@kynesyslabs/demosdk 2.7.0 → 2.7.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/build/index.d.ts +1 -0
- package/build/index.js +2 -1
- package/build/index.js.map +1 -1
- package/build/keyserver/KeyServerClient.d.ts +7 -4
- package/build/keyserver/KeyServerClient.js +20 -5
- package/build/keyserver/KeyServerClient.js.map +1 -1
- package/build/keyserver/index.d.ts +1 -1
- package/build/keyserver/types.d.ts +55 -1
- package/build/keyserver/verification.d.ts +3 -1
- package/build/keyserver/verification.js.map +1 -1
- package/build/tlsnotary/TLSNotary.d.ts +161 -0
- package/build/tlsnotary/TLSNotary.js +434 -0
- package/build/tlsnotary/TLSNotary.js.map +1 -0
- package/build/tlsnotary/index.d.ts +29 -0
- package/build/tlsnotary/index.js +38 -0
- package/build/tlsnotary/index.js.map +1 -0
- package/build/tlsnotary/types.d.ts +116 -0
- package/build/tlsnotary/types.js +8 -0
- package/build/tlsnotary/types.js.map +1 -0
- package/build/tlsnotary/worker.d.ts +20 -0
- package/build/tlsnotary/worker.js +63 -0
- package/build/tlsnotary/worker.js.map +1 -0
- package/build/websdk/demosclass.d.ts +33 -0
- package/build/websdk/demosclass.js +70 -0
- package/build/websdk/demosclass.js.map +1 -1
- package/package.json +6 -3
package/build/index.d.ts
CHANGED
package/build/index.js
CHANGED
|
@@ -33,7 +33,7 @@ var __importStar = (this && this.__importStar) || (function () {
|
|
|
33
33
|
};
|
|
34
34
|
})();
|
|
35
35
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
36
|
-
exports.ipfs = exports.escrow = exports.storage = exports.instantMessaging = exports.bridge = exports.web2 = exports.abstraction = exports.websdk = exports.l2ps = exports.demoswork = exports.wallet = exports.xmcore = exports.xmwebsdk = exports.xmlocalsdk = exports.utils = exports.encryption = exports.types = void 0;
|
|
36
|
+
exports.tlsnotary = exports.ipfs = exports.escrow = exports.storage = exports.instantMessaging = exports.bridge = exports.web2 = exports.abstraction = exports.websdk = exports.l2ps = exports.demoswork = exports.wallet = exports.xmcore = exports.xmwebsdk = exports.xmlocalsdk = exports.utils = exports.encryption = exports.types = void 0;
|
|
37
37
|
// Common types and constants
|
|
38
38
|
exports.types = __importStar(require("./types"));
|
|
39
39
|
// Basic cryptographic and data manipulation functions
|
|
@@ -55,4 +55,5 @@ exports.instantMessaging = __importStar(require("./instant_messaging"));
|
|
|
55
55
|
exports.storage = __importStar(require("./storage"));
|
|
56
56
|
exports.escrow = __importStar(require("./escrow"));
|
|
57
57
|
exports.ipfs = __importStar(require("./ipfs"));
|
|
58
|
+
exports.tlsnotary = __importStar(require("./tlsnotary"));
|
|
58
59
|
//# sourceMappingURL=index.js.map
|
package/build/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,6BAA6B;AAC7B,iDAAgC;AAChC,sDAAsD;AACtD,2DAA0C;AAC1C,iDAAgC;AAEhC,gCAAgC;AAChC,oEAAmD;AACnD,gEAA+C;AAC/C,4DAA2C,CAAC,gCAAgC;AAE5E,mDAAkC;AAClC,yDAAwC;AAExC,+CAA8B;AAE9B,mDAAkC;AAClC,6DAA4C;AAC5C,2DAA0C;AAE1C,qCAAqC;AACrC,mDAAkC;AAElC,wEAAuD;AAEvD,qDAAoC;AAEpC,mDAAkC;AAElC,+CAA8B"}
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,6BAA6B;AAC7B,iDAAgC;AAChC,sDAAsD;AACtD,2DAA0C;AAC1C,iDAAgC;AAEhC,gCAAgC;AAChC,oEAAmD;AACnD,gEAA+C;AAC/C,4DAA2C,CAAC,gCAAgC;AAE5E,mDAAkC;AAClC,yDAAwC;AAExC,+CAA8B;AAE9B,mDAAkC;AAClC,6DAA4C;AAC5C,2DAA0C;AAE1C,qCAAqC;AACrC,mDAAkC;AAElC,wEAAuD;AAEvD,qDAAoC;AAEpC,mDAAkC;AAElC,+CAA8B;AAE9B,yDAAwC"}
|
|
@@ -5,10 +5,11 @@
|
|
|
5
5
|
* Enables dApps to verify user ownership of GitHub/Discord accounts
|
|
6
6
|
* with DAHR attestation.
