@hashgraphonline/standards-sdk 0.1.177 → 0.1.178

package/dist/es/standards-sdk.es183.js

@@ -1,238 +1,188 @@
-import { searchResponseSchema, delegationPlanResponseSchema, statsResponseSchema, registriesResponseSchema, additionalRegistryCatalogResponseSchema, popularResponseSchema, protocolsResponseSchema, detectProtocolResponseSchema, registrySearchByNamespaceSchema, vectorSearchResponseSchema, searchStatusResponseSchema, websocketStatsResponseSchema, metricsSummaryResponseSchema, searchFacetsResponseSchema } from "./standards-sdk.es161.js";
-import { buildSearchQuery } from "./standards-sdk.es184.js";
-import { RegistryBrokerError } from "./standards-sdk.es146.js";
-function buildVectorFallbackSearchParams(request) {
-  const params = {
-    q: request.query
-  };
-  let effectiveLimit;
-  if (typeof request.limit === "number" && Number.isFinite(request.limit)) {
-    effectiveLimit = request.limit;
-    params.limit = request.limit;
-  }
-  if (typeof request.offset === "number" && Number.isFinite(request.offset) && request.offset > 0) {
-    const limit = effectiveLimit && effectiveLimit > 0 ? effectiveLimit : 20;
-    params.limit = limit;
-    params.page = Math.floor(request.offset / limit) + 1;
-  }
-  if (request.filter?.registry) {
-    params.registry = request.filter.registry;
-  }
-  if (request.filter?.protocols?.length) {
-    params.protocols = [...request.filter.protocols];
+import { Buffer } from "buffer";
+import { ledgerChallengeResponseSchema, ledgerVerifyResponseSchema } from "./standards-sdk.es161.js";
+import { canonicalizeLedgerNetwork } from "./standards-sdk.es149.js";
+import { createPrivateKeySignerAsync } from "./standards-sdk.es148.js";
+async function loadViemAccount(privateKey) {
+  try {
+    const viem = await import("viem/accounts");
+    return viem.privateKeyToAccount(privateKey);
+  } catch (error) {
+    const err = new Error(
+      'EVM ledger authentication requires the optional dependency "viem". Install it to use evmPrivateKey flows.'
+    );
+    err.cause = error;
+    throw err;
   }
-  if (request.filter?.adapter?.length) {
-    params.adapters = [...request.filter.adapter];
+}
+async function resolveLedgerAuthSignature(message, options) {
+  if (typeof options.sign === "function") {
+    const result = await options.sign(message);
+    if (!result || typeof result.signature !== "string" || result.signature.length === 0) {
+      throw new Error("Custom ledger signer failed to produce a signature.");
+    }
+    return result;
   }
-  if (request.filter?.capabilities?.length) {
-    params.capabilities = request.filter.capabilities.map(
-      (value) => typeof value === "number" ? value.toString(10) : value
+  if (!options.signer || typeof options.signer.sign !== "function") {
+    throw new Error(
+      "Ledger authentication requires a Hedera Signer or custom sign function."
     );
   }
-  if (request.filter?.type) {
-    params.type = request.filter.type;
+  const payload = Buffer.from(message, "utf8");
+  const signatures = await options.signer.sign([payload]);
+  const signatureEntry = signatures?.[0];
+  if (!signatureEntry) {
+    throw new Error("Signer did not return any signatures.");
+  }
+  let derivedPublicKey;
+  if (signatureEntry.publicKey) {
+    derivedPublicKey = signatureEntry.publicKey.toString();
+  } else if (typeof options.signer.getAccountKey === "function") {
+    const accountKey = await options.signer.getAccountKey();
+    if (accountKey && typeof accountKey.toString === "function") {
+      derivedPublicKey = accountKey.toString();
+    }
   }
-  return params;
-}
-function convertSearchResultToVectorResponse(result) {
-  const hits = result.hits.map((agent) => ({
-    agent,
-    score: 0,
-    highlights: {}
-  }));
-  const total = result.total;
-  const limit = result.limit;
-  const page = result.page;
-  const totalVisible = page * limit;
-  const limited = total > totalVisible || page > 1;
   return {
-    hits,
-    total,
-    took: 0,
-    totalAvailable: total,
-    visible: hits.length,
-    limited,
-    credits_used: 0
+    signature: Buffer.from(signatureEntry.signature).toString("base64"),
+    signatureKind: "raw",
+    publicKey: derivedPublicKey
   };
 }
-async function search(client, params = {}) {
-  const query = buildSearchQuery(params);
-  const raw = await client.requestJson(`/search${query}`, {
-    method: "GET"
-  });
-  return client.parseWithSchema(raw, searchResponseSchema, "search response");
-}
-async function delegate(client, request) {
-  const raw = await client.requestJson("/delegate", {
+async function createLedgerChallenge(client, payload) {
+  const resolvedNetwork = canonicalizeLedgerNetwork(payload.network);
+  const network = resolvedNetwork.kind === "hedera" ? resolvedNetwork.hederaNetwork ?? resolvedNetwork.canonical : resolvedNetwork.canonical;
+  const raw = await client.requestJson("/auth/ledger/challenge", {
     method: "POST",
-    body: request,
-    headers: { "content-type": "application/json" }
-  });
-  return client.parseWithSchema(
-    raw,
-    delegationPlanResponseSchema,
-    "delegate response"
-  );
-}
-async function stats(client) {
-  const raw = await client.requestJson("/stats", { method: "GET" });
-  return client.parseWithSchema(raw, statsResponseSchema, "stats response");
-}
-async function registries(client) {
-  const raw = await client.requestJson("/registries", {
-    method: "GET"
-  });
-  return client.parseWithSchema(
-    raw,
-    registriesResponseSchema,
-    "registries response"
-  );
-}
-async function getAdditionalRegistries(client) {
-  const raw = await client.requestJson(
