@hashgraphonline/standards-sdk 0.1.168 → 0.1.170

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (276) hide show
  1. package/README.md +1 -0
  2. package/dist/browser/hcs-11/client.d.ts.map +1 -1
  3. package/dist/browser/hcs-21/sdk.d.ts.map +1 -1
  4. package/dist/browser/hcs-27/base-client.d.ts +41 -0
  5. package/dist/browser/hcs-27/base-client.d.ts.map +1 -0
  6. package/dist/browser/hcs-27/index.d.ts +6 -0
  7. package/dist/browser/hcs-27/index.d.ts.map +1 -0
  8. package/dist/browser/hcs-27/memos.d.ts +5 -0
  9. package/dist/browser/hcs-27/memos.d.ts.map +1 -0
  10. package/dist/browser/hcs-27/merkle.d.ts +23 -0
  11. package/dist/browser/hcs-27/merkle.d.ts.map +1 -0
  12. package/dist/browser/hcs-27/sdk.d.ts +23 -0
  13. package/dist/browser/hcs-27/sdk.d.ts.map +1 -0
  14. package/dist/browser/hcs-27/types.d.ts +1611 -0
  15. package/dist/browser/hcs-27/types.d.ts.map +1 -0
  16. package/dist/browser/index.d.ts +1 -0
  17. package/dist/browser/index.d.ts.map +1 -1
  18. package/dist/browser/standards-sdk.browser.js +29 -5
  19. package/dist/browser/standards-sdk.browser.js.map +1 -1
  20. package/dist/browser/utils/key-type-detector.d.ts.map +1 -1
  21. package/dist/cjs/hcs-11/client.d.ts.map +1 -1
  22. package/dist/cjs/hcs-21/sdk.d.ts.map +1 -1
  23. package/dist/cjs/hcs-27/base-client.d.ts +41 -0
  24. package/dist/cjs/hcs-27/base-client.d.ts.map +1 -0
  25. package/dist/cjs/hcs-27/index.d.ts +6 -0
  26. package/dist/cjs/hcs-27/index.d.ts.map +1 -0
  27. package/dist/cjs/hcs-27/memos.d.ts +5 -0
  28. package/dist/cjs/hcs-27/memos.d.ts.map +1 -0
  29. package/dist/cjs/hcs-27/merkle.d.ts +23 -0
  30. package/dist/cjs/hcs-27/merkle.d.ts.map +1 -0
  31. package/dist/cjs/hcs-27/sdk.d.ts +23 -0
  32. package/dist/cjs/hcs-27/sdk.d.ts.map +1 -0
  33. package/dist/cjs/hcs-27/types.d.ts +1611 -0
  34. package/dist/cjs/hcs-27/types.d.ts.map +1 -0
  35. package/dist/cjs/index.d.ts +1 -0
  36. package/dist/cjs/index.d.ts.map +1 -1
  37. package/dist/cjs/standards-sdk.cjs +2 -2
  38. package/dist/cjs/standards-sdk.cjs.map +1 -1
  39. package/dist/cjs/utils/key-type-detector.d.ts.map +1 -1
  40. package/dist/es/hcs-11/client.d.ts.map +1 -1
  41. package/dist/es/hcs-21/sdk.d.ts.map +1 -1
  42. package/dist/es/hcs-27/base-client.d.ts +41 -0
  43. package/dist/es/hcs-27/base-client.d.ts.map +1 -0
  44. package/dist/es/hcs-27/index.d.ts +6 -0
  45. package/dist/es/hcs-27/index.d.ts.map +1 -0
  46. package/dist/es/hcs-27/memos.d.ts +5 -0
  47. package/dist/es/hcs-27/memos.d.ts.map +1 -0
  48. package/dist/es/hcs-27/merkle.d.ts +23 -0
  49. package/dist/es/hcs-27/merkle.d.ts.map +1 -0
  50. package/dist/es/hcs-27/sdk.d.ts +23 -0
  51. package/dist/es/hcs-27/sdk.d.ts.map +1 -0
  52. package/dist/es/hcs-27/types.d.ts +1611 -0
  53. package/dist/es/hcs-27/types.d.ts.map +1 -0
  54. package/dist/es/index.d.ts +1 -0
  55. package/dist/es/index.d.ts.map +1 -1
  56. package/dist/es/standards-sdk.es.js +67 -38
  57. package/dist/es/standards-sdk.es.js.map +1 -1
  58. package/dist/es/standards-sdk.es101.js +2 -2
  59. package/dist/es/standards-sdk.es103.js +2 -2
  60. package/dist/es/standards-sdk.es104.js +1 -1
  61. package/dist/es/standards-sdk.es106.js +1 -1
  62. package/dist/es/standards-sdk.es108.js +2 -2
  63. package/dist/es/standards-sdk.es11.js +1 -1
  64. package/dist/es/standards-sdk.es110.js +1 -1
  65. package/dist/es/standards-sdk.es111.js +2 -2
  66. package/dist/es/standards-sdk.es112.js +151 -234
  67. package/dist/es/standards-sdk.es112.js.map +1 -1
  68. package/dist/es/standards-sdk.es113.js +20 -471
  69. package/dist/es/standards-sdk.es113.js.map +1 -1
  70. package/dist/es/standards-sdk.es114.js +263 -104
  71. package/dist/es/standards-sdk.es114.js.map +1 -1
  72. package/dist/es/standards-sdk.es115.js +167 -138
  73. package/dist/es/standards-sdk.es115.js.map +1 -1
  74. package/dist/es/standards-sdk.es116.js +315 -29
  75. package/dist/es/standards-sdk.es116.js.map +1 -1
  76. package/dist/es/standards-sdk.es117.js +250 -10
  77. package/dist/es/standards-sdk.es117.js.map +1 -1
  78. package/dist/es/standards-sdk.es118.js +448 -152
  79. package/dist/es/standards-sdk.es118.js.map +1 -1
  80. package/dist/es/standards-sdk.es119.js +101 -25
  81. package/dist/es/standards-sdk.es119.js.map +1 -1
  82. package/dist/es/standards-sdk.es12.js +1 -1
  83. package/dist/es/standards-sdk.es120.js +155 -17
  84. package/dist/es/standards-sdk.es120.js.map +1 -1
  85. package/dist/es/standards-sdk.es121.js +29 -155
  86. package/dist/es/standards-sdk.es121.js.map +1 -1
  87. package/dist/es/standards-sdk.es122.js +9 -200
  88. package/dist/es/standards-sdk.es122.js.map +1 -1
  89. package/dist/es/standards-sdk.es123.js +146 -754
  90. package/dist/es/standards-sdk.es123.js.map +1 -1
  91. package/dist/es/standards-sdk.es124.js +27 -11
  92. package/dist/es/standards-sdk.es124.js.map +1 -1
  93. package/dist/es/standards-sdk.es125.js +19 -564
  94. package/dist/es/standards-sdk.es125.js.map +1 -1
  95. package/dist/es/standards-sdk.es126.js +140 -582
  96. package/dist/es/standards-sdk.es126.js.map +1 -1
  97. package/dist/es/standards-sdk.es127.js +202 -12
  98. package/dist/es/standards-sdk.es127.js.map +1 -1
  99. package/dist/es/standards-sdk.es128.js +790 -2
  100. package/dist/es/standards-sdk.es128.js.map +1 -1
  101. package/dist/es/standards-sdk.es129.js +10 -84
  102. package/dist/es/standards-sdk.es129.js.map +1 -1
  103. package/dist/es/standards-sdk.es13.js +1 -1
  104. package/dist/es/standards-sdk.es130.js +567 -40
  105. package/dist/es/standards-sdk.es130.js.map +1 -1
  106. package/dist/es/standards-sdk.es131.js +626 -2
  107. package/dist/es/standards-sdk.es131.js.map +1 -1
  108. package/dist/es/standards-sdk.es132.js +12 -234
  109. package/dist/es/standards-sdk.es132.js.map +1 -1
  110. package/dist/es/standards-sdk.es133.js +2 -1140
  111. package/dist/es/standards-sdk.es133.js.map +1 -1
  112. package/dist/es/standards-sdk.es134.js +73 -292
  113. package/dist/es/standards-sdk.es134.js.map +1 -1
  114. package/dist/es/standards-sdk.es135.js +36 -418
  115. package/dist/es/standards-sdk.es135.js.map +1 -1
  116. package/dist/es/standards-sdk.es136.js +2 -355
  117. package/dist/es/standards-sdk.es136.js.map +1 -1
