seal 0.1.0

package/dist/cjs/key-server.js.map

@@ -0,0 +1,7 @@
+{
+  "version": 3,
+  "sources": ["../../src/key-server.ts"],
+  "sourcesContent": ["// Copyright (c) Mysten Labs, Inc.\n// SPDX-License-Identifier: Apache-2.0\nimport { bcs, fromBase64, fromHex, toBase64, toHex } from '@haneullabs/bcs';\nimport { bls12_381 } from '@noble/curves/bls12-381';\n\nimport { KeyServerMove, KeyServerMoveV1 } from './bcs.js';\nimport { InvalidKeyServerError, InvalidKeyServerVersionError, SealAPIError } from './error.js';\nimport { DST_POP } from './ibe.js';\nimport { PACKAGE_VERSION } from './version.js';\nimport type { SealCompatibleClient } from './types.js';\nimport type { G1Element } from './bls12381.js';\nimport { flatten, Version } from './utils.js';\nimport { elgamalDecrypt } from './elgamal.js';\nimport type { Certificate } from './session-key.js';\n\nconst EXPECTED_SERVER_VERSION = 1;\n\nexport type KeyServer = {\n\tobjectId: string;\n\tname: string;\n\turl: string;\n\tkeyType: KeyServerType;\n\tpk: Uint8Array<ArrayBuffer>;\n};\n\nexport enum KeyServerType {\n\tBonehFranklinBLS12381 = 0,\n}\n\nexport const SERVER_VERSION_REQUIREMENT = new Version('0.4.1');\n\n/**\n * Given a list of key server object IDs, returns a list of SealKeyServer\n * from onchain state containing name, objectId, URL and pk.\n *\n * @param objectIds - The key server object IDs.\n * @param client - The HaneulClient to use.\n * @returns - An array of SealKeyServer.\n */\nexport async function retrieveKeyServers({\n\tobjectIds,\n\tclient,\n}: {\n\tobjectIds: string[];\n\tclient: SealCompatibleClient;\n}): Promise<KeyServer[]> {\n\treturn await Promise.all(\n\t\tobjectIds.map(async (objectId) => {\n\t\t\t// First get the KeyServer object and validate it.\n\t\t\tconst res = await client.core.getObject({\n\t\t\t\tobjectId,\n\t\t\t});\n\t\t\tconst ks = KeyServerMove.parse(await res.object.content);\n\t\t\tif (\n\t\t\t\tEXPECTED_SERVER_VERSION < Number(ks.firstVersion) ||\n\t\t\t\tEXPECTED_SERVER_VERSION > Number(ks.lastVersion)\n\t\t\t) {\n\t\t\t\tthrow new InvalidKeyServerVersionError(\n\t\t\t\t\t`Key server ${objectId} supports versions between ${ks.firstVersion} and ${ks.lastVersion} (inclusive), but SDK expects version ${EXPECTED_SERVER_VERSION}`,\n\t\t\t\t);\n\t\t\t}\n\n\t\t\t// Then fetch the expected versioned object and parse it.\n\t\t\tconst resVersionedKs = await client.core.getDynamicField({\n\t\t\t\tparentId: objectId,\n\t\t\t\tname: {\n\t\t\t\t\ttype: 'u64',\n\t\t\t\t\tbcs: bcs.u64().serialize(EXPECTED_SERVER_VERSION).toBytes(),\n\t\t\t\t},\n\t\t\t});\n\n\t\t\tconst ksVersioned = KeyServerMoveV1.parse(resVersionedKs.dynamicField.value.bcs);\n\n\t\t\tif (ksVersioned.keyType !== KeyServerType.BonehFranklinBLS12381) {\n\t\t\t\tthrow new InvalidKeyServerError(\n\t\t\t\t\t`Server ${objectId} has invalid key type: ${ksVersioned.keyType}`,\n\t\t\t\t);\n\t\t\t}\n\n\t\t\treturn {\n\t\t\t\tobjectId,\n\t\t\t\tname: ksVersioned.name,\n\t\t\t\turl: ksVersioned.url,\n\t\t\t\tkeyType: ksVersioned.keyType,\n\t\t\t\tpk: new Uint8Array(ksVersioned.pk),\n\t\t\t};\n\t\t}),\n\t);\n}\n\n/**\n * Given a KeyServer, fetch the proof of possession (PoP) from the URL and verify it\n * against the pubkey. This should be used only rarely when the dapp uses a dynamic\n * set of key servers.\n *\n * @param server - The KeyServer to verify.\n * @returns - True if the key server is valid, false otherwise.\n */\nexport async function verifyKeyServer(\n\tserver: KeyServer,\n\ttimeout: number,\n\tapiKeyName?: string,\n\tapiKey?: string,\n): Promise<boolean> {\n\tconst requestId = crypto.randomUUID();\n\tconst response = await fetch(server.url! + '/v1/service?service_id=' + server.objectId, {\n\t\tmethod: 'GET',\n\t\theaders: {\n\t\t\t'Content-Type': 'application/json',\n\t\t\t'Request-Id': requestId,\n\t\t\t'Client-Sdk-Type': 'typescript',\n\t\t\t'Client-Sdk-Version': PACKAGE_VERSION,\n\t\t\t...(apiKeyName && apiKey ? { [apiKeyName]: apiKey } : {}),\n\t\t},\n\t\tsignal: AbortSignal.timeout(timeout),\n\t});\n\n\tawait SealAPIError.assertResponse(response, requestId);\n\tverifyKeyServerVersion(response);\n\tconst serviceResponse = await response.json();\n\n\tif (serviceResponse.service_id !== server.objectId) {\n\t\treturn false;\n\t}\n\tconst fullMsg = flatten([DST_POP, server.pk, fromHex(server.objectId)]);\n\treturn bls12_381.verifyShortSignature(fromBase64(serviceResponse.pop), fullMsg, server.pk);\n}\n\n/**\n * Verify the key server version. Throws an `InvalidKeyServerError` if the version is not supported.\n *\n * @param response - The response from the key server.