@inco/shield-js 0.0.0-bootstrap.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +201 -0
- package/README.md +359 -0
- package/dist/binary.d.ts +3 -0
- package/dist/binary.js +16 -0
- package/dist/contracts/abi.d.ts +6800 -0
- package/dist/contracts/abi.js +8836 -0
- package/dist/contracts/index.d.ts +2 -0
- package/dist/contracts/index.js +2 -0
- package/dist/contracts/utils.d.ts +25 -0
- package/dist/contracts/utils.js +28 -0
- package/dist/errors.d.ts +125 -0
- package/dist/errors.js +91 -0
- package/dist/generated/inco/shield/v2/conductor_connect.d.ts +137 -0
- package/dist/generated/inco/shield/v2/conductor_connect.js +141 -0
- package/dist/generated/inco/shield/v2/deposit_pb.d.ts +103 -0
- package/dist/generated/inco/shield/v2/deposit_pb.js +141 -0
- package/dist/generated/inco/shield/v2/drafting_pb.d.ts +279 -0
- package/dist/generated/inco/shield/v2/drafting_pb.js +372 -0
- package/dist/generated/inco/shield/v2/permission_pb.d.ts +443 -0
- package/dist/generated/inco/shield/v2/permission_pb.js +639 -0
- package/dist/generated/inco/shield/v2/query_pb.d.ts +103 -0
- package/dist/generated/inco/shield/v2/query_pb.js +141 -0
- package/dist/generated/inco/shield/v2/types_pb.d.ts +166 -0
- package/dist/generated/inco/shield/v2/types_pb.js +261 -0
- package/dist/index.d.ts +12 -0
- package/dist/index.js +19 -0
- package/dist/shield/client.d.ts +72 -0
- package/dist/shield/client.js +136 -0
- package/dist/shield/convert.d.ts +18 -0
- package/dist/shield/convert.js +152 -0
- package/dist/shield/encryption.d.ts +86 -0
- package/dist/shield/encryption.js +180 -0
- package/dist/shield/envelope.d.ts +14 -0
- package/dist/shield/envelope.js +29 -0
- package/dist/shield/index.d.ts +13 -0
- package/dist/shield/index.js +11 -0
- package/dist/shield/intent.d.ts +977 -0
- package/dist/shield/intent.js +188 -0
- package/dist/shield/rpc.d.ts +72 -0
- package/dist/shield/rpc.js +423 -0
- package/dist/shield/shield.eip712.gen.d.ts +396 -0
- package/dist/shield/shield.eip712.gen.js +318 -0
- package/dist/shield/types.d.ts +119 -0
- package/dist/shield/types.js +4 -0
- package/dist/shield/userop/gas-estimation.d.ts +36 -0
- package/dist/shield/userop/gas-estimation.js +284 -0
- package/dist/shield/userop/index.d.ts +1 -0
- package/dist/shield/userop/index.js +1 -0
- package/dist/shield/userop/token-exchange.d.ts +54 -0
- package/dist/shield/userop/token-exchange.js +165 -0
- package/dist/shield/userop/types.d.ts +91 -0
- package/dist/shield/userop/types.js +4 -0
- package/dist/shield/userop/userOp.d.ts +26 -0
- package/dist/shield/userop/userOp.js +98 -0
- package/dist/shield/utils/chain.d.ts +2 -0
- package/dist/shield/utils/chain.js +8 -0
- package/dist/uniswap-adapter/config.d.ts +34 -0
- package/dist/uniswap-adapter/config.js +45 -0
- package/dist/uniswap-adapter/find-pools.d.ts +91 -0
- package/dist/uniswap-adapter/find-pools.js +108 -0
- package/dist/uniswap-adapter/index.d.ts +10 -0
- package/dist/uniswap-adapter/index.js +13 -0
- package/dist/uniswap-adapter/swap.d.ts +344 -0
- package/dist/uniswap-adapter/swap.js +309 -0
- package/package.json +72 -0
|
@@ -0,0 +1,25 @@
|
|
|
1
|
+
import { type Abi, type Hex } from 'viem';
|
|
2
|
+
/**
|
|
3
|
+
* Compute the shield-internal asset ID for an ERC-20 token.
|
|
4
|
+
* Matches `Erc20Adapter.getAssetId()` on-chain:
|
|
5
|
+
* `keccak256(abi.encodePacked(tokenAddress, "Erc20"))`
|
|
6
|
+
*/
|
|
7
|
+
export declare function computeErc20AssetId(tokenAddress: Hex): Hex;
|
|
8
|
+
type AbiFunctionByName<TAbi extends Abi, TName extends string> = Extract<TAbi[number], {
|
|
9
|
+
type: 'function';
|
|
10
|
+
name: TName;
|
|
11
|
+
}>;
|
|
12
|
+
/**
|
|
13
|
+
* Return the sole input parameter of an ABI function that takes exactly one
|
|
14
|
+
* argument — the "wrap a single struct" convention this codebase uses to
|
|
15
|
+
* piggyback Solidity types onto the ABI. Pulls the otherwise-arbitrary
|
|
16
|
+
* `.inputs[0]` lookup out of every call site so `decodeAbiParameters` /
|
|
17
|
+
* `encodeAbiParameters` invocations read as their domain meaning.
|
|
18
|
+
*
|
|
19
|
+
* Throws if the function is absent from the ABI or if it does not take
|
|
20
|
+
* exactly one input — both indicate the caller picked the wrong helper.
|
|
21
|
+
*/
|
|
22
|
+
export declare function getAbiFromUnitFunction<TAbi extends Abi, TName extends Extract<TAbi[number], {
|
|
23
|
+
type: 'function';
|
|
24
|
+
}>['name']>(abi: TAbi, name: TName): AbiFunctionByName<TAbi, TName>['inputs'][0];
|
|
25
|
+
export {};
|
|
@@ -0,0 +1,28 @@
|
|
|
1
|
+
import { encodePacked, getAddress, keccak256 } from 'viem';
|
|
2
|
+
/**
|
|
3
|
+
* Compute the shield-internal asset ID for an ERC-20 token.