  118. package/dist/es/standards-sdk.es137.js +198 -1079
  119. package/dist/es/standards-sdk.es137.js.map +1 -1
  120. package/dist/es/standards-sdk.es138.js +1107 -175
  121. package/dist/es/standards-sdk.es138.js.map +1 -1
  122. package/dist/es/standards-sdk.es139.js +218 -1479
  123. package/dist/es/standards-sdk.es139.js.map +1 -1
  124. package/dist/es/standards-sdk.es14.js +1 -1
  125. package/dist/es/standards-sdk.es140.js +422 -1500
  126. package/dist/es/standards-sdk.es140.js.map +1 -1
  127. package/dist/es/standards-sdk.es141.js +351 -13
  128. package/dist/es/standards-sdk.es141.js.map +1 -1
  129. package/dist/es/standards-sdk.es142.js +1102 -73
  130. package/dist/es/standards-sdk.es142.js.map +1 -1
  131. package/dist/es/standards-sdk.es143.js +203 -76
  132. package/dist/es/standards-sdk.es143.js.map +1 -1
  133. package/dist/es/standards-sdk.es144.js +1459 -830
  134. package/dist/es/standards-sdk.es144.js.map +1 -1
  135. package/dist/es/standards-sdk.es145.js +1499 -59
  136. package/dist/es/standards-sdk.es145.js.map +1 -1
  137. package/dist/es/standards-sdk.es146.js +14 -156
  138. package/dist/es/standards-sdk.es146.js.map +1 -1
  139. package/dist/es/standards-sdk.es147.js +87 -7
  140. package/dist/es/standards-sdk.es147.js.map +1 -1
  141. package/dist/es/standards-sdk.es148.js +74 -79
  142. package/dist/es/standards-sdk.es148.js.map +1 -1
  143. package/dist/es/standards-sdk.es149.js +934 -61
  144. package/dist/es/standards-sdk.es149.js.map +1 -1
  145. package/dist/es/standards-sdk.es15.js +1 -1
  146. package/dist/es/standards-sdk.es150.js +60 -30
  147. package/dist/es/standards-sdk.es150.js.map +1 -1
  148. package/dist/es/standards-sdk.es151.js +159 -34
  149. package/dist/es/standards-sdk.es151.js.map +1 -1
  150. package/dist/es/standards-sdk.es152.js +7 -48
  151. package/dist/es/standards-sdk.es152.js.map +1 -1
  152. package/dist/es/standards-sdk.es153.js +70 -122
  153. package/dist/es/standards-sdk.es153.js.map +1 -1
  154. package/dist/es/standards-sdk.es154.js +58 -35
  155. package/dist/es/standards-sdk.es154.js.map +1 -1
  156. package/dist/es/standards-sdk.es155.js +30 -56
  157. package/dist/es/standards-sdk.es155.js.map +1 -1
  158. package/dist/es/standards-sdk.es156.js +34 -84
  159. package/dist/es/standards-sdk.es156.js.map +1 -1
  160. package/dist/es/standards-sdk.es157.js +48 -81
  161. package/dist/es/standards-sdk.es157.js.map +1 -1
  162. package/dist/es/standards-sdk.es158.js +124 -186
  163. package/dist/es/standards-sdk.es158.js.map +1 -1
  164. package/dist/es/standards-sdk.es159.js +34 -12474
  165. package/dist/es/standards-sdk.es159.js.map +1 -1
  166. package/dist/es/standards-sdk.es16.js +5 -5
  167. package/dist/es/standards-sdk.es160.js +12477 -12
  168. package/dist/es/standards-sdk.es160.js.map +1 -1
  169. package/dist/es/standards-sdk.es161.js +51 -68
  170. package/dist/es/standards-sdk.es161.js.map +1 -1
  171. package/dist/es/standards-sdk.es162.js +67 -533
  172. package/dist/es/standards-sdk.es162.js.map +1 -1
  173. package/dist/es/standards-sdk.es163.js +70 -161
  174. package/dist/es/standards-sdk.es163.js.map +1 -1
  175. package/dist/es/standards-sdk.es164.js +187 -309
  176. package/dist/es/standards-sdk.es164.js.map +1 -1
  177. package/dist/es/standards-sdk.es165.js +13 -342
  178. package/dist/es/standards-sdk.es165.js.map +1 -1
  179. package/dist/es/standards-sdk.es166.js +538 -441
  180. package/dist/es/standards-sdk.es166.js.map +1 -1
  181. package/dist/es/standards-sdk.es167.js +142 -301
  182. package/dist/es/standards-sdk.es167.js.map +1 -1
  183. package/dist/es/standards-sdk.es168.js +310 -64
  184. package/dist/es/standards-sdk.es168.js.map +1 -1
  185. package/dist/es/standards-sdk.es169.js +332 -158
  186. package/dist/es/standards-sdk.es169.js.map +1 -1
  187. package/dist/es/standards-sdk.es170.js +441 -210
  188. package/dist/es/standards-sdk.es170.js.map +1 -1
  189. package/dist/es/standards-sdk.es171.js +314 -222
  190. package/dist/es/standards-sdk.es171.js.map +1 -1
  191. package/dist/es/standards-sdk.es172.js +65 -108
  192. package/dist/es/standards-sdk.es172.js.map +1 -1
  193. package/dist/es/standards-sdk.es173.js +61 -114
  194. package/dist/es/standards-sdk.es173.js.map +1 -1
  195. package/dist/es/standards-sdk.es174.js +151 -140
  196. package/dist/es/standards-sdk.es174.js.map +1 -1
  197. package/dist/es/standards-sdk.es175.js +193 -156
  198. package/dist/es/standards-sdk.es175.js.map +1 -1
  199. package/dist/es/standards-sdk.es176.js +221 -121
  200. package/dist/es/standards-sdk.es176.js.map +1 -1
  201. package/dist/es/standards-sdk.es177.js +81 -293
  202. package/dist/es/standards-sdk.es177.js.map +1 -1
  203. package/dist/es/standards-sdk.es178.js +114 -247
  204. package/dist/es/standards-sdk.es178.js.map +1 -1
  205. package/dist/es/standards-sdk.es179.js +119 -110
  206. package/dist/es/standards-sdk.es179.js.map +1 -1
  207. package/dist/es/standards-sdk.es18.js +12 -12
  208. package/dist/es/standards-sdk.es180.js +188 -0
  209. package/dist/es/standards-sdk.es180.js.map +1 -0
  210. package/dist/es/standards-sdk.es181.js +142 -0
  211. package/dist/es/standards-sdk.es181.js.map +1 -0
  212. package/dist/es/standards-sdk.es182.js +334 -0
  213. package/dist/es/standards-sdk.es182.js.map +1 -0
  214. package/dist/es/standards-sdk.es183.js +262 -0
  215. package/dist/es/standards-sdk.es183.js.map +1 -0
  216. package/dist/es/standards-sdk.es184.js +155 -0
  217. package/dist/es/standards-sdk.es184.js.map +1 -0
  218. package/dist/es/standards-sdk.es19.js +9 -9
  219. package/dist/es/standards-sdk.es2.js +2 -2
  220. package/dist/es/standards-sdk.es20.js +1 -1
  221. package/dist/es/standards-sdk.es21.js +1 -1
  222. package/dist/es/standards-sdk.es22.js +1 -1
  223. package/dist/es/standards-sdk.es23.js +1 -1
  224. package/dist/es/standards-sdk.es24.js +1 -1
  225. package/dist/es/standards-sdk.es25.js +1 -1
  226. package/dist/es/standards-sdk.es26.js +1 -1
  227. package/dist/es/standards-sdk.es27.js +12 -12
  228. package/dist/es/standards-sdk.es27.js.map +1 -1
  229. package/dist/es/standards-sdk.es30.js +2 -2
  230. package/dist/es/standards-sdk.es31.js +4 -4
