@inversealtruism/csd-codec 0.1.1 → 0.1.3

package/README.md

@@ -0,0 +1,11 @@
+# @inversealtruism/csd-codec
+
+bincode codec (serialize/deserialize), txid, sighash (CSD_SIG_V1), header serialize/hash, compact-bits↔target, merkle proofs, content-addressing. Byte-identical to the Rust node (golden-vector + live-chain gated).
+
+Part of the [Compute Substrate SDK](https://github.com/InverseAltruism/csd-sdk) (L0). Zero `Buffer` — runs in Node, browsers, and MV3 service workers. Deps: `@noble/*` only.
+
+```
+npm i @inversealtruism/csd-codec
+```
+
+See the [repo README](https://github.com/InverseAltruism/csd-sdk#readme) and [examples/quickstart.mjs](https://github.com/InverseAltruism/csd-sdk/blob/master/examples/quickstart.mjs) for usage. MIT.

package/dist/index.cjs

@@ -91,8 +91,20 @@ function u32(n) {
   return b;
 }
 function u64(n) {
+  let v;
+  if (typeof n === "bigint") {
+    v = n;
+  } else {
+    if (!Number.isSafeInteger(n)) {
+      throw new Error(`u64: unsafe number ${n} \u2014 pass values \u2265 2^53 (or negatives) as bigint`);
+    }
+    v = BigInt(n);
+  }
+  if (v < 0n || v > 0xffffffffffffffffn) {
+    throw new Error(`u64: value ${v} out of range [0, 2^64)`);
+  }
   const b = new Uint8Array(8);
-  new DataView(b.buffer).setBigUint64(0, BigInt(n), true);
+  new DataView(b.buffer).setBigUint64(0, v, true);
   return b;
 }
 var lenBytes = (b) => (0, import_utils.concatBytes)(u64(b.length), b);
@@ -344,7 +356,7 @@ function verifyMerkleProof(txidHex, pos, branchHex, merkleRootHex) {
     cur = sha256d(buf);
     idx >>= 1;
   }
-  return hx(cur).toLowerCase() === merkleRootHex.toLowerCase();
+  return hx(cur) === hx(hb(merkleRootHex));
 }
 function merkleBranch(txidsHex, pos) {
   let layer = txidsHex.map(hb);
@@ -372,11 +384,16 @@ function merkleBranch(txidsHex, pos) {
 // src/content.ts
 var import_sha2563 = require("@noble/hashes/sha256");
 var import_utils4 = require("@noble/hashes/utils");
-function canonicalJson(v) {
-  if (v === null || typeof v !== "object") return JSON.stringify(v);
-  if (Array.isArray(v)) return "[" + v.map(canonicalJson).join(",") + "]";
+var MAX_DEPTH = 256;
+function canonicalJson(v, depth = 0) {
+  if (depth > MAX_DEPTH) throw new Error("canonicalJson: max nesting depth exceeded");
+  if (v === null || typeof v !== "object") {
+    if (v === void 0) return "null";
+    return JSON.stringify(v);
+  }
+  if (Array.isArray(v)) return "[" + v.map((x) => canonicalJson(x, depth + 1)).join(",") + "]";
   const o = v;
-  return "{" + Object.keys(o).sort().map((k) => JSON.stringify(k) + ":" + canonicalJson(o[k])).join(",") + "}";
+  return "{" + Object.keys(o).sort().filter((k) => o[k] !== void 0).map((k) => JSON.stringify(k) + ":" + canonicalJson(o[k], depth + 1)).join(",") + "}";
 }
 function payloadHash(content) {
   return "0x" + (0, import_utils4.bytesToHex)((0, import_sha2563.sha256)((0, import_utils4.utf8ToBytes)(canonicalJson(content))));

package/dist/index.d.cts

@@ -124,7 +124,7 @@ declare function verifyMerkleProof(txidHex: string, pos: number, branchHex: stri
 /** Build the merkle branch for tx at index `pos` from the full ordered txid list. */
 declare function merkleBranch(txidsHex: string[], pos: number): string[];
 
