npm - @kairoguard/sdk - Versions diffs - 0.0.7 → 0.0.8 - Mend

@kairoguard/sdk 0.0.7 → 0.0.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/dist/client.js CHANGED Viewed

@@ -10,7 +10,7 @@
  */
 import { BackendClient, } from "./backend.js";
 import { KeyStore } from "./keystore.js";
-import { Curve, fetchProtocolParams, deriveEncryptionKeys, generateSeed, generateSessionIdentifier, runDKG, computeUserOutputSignature, fetchDWallet, } from "./ika-protocol.js";
+import { Curve, fetchProtocolParams, deriveEncryptionKeys, generateSeed, generateSessionIdentifier, runDKG, computeUserOutputSignature, fetchDWallet, waitForDWalletState, } from "./ika-protocol.js";
 import { Hash, SignatureAlgorithm, createUserSignMessageWithPublicOutput } from "@ika.xyz/sdk";
 import { computeEvmIntentFromUnsignedTxBytes } from "./evmIntent.js";
 import { keccak256, recoverTransactionAddress, serializeTransaction, } from "viem";
@@ -64,6 +64,8 @@ const PRESIGN_POLL_INTERVAL_MS = 2_000;
 const PRESIGN_POLL_TIMEOUT_MS = 120_000;
 const SIGN_POLL_INTERVAL_MS = 2_000;
 const SIGN_POLL_TIMEOUT_MS = 180_000;
+const ACTIVATION_POLL_INTERVAL_MS = 3_000;
+const ACTIVATION_POLL_TIMEOUT_MS = 90_000;
 function curveToNumber(curve) {
     return curve === "ed25519" ? 2 : 0;
 }
@@ -149,21 +151,7 @@ export class KairoClient {
         const walletId = dkgResult.dWalletObjectId;
         const address = (curve === "ed25519" ? dkgResult.solanaAddress : dkgResult.ethereumAddress) ?? "";
         const encryptedShareId = dkgResult.encryptedUserSecretKeyShareId ?? "";
-        // 8. Activate the dWallet (sign to accept encrypted key share)
-        if (encryptedShareId) {
-            await this.activateWallet(walletId, encryptedShareId, encryptionKeys, dkgOutputs.userPublicOutput);
-        }
-        // 9. Provision into vault (binding + registration) if policy is provided
-        let bindingObjectId;
-        if (opts?.policyObjectId) {
-            const provisionResult = await this.backend.provision({
-                dwalletObjectId: walletId,
-                policyObjectId: opts.policyObjectId,
-                stableId: opts.stableId ?? `agent-wallet-${walletId.slice(0, 8)}`,
-            });
-            bindingObjectId = provisionResult.bindingObjectId ?? undefined;
-        }
-        // 10. Save secret share locally
+        // 8. Save secret share locally BEFORE activation so it is never lost
         const record = {
             walletId,
             dWalletCapId: dkgResult.dWalletCapObjectId,
@@ -173,11 +161,26 @@ export class KairoClient {
             userSecretKeyShare: dkgOutputs.userSecretKeyShare,
             userPublicOutput: dkgOutputs.userPublicOutput,
             encryptedUserSecretKeyShareId: encryptedShareId,
-            bindingObjectId,
+            bindingObjectId: undefined,
             policyObjectId: opts?.policyObjectId,
             createdAt: Date.now(),
         };
         this.store.save(record);
+        // 9. Activate the dWallet (sign to accept encrypted key share)
+        if (encryptedShareId) {
+            await this.activateWallet(walletId, encryptedShareId, encryptionKeys, dkgOutputs.userPublicOutput);
+        }
+        // 10. Provision into vault (binding + registration) if policy is provided
+        let bindingObjectId;
+        if (opts?.policyObjectId) {
+            const provisionResult = await this.backend.provision({
+                dwalletObjectId: walletId,
+                policyObjectId: opts.policyObjectId,
+                stableId: opts.stableId ?? `agent-wallet-${walletId.slice(0, 8)}`,
+            });
+            bindingObjectId = provisionResult.bindingObjectId ?? undefined;
+            this.store.save({ ...record, bindingObjectId });
+        }
         return {
             walletId,
             address,
@@ -534,38 +537,26 @@ export class KairoClient {
         return BigInt(balanceHex);
     }
     async activateWallet(walletId, encryptedShareId, encryptionKeys, userPublicOutput) {
-        // Wait a moment for the dWallet state to propagate
-        await new Promise((r) => setTimeout(r, 2000));
-        const rpcUrlForActivation = await this.resolveSuiRpcUrl();
-        const dWallet = await withRetry(() => fetchDWallet(rpcUrlForActivation, this.network, walletId), { label: "fetchDWallet(activate)" });
-        // Check dWallet state - skip activation if already active
-        const state = dWallet?.state;
-        const isActive = Boolean(state?.Active) || state?.$kind === "Active";
-        if (isActive) {
-            // Already activated, nothing to do
-            return;
-        }
-        const isAwaitingSignature = Boolean(state?.AwaitingKeyHolderSignature) ||
-            state?.$kind === "AwaitingKeyHolderSignature";
-        if (!isAwaitingSignature) {
-            // Unknown state - wait and retry once
-            await new Promise((r) => setTimeout(r, 3000));
-            const dWallet2 = await withRetry(() => fetchDWallet(rpcUrlForActivation, this.network, walletId), { label: "fetchDWallet(activate-recheck)" });
-            const state2 = dWallet2?.state;
-            const isActive2 = Boolean(state2?.Active) || state2?.$kind === "Active";
-            if (isActive2)
+        const rpcUrl = await this.resolveSuiRpcUrl();
+        // After DKG the on-chain dWallet goes through AwaitingNetworkDKGVerification
+        // (30-60s+ on testnet). Use the Ika SDK's native polling to wait for the
+        // correct state before attempting activation.
+        let dWallet;
+        try {
+            dWallet = await waitForDWalletState(rpcUrl, this.network, walletId, "AwaitingKeyHolderSignature", { timeout: ACTIVATION_POLL_TIMEOUT_MS, interval: ACTIVATION_POLL_INTERVAL_MS });
+        }
+        catch {
+            // May already be Active (idempotent retry after earlier partial success)
+            const current = await withRetry(() => fetchDWallet(rpcUrl, this.network, walletId), { label: "fetchDWallet(activate-fallback)" });
+            const kind = String(current?.state?.$kind ?? "");
+            if (kind === "Active")
                 return;
-            const isAwaiting2 = Boolean(state2?.AwaitingKeyHolderSignature) ||
-                state2?.$kind === "AwaitingKeyHolderSignature";
-            if (!isAwaiting2) {
-                const stateKind = state2?.$kind ?? Object.keys(state2 ?? {})[0] ?? "Unknown";
-                throw new Error(`dWallet is not ready for activation (state=${stateKind}). ` +
-                    `This can happen if the DKG is still processing. Wait a few seconds and retry.`);
-            }
+            throw new Error(`dWallet activation timed out after ${ACTIVATION_POLL_TIMEOUT_MS / 1000}s ` +
+                `(state=${kind || "Unknown"}). The wallet record is saved locally — retry later.`);
         }
         const signature = await computeUserOutputSignature({
             encryptionKeys,
-            dWallet,
+            dWallet: dWallet,
             userPublicOutput: new Uint8Array(userPublicOutput),
         });
         await this.backend.activateDWallet({