  231. package/dist/es/standards-sdk.es32.js +1 -1
  232. package/dist/es/standards-sdk.es35.js +6 -6
  233. package/dist/es/standards-sdk.es36.js +4 -4
  234. package/dist/es/standards-sdk.es37.js +2 -2
  235. package/dist/es/standards-sdk.es38.js +2 -2
  236. package/dist/es/standards-sdk.es39.js +1 -1
  237. package/dist/es/standards-sdk.es4.js +2 -2
  238. package/dist/es/standards-sdk.es40.js +1 -1
  239. package/dist/es/standards-sdk.es41.js +2 -2
  240. package/dist/es/standards-sdk.es46.js +1 -1
  241. package/dist/es/standards-sdk.es5.js +2 -2
  242. package/dist/es/standards-sdk.es51.js +1 -1
  243. package/dist/es/standards-sdk.es53.js +1 -1
  244. package/dist/es/standards-sdk.es56.js +2 -2
  245. package/dist/es/standards-sdk.es59.js +1 -1
  246. package/dist/es/standards-sdk.es6.js +2 -2
  247. package/dist/es/standards-sdk.es60.js +1 -1
  248. package/dist/es/standards-sdk.es62.js +1 -1
  249. package/dist/es/standards-sdk.es63.js +2 -2
  250. package/dist/es/standards-sdk.es64.js +1 -1
  251. package/dist/es/standards-sdk.es65.js +1 -1
  252. package/dist/es/standards-sdk.es66.js +1 -1
  253. package/dist/es/standards-sdk.es67.js +7 -7
  254. package/dist/es/standards-sdk.es69.js +1 -1
  255. package/dist/es/standards-sdk.es7.js +1 -1
  256. package/dist/es/standards-sdk.es71.js +2 -2
  257. package/dist/es/standards-sdk.es72.js +3 -3
  258. package/dist/es/standards-sdk.es75.js +5 -5
  259. package/dist/es/standards-sdk.es76.js +3 -3
  260. package/dist/es/standards-sdk.es77.js +2 -2
  261. package/dist/es/standards-sdk.es78.js +1 -1
  262. package/dist/es/standards-sdk.es81.js +2 -2
  263. package/dist/es/standards-sdk.es83.js +2 -2
  264. package/dist/es/standards-sdk.es84.js +4 -4
  265. package/dist/es/standards-sdk.es85.js +1 -1
  266. package/dist/es/standards-sdk.es88.js +1 -1
  267. package/dist/es/standards-sdk.es89.js +2 -2
  268. package/dist/es/standards-sdk.es9.js +2 -2
  269. package/dist/es/standards-sdk.es90.js +4 -4
  270. package/dist/es/standards-sdk.es90.js.map +1 -1
  271. package/dist/es/standards-sdk.es94.js +3 -3
  272. package/dist/es/standards-sdk.es96.js +2 -2
  273. package/dist/es/standards-sdk.es98.js +1 -1
  274. package/dist/es/standards-sdk.es99.js +3 -3
  275. package/dist/es/utils/key-type-detector.d.ts.map +1 -1
  276. package/package.json +1 -1
package/dist/es/standards-sdk.es174.js CHANGED
@@ -1,164 +1,175 @@
1
- import { resolveResponseSchema, registrationQuoteResponseSchema, registerAgentResponseSchema, registrationProgressResponseSchema, uaidValidationResponseSchema, uaidConnectionStatusSchema, dashboardStatsResponseSchema } from "./standards-sdk.es140.js";
2
- import { serialiseAgentRegistrationRequest, DEFAULT_PROGRESS_INTERVAL_MS, DEFAULT_PROGRESS_TIMEOUT_MS, createAbortError } from "./standards-sdk.es171.js";
3
- import { RegistryBrokerError } from "./standards-sdk.es141.js";
4
- async function resolveUaid(client, uaid) {
5
- const raw = await client.requestJson(
6
- `/resolve/${encodeURIComponent(uaid)}`,
7
- {
8
- method: "GET"
9
- }
10
- );
11
- return client.parseWithSchema(
12
- raw,
13
- resolveResponseSchema,
14
- "resolve UAID response"
15
- );
16
- }
17
- async function getRegistrationQuote(client, payload) {
18
- const raw = await client.requestJson("/register/quote", {
1
+ import * as path from "path";
2
+ import { Buffer } from "buffer";
3
+ import { randomBytes } from "crypto";
4
+ import { secp256k1 } from "@noble/curves/secp256k1.js";
5
+ import { registerEncryptionKeyResponseSchema } from "./standards-sdk.es145.js";
6
+ import { optionalImport } from "./standards-sdk.es162.js";
7
+ const getFs = async () => {
8
+ const fsModule = await optionalImport("node:fs");
9
+ if (fsModule && typeof fsModule.existsSync === "function" && typeof fsModule.readFileSync === "function" && typeof fsModule.writeFileSync === "function" && typeof fsModule.appendFileSync === "function") {
10
+ return fsModule;
11
+ }
12
+ return null;
13
+ };
14
+ async function registerEncryptionKey(client, payload) {
15
+ const raw = await client.requestJson("/encryption/keys", {
19
16
  method: "POST",
20
- body: serialiseAgentRegistrationRequest(payload),
21
- headers: { "content-type": "application/json" }
17
+ headers: { "content-type": "application/json" },
18
+ body: payload
22
19
  });
23
20
  return client.parseWithSchema(
24
21
  raw,
25
- registrationQuoteResponseSchema,
26
- "registration quote response"
22
+ registerEncryptionKeyResponseSchema,
23
+ "register encryption key response"
27
24
  );
28
25
  }
29
- async function updateAgent(client, uaid, payload) {
30
- const raw = await client.requestJson(
31
- `/register/${encodeURIComponent(uaid)}`,
32
- {
33
- method: "PUT",
34
- body: serialiseAgentRegistrationRequest(payload),
35
- headers: { "content-type": "application/json" }
26
+ function normalizeAutoRegisterIdentity(config) {
27
+ const identity = {};
28
+ if (config.uaid) {
29
+ identity.uaid = config.uaid;
30
+ }
31
+ if (config.ledgerAccountId) {
32
+ identity.ledgerAccountId = config.ledgerAccountId;
33
+ if (config.ledgerNetwork) {
34
+ identity.ledgerNetwork = config.ledgerNetwork;
36
35
  }
37
- );
38
- return client.parseWithSchema(
39
- raw,
40
- registerAgentResponseSchema,
41
- "update agent response"
42
- );
36
+ }
37
+ if (config.email) {
38
+ identity.email = config.email;
39
+ }
40
+ if (identity.uaid || identity.ledgerAccountId || identity.email) {
41
+ return identity;
42
+ }
43
+ return null;
43
44
  }
44
- async function getRegistrationProgress(client, attemptId) {
45
- const normalisedAttemptId = attemptId.trim();
46
- if (!normalisedAttemptId) {
47
- throw new Error("attemptId is required");
45
+ function derivePublicKeyFromPrivateKey(client, privateKey) {
46
+ const normalized = client.hexToBuffer(privateKey);
47
+ const publicKey = secp256k1.getPublicKey(normalized, true);
48
+ return Buffer.from(publicKey).toString("hex");
49
+ }
50
+ async function resolveAutoRegisterKeyMaterial(client, config) {
51
+ if (config.publicKey?.trim()) {
52
+ return { publicKey: config.publicKey.trim() };
53
+ }
54
+ let privateKey = config.privateKey?.trim();
55
+ const envVar = config.envVar ?? "RB_ENCRYPTION_PRIVATE_KEY";
56