-    "/register/additional-registries",
-    {
-      method: "GET"
+    headers: { "content-type": "application/json" },
+    body: {
+      accountId: payload.accountId,
+      network
     }
-  );
-  return client.parseWithSchema(
-    raw,
-    additionalRegistryCatalogResponseSchema,
-    "additional registry catalog response"
-  );
-}
-async function popularSearches(client) {
-  const raw = await client.requestJson("/popular", {
-    method: "GET"
   });
   return client.parseWithSchema(
     raw,
-    popularResponseSchema,
-    "popular searches response"
+    ledgerChallengeResponseSchema,
+    "ledger challenge response"
   );
 }
-async function listProtocols(client) {
-  const raw = await client.requestJson("/protocols", {
-    method: "GET"
-  });
-  return client.parseWithSchema(
-    raw,
-    protocolsResponseSchema,
-    "protocols response"
-  );
-}
-async function detectProtocol(client, message) {
-  const raw = await client.requestJson("/detect-protocol", {
+async function verifyLedgerChallenge(client, payload) {
+  const resolvedNetwork = canonicalizeLedgerNetwork(payload.network);
+  const network = resolvedNetwork.kind === "hedera" ? resolvedNetwork.hederaNetwork ?? resolvedNetwork.canonical : resolvedNetwork.canonical;
+  const body = {
+    challengeId: payload.challengeId,
+    accountId: payload.accountId,
+    network,
+    signature: payload.signature
+  };
+  if (payload.signatureKind) {
+    body.signatureKind = payload.signatureKind;
+  }
+  if (payload.publicKey) {
+    body.publicKey = payload.publicKey;
+  }
+  if (typeof payload.expiresInMinutes === "number") {
+    body.expiresInMinutes = payload.expiresInMinutes;
+  }
+  const raw = await client.requestJson("/auth/ledger/verify", {
     method: "POST",
-    body: { message },
-    headers: { "content-type": "application/json" }
+    headers: { "content-type": "application/json" },
+    body
   });
-  return client.parseWithSchema(
+  const result = client.parseWithSchema(
     raw,
-    detectProtocolResponseSchema,
-    "detect protocol response"
+    ledgerVerifyResponseSchema,
+    "ledger verification response"
   );
+  client.setLedgerApiKey(result.key);
+  return result;
 }
-async function registrySearchByNamespace(client, registry, query) {
-  const params = new URLSearchParams();
-  if (query) {
-    params.set("q", query);
-  }
-  const suffix = params.size > 0 ? `?${params.toString()}` : "";
-  const raw = await client.requestJson(
-    `/registries/${encodeURIComponent(registry)}/search${suffix}`,
-    {
-      method: "GET"
+async function authenticateWithLedger(client, options) {
+  const challenge = await client.createLedgerChallenge({
+    accountId: options.accountId,
+    network: options.network
+  });
+  const signed = await resolveLedgerAuthSignature(challenge.message, options);
+  const verification = await client.verifyLedgerChallenge({
+    challengeId: challenge.challengeId,
+    accountId: options.accountId,
+    network: options.network,
+    signature: signed.signature,
+    signatureKind: signed.signatureKind,
+    publicKey: signed.publicKey,
+    expiresInMinutes: options.expiresInMinutes
+  });
+  return verification;
+}
+async function authenticateWithLedgerCredentials(client, options) {
+  const {
+    accountId,
+    network,
+    signer,
+    sign,
+    hederaPrivateKey,
+    evmPrivateKey,
+    expiresInMinutes,
+    setAccountHeader = true,
+    label,
+    logger
+  } = options;
+  const resolvedNetwork = canonicalizeLedgerNetwork(network);
+  const labelSuffix = label ? ` for ${label}` : "";
+  const networkPayload = resolvedNetwork.canonical;
+  const authOptions = {
+    accountId,
+    network: networkPayload,
+    expiresInMinutes
+  };
+  if (sign) {
+    authOptions.sign = sign;
+  } else if (signer) {
+    authOptions.signer = signer;
+  } else if (hederaPrivateKey) {
+    if (resolvedNetwork.kind !== "hedera" || !resolvedNetwork.hederaNetwork) {
+      throw new Error(
+        "hederaPrivateKey can only be used with hedera:mainnet or hedera:testnet networks."
+      );
     }
-  );
-  return client.parseWithSchema(
-    raw,
-    registrySearchByNamespaceSchema,
-    "registry search response"
-  );
-}
-async function vectorSearch(client, request) {
-  try {
-    const raw = await client.requestJson("/search", {
-      method: "POST",
-      body: request,
-      headers: { "content-type": "application/json" }
+    authOptions.signer = await createPrivateKeySignerAsync({
+      accountId,
+      privateKey: hederaPrivateKey,
+      network: resolvedNetwork.hederaNetwork
     });
-    return client.parseWithSchema(
-      raw,
-      vectorSearchResponseSchema,
-      "vector search response"
-    );
-  } catch (error) {
-    if (error instanceof RegistryBrokerError && error.status === 501) {
-      const fallback = await search(
-        client,
-        buildVectorFallbackSearchParams(request)
+  } else if (evmPrivateKey) {
+    if (resolvedNetwork.kind !== "evm") {
+      throw new Error(
+        "evmPrivateKey can only be used with CAIP-2 EVM networks (eip155:<chainId>)."
       );
-      return convertSearchResultToVectorResponse(fallback);
     }
-    throw error;
+    const formattedKey = evmPrivateKey.startsWith("0x") ? evmPrivateKey : `0x${evmPrivateKey}`;
+    const account = await loadViemAccount(formattedKey);
+    authOptions.sign = async (message) => ({
+      signature: await account.signMessage({ message }),
+      signatureKind: "evm",
+      publicKey: account.publicKey
+    });
+  } else {
+    throw new Error(
+      "Provide a signer, sign function, hederaPrivateKey, or evmPrivateKey to authenticate with the ledger."