|
|
4
|
+
* Matches `Erc20Adapter.getAssetId()` on-chain:
|
|
5
|
+
* `keccak256(abi.encodePacked(tokenAddress, "Erc20"))`
|
|
6
|
+
*/
|
|
7
|
+
export function computeErc20AssetId(tokenAddress) {
|
|
8
|
+
return keccak256(encodePacked(['address', 'string'], [getAddress(tokenAddress), 'Erc20']));
|
|
9
|
+
}
|
|
10
|
+
/**
|
|
11
|
+
* Return the sole input parameter of an ABI function that takes exactly one
|
|
12
|
+
* argument — the "wrap a single struct" convention this codebase uses to
|
|
13
|
+
* piggyback Solidity types onto the ABI. Pulls the otherwise-arbitrary
|
|
14
|
+
* `.inputs[0]` lookup out of every call site so `decodeAbiParameters` /
|
|
15
|
+
* `encodeAbiParameters` invocations read as their domain meaning.
|
|
16
|
+
*
|
|
17
|
+
* Throws if the function is absent from the ABI or if it does not take
|
|
18
|
+
* exactly one input — both indicate the caller picked the wrong helper.
|
|
19
|
+
*/
|
|
20
|
+
export function getAbiFromUnitFunction(abi, name) {
|
|
21
|
+
const fn = abi.find((item) => item.type === 'function' && item.name === name);
|
|
22
|
+
if (!fn)
|
|
23
|
+
throw new Error(`abi missing function "${name}"`);
|
|
24
|
+
if (fn.inputs.length !== 1) {
|
|
25
|
+
throw new Error(`abi function "${name}" expected to take 1 input, got ${fn.inputs.length}`);
|
|
26
|
+
}
|
|
27
|
+
return fn.inputs[0];
|
|
28
|
+
}
|
package/dist/errors.d.ts
ADDED
|
@@ -0,0 +1,125 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Lightweight tagged-error helper compatible with effect's `Data.TaggedError`
|
|
3
|
+
* shape (`_tag` discriminator + `Error` subclass) without taking `effect` as
|
|
4
|
+
* a runtime dependency.
|
|
5
|
+
*
|
|
6
|
+
* Usage mirrors `Data.TaggedError` so consumers using effect can catch these
|
|
7
|
+
* with `Effect.catchTag` (which keys on the `_tag` field) and consumers
|
|
8
|
+
* without effect can use plain `try`/`catch` with `instanceof` or `_tag`
|
|
9
|
+
* discrimination.
|
|
10
|
+
*
|
|
11
|
+
* class MyError extends TaggedError('MyError')<{ readonly foo: string }> {}
|
|
12
|
+
*
|
|
13
|
+
* throw new MyError({ foo: 'bar', message: 'optional human message' });
|
|
14
|
+
*
|
|
15
|
+
* try { ... } catch (err) {
|
|
16
|
+
* if (err instanceof MyError) { ... }
|
|
17
|
+
* // or: if (err && typeof err === 'object' && err._tag === 'MyError')
|
|
18
|
+
* }
|
|
19
|
+
*
|
|
20
|
+
* The optional `message` field (if provided in the args object) populates
|
|
21
|
+
* `Error.prototype.message`; otherwise the tag is used as the message.
|
|
22
|
+
*/
|
|
23
|
+
type TaggedErrorConstructor<Tag extends string> = new <Fields extends Record<string, unknown>>(fields: Fields) => Error & {
|
|
24
|
+
readonly _tag: Tag;
|
|
25
|
+
} & Readonly<Fields>;
|
|
26
|
+
export declare function TaggedError<Tag extends string>(tag: Tag): TaggedErrorConstructor<Tag>;
|
|
27
|
+
declare const ShieldError_base: TaggedErrorConstructor<"ShieldError">;
|
|
28
|
+
/**
|
|
29
|
+
* Generic application-level error from the shield covalidator. Prefer a
|
|
30
|
+
* specific tagged error where the failure mode is well-defined; reach for
|
|
31
|
+
* `ShieldError` only as a last resort.
|
|
32
|
+
*/
|
|
33
|
+
export declare class ShieldError extends ShieldError_base<{
|
|
34
|
+
readonly message: string;
|
|
35
|
+
}> {
|
|
36
|
+
}
|
|
37
|
+
declare const CovalidatorError_base: TaggedErrorConstructor<"CovalidatorError">;
|
|
38
|
+
/**
|
|
39
|
+
* The covalidator returned a payload whose decrypted error message is set;
|
|
40
|
+
* the inner `errorMessage` carries server-side detail.