+ if (!privateKey && envVar && process?.env?.[envVar]?.trim()) {
57
+ privateKey = process.env[envVar]?.trim();
48
58
  }
49
- try {
50
- const raw = await client.requestJson(
51
- `/register/progress/${encodeURIComponent(normalisedAttemptId)}`,
52
- { method: "GET" }
59
+ if (!privateKey && config.generateIfMissing) {
60
+ const pair = await client.generateEncryptionKeyPair({
61
+ keyType: config.keyType ?? "secp256k1",
62
+ envVar,
63
+ envPath: config.envPath,
64
+ overwrite: config.overwriteEnv
65
+ });
66
+ return { publicKey: pair.publicKey, privateKey: pair.privateKey };
67
+ }
68
+ if (privateKey) {
69
+ const publicKey = derivePublicKeyFromPrivateKey(client, privateKey);
70
+ return { publicKey, privateKey };
71
+ }
72
+ return null;
73
+ }
74
+ async function autoRegisterEncryptionKey(client, config) {
75
+ const identity = normalizeAutoRegisterIdentity(config);
76
+ if (!identity) {
77
+ throw new Error(
78
+ "Auto-registration requires uaid, ledgerAccountId, or email"
53
79
  );
54
- const parsed = client.parseWithSchema(
55
- raw,
56
- registrationProgressResponseSchema,
57
- "registration progress response"
80
+ }
81
+ const material = await resolveAutoRegisterKeyMaterial(client, config);
82
+ if (!material) {
83
+ throw new Error(
84
+ "Unable to resolve encryption public key for auto-registration"
58
85
  );
59
- return parsed.progress;
60
- } catch (error) {
61
- if (error instanceof RegistryBrokerError && error.status === 404) {
62
- return null;
63
- }
64
- throw error;
65
86
  }
87
+ await registerEncryptionKey(client, {
88
+ keyType: config.keyType ?? "secp256k1",
89
+ publicKey: material.publicKey,
90
+ ...identity
91
+ });
92
+ return material;
66
93
  }
67
- async function waitForRegistrationCompletion(client, attemptId, options = {}) {
68
- const normalisedAttemptId = attemptId.trim();
69
- if (!normalisedAttemptId) {
70
- throw new Error("attemptId is required");
94
+ async function ensureAgentEncryptionKey(client, options) {
95
+ return autoRegisterEncryptionKey(client, {
96
+ ...options,
97
+ uaid: options.uaid
98
+ });
99
+ }
100
+ function createEncryptionApi(client) {
101
+ return {
102
+ registerKey: (payload) => registerEncryptionKey(client, payload),
103
+ generateEphemeralKeyPair: () => client.createEphemeralKeyPair(),
104
+ deriveSharedSecret: (options) => client.deriveSharedSecret(options),
105
+ encryptCipherEnvelope: (options) => client.buildCipherEnvelope(options),
106
+ decryptCipherEnvelope: (options) => client.openCipherEnvelope(options),
107
+ ensureAgentKey: (options) => ensureAgentEncryptionKey(client, options)
108
+ };
109
+ }
110
+ async function bootstrapEncryptionOptions(client, options) {
111
+ if (!options?.autoRegister || options.autoRegister.enabled === false) {
112
+ return null;
71
113
  }
72
- const interval = Math.max(
73
- 250,
74
- options.intervalMs ?? DEFAULT_PROGRESS_INTERVAL_MS
75
- );
76
- const timeoutMs = options.timeoutMs ?? DEFAULT_PROGRESS_TIMEOUT_MS;
77
- const throwOnFailure = options.throwOnFailure ?? true;
78
- const signal = options.signal;
79
- const startedAt = Date.now();
80
- while (true) {
81
- if (signal?.aborted) {
82
- throw createAbortError();
114
+ return autoRegisterEncryptionKey(client, options.autoRegister);
115
+ }
116
+ async function generateEncryptionKeyPair(client, options = {}) {
117
+ client.assertNodeRuntime("generateEncryptionKeyPair");
118
+ const keyType = options.keyType ?? "secp256k1";
119
+ if (keyType !== "secp256k1") {
120
+ throw new Error("Only secp256k1 key generation is supported currently");
121
+ }
122
+ const privateKeyBytes = randomBytes(32);
123
+ const privateKey = Buffer.from(privateKeyBytes).toString("hex");
124
+ const publicKeyBytes = secp256k1.getPublicKey(privateKeyBytes, true);
125
+ const publicKey = Buffer.from(publicKeyBytes).toString("hex");
126
+ const envVar = options.envVar ?? "RB_ENCRYPTION_PRIVATE_KEY";
127
+ const resolvedPath = options.envPath ? path.resolve(options.envPath) : void 0;
128
+ if (resolvedPath) {
129
+ const fsModule = await getFs();
130
+ if (!fsModule) {
131
+ throw new Error(
132
+ "File system module is not available; cannot write encryption key env file"
133
+ );
83
134
  }
84
- const progress = await client.getRegistrationProgress(normalisedAttemptId);
85
- if (progress) {
86
- options.onProgress?.(progress);
87
- if (progress.status === "completed") {
88
- return progress;
89
- }
90
- if (progress.status === "partial" || progress.status === "failed") {
91
- if (throwOnFailure) {
92
- throw new RegistryBrokerError(
93
- "Registration did not complete successfully",
94
- {
95
- status: 409,
96
- statusText: progress.status,
97
- body: progress
98
- }
135
+ const envLine = `${envVar}=${privateKey}`;
136
+ if (fsModule.existsSync(resolvedPath)) {
137
+ const content = fsModule.readFileSync(resolvedPath, "utf-8");
138
+ const lineRegex = new RegExp(`^${envVar}=.*$`, "m");
139
+ if (lineRegex.test(content)) {
140
+ if (!options.overwrite) {
141
+ throw new Error(
142
+ `${envVar} already exists in ${resolvedPath}; set overwrite=true to replace it`
99
143
  );
100
144
  }
101
- return progress;
145
+ const updated = content.replace(lineRegex, envLine);
146
+ fsModule.writeFileSync(resolvedPath, updated);
147
+ } else {
148
+ const needsNewline = !content.endsWith("\n");
149
+ fsModule.appendFileSync(
150
+ resolvedPath,
151
+ `${needsNewline ? "\n" : ""}${envLine}
152
+ `
153
+ );
102
154
  }
155
+ } else {
156
+ fsModule.writeFileSync(resolvedPath, `${envLine}
157
+ `);
103
158
  }
104
- if (Date.now() - startedAt >= timeoutMs) {
105
- throw new Error(
106
- `Registration progress polling timed out after ${timeoutMs}ms`
107
- );
108
- }
109
- await client.delay(interval, signal);
110
159
  }
111
- }
112
- async function validateUaid(client, uaid) {
113
- const raw = await client.requestJson(
114
- `/uaids/validate/${encodeURIComponent(uaid)}`,
115
- {
116
- method: "GET"
117
- }
118
- );
119
- return client.parseWithSchema(
120
- raw,
121
- uaidValidationResponseSchema,
122
- "UAID validation response"
123
- );
124
- }
125
- async function getUaidConnectionStatus(client, uaid) {
126
- const raw = await client.requestJson(
127
- `/uaids/connections/${encodeURIComponent(uaid)}/status`,
128
- {
129
