@koralabs/kora-labs-common 6.7.9 → 6.8.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/handles/utils.js CHANGED
@@ -1,30 +1,7 @@
1
1
  "use strict";
2
- var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
3
- if (k2 === undefined) k2 = k;
4
- var desc = Object.getOwnPropertyDescriptor(m, k);
5
- if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
6
- desc = { enumerable: true, get: function() { return m[k]; } };
7
- }
8
- Object.defineProperty(o, k2, desc);
9
- }) : (function(o, m, k, k2) {
10
- if (k2 === undefined) k2 = k;
11
- o[k2] = m[k];
12
- }));
13
- var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
14
- Object.defineProperty(o, "default", { enumerable: true, value: v });
15
- }) : function(o, v) {
16
- o["default"] = v;
17
- });
18
- var __importStar = (this && this.__importStar) || function (mod) {
19
- if (mod && mod.__esModule) return mod;
20
- var result = {};
21
- if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
22
- __setModuleDefault(result, mod);
23
- return result;
24
- };
25
2
  Object.defineProperty(exports, "__esModule", { value: true });
26
3
  exports.buildDrep = exports.checkHandlePattern = exports.buildMetadata = exports.buildNumericModifiers = exports.buildCharacters = exports.getRarity = void 0;
27
- const crypto = __importStar(require("crypto"));
4
+ const js_md5_1 = require("js-md5");
28
5
  const constants_1 = require("../constants");
29
6
  const utils_1 = require("../utils");
30
7
  const constants_2 = require("./constants");
@@ -128,7 +105,7 @@ const buildDrep = (address, id_hash) => {
128
105
  const decoded = (_a = (0, utils_1.decodeAddress)(address)) === null || _a === void 0 ? void 0 : _a.slice(2, 58);
129
106
  if (!decoded || decoded == '')
130
107
  return undefined;
131
- const hashed = crypto.createHash('md5').update(Buffer.from(decoded, 'hex')).digest('hex');
108
+ const hashed = (0, js_md5_1.md5)(Buffer.from(decoded, 'hex'));
132
109
  if (!id_hash.startsWith(hashed))
133
110
  return undefined;
134
111
  const typeByte = id_hash.slice(32, 34);
package/index.d.ts CHANGED
@@ -1,5 +1,4 @@
1
1
  export * from './constants';
2
- export * from './aws';
3
2
  export { ComputeEnvironment, Environment } from './environment';
4
3
  export * from './errors';
5
4
  export * from './fn';
package/index.js CHANGED
@@ -16,7 +16,9 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
16
16
  Object.defineProperty(exports, "__esModule", { value: true });
17
17
  exports.ProtectedWords = exports.Logger = exports.LogCategory = exports.Environment = exports.ComputeEnvironment = void 0;
18
18
  __exportStar(require("./constants"), exports);
19
- __exportStar(require("./aws"), exports);
19
+ // NOTE: './aws' (KMS + JWT signing) is intentionally NOT re-exported here — it pulls Node-only
20
+ // deps (@aws-sdk/client-kms, node:crypto) that break browser bundles. It is server-only; import it
21
+ // directly from the subpath: `@koralabs/kora-labs-common/aws`. This keeps the root index isomorphic.