|
|
41
|
+
*/
|
|
42
|
+
export declare class CovalidatorError extends CovalidatorError_base<{
|
|
43
|
+
readonly message: string;
|
|
44
|
+
}> {
|
|
45
|
+
}
|
|
46
|
+
declare const MissingWalletAccount_base: TaggedErrorConstructor<"MissingWalletAccount">;
|
|
47
|
+
/** A required wallet account was missing from the WalletClient. */
|
|
48
|
+
export declare class MissingWalletAccount extends MissingWalletAccount_base<{
|
|
49
|
+
readonly message: string;
|
|
50
|
+
}> {
|
|
51
|
+
}
|
|
52
|
+
declare const MalformedProto_base: TaggedErrorConstructor<"MalformedProto">;
|
|
53
|
+
/** A required field was missing from a decoded protobuf message. */
|
|
54
|
+
export declare class MalformedProto extends MalformedProto_base<{
|
|
55
|
+
readonly message: string;
|
|
56
|
+
readonly field: string;
|
|
57
|
+
}> {
|
|
58
|
+
}
|
|
59
|
+
declare const UnknownProtoTag_base: TaggedErrorConstructor<"UnknownProtoTag">;
|
|
60
|
+
/** A protobuf oneof or tag was unrecognized. */
|
|
61
|
+
export declare class UnknownProtoTag extends UnknownProtoTag_base<{
|
|
62
|
+
readonly message: string;
|
|
63
|
+
readonly tag: string;
|
|
64
|
+
}> {
|
|
65
|
+
}
|
|
66
|
+
declare const InvalidContractReturnType_base: TaggedErrorConstructor<"InvalidContractReturnType">;
|
|
67
|
+
/** A contract read or simulation returned a value of the wrong runtime type. */
|
|
68
|
+
export declare class InvalidContractReturnType extends InvalidContractReturnType_base<{
|
|
69
|
+
readonly message: string;
|
|
70
|
+
readonly functionName: string;
|
|
71
|
+
readonly expectedType: string;
|
|
72
|
+
}> {
|
|
73
|
+
}
|
|
74
|
+
declare const BundlerGasEstimateIncomplete_base: TaggedErrorConstructor<"BundlerGasEstimateIncomplete">;
|
|
75
|
+
/** Bundler returned an incomplete gas estimate — paymaster sub-limits absent. */
|
|
76
|
+
export declare class BundlerGasEstimateIncomplete extends BundlerGasEstimateIncomplete_base<{
|
|
77
|
+
readonly message: string;
|
|
78
|
+
readonly missingFields: readonly string[];
|
|
79
|
+
}> {
|
|
80
|
+
}
|
|
81
|
+
declare const TransactionReverted_base: TaggedErrorConstructor<"TransactionReverted">;
|
|
82
|
+
/** A transaction was sent but reverted on chain. */
|
|
83
|
+
export declare class TransactionReverted extends TransactionReverted_base<{
|
|
84
|
+
readonly message: string;
|
|
85
|
+
readonly operation: string;
|
|
86
|
+
}> {
|
|
87
|
+
}
|
|
88
|
+
declare const InvalidTransactionReceipt_base: TaggedErrorConstructor<"InvalidTransactionReceipt">;
|
|
89
|
+
/** A transaction receipt lacked an expected field (block number, log, topic, ...). */
|
|
90
|
+
export declare class InvalidTransactionReceipt extends InvalidTransactionReceipt_base<{
|
|
91
|
+
readonly message: string;
|
|
92
|
+
}> {
|
|
93
|
+
}
|
|
94
|
+
declare const MissingEventLog_base: TaggedErrorConstructor<"MissingEventLog">;
|
|
95
|
+
/** An expected event log was missing from a transaction receipt. */
|
|
96
|
+
export declare class MissingEventLog extends MissingEventLog_base<{
|
|
97
|
+
readonly message: string;
|
|
98
|
+
readonly eventName: string;
|
|
99
|
+
}> {
|
|
100
|
+
}
|
|
101
|
+
declare const MalformedEventLog_base: TaggedErrorConstructor<"MalformedEventLog">;
|
|
102
|
+
/** An event log was present but its shape (topics, data) was unexpected. */
|
|
103
|
+
export declare class MalformedEventLog extends MalformedEventLog_base<{
|
|
104
|
+
readonly message: string;
|
|
105
|
+
readonly eventName: string;
|
|
106
|
+
}> {
|
|
107
|
+
}
|
|
108
|
+
declare const EncryptionError_base: TaggedErrorConstructor<"EncryptionError">;
|
|
109
|
+
/** Encryption / decryption / key-handling failed in a recoverable way. */
|
|
110
|
+
export declare class EncryptionError extends EncryptionError_base<{
|
|
111
|
+
readonly message: string;
|
|
112
|
+
}> {
|
|
113
|
+
}
|
|
114
|
+
declare const HpkeKeyPairDerivationFailure_base: TaggedErrorConstructor<"HpkeKeyPairDerivationFailure">;
|
|
115
|
+
/**
|
|
116
|
+
* Failure deriving an HPKE keypair from input keying material. The
|
|
117
|
+
* `message` carries any underlying `@hpke/hybridkem-x-wing` exception text
|
|
118
|
+
* folded in at construction (their error classes are not exported as
|
|
119
|
+
* public API, so we can't preserve them as a typed `cause`).
|
|
120
|
+
*/
|
|
121
|
+
export declare class HpkeKeyPairDerivationFailure extends HpkeKeyPairDerivationFailure_base<{
|
|
122
|
+
readonly message: string;
|
|
123
|
+
}> {
|
|
124
|
+
}
|
|
125
|
+
export {};
|
package/dist/errors.js
ADDED
|
@@ -0,0 +1,91 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Lightweight tagged-error helper compatible with effect's `Data.TaggedError`
|
|
3
|
+
* shape (`_tag` discriminator + `Error` subclass) without taking `effect` as
|
|
4
|
+
* a runtime dependency.
|
|
5
|
+
*
|
|
6
|
+
* Usage mirrors `Data.TaggedError` so consumers using effect can catch these
|
|
7
|
+
* with `Effect.catchTag` (which keys on the `_tag` field) and consumers
|
|
8
|
+
* without effect can use plain `try`/`catch` with `instanceof` or `_tag`
|
|
9
|
+
* discrimination.
|
|
10
|
+
*
|
|
11
|
+
* class MyError extends TaggedError('MyError')<{ readonly foo: string }> {}
|
|
12
|
+
*
|
|
13
|
+
* throw new MyError({ foo: 'bar', message: 'optional human message' });
|
|
14
|
+
*
|
|
15
|
+
* try { ... } catch (err) {
|
|
16
|
+
* if (err instanceof MyError) { ... }
|
|
17
|
+
* // or: if (err && typeof err === 'object' && err._tag === 'MyError')
|
|
18
|
+
* }
|
|
19
|
+
*
|
|
20
|
+
* The optional `message` field (if provided in the args object) populates
|
|
21
|
+
* `Error.prototype.message`; otherwise the tag is used as the message.