\n */\nexport function verifyKeyServerVersion(response: Response) {\n\tconst keyServerVersion = response.headers.get('X-KeyServer-Version');\n\tif (keyServerVersion == null) {\n\t\tthrow new InvalidKeyServerVersionError('Key server version not found');\n\t}\n\tif (new Version(keyServerVersion).older_than(SERVER_VERSION_REQUIREMENT)) {\n\t\tthrow new InvalidKeyServerVersionError(\n\t\t\t`Key server version ${keyServerVersion} is not supported`,\n\t\t);\n\t}\n}\n\nexport interface DerivedKey {\n\ttoString(): string;\n}\n\n/**\n * A user secret key for the Boneh-Franklin BLS12381 scheme.\n * This is a wrapper around the G1Element type.\n */\nexport class BonehFranklinBLS12381DerivedKey implements DerivedKey {\n\trepresentation: string;\n\n\tconstructor(public key: G1Element) {\n\t\tthis.representation = toHex(key.toBytes());\n\t}\n\n\ttoString(): string {\n\t\treturn this.representation;\n\t}\n}\n\n/**\n * Options for fetching keys from the key server.\n */\nexport interface FetchKeysOptions {\n\t/** The URL of the key server. */\n\turl: string;\n\t/** The Base64 string of request signature. */\n\trequestSignature: string;\n\t/** The transaction bytes. */\n\ttransactionBytes: Uint8Array;\n\t/** The ephemeral secret key. */\n\tencKey: Uint8Array<ArrayBuffer>;\n\t/** The ephemeral public key. */\n\tencKeyPk: Uint8Array<ArrayBuffer>;\n\t/** The ephemeral verification key. */\n\tencVerificationKey: Uint8Array;\n\t/** The certificate. */\n\tcertificate: Certificate;\n\t/** Request timeout in milliseconds. */\n\ttimeout: number;\n\t/** Optional API key name. */\n\tapiKeyName?: string;\n\t/** Optional API key. */\n\tapiKey?: string;\n\t/** Optional abort signal for cancellation. */\n\tsignal?: AbortSignal;\n}\n\n/**\n * Helper function to request all keys from URL with requestSig, txBytes, ephemeral pubkey.\n * Then decrypt the Seal key with ephemeral secret key. Returns a list decryption keys with\n * their full IDs.\n *\n * @param url - The URL of the key server.\n * @param requestSig - The Base64 string of request signature.\n * @param txBytes - The transaction bytes.\n * @param encKey - The ephemeral secret key.\n * @param certificate - The certificate.\n * @returns - A list of full ID and the decrypted key.\n */\nexport async function fetchKeysForAllIds({\n\turl,\n\trequestSignature,\n\ttransactionBytes,\n\tencKey,\n\tencKeyPk,\n\tencVerificationKey,\n\tcertificate,\n\ttimeout,\n\tapiKeyName,\n\tapiKey,\n\tsignal,\n}: FetchKeysOptions): Promise<{ fullId: string; key: Uint8Array<ArrayBuffer> }[]> {\n\tconst body = {\n\t\tptb: toBase64(transactionBytes.slice(1)), // removes the byte of the transaction type version\n\t\tenc_key: toBase64(encKeyPk),\n\t\tenc_verification_key: toBase64(encVerificationKey),\n\t\trequest_signature: requestSignature, // already b64\n\t\tcertificate,\n\t};\n\n\tconst timeoutSignal = AbortSignal.timeout(timeout);\n\tconst combinedSignal = signal ? AbortSignal.any([signal, timeoutSignal]) : timeoutSignal;\n\n\tconst requestId = crypto.randomUUID();\n\tconst response = await fetch(url + '/v1/fetch_key', {\n\t\tmethod: 'POST',\n\t\theaders: {\n\t\t\t'Content-Type': 'application/json',\n\t\t\t'Request-Id': requestId,\n\t\t\t'Client-Sdk-Type': 'typescript',\n\t\t\t'Client-Sdk-Version': PACKAGE_VERSION,\n\t\t\t...(apiKeyName && apiKey ? { [apiKeyName]: apiKey } : {}),\n\t\t},\n\t\tbody: JSON.stringify(body),\n\t\tsignal: combinedSignal,\n\t});\n\tawait SealAPIError.assertResponse(response, requestId);\n\tconst resp = await response.json();\n\tverifyKeyServerVersion(response);\n\n\treturn resp.decryption_keys.map(\n\t\t(dk: { id: Uint8Array<ArrayBuffer>; encrypted_key: [string, string] }) => ({\n\t\t\tfullId: toHex(dk.id),\n\t\t\tkey: elgamalDecrypt(encKey, dk.encrypted_key.map(fromBase64) as [Uint8Array, Uint8Array]),\n\t\t}),\n\t);\n}\n"],
+  "mappings": ";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAEA,iBAA0D;AAC1D,uBAA0B;AAE1B,IAAAA,cAA+C;AAC/C,mBAAkF;AAClF,iBAAwB;AACxB,qBAAgC;AAGhC,mBAAiC;AACjC,qBAA+B;AAG/B,MAAM,0BAA0B;AAUzB,IAAK,gBAAL,kBAAKC,mBAAL;AACN,EAAAA,8BAAA,2BAAwB,KAAxB;AADW,SAAAA;AAAA,GAAA;AAIL,MAAM,6BAA6B,IAAI,qBAAQ,OAAO;AAU7D,eAAsB,mBAAmB;AAAA,EACxC;AAAA,EACA;AACD,GAGyB;AACxB,SAAO,MAAM,QAAQ;AAAA,IACpB,UAAU,IAAI,OAAO,aAAa;AAEjC,YAAM,MAAM,MAAM,OAAO,KAAK,UAAU;AAAA,QACvC;AAAA,MACD,CAAC;AACD,YAAM,KAAK,0BAAc,MAAM,MAAM,IAAI,OAAO,OAAO;AACvD,UACC,0BAA0B,OAAO,GAAG,YAAY,KAChD,0BAA0B,OAAO,GAAG,WAAW,GAC9C;AACD,cAAM,IAAI;AAAA,UACT,cAAc,QAAQ,8BAA8B,GAAG,YAAY,QAAQ,GAAG,WAAW,yCAAyC,uBAAuB;AAAA,QAC1J;AAAA,MACD;AAGA,YAAM,iBAAiB,MAAM,OAAO,KAAK,gBAAgB;AAAA,QACxD,UAAU;AAAA,QACV,MAAM;AAAA,UACL,MAAM