20
22
  var environment_1 = require("./environment");
21
23
  Object.defineProperty(exports, "ComputeEnvironment", { enumerable: true, get: function () { return environment_1.ComputeEnvironment; } });
22
24
  Object.defineProperty(exports, "Environment", { enumerable: true, get: function () { return environment_1.Environment; } });
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@koralabs/kora-labs-common",
3
- "version": "6.7.9",
3
+ "version": "6.8.0",
4
4
  "description": "Kora Labs Common Utilities",
5
5
  "main": "index.js",
6
6
  "types": "index.d.ts",
@@ -40,13 +40,13 @@
40
40
  },
41
41
  "dependencies": {
42
42
  "@aws-sdk/client-kms": "^3.1003.0",
43
- "@emurgo/cardano-message-signing-nodejs": "^1.0.1",
44
43
  "bech32": "^2.0.0",
45
44
  "blakejs": "^1.2.1",
46
45
  "boolean": "^3.2.0",
47
46
  "bs58": "^6.0.0",
48
47
  "cbor": "^9.0.2",
49
48
  "crc": "^4.3.2",
49
+ "js-md5": "^0.8.3",
50
50
  "libsodium-wrappers-sumo": "^0.8.3",
51
51
  "pluralize-esm": "^9.0.5"
52
52
  },
package/utils/index.d.ts CHANGED
@@ -30,5 +30,4 @@ export declare const isUserIssueTrackingId: (value: unknown) => value is string;
30
30
  export declare const normalizeUserIssueEventSegment: (value: string) => string;
31
31
  export declare const buildUserIssueEventKey: (repo: string, flow: string, pathOrFunction: string, step: string) => string;
32
32
  export { decodeCborToJson, encodeJsonToDatum, DefaultTextFormat as KeyType } from './cbor';
33
- export * from './cip8';
34
33
  export * from './crypto';
package/utils/index.js CHANGED
@@ -199,5 +199,7 @@ var cbor_1 = require("./cbor");
199
199
  Object.defineProperty(exports, "decodeCborToJson", { enumerable: true, get: function () { return cbor_1.decodeCborToJson; } });
200
200
  Object.defineProperty(exports, "encodeJsonToDatum", { enumerable: true, get: function () { return cbor_1.encodeJsonToDatum; } });
201
201
  Object.defineProperty(exports, "KeyType", { enumerable: true, get: function () { return cbor_1.DefaultTextFormat; } });
202
- __exportStar(require("./cip8"), exports);
202
+ // NOTE: './cip8' (CIP-30 signData via @emurgo/cardano-message-signing-nodejs WASM + node:crypto)
203
+ // was removed from kora-labs-common — its only consumer was auth.handle.me, which now owns it. It
204
+ // is a heavy Node-only signer that should never reach an isomorphic package's surface.
203
205
  __exportStar(require("./crypto"), exports);
@@ -1,29 +0,0 @@
1
- /**
2
- * Produce a CIP-30 signData (CIP-8) signature.
3
- *
4
- * Builds COSE_Sign1 and COSE_Key structures that verifyCip30SignData can verify.
5
- *
6
- * @param privateKeyHex - raw Ed25519 private key (32 bytes hex)
7
- * @param publicKeyHex - raw Ed25519 public key (32 bytes hex)
8
- * @param payloadHex - hex of the payload to sign (e.g. UTF-8 bytes of requestId + handle)
9
- * @param addressHex - hex of the signing address (included in COSE protected headers)
10
- * @returns { signature: string, key: string } — COSESign1 and COSEKey as CBOR hex
11
- */
12
- export declare const signCip30Data: (privateKeyHex: string, publicKeyHex: string, payloadHex: string, addressHex: string, signFn?: ((messageHex: string) => string) | undefined) => Promise<{
13
- signature: string;
14
- key: string;
15
- }>;
16
- /**
17
- * Verify a CIP-30 signData (CIP-8) signature.
18
- *
19
- * Parses the COSE structures produced by the wallet, reconstructs the
20
- * SigStructure using the library (not manual CBOR), and verifies the
21
- * Ed25519 signature with Node.js crypto.
22
- *
23
- * @param signatureCborHex - COSESign1 CBOR hex from wallet signData response
24
- * @param publicKeyCborHex - COSEKey CBOR hex from wallet signData response
25
- * @param expectedPayloadHex - hex of the expected signed payload (e.g. requestId + handle as UTF-8 bytes)
26
- * @param expectedAddressHex - hex of the expected signing address (must match the address in the COSE protected headers)
27
- * @returns true if the signature is valid
28
- */
29
- export declare const verifyCip30SignData: (signatureCborHex: string, publicKeyCborHex: string, expectedPayloadHex: string, expectedAddressHex: string) => Promise<boolean>;
@@ -1,154 +0,0 @@
1
- "use strict";
2
- var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
3
- if (k2 === undefined) k2 = k;
4
- var desc = Object.getOwnPropertyDescriptor(m, k);
5
- if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
6
- desc = { enumerable: true, get: function() { return m[k]; } };
7
- }
8
- Object.defineProperty(o, k2, desc);
9
- }) : (function(o, m, k, k2) {
10
- if (k2 === undefined) k2 = k;
11
- o[k2] = m[k];
12
- }));
13
- var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
14
- Object.defineProperty(o, "default", { enumerable: true, value: v });
15
- }) : function(o, v) {
16
- o["default"] = v;
17
- });
18
- var __importStar = (this && this.__importStar) || function (mod) {
19
- if (mod && mod.__esModule) return mod;
20
- var result = {};
21
- if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
22
- __setModuleDefault(result, mod);
23
- return result;
24
- };
25
- Object.defineProperty(exports, "__esModule", { value: true });
26
- exports.verifyCip30SignData = exports.signCip30Data = void 0;
27
- const crypto_1 = require("crypto");
28
- let _cms;
29
- const getCms = async () => {
30
- if (!_cms) {
31
- _cms = await Promise.resolve().then(() => __importStar(require('@emurgo/cardano-message-signing-nodejs')));
32
- }
33
- return _cms;
34
- };
35
- /**
36
- * Produce a CIP-30 signData (CIP-8) signature.