|
|
22
|
+
*/
|
|
23
|
+
export function TaggedError(tag) {
|
|
24
|
+
class TaggedErrorImpl extends Error {
|
|
25
|
+
_tag = tag;
|
|
26
|
+
constructor(fields) {
|
|
27
|
+
const message = typeof fields.message === 'string' ? fields.message : tag;
|
|
28
|
+
super(message);
|
|
29
|
+
this.name = tag;
|
|
30
|
+
Object.assign(this, fields);
|
|
31
|
+
}
|
|
32
|
+
}
|
|
33
|
+
// The runtime class accepts any record; the cast exposes the phantom-typed
|
|
34
|
+
// generic constructor that mirrors Data.TaggedError's API.
|
|
35
|
+
// eslint-disable-next-line @typescript-eslint/no-unsafe-type-assertion
|
|
36
|
+
return TaggedErrorImpl;
|
|
37
|
+
}
|
|
38
|
+
/**
|
|
39
|
+
* Generic application-level error from the shield covalidator. Prefer a
|
|
40
|
+
* specific tagged error where the failure mode is well-defined; reach for
|
|
41
|
+
* `ShieldError` only as a last resort.
|
|
42
|
+
*/
|
|
43
|
+
export class ShieldError extends TaggedError('ShieldError') {
|
|
44
|
+
}
|
|
45
|
+
// ---------------------------------------------------------------------------
|
|
46
|
+
// SDK-wide tagged errors
|
|
47
|
+
// ---------------------------------------------------------------------------
|
|
48
|
+
/**
|
|
49
|
+
* The covalidator returned a payload whose decrypted error message is set;
|
|
50
|
+
* the inner `errorMessage` carries server-side detail.
|
|
51
|
+
*/
|
|
52
|
+
export class CovalidatorError extends TaggedError('CovalidatorError') {
|
|
53
|
+
}
|
|
54
|
+
/** A required wallet account was missing from the WalletClient. */
|
|
55
|
+
export class MissingWalletAccount extends TaggedError('MissingWalletAccount') {
|
|
56
|
+
}
|
|
57
|
+
/** A required field was missing from a decoded protobuf message. */
|
|
58
|
+
export class MalformedProto extends TaggedError('MalformedProto') {
|
|
59
|
+
}
|
|
60
|
+
/** A protobuf oneof or tag was unrecognized. */
|
|
61
|
+
export class UnknownProtoTag extends TaggedError('UnknownProtoTag') {
|
|
62
|
+
}
|
|
63
|
+
/** A contract read or simulation returned a value of the wrong runtime type. */
|
|
64
|
+
export class InvalidContractReturnType extends TaggedError('InvalidContractReturnType') {
|
|
65
|
+
}
|
|
66
|
+
/** Bundler returned an incomplete gas estimate — paymaster sub-limits absent. */
|
|
67
|
+
export class BundlerGasEstimateIncomplete extends TaggedError('BundlerGasEstimateIncomplete') {
|
|
68
|
+
}
|
|
69
|
+
/** A transaction was sent but reverted on chain. */
|
|
70
|
+
export class TransactionReverted extends TaggedError('TransactionReverted') {
|
|
71
|
+
}
|
|
72
|
+
/** A transaction receipt lacked an expected field (block number, log, topic, ...). */
|
|
73
|
+
export class InvalidTransactionReceipt extends TaggedError('InvalidTransactionReceipt') {
|
|
74
|
+
}
|
|
75
|
+
/** An expected event log was missing from a transaction receipt. */
|
|
76
|
+
export class MissingEventLog extends TaggedError('MissingEventLog') {
|
|
77
|
+
}
|
|
78
|
+
/** An event log was present but its shape (topics, data) was unexpected. */
|
|
79
|
+
export class MalformedEventLog extends TaggedError('MalformedEventLog') {
|
|
80
|
+
}
|
|
81
|
+
/** Encryption / decryption / key-handling failed in a recoverable way. */
|
|
82
|
+
export class EncryptionError extends TaggedError('EncryptionError') {
|
|
83
|
+
}
|
|
84
|
+
/**
|
|
85
|
+
* Failure deriving an HPKE keypair from input keying material. The
|
|
86
|
+
* `message` carries any underlying `@hpke/hybridkem-x-wing` exception text
|
|
87
|
+
* folded in at construction (their error classes are not exported as
|
|
88
|
+
* public API, so we can't preserve them as a typed `cause`).
|
|
89
|
+
*/
|
|
90
|
+
export class HpkeKeyPairDerivationFailure extends TaggedError('HpkeKeyPairDerivationFailure') {
|
|
91
|
+
}
|
|
@@ -0,0 +1,137 @@
|
|
|
1
|
+
import { EncryptedEnvelope, EncryptedResponse } from "./types_pb.js";
|
|
2
|
+
import { MethodKind } from "@bufbuild/protobuf";
|
|
3
|
+
/**
|
|
4
|
+
* ConductorService provides the conductor's API, accessible to clients.
|
|
5
|
+
*
|
|
6
|
+
* The most important method is Draft() - see below.
|
|
7
|
+
*
|
|
8
|
+
* @generated from service inco.shield.v2.ConductorService
|
|
9
|
+
*/
|
|
10
|
+
export declare const ConductorService: {
|
|
11
|
+
readonly typeName: "inco.shield.v2.ConductorService";
|
|
12
|
+
readonly methods: {
|
|
13
|
+
/**
|
|
14
|
+
* Draft creates a Cheque for the given intent.
|
|
15
|
+
* The conductor receives an encrypted intent from the user, assigns it
|
|
16
|
+
* a trace index, and forwards it to the enclave via SendTrace.
|
|
17
|
+
* The returned cheque is correlated to the waiting user request via the trace index.
|
|
18
|
+
*
|
|
19
|
+
* Envelope payload: DraftRequest.
|
|
20
|
+
* Response payload: Cheque, AEAD-encrypted with response_key.
