@hyperauth/sdk 0.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (13) hide show
  1. package/README.md +250 -0
  2. package/dist/enclave.d.ts +38 -0
  3. package/dist/enclave.d.ts.map +1 -0
  4. package/dist/enclave.js +420 -0
  5. package/dist/enclave.js.map +12 -0
  6. package/dist/enclave.wasm +0 -0
  7. package/dist/index.d.ts +5 -0
  8. package/dist/index.d.ts.map +1 -0
  9. package/dist/storage.d.ts +19 -0
  10. package/dist/storage.d.ts.map +1 -0
  11. package/dist/types.d.ts +130 -0
  12. package/dist/types.d.ts.map +1 -0
  13. package/package.json +38 -0
package/README.md ADDED
@@ -0,0 +1,250 @@
1
+ # Motr Enclave
2
+
3
+ Extism WASM plugin providing encrypted key storage for the Nebula wallet. Built with Go 1.25+ for `wasip1` target.
4
+
5
+ ## Features
6
+
7
+ - **WebAuthn Integration** - Device-bound credentials with PRF key derivation
8
+ - **MPC Key Shares** - Secure threshold signature key storage
9
+ - **Multi-Chain Support** - BIP44 derivation for Sonr, Ethereum, Bitcoin
10
+ - **UCAN v1.0.0-rc.1** - Capability-based authorization with CID-indexed delegations
11
+ - **Encryption at Rest** - AES-256-GCM encrypted database serialization
12
+ - **SQLite Functions** - Custom functions for address derivation and signing
13
+
14
+ ## Quick Start
15
+
16
+ ```bash
17
+ make start
18
+ ```
19
+
20
+ This single command:
21
+ 1. Installs dependencies (Go, Bun)
22
+ 2. Builds the WASM plugin
23
+ 3. Builds the TypeScript SDK
24
+ 4. Starts the dev server at http://localhost:8080
25
+
26
+ ## Manual Setup
27
+
28
+ ```bash
29
+ make deps # Install tooling
30
+ make build # Build WASM plugin
31
+ make sdk # Build TypeScript SDK
32
+ make dev # Start dev server
33
+ ```
34
+
35
+ ## Library Quickstart
36
+
37
+ ### Installation
38
+
39
+ ```bash
40
+ npm install @hyperauth/sdk
41
+ # or
42
+ bun add @hyperauth/sdk
43
+ ```
44
+
45
+ ### 1. Initialize the Enclave
46
+
47
+ ```typescript
48
+ import { createEnclave, createSecureStorage } from '@hyperauth/sdk';
49
+
50
+ // Create enclave instance (loads WASM)
51
+ const enclave = await createEnclave('/enclave.wasm', {
52
+ debug: true, // Enable logging
53
+ autoLockTimeout: 300000, // Auto-lock after 5 minutes of inactivity
54
+ });
55
+
56
+ // Create encrypted browser storage for persisting the database
57
+ const storage = await createSecureStorage();
58
+ ```
59
+
60
+ ### 2. Create a New Identity
61
+
62
+ ```typescript
63
+ // After WebAuthn registration, pass the credential
64
+ const credential = btoa(JSON.stringify(webAuthnCredential));
65
+ const result = await enclave.generate(credential);
66
+
67
+ console.log(result.did); // "did:sonr:abc123..."
68
+ console.log(result.enclave_id); // MPC enclave identifier
69
+ console.log(result.accounts); // Default accounts (Sonr, Ethereum, Bitcoin)
70
+
71
+ // Persist the database for later sessions
72
+ await storage.set('vault', result.database);
73
+ ```
74
+
75
+ ### 3. Load an Existing Identity
76
+
77
+ ```typescript
78
+ // On app startup, check for existing vault
79
+ const database = await storage.get('vault');
80
+
81
+ if (database) {
82
+ const loaded = await enclave.load(database);
83
+ if (loaded.success) {
84
+ console.log(`Loaded identity: ${loaded.did}`);
85
+ }
86
+ }
87
+ ```
88
+
89
+ ### 4. Work with Accounts
90
+
91
+ ```typescript
92
+ // List all accounts
93
+ const accounts = await enclave.exec('resource:accounts action:list');
94
+ console.log(accounts.result);
95
+
96
+ // Get a specific account
97
+ const account = await enclave.exec('resource:accounts action:get subject:sonr1abc...');
98
+
99
+ // Or use the typed execute method
100
+ const result = await enclave.execute('accounts', 'list');
101
+ ```
102
+
103
+ ### 5. Sign Data
104
+
105
+ ```typescript
106
+ // Sign arbitrary data with the MPC enclave
107
+ const dataHex = Buffer.from('Hello, World!').toString('hex');
108
+ const signature = await enclave.exec(
109
+ `resource:enclaves action:sign subject:${enclaveId}:${dataHex}`
110
+ );
111
+
112
+ console.log(signature.result); // 64-byte signature
113
+ ```
114
+
115
+ ### 6. Lock/Unlock Flow
116
+
117
+ ```typescript
118
+ // Set callback for auto-lock events
119
+ enclave.setAutoLockCallback(async (database) => {
120
+ await storage.set('vault', database);
121
+ console.log('Vault auto-locked and saved');
122
+ });
123
+
124
+ // Manual lock (returns serialized database)
125
+ const lockResult = await enclave.lock();
126
+ if (lockResult.success && lockResult.database) {
127
+ await storage.set('vault', lockResult.database);
128
+ }
129
+
130
+ // Check status
131
+ const status = await enclave.status();
132
+ console.log(status.locked); // true/false
133
+ console.log(status.initialized); // true if identity exists
134
+
135
+ // Unlock with stored database
136
+ const database = await storage.get('vault');
137
+ const unlockResult = await enclave.unlock(database);
138
+ ```
139
+
140
+ ### 7. Query DID Document
141
+
142
+ ```typescript
143
+ const didDoc = await enclave.query();
144
+
145
+ console.log(didDoc.did); // DID identifier
146
+ console.log(didDoc.verification_methods); // Public keys
147
+ console.log(didDoc.accounts); // Blockchain addresses
148
+ console.log(didDoc.credentials); // WebAuthn credentials
149
+ ```
150
+
151
+ ### 8. Cleanup
152
+
153
+ ```typescript
154
+ // Close enclave when done
155
+ await enclave.close();
156
+ await storage.close();
157
+ ```
158
+
159
+ ### CLI Testing
160
+
161
+ ```bash
162
+ make test-plugin
163
+ ```
164
+
165
+ ## Plugin Functions
166
+
167
+ | Function | Input | Output |
168
+ |----------|-------|--------|
169
+ | `ping` | Message string | Echo response |
170
+ | `generate` | WebAuthn credential (base64) | DID, enclave_id, public_key, accounts[], database |
171
+ | `load` | Database buffer | Success status, DID |
172
+ | `exec` | Filter string | Action result |
173
+ | `query` | DID (optional) | DID document |
174
+
175
+ ### Exec Resources & Actions
176
+
177
+ | Resource | Actions |
178
+ |----------|---------|
179
+ | `accounts` | list, get, sign |
180
+ | `enclaves` | list, get, sign, rotate, archive, delete |
181
+ | `credentials` | list, get |
182
+ | `sessions` | list, revoke |
183
+ | `grants` | list, revoke |
184
+ | `delegations` | list, list_received, list_command, get, revoke, verify, cleanup |
185
+ | `verification_methods` | list, get, delete |
186
+ | `services` | list, get, get_by_id |
187
+
188
+ ### Filter Syntax
189
+
190
+ ```
191
+ resource:<name> action:<action> [subject:<value>]
192
+ ```
193
+
194
+ Examples:
195
+ ```bash
196
+ # List all accounts
197
+ resource:accounts action:list
198
+
199
+ # Get specific account
200
+ resource:accounts action:get subject:sonr1abc...
201
+
202
+ # Sign with enclave
203
+ resource:enclaves action:sign subject:enc_123:48656c6c6f
204
+
205
+ # List delegations by command
206
+ resource:delegations action:list_command subject:/vault/read
207
+ ```
208
+
209
+ ## Architecture
210
+
211
+ The enclave uses SQLite as a computation engine with custom functions:
212
+
213
+ | Function | Purpose |
214
+ |----------|---------|
215
+ | `bip44_derive(pubkey, chain)` | Derive address from public key |
216
+ | `bip44_derive_from_enclave(id, chain)` | Derive address from stored enclave |
217
+
218
+ Supported chains: `sonr` (Cosmos 118), `ethereum` (60), `bitcoin` (0)
219
+
220
+ ## Project Structure
221
+
222
+ ```
223
+ motr-enclave/
224
+ ├── cmd/enclave/ # WASM plugin entry point
225
+ ├── internal/
226
+ │ ├── keybase/ # Database layer + SQLite functions
227
+ │ ├── crypto/mpc/ # MPC key operations
228
+ │ ├── crypto/ucan/ # UCAN v1.0.0-rc.1 builders
229
+ │ └── migrations/ # Schema + queries
230
+ ├── src/ # TypeScript SDK
231
+ ├── dist/ # Built SDK
232
+ ├── example/ # Browser demo
233
+ └── Makefile
234
+ ```
235
+
236
+ ## Development
237
+
238
+ ```bash
239
+ make test # Run Go tests
240
+ make lint # Run linter
241
+ make clean # Remove build artifacts
242
+ make generate # Regenerate SQLC code
243
+ ```
244
+