37
- *
38
- * Builds COSE_Sign1 and COSE_Key structures that verifyCip30SignData can verify.
39
- *
40
- * @param privateKeyHex - raw Ed25519 private key (32 bytes hex)
41
- * @param publicKeyHex - raw Ed25519 public key (32 bytes hex)
42
- * @param payloadHex - hex of the payload to sign (e.g. UTF-8 bytes of requestId + handle)
43
- * @param addressHex - hex of the signing address (included in COSE protected headers)
44
- * @returns { signature: string, key: string } — COSESign1 and COSEKey as CBOR hex
45
- */
46
- const signCip30Data = async (privateKeyHex, publicKeyHex, payloadHex, addressHex,
47
- /** Optional sign function for extended keys. Takes message hex, returns signature hex. */
48
- signFn) => {
49
- const cms = await getCms();
50
- const payloadBytes = Buffer.from(payloadHex, 'hex');
51
- const addrBytes = Buffer.from(addressHex, 'hex');
52
- const pubKeyBytes = Buffer.from(publicKeyHex, 'hex');
53
- // Build protected headers: algorithm = EdDSA, address = signing address
54
- const protectedHeaders = cms.HeaderMap.new();
55
- protectedHeaders.set_algorithm_id(cms.Label.from_algorithm_id(cms.AlgorithmId.EdDSA));
56
- protectedHeaders.set_header(cms.Label.new_text('address'), cms.CBORValue.new_bytes(addrBytes));
57
- const headers = cms.Headers.new(cms.ProtectedHeaderMap.new(protectedHeaders), cms.HeaderMap.new());
58
- const builder = cms.COSESign1Builder.new(headers, payloadBytes, false);
59
- // Sign the SigStructure with the Ed25519 private key.
60
- // Accepts 32-byte seed (Node.js crypto) or 64-byte extended key (Cardano BIP32).
61
- // For extended keys, a signFn callback must be provided since the standard
62
- // DER format doesn't support pre-clamped scalars.
63
- const sigStructureBytes = builder.make_data_to_sign().to_bytes();
64
- const privKeyRaw = Buffer.from(privateKeyHex, 'hex');
65
- let signatureBytes;
66
- if (privKeyRaw.length <= 32) {
67
- // 32-byte seed: use Node.js crypto
68
- const privKeyDer = Buffer.concat([
69
- Buffer.from('302e020100300506032b657004220420', 'hex'),
70
- privKeyRaw
71
- ]);
72
- const keyObject = (0, crypto_1.createPrivateKey)({ key: privKeyDer, format: 'der', type: 'pkcs8' });
73
- signatureBytes = (0, crypto_1.sign)(null, Buffer.from(sigStructureBytes), keyObject);
74
- }
75
- else if (signFn) {
76
- // Extended key with custom sign function (e.g. @cardano-sdk/crypto Ed25519PrivateKey.sign)
77
- signatureBytes = Buffer.from(signFn(Buffer.from(sigStructureBytes).toString('hex')), 'hex');
78
- }
79
- else {
80
- throw new Error('64-byte extended key requires a signFn parameter');
81
- }
82
- const coseSign1 = builder.build(signatureBytes);
83
- // Build COSE_Key with the public key
84
- const coseKey = cms.COSEKey.new(cms.Label.from_key_type(cms.KeyType.OKP));
85
- coseKey.set_algorithm_id(cms.Label.from_algorithm_id(cms.AlgorithmId.EdDSA));
86
- coseKey.set_header(cms.Label.new_int(cms.Int.new_i32(-1)), cms.CBORValue.from_label(cms.Label.from_curve_type(cms.CurveType.Ed25519)));
87
- coseKey.set_header(cms.Label.new_int(cms.Int.new_i32(-2)), cms.CBORValue.new_bytes(pubKeyBytes));
88
- return {
89
- signature: Buffer.from(coseSign1.to_bytes()).toString('hex'),
90
- key: Buffer.from(coseKey.to_bytes()).toString('hex')
91
- };
92
- };
93
- exports.signCip30Data = signCip30Data;
94
- /**
95
- * Verify a CIP-30 signData (CIP-8) signature.