|
|
21
|
+
*
|
|
22
|
+
* @generated from rpc inco.shield.v2.ConductorService.Draft
|
|
23
|
+
*/
|
|
24
|
+
readonly draft: {
|
|
25
|
+
readonly name: "Draft";
|
|
26
|
+
readonly I: typeof EncryptedEnvelope;
|
|
27
|
+
readonly O: typeof EncryptedResponse;
|
|
28
|
+
readonly kind: MethodKind.Unary;
|
|
29
|
+
};
|
|
30
|
+
/**
|
|
31
|
+
* GetBalance returns the balance for an account and asset.
|
|
32
|
+
* Envelope payload: GetBalanceRequest.
|
|
33
|
+
* Response payload: GetBalanceResponse, AEAD-encrypted with response_key.
|
|
34
|
+
*
|
|
35
|
+
* @generated from rpc inco.shield.v2.ConductorService.GetBalance
|
|
36
|
+
*/
|
|
37
|
+
readonly getBalance: {
|
|
38
|
+
readonly name: "GetBalance";
|
|
39
|
+
readonly I: typeof EncryptedEnvelope;
|
|
40
|
+
readonly O: typeof EncryptedResponse;
|
|
41
|
+
readonly kind: MethodKind.Unary;
|
|
42
|
+
};
|
|
43
|
+
/**
|
|
44
|
+
* RequestPermissionAttestation redeems an owner-signed PermissionIntent
|
|
45
|
+
* and returns a TEE-signed PermissionAttestation.
|
|
46
|
+
* Envelope payload: RequestPermissionAttestationRequest.
|
|
47
|
+
* Response payload: RequestPermissionAttestationResponse, AEAD-encrypted with response_key.
|
|
48
|
+
*
|
|
49
|
+
* @generated from rpc inco.shield.v2.ConductorService.RequestPermissionAttestation
|
|
50
|
+
*/
|
|
51
|
+
readonly requestPermissionAttestation: {
|
|
52
|
+
readonly name: "RequestPermissionAttestation";
|
|
53
|
+
readonly I: typeof EncryptedEnvelope;
|
|
54
|
+
readonly O: typeof EncryptedResponse;
|
|
55
|
+
readonly kind: MethodKind.Unary;
|
|
56
|
+
};
|
|
57
|
+
/**
|
|
58
|
+
* RequestDepositAttestation generates a TEE attestation signature for the
|
|
59
|
+
* on-chain `deposit()` call. Mitigates TOB-INCOEH-1 front-running.
|
|
60
|
+
* Envelope payload: RequestDepositAttestationRequest.
|
|
61
|
+
* Response payload: RequestDepositAttestationResponse, AEAD-encrypted with response_key.
|
|
62
|
+
*
|
|
63
|
+
* @generated from rpc inco.shield.v2.ConductorService.RequestDepositAttestation
|
|
64
|
+
*/
|
|
65
|
+
readonly requestDepositAttestation: {
|
|
66
|
+
readonly name: "RequestDepositAttestation";
|
|
67
|
+
readonly I: typeof EncryptedEnvelope;
|
|
68
|
+
readonly O: typeof EncryptedResponse;
|
|
69
|
+
readonly kind: MethodKind.Unary;
|
|
70
|
+
};
|
|
71
|
+
/**
|
|
72
|
+
* GetPermissionsByOwner returns all permissions granted by an owner.
|
|
73
|
+
* Envelope payload: GetPermissionsByOwnerRequest.
|
|
74
|
+
* Response payload: GetPermissionsResponse, AEAD-encrypted with response_key.
|
|
75
|
+
*
|
|
76
|
+
* @generated from rpc inco.shield.v2.ConductorService.GetPermissionsByOwner
|
|
77
|
+
*/
|
|
78
|
+
readonly getPermissionsByOwner: {
|
|
79
|
+
readonly name: "GetPermissionsByOwner";
|
|
80
|
+
readonly I: typeof EncryptedEnvelope;
|
|
81
|
+
readonly O: typeof EncryptedResponse;
|
|
82
|
+
readonly kind: MethodKind.Unary;
|
|
83
|
+
};
|
|
84
|
+
/**
|
|
85
|
+
* GetPermissionsBySpender returns all permissions granted to a spender.
|
|
86
|
+
* Envelope payload: GetPermissionsBySpenderRequest.
|
|
87
|
+
* Response payload: GetPermissionsResponse, AEAD-encrypted with response_key.
|
|
88
|
+
*
|
|
89
|
+
* @generated from rpc inco.shield.v2.ConductorService.GetPermissionsBySpender
|
|
90
|
+
*/
|
|
91
|
+
readonly getPermissionsBySpender: {
|
|
92
|
+
readonly name: "GetPermissionsBySpender";
|
|
93
|
+
readonly I: typeof EncryptedEnvelope;
|
|
94
|
+
readonly O: typeof EncryptedResponse;
|
|
95
|
+
readonly kind: MethodKind.Unary;
|
|
96
|
+
};
|
|
97
|
+
/**
|
|
98
|
+
* GetPermissionDetails returns detailed information about a specific permission.
|
|
99
|
+
* Envelope payload: GetPermissionDetailsRequest.
|
|
100
|
+
* Response payload: GetPermissionDetailsResponse, AEAD-encrypted with response_key.
|
|
101
|
+
*
|
|
102
|
+
* @generated from rpc inco.shield.v2.ConductorService.GetPermissionDetails
|
|
103
|
+
*/
|
|
104
|
+
readonly getPermissionDetails: {
|
|
105
|
+
readonly name: "GetPermissionDetails";
|
|
106
|
+
readonly I: typeof EncryptedEnvelope;
|
|
107
|
+
readonly O: typeof EncryptedResponse;
|
|
108
|
+
readonly kind: MethodKind.Unary;
|
|
109
|
+
};
|
|
110
|
+
/**
|
|
111
|
+
* GetSpendable returns a single clamped spend ceiling for a delegated permission.