- method: "GET"
130
- }
131
- );
132
- return client.parseWithSchema(
133
- raw,
134
- uaidConnectionStatusSchema,
135
- "UAID connection status"
136
- );
137
- }
138
- async function closeUaidConnection(client, uaid) {
139
- await client.request(`/uaids/connections/${encodeURIComponent(uaid)}`, {
140
- method: "DELETE"
141
- });
142
- }
143
- async function dashboardStats(client) {
144
- const raw = await client.requestJson("/dashboard/stats", {
145
- method: "GET"
146
- });
147
- return client.parseWithSchema(
148
- raw,
149
- dashboardStatsResponseSchema,
150
- "dashboard stats response"
151
- );
160
+ return {
161
+ privateKey,
162
+ publicKey,
163
+ envPath: resolvedPath,
164
+ envVar
165
+ };
152
166
  }
153
167
  export {
154
- closeUaidConnection,
155
- dashboardStats,
156
- getRegistrationProgress,
157
- getRegistrationQuote,
158
- getUaidConnectionStatus,
159
- resolveUaid,
160
- updateAgent,
161
- validateUaid,
162
- waitForRegistrationCompletion
168
+ autoRegisterEncryptionKey,
169
+ bootstrapEncryptionOptions,
170
+ createEncryptionApi,
171
+ ensureAgentEncryptionKey,
172
+ generateEncryptionKeyPair,
173
+ registerEncryptionKey
163
174
  };
164
175
  //# sourceMappingURL=standards-sdk.es174.js.map
package/dist/es/standards-sdk.es174.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"standards-sdk.es174.js","sources":["../../src/services/registry-broker/client/agents.ts"],"sourcesContent":["import type {\n AgentRegistrationRequest,\n DashboardStatsResponse,\n JsonValue,\n RegisterAgentOptions,\n RegisterAgentQuoteResponse,\n RegisterAgentResponse,\n RegistrationProgressRecord,\n RegistrationProgressWaitOptions,\n ResolvedAgentResponse,\n UaidConnectionStatus,\n UaidValidationResponse,\n} from '../types';\nimport {\n dashboardStatsResponseSchema,\n registerAgentResponseSchema,\n registrationProgressResponseSchema,\n registrationQuoteResponseSchema,\n resolveResponseSchema,\n uaidConnectionStatusSchema,\n uaidValidationResponseSchema,\n} from '../schemas';\nimport type { RegistryBrokerClient } from './base-client';\nimport { purchaseCreditsWithHbar } from './credits';\nimport {\n createAbortError,\n DEFAULT_PROGRESS_INTERVAL_MS,\n DEFAULT_PROGRESS_TIMEOUT_MS,\n MINIMUM_REGISTRATION_AUTO_TOP_UP_CREDITS,\n serialiseAgentRegistrationRequest,\n} from './utils';\nimport { RegistryBrokerError } from './errors';\n\nasync function performRegisterAgent(\n client: RegistryBrokerClient,\n payload: AgentRegistrationRequest,\n): Promise<RegisterAgentResponse> {\n const raw = await client.requestJson<JsonValue>('/register', {\n method: 'POST',\n body: serialiseAgentRegistrationRequest(payload),\n headers: { 'content-type': 'application/json' },\n });\n return client.parseWithSchema(\n raw,\n registerAgentResponseSchema,\n 'register agent response',\n );\n}\n\nfunction calculateHbarAmount(\n creditsToPurchase: number,\n creditsPerHbar: number,\n): number {\n if (creditsPerHbar <= 0) {\n throw new Error('creditsPerHbar must be positive');\n }\n if (creditsToPurchase <= 0) {\n throw new Error('creditsToPurchase must be positive');\n }\n const rawHbar = creditsToPurchase / creditsPerHbar;\n const tinybars = Math.ceil(rawHbar * 1e8);\n return tinybars / 1e8;\n}\n\nfunction resolveCreditsToPurchase(shortfallCredits: number): number {\n if (!Number.isFinite(shortfallCredits) || shortfallCredits <= 0) {\n return 0;\n }\n return Math.max(\n Math.ceil(shortfallCredits),\n MINIMUM_REGISTRATION_AUTO_TOP_UP_CREDITS,\n );\n}\n\nasync function ensureCreditsForRegistration(\n client: RegistryBrokerClient,\n payload: AgentRegistrationRequest,\n autoTopUp: RegisterAgentOptions['autoTopUp'],\n): Promise<void> {\n const details = autoTopUp ?? null;\n if (!details) {\n return;\n }\n\n if (!details.accountId || !details.accountId.trim()) {\n throw new Error('autoTopUp.accountId is required');\n }\n\n if (!details.privateKey || !details.privateKey.trim()) {\n throw new Error('autoTopUp.privateKey is required');\n }\n\n for (let attempt = 0; attempt < 3; attempt += 1) {\n const quote = await getRegistrationQuote(client, payload);\n const shortfall = quote.shortfallCredits ?? 0;\n if (shortfall <= 0) {\n return;\n }\n const creditsToPurchase = resolveCreditsToPurchase(shortfall);\n if (creditsToPurchase <= 0) {\n return;\n }\n\n const creditsPerHbar = quote.creditsPerHbar ?? null;\n if (!creditsPerHbar || creditsPerHbar <= 0) {\n throw new Error('Unable to determine credits per HBAR for auto top-up');\n }\n\n const hbarAmount = calculateHbarAmount(creditsToPurchase, creditsPerHbar);\n\n await purchaseCreditsWithHbar(client, {\n accountId: details.accountId.trim(),\n privateKey: details.privateKey.trim(),\n hbarAmount,\n memo: details.memo ?? 'Registry Broker auto top-up',\n metadata: {\n shortfallCredits: shortfall,\n requiredCredits: quote.requiredCredits,\n purchasedCredits: creditsToPurchase,\n },\n });\n }\n\n const finalQuote = await getRegistrationQuote(client, payload);\n if ((finalQuote.shortfallCredits ?? 0) > 0) {\n throw new Error('Unable to purchase sufficient credits for registration');\n }\n}\n\nexport async function resolveUaid(\n client: RegistryBrokerClient,\n uaid: string,\n): Promise<ResolvedAgentResponse> {\n const raw = await client.requestJson<JsonValue>(\n `/resolve/${encodeURIComponent(uaid)}`,\n {\n method: 'GET',\n },\n );\n return client.parseWithSchema(\n raw,\n resolveResponseSchema,\n 'resolve UAID response',\n );\n}\n\nexport async function registerAgent(\n client: RegistryBrokerClient,\n payload: AgentRegistrationRequest,\n options?: RegisterAgentOptions,\n): Promise<RegisterAgentResponse> {\n const autoTopUp = options?.autoTopUp ?? client.registrationAutoTopUp;\n\n if (!autoTopUp) {\n return performRegisterAgent(client, payload);\n }\n\n await ensureCreditsForRegistration(client, payload, autoTopUp);\n\n let retried = false;\n while (true) {\n try {\n return await performRegisterAgent(client, payload);\n } catch (error) {\n const shortfall = client.extractInsufficientCreditsDetails(error);\n if (shortfall && !retried) {\n await ensureCreditsForRegistration(client, payload, autoTopUp);\n retried = true;\n continue;\n }\n throw error;\n }\n }\n}\n\nexport async function getRegistrationQuote(\n client: RegistryBrokerClient,\n