@heyanon-arp/sdk 0.0.37 → 0.0.39

package/dist/attestation/attestation.d.ts

@@ -1,9 +1,9 @@
-import type { KeyLinkPayload, ScryptPasswordAttestation } from '../types/identity';
+import type { Ed25519KeyLinkAttestation, KeyLinkPayload } from '../types/identity';
 /**
- * Build an `ARP-KEY-LINK-v1` attestation record signed via
- * `scrypt_password_proof`. Caller assembles the payload
- * (DID, both pubkeys, nonce, etc.); SDK produces the MAC
- * and wraps the record in the standard shape.
+ * Build an `ARP-KEY-LINK-v1` attestation signed via `ed25519_owner_key`:
+ * the agent's IDENTITY key signs `canonicalBytes(payload)`. The identity
+ * key is already proven at registration (the ARP-CHALLENGE-v1 step), so
+ * the key-link is self-certified with NO owner password / shared secret.
  *
  * Identity keys are immutable in alpha (no rotation); the KEY-LINK
  * attestation is the single owner-signed link between identity and
@@ -11,7 +11,13 @@ import type { KeyLinkPayload, ScryptPasswordAttestation } from '../types/identit
  */
 export declare function signKeyLinkAttestation(input: {
     payload: KeyLinkPayload;
-    scryptKey: Uint8Array;
-    scryptSaltId: string;
-}): ScryptPasswordAttestation<KeyLinkPayload>;
-export declare function verifyKeyLinkAttestation(attestation: ScryptPasswordAttestation<KeyLinkPayload>, scryptKey: Uint8Array): boolean;
+    identitySecretKey: Uint8Array;
+}): Ed25519KeyLinkAttestation<KeyLinkPayload>;
+/**
+ * Verify a key-link attestation against the identity key EMBEDDED in its
+ * payload (`payload.identity_public_key`). The caller is responsible for
+ * cross-checking that key against the agent DID / request body — this
+ * function only proves the payload was signed by the identity key it
+ * names. Returns false on any malformed input (no throw).
+ */
+export declare function verifyKeyLinkAttestation(attestation: Ed25519KeyLinkAttestation<KeyLinkPayload>): boolean;

package/dist/attestation/index.d.ts

@@ -1,2 +1 @@
-export { deriveScryptKey, scryptPasswordProofSign, scryptPasswordProofVerify } from './scrypt-proof';
 export { signKeyLinkAttestation, verifyKeyLinkAttestation } from './attestation';

package/dist/index.d.ts

@@ -8,7 +8,7 @@
  *   - did          — `did:arp:<...>` parse/format + DID document types
  *   - envelope     — sign / verify envelope (steps 4-6 of protocol verification)
  *   - challenge    — ARP-CHALLENGE-v1 ownership proof (registration)
- *   - attestation  — scrypt key-link owner attestation
+ *   - attestation  — ed25519 key-link owner attestation
  *   - server-chain — signed_message_hash, server_event_hash, audit walker
  *   - settlement   — canonical Solana program-id base58 constants
  *   - purpose      — domain separators (`ARP-*-v1`)

package/dist/index.js

@@ -5,8 +5,6 @@ var utils = require('@noble/hashes/utils');
 var canonicalize = require('canonicalize');
 var base = require('@scure/base');
 var ed = require('@noble/ed25519');
-var hmac = require('@noble/hashes/hmac');
-var scrypt = require('@noble/hashes/scrypt');
 var web3_js = require('@solana/web3.js');
 