+    );
   }
-}
-async function searchStatus(client) {
-  const raw = await client.requestJson("/search/status", {
-    method: "GET"
-  });
-  return client.parseWithSchema(
-    raw,
-    searchStatusResponseSchema,
-    "search status response"
-  );
-}
-async function websocketStats(client) {
-  const raw = await client.requestJson("/websocket/stats", {
-    method: "GET"
-  });
-  return client.parseWithSchema(
-    raw,
-    websocketStatsResponseSchema,
-    "websocket stats response"
+  logger?.info?.(
+    `Authenticating ledger account ${accountId} (${resolvedNetwork.canonical})${labelSuffix}...`
   );
-}
-async function metricsSummary(client) {
-  const raw = await client.requestJson("/metrics", {
-    method: "GET"
-  });
-  return client.parseWithSchema(
-    raw,
-    metricsSummaryResponseSchema,
-    "metrics summary response"
-  );
-}
-async function facets(client, adapter) {
-  const params = new URLSearchParams();
-  if (adapter) {
-    params.set("adapter", adapter);
+  const verification = await client.authenticateWithLedger(authOptions);
+  if (setAccountHeader) {
+    client.setDefaultHeader("x-account-id", verification.accountId);
   }
-  const suffix = params.size > 0 ? `?${params.toString()}` : "";
-  const raw = await client.requestJson(`/search/facets${suffix}`, {
-    method: "GET"
-  });
-  return client.parseWithSchema(
-    raw,
-    searchFacetsResponseSchema,
-    "search facets response"
+  logger?.info?.(
+    `Ledger authentication complete${labelSuffix}. Issued key prefix: ${verification.apiKey.prefix}…${verification.apiKey.lastFour}`
   );
+  return verification;
 }
 export {
-  delegate,
-  detectProtocol,
-  facets,
-  getAdditionalRegistries,
-  listProtocols,
-  metricsSummary,
-  popularSearches,
-  registries,
-  registrySearchByNamespace,
-  search,
-  searchStatus,
-  stats,
-  vectorSearch,
-  websocketStats
+  authenticateWithLedger,
+  authenticateWithLedgerCredentials,
+  createLedgerChallenge,
+  verifyLedgerChallenge
 };
 //# sourceMappingURL=standards-sdk.es183.js.map

package/dist/es/standards-sdk.es183.js.map

@@ -1 +1 @@
-{"version":3,"file":"standards-sdk.es183.js","sources":["../../src/services/registry-broker/client/search.ts"],"sourcesContent":["import type {\n  DelegationPlanRequest,\n  DelegationPlanResponse,\n  JsonValue,\n  PopularSearchesResponse,\n  ProtocolDetectionMessage,\n  DetectProtocolResponse,\n  ProtocolsResponse,\n  RegistriesResponse,\n  AdditionalRegistryCatalogResponse,\n  RegistrySearchByNamespaceResponse,\n  RegistryStatsResponse,\n  SearchFacetsResponse,\n  SearchParams,\n  SearchResult,\n  SearchStatusResponse,\n  VectorSearchRequest,\n  VectorSearchResponse,\n  WebsocketStatsResponse,\n  MetricsSummaryResponse,\n} from '../types';\nimport {\n  additionalRegistryCatalogResponseSchema,\n  delegationPlanResponseSchema,\n  detectProtocolResponseSchema,\n  metricsSummaryResponseSchema,\n  popularResponseSchema,\n  protocolsResponseSchema,\n  registriesResponseSchema,\n  registrySearchByNamespaceSchema,\n  searchFacetsResponseSchema,\n  searchResponseSchema,\n  searchStatusResponseSchema,\n  statsResponseSchema,\n  vectorSearchResponseSchema,\n  websocketStatsResponseSchema,\n} from '../schemas';\nimport type { RegistryBrokerClient } from './base-client';\nimport { buildSearchQuery } from './utils';\nimport { RegistryBrokerError } from './errors';\n\nfunction buildVectorFallbackSearchParams(\n  request: VectorSearchRequest,\n): SearchParams {\n  const params: SearchParams = {\n    q: request.query,\n  };\n  let effectiveLimit: number | undefined;\n  if (typeof request.limit === 'number' && Number.isFinite(request.limit)) {\n    effectiveLimit = request.limit;\n    params.limit = request.limit;\n  }\n  if (\n    typeof request.offset === 'number' &&\n    Number.isFinite(request.offset) &&\n    request.offset > 0\n  ) {\n    const limit = effectiveLimit && effectiveLimit > 0 ? effectiveLimit : 20;\n    params.limit = limit;\n    params.page = Math.floor(request.offset / limit) + 1;\n  }\n  if (request.filter?.registry) {\n    params.registry = request.filter.registry;\n  }\n  if (request.filter?.protocols?.length) {\n    params.protocols = [...request.filter.protocols];\n  }\n  if (request.filter?.adapter?.length) {\n    params.adapters = [...request.filter.adapter];\n  }\n  if (request.filter?.capabilities?.length) {\n    params.capabilities = request.filter.capabilities.map(value =>\n      typeof value === 'number' ? value.toString(10) : value,\n    );\n  }\n  if (request.filter?.type) {\n    params.type = request.filter.type;\n  }\n  return params;\n}\n\nfunction convertSearchResultToVectorResponse(\n  result: SearchResult,\n): VectorSearchResponse {\n  const hits = result.hits.map(agent => ({\n    agent,\n    score: 0,\n    highlights: {},\n  }));\n  const total = result.total;\n  const limit = result.limit;\n  const page = result.page;\n  const totalVisible = page * limit;\n  const limited = total > totalVisible || page > 1;\n\n  return {\n    hits,\n    total,\n    took: 0,\n    totalAvailable: total,\n    visible: hits.length,\n    limited,\n    credits_used: 0,\n  };\n}\n\nexport async function search(\n  client: RegistryBrokerClient,\n  params: SearchParams = {},\n): Promise<SearchResult> {\n  const query = buildSearchQuery(params);\n  const raw = await client.requestJson<JsonValue>(`/search${query}`, {\n    method: 'GET',\n  });\n  return client.parseWithSchema(raw, searchResponseSchema, 'search response');\n}\n\nexport async function delegate(\n  client: RegistryBrokerClient,\n  request: DelegationPlanRequest,\n): Promise<DelegationPlanResponse> {\n  const raw = await client.requestJson<JsonValue>('/delegate', {\n    method: 'POST',\n    body: request,\n    headers: { 'content-type': 'application/json' },\n  });\n  return client.parseWithSchema(\n    raw,\n    delegationPlanResponseSchema,\n    'delegate response',\n  );\n}\n\nexport async function stats(\n  client: RegistryBrokerClient,\n): Promise<RegistryStatsResponse> {\n  const raw = await client.requestJson<JsonValue>('/stats', { method: 'GET' });\n  return client.parseWithSchema(raw, statsResponseSchema, 'stats response');\n}\n\nexport async function registries(\n  client: RegistryBrokerClient,\n): Promise<RegistriesResponse> {\n  const raw = await client.requestJson<JsonValue>('/registries', {\n    method: 'GET',\n  });\n  return client.parseWithSchema(\n    raw,\n    registriesResponseSchema,\n    'registries response',\n  );\n}\n\nexport async function getAdditionalRegistries(\n  client: RegistryBrokerClient,\n): Promise<AdditionalRegistryCatalogResponse> {\n  const raw = await client.requestJson<JsonValue>(\n    '/register/additional-registries',\n    {\n      method: 'GET',\n    },\n  );\n  return client.parseWithSchema(\n    raw,\n    additionalRegistryCatalogResponseSchema,\n    'additional registry catalog response',\n  );\n}\n\nexport async function popularSearches(\n  client: RegistryBrokerClient,\n): Promise<PopularSearchesResponse> {\n  const raw = await client.requestJson<JsonValue>('/popular', {\n    method: 'GET',\n  });\n  return client.parseWithSchema(\n    raw,\n    popularResponseSchema,\n    'popular searches response',\n  );\n}\n\nexport async function listProtocols(\n  client: RegistryBrokerClient,\n): Promise<ProtocolsResponse> {\n  const raw = await client.requestJson<JsonValue>('/protocols', {\n    method: 'GET',\n  });\n  return client.parseWithSchema(\n    raw,\n    protocolsResponseSchema,\n    'protocols response',\n  );\n}\n\nexport async function detectProtocol(\n  client: RegistryBrokerClient,\n  message: ProtocolDetectionMessage,\n): Promise<DetectProtocolResponse> {\n  const raw = await client.requestJson<JsonValue>('/detect-protocol', {\n    method: 'POST',\n    body: { message },\n    headers: { 'content-type': 'application/json' },\n  });\n  return client.parseWithSchema(\n    raw,\n    detectProtocolResponseSchema,\n    'detect protocol response',\n  );\n}\n\nexport async function registrySearchByNamespace(\n  client: RegistryBrokerClient,\n  registry: string,\n  query?: string,\n): Promise<RegistrySearchByNamespaceResponse> {\n  const params = new URLSearchParams();\n  if (query) {\n    params.set('q', query);\n  }\n  const suffix = params.size > 0 ? `?