payload: AgentRegistrationRequest,\n): Promise<RegisterAgentQuoteResponse> {\n const raw = await client.requestJson<JsonValue>('/register/quote', {\n method: 'POST',\n body: serialiseAgentRegistrationRequest(payload),\n headers: { 'content-type': 'application/json' },\n });\n\n return client.parseWithSchema(\n raw,\n registrationQuoteResponseSchema,\n 'registration quote response',\n );\n}\n\nexport async function updateAgent(\n client: RegistryBrokerClient,\n uaid: string,\n payload: AgentRegistrationRequest,\n): Promise<RegisterAgentResponse> {\n const raw = await client.requestJson<JsonValue>(\n `/register/${encodeURIComponent(uaid)}`,\n {\n method: 'PUT',\n body: serialiseAgentRegistrationRequest(payload),\n headers: { 'content-type': 'application/json' },\n },\n );\n\n return client.parseWithSchema(\n raw,\n registerAgentResponseSchema,\n 'update agent response',\n );\n}\n\nexport async function getRegistrationProgress(\n client: RegistryBrokerClient,\n attemptId: string,\n): Promise<RegistrationProgressRecord | null> {\n const normalisedAttemptId = attemptId.trim();\n if (!normalisedAttemptId) {\n throw new Error('attemptId is required');\n }\n\n try {\n const raw = await client.requestJson<JsonValue>(\n `/register/progress/${encodeURIComponent(normalisedAttemptId)}`,\n { method: 'GET' },\n );\n\n const parsed = client.parseWithSchema(\n raw,\n registrationProgressResponseSchema,\n 'registration progress response',\n );\n\n return parsed.progress;\n } catch (error) {\n if (error instanceof RegistryBrokerError && error.status === 404) {\n return null;\n }\n throw error;\n }\n}\n\nexport async function waitForRegistrationCompletion(\n client: RegistryBrokerClient,\n attemptId: string,\n options: RegistrationProgressWaitOptions = {},\n): Promise<RegistrationProgressRecord> {\n const normalisedAttemptId = attemptId.trim();\n if (!normalisedAttemptId) {\n throw new Error('attemptId is required');\n }\n\n const interval = Math.max(\n 250,\n options.intervalMs ?? DEFAULT_PROGRESS_INTERVAL_MS,\n );\n const timeoutMs = options.timeoutMs ?? DEFAULT_PROGRESS_TIMEOUT_MS;\n const throwOnFailure = options.throwOnFailure ?? true;\n const signal = options.signal;\n const startedAt = Date.now();\n\n while (true) {\n if (signal?.aborted) {\n throw createAbortError();\n }\n\n const progress = await client.getRegistrationProgress(normalisedAttemptId);\n\n if (progress) {\n options.onProgress?.(progress);\n\n if (progress.status === 'completed') {\n return progress;\n }\n\n if (progress.status === 'partial' || progress.status === 'failed') {\n if (throwOnFailure) {\n throw new RegistryBrokerError(\n 'Registration did not complete successfully',\n {\n status: 409,\n statusText: progress.status,\n body: progress,\n },\n );\n }\n return progress;\n }\n }\n\n if (Date.now() - startedAt >= timeoutMs) {\n throw new Error(\n `Registration progress polling timed out after ${timeoutMs}ms`,\n );\n }\n\n await client.delay(interval, signal);\n }\n}\n\nexport async function validateUaid(\n client: RegistryBrokerClient,\n uaid: string,\n): Promise<UaidValidationResponse> {\n const raw = await client.requestJson<JsonValue>(\n `/uaids/validate/${encodeURIComponent(uaid)}`,\n {\n method: 'GET',\n },\n );\n return client.parseWithSchema(\n raw,\n uaidValidationResponseSchema,\n 'UAID validation response',\n );\n}\n\nexport async function getUaidConnectionStatus(\n client: RegistryBrokerClient,\n uaid: string,\n): Promise<UaidConnectionStatus> {\n const raw = await client.requestJson<JsonValue>(\n `/uaids/connections/${encodeURIComponent(uaid)}/status`,\n {\n method: 'GET',\n },\n );\n return client.parseWithSchema(\n raw,\n uaidConnectionStatusSchema,\n 'UAID connection status',\n );\n}\n\nexport async function closeUaidConnection(\n client: RegistryBrokerClient,\n uaid: string,\n): Promise<void> {\n await client.request(`/uaids/connections/${encodeURIComponent(uaid)}`, {\n method: 'DELETE',\n });\n}\n\nexport async function dashboardStats(\n client: RegistryBrokerClient,\n): Promise<DashboardStatsResponse> {\n const raw = await client.requestJson<JsonValue>('/dashboard/stats', {\n method: 'GET',\n });\n return client.parseWithSchema(\n raw,\n dashboardStatsResponseSchema,\n 'dashboard stats response',\n );\n}\n"],"names":[],"mappings":";;;AAiIA,eAAsB,YACpB,QACA,MACgC;AAChC,QAAM,MAAM,MAAM,OAAO;AAAA,IACvB,YAAY,mBAAmB,IAAI,CAAC;AAAA,IACpC;AAAA,MACE,QAAQ;AAAA,IAAA;AAAA,EACV;AAEF,SAAO,OAAO;AAAA,IACZ;AAAA,IACA;AAAA,IACA;AAAA,EAAA;AAEJ;AA+BA,eAAsB,qBACpB,QACA,SACqC;AACrC,QAAM,MAAM,MAAM,OAAO,YAAuB,mBAAmB;AAAA,IACjE,QAAQ;AAAA,IACR,MAAM,kCAAkC,OAAO;AAAA,IAC/C,SAAS,EAAE,gBAAgB,mBAAA;AAAA,EAAmB,CAC/C;AAED,SAAO,OAAO;AAAA,IACZ;AAAA,IACA;AAAA,IACA;AAAA,EAAA;AAEJ;AAEA,eAAsB,YACpB,QACA,MACA,SACgC;AAChC,QAAM,MAAM,MAAM,OAAO;AAAA,IACvB,aAAa,mBAAmB,IAAI,CAAC;AAAA,IACrC;AAAA,MACE,QAAQ;AAAA,MACR,MAAM,kCAAkC,OAAO;AAAA,MAC/C,SAAS,EAAE,gBAAgB,mBAAA;AAAA,IAAmB;AAAA,EAChD;AAGF,SAAO,OAAO;AAAA,IACZ;AAAA,IACA;AAAA,IACA;AAAA,EAAA;AAEJ;AAEA,eAAsB,wBACpB,QACA,WAC4C;AAC5C,QAAM,sBAAsB,UAAU,KAAA;AACtC,MAAI,CAAC,qBAAqB;AACxB,UAAM,IAAI,MAAM,uBAAuB;AAAA,EACzC;AAEA,MAAI;AACF,UAAM,MAAM,MAAM,OAAO;AAAA,MACvB,sBAAsB,mBAAmB,mBAAmB,CAAC;AAAA,MAC7D,EAAE,QAAQ,MAAA;AAAA,IAAM;AAGlB,UAAM,SAAS,OAAO;AAAA,MACpB;AAAA,MACA;AAAA,MACA;AAAA,IAAA;AAGF,WAAO,OAAO;AAAA,EAChB,SAAS,OAAO;AACd,QAAI,iBAAiB,uBAAuB,MAAM,WAAW,KAAK;AAChE,aAAO;AAAA,IACT;AACA,UAAM;AAAA,EACR;AACF;AAEA,eAAsB,8BACpB,QACA,WACA,UAA2C,CAAA,GACN;AACrC,QAAM,sBAAsB,UAAU,KAAA;AACtC,MAAI,CAAC,qBAAqB;AACxB,UAAM,IAAI,MAAM,uBAAuB;AAAA,EACzC;AAEA,QAAM,WAAW,KAAK;AAAA,IACpB;AAAA,IACA,QAAQ,cAAc;AAAA,EAAA;AAExB,QAAM,YAAY,QAAQ,aAAa;AACvC,QAAM,iBAAiB,QAAQ,kBAAkB;AACjD,QAAM,SAAS,QAAQ;AACvB,QAAM,YAAY,KAAK,IAAA;AAEvB,SAAO,MAAM;AACX,QAAI,QAAQ,SAAS;AACnB,YAAM,iBAAA;AAAA,IACR;AAEA,UAAM,WAAW,MAAM,OAAO,wBAAwB,mBAAmB;AAEzE,QAAI,UAAU;AACZ,cAAQ,aAAa,QAAQ;AAE7B,UAAI,SAAS,WAAW,aAAa;AACnC,eAAO;AAAA,MACT;AAEA,UAAI,SAAS,WAAW,aAAa,SAAS,WAAW,UAAU;AACjE,YAAI,gBAAgB;AAClB,gBAAM,IAAI;AAAA,YACR;AAAA,YACA;AAAA,cACE,QAAQ;AAAA,cACR,YAAY,SAAS;AAAA,cACrB,MAAM;AAAA,YAAA;AAAA,UACR;AAAA,QAEJ;AACA,eAAO;AAAA,MACT;AAAA,IACF;AAEA,QAAI,KAAK,QAAQ,aAAa,WAAW;AACvC,YAAM,IAAI;AAAA,QACR,iDAAiD,SAAS;AAAA,MAAA;AAAA,IAE9D;AAEA,UAAM,OAAO,MAAM,UAAU,MAAM;AAAA,EACrC;AACF;AAEA,eAAsB,aACpB,QACA,MACiC;AACjC,QAAM,MAAM,MAAM,OAAO;AAAA,IACvB,mBAAmB,mBAAmB,IAAI,CAAC;AAAA,IAC3C;AAAA,MACE,QAAQ;AAAA,IAAA;AAAA,EACV;AAEF,SAAO,OAAO;AAAA,IACZ;AAAA,IACA;AAAA,IACA;AAAA,EAAA;AAEJ;AAEA,eAAsB,wBACpB,QACA,MAC+B;AAC/B,QAAM,MAAM,MAAM,OAAO;AAAA,IACvB,sBAAsB,mBAAmB,IAAI,CAAC;AAAA,IAC9C;AAAA,MACE,QAAQ;AAAA,IAAA;AAAA,EACV;AAEF,SAAO,OAAO;AAAA,IACZ;AAAA,IACA;AAAA,IACA;AAAA,EAAA;AAEJ;AAEA,eAAsB,oBACpB,QACA,MACe;AACf,QAAM,OAAO,QAAQ,sBAAsB,mBAAmB,IAAI,CAAC,IAAI;AAAA,IACrE,QAAQ;AAAA,EAAA,CACT;AACH;AAEA,eAAsB,eACpB,QACiC;AACjC,QAAM,MAAM,MAAM,OAAO,YAAuB,oBAAoB;AAAA,IAClE,QAAQ;AAAA,EAAA,CACT;AACD,SAAO,OAAO;AAAA,IACZ;AAAA,IACA;AAAA,IACA;AAAA,EAAA;AAEJ;"}