|
|
7
7
|
*/
|
|
8
|
-
import type { KeyServerClientConfig, OAuthService, OAuthInitOptions, OAuthInitResult, OAuthPollResult, OAuthVerifyOptions, OAuthVerificationResult } from "./types";
|
|
8
|
+
import type { KeyServerClientConfig, OAuthService, OAuthInitOptions, OAuthInitResult, OAuthPollResult, OAuthVerifyOptions, OAuthVerificationResult, WalletBinding } from "./types";
|
|
9
9
|
export declare class KeyServerClient {
|
|
10
10
|
private readonly endpoint;
|
|
11
11
|
private readonly nodePubKey;
|
|
12
|
+
private readonly defaultWalletAddress?;
|
|
12
13
|
constructor(config: KeyServerClientConfig);
|
|
13
14
|
/**
|
|
14
15
|
* Get list of available OAuth providers
|
|
@@ -30,18 +31,20 @@ export declare class KeyServerClient {
|
|
|
30
31
|
* Poll for OAuth verification result
|
|
31
32
|
*
|
|
32
33
|
* @param state - State identifier from initiateOAuth
|
|
34
|
+
* @param walletBinding - Optional wallet binding with signature proving ownership
|
|
33
35
|
* @returns Current status of the OAuth flow
|
|
34
36
|
* @throws OAuthError if polling fails
|
|
35
37
|
*/
|
|
36
|
-
pollOAuth(state: string): Promise<OAuthPollResult>;
|
|
38
|
+
pollOAuth(state: string, walletBinding?: WalletBinding): Promise<OAuthPollResult>;
|
|
37
39
|
/**
|
|
38
40
|
* Convenience method: initiate OAuth and wait for completion
|
|
39
41
|
*
|
|
40
42
|
* This method handles the full OAuth flow:
|
|
41
43
|
* 1. Initiates the OAuth flow
|
|
42
44
|
* 2. Calls onAuthUrl callback for dApp to display the URL
|
|
43
|
-
* 3.
|
|
44
|
-
* 4.
|
|
45
|
+
* 3. Resolves wallet binding (if provided as function, calls with state)
|
|
46
|
+
* 4. Polls until completion, timeout, or failure
|
|
47
|
+
* 5. Returns the verified user info and attestation
|
|
45
48
|
*
|
|
46
49
|
* @param service - OAuth provider ("github" or "discord")
|
|
47
50
|
* @param options - Configuration including callbacks
|
|
@@ -16,6 +16,7 @@ class KeyServerClient {
|
|
|
16
16
|
// Normalize endpoint (remove trailing slash)
|
|
17
17
|
this.endpoint = config.endpoint.replace(/\/$/, "");
|
|
18
18
|
this.nodePubKey = config.nodePubKey;
|
|
19
|
+
this.defaultWalletAddress = config.defaultWalletAddress;
|
|
19
20
|
}
|
|
20
21
|
/**
|
|
21
22
|
* Get list of available OAuth providers
|
|
@@ -61,15 +62,17 @@ class KeyServerClient {
|
|
|
61
62
|
* Poll for OAuth verification result
|
|
62
63
|
*
|
|
63
64
|
* @param state - State identifier from initiateOAuth
|
|
65
|
+
* @param walletBinding - Optional wallet binding with signature proving ownership
|
|
64
66
|
* @returns Current status of the OAuth flow
|
|
65
67
|
* @throws OAuthError if polling fails
|
|
66
68
|
*/
|
|
67
|
-
async pollOAuth(state) {
|
|
69
|
+
async pollOAuth(state, walletBinding) {
|
|
68
70
|
const response = await this.fetch("/oauth/poll", {
|
|
69
71
|
method: "POST",
|
|
70
72
|
body: JSON.stringify({
|
|
71
73
|
state,
|
|
72
74
|
nodePubKey: this.nodePubKey,
|
|
75
|
+
walletBinding,
|
|
73
76
|
}),
|
|
74
77
|
});
|
|
75
78
|
return response;
|
|
@@ -80,8 +83,9 @@ class KeyServerClient {
|
|
|
80
83
|
* This method handles the full OAuth flow:
|
|
81
84
|
* 1. Initiates the OAuth flow
|
|
82
85
|
* 2. Calls onAuthUrl callback for dApp to display the URL
|
|
83
|
-
* 3.