96
- *
97
- * Parses the COSE structures produced by the wallet, reconstructs the
98
- * SigStructure using the library (not manual CBOR), and verifies the
99
- * Ed25519 signature with Node.js crypto.
100
- *
101
- * @param signatureCborHex - COSESign1 CBOR hex from wallet signData response
102
- * @param publicKeyCborHex - COSEKey CBOR hex from wallet signData response
103
- * @param expectedPayloadHex - hex of the expected signed payload (e.g. requestId + handle as UTF-8 bytes)
104
- * @param expectedAddressHex - hex of the expected signing address (must match the address in the COSE protected headers)
105
- * @returns true if the signature is valid
106
- */
107
- const verifyCip30SignData = async (signatureCborHex, publicKeyCborHex, expectedPayloadHex, expectedAddressHex) => {
108
- var _a;
109
- const cms = await getCms();
110
- // Parse COSESign1 and COSEKey from wallet output
111
- const coseSign1 = cms.COSESign1.from_bytes(Buffer.from(signatureCborHex, 'hex'));
112
- const coseKey = cms.COSEKey.from_bytes(Buffer.from(publicKeyCborHex, 'hex'));
113
- // Extract the address from the protected headers and verify it matches
114
- const protectedHeaders = coseSign1.headers().protected().deserialized_headers();
115
- const addressLabel = cms.Label.new_text('address');
116
- const addressValue = protectedHeaders.header(addressLabel);
117
- if (addressValue) {
118
- const addressBytes = Buffer.from((_a = addressValue.as_bytes()) !== null && _a !== void 0 ? _a : new Uint8Array()).toString('hex');
119
- if (addressBytes !== expectedAddressHex) {
120
- return false;
121
- }
122
- }
123
- // Verify the payload matches what we expect
124
- const signedPayload = coseSign1.payload();
125
- if (signedPayload) {
126
- const payloadHex = Buffer.from(signedPayload).toString('hex');
127
- if (payloadHex !== expectedPayloadHex) {
128
- return false;
129
- }
130
- }
131
- // Reconstruct the SigStructure (what was actually signed) using the library
132
- const sigStructure = coseSign1.signed_data();
133
- const sigStructureBytes = sigStructure.to_bytes();
134
- // Extract the raw Ed25519 signature
135
- const signatureBytes = coseSign1.signature();
136
- // Extract the Ed25519 public key from COSEKey (label -2 is the "x" coordinate / public key)
137
- const xLabel = cms.Label.new_int(cms.Int.new_i32(-2));
138
- const pubKeyValue = coseKey.header(xLabel);
139
- if (!pubKeyValue) {
140
- return false;
141
- }
142
- const pubKeyBytes = pubKeyValue.as_bytes();
143
- if (!pubKeyBytes || pubKeyBytes.length !== 32) {
144
- return false;
145
- }
146
- // Wrap the raw Ed25519 public key in DER SPKI format for Node.js crypto
147
- const pubKeyDer = Buffer.concat([
148
- Buffer.from('302a300506032b6570032100', 'hex'),
149
- Buffer.from(pubKeyBytes)
150
- ]);
151
- const keyObject = (0, crypto_1.createPublicKey)({ key: pubKeyDer, format: 'der', type: 'spki' });
152
- return (0, crypto_1.verify)(null, Buffer.from(sigStructureBytes), keyObject, Buffer.from(signatureBytes));
153
- };
154
- exports.verifyCip30SignData = verifyCip30SignData;