245
+ ## Documentation
246
+
247
+ - [AGENTS.md](./AGENTS.md) - Architecture and coding guidelines
248
+ - [TODO.md](./TODO.md) - Remaining implementation tasks
249
+ - [CHANGELOG.md](./CHANGELOG.md) - Version history
250
+ - [MIGRATION.md](./MIGRATION.md) - Original schema design
package/dist/enclave.d.ts ADDED
@@ -0,0 +1,38 @@
1
+ import type { EnclaveOptions, GenerateOutput, LoadOutput, ExecOutput, QueryOutput, LockOutput, UnlockOutput, StatusOutput, Resource, CreateRegistrationInput, RegistrationResult } from './types';
2
+ export declare class Enclave {
3
+ private plugin;
4
+ private logger;
5
+ private debug;
6
+ private autoLockTimeout;
7
+ private activityTimer?;
8
+ private onAutoLock?;
9
+ private constructor();
10
+ setAutoLockCallback(callback: (database: number[]) => void): void;
11
+ setAutoLockTimeout(ms: number): void;
12
+ private resetActivityTimer;
13
+ private clearActivityTimer;
14
+ static create(wasm: string | Uint8Array, options?: EnclaveOptions): Promise<Enclave>;
15
+ generate(credential: string): Promise<GenerateOutput>;
16
+ load(source: Uint8Array | number[]): Promise<LoadOutput>;
17
+ exec(filter: string, token?: string): Promise<ExecOutput>;
18
+ execute(resource: Resource, action: string, options?: {
19
+ subject?: string;
20
+ token?: string;
21
+ }): Promise<ExecOutput>;
22
+ createRegistration(input: CreateRegistrationInput): Promise<RegistrationResult>;
23
+ query(did?: string): Promise<QueryOutput>;
24
+ ping(message?: string): Promise<{
25
+ success: boolean;
26
+ message: string;
27
+ echo: string;
28
+ }>;
29
+ lock(): Promise<LockOutput>;
30
+ unlock(source: Uint8Array | number[]): Promise<UnlockOutput>;
31
+ status(): Promise<StatusOutput>;
32
+ isLocked(): Promise<boolean>;
33
+ reset(): Promise<void>;
34
+ close(): Promise<void>;
35
+ private log;
36
+ }
37
+ export declare function createEnclave(wasm: string | Uint8Array, options?: EnclaveOptions): Promise<Enclave>;
38
+ //# sourceMappingURL=enclave.d.ts.map
package/dist/enclave.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"enclave.d.ts","sourceRoot":"","sources":["../src/enclave.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EACV,cAAc,EACd,cAAc,EACd,UAAU,EACV,UAAU,EACV,WAAW,EACX,UAAU,EACV,YAAY,EACZ,YAAY,EACZ,QAAQ,EACR,uBAAuB,EACvB,kBAAkB,EACnB,MAAM,SAAS,CAAC;AAEjB,qBAAa,OAAO;IAClB,OAAO,CAAC,MAAM,CAAS;IACvB,OAAO,CAAC,MAAM,CAA2B;IACzC,OAAO,CAAC,KAAK,CAAU;IACvB,OAAO,CAAC,eAAe,CAAS;IAChC,OAAO,CAAC,aAAa,CAAC,CAAgC;IACtD,OAAO,CAAC,UAAU,CAAC,CAA+B;IAElD,OAAO;IAOP,mBAAmB,CAAC,QAAQ,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,KAAK,IAAI,GAAG,IAAI;IAIjE,kBAAkB,CAAC,EAAE,EAAE,MAAM,GAAG,IAAI;IAKpC,OAAO,CAAC,kBAAkB;IAgB1B,OAAO,CAAC,kBAAkB;WAOb,MAAM,CACjB,IAAI,EAAE,MAAM,GAAG,UAAU,EACzB,OAAO,GAAE,cAAmB,GAC3B,OAAO,CAAC,OAAO,CAAC;IA2Bb,QAAQ,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,cAAc,CAAC;IAkBrD,IAAI,CAAC,MAAM,EAAE,UAAU,GAAG,MAAM,EAAE,GAAG,OAAO,CAAC,UAAU,CAAC;IA0BxD,IAAI,CAAC,MAAM,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,CAAC;IAmBzD,OAAO,CACX,QAAQ,EAAE,QAAQ,EAClB,MAAM,EAAE,MAAM,EACd,OAAO,GAAE;QAAE,OAAO,CAAC,EAAE,MAAM,CAAC;QAAC,KAAK,CAAC,EAAE,MAAM,CAAA;KAAO,GACjD,OAAO,CAAC,UAAU,CAAC;IAQhB,kBAAkB,CAAC,KAAK,EAAE,uBAAuB,GAAG,OAAO,CAAC,kBAAkB,CAAC;IAiB/E,KAAK,CAAC,GAAG,GAAE,MAAW,GAAG,OAAO,CAAC,WAAW,CAAC;IAiB7C,IAAI,CAAC,OAAO,GAAE,MAAgB,GAAG,OAAO,CAAC;QAAE,OAAO,EAAE,OAAO,CAAC;QAAC,OAAO,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAA;KAAE,CAAC;IAe7F,IAAI,IAAI,OAAO,CAAC,UAAU,CAAC;IAgB3B,MAAM,CAAC,MAAM,EAAE,UAAU,GAAG,MAAM,EAAE,GAAG,OAAO,CAAC,YAAY,CAAC;IAqB5D,MAAM,IAAI,OAAO,CAAC,YAAY,CAAC;IAY/B,QAAQ,IAAI,OAAO,CAAC,OAAO,CAAC;IAK5B,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAKtB,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAK5B,OAAO,CAAC,GAAG;CAKZ;AAED,wBAAsB,aAAa,CACjC,IAAI,EAAE,MAAM,GAAG,UAAU,EACzB,OAAO,GAAE,cAAmB,GAC3B,OAAO,CAAC,OAAO,CAAC,CAElB"}
package/dist/enclave.js ADDED
@@ -0,0 +1,420 @@
1
+ // src/enclave.ts
2
+ import createPlugin, { CAPABILITIES } from "@extism/extism";
3
+
4
+ class Enclave {
5
+ plugin;
6
+ logger;
7
+ debug;
8
+ autoLockTimeout;
9
+ activityTimer;
10
+ onAutoLock;
11
+ constructor(plugin, options = {}) {
12
+ this.plugin = plugin;
13
+ this.logger = options.logger ?? console;
14
+ this.debug = options.debug ?? false;
15
+ this.autoLockTimeout = options.autoLockTimeout ?? 5 * 60 * 1000;
16
+ }
17
+ setAutoLockCallback(callback) {
18
+ this.onAutoLock = callback;
19
+ }
20
+ setAutoLockTimeout(ms) {
21
+ this.autoLockTimeout = ms;
22
+ this.resetActivityTimer();
23
+ }
24
+ resetActivityTimer() {
25
+ if (this.activityTimer) {
26
+ clearTimeout(this.activityTimer);
27
+ this.activityTimer = undefined;
28
+ }
29
+ if (this.autoLockTimeout > 0) {
30
+ this.activityTimer = setTimeout(async () => {
31
+ this.log("auto-lock: inactivity timeout reached");
32
+ const result = await this.lock();
33
+ if (result.success && result.database && this.onAutoLock) {
34
+ this.onAutoLock(result.database);
35
+ }
36
+ }, this.autoLockTimeout);
37
+ }
38
+ }
39
+ clearActivityTimer() {
40
+ if (this.activityTimer) {
41
+ clearTimeout(this.activityTimer);
42
+ this.activityTimer = undefined;
43
+ }
44
+ }
45
+ static async create(wasm, options = {}) {
46
+ const manifest = typeof wasm === "string" ? { wasm: [{ url: wasm }] } : { wasm: [{ data: wasm }] };
47
+ const config = {};
48
+ if (options.contracts) {
49
+ const c = options.contracts;
50
+ config["registry_address"] = c.didRegistry;
51
+ config["factory_address"] = c.hyperAuthFactory;
52
+ config["account_helper_address"] = c.accountHelper;
53
+ config["session_sbt_address"] = c.sessionSBT;
54
+ config["entry_point_address"] = c.entryPoint;
55
+ config["chain_id"] = String(c.chainId);
56
+ }
57
+ const plugin = await createPlugin(manifest, {
58
+ useWasi: true,
59
+ runInWorker: CAPABILITIES.hasWorkerCapability,
60
+ logger: options.debug ? options.logger : undefined,
61
+ config
62
+ });
63
+ return new Enclave(plugin, options);
64
+ }
65
+ async generate(credential) {
66
+ const input = JSON.stringify({ credential });
67
+ try {
68
+ const result = await this.plugin.call("generate", input);
69
+ if (!result) {
70
+ throw new Error("generate: plugin returned no output");
71
+ }
72
+ const output = result.json();
73
+ this.resetActivityTimer();
74
+ return output;
75
+ } catch (err) {
76
+ const msg = toErrorMessage(err);
77
+ this.log(`generate: failed - ${msg}`, "error");
78
+ throw new Error(`generate: ${msg}`);
79
+ }
80
+ }
81
+ async load(source) {
82
+ this.log("load: loading database");
83
+ const database = source instanceof Uint8Array ? Array.from(source) : source;
84
+ const input = JSON.stringify({ database });
85
+ try {
86
+ const result = await this.plugin.call("load", input);
87
+ if (!result) {
88
+ return { success: false, error: "plugin returned no output" };
89
+ }
90
+ const output = result.json();
91
+ if (output.success) {
92
+ this.log(`load: loaded database for DID ${output.did}`);
93
+ this.resetActivityTimer();
94
+ } else {
95
+ this.log(`load: failed - ${output.error}`, "error");
96
+ }
97
+ return output;
98
+ } catch (err) {
99
+ const msg = toErrorMessage(err);
100
+ this.log(`load: failed - ${msg}`, "error");
101
+ return { success: false, error: msg };
102
+ }
103
+ }
104
+ async exec(filter, token) {
105
+ this.log(`exec: ${filter}`);
106
+ this.resetActivityTimer();
107
+ const input = JSON.stringify({ filter, token });
108
+ try {
109
+ const result = await this.plugin.call("exec", input);
110
+ if (!result) {
111
+ return { success: false, error: "plugin returned no output" };
112
+ }
113
+ return result.json();
114
+ } catch (err) {
115
+ const msg = toErrorMessage(err);
116
+ this.log(`exec: failed - ${msg}`, "error");
117
+ return { success: false, error: msg };
118
+ }
119
+ }
120
+ async execute(resource, action, options = {}) {
121
+ let filter = `resource:${resource} action:${action}`;
122
+ if (options.subject) {
123
+ filter += ` subject:${options.subject}`;
124
+ }
125
+ return this.exec(filter, options.token);
126
+ }