 function _interopDefault (e) { return e && e.__esModule ? e : { default: e }; }
@@ -189,73 +187,43 @@ function verifyChallenge(challengeBytes, signature, identityPubkey) {
   if (signature.length !== 64) return false;
   return verify2(signature, buildSigningInput(challengeBytes), identityPubkey);
 }
-
-// src/types/identity.ts
-var OWNER_SIGNING_METHODS = ["scrypt_password_proof", "ed25519_owner_key", "totp+passphrase"];
-var SCRYPT_PARAMS = {
-  N: 32768,
-  r: 8,
-  p: 1,
-  dkLen: 32
-};
-
-// src/attestation/scrypt-proof.ts
-function deriveScryptKey(password, salt) {
-  if (salt.length !== 16) {
-    throw new Error(`deriveScryptKey: expected 16-byte salt, got ${salt.length}`);
+var ED25519_SIG_PREFIX = "ed25519:";
+function signKeyLinkAttestation(input) {
+  if (input.payload.purpose !== "ARP-KEY-LINK-v1") {
+    throw new Error(`signKeyLinkAttestation: expected purpose ARP-KEY-LINK-v1, got ${input.payload.purpose}`);
   }
-  const passwordBytes = new TextEncoder().encode(password);
-  return scrypt.scrypt(passwordBytes, salt, {
-    N: SCRYPT_PARAMS.N,
-    r: SCRYPT_PARAMS.r,
-    p: SCRYPT_PARAMS.p,
-    dkLen: SCRYPT_PARAMS.dkLen
-  });
-}
-function scryptPasswordProofSign(payload, scryptKey) {
-  if (scryptKey.length !== SCRYPT_PARAMS.dkLen) {
-    throw new Error(`scryptPasswordProofSign: expected ${SCRYPT_PARAMS.dkLen}-byte scrypt key, got ${scryptKey.length}`);
+  if (input.payload.owner_signing_method !== "ed25519_owner_key") {
+    throw new Error(`signKeyLinkAttestation: this helper handles ed25519_owner_key only; got ${input.payload.owner_signing_method}`);
   }
-  const digest = sha2.sha256(canonicalBytes(payload));
-  const mac = hmac.hmac(sha2.sha256, scryptKey, digest);
-  return base.base64.encode(mac);
-}
-function scryptPasswordProofVerify(payload, sigBase64, scryptKey) {
-  if (scryptKey.length !== SCRYPT_PARAMS.dkLen) return false;
-  let providedMac;
+  const sig = sign2(canonicalBytes(input.payload), input.identitySecretKey);
+  return { payload: input.payload, sig: `${ED25519_SIG_PREFIX}${base.base64.encode(sig)}` };
+}
+function verifyKeyLinkAttestation(attestation) {
+  const { payload, sig } = attestation;
+  if (payload.purpose !== "ARP-KEY-LINK-v1") return false;
+  if (payload.owner_signing_method !== "ed25519_owner_key") return false;
+  if (typeof sig !== "string" || !sig.startsWith(ED25519_SIG_PREFIX)) return false;
+  let sigBytes;
   try {
-    providedMac = base.base64.decode(sigBase64);
+    sigBytes = base.base64.decode(sig.slice(ED25519_SIG_PREFIX.length));
   } catch {
     return false;
   }
-  if (providedMac.length !== 32) return false;
-  const digest = sha2.sha256(canonicalBytes(payload));
-  const expectedMac = hmac.hmac(sha2.sha256, scryptKey, digest);
-  return constantTimeEqualBytes(providedMac, expectedMac);
-}
-function constantTimeEqualBytes(a, b) {
-  if (a.length !== b.length) return false;
-  let diff = 0;
-  for (let i = 0; i < a.length; i++) {
-    diff |= a[i] ^ b[i];
-  }
-  return diff === 0;
-}
-
-// src/attestation/attestation.ts
-function signKeyLinkAttestation(input) {
-  if (input.payload.purpose !== "ARP-KEY-LINK-v1") {
-    throw new Error(`signKeyLinkAttestation: expected purpose ARP-KEY-LINK-v1, got ${input.payload.purpose}`);
+  if (sigBytes.length !== 64) return false;
+  let identityPubkey;
+  try {
+    identityPubkey = base58btcDecode(payload.identity_public_key);
+  } catch {
+    return false;
   }
-  if (input.payload.owner_signing_method !== "scrypt_password_proof") {
-    throw new Error(`signKeyLinkAttestation: this helper handles scrypt_password_proof only; got ${input.payload.owner_signing_method}`);
+  if (identityPubkey.length !== 32) return false;
+  let signingBytes;
+  try {
+    signingBytes = canonicalBytes(payload);
+  } catch {
+    return false;
   }
-  const sig = scryptPasswordProofSign(input.payload, input.scryptKey);
-  return { payload: input.payload, sig, scrypt_salt_id: input.scryptSaltId };
-}
-function verifyKeyLinkAttestation(attestation, scryptKey) {
-  if (attestation.payload.purpose !== "ARP-KEY-LINK-v1") return false;
-  return scryptPasswordProofVerify(attestation.payload, attestation.sig, scryptKey);
+  return verify2(sigBytes, signingBytes, identityPubkey);
 }
 function signedMessageHash(envelope) {
   const input = envelope.attachments === void 0 ? { protected: envelope.protected, body: envelope.body } : { protected: envelope.protected, body: envelope.body, attachments: envelope.attachments };
@@ -380,7 +348,7 @@ var SHA256_HEX_RE = /^sha256:[0-9a-f]{64}$/;
 function isSha256Hex(v) {
   return typeof v === "string" && SHA256_HEX_RE.test(v);
 }
-var ED25519_SIG_PREFIX = "ed25519:";
+var ED25519_SIG_PREFIX2 = "ed25519:";
 var PROTOCOL_VERSIONS = ["arp/0.1"];
 var CURRENT_PROTOCOL_VERSION = PROTOCOL_VERSIONS[PROTOCOL_VERSIONS.length - 1];
 