${params.toString()}` : '';\n  const raw = await client.requestJson<JsonValue>(\n    `/registries/${encodeURIComponent(registry)}/search${suffix}`,\n    {\n      method: 'GET',\n    },\n  );\n  return client.parseWithSchema(\n    raw,\n    registrySearchByNamespaceSchema,\n    'registry search response',\n  );\n}\n\nexport async function vectorSearch(\n  client: RegistryBrokerClient,\n  request: VectorSearchRequest,\n): Promise<VectorSearchResponse> {\n  try {\n    const raw = await client.requestJson<JsonValue>('/search', {\n      method: 'POST',\n      body: request,\n      headers: { 'content-type': 'application/json' },\n    });\n    return client.parseWithSchema(\n      raw,\n      vectorSearchResponseSchema,\n      'vector search response',\n    );\n  } catch (error) {\n    if (error instanceof RegistryBrokerError && error.status === 501) {\n      const fallback = await search(\n        client,\n        buildVectorFallbackSearchParams(request),\n      );\n      return convertSearchResultToVectorResponse(fallback);\n    }\n    throw error;\n  }\n}\n\nexport async function searchStatus(\n  client: RegistryBrokerClient,\n): Promise<SearchStatusResponse> {\n  const raw = await client.requestJson<JsonValue>('/search/status', {\n    method: 'GET',\n  });\n  return client.parseWithSchema(\n    raw,\n    searchStatusResponseSchema,\n    'search status response',\n  );\n}\n\nexport async function websocketStats(\n  client: RegistryBrokerClient,\n): Promise<WebsocketStatsResponse> {\n  const raw = await client.requestJson<JsonValue>('/websocket/stats', {\n    method: 'GET',\n  });\n  return client.parseWithSchema(\n    raw,\n    websocketStatsResponseSchema,\n    'websocket stats response',\n  );\n}\n\nexport async function metricsSummary(\n  client: RegistryBrokerClient,\n): Promise<MetricsSummaryResponse> {\n  const raw = await client.requestJson<JsonValue>('/metrics', {\n    method: 'GET',\n  });\n  return client.parseWithSchema(\n    raw,\n    metricsSummaryResponseSchema,\n    'metrics summary response',\n  );\n}\n\nexport async function facets(\n  client: RegistryBrokerClient,\n  adapter?: string,\n): Promise<SearchFacetsResponse> {\n  const params = new URLSearchParams();\n  if (adapter) {\n    params.set('adapter', adapter);\n  }\n  const suffix = params.size > 0 ? `?${params.toString()}` : '';\n  const raw = await client.requestJson<JsonValue>(`/search/facets${suffix}`, {\n    method: 'GET',\n  });\n  return client.parseWithSchema(\n    raw,\n    searchFacetsResponseSchema,\n    'search facets response',\n  );\n}\n"],"names":[],"mappings":";;;AAyCA,SAAS,gCACP,SACc;AACd,QAAM,SAAuB;AAAA,IAC3B,GAAG,QAAQ;AAAA,EAAA;AAEb,MAAI;AACJ,MAAI,OAAO,QAAQ,UAAU,YAAY,OAAO,SAAS,QAAQ,KAAK,GAAG;AACvE,qBAAiB,QAAQ;AACzB,WAAO,QAAQ,QAAQ;AAAA,EACzB;AACA,MACE,OAAO,QAAQ,WAAW,YAC1B,OAAO,SAAS,QAAQ,MAAM,KAC9B,QAAQ,SAAS,GACjB;AACA,UAAM,QAAQ,kBAAkB,iBAAiB,IAAI,iBAAiB;AACtE,WAAO,QAAQ;AACf,WAAO,OAAO,KAAK,MAAM,QAAQ,SAAS,KAAK,IAAI;AAAA,EACrD;AACA,MAAI,QAAQ,QAAQ,UAAU;AAC5B,WAAO,WAAW,QAAQ,OAAO;AAAA,EACnC;AACA,MAAI,QAAQ,QAAQ,WAAW,QAAQ;AACrC,WAAO,YAAY,CAAC,GAAG,QAAQ,OAAO,SAAS;AAAA,EACjD;AACA,MAAI,QAAQ,QAAQ,SAAS,QAAQ;AACnC,WAAO,WAAW,CAAC,GAAG,QAAQ,OAAO,OAAO;AAAA,EAC9C;AACA,MAAI,QAAQ,QAAQ,cAAc,QAAQ;AACxC,WAAO,eAAe,QAAQ,OAAO,aAAa;AAAA,MAAI,WACpD,OAAO,UAAU,WAAW,MAAM,SAAS,EAAE,IAAI;AAAA,IAAA;AAAA,EAErD;AACA,MAAI,QAAQ,QAAQ,MAAM;AACxB,WAAO,OAAO,QAAQ,OAAO;AAAA,EAC/B;AACA,SAAO;AACT;AAEA,SAAS,oCACP,QACsB;AACtB,QAAM,OAAO,OAAO,KAAK,IAAI,CAAA,WAAU;AAAA,IACrC;AAAA,IACA,OAAO;AAAA,IACP,YAAY,CAAA;AAAA,EAAC,EACb;AACF,QAAM,QAAQ,OAAO;AACrB,QAAM,QAAQ,OAAO;AACrB,QAAM,OAAO,OAAO;AACpB,QAAM,eAAe,OAAO;AAC5B,QAAM,UAAU,QAAQ,gBAAgB,OAAO;AAE/C,SAAO;AAAA,IACL;AAAA,IACA;AAAA,IACA,MAAM;AAAA,IACN,gBAAgB;AAAA,IAChB,SAAS,KAAK;AAAA,IACd;AAAA,IACA,cAAc;AAAA,EAAA;AAElB;AAEA,eAAsB,OACpB,QACA,SAAuB,IACA;AACvB,QAAM,QAAQ,iBAAiB,MAAM;AACrC,QAAM,MAAM,MAAM,OAAO,YAAuB,UAAU,KAAK,IAAI;AAAA,IACjE,QAAQ;AAAA,EAAA,CACT;AACD,SAAO,OAAO,gBAAgB,KAAK,sBAAsB,iBAAiB;AAC5E;AAEA,eAAsB,SACpB,QACA,SACiC;AACjC,QAAM,MAAM,MAAM,OAAO,YAAuB,aAAa;AAAA,IAC3D,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS,EAAE,gBAAgB,mBAAA;AAAA,EAAmB,CAC/C;AACD,SAAO,OAAO;AAAA,IACZ;AAAA,IACA;AAAA,IACA;AAAA,EAAA;AAEJ;AAEA,eAAsB,MACpB,QACgC;AAChC,QAAM,MAAM,MAAM,OAAO,YAAuB,UAAU,EAAE,QAAQ,OAAO;AAC3E,SAAO,OAAO,gBAAgB,KAAK,qBAAqB,gBAAgB;AAC1E;AAEA,eAAsB,WACpB,QAC6B;AAC7B,QAAM,MAAM,MAAM,OAAO,YAAuB,eAAe;AAAA,IAC7D,QAAQ;AAAA,EAAA,CACT;AACD,SAAO,OAAO;AAAA,IACZ;AAAA,IACA;AAAA,IACA;AAAA,EAAA;AAEJ;AAEA,eAAsB,wBACpB,QAC4C;AAC5C,QAAM,MAAM,MAAM,OAAO;AAAA,IACvB;AAAA,IACA;AAAA,MACE,QAAQ;AAAA,IAAA;AAAA,EACV;AAEF,SAAO,OAAO;AAAA,IACZ;AAAA,IACA;AAAA,IACA;AAAA,EAAA;AAEJ;AAEA,eAAsB,gBACpB,QACkC;AAClC,QAAM,MAAM,MAAM,OAAO,YAAuB,YAAY;AAAA,IAC1D,QAAQ;AAAA,EAAA,CACT;AACD,SAAO,OAAO;AAAA,IACZ;AAAA,IACA;AAAA,IACA;AAAA,EAAA;AAEJ;AAEA,eAAsB,cACpB,QAC4B;AAC5B,QAAM,MAAM,MAAM,OAAO,YAAuB,cAAc;AAAA,IAC5D,QAAQ;AAAA,EAAA,CACT;AACD,SAAO,OAAO;AAAA,IACZ;AAAA,IACA;AAAA,IACA;AAAA,EAAA;