|
|
112
|
+
* Envelope payload: GetSpendableRequest.
|
|
113
|
+
* Response payload: GetSpendableResponse, AEAD-encrypted with response_key.
|
|
114
|
+
*
|
|
115
|
+
* @generated from rpc inco.shield.v2.ConductorService.GetSpendable
|
|
116
|
+
*/
|
|
117
|
+
readonly getSpendable: {
|
|
118
|
+
readonly name: "GetSpendable";
|
|
119
|
+
readonly I: typeof EncryptedEnvelope;
|
|
120
|
+
readonly O: typeof EncryptedResponse;
|
|
121
|
+
readonly kind: MethodKind.Unary;
|
|
122
|
+
};
|
|
123
|
+
/**
|
|
124
|
+
* GetOwnerGeneration returns the current generation for an owner (from observed on-chain events).
|
|
125
|
+
* Envelope payload: GetOwnerGenerationRequest.
|
|
126
|
+
* Response payload: GetOwnerGenerationResponse, AEAD-encrypted with response_key.
|
|
127
|
+
*
|
|
128
|
+
* @generated from rpc inco.shield.v2.ConductorService.GetOwnerGeneration
|
|
129
|
+
*/
|
|
130
|
+
readonly getOwnerGeneration: {
|
|
131
|
+
readonly name: "GetOwnerGeneration";
|
|
132
|
+
readonly I: typeof EncryptedEnvelope;
|
|
133
|
+
readonly O: typeof EncryptedResponse;
|
|
134
|
+
readonly kind: MethodKind.Unary;
|
|
135
|
+
};
|
|
136
|
+
};
|
|
137
|
+
};
|
|
@@ -0,0 +1,141 @@
|
|
|
1
|
+
// @generated by protoc-gen-connect-es v1.7.0 with parameter "target=ts,import_extension=.js"
|
|
2
|
+
// @generated from file inco/shield/v2/conductor.proto (package inco.shield.v2, syntax proto3)
|
|
3
|
+
/* eslint-disable */
|
|
4
|
+
// @ts-nocheck
|
|
5
|
+
import { EncryptedEnvelope, EncryptedResponse } from "./types_pb.js";
|
|
6
|
+
import { MethodKind } from "@bufbuild/protobuf";
|
|
7
|
+
/**
|
|
8
|
+
* ConductorService provides the conductor's API, accessible to clients.
|
|
9
|
+
*
|
|
10
|
+
* The most important method is Draft() - see below.
|
|
11
|
+
*
|
|
12
|
+
* @generated from service inco.shield.v2.ConductorService
|
|
13
|
+
*/
|
|
14
|
+
export const ConductorService = {
|
|
15
|
+
typeName: "inco.shield.v2.ConductorService",
|
|
16
|
+
methods: {
|
|
17
|
+
/**
|
|
18
|
+
* Draft creates a Cheque for the given intent.
|
|
19
|
+
* The conductor receives an encrypted intent from the user, assigns it
|
|
20
|
+
* a trace index, and forwards it to the enclave via SendTrace.
|
|
21
|
+
* The returned cheque is correlated to the waiting user request via the trace index.
|
|
22
|
+
*
|
|
23
|
+
* Envelope payload: DraftRequest.
|
|
24
|
+
* Response payload: Cheque, AEAD-encrypted with response_key.
|
|
25
|
+
*
|
|
26
|
+
* @generated from rpc inco.shield.v2.ConductorService.Draft
|
|
27
|
+
*/
|
|
28
|
+
draft: {
|
|
29
|
+
name: "Draft",
|
|
30
|
+
I: EncryptedEnvelope,
|
|
31
|
+
O: EncryptedResponse,
|
|
32
|
+
kind: MethodKind.Unary,
|
|
33
|
+
},
|
|
34
|
+
/**
|
|
35
|
+
* GetBalance returns the balance for an account and asset.
|
|
36
|
+
* Envelope payload: GetBalanceRequest.
|
|
37
|
+
* Response payload: GetBalanceResponse, AEAD-encrypted with response_key.
|
|
38
|
+
*
|
|
39
|
+
* @generated from rpc inco.shield.v2.ConductorService.GetBalance
|
|
40
|
+
*/
|
|
41
|
+
getBalance: {
|
|
42
|
+
name: "GetBalance",
|
|
43
|
+
I: EncryptedEnvelope,
|
|
44
|
+
O: EncryptedResponse,
|
|
45
|
+
kind: MethodKind.Unary,
|
|
46
|
+
},
|
|
47
|
+
/**
|
|
48
|
+
* RequestPermissionAttestation redeems an owner-signed PermissionIntent
|
|
49
|
+
* and returns a TEE-signed PermissionAttestation.
|
|
50
|
+
* Envelope payload: RequestPermissionAttestationRequest.
|
|
51
|
+
* Response payload: RequestPermissionAttestationResponse, AEAD-encrypted with response_key.
|
|
52
|
+
*
|
|
53
|
+
* @generated from rpc inco.shield.v2.ConductorService.RequestPermissionAttestation
|
|
54
|
+
*/
|
|
55
|
+
requestPermissionAttestation: {
|
|
56
|
+
name: "RequestPermissionAttestation",
|
|
57
|
+
I: EncryptedEnvelope,
|
|
58
|
+
O: EncryptedResponse,
|
|
59
|
+
kind: MethodKind.Unary,
|
|
60
|
+
},
|
|
61
|
+
/**
|
|
62
|
+
* RequestDepositAttestation generates a TEE attestation signature for the
|
|
63
|
+
* on-chain `deposit()` call. Mitigates TOB-INCOEH-1 front-running.
|
|
64
|
+
* Envelope payload: RequestDepositAttestationRequest.
|
|
65
|
+
* Response payload: RequestDepositAttestationResponse, AEAD-encrypted with response_key.