@@ -569,6 +537,9 @@ function isReservedName(name) {
 function isValidAgentName(name) {
   return AGENT_NAME_REGEX.test(normalizeName(name));
 }
+
+// src/types/identity.ts
+var OWNER_SIGNING_METHODS = ["ed25519_owner_key", "totp+passphrase"];
 var LOCK_ACCOUNT_SIZE = 269;
 var LOCK_ACCOUNT_DISCRIMINATOR = new Uint8Array([8, 255, 36, 202, 210, 22, 57, 137]);
 var LOCK_STATE_NAMES = ["created", "canceled", "in_progress", "submitted", "paid", "revoked", "disputing", "dispute_resolved", "dispute_closed"];
@@ -1257,7 +1228,7 @@ exports.DelegationActions = DelegationActions;
 exports.DelegationOfferRejectionCodes = DelegationOfferRejectionCodes;
 exports.DelegationStates = DelegationStates;
 exports.DiscoverySorts = DiscoverySorts;
-exports.ED25519_SIG_PREFIX = ED25519_SIG_PREFIX;
+exports.ED25519_SIG_PREFIX = ED25519_SIG_PREFIX2;
 exports.ESCROW_PDA_SEEDS = ESCROW_PDA_SEEDS;
 exports.ESCROW_PROGRAM_ID_BASE58 = ESCROW_PROGRAM_ID_BASE58;
 exports.ESCROW_RELEASE_METHODS = ESCROW_RELEASE_METHODS;
@@ -1291,7 +1262,6 @@ exports.RESERVED_NAMES = RESERVED_NAMES;
 exports.ReadModelStatuses = ReadModelStatuses;
 exports.ReceiptVerdicts = ReceiptVerdicts;
 exports.RelationshipStates = RelationshipStates;
-exports.SCRYPT_PARAMS = SCRYPT_PARAMS;
 exports.SHA256_HEX_RE = SHA256_HEX_RE;
 exports.SLIP44_SOLANA = SLIP44_SOLANA;
 exports.SOLANA_CLUSTER_IDS = SOLANA_CLUSTER_IDS;
@@ -1333,7 +1303,6 @@ exports.deriveEventAuthorityPda = deriveEventAuthorityPda;
 exports.deriveLockId = deriveLockId;
 exports.deriveLockPda = deriveLockPda;
 exports.deriveOperatorAuthPda = deriveOperatorAuthPda;
-exports.deriveScryptKey = deriveScryptKey;
 exports.deriveStakeVaultPda = deriveStakeVaultPda;
 exports.expiresAt = expiresAt;
 exports.fetchLockAccount = fetchLockAccount;
@@ -1370,8 +1339,6 @@ exports.parseDid = parseDid;
 exports.pollUntil = pollUntil;
 exports.resolveAsset = resolveAsset;
 exports.rfc3339 = rfc3339;
-exports.scryptPasswordProofSign = scryptPasswordProofSign;
-exports.scryptPasswordProofVerify = scryptPasswordProofVerify;
 exports.senderNonce = senderNonce;
 exports.serverEventHash = serverEventHash;
 exports.sign = sign2;

package/dist/index.mjs

@@ -3,8 +3,6 @@ import { bytesToHex, randomBytes } from '@noble/hashes/utils';
 import canonicalize from 'canonicalize';
 import { base58, base64, base64urlnopad } from '@scure/base';
 import * as ed from '@noble/ed25519';
-import { hmac } from '@noble/hashes/hmac';
-import { scrypt } from '@noble/hashes/scrypt';
 import { PublicKey, SystemProgram, TransactionInstruction } from '@solana/web3.js';
 