1
+ {"version":3,"file":"standards-sdk.es174.js","sources":["../../src/services/registry-broker/client/encryption.ts"],"sourcesContent":["import * as path from 'path';\nimport { Buffer } from 'buffer';\nimport { randomBytes } from 'crypto';\nimport { secp256k1 } from '@noble/curves/secp256k1.js';\nimport type {\n AutoRegisterEncryptionKeyOptions,\n CipherEnvelope,\n ClientEncryptionOptions,\n DecryptCipherEnvelopeOptions,\n DeriveSharedSecretOptions,\n EncryptCipherEnvelopeOptions,\n EphemeralKeyPair,\n EnsureAgentKeyOptions,\n RegisterEncryptionKeyPayload,\n RegisterEncryptionKeyResponse,\n SharedSecretInput,\n} from '../types';\nimport { registerEncryptionKeyResponseSchema } from '../schemas';\nimport { optionalImport } from '../../../utils/dynamic-import';\nimport type {\n RegistryBrokerClient,\n GenerateEncryptionKeyPairOptions,\n} from './base-client';\n\ntype FsModule = {\n existsSync: (path: string) => boolean;\n readFileSync: (path: string, encoding: BufferEncoding) => string;\n writeFileSync: (path: string, data: string) => void;\n appendFileSync: (path: string, data: string) => void;\n};\n\nconst getFs = async (): Promise<FsModule | null> => {\n const fsModule = await optionalImport<Partial<FsModule>>('node:fs');\n\n if (\n fsModule &&\n typeof fsModule.existsSync === 'function' &&\n typeof fsModule.readFileSync === 'function' &&\n typeof fsModule.writeFileSync === 'function' &&\n typeof fsModule.appendFileSync === 'function'\n ) {\n return fsModule as FsModule;\n }\n\n return null;\n};\n\nexport interface RegistryBrokerEncryptionApi {\n registerKey: (\n payload: RegisterEncryptionKeyPayload,\n ) => Promise<RegisterEncryptionKeyResponse>;\n generateEphemeralKeyPair: () => EphemeralKeyPair;\n deriveSharedSecret: (options: DeriveSharedSecretOptions) => Buffer;\n encryptCipherEnvelope: (\n options: EncryptCipherEnvelopeOptions,\n ) => CipherEnvelope;\n decryptCipherEnvelope: (options: DecryptCipherEnvelopeOptions) => string;\n ensureAgentKey: (\n options: EnsureAgentKeyOptions,\n ) => Promise<{ publicKey: string; privateKey?: string }>;\n}\n\nexport async function registerEncryptionKey(\n client: RegistryBrokerClient,\n payload: RegisterEncryptionKeyPayload,\n): Promise<RegisterEncryptionKeyResponse> {\n const raw = await client.requestJson('/encryption/keys', {\n method: 'POST',\n headers: { 'content-type': 'application/json' },\n body: payload,\n });\n return client.parseWithSchema(\n raw,\n registerEncryptionKeyResponseSchema,\n 'register encryption key response',\n );\n}\n\nfunction normalizeAutoRegisterIdentity(\n config: AutoRegisterEncryptionKeyOptions,\n): Pick<\n RegisterEncryptionKeyPayload,\n 'uaid' | 'ledgerAccountId' | 'ledgerNetwork' | 'email'\n> | null {\n const identity: Pick<\n RegisterEncryptionKeyPayload,\n 'uaid' | 'ledgerAccountId' | 'ledgerNetwork' | 'email'\n > = {};\n if (config.uaid) {\n identity.uaid = config.uaid;\n }\n if (config.ledgerAccountId) {\n identity.ledgerAccountId = config.ledgerAccountId;\n if (config.ledgerNetwork) {\n identity.ledgerNetwork = config.ledgerNetwork;\n }\n }\n if (config.email) {\n identity.email = config.email;\n }\n if (identity.uaid || identity.ledgerAccountId || identity.email) {\n return identity;\n }\n return null;\n}\n\nfunction derivePublicKeyFromPrivateKey(\n client: RegistryBrokerClient,\n privateKey: string,\n): string {\n const normalized = client.hexToBuffer(privateKey);\n const publicKey = secp256k1.getPublicKey(normalized, true);\n return Buffer.from(publicKey).toString('hex');\n}\n\nasync function resolveAutoRegisterKeyMaterial(\n client: RegistryBrokerClient,\n config: AutoRegisterEncryptionKeyOptions,\n): Promise<{ publicKey: string; privateKey?: string } | null> {\n if (config.publicKey?.trim()) {\n return { publicKey: config.publicKey.trim() };\n }\n let privateKey = config.privateKey?.trim();\n const envVar = config.envVar ?? 'RB_ENCRYPTION_PRIVATE_KEY';\n if (!privateKey && envVar && process?.env?.[envVar]?.trim()) {\n privateKey = process.env[envVar]?.trim();\n }\n if (!privateKey && config.generateIfMissing) {\n const pair = await client.generateEncryptionKeyPair({\n keyType: config.keyType ?? 'secp256k1',\n envVar,\n envPath: config.envPath,\n overwrite: config.overwriteEnv,\n });\n return { publicKey: pair.publicKey, privateKey: pair.privateKey };\n }\n if (privateKey) {\n const publicKey = derivePublicKeyFromPrivateKey(client, privateKey);\n return { publicKey, privateKey };\n }\n return null;\n}\n\nexport async function autoRegisterEncryptionKey(\n client: RegistryBrokerClient,\n config: AutoRegisterEncryptionKeyOptions,\n): Promise<{ publicKey: string; privateKey?: string }> {\n const identity = normalizeAutoRegisterIdentity(config);\n if (!identity) {\n throw new Error(\n 'Auto-registration requires uaid, ledgerAccountId, or email',\n );\n }\n const material = await resolveAutoRegisterKeyMaterial(client, config);\n if (!material) {\n throw new Error(\n 'Unable to resolve encryption public key for auto-registration',\n );\n }\n await registerEncryptionKey(client, {\n keyType: config.keyType ?? 