AAEJ;AAEA,eAAsB,eACpB,QACA,SACiC;AACjC,QAAM,MAAM,MAAM,OAAO,YAAuB,oBAAoB;AAAA,IAClE,QAAQ;AAAA,IACR,MAAM,EAAE,QAAA;AAAA,IACR,SAAS,EAAE,gBAAgB,mBAAA;AAAA,EAAmB,CAC/C;AACD,SAAO,OAAO;AAAA,IACZ;AAAA,IACA;AAAA,IACA;AAAA,EAAA;AAEJ;AAEA,eAAsB,0BACpB,QACA,UACA,OAC4C;AAC5C,QAAM,SAAS,IAAI,gBAAA;AACnB,MAAI,OAAO;AACT,WAAO,IAAI,KAAK,KAAK;AAAA,EACvB;AACA,QAAM,SAAS,OAAO,OAAO,IAAI,IAAI,OAAO,UAAU,KAAK;AAC3D,QAAM,MAAM,MAAM,OAAO;AAAA,IACvB,eAAe,mBAAmB,QAAQ,CAAC,UAAU,MAAM;AAAA,IAC3D;AAAA,MACE,QAAQ;AAAA,IAAA;AAAA,EACV;AAEF,SAAO,OAAO;AAAA,IACZ;AAAA,IACA;AAAA,IACA;AAAA,EAAA;AAEJ;AAEA,eAAsB,aACpB,QACA,SAC+B;AAC/B,MAAI;AACF,UAAM,MAAM,MAAM,OAAO,YAAuB,WAAW;AAAA,MACzD,QAAQ;AAAA,MACR,MAAM;AAAA,MACN,SAAS,EAAE,gBAAgB,mBAAA;AAAA,IAAmB,CAC/C;AACD,WAAO,OAAO;AAAA,MACZ;AAAA,MACA;AAAA,MACA;AAAA,IAAA;AAAA,EAEJ,SAAS,OAAO;AACd,QAAI,iBAAiB,uBAAuB,MAAM,WAAW,KAAK;AAChE,YAAM,WAAW,MAAM;AAAA,QACrB;AAAA,QACA,gCAAgC,OAAO;AAAA,MAAA;AAEzC,aAAO,oCAAoC,QAAQ;AAAA,IACrD;AACA,UAAM;AAAA,EACR;AACF;AAEA,eAAsB,aACpB,QAC+B;AAC/B,QAAM,MAAM,MAAM,OAAO,YAAuB,kBAAkB;AAAA,IAChE,QAAQ;AAAA,EAAA,CACT;AACD,SAAO,OAAO;AAAA,IACZ;AAAA,IACA;AAAA,IACA;AAAA,EAAA;AAEJ;AAEA,eAAsB,eACpB,QACiC;AACjC,QAAM,MAAM,MAAM,OAAO,YAAuB,oBAAoB;AAAA,IAClE,QAAQ;AAAA,EAAA,CACT;AACD,SAAO,OAAO;AAAA,IACZ;AAAA,IACA;AAAA,IACA;AAAA,EAAA;AAEJ;AAEA,eAAsB,eACpB,QACiC;AACjC,QAAM,MAAM,MAAM,OAAO,YAAuB,YAAY;AAAA,IAC1D,QAAQ;AAAA,EAAA,CACT;AACD,SAAO,OAAO;AAAA,IACZ;AAAA,IACA;AAAA,IACA;AAAA,EAAA;AAEJ;AAEA,eAAsB,OACpB,QACA,SAC+B;AAC/B,QAAM,SAAS,IAAI,gBAAA;AACnB,MAAI,SAAS;AACX,WAAO,IAAI,WAAW,OAAO;AAAA,EAC/B;AACA,QAAM,SAAS,OAAO,OAAO,IAAI,IAAI,OAAO,UAAU,KAAK;AAC3D,QAAM,MAAM,MAAM,OAAO,YAAuB,iBAAiB,MAAM,IAAI;AAAA,IACzE,QAAQ;AAAA,EAAA,CACT;AACD,SAAO,OAAO;AAAA,IACZ;AAAA,IACA;AAAA,IACA;AAAA,EAAA;AAEJ;"}
+{"version":3,"file":"standards-sdk.es183.js","sources":["../../src/services/registry-broker/client/ledger-auth.ts"],"sourcesContent":["import { Buffer } from 'buffer';\nimport type { SignerSignature } from '@hashgraph/sdk';\nimport type {\n  JsonObject,\n  JsonValue,\n  LedgerAuthenticationOptions,\n  LedgerAuthenticationSignerResult,\n  LedgerChallengeRequest,\n  LedgerChallengeResponse,\n  LedgerCredentialAuthOptions,\n  LedgerVerifyRequest,\n  LedgerVerifyResponse,\n} from '../types';\nimport {\n  ledgerChallengeResponseSchema,\n  ledgerVerifyResponseSchema,\n} from '../schemas';\nimport { canonicalizeLedgerNetwork } from '../ledger-network';\nimport { createPrivateKeySignerAsync } from '../private-key-signer';\nimport type { RegistryBrokerClient } from './base-client';\n\nasync function loadViemAccount(privateKey: `0x${string}`): Promise<{\n  publicKey: string;\n  signMessage: (input: { message: string }) => Promise<string>;\n}> {\n  try {\n    const viem = await import('viem/accounts');\n    return viem.privateKeyToAccount(privateKey);\n  } catch (error) {\n    const err = new Error(\n      'EVM ledger authentication requires the optional dependency \"viem\". Install it to use evmPrivateKey flows.',\n    );\n    (err as { cause?: unknown }).cause = error;\n    throw err;\n  }\n}\n\nasync function resolveLedgerAuthSignature(\n  message: string,\n  options: LedgerAuthenticationOptions,\n): Promise<LedgerAuthenticationSignerResult> {\n  if (typeof options.sign === 'function') {\n    const result = await options.sign(message);\n    if (\n      !result ||\n      typeof result.signature !== 'string' ||\n      result.signature.length === 0\n    ) {\n      throw new Error('Custom ledger signer failed to produce a signature.');\n    }\n    return result;\n  }\n\n  if (!options.signer || typeof options.signer.sign !== 'function') {\n    throw new Error(\n      'Ledger authentication requires a Hedera Signer or custom sign function.',\n    );\n  }\n\n  const payload = Buffer.from(message, 'utf8');\n  const signatures: SignerSignature[] = await options.signer.sign([payload]);\n  const signatureEntry = signatures?.