 // src/canonical/canonicalize.ts
@@ -164,73 +162,43 @@ function verifyChallenge(challengeBytes, signature, identityPubkey) {
   if (signature.length !== 64) return false;
   return verify2(signature, buildSigningInput(challengeBytes), identityPubkey);
 }
-
-// src/types/identity.ts
-var OWNER_SIGNING_METHODS = ["scrypt_password_proof", "ed25519_owner_key", "totp+passphrase"];
-var SCRYPT_PARAMS = {
-  N: 32768,
-  r: 8,
-  p: 1,
-  dkLen: 32
-};
-
-// src/attestation/scrypt-proof.ts
-function deriveScryptKey(password, salt) {
-  if (salt.length !== 16) {
-    throw new Error(`deriveScryptKey: expected 16-byte salt, got ${salt.length}`);
+var ED25519_SIG_PREFIX = "ed25519:";
+function signKeyLinkAttestation(input) {
+  if (input.payload.purpose !== "ARP-KEY-LINK-v1") {
+    throw new Error(`signKeyLinkAttestation: expected purpose ARP-KEY-LINK-v1, got ${input.payload.purpose}`);
   }
-  const passwordBytes = new TextEncoder().encode(password);
-  return scrypt(passwordBytes, salt, {
-    N: SCRYPT_PARAMS.N,
-    r: SCRYPT_PARAMS.r,
-    p: SCRYPT_PARAMS.p,
-    dkLen: SCRYPT_PARAMS.dkLen
-  });
-}
-function scryptPasswordProofSign(payload, scryptKey) {
-  if (scryptKey.length !== SCRYPT_PARAMS.dkLen) {
-    throw new Error(`scryptPasswordProofSign: expected ${SCRYPT_PARAMS.dkLen}-byte scrypt key, got ${scryptKey.length}`);
+  if (input.payload.owner_signing_method !== "ed25519_owner_key") {
+    throw new Error(`signKeyLinkAttestation: this helper handles ed25519_owner_key only; got ${input.payload.owner_signing_method}`);
   }
-  const digest = sha256(canonicalBytes(payload));
-  const mac = hmac(sha256, scryptKey, digest);
-  return base64.encode(mac);
-}
-function scryptPasswordProofVerify(payload, sigBase64, scryptKey) {
-  if (scryptKey.length !== SCRYPT_PARAMS.dkLen) return false;
-  let providedMac;
+  const sig = sign2(canonicalBytes(input.payload), input.identitySecretKey);
+  return { payload: input.payload, sig: `${ED25519_SIG_PREFIX}${base64.encode(sig)}` };
+}
+function verifyKeyLinkAttestation(attestation) {
+  const { payload, sig } = attestation;
+  if (payload.purpose !== "ARP-KEY-LINK-v1") return false;
+  if (payload.owner_signing_method !== "ed25519_owner_key") return false;
+  if (typeof sig !== "string" || !sig.startsWith(ED25519_SIG_PREFIX)) return false;
+  let sigBytes;
   try {
-    providedMac = base64.decode(sigBase64);
+    sigBytes = base64.decode(sig.slice(ED25519_SIG_PREFIX.length));
   } catch {
     return false;
   }
-  if (providedMac.length !== 32) return false;
-  const digest = sha256(canonicalBytes(payload));
-  const expectedMac = hmac(sha256, scryptKey, digest);
-  return constantTimeEqualBytes(providedMac, expectedMac);
-}
-function constantTimeEqualBytes(a, b) {
-  if (a.length !== b.length) return false;
-  let diff = 0;
-  for (let i = 0; i < a.length; i++) {
-    diff |= a[i] ^ b[i];
-  }
-  return diff === 0;
-}
-
-// src/attestation/attestation.ts
-function signKeyLinkAttestation(input) {
-  if (input.payload.purpose !== "ARP-KEY-LINK-v1") {
-    throw new Error(`signKeyLinkAttestation: expected purpose ARP-KEY-LINK-v1, got ${input.payload.purpose}`);
+  if (sigBytes.length !== 64) return false;
+  let identityPubkey;
+  try {
+    identityPubkey = base58btcDecode(payload.identity_public_key);
+  } catch {
+    return false;
   }
-  if (input.payload.owner_signing_method !== "scrypt_password_proof") {
-    throw new Error(`signKeyLinkAttestation: this helper handles scrypt_password_proof only; got ${input.payload.owner_signing_method}`);
+  if (identityPubkey.length !== 32) return false;
+  let signingBytes;
+  try {
+    signingBytes = canonicalBytes(payload);
+  } catch {
+    return false;
   }
-  const sig = scryptPasswordProofSign(input.payload, input.scryptKey);
-  return { payload: input.payload, sig, scrypt_salt_id: input.scryptSaltId };
-}
-function verifyKeyLinkAttestation(attestation, scryptKey) {
-  if (attestation.payload.purpose !== "ARP-KEY-LINK-v1") return false;
-  return scryptPasswordProofVerify(attestation.payload, attestation.sig, scryptKey);
+  return verify2(sigBytes, signingBytes, identityPubkey);
 }
 function signedMessageHash(envelope) {
   const input = envelope.attachments === void 0 ? { protected: envelope.protected, body: envelope.body } : { protected: envelope.protected, body: envelope.body, attachments: envelope.attachments };
@@ -355,7 +323,7 @@ var SHA256_HEX_RE = /^sha256:[0-9a-f]{64}$/;
 function isSha256Hex(v) {
   return typeof v === "string" && SHA256_HEX_RE.test(v);
 }
-var ED25519_SIG_PREFIX = "ed25519:";
+var ED25519_SIG_PREFIX2 = "ed25519:";
 var PROTOCOL_VERSIONS = ["arp/0.1"];
 var CURRENT_PROTOCOL_VERSION = PROTOCOL_VERSIONS[PROTOCOL_VERSIONS.length - 1];
 