127
+ async createRegistration(input) {
128
+ this.resetActivityTimer();
129
+ const subject = JSON.stringify({
130
+ sender: input.sender,
131
+ cid: input.cid ?? "",
132
+ did: input.did ?? ""
133
+ });
134
+ const result = await this.execute("accounts", "create_registration", { subject });
135
+ if (!result.success) {
136
+ throw new Error(`createRegistration: ${result.error}`);
137
+ }
138
+ return result.result;
139
+ }
140
+ async query(did = "") {
141
+ this.resetActivityTimer();
142
+ const input = JSON.stringify({ did });
143
+ try {
144
+ const result = await this.plugin.call("query", input);
145
+ if (!result) {
146
+ throw new Error("query: plugin returned no output");
147
+ }
148
+ return result.json();
149
+ } catch (err) {
150
+ const msg = toErrorMessage(err);
151
+ this.log(`query: failed - ${msg}`, "error");
152
+ throw new Error(`query: ${msg}`);
153
+ }
154
+ }
155
+ async ping(message = "hello") {
156
+ const input = JSON.stringify({ message });
157
+ try {
158
+ const result = await this.plugin.call("ping", input);
159
+ if (!result) {
160
+ throw new Error("ping: plugin returned no output");
161
+ }
162
+ return result.json();
163
+ } catch (err) {
164
+ const msg = toErrorMessage(err);
165
+ throw new Error(`ping: ${msg}`);
166
+ }
167
+ }
168
+ async lock() {
169
+ this.clearActivityTimer();
170
+ try {
171
+ const result = await this.plugin.call("lock", "{}");
172
+ if (!result) {
173
+ return { success: false, error: "plugin returned no output" };
174
+ }
175
+ return result.json();
176
+ } catch (err) {
177
+ const msg = toErrorMessage(err);
178
+ this.log(`lock: failed - ${msg}`, "error");
179
+ return { success: false, error: msg };
180
+ }
181
+ }
182
+ async unlock(source) {
183
+ const database = source instanceof Uint8Array ? Array.from(source) : source;
184
+ const input = JSON.stringify({ database });
185
+ try {
186
+ const result = await this.plugin.call("unlock", input);
187
+ if (!result) {
188
+ return { success: false, error: "plugin returned no output" };
189
+ }
190
+ const output = result.json();
191
+ if (output.success) {
192
+ this.resetActivityTimer();
193
+ }
194
+ return output;
195
+ } catch (err) {
196
+ const msg = toErrorMessage(err);
197
+ this.log(`unlock: failed - ${msg}`, "error");
198
+ return { success: false, error: msg };
199
+ }
200
+ }
201
+ async status() {
202
+ try {
203
+ const result = await this.plugin.call("status", "{}");
204
+ if (!result) {
205
+ return { locked: true, initialized: false };
206
+ }
207
+ return result.json();
208
+ } catch {
209
+ return { locked: true, initialized: false };
210
+ }
211
+ }
212
+ async isLocked() {
213
+ const s = await this.status();
214
+ return s.locked;
215
+ }
216
+ async reset() {
217
+ this.clearActivityTimer();
218
+ await this.plugin.reset();
219
+ }
220
+ async close() {
221
+ this.clearActivityTimer();
222
+ await this.plugin.close();
223
+ }
224
+ log(message, level = "debug") {
225
+ if (this.debug && this.logger) {
226
+ this.logger[level](`[Enclave] ${message}`);
227
+ }
228
+ }
229
+ }
230
+ async function createEnclave(wasm, options = {}) {
231
+ return Enclave.create(wasm, options);
232
+ }
233
+ function toErrorMessage(err) {
234
+ if (err instanceof Error)
235
+ return err.message;
236
+ if (typeof err === "string")
237
+ return err;
238
+ try {
239
+ return JSON.stringify(err);
240
+ } catch {
241
+ return String(err);
242
+ }
243
+ }
244
+ // src/storage.ts
245
+ var DB_NAME = "motr-enclave";
246
+ var DB_VERSION = 1;
247
+ var STORE_NAME = "vault";
248
+ var CEK_KEY = "__cek__";
249
+
250
+ class SecureStorage {
251
+ db = null;
252
+ cek = null;
253
+ async init() {
254
+ this.db = await this.openDatabase();
255
+ this.cek = await this.getOrCreateCEK();
256
+ }
257
+ openDatabase() {
258
+ return new Promise((resolve, reject) => {
259
+ const request = indexedDB.open(DB_NAME, DB_VERSION);
260
+ request.onerror = () => reject(request.error);
261
+ request.onsuccess = () => resolve(request.result);
262
+ request.onupgradeneeded = (event) => {
263
+ const db = event.target.result;
264
+ if (!db.objectStoreNames.contains(STORE_NAME)) {
265
+ db.createObjectStore(STORE_NAME);
266
+ }
267
+ };
268
+ });
269
+ }
270
+ async getOrCreateCEK() {
271
+ const stored = await this.getRaw(CEK_KEY);
272
+ if (stored) {
273
+ return crypto.subtle.importKey("raw", stored.buffer, { name: "AES-GCM", length: 256 }, false, ["encrypt", "decrypt"]);
274
+ }
275
+ const cek = await crypto.subtle.generateKey({ name: "AES-GCM", length: 256 }, true, ["encrypt", "decrypt"]);
276
+ const exported = await crypto.subtle.exportKey("raw", cek);
277
+ await this.setRaw(CEK_KEY, new Uint8Array(exported));
278
+ return crypto.subtle.importKey("raw", exported, { name: "AES-GCM", length: 256 }, false, ["encrypt", "decrypt"]);
279
+ }
280
+ getRaw(key) {
281
+ return new Promise((resolve, reject) => {
282
+ if (!this.db) {
283
+ reject(new Error("Database not initialized"));
284
+ return;
285
+ }
286
+ const tx = this.db.transaction(STORE_NAME, "readonly");
287
+ const store = tx.objectStore(STORE_NAME);
288
+ const request = store.get(key);
289
+ request.onerror = () => reject(request.error);
290
+ request.onsuccess = () => {
291
+ resolve(request.result ? new Uint8Array(request.result) : null);
292
+ };
293
+ });
294
+ }
295
+ setRaw(key, value) {
296
+ return new Promise((resolve, reject) => {
297
+ if (!this.db) {
298
+ reject(new Error("Database not initialized"));
299
+ return;
300
+ }
301
+ const tx = this.db.transaction(STORE_NAME, "readwrite");
302
+ const store = tx.objectStore(STORE_NAME);
303
+ const request = store.put(value.buffer, key);
304
+ request.onerror = () => reject(request.error);
305
+ request.onsuccess = () => resolve();
306
+ });
307
+ }
308
+ async set(key, data) {
309
+ if (!this.cek)
310
+ throw new Error("Storage not initialized");
311
+ const bytes = data instanceof Uint8Array ? data : new Uint8Array(data);
312
+ const iv = crypto.getRandomValues(new Uint8Array(12));
313
+ const encrypted = await crypto.subtle.encrypt({ name: "AES-GCM", iv }, this.cek, bytes.buffer);
314
+ const blob = { iv: Array.from(iv), data: encrypted };
315
+ await this.setEncrypted(key, blob);
316
+ }
317
+ async get(key) {
318
+ if (!this.cek)
319
+ throw new Error("Storage not initialized");
320
+ const blob = await this.getEncrypted(key);
321
+ if (!blob)
322
+ return null;
323
+ const iv = new Uint8Array(blob.iv);
324
+ const decrypted = await crypto.subtle.decrypt({ name: "AES-GCM", iv }, this.cek, blob.data);
325
+ return new Uint8Array(decrypted);
326
+ }
327
+ async getAsArray(key) {
328
+ const data = await this.get(key);
329
+ return data ? Array.from(data) : null;
330
+ }
331
+ async delete(key) {
332
+ return new Promise((resolve, reject) => {
333
+ if (!this.db) {
334
+ reject(new Error("Database not initialized"));
335
+ return;
336
+ }
337
+ const tx = this.db.transaction(STORE_NAME, "readwrite");
338
+ const store = tx.objectStore(STORE_NAME);
339
+ const request = store.delete(`enc:${key}`);
340
+ request.onerror = () => reject(request.error);
341
+ request.onsuccess = () => resolve();
342
+ });
343
+ }
344
+ async clear() {
345
+ return new Promise((resolve, reject) => {
346
+ if (!this.db) {
347
+ reject(new Error("Database not initialized"));
348
+ return;
349
+ }
350
+ const tx = this.db.transaction(STORE_NAME, "readwrite");
351
+ const store = tx.objectStore(STORE_NAME);
352
+ const request = store.clear();
353
+ request.onerror = () => reject(request.error);
354
+ request.onsuccess = () => resolve();
355
+ });
356
+ }
357
+ getEncrypted(key) {
358
+ return new Promise((resolve, reject) => {
359
+ if (!this.db) {
360
+ reject(new Error("Database not initialized"));
361
+ return;
362
+ }
363
+ const tx = this.db.transaction(STORE_NAME, "readonly");
364
+ const store = tx.objectStore(STORE_NAME);
365
+ const request = store.get(`enc:${key}`);
366
+ request.onerror = () => reject(request.error);
367
+ request.onsuccess = () => {
368
+ const result = request.result;