;AAAA,UACN,KAAK,eAAI,IAAI,EAAE,UAAU,uBAAuB,EAAE,QAAQ;AAAA,QAC3D;AAAA,MACD,CAAC;AAED,YAAM,cAAc,4BAAgB,MAAM,eAAe,aAAa,MAAM,GAAG;AAE/E,UAAI,YAAY,YAAY,+BAAqC;AAChE,cAAM,IAAI;AAAA,UACT,UAAU,QAAQ,0BAA0B,YAAY,OAAO;AAAA,QAChE;AAAA,MACD;AAEA,aAAO;AAAA,QACN;AAAA,QACA,MAAM,YAAY;AAAA,QAClB,KAAK,YAAY;AAAA,QACjB,SAAS,YAAY;AAAA,QACrB,IAAI,IAAI,WAAW,YAAY,EAAE;AAAA,MAClC;AAAA,IACD,CAAC;AAAA,EACF;AACD;AAUA,eAAsB,gBACrB,QACA,SACA,YACA,QACmB;AACnB,QAAM,YAAY,OAAO,WAAW;AACpC,QAAM,WAAW,MAAM,MAAM,OAAO,MAAO,4BAA4B,OAAO,UAAU;AAAA,IACvF,QAAQ;AAAA,IACR,SAAS;AAAA,MACR,gBAAgB;AAAA,MAChB,cAAc;AAAA,MACd,mBAAmB;AAAA,MACnB,sBAAsB;AAAA,MACtB,GAAI,cAAc,SAAS,EAAE,CAAC,UAAU,GAAG,OAAO,IAAI,CAAC;AAAA,IACxD;AAAA,IACA,QAAQ,YAAY,QAAQ,OAAO;AAAA,EACpC,CAAC;AAED,QAAM,0BAAa,eAAe,UAAU,SAAS;AACrD,yBAAuB,QAAQ;AAC/B,QAAM,kBAAkB,MAAM,SAAS,KAAK;AAE5C,MAAI,gBAAgB,eAAe,OAAO,UAAU;AACnD,WAAO;AAAA,EACR;AACA,QAAM,cAAU,sBAAQ,CAAC,oBAAS,OAAO,QAAI,oBAAQ,OAAO,QAAQ,CAAC,CAAC;AACtE,SAAO,2BAAU,yBAAqB,uBAAW,gBAAgB,GAAG,GAAG,SAAS,OAAO,EAAE;AAC1F;AAOO,SAAS,uBAAuB,UAAoB;AAC1D,QAAM,mBAAmB,SAAS,QAAQ,IAAI,qBAAqB;AACnE,MAAI,oBAAoB,MAAM;AAC7B,UAAM,IAAI,0CAA6B,8BAA8B;AAAA,EACtE;AACA,MAAI,IAAI,qBAAQ,gBAAgB,EAAE,WAAW,0BAA0B,GAAG;AACzE,UAAM,IAAI;AAAA,MACT,sBAAsB,gBAAgB;AAAA,IACvC;AAAA,EACD;AACD;AAUO,MAAM,gCAAsD;AAAA,EAGlE,YAAmB,KAAgB;AAAhB;AAClB,SAAK,qBAAiB,kBAAM,IAAI,QAAQ,CAAC;AAAA,EAC1C;AAAA,EAEA,WAAmB;AAClB,WAAO,KAAK;AAAA,EACb;AACD;AA0CA,eAAsB,mBAAmB;AAAA,EACxC;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACD,GAAkF;AACjF,QAAM,OAAO;AAAA,IACZ,SAAK,qBAAS,iBAAiB,MAAM,CAAC,CAAC;AAAA;AAAA,IACvC,aAAS,qBAAS,QAAQ;AAAA,IAC1B,0BAAsB,qBAAS,kBAAkB;AAAA,IACjD,mBAAmB;AAAA;AAAA,IACnB;AAAA,EACD;AAEA,QAAM,gBAAgB,YAAY,QAAQ,OAAO;AACjD,QAAM,iBAAiB,SAAS,YAAY,IAAI,CAAC,QAAQ,aAAa,CAAC,IAAI;AAE3E,QAAM,YAAY,OAAO,WAAW;AACpC,QAAM,WAAW,MAAM,MAAM,MAAM,iBAAiB;AAAA,IACnD,QAAQ;AAAA,IACR,SAAS;AAAA,MACR,gBAAgB;AAAA,MAChB,cAAc;AAAA,MACd,mBAAmB;AAAA,MACnB,sBAAsB;AAAA,MACtB,GAAI,cAAc,SAAS,EAAE,CAAC,UAAU,GAAG,OAAO,IAAI,CAAC;AAAA,IACxD;AAAA,IACA,MAAM,KAAK,UAAU,IAAI;AAAA,IACzB,QAAQ;AAAA,EACT,CAAC;AACD,QAAM,0BAAa,eAAe,UAAU,SAAS;AACrD,QAAM,OAAO,MAAM,SAAS,KAAK;AACjC,yBAAuB,QAAQ;AAE/B,SAAO,KAAK,gBAAgB;AAAA,IAC3B,CAAC,QAA0E;AAAA,MAC1E,YAAQ,kBAAM,GAAG,EAAE;AAAA,MACnB,SAAK,+BAAe,QAAQ,GAAG,cAAc,IAAI,qBAAU,CAA6B;AAAA,IACzF;AAAA,EACD;AACD;",
+  "names": ["import_bcs", "KeyServerType"]
+}

package/dist/cjs/package.json

@@ -0,0 +1,5 @@
+{
+  "private": true,
+  "type": "commonjs",
+  "sideEffects": false
+}

package/dist/cjs/session-key.d.ts

@@ -0,0 +1,74 @@
+import type { Signer } from '@haneullabs/haneul/cryptography';
+import type { SealCompatibleClient } from './types.js';
+export declare const RequestFormat: import("@haneullabs/bcs").BcsStruct<{
+    ptb: import("@haneullabs/bcs").BcsType<Uint8Array<ArrayBufferLike>, Iterable<number>, "vector<u8>">;
+    encKey: import("@haneullabs/bcs").BcsType<Uint8Array<ArrayBufferLike>, Iterable<number>, "vector<u8>">;
+    encVerificationKey: import("@haneullabs/bcs").BcsType<Uint8Array<ArrayBufferLike>, Iterable<number>, "vector<u8>">;
+}, string>;
+export type Certificate = {
+    user: string;
+    session_vk: string;
+    creation_time: number;
+    ttl_min: number;
+    signature: string;
+    mvr_name?: string;
+};
+export type ExportedSessionKey = {
+    address: string;
+    packageId: string;
+    mvrName?: string;
+    creationTimeMs: number;
+    ttlMin: number;
+    personalMessageSignature?: string;
+    sessionKey: string;
+};
+export declare class SessionKey {
+    #private;
+    private constructor();
+    /**
+     * Create a new SessionKey instance.
+     * @param address - The address of the user.
+     * @param packageId - The ID of the package.
+     * @param mvrName - Optional. The name of the MVR, if there is one.
+     * @param ttlMin - The TTL in minutes.
+     * @param signer - Optional. The signer instance, e.g. EnokiSigner.
+     * @param haneulClient - The Haneul client.
+     * @returns A new SessionKey instance.
+     */
+    static create({ address, packageId, mvrName, ttlMin, signer, haneulClient, }: {
+        address: string;
+        packageId: string;
+        mvrName?: string;
+        ttlMin: number;
+        signer?: Signer;
+        haneulClient: SealCompatibleClient;
+    }): Promise<SessionKey>;
+    isExpired(): boolean;
+    getAddress(): string;
+    getPackageName(): string;
+    getPackageId(): string;
+    getPersonalMessage(): Uint8Array;
+    setPersonalMessageSignature(personalMessageSignature: string): Promise<void>;
+    getCertificate(): Promise<Certificate>;
+    /**
+     * Create request params for the given transaction bytes.