|
|
84
|
-
* 4.
|
|
86
|
+
* 3. Resolves wallet binding (if provided as function, calls with state)
|
|
87
|
+
* 4. Polls until completion, timeout, or failure
|
|
88
|
+
* 5. Returns the verified user info and attestation
|
|
85
89
|
*
|
|
86
90
|
* @param service - OAuth provider ("github" or "discord")
|
|
87
91
|
* @param options - Configuration including callbacks
|
|
@@ -100,7 +104,18 @@ class KeyServerClient {
|
|
|
100
104
|
if (options?.onAuthUrl) {
|
|
101
105
|
options.onAuthUrl(initResult.authUrl, initResult.state);
|
|
102
106
|
}
|
|
103
|
-
// Step 3:
|
|
107
|
+
// Step 3: Resolve wallet binding
|
|
108
|
+
let walletBinding;
|
|
109
|
+
if (options?.walletBinding) {
|
|
110
|
+
if (typeof options.walletBinding === "function") {
|
|
111
|
+
// Call the async function with state to get wallet binding
|
|
112
|
+
walletBinding = await options.walletBinding(initResult.state);
|
|
113
|
+
}
|
|
114
|
+
else {
|
|
115
|
+
walletBinding = options.walletBinding;
|
|
116
|
+
}
|
|
117
|
+
}
|
|
118
|
+
// Step 4: Poll for result
|
|
104
119
|
const startTime = Date.now();
|
|
105
120
|
let attempt = 0;
|
|
106
121
|
while (Date.now() - startTime < timeout) {
|
|
@@ -109,7 +124,7 @@ class KeyServerClient {
|
|
|
109
124
|
if (attempt > 1) {
|
|
110
125
|
await this.sleep(pollInterval);
|
|
111
126
|
}
|
|
112
|
-
const pollResult = await this.pollOAuth(initResult.state);
|
|
127
|
+
const pollResult = await this.pollOAuth(initResult.state, walletBinding);
|
|
113
128
|
// Notify dApp of poll status
|
|
114
129
|
if (options?.onPoll) {
|
|
115
130
|
options.onPoll(attempt, pollResult.status);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"KeyServerClient.js","sourceRoot":"","sources":["../../../src/keyserver/KeyServerClient.ts"],"names":[],"mappings":";AAAA;;;;;;GAMG;;;
|
|
1
|
+
{"version":3,"file":"KeyServerClient.js","sourceRoot":"","sources":["../../../src/keyserver/KeyServerClient.ts"],"names":[],"mappings":";AAAA;;;;;;GAMG;;;AAcH,qCAAsC;AAEtC,MAAM,eAAe,GAAG,MAAM,CAAC,CAAC,aAAa;AAC7C,MAAM,qBAAqB,GAAG,IAAI,CAAC,CAAC,YAAY;AAEhD,MAAa,eAAe;IAKxB,YAAY,MAA6B;QACrC,6CAA6C;QAC7C,IAAI,CAAC,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;QACnD,IAAI,CAAC,UAAU,GAAG,MAAM,CAAC,UAAU,CAAC;QACpC,IAAI,CAAC,oBAAoB,GAAG,MAAM,CAAC,oBAAoB,CAAC;IAC5D,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,YAAY;QACd,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,KAAK,CAC7B,kBAAkB,EAClB,EAAE,MAAM,EAAE,KAAK,EAAE,CACpB,CAAC;QAEF,IAAI,CAAC,QAAQ,CAAC,OAAO,IAAI,CAAC,QAAQ,CAAC,SAAS,EAAE,CAAC;YAC3C,MAAM,IAAI,mBAAU,CAChB,qBAAqB,EACrB,QAAQ,CAAC,KAAK,EAAE,OAAO,IAAI,yBAAyB,CACvD,CAAC;QACN,CAAC;QAED,OAAO,QAAQ,CAAC,SAAS,CAAC;IAC9B,CAAC;IAED;;;;;;;OAOG;IACH,KAAK,CAAC,aAAa,CACf,OAAqB,EACrB,OAA0B;QAE1B,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,KAAK,CAC7B,aAAa,EACb;YACI