package/dist/ika-protocol.d.ts CHANGED Viewed

@@ -54,6 +54,14 @@ export declare function computeUserOutputSignature(params: {
  * Fetch the dWallet object from Ika network for activation.
  */
 export declare function fetchDWallet(suiRpcUrl: string, network: "testnet" | "mainnet", dwalletId: string): Promise<any>;
+/**
+ * Poll until the dWallet reaches `targetState` using the Ika SDK's native
+ * getDWalletInParticularState, which handles reindexing/lag gracefully.
+ */
+export declare function waitForDWalletState(suiRpcUrl: string, network: "testnet" | "mainnet", dwalletId: string, targetState: "AwaitingKeyHolderSignature" | "Active", opts?: {
+    timeout?: number;
+    interval?: number;
+}): Promise<any>;
 export interface ComputeUserSignMessageParams {
     protocolPublicParameters: Uint8Array;
     userPublicOutput: Uint8Array;

package/dist/ika-protocol.js CHANGED Viewed

@@ -98,6 +98,18 @@ export async function fetchDWallet(suiRpcUrl, network, dwalletId) {
     await ready;
     return ikaClient.getDWallet(dwalletId);
 }
+/**
+ * Poll until the dWallet reaches `targetState` using the Ika SDK's native
+ * getDWalletInParticularState, which handles reindexing/lag gracefully.
+ */
+export async function waitForDWalletState(suiRpcUrl, network, dwalletId, targetState, opts) {
+    const { ikaClient, ready } = getOrCreateIkaClient(network, suiRpcUrl);
+    await ready;
+    return ikaClient.getDWalletInParticularState(dwalletId, targetState, {
+        timeout: opts?.timeout ?? 90_000,
+        interval: opts?.interval ?? 3_000,
+    });
+}
 /**
  * Build the user-side sign message used by IKA MPC signing.
  */

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@kairoguard/sdk",
-  "version": "0.0.7",
+  "version": "0.0.8",
   "type": "module",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",