+     * @param txBytes - The transaction bytes.
+     * @returns The request params containing the ephemeral secret key,
+     * its public key and its verification key.
+     */
+    createRequestParams(txBytes: Uint8Array): Promise<{
+        encKey: Uint8Array<ArrayBuffer>;
+        encKeyPk: Uint8Array<ArrayBuffer>;
+        encVerificationKey: Uint8Array<ArrayBuffer>;
+        requestSignature: string;
+    }>;
+    /**
+     * Export the Session Key object from the instance. Store the object in IndexedDB to persist.
+     */
+    export(): ExportedSessionKey;
+    /**
+     * Restore a SessionKey instance for the given object.
+     * @returns A new SessionKey instance with restored state
+     */
+    static import(data: ExportedSessionKey, haneulClient: SealCompatibleClient, signer?: Signer): SessionKey;
+}

package/dist/cjs/session-key.js

@@ -0,0 +1,245 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __typeError = (msg) => {
+  throw TypeError(msg);
+};
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var __accessCheck = (obj, member, msg) => member.has(obj) || __typeError("Cannot " + msg);
+var __privateGet = (obj, member, getter) => (__accessCheck(obj, member, "read from private field"), getter ? getter.call(obj) : member.get(obj));
+var __privateAdd = (obj, member, value) => member.has(obj) ? __typeError("Cannot add the same private member more than once") : member instanceof WeakSet ? member.add(obj) : member.set(obj, value);
+var __privateSet = (obj, member, value, setter) => (__accessCheck(obj, member, "write to private field"), setter ? setter.call(obj, value) : member.set(obj, value), value);
+var session_key_exports = {};
+__export(session_key_exports, {
+  RequestFormat: () => RequestFormat,
+  SessionKey: () => SessionKey
+});
+module.exports = __toCommonJS(session_key_exports);
+var import_bcs = require("@haneullabs/bcs");
+var import_bcs2 = require("@haneullabs/haneul/bcs");
+var import_ed25519 = require("@haneullabs/haneul/keypairs/ed25519");
+var import_utils = require("@haneullabs/haneul/utils");
+var import_verify = require("@haneullabs/haneul/verify");
+var import_elgamal = require("./elgamal.js");
+var import_error = require("./error.js");
+var _address, _packageId, _mvrName, _creationTimeMs, _ttlMin, _sessionKey, _personalMessageSignature, _signer, _haneulClient;
+const RequestFormat = import_bcs2.bcs.struct("RequestFormat", {
+  ptb: import_bcs2.bcs.byteVector(),
+  encKey: import_bcs2.bcs.byteVector(),
+  encVerificationKey: import_bcs2.bcs.byteVector()
+});
+const _SessionKey = class _SessionKey {
+  constructor({
+    address,
+    packageId,
+    mvrName,
+    ttlMin,
+    signer,
+    haneulClient
+  }) {
+    __privateAdd(this, _address);
+    __privateAdd(this, _packageId);
+    __privateAdd(this, _mvrName);
+    __privateAdd(this, _creationTimeMs);
+    __privateAdd(this, _ttlMin);
+    __privateAdd(this, _sessionKey);
+    __privateAdd(this, _personalMessageSignature);
+    __privateAdd(this, _signer);
+    __privateAdd(this, _haneulClient);
+    if (mvrName && !(0, import_utils.isValidNamedPackage)(mvrName)) {
+      throw new import_error.UserError(`Invalid package name ${mvrName}`);
+    }
+    if (!(0, import_utils.isValidHaneulObjectId)(packageId) || !(0, import_utils.isValidHaneulAddress)(address)) {
+      throw new import_error.UserError(`Invalid package ID ${packageId} or address ${address}`);
+    }
+    if (ttlMin > 30 || ttlMin < 1) {
+      throw new import_error.UserError(`Invalid TTL ${ttlMin}, must be between 1 and 30`);
+    }
+    if (signer && signer.getPublicKey().toHaneulAddress() !== address) {
+      throw new import_error.UserError("Signer address does not match session key address");
+    }
+    __privateSet(this, _address, address);
+    __privateSet(this, _packageId, packageId);
+    __privateSet(this, _mvrName, mvrName);
+    __privateSet(this, _creationTimeMs, Date.now());
+    __privateSet(this, _ttlMin, ttlMin);
+    __privateSet(this, _sessionKey, import_ed25519.Ed25519Keypair.generate());
+    __privateSet(this, _signer, signer);
+    __privateSet(this, _haneulClient, haneulClient);
+  }
+  /**
+   * Create a new SessionKey instance.
+   * @param address - The address of the user.
+   * @param packageId - The ID of the package.
+   * @param mvrName - Optional. The name of the MVR, if there is one.
+   * @param ttlMin - The TTL in minutes.
+   * @param signer - Optional. The signer instance, e.g. EnokiSigner.
+   * @param haneulClient - The Haneul client.
+   * @returns A new SessionKey instance.
+   */
+  static async create({
+    address,
+    packageId,
+    mvrName,
+    ttlMin,
+    signer,
+    haneulClient
+  }) {
+    const packageObj = await haneulClient.core.getObject({ objectId: packageId });
+    if (String(packageObj.object.version) !== "1") {
+      throw new import_error.InvalidPackageError(`Package ${packageId} is not the first version`);
+    }
+    return new _SessionKey({
+      address,
+      packageId,
+      mvrName,
+      ttlMin,
+      signer,
+      haneulClient
+    });
+  }
+  isExpired() {
+    return __privateGet(this, _creationTimeMs) + __privateGet(this, _ttlMin) * 60 * 1e3 - 1e4 < Date.now();
+  }
+  getAddress() {
+    return __privateGet(this, _address);
+  }
+  getPackageName() {
+    if (__privateGet(this, _mvrName)) {
+      return __privateGet(this, _mvrName);
+    }
+    return __privateGet(this, _packageId);
+  }
+  getPackageId() {
+    return __privateGet(this, _packageId);
+  }
+  getPersonalMessage() {
+    const creationTimeUtc = new Date(__privateGet(this, _creationTimeMs)).toISOString().slice(0, 19).replace("T", " ") + " UTC";
+    const message = `Accessing keys of package ${this.getPackageName()} for ${__privateGet(this, _ttlMin)} mins from ${creationTimeUtc}, session key ${(0, import_bcs.toBase64)(__privateGet(this, _sessionKey).getPublicKey().toRawBytes())}`;
+    return new TextEncoder().encode(message);
+  }
+  async setPersonalMessageSignature(personalMessageSignature) {
+    if (!__privateGet(this, _personalMessageSignature)) {
+      try {
+        await (0, import_verify.verifyPersonalMessageSignature)(this.getPersonalMessage(), personalMessageSignature, {
+          address: __privateGet(this, _address),
+          client: __privateGet(this, _haneulClient)
+        });
+        __privateSet(this, _personalMessageSignature, personalMessageSignature);
+      } catch {
+        throw new import_error.InvalidPersonalMessageSignatureError("Not valid");
+      }
+    }
+  }
+  async getCertificate() {
+    if (!__privateGet(this, _personalMessageSignature)) {
+      if (__privateGet(this, _signer)) {
+        const { signature } = await __privateGet(this, _signer).signPersonalMessage(this.getPersonalMessage());
+        __privateSet(this, _personalMessageSignature, signature);
+      } else {
+        throw new import_error.InvalidPersonalMessageSignatureError("Personal message signature is not set");
+      }
+    }
+    return {
+      user: __privateGet(this, _address),
+      session_vk: (0, import_bcs.toBase64)(__privateGet(this, _sessionKey).getPublicKey().toRawBytes()),
+      creation_time: __privateGet(this, _creationTimeMs),
+      ttl_min: __privateGet(this, _ttlMin),
+      signature: __privateGet(this, _personalMessageSignature),
+      mvr_name: __privateGet(this, _mvrName)
+    };
+  }
+  /**
+   * Create request params for the given transaction bytes.