,MAAM,EAAE,MAAM;YACd,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gBACjB,OAAO;gBACP,UAAU,EAAE,IAAI,CAAC,UAAU;gBAC3B,MAAM,EAAE,OAAO,EAAE,MAAM;aAC1B,CAAC;SACL,CACJ,CAAC;QAEF,IAAI,CAAC,QAAQ,CAAC,OAAO,EAAE,CAAC;YACpB,MAAM,mBAAU,CAAC,YAAY,CACzB,QAAQ,CAAC,KAAK,IAAI,EAAE,IAAI,EAAE,gBAAgB,EAAE,OAAO,EAAE,eAAe,EAAE,CACzE,CAAC;QACN,CAAC;QAED,OAAO;YACH,OAAO,EAAE,IAAI;YACb,OAAO,EAAE,QAAQ,CAAC,OAAO;YACzB,KAAK,EAAE,QAAQ,CAAC,KAAK;YACrB,SAAS,EAAE,QAAQ,CAAC,SAAS;SAChC,CAAC;IACN,CAAC;IAED;;;;;;;OAOG;IACH,KAAK,CAAC,SAAS,CAAC,KAAa,EAAE,aAA6B;QACxD,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,KAAK,CAC7B,aAAa,EACb;YACI,MAAM,EAAE,MAAM;YACd,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gBACjB,KAAK;gBACL,UAAU,EAAE,IAAI,CAAC,UAAU;gBAC3B,aAAa;aAChB,CAAC;SACL,CACJ,CAAC;QAEF,OAAO,QAAQ,CAAC;IACpB,CAAC;IAED;;;;;;;;;;;;;;OAcG;IACH,KAAK,CAAC,WAAW,CACb,OAAqB,EACrB,OAA4B;QAE5B,MAAM,OAAO,GAAG,OAAO,EAAE,OAAO,IAAI,eAAe,CAAC;QACpD,MAAM,YAAY,GAAG,OAAO,EAAE,YAAY,IAAI,qBAAqB,CAAC;QAEpE,8BAA8B;QAC9B,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE;YACjD,MAAM,EAAE,OAAO,EAAE,MAAM;YACvB,OAAO;SACV,CAAC,CAAC;QAEH,kCAAkC;QAClC,IAAI,OAAO,EAAE,SAAS,EAAE,CAAC;YACrB,OAAO,CAAC,SAAS,CAAC,UAAU,CAAC,OAAO,EAAE,UAAU,CAAC,KAAK,CAAC,CAAC;QAC5D,CAAC;QAED,iCAAiC;QACjC,IAAI,aAAwC,CAAC;QAC7C,IAAI,OAAO,EAAE,aAAa,EAAE,CAAC;YACzB,IAAI,OAAO,OAAO,CAAC,aAAa,KAAK,UAAU,EAAE,CAAC;gBAC9C,2DAA2D;gBAC3D,aAAa,GAAG,MAAM,OAAO,CAAC,aAAa,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC;YAClE,CAAC;iBAAM,CAAC;gBACJ,aAAa,GAAG,OAAO,CAAC,aAAa,CAAC;YAC1C,CAAC;QACL,CAAC;QAED,0BAA0B;QAC1B,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAC7B,IAAI,OAAO,GAAG,CAAC,CAAC;QAEhB,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,GAAG,OAAO,EAAE,CAAC;YACtC,OAAO,EAAE,CAAC;YAEV,6CAA6C;YAC7C,IAAI,OAAO,GAAG,CAAC,EAAE,CAAC;gBACd,MAAM,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC;YACnC,CAAC;YAED,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC,KAAK,EAAE,aAAa,CAAC,CAAC;YAEzE,6BAA6B;YAC7B,IAAI,OAAO,EAAE,MAAM,EAAE,CAAC;gBAClB,OAAO,CAAC,MAAM,CAAC,OAAO,EAAE,UAAU,CAAC,MAAM,CAAC,CAAC;YAC/C,CAAC;YAED,4BAA4B;YAC5B,QAAQ,UAAU,CAAC,MAAM,EAAE,CAAC;gBACxB,KAAK,WAAW;oBACZ,IAAI,CAAC,UAAU,CAAC,MAAM,IAAI,CAAC,UAAU,CAAC,WAAW,EAAE,CAAC;wBAChD,MAAM,IAAI,mBAAU,CAChB,gBAAgB,EAChB,6CAA6C,CAChD,CAAC;oBACN,CAAC;oBACD,OAAO;wBACH,OAAO,EAAE,IAAI;wBACb,IAAI,EAAE,UAAU,CAAC,MAAM;wBACvB,WAAW,EAAE,UAAU,CAAC,WAAW;qBACtC,CAAC;gBAEN,KAAK,QAAQ;oBACT,MAAM,mBAAU,CAAC,YAAY,CACzB,UAAU,CAAC,KAAK,IAAI,EAAE,IAAI,EAAE,sBAAsB,EAAE,OAAO,EAAE,qBAAqB,EAAE,CACvF,CAAC;gBAEN,KAAK,SAAS;oBACV,MAAM,IAAI,mBAAU,CAChB,eAAe,EACf,oBAAoB,CACvB,CAAC;gBAEN,KAAK,SAAS;oBACV,mBAAmB;oBACnB,MAAM;YACd,CAAC;QACL,CAAC;QAED,kBAAkB;QAClB,MAAM,IAAI,mBAAU,CAChB,eAAe,EACf,sCAAsC,OAAO,IAAI,CACpD,CAAC;IACN,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,KAAK,CACf,IAAY,EACZ,OAAoB;QAEpB,