[0];\n  if (!signatureEntry) {\n    throw new Error('Signer did not return any signatures.');\n  }\n\n  let derivedPublicKey: string | undefined;\n  if (signatureEntry.publicKey) {\n    derivedPublicKey = signatureEntry.publicKey.toString();\n  } else if (typeof options.signer.getAccountKey === 'function') {\n    const accountKey = await options.signer.getAccountKey();\n    if (accountKey && typeof accountKey.toString === 'function') {\n      derivedPublicKey = accountKey.toString();\n    }\n  }\n\n  return {\n    signature: Buffer.from(signatureEntry.signature).toString('base64'),\n    signatureKind: 'raw',\n    publicKey: derivedPublicKey,\n  };\n}\n\nexport async function createLedgerChallenge(\n  client: RegistryBrokerClient,\n  payload: LedgerChallengeRequest,\n): Promise<LedgerChallengeResponse> {\n  const resolvedNetwork = canonicalizeLedgerNetwork(payload.network);\n  const network =\n    resolvedNetwork.kind === 'hedera'\n      ? (resolvedNetwork.hederaNetwork ?? resolvedNetwork.canonical)\n      : resolvedNetwork.canonical;\n  const raw = await client.requestJson<JsonValue>('/auth/ledger/challenge', {\n    method: 'POST',\n    headers: { 'content-type': 'application/json' },\n    body: {\n      accountId: payload.accountId,\n      network,\n    },\n  });\n\n  return client.parseWithSchema(\n    raw,\n    ledgerChallengeResponseSchema,\n    'ledger challenge response',\n  );\n}\n\nexport async function verifyLedgerChallenge(\n  client: RegistryBrokerClient,\n  payload: LedgerVerifyRequest,\n): Promise<LedgerVerifyResponse> {\n  const resolvedNetwork = canonicalizeLedgerNetwork(payload.network);\n  const network =\n    resolvedNetwork.kind === 'hedera'\n      ? (resolvedNetwork.hederaNetwork ?? resolvedNetwork.canonical)\n      : resolvedNetwork.canonical;\n  const body: JsonObject = {\n    challengeId: payload.challengeId,\n    accountId: payload.accountId,\n    network,\n    signature: payload.signature,\n  };\n\n  if (payload.signatureKind) {\n    body.signatureKind = payload.signatureKind;\n  }\n  if (payload.publicKey) {\n    body.publicKey = payload.publicKey;\n  }\n  if (typeof payload.expiresInMinutes === 'number') {\n    body.expiresInMinutes = payload.expiresInMinutes;\n  }\n\n  const raw = await client.requestJson<JsonValue>('/auth/ledger/verify', {\n    method: 'POST',\n    headers: { 'content-type': 'application/json' },\n    body,\n  });\n\n  const result = client.parseWithSchema(\n    raw,\n    ledgerVerifyResponseSchema,\n    'ledger verification response',\n  );\n\n  client.setLedgerApiKey(result.key);\n  return result;\n}\n\nexport async function authenticateWithLedger(\n  client: RegistryBrokerClient,\n  options: LedgerAuthenticationOptions,\n): Promise<LedgerVerifyResponse> {\n  const challenge = await client.createLedgerChallenge({\n    accountId: options.accountId,\n    network: options.network,\n  });\n  const signed = await resolveLedgerAuthSignature(challenge.message, options);\n  const verification = await client.verifyLedgerChallenge({\n    challengeId: challenge.challengeId,\n    accountId: options.accountId,\n    network: options.network,\n    signature: signed.signature,\n    signatureKind: signed.signatureKind,\n    publicKey: signed.publicKey,\n    expiresInMinutes: options.expiresInMinutes,\n  });\n  return verification;\n}\n\nexport async function authenticateWithLedgerCredentials(\n  client: RegistryBrokerClient,\n  options: LedgerCredentialAuthOptions,\n): Promise<LedgerVerifyResponse> {\n  const {\n    accountId,\n    network,\n    signer,\n    sign,\n    hederaPrivateKey,\n    evmPrivateKey,\n    expiresInMinutes,\n    setAccountHeader = true,\n    label,\n    logger,\n  } = options;\n\n  const resolvedNetwork = canonicalizeLedgerNetwork(network);\n  const labelSuffix = label ? ` for ${label}` : '';\n\n  const networkPayload = resolvedNetwork.canonical;\n\n  const authOptions: LedgerAuthenticationOptions = {\n    accountId,\n    network: networkPayload,\n    expiresInMinutes,\n  };\n\n  if (sign) {\n    authOptions.sign = sign;\n  } else if (signer) {\n    authOptions.signer = signer;\n  } else if (hederaPrivateKey) {\n    if (resolvedNetwork.kind !== 'hedera' || !resolvedNetwork.hederaNetwork) {\n      throw new Error(\n        'hederaPrivateKey can only be used with hedera:mainnet or hedera:testnet networks.',\n      );\n    }\n    authOptions.signer = await createPrivateKeySignerAsync({\n      accountId,\n      privateKey: hederaPrivateKey,\n      network: resolvedNetwork.hederaNetwork,\n    });\n  } else if (evmPrivateKey) {\n    if (resolvedNetwork.kind !== 'evm') {\n      throw new Error(\n        'evmPrivateKey can only be used with CAIP-2 EVM networks (eip155:<chainId>).',\n      );\n    }\n    const formattedKey = evmPrivateKey.startsWith('0x')\n      ? (evmPrivateKey as `0x${string}`)\n      : (`0x${evmPrivateKey}` as `0x${string}`);\n    const account = await loadViemAccount(formattedKey);\n    authOptions.sign = async message => ({\n      signature: await account.signMessage({ message }),\n      signatureKind: 'evm',\n      publicKey: account.publicKey,\n    });\n  } else {\n    throw new Error(\n      'Provide a signer, sign function, hederaPrivateKey, or evmPrivateKey to authenticate with the ledger.',\n    );\n  }\n\n  logger?.info?.