|
|
66
|
+
*
|
|
67
|
+
* @generated from rpc inco.shield.v2.ConductorService.RequestDepositAttestation
|
|
68
|
+
*/
|
|
69
|
+
requestDepositAttestation: {
|
|
70
|
+
name: "RequestDepositAttestation",
|
|
71
|
+
I: EncryptedEnvelope,
|
|
72
|
+
O: EncryptedResponse,
|
|
73
|
+
kind: MethodKind.Unary,
|
|
74
|
+
},
|
|
75
|
+
/**
|
|
76
|
+
* GetPermissionsByOwner returns all permissions granted by an owner.
|
|
77
|
+
* Envelope payload: GetPermissionsByOwnerRequest.
|
|
78
|
+
* Response payload: GetPermissionsResponse, AEAD-encrypted with response_key.
|
|
79
|
+
*
|
|
80
|
+
* @generated from rpc inco.shield.v2.ConductorService.GetPermissionsByOwner
|
|
81
|
+
*/
|
|
82
|
+
getPermissionsByOwner: {
|
|
83
|
+
name: "GetPermissionsByOwner",
|
|
84
|
+
I: EncryptedEnvelope,
|
|
85
|
+
O: EncryptedResponse,
|
|
86
|
+
kind: MethodKind.Unary,
|
|
87
|
+
},
|
|
88
|
+
/**
|
|
89
|
+
* GetPermissionsBySpender returns all permissions granted to a spender.
|
|
90
|
+
* Envelope payload: GetPermissionsBySpenderRequest.
|
|
91
|
+
* Response payload: GetPermissionsResponse, AEAD-encrypted with response_key.
|
|
92
|
+
*
|
|
93
|
+
* @generated from rpc inco.shield.v2.ConductorService.GetPermissionsBySpender
|
|
94
|
+
*/
|
|
95
|
+
getPermissionsBySpender: {
|
|
96
|
+
name: "GetPermissionsBySpender",
|
|
97
|
+
I: EncryptedEnvelope,
|
|
98
|
+
O: EncryptedResponse,
|
|
99
|
+
kind: MethodKind.Unary,
|
|
100
|
+
},
|
|
101
|
+
/**
|
|
102
|
+
* GetPermissionDetails returns detailed information about a specific permission.
|
|
103
|
+
* Envelope payload: GetPermissionDetailsRequest.
|
|
104
|
+
* Response payload: GetPermissionDetailsResponse, AEAD-encrypted with response_key.
|
|
105
|
+
*
|
|
106
|
+
* @generated from rpc inco.shield.v2.ConductorService.GetPermissionDetails
|
|
107
|
+
*/
|
|
108
|
+
getPermissionDetails: {
|
|
109
|
+
name: "GetPermissionDetails",
|
|
110
|
+
I: EncryptedEnvelope,
|
|
111
|
+
O: EncryptedResponse,
|
|
112
|
+
kind: MethodKind.Unary,
|
|
113
|
+
},
|
|
114
|
+
/**
|
|
115
|
+
* GetSpendable returns a single clamped spend ceiling for a delegated permission.
|
|
116
|
+
* Envelope payload: GetSpendableRequest.
|
|
117
|
+
* Response payload: GetSpendableResponse, AEAD-encrypted with response_key.
|
|
118
|
+
*
|
|
119
|
+
* @generated from rpc inco.shield.v2.ConductorService.GetSpendable
|
|
120
|
+
*/
|
|
121
|
+
getSpendable: {
|
|
122
|
+
name: "GetSpendable",
|
|
123
|
+
I: EncryptedEnvelope,
|
|
124
|
+
O: EncryptedResponse,
|
|
125
|
+
kind: MethodKind.Unary,
|
|
126
|
+
},
|
|
127
|
+
/**
|
|
128
|
+
* GetOwnerGeneration returns the current generation for an owner (from observed on-chain events).
|
|
129
|
+
* Envelope payload: GetOwnerGenerationRequest.
|
|
130
|
+
* Response payload: GetOwnerGenerationResponse, AEAD-encrypted with response_key.
|
|
131
|
+
*
|
|
132
|
+
* @generated from rpc inco.shield.v2.ConductorService.GetOwnerGeneration
|
|
133
|
+
*/
|
|
134
|
+
getOwnerGeneration: {
|
|
135
|
+
name: "GetOwnerGeneration",
|
|
136
|
+
I: EncryptedEnvelope,
|
|
137
|
+
O: EncryptedResponse,
|
|
138
|
+
kind: MethodKind.Unary,
|
|
139
|
+
},
|
|
140
|
+
}
|
|
141
|
+
};
|
|
@@ -0,0 +1,103 @@
|
|
|
1
|
+
import type { BinaryReadOptions, FieldList, JsonReadOptions, JsonValue, PartialMessage, PlainMessage } from "@bufbuild/protobuf";
|
|
2
|
+
import { Message, proto3 } from "@bufbuild/protobuf";
|
|
3
|
+
import { Address } from "./types_pb.js";
|
|
4
|
+
/**
|
|
5
|
+
* RequestDepositAttestationRequest is the envelope payload for RequestDepositAttestation.
|
|
6
|
+
*
|
|
7
|
+
* @generated from message inco.shield.v2.RequestDepositAttestationRequest
|
|
8
|
+
*/
|
|
9
|
+
export declare class RequestDepositAttestationRequest extends Message<RequestDepositAttestationRequest> {
|
|
10
|
+
/**
|
|
11
|
+
* Plaintext recipient address — TEE encrypts this to produce on-chain to_ciphertext.
|
|
12
|
+
*
|
|
13
|
+
* @generated from field: inco.shield.v2.Address recipient = 1;
|
|
14
|
+
*/
|
|
15
|
+
recipient?: Address;
|
|
16
|
+
/**
|
|
17
|
+
* The asset adapter address (20 bytes, encoded as an Address).