MAAM,GAAG,GAAG,GAAG,IAAI,CAAC,QAAQ,GAAG,IAAI,EAAE,CAAC;QAEtC,IAAI,CAAC;YACD,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;gBAC9B,GAAG,OAAO;gBACV,OAAO,EAAE;oBACL,cAAc,EAAE,kBAAkB;oBAClC,GAAG,OAAO,CAAC,OAAO;iBACrB;aACJ,CAAC,CAAC;YAEH,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YACnC,OAAO,IAAS,CAAC;QACrB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACb,IAAI,KAAK,YAAY,mBAAU,EAAE,CAAC;gBAC9B,MAAM,KAAK,CAAC;YAChB,CAAC;YAED,MAAM,IAAI,mBAAU,CAChB,eAAe,EACf,oCAAqC,KAAe,CAAC,OAAO,EAAE,EAC9D,EAAE,GAAG,EAAE,aAAa,EAAE,MAAM,CAAC,KAAK,CAAC,EAAE,CACxC,CAAC;QACN,CAAC;IACL,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,EAAU;QACpB,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,CAAC;IAC7D,CAAC;CACJ;AA7OD,0CA6OC"}
|
|
@@ -28,4 +28,4 @@ export { OAuthError } from "./errors";
|
|
|
28
28
|
export { verifyAttestation, verifyOAuthAttestation } from "./verification";
|
|
29
29
|
export type { OAuthErrorCode } from "./errors";
|
|
30
30
|
export type { VerifyAttestationOptions, AttestationVerificationResult, } from "./verification";
|
|
31
|
-
export type { KeyServerClientConfig, OAuthService, OAuthInitOptions, OAuthInitResult, OAuthPollResult, OAuthVerifyOptions, OAuthVerificationResult, OAuthStatus, OAuthUserInfo, DAHRAttestation, OAuthProvidersResponse, } from "./types";
|
|
31
|
+
export type { KeyServerClientConfig, OAuthService, OAuthInitOptions, OAuthInitResult, OAuthPollResult, OAuthVerifyOptions, OAuthVerificationResult, OAuthStatus, OAuthUserInfo, DAHRAttestation, OAuthProvidersResponse, WalletBinding, } from "./types";
|
|
@@ -8,6 +8,23 @@
|
|
|
8
8
|
* Supported OAuth providers
|
|
9
9
|
*/
|
|
10
10
|
export type OAuthService = "github" | "discord";
|
|
11
|
+
/**
|
|
12
|
+
* Wallet binding for OAuth verification.
|
|
13
|
+
* Proves ownership of a wallet address during OAuth flow.
|
|
14
|
+
*/
|
|
15
|
+
export interface WalletBinding {
|
|
16
|
+
/** The wallet address to bind to this OAuth verification */
|
|
17
|
+
address: string;
|
|
18
|
+
/**
|
|
19
|
+
* Signature proving ownership of the wallet address.
|
|
20
|
+
* The message signed should be: "demos-oauth-bind:{state}" where state is from initiateOAuth.
|
|
21
|
+
* For EVM: personal_sign or eth_sign
|
|
22
|
+
* For Solana: signMessage
|
|
23
|
+
*/
|
|
24
|
+
signature: string;
|
|
25
|
+
/** Signature scheme used (for verification on receiving end) */
|
|
26
|
+
signatureType: "evm" | "solana" | "ed25519";
|
|
27
|
+
}
|
|
11
28
|
/**
|
|
12
29
|
* Options for initiating an OAuth flow
|
|
13
30
|
*/
|
|
@@ -16,6 +33,13 @@ export interface OAuthInitOptions {
|
|
|
16
33
|
scopes?: string[];
|
|
17
34
|
/** Flow timeout in milliseconds (default: 600000 = 10min) */
|
|
18
35
|
timeout?: number;
|
|
36
|
+
/**
|
|
37
|
+
* Wallet address to associate with this OAuth verification.