@@ -544,6 +512,9 @@ function isReservedName(name) {
 function isValidAgentName(name) {
   return AGENT_NAME_REGEX.test(normalizeName(name));
 }
+
+// src/types/identity.ts
+var OWNER_SIGNING_METHODS = ["ed25519_owner_key", "totp+passphrase"];
 var LOCK_ACCOUNT_SIZE = 269;
 var LOCK_ACCOUNT_DISCRIMINATOR = new Uint8Array([8, 255, 36, 202, 210, 22, 57, 137]);
 var LOCK_STATE_NAMES = ["created", "canceled", "in_progress", "submitted", "paid", "revoked", "disputing", "dispute_resolved", "dispute_closed"];
@@ -1197,4 +1168,4 @@ var CliAuthTokenErrorCodes = {
   REQUIRED: "AUTH_TOKEN_REQUIRED"
 };
 
-export { AGENT_BADGES, AGENT_NAME_REGEX, AGENT_TAG_REGEX, ASSET_DECIMALS_MAX, ASSET_DECIMALS_MIN, ASSET_SYMBOL_MAX_LEN, ASSET_SYMBOL_MIN_LEN, ASSET_WHITELIST, ASSOCIATED_TOKEN_PROGRAM_ID, ASSOCIATED_TOKEN_PROGRAM_ID_BASE58, AgentBadges, BODY_TYPES, BodyTypes, CAIP19_REGEX, CLI_AUTH_TOKEN_ERROR_CODES, CLI_LOGIN_SESSION_STATES, CLI_LOGIN_SESSION_STORED_STATES, CREATE_LOCK_DISCRIMINATOR, CREATE_LOCK_NATIVE_DISCRIMINATOR, CURRENT_PROTOCOL_VERSION, CliAuthTokenErrorCodes, CliLoginSessionStates, DECIMAL_AMOUNT_REGEX, DECLINE_REASONS, DELEGATION_ACTIONS, DELEGATION_ACTIVE_STATES, DELEGATION_OFFER_REJECTION_CODES, DELEGATION_STATES, DEVNET_MINTS, DID_ARP_REGEX, DISCOVERY_SORTS, DelegationActions, DelegationOfferRejectionCodes, DelegationStates, DiscoverySorts, ED25519_SIG_PREFIX, ESCROW_PDA_SEEDS, ESCROW_PROGRAM_ID_BASE58, ESCROW_RELEASE_METHODS, EscrowReleaseMethods, HANDSHAKE_DECISIONS, HandshakeDecisions, INBOX_BLOCK_SCOPES, InboxBlockScopes, LIVE_RELATIONSHIP_STATE_NAMES, LOCK_ACCOUNT_DISCRIMINATOR, LOCK_ACCOUNT_SIZE, LOCK_STATE_NAMES, LOCK_TERMINAL_STATES, LockStates, LockTerminalStates, MAINNET_MINTS, MAX_CLOCK_SKEW_SECONDS, MAX_ENVELOPE_TTL_SECONDS, NATIVE_SOL_MINT, NATIVE_SOL_MINT_BASE58, NO_ARG_LIFECYCLE_INSTRUCTIONS, OWNER_SIGNING_METHODS, POST_COMMIT_ERROR_CODES, POST_COMMIT_ERROR_CODE_PREFIXES, PROTOCOL_VERSIONS, Purpose, READ_MODEL_STATUSES, RECEIPT_VERDICTS, RELATIONSHIP_STATE_NAMES, RESERVED_NAMES, ReadModelStatuses, ReceiptVerdicts, RelationshipStates, SCRYPT_PARAMS, SHA256_HEX_RE, SLIP44_SOLANA, SOLANA_CLUSTER_IDS, SPL_TOKEN_PROGRAM_ID, SPL_TOKEN_PROGRAM_ID_BASE58, SYSTEM_PROGRAM_ID_BASE58, TOKEN_2022_PROGRAM_ID_BASE58, WELL_KNOWN_ASSETS, WELL_KNOWN_ASSET_KEYS, WORK_LOG_STATES, WorkLogStates, base58btcDecode, base58btcEncode, buildAcceptLockIx, buildCancelLockIx, buildClaimExpiredWorkIx, buildClaimWorkPaymentIx, buildCloseDisputeIx, buildCreateLockIx, buildCreateLockIxData, buildLifecycleIxData, buildOpenDisputeIx, buildResolveDisputeIx, buildResolveDisputeIxData, buildSubmitWorkIx, bytes16ToDelegationId, canonicalBytes, canonicalJson, canonicalSha256Hex, decodeLockAccount, delegationIdToBytes16, deriveAta, deriveCollateralConfigPda, deriveConfigPda, deriveDelegationConditionHash, deriveDisputeResolutionPda, deriveEscrowPda, deriveEventAuthorityPda, deriveLockId, deriveLockPda, deriveOperatorAuthPda, deriveScryptKey, deriveStakeVaultPda, expiresAt, fetchLockAccount, findAssetByAssetId, findAssetMetaByMint, findFirstChainDivergence, formatDid, generateKeyPair, getPublicKey2 as getPublicKey, instructionDiscriminator, isAgentBadge, isAssetIdentifier, isBodyType, isCliLoginSessionWireState, isDecimalAmountString, isDeclineReason, isDelegationAction, isDelegationState, isEscrowReleaseMethod, isHandshakeDecision, isPostCommitErrorCode, isReadModelStatus, isReceiptVerdict, isRelationshipState, isReservedName, isSha256Hex, isValidAgentName, isValidDid, isWhitelistedAssetId, isWorkLogState, normalizeName, parseCaip19SolanaAssetId, parseDid, pollUntil, resolveAsset, rfc3339, scryptPasswordProofSign, scryptPasswordProofVerify, senderNonce, serverEventHash, sign2 as sign, signChallenge, signEnvelope, signKeyLinkAttestation, signedMessageHash, uuidV4, verify2 as verify, verifyChallenge, verifyEnvelope, verifyKeyLinkAttestation };
+export { AGENT_BADGES, AGENT_NAME_REGEX, AGENT_TAG_REGEX, ASSET_DECIMALS_MAX, ASSET_DECIMALS_MIN, ASSET_SYMBOL_MAX_LEN, ASSET_SYMBOL_MIN_LEN, ASSET_WHITELIST, ASSOCIATED_TOKEN_PROGRAM_ID, ASSOCIATED_TOKEN_PROGRAM_ID_BASE58, AgentBadges, BODY_TYPES, BodyTypes, CAIP19_REGEX, CLI_AUTH_TOKEN_ERROR_CODES, CLI_LOGIN_SESSION_STATES, CLI_LOGIN_SESSION_STORED_STATES, CREATE_LOCK_DISCRIMINATOR, CREATE_LOCK_NATIVE_DISCRIMINATOR, CURRENT_PROTOCOL_VERSION, CliAuthTokenErrorCodes, CliLoginSessionStates, DECIMAL_AMOUNT_REGEX, DECLINE_REASONS, DELEGATION_ACTIONS, DELEGATION_ACTIVE_STATES, DELEGATION_OFFER_REJECTION_CODES, DELEGATION_STATES, DEVNET_MINTS, DID_ARP_REGEX, DISCOVERY_SORTS, DelegationActions, DelegationOfferRejectionCodes, DelegationStates, DiscoverySorts, ED25519_SIG_PREFIX2 as ED25519_SIG_PREFIX, ESCROW_PDA_SEEDS, ESCROW_PROGRAM_ID_BASE58, ESCROW_RELEASE_METHODS, EscrowReleaseMethods, HANDSHAKE_DECISIONS, HandshakeDecisions, INBOX_BLOCK_SCOPES, InboxBlockScopes, LIVE_RELATIONSHIP_STATE_NAMES, LOCK_ACCOUNT_DISCRIMINATOR, LOCK_ACCOUNT_SIZE, LOCK_STATE_NAMES, LOCK_TERMINAL_STATES, LockStates, LockTerminalStates, MAINNET_MINTS, MAX_CLOCK_SKEW_SECONDS, MAX_ENVELOPE_TTL_SECONDS, NATIVE_SOL_MINT, NATIVE_SOL_MINT_BASE58, NO_ARG_LIFECYCLE_INSTRUCTIONS, OWNER_SIGNING_METHODS, POST_COMMIT_ERROR_CODES, POST_COMMIT_ERROR_CODE_PREFIXES, PROTOCOL_VERSIONS, Purpose, READ_MODEL_STATUSES, RECEIPT_VERDICTS, RELATIONSHIP_STATE_NAMES, RESERVED_NAMES, ReadModelStatuses, ReceiptVerdicts, RelationshipStates, SHA256_HEX_RE, SLIP44_SOLANA, SOLANA_CLUSTER_IDS, SPL_TOKEN_PROGRAM_ID, SPL_TOKEN_PROGRAM_ID_BASE58, SYSTEM_PROGRAM_ID_BASE58, TOKEN_2022_PROGRAM_ID_BASE58, WELL_KNOWN_ASSETS, WELL_KNOWN_ASSET_KEYS, WORK_LOG_STATES, WorkLogStates, base58btcDecode, base58btcEncode, buildAcceptLockIx, buildCancelLockIx, buildClaimExpiredWorkIx, buildClaimWorkPaymentIx, buildCloseDisputeIx, buildCreateLockIx, buildCreateLockIxData, buildLifecycleIxData, buildOpenDisputeIx, buildResolveDisputeIx, buildResolveDisputeIxData, buildSubmitWorkIx, bytes16ToDelegationId, canonicalBytes, canonicalJson, canonicalSha256Hex, decodeLockAccount, delegationIdToBytes16, deriveAta, deriveCollateralConfigPda, deriveConfigPda, deriveDelegationConditionHash, deriveDisputeResolutionPda, deriveEscrowPda, deriveEventAuthorityPda, deriveLockId, deriveLockPda, deriveOperatorAuthPda, deriveStakeVaultPda, expiresAt, fetchLockAccount, findAssetByAssetId, findAssetMetaByMint, findFirstChainDivergence, formatDid, generateKeyPair, getPublicKey2 as getPublicKey, instructionDiscriminator, isAgentBadge, isAssetIdentifier, isBodyType, isCliLoginSessionWireState, isDecimalAmountString, isDeclineReason, isDelegationAction, isDelegationState, isEscrowReleaseMethod, isHandshakeDecision, isPostCommitErrorCode, isReadModelStatus, isReceiptVerdict, isRelationshipState, isReservedName, isSha256Hex, isValidAgentName, isValidDid, isWhitelistedAssetId, isWorkLogState, normalizeName, parseCaip19SolanaAssetId, parseDid, pollUntil, resolveAsset, rfc3339, senderNonce, serverEventHash, sign2 as sign, signChallenge, signEnvelope, signKeyLinkAttestation, signedMessageHash, uuidV4, verify2 as verify, verifyChallenge, verifyEnvelope, verifyKeyLinkAttestation };