+   * @param txBytes - The transaction bytes.
+   * @returns The request params containing the ephemeral secret key,
+   * its public key and its verification key.
+   */
+  async createRequestParams(txBytes) {
+    if (this.isExpired()) {
+      throw new import_error.ExpiredSessionKeyError();
+    }
+    const encKey = (0, import_elgamal.generateSecretKey)();
+    const encKeyPk = (0, import_elgamal.toPublicKey)(encKey);
+    const encVerificationKey = (0, import_elgamal.toVerificationKey)(encKey);
+    const msgToSign = RequestFormat.serialize({
+      ptb: txBytes.slice(1),
+      encKey: encKeyPk,
+      encVerificationKey
+    }).toBytes();
+    return {
+      encKey,
+      encKeyPk,
+      encVerificationKey,
+      requestSignature: (0, import_bcs.toBase64)(await __privateGet(this, _sessionKey).sign(msgToSign))
+    };
+  }
+  /**
+   * Export the Session Key object from the instance. Store the object in IndexedDB to persist.
+   */
+  export() {
+    const obj = {
+      address: __privateGet(this, _address),
+      packageId: __privateGet(this, _packageId),
+      mvrName: __privateGet(this, _mvrName),
+      creationTimeMs: __privateGet(this, _creationTimeMs),
+      ttlMin: __privateGet(this, _ttlMin),
+      personalMessageSignature: __privateGet(this, _personalMessageSignature),
+      sessionKey: __privateGet(this, _sessionKey).getSecretKey()
+      // bech32 encoded string
+    };
+    Object.defineProperty(obj, "toJSON", {
+      enumerable: false,
+      value: () => {
+        throw new Error("This object is not serializable");
+      }
+    });
+    return obj;
+  }
+  /**
+   * Restore a SessionKey instance for the given object.
+   * @returns A new SessionKey instance with restored state
+   */
+  static import(data, haneulClient, signer) {
+    const instance = new _SessionKey({
+      address: data.address,
+      packageId: data.packageId,
+      mvrName: data.mvrName,
+      ttlMin: data.ttlMin,
+      signer,
+      haneulClient
+    });
+    __privateSet(instance, _creationTimeMs, data.creationTimeMs);
+    __privateSet(instance, _sessionKey, import_ed25519.Ed25519Keypair.fromSecretKey(data.sessionKey));
+    __privateSet(instance, _personalMessageSignature, data.personalMessageSignature);
+    if (instance.isExpired()) {
+      throw new import_error.ExpiredSessionKeyError();
+    }
+    return instance;
+  }
+};
+_address = new WeakMap();
+_packageId = new WeakMap();
+_mvrName = new WeakMap();
+_creationTimeMs = new WeakMap();
+_ttlMin = new WeakMap();
+_sessionKey = new WeakMap();
+_personalMessageSignature = new WeakMap();
+_signer = new WeakMap();
+_haneulClient = new WeakMap();
+let SessionKey = _SessionKey;
+//# sourceMappingURL=session-key.js.map

package/dist/cjs/session-key.js.map

@@ -0,0 +1,7 @@
+{
+  "version": 3,
+  "sources": ["../../src/session-key.ts"],
+  "sourcesContent": ["// Copyright (c) Mysten Labs, Inc.\n// SPDX-License-Identifier: Apache-2.0\n\nimport { toBase64 } from '@haneullabs/bcs';\nimport { bcs } from '@haneullabs/haneul/bcs';\nimport type { Signer } from '@haneullabs/haneul/cryptography';\nimport { Ed25519Keypair } from '@haneullabs/haneul/keypairs/ed25519';\nimport { isValidNamedPackage, isValidHaneulAddress, isValidHaneulObjectId } from '@haneullabs/haneul/utils';\nimport { verifyPersonalMessageSignature } from '@haneullabs/haneul/verify';\nimport { generateSecretKey, toPublicKey, toVerificationKey } from './elgamal.js';\nimport {\n\tExpiredSessionKeyError,\n\tInvalidPackageError,\n\tInvalidPersonalMessageSignatureError,\n\tUserError,\n} from './error.js';\nimport type { SealCompatibleClient } from './types.js';\n\nexport const RequestFormat = bcs.struct('RequestFormat', {\n\tptb: bcs.byteVector(),\n\tencKey: bcs.byteVector(),\n\tencVerificationKey: bcs.byteVector(),\n});\n\nexport type Certificate = {\n\tuser: string;\n\tsession_vk: string;\n\tcreation_time: number;\n\tttl_min: number;\n\tsignature: string;\n\tmvr_name?: string;\n};\n\nexport type ExportedSessionKey = {\n\taddress: string;\n\tpackageId: string;\n\tmvrName?: string;\n\tcreationTimeMs: number;\n\tttlMin: number;\n\tpersonalMessageSignature?: string;\n\tsessionKey: string;\n};\n\nexport class SessionKey {\n\t#address: string;\n\t#packageId: string;\n\t#mvrName?: string;\n\t#creationTimeMs: number;\n\t#ttlMin: number;\n\t#sessionKey: Ed25519Keypair;\n\t#personalMessageSignature?: string;\n\t#signer?: Signer;\n\t#haneulClient: SealCompatibleClient;\n\n\tprivate constructor({\n\t\taddress,\n\t\tpackageId,\n\t\tmvrName,\n\t\tttlMin,\n\t\tsigner,\n\t\thaneulClient,\n\t}: {\n\t\taddress: string;\n\t\tpackageId: string;\n\t\tmvrName?: string;\n\t\tttlMin: number;\n\t\tsigner?: Signer;\n\t\thaneulClient: SealCompatibleClient;\n\t}) {\n\t\tif (mvrName && !isValidNamedPackage(mvrName)) {\n\t\t\tthrow new UserError(`Invalid package name ${mvrName}`);\n\t\t}\n\t\tif (!isValidHaneulObjectId(packageId) || !isValidHaneulAddress(address)) {\n\t\t\tthrow new UserError(`Invalid package ID ${packageId} or address ${address}`);\n\t\t}\n\t\tif (ttlMin > 30 || ttlMin < 1) {\n\t\t\tthrow new UserError(`Invalid TTL ${ttlMin}, must be between 1 and 30`);\n\t\t}\n\t\tif (signer && signer.getPublicKey().toHaneulAddress() !