|
|
38
|
+
* This address will be included in the DAHR attestation metadata.
|
|
39
|
+
* Overrides defaultWalletAddress from KeyServerClientConfig if both are set.
|
|
40
|
+
* @deprecated Use walletBinding for signed wallet proof instead
|
|
41
|
+
*/
|
|
42
|
+
walletAddress?: string;
|
|
19
43
|
}
|
|
20
44
|
/**
|
|
21
45
|
* Result from initiating an OAuth flow
|
|
@@ -77,6 +101,12 @@ export interface DAHRAttestation {
|
|
|
77
101
|
nodePubKey: string;
|
|
78
102
|
/** Key Server version */
|
|
79
103
|
version: string;
|
|
104
|
+
/**
|
|
105
|
+
* Wallet binding included in the attestation.
|
|
106
|
+
* Contains the wallet address and signature proving ownership.
|
|
107
|
+
* The Key Server verifies this signature before including it.
|
|
108
|
+
*/
|
|
109
|
+
walletBinding?: WalletBinding;
|
|
80
110
|
};
|
|
81
111
|
}
|
|
82
112
|
/**
|
|
@@ -102,7 +132,8 @@ export interface OAuthPollResult {
|
|
|
102
132
|
*/
|
|
103
133
|
export interface OAuthVerifyOptions extends OAuthInitOptions {
|
|
104
134
|
/**
|
|
105
|
-
* Called when auth URL is ready - dApp should display this to user
|
|
135
|
+
* Called when auth URL is ready - dApp should display this to user.
|
|
136
|
+
* The state is needed for wallet binding signature.
|
|
106
137
|
*/
|
|
107
138
|
onAuthUrl?: (authUrl: string, state: string) => void;
|
|
108
139
|
/**
|
|
@@ -113,6 +144,24 @@ export interface OAuthVerifyOptions extends OAuthInitOptions {
|
|
|
113
144
|
* Called on each poll attempt (for UI feedback)
|
|
114
145
|
*/
|
|
115
146
|
onPoll?: (attempt: number, status: OAuthStatus) => void;
|
|
147
|
+
/**
|
|
148
|
+
* Wallet binding with signature proving ownership.
|
|
149
|
+
* The signature message format is: "demos-oauth-bind:{state}"
|
|
150
|
+
* This is called after initiateOAuth to get the state for signing.
|
|
151
|
+
*
|
|
152
|
+
* @example
|
|
153
|
+
* ```typescript
|
|
154
|
+
* const result = await client.verifyOAuth("github", {
|
|
155
|
+
* onAuthUrl: async (authUrl, state) => {
|
|
156
|
+
* // Sign with user's wallet
|
|
157
|
+
* const message = `demos-oauth-bind:${state}`;
|
|
158
|
+
* const signature = await wallet.signMessage(message);
|
|
159
|
+
* return { address: wallet.address, signature, signatureType: "evm" };
|
|
160
|
+
* },
|
|
161
|
+
* });
|
|
162
|
+
* ```
|
|
163
|
+
*/
|
|
164
|
+
walletBinding?: WalletBinding | ((state: string) => Promise<WalletBinding>);
|
|
116
165
|
}
|
|
117
166
|
/**
|
|
118
167
|
* Result from the convenience verifyOAuth method
|
|
@@ -133,6 +182,11 @@ export interface KeyServerClientConfig {
|
|
|
133
182
|
endpoint: string;
|
|
134
183
|
/** Node's public key (hex-encoded Ed25519) */
|
|
135
184
|
nodePubKey: string;
|
|
185
|
+
/**
|
|
186
|
+
* Default wallet address to associate with OAuth verifications.
|
|
187
|
+
* Can be overridden per-request via OAuthInitOptions.walletAddress.
|
|
188
|
+
*/
|
|
189
|
+
defaultWalletAddress?: string;
|
|
136
190
|
}
|
|
137
191
|
/**
|
|
138
192
|
* Response from GET /oauth/providers
|
|
@@ -5,7 +5,7 @@
|
|
|
5
5
|
* Allows consuming apps to independently verify that the Key Server
|
|
6
6
|
* actually performed the OAuth verification.