-declare function canonicalJson(v: unknown): string;
+declare function canonicalJson(v: unknown, depth?: number): string;
 /** payload_hash for a content record (0x-hex sha256 of its canonical JSON). */
 declare function payloadHash(content: unknown): string;
 /** Verify served bytes match an on-chain payload_hash (self-certification). */

package/dist/index.d.ts

@@ -124,7 +124,7 @@ declare function verifyMerkleProof(txidHex: string, pos: number, branchHex: stri
 /** Build the merkle branch for tx at index `pos` from the full ordered txid list. */
 declare function merkleBranch(txidsHex: string[], pos: number): string[];
 
-declare function canonicalJson(v: unknown): string;
+declare function canonicalJson(v: unknown, depth?: number): string;
 /** payload_hash for a content record (0x-hex sha256 of its canonical JSON). */
 declare function payloadHash(content: unknown): string;
 /** Verify served bytes match an on-chain payload_hash (self-certification). */

package/dist/index.js

@@ -11,8 +11,20 @@ function u32(n) {
   return b;
 }
 function u64(n) {
+  let v;
+  if (typeof n === "bigint") {
+    v = n;
+  } else {
+    if (!Number.isSafeInteger(n)) {
+      throw new Error(`u64: unsafe number ${n} \u2014 pass values \u2265 2^53 (or negatives) as bigint`);
+    }
+    v = BigInt(n);
+  }
+  if (v < 0n || v > 0xffffffffffffffffn) {
+    throw new Error(`u64: value ${v} out of range [0, 2^64)`);
+  }
   const b = new Uint8Array(8);
-  new DataView(b.buffer).setBigUint64(0, BigInt(n), true);
+  new DataView(b.buffer).setBigUint64(0, v, true);
   return b;
 }
 var lenBytes = (b) => concatBytes(u64(b.length), b);
@@ -264,7 +276,7 @@ function verifyMerkleProof(txidHex, pos, branchHex, merkleRootHex) {
     cur = sha256d(buf);
     idx >>= 1;
   }
-  return hx(cur).toLowerCase() === merkleRootHex.toLowerCase();
+  return hx(cur) === hx(hb(merkleRootHex));
 }
 function merkleBranch(txidsHex, pos) {
   let layer = txidsHex.map(hb);
@@ -292,11 +304,16 @@ function merkleBranch(txidsHex, pos) {
 // src/content.ts
 import { sha256 as sha2563 } from "@noble/hashes/sha256";
 import { bytesToHex as bytesToHex2, utf8ToBytes as utf8ToBytes3 } from "@noble/hashes/utils";
-function canonicalJson(v) {
-  if (v === null || typeof v !== "object") return JSON.stringify(v);
-  if (Array.isArray(v)) return "[" + v.map(canonicalJson).join(",") + "]";
+var MAX_DEPTH = 256;
+function canonicalJson(v, depth = 0) {
+  if (depth > MAX_DEPTH) throw new Error("canonicalJson: max nesting depth exceeded");
+  if (v === null || typeof v !== "object") {
+    if (v === void 0) return "null";
+    return JSON.stringify(v);
+  }
+  if (Array.isArray(v)) return "[" + v.map((x) => canonicalJson(x, depth + 1)).join(",") + "]";
   const o = v;
-  return "{" + Object.keys(o).sort().map((k) => JSON.stringify(k) + ":" + canonicalJson(o[k])).join(",") + "}";
+  return "{" + Object.keys(o).sort().filter((k) => o[k] !== void 0).map((k) => JSON.stringify(k) + ":" + canonicalJson(o[k], depth + 1)).join(",") + "}";
 }
 function payloadHash(content) {
   return "0x" + bytesToHex2(sha2563(utf8ToBytes3(canonicalJson(content))));

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@inversealtruism/csd-codec",
-  "version": "0.1.1",
+  "version": "0.1.3",
   "description": "Compute Substrate consensus codec — bincode (fixint-LE) serialize/deserialize, txid, sighash (CSD_SIG_V1), header serialize/hash, compact-bits→target, merkle. Byte-identical to the Rust node (golden-vector-gated).",
   "type": "module",
   "main": "./dist/index.cjs",
@@ -15,13 +15,14 @@
   },
   "files": [
     "dist",
-    "LICENSE"
+    "LICENSE",
+    "README.md"
   ],
   "dependencies": {
     "@noble/hashes": "1.8.0"
   },
   "devDependencies": {
-    "@inversealtruism/csd-vectors": "0.1.1"
+    "@inversealtruism/csd-vectors": "0.1.3"
   },
   "license": "MIT",
   "sideEffects": false,