== address) {\n\t\t\tthrow new UserError('Signer address does not match session key address');\n\t\t}\n\n\t\tthis.#address = address;\n\t\tthis.#packageId = packageId;\n\t\tthis.#mvrName = mvrName;\n\t\tthis.#creationTimeMs = Date.now();\n\t\tthis.#ttlMin = ttlMin;\n\t\tthis.#sessionKey = Ed25519Keypair.generate();\n\t\tthis.#signer = signer;\n\t\tthis.#haneulClient = haneulClient;\n\t}\n\n\t/**\n\t * Create a new SessionKey instance.\n\t * @param address - The address of the user.\n\t * @param packageId - The ID of the package.\n\t * @param mvrName - Optional. The name of the MVR, if there is one.\n\t * @param ttlMin - The TTL in minutes.\n\t * @param signer - Optional. The signer instance, e.g. EnokiSigner.\n\t * @param haneulClient - The Haneul client.\n\t * @returns A new SessionKey instance.\n\t */\n\tstatic async create({\n\t\taddress,\n\t\tpackageId,\n\t\tmvrName,\n\t\tttlMin,\n\t\tsigner,\n\t\thaneulClient,\n\t}: {\n\t\taddress: string;\n\t\tpackageId: string;\n\t\tmvrName?: string;\n\t\tttlMin: number;\n\t\tsigner?: Signer;\n\t\thaneulClient: SealCompatibleClient;\n\t}): Promise<SessionKey> {\n\t\tconst packageObj = await haneulClient.core.getObject({ objectId: packageId });\n\t\tif (String(packageObj.object.version) !== '1') {\n\t\t\tthrow new InvalidPackageError(`Package ${packageId} is not the first version`);\n\t\t}\n\n\t\treturn new SessionKey({\n\t\t\taddress,\n\t\t\tpackageId,\n\t\t\tmvrName,\n\t\t\tttlMin,\n\t\t\tsigner,\n\t\t\thaneulClient,\n\t\t});\n\t}\n\tisExpired(): boolean {\n\t\t// Allow 10 seconds for clock skew\n\t\treturn this.#creationTimeMs + this.#ttlMin * 60 * 1000 - 10_000 < Date.now();\n\t}\n\n\tgetAddress(): string {\n\t\treturn this.#address;\n\t}\n\n\tgetPackageName(): string {\n\t\tif (this.#mvrName) {\n\t\t\treturn this.#mvrName;\n\t\t}\n\t\treturn this.#packageId;\n\t}\n\n\tgetPackageId(): string {\n\t\treturn this.#packageId;\n\t}\n\n\tgetPersonalMessage(): Uint8Array {\n\t\tconst creationTimeUtc =\n\t\t\tnew Date(this.#creationTimeMs).toISOString().slice(0, 19).replace('T', ' ') + ' UTC';\n\t\tconst message = `Accessing keys of package ${this.getPackageName()} for ${this.#ttlMin} mins from ${creationTimeUtc}, session key ${toBase64(this.#sessionKey.getPublicKey().toRawBytes())}`;\n\t\treturn new TextEncoder().encode(message);\n\t}\n\n\tasync setPersonalMessageSignature(personalMessageSignature: string) {\n\t\tif (!this.#personalMessageSignature) {\n\t\t\ttry {\n\t\t\t\tawait verifyPersonalMessageSignature(this.getPersonalMessage(), personalMessageSignature, {\n\t\t\t\t\taddress: this.#address,\n\t\t\t\t\tclient: this.#haneulClient,\n\t\t\t\t});\n\t\t\t\tthis.#personalMessageSignature = personalMessageSignature;\n\t\t\t} catch {\n\t\t\t\tthrow new InvalidPersonalMessageSignatureError('Not valid');\n\t\t\t}\n\t\t}\n\t}\n\n\tasync getCertificate(): Promise<Certificate> {\n\t\tif (!this.#personalMessageSignature) {\n\t\t\tif (this.#signer) {\n\t\t\t\tconst { signature } = await this.#signer.signPersonalMessage(this.getPersonalMessage());\n\t\t\t\tthis.#personalMessageSignature = signature;\n\t\t\t} else {\n\t\t\t\tthrow new InvalidPersonalMessageSignatureError('Personal message signature is not set');\n\t\t\t}\n\t\t}\n\t\treturn {\n\t\t\tuser: this.#address,\n\t\t\tsession_vk: toBase64(this.#sessionKey.getPublicKey().toRawBytes()),\n\t\t\tcreation_time: this.#creationTimeMs,\n\t\t\tttl_min: this.#ttlMin,\n\t\t\tsignature: this.#personalMessageSignature,\n\t\t\tmvr_name: this.#mvrName,\n\t\t};\n\t}\n\n\t/**\n\t * Create request params for the given transaction bytes.\n\t * @param txBytes - The transaction bytes.\n\t * @returns The request params containing the ephemeral secret key,\n\t * its public key and its verification key.