369
+ if (result && result.iv && result.data) {
370
+ resolve({ iv: result.iv, data: result.data });
371
+ } else {
372
+ resolve(null);
373
+ }
374
+ };
375
+ });
376
+ }
377
+ setEncrypted(key, blob) {
378
+ return new Promise((resolve, reject) => {
379
+ if (!this.db) {
380
+ reject(new Error("Database not initialized"));
381
+ return;
382
+ }
383
+ const tx = this.db.transaction(STORE_NAME, "readwrite");
384
+ const store = tx.objectStore(STORE_NAME);
385
+ const request = store.put({ iv: blob.iv, data: blob.data }, `enc:${key}`);
386
+ request.onerror = () => reject(request.error);
387
+ request.onsuccess = () => resolve();
388
+ });
389
+ }
390
+ async close() {
391
+ if (this.db) {
392
+ this.db.close();
393
+ this.db = null;
394
+ }
395
+ this.cek = null;
396
+ }
397
+ }
398
+ async function createSecureStorage() {
399
+ const storage = new SecureStorage;
400
+ await storage.init();
401
+ return storage;
402
+ }
403
+ // src/types.ts
404
+ var defaultContracts = {
405
+ chainId: 84532,
406
+ entryPoint: "0x0000000071727De22E5E9d8BAf0edAc6f37da032",
407
+ didRegistry: "0x42582746954724b983df6a80701c57887037fe07",
408
+ accountHelper: "0x5001a32196533baf5a67ed8667c1d40c6ed24684",
409
+ sessionSBT: "0xdae5a3eb3d3a9d097f0449960921981e46f01a27",
410
+ hyperAuthFactory: "0x1d45db62953cb90ae37abefce427dc3c4dd951b4"
411
+ };
412
+ export {
413
+ defaultContracts,
414
+ createSecureStorage,
415
+ createEnclave,
416
+ SecureStorage,
417
+ Enclave
418
+ };
419
+
420
+ //# debugId=29514AB559B2F93364756E2164756E21
package/dist/enclave.js.map ADDED
@@ -0,0 +1,12 @@
1
+ {
2
+ "version": 3,
3
+ "sources": ["../src/enclave.ts", "../src/storage.ts", "../src/types.ts"],
4
+ "sourcesContent": [
5
+ "import createPlugin, { CAPABILITIES, type Plugin } from '@extism/extism';\nimport type {\n EnclaveOptions,\n GenerateOutput,\n LoadOutput,\n ExecOutput,\n QueryOutput,\n LockOutput,\n UnlockOutput,\n StatusOutput,\n Resource,\n CreateRegistrationInput,\n RegistrationResult,\n} from './types';\n\nexport class Enclave {\n private plugin: Plugin;\n private logger: EnclaveOptions['logger'];\n private debug: boolean;\n private autoLockTimeout: number;\n private activityTimer?: ReturnType<typeof setTimeout>;\n private onAutoLock?: (database: number[]) => void;\n\n private constructor(plugin: Plugin, options: EnclaveOptions = {}) {\n this.plugin = plugin;\n this.logger = options.logger ?? console;\n this.debug = options.debug ?? false;\n this.autoLockTimeout = options.autoLockTimeout ?? 5 * 60 * 1000;\n }\n\n setAutoLockCallback(callback: (database: number[]) => void): void {\n this.onAutoLock = callback;\n }\n\n setAutoLockTimeout(ms: number): void {\n this.autoLockTimeout = ms;\n this.resetActivityTimer();\n }\n\n private resetActivityTimer(): void {\n if (this.activityTimer) {\n clearTimeout(this.activityTimer);\n this.activityTimer = undefined;\n }\n if (this.autoLockTimeout > 0) {\n this.activityTimer = setTimeout(async () => {\n this.log('auto-lock: inactivity timeout reached');\n const result = await this.lock();\n if (result.success && result.database && this.onAutoLock) {\n this.onAutoLock(result.database);\n }\n }, this.autoLockTimeout);\n }\n }\n\n private clearActivityTimer(): void {\n if (this.activityTimer) {\n clearTimeout(this.activityTimer);\n this.activityTimer = undefined;\n }\n }\n\n static async create(\n wasm: string | Uint8Array,\n options: EnclaveOptions = {}\n ): Promise<Enclave> {\n const manifest =\n typeof wasm === 'string'\n ? { wasm: [{ url: wasm }] }\n : { wasm: [{ data: wasm }] };\n\n const config: Record<string, string> = {};\n if (options.contracts) {\n const c = options.contracts;\n config['registry_address'] = c.didRegistry;\n config['factory_address'] = c.hyperAuthFactory;\n config['account_helper_address'] = c.accountHelper;\n config['session_sbt_address'] = c.sessionSBT;\n config['entry_point_address'] = c.entryPoint;\n config['chain_id'] = String(c.chainId);\n }\n\n const plugin = await createPlugin(manifest, {\n useWasi: true,\n runInWorker: CAPABILITIES.hasWorkerCapability,\n logger: options.debug ? (options.logger as Console) : undefined,\n config,\n });\n\n return new Enclave(plugin, options);\n }\n\n async generate(credential: string): Promise<GenerateOutput> {\n const input = JSON.stringify({ credential });\n \n try {\n const result = await this.plugin.call('generate', input);\n if (!result) {\n throw new Error('generate: plugin returned no output');\n }\n const output = result.json() as GenerateOutput;\n this.resetActivityTimer();\n return output;\n } catch (err) {\n const msg = toErrorMessage(err);\n this.log(`generate: failed - ${msg}`, 'error');\n throw new Error(`generate: ${msg}`);\n }\n }\n\n async load(source: Uint8Array | number[]): Promise<LoadOutput> {\n this.log('load: loading database');\n\n const database = source instanceof Uint8Array ? Array.from(source) : source;\n const input = JSON.stringify({ database });\n\n try {\n const result = await this.plugin.call('load', input);\n if (!result) {\n return { success: false, error: 'plugin returned no output' };\n }\n const output = result.json() as LoadOutput;\n if (output.success) {\n this.log(`load: loaded database for DID ${output.did}`);\n this.resetActivityTimer();\n } else {\n this.log(`load: failed - ${output.error}`, 'error');\n }\n return output;\n } catch (err) {\n const msg = toErrorMessage(err);\n this.log(`load: failed - ${msg}`, 'error');\n return { success: false, error: msg };\n }\n }\n\n async exec(filter: string, token?: string): Promise<ExecOutput> {\n this.log(`exec: ${filter}`);\n this.resetActivityTimer();\n\n const input = JSON.stringify({ filter, token });\n\n try {\n const result = await this.plugin.call('exec', input);\n if (!result) {\n return { success: false, error: 'plugin returned no output' };\n }\n return result.json() as ExecOutput;\n } catch (err) {\n const msg = toErrorMessage(err);\n this.log(`exec: failed - ${msg}`, 'error');\n return { success: false, error: msg };\n }\n }\n\n async execute(\n resource: Resource,\n action: string,\n options: { subject?: string; token?: string } = {}\n ): Promise<ExecOutput> {\n let filter = `resource:${resource} action:${action}`;\n if (options.subject) {\n filter += ` subject:${options.subject}`;\n }\n return this.exec(filter, options.token);\n }\n\n async createRegistration(input: CreateRegistrationInput): Promise<RegistrationResult> {\n this.resetActivityTimer();\n\n const subject = JSON.stringify({\n sender: input.sender,\n cid: input.cid ?? '',\n did: input.did ?? '',\n });\n\n const result = await this.execute('accounts', 'create_registration', { subject });\n if (!result.success) {\n throw new Error(`createRegistration: ${result.error}`);\n }\n\n return result.result as RegistrationResult;\n }\n\n async query(did: string = ''): Promise<QueryOutput> {\n this.resetActivityTimer();\n const input = JSON.stringify({ did });\n\n try {\n const result = await this.plugin.call('query', input);\n if (!result) {\n throw new Error('query: plugin returned no output');\n }\n return result.json() as QueryOutput;\n } catch (err) {\n const msg = toErrorMessage(err);\n this.log(`query: failed - ${msg}`, 'error');\n throw new Error(`query: ${msg}`);\n }\n }\n\n async ping(message: string = 'hello'): Promise<{ success: boolean; message: string; echo: string }> {\n const input = JSON.stringify({ message });\n\n try {\n const result = await this.plugin.call('ping', input);\n if (!result) {\n throw new Error('ping: plugin returned no output');\n }\n return result.json() as { success: boolean; message: string; echo: string };\n } catch (err) {\n const msg = toErrorMessage(err);\n throw new Error(`ping: ${msg}`);\n }\n }\n\n async lock(): Promise<LockOutput> {\n this.clearActivityTimer();\n\n try {\n const result = await this.plugin.call('lock', '{}');\n if (!result) {\n return { success: false, error: 'plugin returned no output' };\n }\n return result.json() as LockOutput;\n } catch (err) {\n const msg = toErrorMessage(err);\n this.log(`lock: failed - ${msg}`, 'error');\n return { success: false, error: msg };\n }\n }\n\n async unlock(source: Uint8Array | number[]): Promise<UnlockOutput> {\n const database = source instanceof Uint8Array ? Array.from(source) : source;\n const input = JSON.stringify({ database });\n\n try {\n const result = await this.plugin.call('unlock', input);\n if (!result) {\n return { success: false, error: 'plugin returned no output' };\n }\n const output = result.json() as UnlockOutput;\n if (output.success) {\n this.resetActivityTimer();\n }\n return output;\n } catch (err) {\n const msg = toErrorMessage(err);\n this.log(`unlock: failed - ${msg}`, 'error');\n return { success: false, error: msg };\n }\n }\n\n async status(): Promise<StatusOutput> {\n try {\n const result = await this.plugin.call('status', '{}');\n if (!result) {\n return { locked: true, initialized: false };\n }\n return result.json() as StatusOutput;\n } catch {\n return { locked: true, initialized: false };\n }\n }\n\n async isLocked(): Promise<boolean> {\n const s = await this.status();\n return s.locked;\n }\n\n async reset(): Promise<void> {\n this.clearActivityTimer();\n await this.plugin.reset();\n }\n\n async close(): Promise<void> {\n this.clearActivityTimer();\n await this.plugin.close();\n }\n\n private log(message: string, level: 'log' | 'error' | 'warn' | 'info' | 'debug' = 'debug'): void {\n if (this.debug && this.logger) {\n this.logger[level](`[Enclave] ${message}`);\n }\n }\n}\n\nexport async function createEnclave(\n wasm: string | Uint8Array,\n options: EnclaveOptions = {}\n): Promise<Enclave> {\n return Enclave.create(wasm, options);\n}\n\nfunction toErrorMessage(err: unknown): string {\n if (err instanceof Error) return err.message;\n if (typeof err === 'string') return err;\n try {\n return JSON.stringify(err);\n } catch {\n return String(err);\n }\n}\n",
6
+ "const DB_NAME = 'motr-enclave';\nconst DB_VERSION = 1;\nconst STORE_NAME = 'vault';\nconst CEK_KEY = '__cek__';\n\ninterface EncryptedBlob {\n iv: number[];\n data: ArrayBuffer;\n}\n\nexport class SecureStorage {\n private db: IDBDatabase | null = null;\n private cek: CryptoKey | null = null;\n\n async init(): Promise<void> {\n this.db = await this.openDatabase();\n this.cek = await this.getOrCreateCEK();\n }\n\n private openDatabase(): Promise<IDBDatabase> {\n return new Promise((resolve, reject) => {\n const request = indexedDB.open(DB_NAME, DB_VERSION);\n\n request.onerror = () => reject(request.error);\n request.onsuccess = () => resolve(request.result);\n\n request.onupgradeneeded = (event) => {\n const db = (event.target as IDBOpenDBRequest).result;\n if (!db.objectStoreNames.contains(STORE_NAME)) {\n db.createObjectStore(STORE_NAME);\n }\n };\n });\n }\n\n private async getOrCreateCEK(): Promise<CryptoKey> {\n const stored = await this.getRaw(CEK_KEY);\n\n if (stored) {\n return crypto.subtle.importKey(\n 'raw',\n stored.buffer as ArrayBuffer,\n { name: 'AES-GCM', length: 256 },\n false,\n ['encrypt', 'decrypt']\n );\n }\n\n const cek = await crypto.subtle.generateKey(\n { name: 'AES-GCM', length: 256 },\n true,\n ['encrypt', 'decrypt']\n );\n\n const exported = await crypto.subtle.exportKey('raw', cek);\n await this.setRaw(CEK_KEY, new Uint8Array(exported));\n\n return crypto.subtle.importKey(\n 'raw',\n exported,\n { name: 'AES-GCM', length: 256 },\n false,\n ['encrypt', 'decrypt']\n );\n }\n\n private getRaw(key: string): Promise<Uint8Array | null> {\n return new Promise((resolve, reject) => {\n if (!this.db) {\n reject(new Error('Database not initialized'));\n return;\n }\n\n const tx = this.db.transaction(STORE_NAME, 'readonly');\n const store = tx.objectStore(STORE_NAME);\n const request = store.get(key);\n\n request.onerror = () => reject(request.error);\n request.onsuccess = () => {\n resolve(request.result ? new Uint8Array(request.result) : null);\n };\n });\n }\n\n private setRaw(key: string, value: Uint8Array): Promise<void> {\n return new Promise((resolve, reject) => {\n if (!this.db) {\n reject(new Error('Database not initialized'));\n return;\n }\n\n const tx = this.db.transaction(STORE_NAME, 'readwrite');\n const store = tx.objectStore(STORE_NAME);\n const request = store.put(value.buffer, key);\n\n request.onerror = () => reject(request.error);\n request.onsuccess = () => resolve();\n });\n }\n\n async set(key: string, data: Uint8Array | number[]): Promise<void> {\n if (!this.cek) throw new Error('Storage not initialized');\n\n const bytes = data instanceof Uint8Array ? data : new Uint8Array(data);\n const iv = crypto.getRandomValues(new Uint8Array(12));\n const encrypted = await crypto.subtle.encrypt(\n { name: 'AES-GCM', iv },\n this.cek,\n bytes.buffer as ArrayBuffer\n );\n\n const blob: EncryptedBlob = { iv: Array.from(iv), data: encrypted };\n await this.setEncrypted(key, blob);\n }\n\n async get(key: string): Promise<Uint8Array | null> {\n if (!this.cek) throw new Error('Storage not initialized');\n\n const blob = await this.getEncrypted(key);\n if (!blob) return null;\n\n const iv = new Uint8Array(blob.iv);\n const decrypted = await crypto.subtle.decrypt(\n { name: 'AES-GCM', iv },\n this.cek,\n blob.data\n );\n\n return new Uint8Array(decrypted);\n }\n\n async getAsArray(key: string): Promise<number[] | null> {\n const data = await this.get(key);\n return data ? Array.from(data) : null;\n }\n\n async delete(key: string): Promise<void> {\n return new Promise((resolve, reject) => {\n if (!this.db) {\n reject(new Error('Database not initialized'));\n return;\n }\n\n const tx = this.db.transaction(STORE_NAME, 'readwrite');\n const store = tx.objectStore(STORE_NAME);\n const request = store.delete(`enc:${key}`);\n\n request.onerror = () => reject(request.error);\n request.onsuccess = () => resolve();\n });\n }\n\n async clear(): Promise<void> {\n return new Promise((resolve, reject) => {\n if (!this.db) {\n reject(new Error('Database not initialized'));\n return;\n }\n\n const tx = this.db.transaction(STORE_NAME, 'readwrite');\n const store = tx.objectStore(STORE_NAME);\n const request = store.clear();\n\n request.onerror = () => reject(request.error);\n request.onsuccess = () => resolve();\n });\n }\n\n private getEncrypted(key: string): Promise<EncryptedBlob | null> {\n return new Promise((resolve, reject) => {\n if (!this.db) {\n reject(new Error('Database not initialized'));\n return;\n }\n\n const tx = this.db.transaction(STORE_NAME, 'readonly');\n const store = tx.objectStore(STORE_NAME);\n const request = store.get(`enc:${key}`);\n\n request.onerror = () => reject(request.error);\n request.onsuccess = () => {\n const result = request.result;\n if (result && result.iv && result.data) {\n resolve({ iv: result.iv, data: result.data });\n } else {\n resolve(null);\n }\n };\n });\n }\n\n private setEncrypted(key: string, blob: EncryptedBlob): Promise<void> {\n return new Promise((resolve, reject) => {\n if (!this.db) {\n reject(new Error('Database not initialized'));\n return;\n }\n\n const tx = this.db.transaction(STORE_NAME, 'readwrite');\n const store = tx.objectStore(STORE_NAME);\n const request = store.put(\n { iv: blob.iv, data: blob.data },\n `enc:${key}`\n );\n\n request.onerror = () => reject(request.error);\n request.onsuccess = () => resolve();\n });\n }\n\n async close(): Promise<void> {\n if (this.db) {\n this.db.close();\n this.db = null;\n }\n this.cek = null;\n }\n}\n\nexport async function createSecureStorage(): Promise<SecureStorage> {\n const storage = new SecureStorage();\n await storage.init();\n return storage;\n}\n",
7