'secp256k1',\n publicKey: material.publicKey,\n ...identity,\n });\n return material;\n}\n\nexport async function ensureAgentEncryptionKey(\n client: RegistryBrokerClient,\n options: EnsureAgentKeyOptions,\n): Promise<{ publicKey: string; privateKey?: string }> {\n return autoRegisterEncryptionKey(client, {\n ...options,\n uaid: options.uaid,\n enabled: true,\n });\n}\n\nexport function createEncryptionApi(\n client: RegistryBrokerClient,\n): RegistryBrokerEncryptionApi {\n return {\n registerKey: (payload: RegisterEncryptionKeyPayload) =>\n registerEncryptionKey(client, payload),\n generateEphemeralKeyPair: () => client.createEphemeralKeyPair(),\n deriveSharedSecret: (options: DeriveSharedSecretOptions) =>\n client.deriveSharedSecret(options),\n encryptCipherEnvelope: (options: EncryptCipherEnvelopeOptions) =>\n client.buildCipherEnvelope(options),\n decryptCipherEnvelope: (options: DecryptCipherEnvelopeOptions) =>\n client.openCipherEnvelope(options),\n ensureAgentKey: (options: EnsureAgentKeyOptions) =>\n ensureAgentEncryptionKey(client, options),\n };\n}\n\nexport async function bootstrapEncryptionOptions(\n client: RegistryBrokerClient,\n options?: ClientEncryptionOptions,\n): Promise<{ publicKey: string; privateKey?: string } | null> {\n if (!options?.autoRegister || options.autoRegister.enabled === false) {\n return null;\n }\n return autoRegisterEncryptionKey(client, options.autoRegister);\n}\n\nexport async function generateEncryptionKeyPair(\n client: RegistryBrokerClient,\n options: GenerateEncryptionKeyPairOptions = {},\n): Promise<{\n privateKey: string;\n publicKey: string;\n envPath?: string;\n envVar: string;\n}> {\n client.assertNodeRuntime('generateEncryptionKeyPair');\n\n const keyType = options.keyType ?? 'secp256k1';\n if (keyType !== 'secp256k1') {\n throw new Error('Only secp256k1 key generation is supported currently');\n }\n\n const privateKeyBytes = randomBytes(32);\n const privateKey = Buffer.from(privateKeyBytes).toString('hex');\n const publicKeyBytes = secp256k1.getPublicKey(privateKeyBytes, true);\n const publicKey = Buffer.from(publicKeyBytes).toString('hex');\n\n const envVar = options.envVar ?? 'RB_ENCRYPTION_PRIVATE_KEY';\n const resolvedPath = options.envPath\n ? path.resolve(options.envPath)\n : undefined;\n\n if (resolvedPath) {\n const fsModule = await getFs();\n\n if (!fsModule) {\n throw new Error(\n 'File system module is not available; cannot write encryption key env file',\n );\n }\n\n const envLine = `${envVar}=${privateKey}`;\n if (fsModule.existsSync(resolvedPath)) {\n const content = fsModule.readFileSync(resolvedPath, 'utf-8');\n const lineRegex = new RegExp(`^${envVar}=.*$`, 'm');\n if (lineRegex.test(content)) {\n if (!options.overwrite) {\n throw new Error(\n `${envVar} already exists in ${resolvedPath}; set overwrite=true to replace it`,\n );\n }\n const updated = content.replace(lineRegex, envLine);\n fsModule.writeFileSync(resolvedPath, updated);\n } else {\n const needsNewline = !content.endsWith('\\n');\n fsModule.appendFileSync(\n resolvedPath,\n `${needsNewline ? '\\n' : ''}${envLine}\\n`,\n );\n }\n } else {\n fsModule.writeFileSync(resolvedPath, `${envLine}\\n`);\n }\n }\n\n return {\n privateKey,\n publicKey,\n envPath: resolvedPath,\n envVar,\n };\n}\n"],"names":[],"mappings":";;;;;;AA+BA,MAAM,QAAQ,YAAsC;AAClD,QAAM,WAAW,MAAM,eAAkC,SAAS;AAElE,MACE,YACA,OAAO,SAAS,eAAe,cAC/B,OAAO,SAAS,iBAAiB,cACjC,OAAO,SAAS,kBAAkB,cAClC,OAAO,SAAS,mBAAmB,YACnC;AACA,WAAO;AAAA,EACT;AAEA,SAAO;AACT;AAiBA,eAAsB,sBACpB,QACA,SACwC;AACxC,QAAM,MAAM,MAAM,OAAO,YAAY,oBAAoB;AAAA,IACvD,QAAQ;AAAA,IACR,SAAS,EAAE,gBAAgB,mBAAA;AAAA,IAC3B,MAAM;AAAA,EAAA,CACP;AACD,SAAO,OAAO;AAAA,IACZ;AAAA,IACA;AAAA,IACA;AAAA,EAAA;AAEJ;AAEA,SAAS,8BACP,QAIO;AACP,QAAM,WAGF,CAAA;AACJ,MAAI,OAAO,MAAM;AACf,aAAS,OAAO,OAAO;AAAA,EACzB;AACA,MAAI,OAAO,iBAAiB;AAC1B,aAAS,kBAAkB,OAAO;AAClC,QAAI,OAAO,eAAe;AACxB,eAAS,gBAAgB,OAAO;AAAA,IAClC;AAAA,EACF;AACA,MAAI,OAAO,OAAO;AAChB,aAAS,QAAQ,OAAO;AAAA,EAC1B;AACA,MAAI,SAAS,QAAQ,SAAS,mBAAmB,SAAS,OAAO;AAC/D,WAAO;AAAA,EACT;AACA,SAAO;AACT;AAEA,SAAS,8BACP,QACA,YACQ;AACR,QAAM,aAAa,OAAO,YAAY,UAAU;AAChD,QAAM,YAAY,UAAU,aAAa,YAAY,IAAI;AACzD,SAAO,OAAO,KAAK,SAAS,EAAE,SAAS,KAAK;AAC9C;AAEA,eAAe,+BACb,QACA,QAC4D;AAC5D,MAAI,OAAO,WAAW,QAAQ;AAC5B,WAAO,EAAE,WAAW,OAAO,UAAU,OAAK;AAAA,EAC5C;AACA,MAAI,aAAa,OAAO,YAAY,KAAA;AACpC,QAAM,SAAS,OAAO,UAAU;AAChC,MAAI,CAAC,cAAc,UAAU,SAAS,MAAM,MAAM,GAAG,QAAQ;AAC3D,iBAAa,QAAQ,IAAI,MAAM,GAAG,KAAA;AAAA,EACpC;AACA,MAAI,CAAC,cAAc,OAAO,mBAAmB;AAC3C,UAAM,OAAO,MAAM,OAAO,0BAA0B;AAAA,MAClD,SAAS,OAAO,WAAW;AAAA,MAC3B;AAAA,MACA,SAAS,OAAO;AAAA,MAChB,WAAW,OAAO;AAAA,IAAA,CACnB;AACD,WAAO,EAAE,WAAW,KAAK,WAAW,YAAY,KAAK,WAAA;AAAA,EACvD;AACA,MAAI,YAAY;AACd,UAAM,YAAY,8BAA8B,QAAQ,UAAU;AAClE,WAAO,EAAE,WAAW,WAAA;AAAA,EACtB;AACA,SAAO;AACT;AAEA,eAAsB,0BACpB,QACA,QACqD;AACrD,QAAM,WAAW,8BAA8B,MAAM;AACrD,MAAI,CAAC,UAAU;AACb,UAAM,IAAI;AAAA,MACR;AAAA,IAAA;AAAA,EAEJ;AACA,QAAM,WAAW,MAAM,+BAA+B,QAAQ,MAAM;AACpE,MAAI,CAAC,UAAU;AACb,UAAM,IAAI;AAAA,MACR;AAAA,IAAA;AAAA,EAEJ;AACA,QAAM,sBAAsB,QAAQ;AAAA,IAClC,SAAS,OAAO,WAAW;AAAA,IAC3B,WAAW,SAAS;AAAA,IACpB,GAAG;AAAA,EAAA,CACJ;AACD,SAAO;AACT;AAEA,eAAsB,yBACpB,QACA,SACqD;AACrD,SAAO,0BAA0B,QAAQ;AAAA,IACvC,GAAG;AAAA,IACH,MAAM,QAAQ;AAAA,EAEhB,CAAC;AACH;AAEO,SAAS,oBACd,QAC6B;AAC7B,SAAO;AAAA,IACL,aAAa,CAAC,YACZ,sBAAsB,QAAQ,OAAO;AAAA,IACvC,0BAA0B,MAAM,OAAO,uBAAA;AAAA,IACvC,oBAAoB,CAAC,YACnB,OAAO,mBAAmB,OAAO;AAAA,IACnC,uBAAuB,CAAC,YACtB,OAAO,oBAAoB,OAAO;AAAA,IACpC,uBAAuB,CAAC,YACtB,OAAO,mBAAmB,OAAO;AAAA,IACnC,gBAAgB,CAAC,YACf,yBAAyB,QAAQ,OAAO;AAAA,EAAA;AAE9C;AAEA,eAAsB,2BACpB,QACA,SAC4D;AAC5D,MAAI,CAAC,SAAS,gBAAgB,QAAQ,aAAa,YAAY,OAAO;AACpE,WAAO;AAAA,EACT;AACA,SAAO,0BAA0B,QAAQ,QAAQ,YAAY;AAC/D;AAEA,eAAsB,0BACpB,QACA,UAA4C,IAM3C;AACD,SAAO,kBAAkB,2BAA2B;AAEpD,QAAM,UAAU,QAAQ,WAAW;AACnC,MAAI,YAAY,aAAa;AAC3B,UAAM,IAAI,MAAM,sDAAsD;AAAA,EACxE;AAEA,QAAM,kBAAkB,YAAY,EAAE;AACtC,QAAM,aAAa,OAAO,KAAK,eAAe,EAAE,SAAS,KAAK;AAC9D,QAAM,iBAAiB,UAAU,aAAa,iBAAiB,IAAI;AACnE,QAAM,YAAY,OAAO,KAAK,cAAc,EAAE,SAAS,KAAK;AAE5D,QAAM,SAAS,QAAQ,UAAU;AACjC,QAAM,eAAe,QAAQ,UACzB,KAAK,QAAQ,QAAQ,OAAO,IAC5B;AAEJ,MAAI,cAAc;AAChB,UAAM,WAAW,MAAM,MAAA;AAEvB,QAAI,CAAC,UAAU;AACb,YAAM,IAAI;AAAA,QACR;AAAA,MAAA;AAAA,IAEJ;AAEA,UAAM,UAAU,GAAG,MAAM,IAAI,UAAU;AACvC,QAAI,SAAS,WAAW,YAAY,GAAG;AACrC,YAAM,UAAU,SAAS,aAAa,cAAc,OAAO;AAC3D,YAAM,YAAY,IAAI,OAAO,IAAI,MAAM,QAAQ,GAAG;AAClD,UAAI,UAAU,KAAK,OAAO,GAAG;AAC3B,YAAI,CAAC,QAAQ,WAAW;AACtB,gBAAM,IAAI;AAAA,YACR,GAAG,MAAM,sBAAsB,YAAY;AAAA,UAAA;AAAA,QAE/C;AACA,cAAM,UAAU,QAAQ,QAAQ,WAAW,OAAO;AAClD,iBAAS,cAAc,cAAc,OAAO;AAAA,MAC9C,OAAO;AACL,cAAM,eAAe,CAAC,QAAQ,SAAS,IAAI;AAC3C,iBAAS;AAAA,UACP;AAAA,UACA,GAAG,eAAe,OAAO,EAAE,GAAG,OAAO;AAAA;AAAA,QAAA;AAAA,MAEzC;AAAA,IACF,OAAO;AACL,eAAS,cAAc,cAAc,GAAG,OAAO;AAAA,CAAI;AAAA,IACrD;AAAA,EACF;AAEA,SAAO;AAAA,IACL;AAAA,IACA;AAAA,IACA,SAAS;AAAA,IACT;AAAA,EAAA;AAEJ;"}