(\n    `Authenticating ledger account ${accountId} (${resolvedNetwork.canonical})${labelSuffix}...`,\n  );\n  const verification = await client.authenticateWithLedger(authOptions);\n  if (setAccountHeader) {\n    client.setDefaultHeader('x-account-id', verification.accountId);\n  }\n  logger?.info?.(\n    `Ledger authentication complete${labelSuffix}. Issued key prefix: ${verification.apiKey.prefix}…${verification.apiKey.lastFour}`,\n  );\n  return verification;\n}\n"],"names":[],"mappings":";;;;AAqBA,eAAe,gBAAgB,YAG5B;AACD,MAAI;AACF,UAAM,OAAO,MAAM,OAAO,eAAe;AACzC,WAAO,KAAK,oBAAoB,UAAU;AAAA,EAC5C,SAAS,OAAO;AACd,UAAM,MAAM,IAAI;AAAA,MACd;AAAA,IAAA;AAED,QAA4B,QAAQ;AACrC,UAAM;AAAA,EACR;AACF;AAEA,eAAe,2BACb,SACA,SAC2C;AAC3C,MAAI,OAAO,QAAQ,SAAS,YAAY;AACtC,UAAM,SAAS,MAAM,QAAQ,KAAK,OAAO;AACzC,QACE,CAAC,UACD,OAAO,OAAO,cAAc,YAC5B,OAAO,UAAU,WAAW,GAC5B;AACA,YAAM,IAAI,MAAM,qDAAqD;AAAA,IACvE;AACA,WAAO;AAAA,EACT;AAEA,MAAI,CAAC,QAAQ,UAAU,OAAO,QAAQ,OAAO,SAAS,YAAY;AAChE,UAAM,IAAI;AAAA,MACR;AAAA,IAAA;AAAA,EAEJ;AAEA,QAAM,UAAU,OAAO,KAAK,SAAS,MAAM;AAC3C,QAAM,aAAgC,MAAM,QAAQ,OAAO,KAAK,CAAC,OAAO,CAAC;AACzE,QAAM,iBAAiB,aAAa,CAAC;AACrC,MAAI,CAAC,gBAAgB;AACnB,UAAM,IAAI,MAAM,uCAAuC;AAAA,EACzD;AAEA,MAAI;AACJ,MAAI,eAAe,WAAW;AAC5B,uBAAmB,eAAe,UAAU,SAAA;AAAA,EAC9C,WAAW,OAAO,QAAQ,OAAO,kBAAkB,YAAY;AAC7D,UAAM,aAAa,MAAM,QAAQ,OAAO,cAAA;AACxC,QAAI,cAAc,OAAO,WAAW,aAAa,YAAY;AAC3D,yBAAmB,WAAW,SAAA;AAAA,IAChC;AAAA,EACF;AAEA,SAAO;AAAA,IACL,WAAW,OAAO,KAAK,eAAe,SAAS,EAAE,SAAS,QAAQ;AAAA,IAClE,eAAe;AAAA,IACf,WAAW;AAAA,EAAA;AAEf;AAEA,eAAsB,sBACpB,QACA,SACkC;AAClC,QAAM,kBAAkB,0BAA0B,QAAQ,OAAO;AACjE,QAAM,UACJ,gBAAgB,SAAS,WACpB,gBAAgB,iBAAiB,gBAAgB,YAClD,gBAAgB;AACtB,QAAM,MAAM,MAAM,OAAO,YAAuB,0BAA0B;AAAA,IACxE,QAAQ;AAAA,IACR,SAAS,EAAE,gBAAgB,mBAAA;AAAA,IAC3B,MAAM;AAAA,MACJ,WAAW,QAAQ;AAAA,MACnB;AAAA,IAAA;AAAA,EACF,CACD;AAED,SAAO,OAAO;AAAA,IACZ;AAAA,IACA;AAAA,IACA;AAAA,EAAA;AAEJ;AAEA,eAAsB,sBACpB,QACA,SAC+B;AAC/B,QAAM,kBAAkB,0BAA0B,QAAQ,OAAO;AACjE,QAAM,UACJ,gBAAgB,SAAS,WACpB,gBAAgB,iBAAiB,gBAAgB,YAClD,gBAAgB;AACtB,QAAM,OAAmB;AAAA,IACvB,aAAa,QAAQ;AAAA,IACrB,WAAW,QAAQ;AAAA,IACnB;AAAA,IACA,WAAW,QAAQ;AAAA,EAAA;AAGrB,MAAI,QAAQ,eAAe;AACzB,SAAK,gBAAgB,QAAQ;AAAA,EAC/B;AACA,MAAI,QAAQ,WAAW;AACrB,SAAK,YAAY,QAAQ;AAAA,EAC3B;AACA,MAAI,OAAO,QAAQ,qBAAqB,UAAU;AAChD,SAAK,mBAAmB,QAAQ;AAAA,EAClC;AAEA,QAAM,MAAM,MAAM,OAAO,YAAuB,uBAAuB;AAAA,IACrE,QAAQ;AAAA,IACR,SAAS,EAAE,gBAAgB,mBAAA;AAAA,IAC3B;AAAA,EAAA,CACD;AAED,QAAM,SAAS,OAAO;AAAA,IACpB;AAAA,IACA;AAAA,IACA;AAAA,EAAA;AAGF,SAAO,gBAAgB,OAAO,GAAG;AACjC,SAAO;AACT;AAEA,eAAsB,uBACpB,QACA,SAC+B;AAC/B,QAAM,YAAY,MAAM,OAAO,sBAAsB;AAAA,IACnD,WAAW,QAAQ;AAAA,IACnB,SAAS,QAAQ;AAAA,EAAA,CAClB;AACD,QAAM,SAAS,MAAM,2BAA2B,UAAU,SAAS,OAAO;AAC1E,QAAM,eAAe,MAAM,OAAO,sBAAsB;AAAA,IACtD,aAAa,UAAU;AAAA,IACvB,WAAW,QAAQ;AAAA,IACnB,SAAS,QAAQ;AAAA,IACjB,WAAW,OAAO;AAAA,IAClB,eAAe,OAAO;AAAA,IACtB,WAAW,OAAO;AAAA,IAClB,kBAAkB,QAAQ;AAAA,EAAA,CAC3B;AACD,SAAO;AACT;AAEA,eAAsB,kCACpB,QACA,SAC+B;AAC/B,QAAM;AAAA,IACJ;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA,mBAAmB;AAAA,IACnB;AAAA,IACA;AAAA,EAAA,IACE;AAEJ,QAAM,kBAAkB,0BAA0B,OAAO;AACzD,QAAM,cAAc,QAAQ,QAAQ,KAAK,KAAK;AAE9C,QAAM,iBAAiB,gBAAgB;AAEvC,QAAM,cAA2C;AAAA,IAC/C;AAAA,IACA,SAAS;AAAA,IACT;AAAA,EAAA;AAGF,MAAI,MAAM;AACR,gBAAY,OAAO;AAAA,EACrB,WAAW,QAAQ;AACjB,gBAAY,SAAS;AAAA,EACvB,WAAW,kBAAkB;AAC3B,QAAI,gBAAgB,SAAS,YAAY,CAAC,gBAAgB,eAAe;AACvE,YAAM,IAAI;AAAA,QACR;AAAA,MAAA;AAAA,IAEJ;AACA,gBAAY,SAAS,MAAM,4BAA4B;AAAA,MACrD;AAAA,MACA,YAAY;AAAA,MACZ,SAAS,gBAAgB;AAAA,IAAA,CAC1B;AAAA,EACH,WAAW,eAAe;AACxB,QAAI,gBAAgB,SAAS,OAAO;AAClC,YAAM,IAAI;AAAA,QACR;AAAA,MAAA;AAAA,IAEJ;AACA,UAAM,eAAe,cAAc,WAAW,IAAI,IAC7C,gBACA,KAAK,aAAa;AACvB,UAAM,UAAU,MAAM,gBAAgB,YAAY;AAClD,gBAAY,OAAO,OAAM,aAAY;AAAA,MACnC,WAAW,MAAM,QAAQ,YAAY,EAAE,SAAS;AAAA,MAChD,eAAe;AAAA,MACf,WAAW,QAAQ;AAAA,IAAA;AAAA,EAEvB,OAAO;AACL,UAAM,IAAI;AAAA,MACR;AAAA,IAAA;AAAA,EAEJ;AAEA,UAAQ;AAAA,IACN,iCAAiC,SAAS,KAAK,gBAAgB,SAAS,IAAI,WAAW;AAAA,EAAA;AAEzF,QAAM,eAAe,MAAM,OAAO,uBAAuB,WAAW;AACpE,MAAI,kBAAkB;AACpB,WAAO,iBAAiB,gBAAgB,aAAa,SAAS;AAAA,EAChE;AACA,UAAQ;AAAA,IACN,iCAAiC,WAAW,wBAAwB,aAAa,OAAO,MAAM,IAAI,aAAa,OAAO,QAAQ;AAAA,EAAA;AAEhI,SAAO;AACT;"}