\n\t */\n\tasync createRequestParams(txBytes: Uint8Array): Promise<{\n\t\tencKey: Uint8Array<ArrayBuffer>;\n\t\tencKeyPk: Uint8Array<ArrayBuffer>;\n\t\tencVerificationKey: Uint8Array<ArrayBuffer>;\n\t\trequestSignature: string;\n\t}> {\n\t\tif (this.isExpired()) {\n\t\t\tthrow new ExpiredSessionKeyError();\n\t\t}\n\t\tconst encKey = generateSecretKey();\n\t\tconst encKeyPk = toPublicKey(encKey);\n\t\tconst encVerificationKey = toVerificationKey(encKey);\n\n\t\tconst msgToSign = RequestFormat.serialize({\n\t\t\tptb: txBytes.slice(1),\n\t\t\tencKey: encKeyPk,\n\t\t\tencVerificationKey,\n\t\t}).toBytes();\n\t\treturn {\n\t\t\tencKey,\n\t\t\tencKeyPk,\n\t\t\tencVerificationKey,\n\t\t\trequestSignature: toBase64(await this.#sessionKey.sign(msgToSign)),\n\t\t};\n\t}\n\n\t/**\n\t * Export the Session Key object from the instance. Store the object in IndexedDB to persist.\n\t */\n\texport(): ExportedSessionKey {\n\t\tconst obj = {\n\t\t\taddress: this.#address,\n\t\t\tpackageId: this.#packageId,\n\t\t\tmvrName: this.#mvrName,\n\t\t\tcreationTimeMs: this.#creationTimeMs,\n\t\t\tttlMin: this.#ttlMin,\n\t\t\tpersonalMessageSignature: this.#personalMessageSignature,\n\t\t\tsessionKey: this.#sessionKey.getSecretKey(), // bech32 encoded string\n\t\t};\n\n\t\tObject.defineProperty(obj, 'toJSON', {\n\t\t\tenumerable: false,\n\t\t\tvalue: () => {\n\t\t\t\tthrow new Error('This object is not serializable');\n\t\t\t},\n\t\t});\n\t\treturn obj;\n\t}\n\n\t/**\n\t * Restore a SessionKey instance for the given object.\n\t * @returns A new SessionKey instance with restored state\n\t */\n\tstatic import(\n\t\tdata: ExportedSessionKey,\n\t\thaneulClient: SealCompatibleClient,\n\t\tsigner?: Signer,\n\t): SessionKey {\n\t\tconst instance = new SessionKey({\n\t\t\taddress: data.address,\n\t\t\tpackageId: data.packageId,\n\t\t\tmvrName: data.mvrName,\n\t\t\tttlMin: data.ttlMin,\n\t\t\tsigner,\n\t\t\thaneulClient,\n\t\t});\n\n\t\tinstance.#creationTimeMs = data.creationTimeMs;\n\t\tinstance.#sessionKey = Ed25519Keypair.fromSecretKey(data.sessionKey);\n\t\tinstance.#personalMessageSignature = data.personalMessageSignature;\n\n\t\tif (instance.isExpired()) {\n\t\t\tthrow new ExpiredSessionKeyError();\n\t\t}\n\t\treturn instance;\n\t}\n}\n"],
+  "mappings": ";;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAGA,iBAAyB;AACzB,IAAAA,cAAoB;AAEpB,qBAA+B;AAC/B,mBAAiF;AACjF,oBAA+C;AAC/C,qBAAkE;AAClE,mBAKO;AAfP;AAkBO,MAAM,gBAAgB,gBAAI,OAAO,iBAAiB;AAAA,EACxD,KAAK,gBAAI,WAAW;AAAA,EACpB,QAAQ,gBAAI,WAAW;AAAA,EACvB,oBAAoB,gBAAI,WAAW;AACpC,CAAC;AAqBM,MAAM,cAAN,MAAM,YAAW;AAAA,EAWf,YAAY;AAAA,IACnB;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACD,GAOG;AAxBH;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAiBC,QAAI,WAAW,KAAC,kCAAoB,OAAO,GAAG;AAC7C,YAAM,IAAI,uBAAU,wBAAwB,OAAO,EAAE;AAAA,IACtD;AACA,QAAI,KAAC,oCAAsB,SAAS,KAAK,KAAC,mCAAqB,OAAO,GAAG;AACxE,YAAM,IAAI,uBAAU,sBAAsB,SAAS,eAAe,OAAO,EAAE;AAAA,IAC5E;AACA,QAAI,SAAS,MAAM,SAAS,GAAG;AAC9B,YAAM,IAAI,uBAAU,eAAe,MAAM,4BAA4B;AAAA,IACtE;AACA,QAAI,UAAU,OAAO,aAAa,EAAE,gBAAgB,MAAM,SAAS;AAClE,YAAM,IAAI,uBAAU,mDAAmD;AAAA,IACxE;AAEA,uBAAK,UAAW;AAChB,uBAAK,YAAa;AAClB,uBAAK,UAAW;AAChB,uBAAK,iBAAkB,KAAK,IAAI;AAChC,uBAAK,SAAU;AACf,uBAAK,aAAc,8BAAe,SAAS;AAC3C,uBAAK,SAAU;AACf,uBAAK,eAAgB;AAAA,EACtB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAYA,aAAa,OAAO;AAAA,IACnB;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACD,GAOwB;AACvB,UAAM,aAAa,MAAM,aAAa,KAAK,UAAU,EAAE,UAAU,UAAU,CAAC;AAC5E,QAAI,OAAO,WAAW,OAAO,OAAO,MAAM,KAAK;AAC9C,YAAM,IAAI,iCAAoB,WAAW,SAAS,2BAA2B;AAAA,IAC9E;AAEA,WAAO,IAAI,YAAW;AAAA,MACrB;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,IACD,CAAC;AAAA,EACF;AAAA,EACA,YAAqB;AAEpB,WAAO,mBAAK,mBAAkB,mBAAK,WAAU,KAAK,MAAO,MAAS,KAAK,IAAI;AAAA,EAC5E;AAAA,EAEA,aAAqB;AACpB,WAAO,mBAAK;AAAA,EACb;AAAA,EAEA,iBAAyB;AACxB,QAAI,mBAAK,WAAU;AAClB,aAAO,mBAAK;AAAA,IACb;AACA,WAAO,mBAAK;AAAA,EACb;AAAA,EAEA,eAAuB;AACtB,WAAO,mBAAK;AAAA,EACb;AAAA,EAEA,qBAAiC;AAChC,UAAM,kBACL,IAAI,KAAK,mBAAK,gBAAe,EAAE,YAAY,EAAE,MAAM,GAAG,EAAE,EAAE,QAAQ,KAAK,GAAG,IAAI;AAC/E,UAAM,UAAU,6BAA6B,KAAK,eAAe,CAAC,QAAQ,mBAAK,QAAO,cAAc,eAAe,qBAAiB,qBAAS,mBAAK,aAAY,aAAa,EAAE,WAAW,CAAC,CAAC;AAC1L,WAAO,IAAI,YAAY,EAAE,OAAO,OAAO;AAAA,EACxC;AAAA,EAEA,MAAM,4BAA4B,0BAAkC;AACnE,QAAI,CAAC,mBAAK,4BAA2B;AACpC,UAAI;AACH,kBAAM,8CAA+B,KAAK,mBAAmB,GAAG,0BAA0B;AAAA,UACzF,SAAS,mBAAK;AAAA,UACd,QAAQ,mBAAK;AAAA,QACd,CAAC;AACD,2BAAK,2BAA4B;AAAA,MAClC,QAAQ;AACP,cAAM,IAAI,kDAAqC,WAAW;AAAA,MAC3D;AAAA,IACD;AAAA,EACD;AAAA,EAEA,MAAM,iBAAuC;AAC5C,QAAI,CAAC,mBAAK,4BAA2B;AACpC,UAAI,mBAAK,UAAS;AACjB,cAAM,EAAE,UAAU,IAAI,MAAM,mBAAK,SAAQ,oBAAoB,KAAK,mBAAmB,CAAC;AACtF,2BAAK,2BAA4B;AAAA,MAClC,OAAO;AACN,cAAM,IAAI,kDAAqC,uCAAuC;AAAA,MACvF;AAAA,IACD;AACA,WAAO;AAAA,MACN,MAAM,mBAAK;AAAA,MACX,gBAAY,qBAAS,mBAAK,aAAY,aAAa,EAAE,WAAW,CAAC;AAAA,MACjE