|
|
18
|
+
*
|
|
19
|
+
* @generated from field: inco.shield.v2.Address asset_adapter = 2;
|
|
20
|
+
*/
|
|
21
|
+
assetAdapter?: Address;
|
|
22
|
+
/**
|
|
23
|
+
* Asset identification data (e.g. abi.encode(tokenAddress)).
|
|
24
|
+
*
|
|
25
|
+
* @generated from field: bytes asset_identification_args = 3;
|
|
26
|
+
*/
|
|
27
|
+
assetIdentificationArgs: Uint8Array<ArrayBuffer>;
|
|
28
|
+
/**
|
|
29
|
+
* Optional memo.
|
|
30
|
+
*
|
|
31
|
+
* @generated from field: bytes memo = 4;
|
|
32
|
+
*/
|
|
33
|
+
memo: Uint8Array<ArrayBuffer>;
|
|
34
|
+
/**
|
|
35
|
+
* Optional escape hatch data.
|
|
36
|
+
*
|
|
37
|
+
* @generated from field: bytes escape_hatch = 5;
|
|
38
|
+
*/
|
|
39
|
+
escapeHatch: Uint8Array<ArrayBuffer>;
|
|
40
|
+
/**
|
|
41
|
+
* Symmetric key for AEAD-encrypting the response.
|
|
42
|
+
*
|
|
43
|
+
* @generated from field: bytes response_key = 6;
|
|
44
|
+
*/
|
|
45
|
+
responseKey: Uint8Array<ArrayBuffer>;
|
|
46
|
+
/**
|
|
47
|
+
* Depositor's EIP-712 signature over the DepositAttestationRequest digest
|
|
48
|
+
* (covers depositor, recipient, asset_adapter, asset_identification_args,
|
|
49
|
+
* memo, escape_hatch).
|
|
50
|
+
*
|
|
51
|
+
* @generated from field: bytes eip712_signature = 7;
|
|
52
|
+
*/
|
|
53
|
+
eip712Signature: Uint8Array<ArrayBuffer>;
|
|
54
|
+
/**
|
|
55
|
+
* Depositor address (must match eip712_signature signer).
|
|
56
|
+
*
|
|
57
|
+
* @generated from field: inco.shield.v2.Address depositor = 9;
|
|
58
|
+
*/
|
|
59
|
+
depositor?: Address;
|
|
60
|
+
constructor(data?: PartialMessage<RequestDepositAttestationRequest>);
|
|
61
|
+
static readonly runtime: typeof proto3;
|
|
62
|
+
static readonly typeName = "inco.shield.v2.RequestDepositAttestationRequest";
|
|
63
|
+
static readonly fields: FieldList;
|
|
64
|
+
static fromBinary(bytes: Uint8Array, options?: Partial<BinaryReadOptions>): RequestDepositAttestationRequest;
|
|
65
|
+
static fromJson(jsonValue: JsonValue, options?: Partial<JsonReadOptions>): RequestDepositAttestationRequest;
|
|
66
|
+
static fromJsonString(jsonString: string, options?: Partial<JsonReadOptions>): RequestDepositAttestationRequest;
|
|
67
|
+
static equals(a: RequestDepositAttestationRequest | PlainMessage<RequestDepositAttestationRequest> | undefined, b: RequestDepositAttestationRequest | PlainMessage<RequestDepositAttestationRequest> | undefined): boolean;
|
|
68
|
+
}
|
|
69
|
+
/**
|
|
70
|
+
* RequestDepositAttestationResponse returns the TEE-generated ciphertext and attestation signature.
|
|
71
|
+
* Serialized into an EncryptedResponse (AEAD-encrypted with the caller's response_key).
|
|
72
|
+
*
|
|
73
|
+
* @generated from message inco.shield.v2.RequestDepositAttestationResponse
|
|
74
|
+
*/
|
|
75
|
+
export declare class RequestDepositAttestationResponse extends Message<RequestDepositAttestationResponse> {
|
|
76
|
+
/**
|
|
77
|
+
* TEE signature over the DepositAttestation EIP-712 digest.
|
|
78
|
+
*
|
|
79
|
+
* @generated from field: bytes tee_signature = 1;
|
|
80
|
+
*/
|
|
81
|
+
teeSignature: Uint8Array<ArrayBuffer>;
|
|
82
|
+
/**
|
|
83
|
+
* Error message if the request failed.
|
|
84
|
+
*
|
|
85
|
+
* @generated from field: string error_message = 2;
|
|
86
|
+
*/
|
|
87
|
+
errorMessage: string;
|
|
88
|
+
/**
|
|
89
|
+
* TEE-generated AEAD-encrypted recipient address (the on-chain `Deposit.toCiphertext`),
|
|
90
|
+
* sealed under the quorum-shared enclave key with a fresh random nonce.
|
|
91
|
+
*
|
|
92
|
+
* @generated from field: bytes to_ciphertext = 3;
|
|
93
|
+
*/
|
|
94
|
+
toCiphertext: Uint8Array<ArrayBuffer>;
|
|
95
|
+
constructor(data?: PartialMessage<RequestDepositAttestationResponse>);
|
|
96
|
+
static readonly runtime: typeof proto3;
|
|
97
|
+
static readonly typeName = "inco.shield.v2.RequestDepositAttestationResponse";
|
|
98
|
+
static readonly fields: FieldList;
|
|
99
|
+
static fromBinary(bytes: Uint8Array, options?: Partial<BinaryReadOptions>): RequestDepositAttestationResponse;
|
|
100
|
+
static fromJson(jsonValue: JsonValue, options?: Partial<JsonReadOptions>): RequestDepositAttestationResponse;
|
|
101
|
+
static fromJsonString(jsonString: string, options?: Partial<JsonReadOptions>): RequestDepositAttestationResponse;
|
|
102
|
+
static equals(a: RequestDepositAttestationResponse | PlainMessage<RequestDepositAttestationResponse> | undefined, b: RequestDepositAttestationResponse | PlainMessage<RequestDepositAttestationResponse> | undefined): boolean;
|
|
103
|
+
}
|