package/dist/types/agent.d.ts

@@ -68,8 +68,8 @@ export interface AgentRegisteredResponse {
 }
 /**
  * Public view of an ARP agent — signed reads (`GET /v1/agents/:did`)
- * and the profile `PATCH` response. Owner-only material (raw scrypt,
- * encrypted secrets) never appears here.
+ * and the profile `PATCH` response. Owner-only material (raw key
+ * material, encrypted secrets) never appears here.
  */
 export interface AgentPublic {
     did: string;
@@ -255,9 +255,9 @@ export interface ChallengeResponse {
 /**
  * Request body for `POST /v1/agents` (registration). The server DTO is
  * `RegisterAgentDto`; `ownerAttestation` mirrors the SDK
- * `ScryptPasswordAttestation<KeyLinkPayload>` wire shape but stays a
- * generic object here — its inner fields are verified by canonical-JSON
- * + HMAC at the server, not structurally.
+ * `Ed25519KeyLinkAttestation<KeyLinkPayload>` wire shape but stays a
+ * generic object here — its `sig` is verified against the payload's
+ * identity key (Ed25519) at the server, not structurally.
  */
 export interface RegisterAgentRequest {
     challengeId: string;
@@ -266,10 +266,7 @@ export interface RegisterAgentRequest {
     ownerAttestation: {
         payload: Record<string, unknown>;
         sig: string;
-        scrypt_salt_id: string;
     };
-    scryptKeyB64: string;
-    scryptSaltB64: string;
     /**
      * Unique, immutable handle — lowercase `^[a-z0-9_]{3,32}$`
      * ({@link AGENT_NAME_REGEX}), REQUIRED. The server normalizes it and

package/dist/types/identity.d.ts

@@ -1,16 +1,16 @@
 import type { Did } from './envelope';
 /**
- * Owner attestation methods per [00-core/identity.md](../../../00-core/identity.md).
- *
- * Only `scrypt_password_proof` is active (index 0); the others are
- * reserved placeholders for forward-compat. Backed by an `as const`
- * array so the server's attestation schema can source the active method
- * from `OWNER_SIGNING_METHODS[0]` instead of re-hardcoding the literal.
+ * Owner attestation methods. `ed25519_owner_key` is active (index 0):
+ * the agent's IDENTITY key self-signs the key-link, so there is NO
+ * separate owner password. `totp+passphrase` is a reserved placeholder
+ * for forward-compat. Backed by an `as const` array so the server's
+ * attestation schema sources the active method from
+ * `OWNER_SIGNING_METHODS[0]` instead of re-hardcoding the literal.
  */
-export declare const OWNER_SIGNING_METHODS: readonly ["scrypt_password_proof", "ed25519_owner_key", "totp+passphrase"];
+export declare const OWNER_SIGNING_METHODS: readonly ["ed25519_owner_key", "totp+passphrase"];
 export type OwnerSigningMethod = (typeof OWNER_SIGNING_METHODS)[number];
 /**
- * `ARP-KEY-LINK-v1` payload — the canonical-JSON-hashed object an owner
+ * `ARP-KEY-LINK-v1` payload — the canonical-JSON-hashed object the owner
  * signs at registration. Carries the link between identity and settlement
  * keys plus owner identity / method metadata.
  */
@@ -25,20 +25,14 @@ export interface KeyLinkPayload {
     nonce: string;
 }
 /**
- * `scrypt_password_proof` — the owner attestation envelope. The
- * signature is HMAC-SHA256(scrypt(password, salt), sha256(canonical(payload))),
- * base64-encoded. NOT an Ed25519 signature; verification is
- * server-side via the stored scrypt-derived key.
+ * `ed25519_owner_key` key-link attestation. The `sig` is the agent's
+ * IDENTITY Ed25519 key signing `canonicalBytes(payload)`, formatted as
+ * `ed25519:<base64(64-byte sig)>` — the same convention as envelope
+ * signatures. SELF-VERIFYING: the verifier checks `sig` against the
+ * payload's `identity_public_key`; there is no shared secret and no
+ * password (the identity key is already challenge-proven at register).
  */
-export interface ScryptPasswordAttestation<TPayload extends KeyLinkPayload = KeyLinkPayload> {
+export interface Ed25519KeyLinkAttestation<TPayload extends KeyLinkPayload = KeyLinkPayload> {
     payload: TPayload;
     sig: string;
-    scrypt_salt_id: string;
 }
-/** Standard scrypt parameters used for owner password proofs. */
-export declare const SCRYPT_PARAMS: {
-    readonly N: 32768;
-    readonly r: 8;
-    readonly p: 1;
-    readonly dkLen: 32;
-};