,eAAe,mBAAK;AAAA,MACpB,SAAS,mBAAK;AAAA,MACd,WAAW,mBAAK;AAAA,MAChB,UAAU,mBAAK;AAAA,IAChB;AAAA,EACD;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,oBAAoB,SAKvB;AACF,QAAI,KAAK,UAAU,GAAG;AACrB,YAAM,IAAI,oCAAuB;AAAA,IAClC;AACA,UAAM,aAAS,kCAAkB;AACjC,UAAM,eAAW,4BAAY,MAAM;AACnC,UAAM,yBAAqB,kCAAkB,MAAM;AAEnD,UAAM,YAAY,cAAc,UAAU;AAAA,MACzC,KAAK,QAAQ,MAAM,CAAC;AAAA,MACpB,QAAQ;AAAA,MACR;AAAA,IACD,CAAC,EAAE,QAAQ;AACX,WAAO;AAAA,MACN;AAAA,MACA;AAAA,MACA;AAAA,MACA,sBAAkB,qBAAS,MAAM,mBAAK,aAAY,KAAK,SAAS,CAAC;AAAA,IAClE;AAAA,EACD;AAAA;AAAA;AAAA;AAAA,EAKA,SAA6B;AAC5B,UAAM,MAAM;AAAA,MACX,SAAS,mBAAK;AAAA,MACd,WAAW,mBAAK;AAAA,MAChB,SAAS,mBAAK;AAAA,MACd,gBAAgB,mBAAK;AAAA,MACrB,QAAQ,mBAAK;AAAA,MACb,0BAA0B,mBAAK;AAAA,MAC/B,YAAY,mBAAK,aAAY,aAAa;AAAA;AAAA,IAC3C;AAEA,WAAO,eAAe,KAAK,UAAU;AAAA,MACpC,YAAY;AAAA,MACZ,OAAO,MAAM;AACZ,cAAM,IAAI,MAAM,iCAAiC;AAAA,MAClD;AAAA,IACD,CAAC;AACD,WAAO;AAAA,EACR;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,OAAO,OACN,MACA,cACA,QACa;AACb,UAAM,WAAW,IAAI,YAAW;AAAA,MAC/B,SAAS,KAAK;AAAA,MACd,WAAW,KAAK;AAAA,MAChB,SAAS,KAAK;AAAA,MACd,QAAQ,KAAK;AAAA,MACb;AAAA,MACA;AAAA,IACD,CAAC;AAED,2BAAS,iBAAkB,KAAK;AAChC,2BAAS,aAAc,8BAAe,cAAc,KAAK,UAAU;AACnE,2BAAS,2BAA4B,KAAK;AAE1C,QAAI,SAAS,UAAU,GAAG;AACzB,YAAM,IAAI,oCAAuB;AAAA,IAClC;AACA,WAAO;AAAA,EACR;AACD;AArOC;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AATM,IAAM,aAAN;",
+  "names": ["import_bcs"]
+}

package/dist/cjs/shamir.d.ts

@@ -0,0 +1,91 @@
+/**
+ * A field element in the Rijndael finite field GF(2⁸) with a fixed generator g = 0x03.
+ */
+export declare class GF256 {
+    value: number;
+    constructor(value: number);
+    log(): number;
+    static exp(x: number): GF256;
+    add(other: GF256): GF256;
+    sub(other: GF256): GF256;
+    neg(): GF256;
+    mul(other: GF256): GF256;
+    div(other: GF256): GF256;
+    equals(other: GF256): boolean;
+    static zero(): GF256;
+    static one(): GF256;
+}
+/**
+ * A polynomial over the field GF(2⁸).
+ */
+export declare class Polynomial {
+    coefficients: GF256[];
+    /**
+     * Construct a new Polynomial over [GF256] from the given coefficients.
+     * The first coefficient is the constant term.
+     */
+    constructor(coefficients: GF256[]);
+    /**
+     * Construct a polynomial from the given bytes.
+     * Each byte is a coefficient of the polynomial starting from the constant term.
+     */
+    static fromBytes(bytes: Uint8Array): Polynomial;
+    degree(): number;
+    /** Get the coefficient of the polynomial at the given index. */
+    getCoefficient(index: number): GF256;
+    /** Add two polynomials. */
+    add(other: Polynomial): Polynomial;
+    /** Multiply two polynomials. */
+    mul(other: Polynomial): Polynomial;
+    /** The polynomial s * this. */
+    scale(s: GF256): Polynomial;
+    /** The polynomial (1 / s) * this. */
+    div(s: GF256): Polynomial;
+    /** The polynomial x + c. */
+    static monic_linear(c: GF256): Polynomial;
+    /** The zero polynomial. */
+    static zero(): Polynomial;
+    /** The polynomial 1. */
+    static one(): Polynomial;
+    /** Given a set of coordinates, interpolate a polynomial. */
+    static interpolate(coordinates: {
+        x: GF256;
+        y: GF256;
+    }[]): Polynomial;
+    /** Given a set of coordinates, interpolate a polynomial and evaluate it at x = 0. */
+    static combine(coordinates: {
+        x: GF256;
+        y: GF256;
+    }[]): GF256;
+    /** Evaluate the polynomial at x. */
+    evaluate(x: GF256): GF256;
+}
+/** Representation of a share of a secret. The index is a number between 1 and 255. */
+export type Share = {
+    index: number;
+    share: Uint8Array<ArrayBuffer>;
+};
+/**
+ * Split a secret into shares.
+ *
+ * @param secret The secret to split.
+ * @param threshold The minimum number of shares required to reconstruct the secret.
+ * @param total The total number of shares to generate.
+ * @returns The shares.
+ */
+export declare function split(secret: Uint8Array, threshold: number, total: number): Share[];
+/**
+ * Combine shares into a secret. If fewer than the threshold number of shares are provided,
+ * the result will be indistinguishable from random.
+ *
+ * @param shares The shares to combine.
+ * @returns The secret.
+ */
+export declare function combine(shares: Share[]): Uint8Array<ArrayBuffer>;
+/**
+ * Interpolate a polynomial from the given shares.
+ *
+ * @param shares The shares to interpolate from.
+ * @returns A function that evaluates the polynomial at a given x.
+ */
+export declare function interpolate(shares: Share[]): (x: number) => Uint8Array;