+ "export interface GenerateInput {\n credential: string;\n}\n\nexport interface GenerateOutput {\n did: string;\n database: number[];\n enclave_id: string;\n public_key: string;\n pubkey_x?: string;\n pubkey_y?: string;\n accounts: AccountInfo[];\n}\n\nexport interface AccountInfo {\n address: string;\n chain_id: string;\n}\n\nexport interface LoadInput {\n database: number[];\n}\n\nexport interface LoadOutput {\n success: boolean;\n did?: string;\n error?: string;\n}\n\nexport interface ExecInput {\n filter: string;\n token?: string;\n}\n\nexport interface ExecOutput {\n success: boolean;\n result?: unknown;\n error?: string;\n}\n\nexport interface QueryInput {\n did: string;\n}\n\nexport interface QueryOutput {\n did: string;\n controller: string;\n verification_methods: VerificationMethod[];\n accounts: Account[];\n credentials: Credential[];\n}\n\nexport interface VerificationMethod {\n id: string;\n type: string;\n controller: string;\n public_key: string;\n purpose: string;\n}\n\nexport interface Account {\n address: string;\n chain_id: string;\n coin_type: number;\n account_index: number;\n address_index: number;\n label: string;\n is_default: boolean;\n}\n\nexport interface Credential {\n credential_id: string;\n device_name: string;\n device_type: string;\n authenticator: string;\n transports: string[];\n created_at: string;\n last_used: string;\n}\n\nexport interface CreateRegistrationInput {\n sender: string;\n cid?: string;\n did?: string;\n}\n\nexport interface UserOp {\n sender: string;\n nonce: string;\n initCode: string;\n callData: string;\n callGasLimit: string;\n verificationGasLimit: string;\n preVerificationGas: string;\n maxFeePerGas: string;\n maxPriorityFeePerGas: string;\n paymasterAndData: string;\n signature: string;\n}\n\nexport interface RegistrationResult {\n user_op: UserOp;\n did_hash: string;\n metadata_cid: string;\n call_data: string;\n entry_point: string;\n registry_addr: string;\n}\n\nexport interface LockOutput {\n success: boolean;\n database?: number[];\n error?: string;\n}\n\nexport interface UnlockInput {\n database: number[];\n}\n\nexport interface UnlockOutput {\n success: boolean;\n did?: string;\n error?: string;\n}\n\nexport interface StatusOutput {\n locked: boolean;\n initialized: boolean;\n did?: string;\n last_activity?: string;\n}\n\nexport interface ContractsConfig {\n chainId: number;\n entryPoint: string;\n didRegistry: string;\n accountHelper: string;\n sessionSBT: string;\n hyperAuthFactory: string;\n}\n\nexport const defaultContracts: ContractsConfig = {\n chainId: 84532,\n entryPoint: '0x0000000071727De22E5E9d8BAf0edAc6f37da032',\n didRegistry: '0x42582746954724b983df6a80701c57887037fe07',\n accountHelper: '0x5001a32196533baf5a67ed8667c1d40c6ed24684',\n sessionSBT: '0xdae5a3eb3d3a9d097f0449960921981e46f01a27',\n hyperAuthFactory: '0x1d45db62953cb90ae37abefce427dc3c4dd951b4',\n};\n\nexport interface EnclaveOptions {\n logger?: Pick<Console, 'log' | 'error' | 'warn' | 'info' | 'debug'>;\n debug?: boolean;\n autoLockTimeout?: number;\n contracts?: ContractsConfig;\n}\n\nexport type Resource =\n | 'accounts'\n | 'credentials'\n | 'sessions'\n | 'grants'\n | 'enclaves'\n | 'delegations'\n | 'ucans'\n | 'verification_methods'\n | 'services'\n | 'chains';\n"
8
+ ],
9
+ "mappings": ";AAAA;AAAA;AAeO,MAAM,QAAQ;AAAA,EACX;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EAEA,WAAW,CAAC,QAAgB,UAA0B,CAAC,GAAG;AAAA,IAChE,KAAK,SAAS;AAAA,IACd,KAAK,SAAS,QAAQ,UAAU;AAAA,IAChC,KAAK,QAAQ,QAAQ,SAAS;AAAA,IAC9B,KAAK,kBAAkB,QAAQ,mBAAmB,IAAI,KAAK;AAAA;AAAA,EAG7D,mBAAmB,CAAC,UAA8C;AAAA,IAChE,KAAK,aAAa;AAAA;AAAA,EAGpB,kBAAkB,CAAC,IAAkB;AAAA,IACnC,KAAK,kBAAkB;AAAA,IACvB,KAAK,mBAAmB;AAAA;AAAA,EAGlB,kBAAkB,GAAS;AAAA,IACjC,IAAI,KAAK,eAAe;AAAA,MACtB,aAAa,KAAK,aAAa;AAAA,MAC/B,KAAK,gBAAgB;AAAA,IACvB;AAAA,IACA,IAAI,KAAK,kBAAkB,GAAG;AAAA,MAC5B,KAAK,gBAAgB,WAAW,YAAY;AAAA,QAC1C,KAAK,IAAI,uCAAuC;AAAA,QAChD,MAAM,SAAS,MAAM,KAAK,KAAK;AAAA,QAC/B,IAAI,OAAO,WAAW,OAAO,YAAY,KAAK,YAAY;AAAA,UACxD,KAAK,WAAW,OAAO,QAAQ;AAAA,QACjC;AAAA,SACC,KAAK,eAAe;AAAA,IACzB;AAAA;AAAA,EAGM,kBAAkB,GAAS;AAAA,IACjC,IAAI,KAAK,eAAe;AAAA,MACtB,aAAa,KAAK,aAAa;AAAA,MAC/B,KAAK,gBAAgB;AAAA,IACvB;AAAA;AAAA,cAGW,OAAM,CACjB,MACA,UAA0B,CAAC,GACT;AAAA,IAClB,MAAM,WACJ,OAAO,SAAS,WACZ,EAAE,MAAM,CAAC,EAAE,KAAK,KAAK,CAAC,EAAE,IACxB,EAAE,MAAM,CAAC,EAAE,MAAM,KAAK,CAAC,EAAE;AAAA,IAE/B,MAAM,SAAiC,CAAC;AAAA,IACxC,IAAI,QAAQ,WAAW;AAAA,MACrB,MAAM,IAAI,QAAQ;AAAA,MAClB,OAAO,sBAAsB,EAAE;AAAA,MAC/B,OAAO,qBAAqB,EAAE;AAAA,MAC9B,OAAO,4BAA4B,EAAE;AAAA,MACrC,OAAO,yBAAyB,EAAE;AAAA,MAClC,OAAO,yBAAyB,EAAE;AAAA,MAClC,OAAO,cAAc,OAAO,EAAE,OAAO;AAAA,IACvC;AAAA,IAEA,MAAM,SAAS,MAAM,aAAa,UAAU;AAAA,MAC1C,SAAS;AAAA,MACT,aAAa,aAAa;AAAA,MAC1B,QAAQ,QAAQ,QAAS,QAAQ,SAAqB;AAAA,MACtD;AAAA,IACF,CAAC;AAAA,IAED,OAAO,IAAI,QAAQ,QAAQ,OAAO;AAAA;AAAA,OAG9B,SAAQ,CAAC,YAA6C;AAAA,IAC1D,MAAM,QAAQ,KAAK,UAAU,EAAE,WAAW,CAAC;AAAA,IAE3C,IAAI;AAAA,MACF,MAAM,SAAS,MAAM,KAAK,OAAO,KAAK,YAAY,KAAK;AAAA,MACvD,IAAI,CAAC,QAAQ;AAAA,QACX,MAAM,IAAI,MAAM,qCAAqC;AAAA,MACvD;AAAA,MACA,MAAM,SAAS,OAAO,KAAK;AAAA,MAC3B,KAAK,mBAAmB;AAAA,MACxB,OAAO;AAAA,MACP,OAAO,KAAK;AAAA,MACZ,MAAM,MAAM,eAAe,GAAG;AAAA,MAC9B,KAAK,IAAI,sBAAsB,OAAO,OAAO;AAAA,MAC7C,MAAM,IAAI,MAAM,aAAa,KAAK;AAAA;AAAA;AAAA,OAIhC,KAAI,CAAC,QAAoD;AAAA,IAC7D,KAAK,IAAI,wBAAwB;AAAA,IAEjC,MAAM,WAAW,kBAAkB,aAAa,MAAM,KAAK,MAAM,IAAI;AAAA,IACrE,MAAM,QAAQ,KAAK,UAAU,EAAE,SAAS,CAAC;AAAA,IAEzC,IAAI;AAAA,MACF,MAAM,SAAS,MAAM,KAAK,OAAO,KAAK,QAAQ,KAAK;AAAA,MACnD,IAAI,CAAC,QAAQ;AAAA,QACX,OAAO,EAAE,SAAS,OAAO,OAAO,4BAA4B;AAAA,MAC9D;AAAA,MACA,MAAM,SAAS,OAAO,KAAK;AAAA,MAC3B,IAAI,OAAO,SAAS;AAAA,QAClB,KAAK,IAAI,iCAAiC,OAAO,KAAK;AAAA,QACtD,KAAK,mBAAmB;AAAA,MAC1B,EAAO;AAAA,QACL,KAAK,IAAI,kBAAkB,OAAO,SAAS,OAAO;AAAA;AAAA,MAEpD,OAAO;AAAA,MACP,OAAO,KAAK;AAAA,MACZ,MAAM,MAAM,eAAe,GAAG;AAAA,MAC9B,KAAK,IAAI,kBAAkB,OAAO,OAAO;AAAA,MACzC,OAAO,EAAE,SAAS,OAAO,OAAO,IAAI;AAAA;AAAA;AAAA,OAIlC,KAAI,CAAC,QAAgB,OAAqC;AAAA,IAC9D,KAAK,IAAI,SAAS,QAAQ;AAAA,IAC1B,KAAK,mBAAmB;AAAA,IAExB,MAAM,QAAQ,KAAK,UAAU,EAAE,QAAQ,MAAM,CAAC;AAAA,IAE9C,IAAI;AAAA,MACF,MAAM,SAAS,MAAM,KAAK,OAAO,KAAK,QAAQ,KAAK;AAAA,MACnD,IAAI,CAAC,QAAQ;AAAA,QACX,OAAO,EAAE,SAAS,OAAO,OAAO,4BAA4B;AAAA,MAC9D;AAAA,MACA,OAAO,OAAO,KAAK;AAAA,MACnB,OAAO,KAAK;AAAA,MACZ,MAAM,MAAM,eAAe,GAAG;AAAA,MAC9B,KAAK,IAAI,kBAAkB,OAAO,OAAO;AAAA,MACzC,OAAO,EAAE,SAAS,OAAO,OAAO,IAAI;AAAA;AAAA;AAAA,OAIlC,QAAO,CACX,UACA,QACA,UAAgD,CAAC,GAC5B;AAAA,IACrB,IAAI,SAAS,YAAY,mBAAmB;AAAA,IAC5C,IAAI,QAAQ,SAAS;AAAA,MACnB,UAAU,YAAY,QAAQ;AAAA,IAChC;AAAA,IACA,OAAO,KAAK,KAAK,QAAQ,QAAQ,KAAK;AAAA;AAAA,OAGlC,mBAAkB,CAAC,OAA6D;AAAA,IACpF,KAAK,mBAAmB;AAAA,IAExB,MAAM,UAAU,KAAK,UAAU;AAAA,MAC7B,QAAQ,MAAM;AAAA,MACd,KAAK,MAAM,OAAO;AAAA,MAClB,KAAK,MAAM,OAAO;AAAA,IACpB,CAAC;AAAA,IAED,MAAM,SAAS,MAAM,KAAK,QAAQ,YAAY,uBAAuB,EAAE,QAAQ,CAAC;AAAA,IAChF,IAAI,CAAC,OAAO,SAAS;AAAA,MACnB,MAAM,IAAI,MAAM,uBAAuB,OAAO,OAAO;AAAA,IACvD;AAAA,IAEA,OAAO,OAAO;AAAA;AAAA,OAGV,MAAK,CAAC,MAAc,IAA0B;AAAA,IAClD,KAAK,mBAAmB;AAAA,IACxB,MAAM,QAAQ,KAAK,UAAU,EAAE,IAAI,CAAC;AAAA,IAEpC,IAAI;AAAA,MACF,MAAM,SAAS,MAAM,KAAK,OAAO,KAAK,SAAS,KAAK;AAAA,MACpD,IAAI,CAAC,QAAQ;AAAA,QACX,MAAM,IAAI,MAAM,kCAAkC;AAAA,MACpD;AAAA,MACA,OAAO,OAAO,KAAK;AAAA,MACnB,OAAO,KAAK;AAAA,MACZ,MAAM,MAAM,eAAe,GAAG;AAAA,MAC9B,KAAK,IAAI,mBAAmB,OAAO,OAAO;AAAA,MAC1C,MAAM,IAAI,MAAM,UAAU,KAAK;AAAA;AAAA;AAAA,OAI7B,KAAI,CAAC,UAAkB,SAAuE;AAAA,IAClG,MAAM,QAAQ,KAAK,UAAU,EAAE,QAAQ,CAAC;AAAA,IAExC,IAAI;AAAA,MACF,MAAM,SAAS,MAAM,KAAK,OAAO,KAAK,QAAQ,KAAK;AAAA,MACnD,IAAI,CAAC,QAAQ;AAAA,QACX,MAAM,IAAI,MAAM,iCAAiC;AAAA,MACnD;AAAA,MACA,OAAO,OAAO,KAAK;AAAA,MACnB,OAAO,KAAK;AAAA,MACZ,MAAM,MAAM,eAAe,GAAG;AAAA,MAC9B,MAAM,IAAI,MAAM,SAAS,KAAK;AAAA;AAAA;AAAA,OAI5B,KAAI,GAAwB;AAAA,IAChC,KAAK,mBAAmB;AAAA,IAExB,IAAI;AAAA,MACF,MAAM,SAAS,MAAM,KAAK,OAAO,KAAK,QAAQ,IAAI;AAAA,MAClD,IAAI,CAAC,QAAQ;AAAA,QACX,OAAO,EAAE,SAAS,OAAO,OAAO,4BAA4B;AAAA,MAC9D;AAAA,MACA,OAAO,OAAO,KAAK;AAAA,MACnB,OAAO,KAAK;AAAA,MACZ,MAAM,MAAM,eAAe,GAAG;AAAA,MAC9B,KAAK,IAAI,kBAAkB,OAAO,OAAO;AAAA,MACzC,OAAO,EAAE,SAAS,OAAO,OAAO,IAAI;AAAA;AAAA;AAAA,OAIlC,OAAM,CAAC,QAAsD;AAAA,IACjE,MAAM,WAAW,kBAAkB,aAAa,MAAM,KAAK,MAAM,IAAI;AAAA,IACrE,MAAM,QAAQ,KAAK,UAAU,EAAE,SAAS,CAAC;AAAA,IAEzC,IAAI;AAAA,MACF,MAAM,SAAS,MAAM,KAAK,OAAO,KAAK,UAAU,KAAK;AAAA,MACrD,IAAI,CAAC,QAAQ;AAAA,QACX,OAAO,EAAE,SAAS,OAAO,OAAO,4BAA4B;AAAA,MAC9D;AAAA,MACA,MAAM,SAAS,OAAO,KAAK;AAAA,MAC3B,IAAI,OAAO,SAAS;AAAA,QAClB,KAAK,mBAAmB;AAAA,MAC1B;AAAA,MACA,OAAO;AAAA,MACP,OAAO,KAAK;AAAA,MACZ,MAAM,MAAM,eAAe,GAAG;AAAA,MAC9B,KAAK,IAAI,oBAAoB,OAAO,OAAO;AAAA,MAC3C,OAAO,EAAE,SAAS,OAAO,OAAO,IAAI;AAAA;AAAA;AAAA,OAIlC,OAAM,GAA0B;AAAA,IACpC,IAAI;AAAA,MACF,MAAM,SAAS,MAAM,KAAK,OAAO,KAAK,UAAU,IAAI;AAAA,MACpD,IAAI,CAAC,QAAQ;AAAA,QACX,OAAO,EAAE,QAAQ,MAAM,aAAa,MAAM;AAAA,MAC5C;AAAA,MACA,OAAO,OAAO,KAAK;AAAA,MACnB,MAAM;AAAA,MACN,OAAO,EAAE,QAAQ,MAAM,aAAa,MAAM;AAAA;AAAA;AAAA,OAIxC,SAAQ,GAAqB;AAAA,IACjC,MAAM,IAAI,MAAM,KAAK,OAAO;AAAA,IAC5B,OAAO,EAAE;AAAA;AAAA,OAGL,MAAK,GAAkB;AAAA,IAC3B,KAAK,mBAAmB;AAAA,IACxB,MAAM,KAAK,OAAO,MAAM;AAAA;AAAA,OAGpB,MAAK,GAAkB;AAAA,IAC3B,KAAK,mBAAmB;AAAA,IACxB,MAAM,KAAK,OAAO,MAAM;AAAA;AAAA,EAGlB,GAAG,CAAC,SAAiB,QAAqD,SAAe;AAAA,IAC/F,IAAI,KAAK,SAAS,KAAK,QAAQ;AAAA,MAC7B,KAAK,OAAO,OAAO,aAAa,SAAS;AAAA,IAC3C;AAAA;AAEJ;AAEA,eAAsB,aAAa,CACjC,MACA,UAA0B,CAAC,GACT;AAAA,EAClB,OAAO,QAAQ,OAAO,MAAM,OAAO;AAAA;AAGrC,SAAS,cAAc,CAAC,KAAsB;AAAA,EAC5C,IAAI,eAAe;AAAA,IAAO,OAAO,IAAI;AAAA,EACrC,IAAI,OAAO,QAAQ;AAAA,IAAU,OAAO;AAAA,EACpC,IAAI;AAAA,IACF,OAAO,KAAK,UAAU,GAAG;AAAA,IACzB,MAAM;AAAA,IACN,OAAO,OAAO,GAAG;AAAA;AAAA;;AC5SrB,IAAM,UAAU;AAChB,IAAM,aAAa;AACnB,IAAM,aAAa;AACnB,IAAM,UAAU;AAAA;AAOT,MAAM,cAAc;AAAA,EACjB,KAAyB;AAAA,EACzB,MAAwB;AAAA,OAE1B,KAAI,GAAkB;AAAA,IAC1B,KAAK,KAAK,MAAM,KAAK,aAAa;AAAA,IAClC,KAAK,MAAM,MAAM,KAAK,eAAe;AAAA;AAAA,EAG/B,YAAY,GAAyB;AAAA,IAC3C,OAAO,IAAI,QAAQ,CAAC,SAAS,WAAW;AAAA,MACtC,MAAM,UAAU,UAAU,KAAK,SAAS,UAAU;AAAA,MAElD,QAAQ,UAAU,MAAM,OAAO,QAAQ,KAAK;AAAA,MAC5C,QAAQ,YAAY,MAAM,QAAQ,QAAQ,MAAM;AAAA,MAEhD,QAAQ,kBAAkB,CAAC,UAAU;AAAA,QACnC,MAAM,KAAM,MAAM,OAA4B;AAAA,QAC9C,IAAI,CAAC,GAAG,iBAAiB,SAAS,UAAU,GAAG;AAAA,UAC7C,GAAG,kBAAkB,UAAU;AAAA,QACjC;AAAA;AAAA,KAEH;AAAA;AAAA,OAGW,eAAc,GAAuB;AAAA,IACjD,MAAM,SAAS,MAAM,KAAK,OAAO,OAAO;AAAA,IAExC,IAAI,QAAQ;AAAA,MACV,OAAO,OAAO,OAAO,UACnB,OACA,OAAO,QACP,EAAE,MAAM,WAAW,QAAQ,IAAI,GAC/B,OACA,CAAC,WAAW,SAAS,CACvB;AAAA,IACF;AAAA,IAEA,MAAM,MAAM,MAAM,OAAO,OAAO,YAC9B,EAAE,MAAM,WAAW,QAAQ,IAAI,GAC/B,MACA,CAAC,WAAW,SAAS,CACvB;AAAA,IAEA,MAAM,WAAW,MAAM,OAAO,OAAO,UAAU,OAAO,GAAG;AAAA,IACzD,MAAM,KAAK,OAAO,SAAS,IAAI,WAAW,QAAQ,CAAC;AAAA,IAEnD,OAAO,OAAO,OAAO,UACnB,OACA,UACA,EAAE,MAAM,WAAW,QAAQ,IAAI,GAC/B,OACA,CAAC,WAAW,SAAS,CACvB;AAAA;AAAA,EAGM,MAAM,CAAC,KAAyC;AAAA,IACtD,OAAO,IAAI,QAAQ,CAAC,SAAS,WAAW;AAAA,MACtC,IAAI,CAAC,KAAK,IAAI;AAAA,QACZ,OAAO,IAAI,MAAM,0BAA0B,CAAC;AAAA,QAC5C;AAAA,MACF;AAAA,MAEA,MAAM,KAAK,KAAK,GAAG,YAAY,YAAY,UAAU;AAAA,MACrD,MAAM,QAAQ,GAAG,YAAY,UAAU;AAAA,MACvC,MAAM,UAAU,MAAM,IAAI,GAAG;AAAA,MAE7B,QAAQ,UAAU,MAAM,OAAO,QAAQ,KAAK;AAAA,MAC5C,QAAQ,YAAY,MAAM;AAAA,QACxB,QAAQ,QAAQ,SAAS,IAAI,WAAW,QAAQ,MAAM,IAAI,IAAI;AAAA;AAAA,KAEjE;AAAA;AAAA,EAGK,MAAM,CAAC,KAAa,OAAkC;AAAA,IAC5D,OAAO,IAAI,QAAQ,CAAC,SAAS,WAAW;AAAA,MACtC,IAAI,CAAC,KAAK,IAAI;AAAA,QACZ,OAAO,IAAI,MAAM,0BAA0B,CAAC;AAAA,QAC5C;AAAA,MACF;AAAA,MAEA,MAAM,KAAK,KAAK,GAAG,YAAY,YAAY,WAAW;AAAA,MACtD,MAAM,QAAQ,GAAG,YAAY,UAAU;AAAA,MACvC,MAAM,UAAU,MAAM,IAAI,MAAM,QAAQ,GAAG;AAAA,MAE3C,QAAQ,UAAU,MAAM,OAAO,QAAQ,KAAK;AAAA,MAC5C,QAAQ,YAAY,MAAM,QAAQ;AAAA,KACnC;AAAA;AAAA,OAGG,IAAG,CAAC,KAAa,MAA4C;AAAA,IACjE,IAAI,CAAC,KAAK;AAAA,MAAK,MAAM,IAAI,MAAM,yBAAyB;AAAA,IAExD,MAAM,QAAQ,gBAAgB,aAAa,OAAO,IAAI,WAAW,IAAI;AAAA,IACrE,MAAM,KAAK,OAAO,gBAAgB,IAAI,WAAW,EAAE,CAAC;AAAA,IACpD,MAAM,YAAY,MAAM,OAAO,OAAO,QACpC,EAAE,MAAM,WAAW,GAAG,GACtB,KAAK,KACL,MAAM,MACR;AAAA,IAEA,MAAM,OAAsB,EAAE,IAAI,MAAM,KAAK,EAAE,GAAG,MAAM,UAAU;AAAA,IAClE,MAAM,KAAK,aAAa,KAAK,IAAI;AAAA;AAAA,OAG7B,IAAG,CAAC,KAAyC;AAAA,IACjD,IAAI,CAAC,KAAK;AAAA,MAAK,MAAM,IAAI,MAAM,yBAAyB;AAAA,IAExD,MAAM,OAAO,MAAM,KAAK,aAAa,GAAG;AAAA,IACxC,IAAI,CAAC;AAAA,MAAM,OAAO;AAAA,IAElB,MAAM,KAAK,IAAI,WAAW,KAAK,EAAE;AAAA,IACjC,MAAM,YAAY,MAAM,OAAO,OAAO,QACpC,EAAE,MAAM,WAAW,GAAG,GACtB,KAAK,KACL,KAAK,IACP;AAAA,IAEA,OAAO,IAAI,WAAW,SAAS;AAAA;AAAA,OAG3B,WAAU,CAAC,KAAuC;AAAA,IACtD,MAAM,OAAO,MAAM,KAAK,IAAI,GAAG;AAAA,IAC/B,OAAO,OAAO,MAAM,KAAK,IAAI,IAAI;AAAA;AAAA,OAG7B,OAAM,CAAC,KAA4B;AAAA,IACvC,OAAO,IAAI,QAAQ,CAAC,SAAS,WAAW;AAAA,MACtC,IAAI,CAAC,KAAK,IAAI;AAAA,QACZ,OAAO,IAAI,MAAM,0BAA0B,CAAC;AAAA,QAC5C;AAAA,MACF;AAAA,MAEA,MAAM,KAAK,KAAK,GAAG,YAAY,YAAY,WAAW;AAAA,MACtD,MAAM,QAAQ,GAAG,YAAY,UAAU;AAAA,MACvC,MAAM,UAAU,MAAM,OAAO,OAAO,KAAK;AAAA,MAEzC,QAAQ,UAAU,MAAM,OAAO,QAAQ,KAAK;AAAA,MAC5C,QAAQ,YAAY,MAAM,QAAQ;AAAA,KACnC;AAAA;AAAA,OAGG,MAAK,GAAkB;AAAA,IAC3B,OAAO,IAAI,QAAQ,CAAC,SAAS,WAAW;AAAA,MACtC,IAAI,CAAC,KAAK,IAAI;AAAA,QACZ,OAAO,IAAI,MAAM,0BAA0B,CAAC;AAAA,QAC5C;AAAA,MACF;AAAA,MAEA,MAAM,KAAK,KAAK,GAAG,YAAY,YAAY,WAAW;AAAA,MACtD,MAAM,QAAQ,GAAG,YAAY,UAAU;AAAA,MACvC,MAAM,UAAU,MAAM,MAAM;AAAA,MAE5B,QAAQ,UAAU,MAAM,OAAO,QAAQ,KAAK;AAAA,MAC5C,QAAQ,YAAY,MAAM,QAAQ;AAAA,KACnC;AAAA;AAAA,EAGK,YAAY,CAAC,KAA4C;AAAA,IAC/D,OAAO,IAAI,QAAQ,CAAC,SAAS,WAAW;AAAA,MACtC,IAAI,CAAC,KAAK,IAAI;AAAA,QACZ,OAAO,IAAI,MAAM,0BAA0B,CAAC;AAAA,QAC5C;AAAA,MACF;AAAA,MAEA,MAAM,KAAK,KAAK,GAAG,YAAY,YAAY,UAAU;AAAA,MACrD,MAAM,QAAQ,GAAG,YAAY,UAAU;AAAA,MACvC,MAAM,UAAU,MAAM,IAAI,OAAO,KAAK;AAAA,MAEtC,QAAQ,UAAU,MAAM,OAAO,QAAQ,KAAK;AAAA,MAC5C,QAAQ,YAAY,MAAM;AAAA,QACxB,MAAM,SAAS,QAAQ;AAAA,QACvB,IAAI,UAAU,OAAO,MAAM,OAAO,MAAM;AAAA,UACtC,QAAQ,EAAE,IAAI,OAAO,IAAI,MAAM,OAAO,KAAK,CAAC;AAAA,QAC9C,EAAO;AAAA,UACL,QAAQ,IAAI;AAAA;AAAA;AAAA,KAGjB;AAAA;AAAA,EAGK,YAAY,CAAC,KAAa,MAAoC;AAAA,IACpE,OAAO,IAAI,QAAQ,CAAC,SAAS,WAAW;AAAA,MACtC,IAAI,CAAC,KAAK,IAAI;AAAA,QACZ,OAAO,IAAI,MAAM,0BAA0B,CAAC;AAAA,QAC5C;AAAA,MACF;AAAA,MAEA,MAAM,KAAK,KAAK,GAAG,YAAY,YAAY,WAAW;AAAA,MACtD,MAAM,QAAQ,GAAG,YAAY,UAAU;AAAA,MACvC,MAAM,UAAU,MAAM,IACpB,EAAE,IAAI,KAAK,IAAI,MAAM,KAAK,KAAK,GAC/B,OAAO,KACT;AAAA,MAEA,QAAQ,UAAU,MAAM,OAAO,QAAQ,KAAK;AAAA,MAC5C,QAAQ,YAAY,MAAM,QAAQ;AAAA,KACnC;AAAA;AAAA,OAGG,MAAK,GAAkB;AAAA,IAC3B,IAAI,KAAK,IAAI;AAAA,MACX,KAAK,GAAG,MAAM;AAAA,MACd,KAAK,KAAK;AAAA,IACZ;AAAA,IACA,KAAK,MAAM;AAAA;AAEf;AAEA,eAAsB,mBAAmB,GAA2B;AAAA,EAClE,MAAM,UAAU,IAAI;AAAA,EACpB,MAAM,QAAQ,KAAK;AAAA,EACnB,OAAO;AAAA;;ACjFF,IAAM,mBAAoC;AAAA,EAC/C,SAAS;AAAA,EACT,YAAY;AAAA,EACZ,aAAa;AAAA,EACb,eAAe;AAAA,EACf,YAAY;AAAA,EACZ,kBAAkB;AACpB;",
10
+ "debugId": "29514AB559B2F93364756E2164756E21",
11
+ "names": []
12
+ }
package/dist/enclave.wasm ADDED
Binary file
package/dist/index.d.ts ADDED
@@ -0,0 +1,5 @@
1
+ export { Enclave, createEnclave } from './enclave';
2
+ export { SecureStorage, createSecureStorage } from './storage';
3
+ export { defaultContracts } from './types';
4
+ export type { GenerateInput, GenerateOutput, LoadInput, LoadOutput, ExecInput, ExecOutput, QueryInput, QueryOutput, LockOutput, UnlockInput, UnlockOutput, StatusOutput, VerificationMethod, Account, Credential, ContractsConfig, EnclaveOptions, Resource, } from './types';
5
+ //# sourceMappingURL=index.d.ts.map
package/dist/index.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,aAAa,EAAE,MAAM,WAAW,CAAC;AACnD,OAAO,EAAE,aAAa,EAAE,mBAAmB,EAAE,MAAM,WAAW,CAAC;AAC/D,OAAO,EAAE,gBAAgB,EAAE,MAAM,SAAS,CAAC;AAC3C,YAAY,EACV,aAAa,EACb,cAAc,EACd,SAAS,EACT,UAAU,EACV,SAAS,EACT,UAAU,EACV,UAAU,EACV,WAAW,EACX,UAAU,EACV,WAAW,EACX,YAAY,EACZ,YAAY,EACZ,kBAAkB,EAClB,OAAO,EACP,UAAU,EACV,eAAe,EACf,cAAc,EACd,QAAQ,GACT,MAAM,SAAS,CAAC"}
package/dist/storage.d.ts ADDED
@@ -0,0 +1,19 @@
1
+ export declare class SecureStorage {
2
+ private db;
3
+ private cek;
4
+ init(): Promise<void>;
5
+ private openDatabase;
6
+ private getOrCreateCEK;
7
+ private getRaw;
8
+ private setRaw;
9
+ set(key: string, data: Uint8Array | number[]): Promise<void>;
10
+ get(key: string): Promise<Uint8Array | null>;
11
+ getAsArray(key: string): Promise<number[] | null>;
12
+ delete(key: string): Promise<void>;
13
+ clear(): Promise<void>;
14
+ private getEncrypted;
15
+ private setEncrypted;
16
+ close(): Promise<void>;
17
+ }
18
+ export declare function createSecureStorage(): Promise<SecureStorage>;
19
+ //# sourceMappingURL=storage.d.ts.map
package/dist/storage.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"storage.d.ts","sourceRoot":"","sources":["../src/storage.ts"],"names":[],"mappings":"AAUA,qBAAa,aAAa;IACxB,OAAO,CAAC,EAAE,CAA4B;IACtC,OAAO,CAAC,GAAG,CAA0B;IAE/B,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;IAK3B,OAAO,CAAC,YAAY;YAgBN,cAAc;IA+B5B,OAAO,CAAC,MAAM;IAkBd,OAAO,CAAC,MAAM;IAgBR,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,UAAU,GAAG,MAAM,EAAE,GAAG,OAAO,CAAC,IAAI,CAAC;IAe5D,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,GAAG,IAAI,CAAC;IAgB5C,UAAU,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,EAAE,GAAG,IAAI,CAAC;IAKjD,MAAM,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAgBlC,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAgB5B,OAAO,CAAC,YAAY;IAuBpB,OAAO,CAAC,YAAY;IAmBd,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;CAO7B;AAED,wBAAsB,mBAAmB,IAAI,OAAO,CAAC,aAAa,CAAC,CAIlE"}