package/dist/types/index.d.ts

@@ -19,5 +19,5 @@ export { CLI_LOGIN_SESSION_STORED_STATES, CLI_LOGIN_SESSION_STATES, CliLoginSess
 export type { AssetIdentifierWire, DelegationPublic, DisputeResolutionPublic, ReceiptPublic, RelationshipPublic, WorkLogPublic, EventPublic, IngestResult, SenderSequenceResponse, InboxUnblockResult, ListRelationshipsQuery, ListInboxQuery, ListEventsQuery, ListDelegationsQuery, ListWorkLogsQuery, ListReceiptsQuery, } from './read-model';
 export type { AcceptPrefs, AcceptCurrency, AgentRegisteredResponse, AgentPublic, UpdateAgentBody, RegisterAgentRequest, ChallengeResponse, ReputationScores, ReputationCounters, AgentReputation, AssetVolume, AgentSettlementVolume, AgentStatsRates, AgentStats, } from './agent';
 export { AGENT_TAG_REGEX, AGENT_NAME_REGEX, RESERVED_NAMES, isReservedName, isValidAgentName, normalizeName } from './agent';
-export type { OwnerSigningMethod, KeyLinkPayload, ScryptPasswordAttestation } from './identity';
-export { SCRYPT_PARAMS, OWNER_SIGNING_METHODS } from './identity';
+export type { OwnerSigningMethod, KeyLinkPayload, Ed25519KeyLinkAttestation } from './identity';
+export { OWNER_SIGNING_METHODS } from './identity';

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@heyanon-arp/sdk",
-  "version": "0.0.37",
-  "description": "TypeScript SDK for the Agent Relationship Protocol — canonical JSON, Ed25519 envelope sign/verify, did:arp identity, scrypt key attestation, chain-audit helpers.",
+  "version": "0.0.39",
+  "description": "TypeScript SDK for the Agent Relationship Protocol — canonical JSON, Ed25519 envelope sign/verify, did:arp identity, Ed25519 owner key-link attestation, chain-audit helpers.",
   "license": "MIT",
   "keywords": [
     "arp",

package/dist/attestation/scrypt-proof.d.ts

@@ -1,28 +0,0 @@
-/**
- * Derive the scrypt key from an owner's password + salt. Uses the
- * standard parameters: N=32768, r=8, p=1, dkLen=32. Designed to be
- * computed once at owner registration time and stored encrypted-at-rest;
- * subsequent attestation verification recomputes the HMAC, not scrypt.
- *
- * Synchronous variant is intentional — keys derive at low frequency
- * (once per owner registration); the worst case is a few hundred ms
- * which is acceptable. Async variants can be layered on top by the
- * consumer if needed.
- */
-export declare function deriveScryptKey(password: string, salt: Uint8Array): Uint8Array;
-/**
- * Compute the scrypt-password-proof signature over the canonical
- * payload bytes, returning the base64-encoded MAC.
- *
- * Steps per [00-core/identity.md](../../../00-core/identity.md):
- *   1. payload_digest = sha256(canonical_json(payload))
- *   2. mac            = HMAC-SHA256(scrypt_key, payload_digest)
- *   3. sig            = base64(mac)
- */
-export declare function scryptPasswordProofSign(payload: unknown, scryptKey: Uint8Array): string;
-/**
- * Verify a scrypt-password-proof signature. Constant-time compare on
- * MAC bytes — never compares strings directly because base64 decoding
- * normalises some inputs which would mask differences.
- */
-export declare function scryptPasswordProofVerify(payload: unknown, sigBase64: string, scryptKey: Uint8Array): boolean;