package/dist/types.d.ts ADDED
@@ -0,0 +1,130 @@
1
+ export interface GenerateInput {
2
+ credential: string;
3
+ }
4
+ export interface GenerateOutput {
5
+ did: string;
6
+ database: number[];
7
+ enclave_id: string;
8
+ public_key: string;
9
+ pubkey_x?: string;
10
+ pubkey_y?: string;
11
+ accounts: AccountInfo[];
12
+ }
13
+ export interface AccountInfo {
14
+ address: string;
15
+ chain_id: string;
16
+ }
17
+ export interface LoadInput {
18
+ database: number[];
19
+ }
20
+ export interface LoadOutput {
21
+ success: boolean;
22
+ did?: string;
23
+ error?: string;
24
+ }
25
+ export interface ExecInput {
26
+ filter: string;
27
+ token?: string;
28
+ }
29
+ export interface ExecOutput {
30
+ success: boolean;
31
+ result?: unknown;
32
+ error?: string;
33
+ }
34
+ export interface QueryInput {
35
+ did: string;
36
+ }
37
+ export interface QueryOutput {
38
+ did: string;
39
+ controller: string;
40
+ verification_methods: VerificationMethod[];
41
+ accounts: Account[];
42
+ credentials: Credential[];
43
+ }
44
+ export interface VerificationMethod {
45
+ id: string;
46
+ type: string;
47
+ controller: string;
48
+ public_key: string;
49
+ purpose: string;
50
+ }
51
+ export interface Account {
52
+ address: string;
53
+ chain_id: string;
54
+ coin_type: number;
55
+ account_index: number;
56
+ address_index: number;
57
+ label: string;
58
+ is_default: boolean;
59
+ }
60
+ export interface Credential {
61
+ credential_id: string;
62
+ device_name: string;
63
+ device_type: string;
64
+ authenticator: string;
65
+ transports: string[];
66
+ created_at: string;
67
+ last_used: string;
68
+ }
69
+ export interface CreateRegistrationInput {
70
+ sender: string;
71
+ cid?: string;
72
+ did?: string;
73
+ }
74
+ export interface UserOp {
75
+ sender: string;
76
+ nonce: string;
77
+ initCode: string;
78
+ callData: string;
79
+ callGasLimit: string;
80
+ verificationGasLimit: string;
81
+ preVerificationGas: string;
82
+ maxFeePerGas: string;
83
+ maxPriorityFeePerGas: string;
84
+ paymasterAndData: string;
85
+ signature: string;
86
+ }
87
+ export interface RegistrationResult {
88
+ user_op: UserOp;
89
+ did_hash: string;
90
+ metadata_cid: string;
91
+ call_data: string;
92
+ entry_point: string;
93
+ registry_addr: string;
94
+ }
95
+ export interface LockOutput {
96
+ success: boolean;
97
+ database?: number[];
98
+ error?: string;
99
+ }
100
+ export interface UnlockInput {
101
+ database: number[];
102
+ }
103
+ export interface UnlockOutput {
104
+ success: boolean;
105
+ did?: string;
106
+ error?: string;
107
+ }
108
+ export interface StatusOutput {
109
+ locked: boolean;
110
+ initialized: boolean;
111
+ did?: string;
112
+ last_activity?: string;
113
+ }
114
+ export interface ContractsConfig {
115
+ chainId: number;
116
+ entryPoint: string;
117
+ didRegistry: string;
118
+ accountHelper: string;
119
+ sessionSBT: string;
120
+ hyperAuthFactory: string;
121
+ }
122
+ export declare const defaultContracts: ContractsConfig;
123
+ export interface EnclaveOptions {
124
+ logger?: Pick<Console, 'log' | 'error' | 'warn' | 'info' | 'debug'>;
125
+ debug?: boolean;
126
+ autoLockTimeout?: number;
127
+ contracts?: ContractsConfig;
128
+ }
129
+ export type Resource = 'accounts' | 'credentials' | 'sessions' | 'grants' | 'enclaves' | 'delegations' | 'ucans' | 'verification_methods' | 'services' | 'chains';
130
+ //# sourceMappingURL=types.d.ts.map
package/dist/types.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,aAAa;IAC5B,UAAU,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,cAAc;IAC7B,GAAG,EAAE,MAAM,CAAC;IACZ,QAAQ,EAAE,MAAM,EAAE,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;IACnB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,WAAW,EAAE,CAAC;CACzB;AAED,MAAM,WAAW,WAAW;IAC1B,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,WAAW,SAAS;IACxB,QAAQ,EAAE,MAAM,EAAE,CAAC;CACpB;AAED,MAAM,WAAW,UAAU;IACzB,OAAO,EAAE,OAAO,CAAC;IACjB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,SAAS;IACxB,MAAM,EAAE,MAAM,CAAC;IACf,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,UAAU;IACzB,OAAO,EAAE,OAAO,CAAC;IACjB,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,UAAU;IACzB,GAAG,EAAE,MAAM,CAAC;CACb;AAED,MAAM,WAAW,WAAW;IAC1B,GAAG,EAAE,MAAM,CAAC;IACZ,UAAU,EAAE,MAAM,CAAC;IACnB,oBAAoB,EAAE,kBAAkB,EAAE,CAAC;IAC3C,QAAQ,EAAE,OAAO,EAAE,CAAC;IACpB,WAAW,EAAE,UAAU,EAAE,CAAC;CAC3B;AAED,MAAM,WAAW,kBAAkB;IACjC,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;IACnB,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,OAAO;IACtB,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,EAAE,MAAM,CAAC;IAClB,aAAa,EAAE,MAAM,CAAC;IACtB,aAAa,EAAE,MAAM,CAAC;IACtB,KAAK,EAAE,MAAM,CAAC;IACd,UAAU,EAAE,OAAO,CAAC;CACrB;AAED,MAAM,WAAW,UAAU;IACzB,aAAa,EAAE,MAAM,CAAC;IACtB,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IACpB,aAAa,EAAE,MAAM,CAAC;IACtB,UAAU,EAAE,MAAM,EAAE,CAAC;IACrB,UAAU,EAAE,MAAM,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,uBAAuB;IACtC,MAAM,EAAE,MAAM,CAAC;IACf,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,GAAG,CAAC,EAAE,MAAM,CAAC;CACd;AAED,MAAM,WAAW,MAAM;IACrB,MAAM,EAAE,MAAM,CAAC;IACf,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,EAAE,MAAM,CAAC;IACrB,oBAAoB,EAAE,MAAM,CAAC;IAC7B,kBAAkB,EAAE,MAAM,CAAC;IAC3B,YAAY,EAAE,MAAM,CAAC;IACrB,oBAAoB,EAAE,MAAM,CAAC;IAC7B,gBAAgB,EAAE,MAAM,CAAC;IACzB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,kBAAkB;IACjC,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,EAAE,MAAM,CAAC;IACrB,SAAS,EAAE,MAAM,CAAC;IAClB,WAAW,EAAE,MAAM,CAAC;IACpB,aAAa,EAAE,MAAM,CAAC;CACvB;AAED,MAAM,WAAW,UAAU;IACzB,OAAO,EAAE,OAAO,CAAC;IACjB,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC;IACpB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,WAAW;IAC1B,QAAQ,EAAE,MAAM,EAAE,CAAC;CACpB;AAED,MAAM,WAAW,YAAY;IAC3B,OAAO,EAAE,OAAO,CAAC;IACjB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,YAAY;IAC3B,MAAM,EAAE,OAAO,CAAC;IAChB,WAAW,EAAE,OAAO,CAAC;IACrB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB;AAED,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,MAAM,CAAC;IAChB,UAAU,EAAE,MAAM,CAAC;IACnB,WAAW,EAAE,MAAM,CAAC;IACpB,aAAa,EAAE,MAAM,CAAC;IACtB,UAAU,EAAE,MAAM,CAAC;IACnB,gBAAgB,EAAE,MAAM,CAAC;CAC1B;AAED,eAAO,MAAM,gBAAgB,EAAE,eAO9B,CAAC;AAEF,MAAM,WAAW,cAAc;IAC7B,MAAM,CAAC,EAAE,IAAI,CAAC,OAAO,EAAE,KAAK,GAAG,OAAO,GAAG,MAAM,GAAG,MAAM,GAAG,OAAO,CAAC,CAAC;IACpE,KAAK,CAAC,EAAE,OAAO,CAAC;IAChB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,SAAS,CAAC,EAAE,eAAe,CAAC;CAC7B;AAED,MAAM,MAAM,QAAQ,GAChB,UAAU,GACV,aAAa,GACb,UAAU,GACV,QAAQ,GACR,UAAU,GACV,aAAa,GACb,OAAO,GACP,sBAAsB,GACtB,UAAU,GACV,QAAQ,CAAC"}
package/package.json ADDED
@@ -0,0 +1,38 @@
1
+ {
2
+ "name": "@hyperauth/sdk",
3
+ "version": "0.0.1",
4
+ "type": "module",
5
+ "workspaces": [
6
+ "examples/base"
7
+ ],
8
+ "main": "./dist/enclave.js",
9
+ "module": "./dist/enclave.js",
10
+ "types": "./dist/index.d.ts",
11
+ "exports": {
12
+ ".": {
13
+ "import": {
14
+ "types": "./dist/index.d.ts",
15
+ "default": "./dist/enclave.js"
16
+ }
17
+ }
18
+ },
19
+ "files": [
20
+ "dist"
21
+ ],
22
+ "scripts": {
23
+ "build": "bun build ./src/index.ts --outdir ./dist --format esm --target browser --sourcemap=external --external @extism/extism --entry-naming enclave.js && bun run tsc --emitDeclarationOnly --declaration -p src/tsconfig.json --outDir dist",
24
+ "build:cdn": "bun build ./src/index.ts --outdir ./dist --format esm --target browser --sourcemap=external --minify --entry-naming enclave.cdn.js && bun run tsc --emitDeclarationOnly --declaration -p src/tsconfig.json --outDir dist",
25
+ "typecheck": "tsc --noEmit -p src/tsconfig.json",
26
+ "clean": "rm -rf dist"
27
+ },
28
+ "dependencies": {
29
+ "@extism/extism": "^2.0.0-rc13"
30
+ },
31
+ "devDependencies": {
32
+ "@types/bun": "latest",
33
+ "typescript": "^5.0.0"
34
+ },
35
+ "peerDependencies": {
36
+ "@extism/extism": "^2.0.0-rc13"
37
+ }
38
+ }