|
|
7
7
|
*/
|
|
8
|
-
import type { DAHRAttestation, OAuthVerificationResult } from "./types";
|
|
8
|
+
import type { DAHRAttestation, OAuthVerificationResult, WalletBinding } from "./types";
|
|
9
9
|
/**
|
|
10
10
|
* Options for attestation verification
|
|
11
11
|
*/
|
|
@@ -35,6 +35,8 @@ export interface AttestationVerificationResult {
|
|
|
35
35
|
keyServerPubKey: string;
|
|
36
36
|
nodePubKey: string;
|
|
37
37
|
version: string;
|
|
38
|
+
/** Wallet binding if present in attestation */
|
|
39
|
+
walletBinding?: WalletBinding;
|
|
38
40
|
};
|
|
39
41
|
}
|
|
40
42
|
/**
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"verification.js","sourceRoot":"","sources":["../../../src/keyserver/verification.ts"],"names":[],"mappings":";AAAA;;;;;;GAMG;;
|
|
1
|
+
{"version":3,"file":"verification.js","sourceRoot":"","sources":["../../../src/keyserver/verification.ts"],"names":[],"mappings":";AAAA;;;;;;GAMG;;AAuEH,8CAmFC;AAYD,wDAaC;AAjLD,6CAA4C;AAyC5C;;;;;;;;;;;;;;;;;;;;;;;;;;;GA2BG;AACH,SAAgB,iBAAiB,CAC7B,WAA4B,EAC5B,eAAuB,EACvB,OAAkC;IAElC,MAAM,MAAM,GAAG,OAAO,EAAE,MAAM,IAAI,OAAO,CAAC,CAAC,iBAAiB;IAE5D,iCAAiC;IACjC,IAAI,CAAC,WAAW,IAAI,CAAC,WAAW,CAAC,SAAS,IAAI,CAAC,WAAW,CAAC,QAAQ,EAAE,CAAC;QAClE,OAAO;YACH,KAAK,EAAE,KAAK;YACZ,MAAM,EAAE,+BAA+B;SAC1C,CAAC;IACN,CAAC;IAED,uBAAuB;IACvB,IAAI,WAAW,CAAC,SAAS,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;QAC3C,OAAO;YACH,KAAK,EAAE,KAAK;YACZ,MAAM,EAAE,+BAA+B,WAAW,CAAC,SAAS,CAAC,IAAI,EAAE;SACtE,CAAC;IACN,CAAC;IAED,sCAAsC;IACtC,IAAI,WAAW,CAAC,QAAQ,CAAC,eAAe,KAAK,eAAe,EAAE,CAAC;QAC3D,OAAO;YACH,KAAK,EAAE,KAAK;YACZ,MAAM,EAAE,gCAAgC;YACxC,QAAQ,EAAE,WAAW,CAAC,QAAQ;SACjC,CAAC;IACN,CAAC;IAED,oCAAoC;IACpC,IACI,OAAO,EAAE,kBAAkB;QAC3B,WAAW,CAAC,QAAQ,CAAC,UAAU,KAAK,OAAO,CAAC,kBAAkB,EAChE,CAAC;QACC,OAAO;YACH,KAAK,EAAE,KAAK;YACZ,MAAM,EAAE,0BAA0B;YAClC,QAAQ,EAAE,WAAW,CAAC,QAAQ;SACjC,CAAC;IACN,CAAC;IAED,mCAAmC;IACnC,IAAI,MAAM,GAAG,CAAC,EAAE,CAAC;QACb,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,WAAW,CAAC,QAAQ,CAAC,SAAS,CAAC;QACxD,IAAI,GAAG,GAAG,MAAM,EAAE,CAAC;YACf,OAAO;gBACH,KAAK,EAAE,KAAK;gBACZ,MAAM,EAAE,6BAA6B,IAAI,CAAC,KAAK,CAAC,GAAG,GAAG,IAAI,CAAC,WAAW,IAAI,CAAC,KAAK,CAAC,MAAM,GAAG,IAAI,CAAC,IAAI;gBACnG,QAAQ,EAAE,WAAW,CAAC,QAAQ;aACjC,CAAC;QACN,CAAC;IACL,CAAC;IAED,6CAA6C;IAC7C,IAAI,CAAC;QACD,MAAM,OAAO,GAAG,yBAAY,CAAC,OAAO,CAAC,MAAM,CACvC,WAAW,CAAC,YAAY,EACxB,WAAW,CAAC,WAAW,CAAC,SAAS,CAAC,IAAI,CAAC,EACvC,WAAW,CAAC,eAAe,CAAC,CAC/B,CAAC;QAEF,IAAI,CAAC,OAAO,EAAE,CAAC;YACX,OAAO;gBACH,KAAK,EAAE,KAAK;gBACZ,MAAM,EAAE,+BAA+B;gBACvC,QAAQ,EAAE,WAAW,CAAC,QAAQ;aACjC,CAAC;QACN,CAAC;QAED,OAAO;YACH,KAAK,EAAE,IAAI;YACX,QAAQ,EAAE,WAAW,CAAC,QAAQ;SACjC,CAAC;IACN,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACb,OAAO;YACH,KAAK,EAAE,KAAK;YACZ,MAAM,EAAE,iCAAkC,KAAe,CAAC,OAAO,EAAE;YACnE,QAAQ,EAAE,WAAW,CAAC,QAAQ;SACjC,CAAC;IACN,CAAC;AACL,CAAC;AAED;;;;;;;;;GASG;AACH,SAAgB,sBAAsB,CAClC,MAA+B,EAC/B,eAAuB,EACvB,OAAkC;IAElC,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC;QACtB,OAAO;YACH,KAAK,EAAE,KAAK;YACZ,MAAM,EAAE,0BAA0B;SACrC,CAAC;IACN,CAAC;IAED,OAAO,iBAAiB,CAAC,MAAM,CAAC,WAAW,EAAE,eAAe,EAAE,OAAO,CAAC,CAAC;AAC3E,CAAC;AAED;;GAEG;AACH,SAAS,WAAW,CAAC,GAAW;IAC5B,8BAA8B;IAC9B,MAAM,QAAQ,GAAG,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;IAC3D,OAAO,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;AACxC,CAAC"}
|
|
@@ -0,0 +1,161 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* TLSNotary - Browser-based HTTPS Attestation
|
|
3
|
+
*
|
|
4
|
+
* This module provides TLSNotary attestation capabilities for the Demos SDK.
|
|
5
|
+
* It runs the TLSNotary Prover in a Web Worker using WASM, communicates with
|
|
6
|
+
* a Notary server, and produces cryptographic proofs of HTTPS requests.
|
|
7
|
+
*
|
|
8
|
+
* NOTE: This module is browser-only. It requires Web Workers and WASM support.
|
|
9
|
+
*
|
|
10
|
+
* @example
|
|
11
|
+
* ```typescript
|
|
12
|
+
* import { TLSNotary } from '@kynesyslabs/demosdk/tlsnotary';
|
|
13
|
+
*
|
|
14
|
+
* // Option 1: Explicit configuration
|
|
15
|
+
* const tlsn = new TLSNotary({
|
|
16
|
+
* notaryUrl: 'wss://node.demos.sh:7047',
|
|
17
|
+
* websocketProxyUrl: 'wss://node.demos.sh:55688',
|
|
18
|
+
* });
|
|
19
|
+
*
|
|
20
|
+
* // Option 2: Discovery via Demos instance (preferred)
|
|
21
|
+
* const demos = new Demos({ rpc: 'https://node.demos.sh' });
|
|
22
|
+
* const tlsn = await demos.tlsnotary();
|
|
23
|
+
*
|
|
24
|
+
* await tlsn.initialize();
|
|
25
|
+
*
|
|
26
|
+
* const result = await tlsn.attest({
|
|
27
|
+
* url: 'https://api.github.com/users/octocat',
|
|
28
|
+
* headers: { 'User-Agent': 'DemosSDK' },
|
|
29
|
+
* });
|
|
30
|
+
*
|
|
31
|
+
* console.log('Verified server:', result.verification.serverName);
|
|
32
|
+
* console.log('Response:', result.verification.recv);
|
|
33
|
+
* ```
|
|
34
|
+
*/
|
|
35
|
+
import type { PresentationJSON } from "tlsn-js/build/types";
|
|
36
|
+
import type { TLSNotaryConfig, AttestRequest, AttestResult, CommitRanges, VerificationResult, AttestOptions, StatusCallback, TranscriptInfo } from "./types";
|
|
37
|
+
/**
|
|
38
|
+
* TLSNotary class for browser-based HTTPS attestation
|
|
39
|
+
*
|
|
40
|
+
* This class handles:
|
|
41
|
+
* - Running the Prover (MPC-TLS client) in the browser via WASM
|
|
42
|
+
* - Communicating with the Demos Node's Notary server
|
|
43
|
+
* - Attesting HTTPS requests with cryptographic proofs
|
|
44
|
+
* - Verifying attestations offline
|
|
45
|
+
*/
|
|
46
|
+
export declare class TLSNotary {
|
|
47
|
+
private config;
|
|
48
|
+
private worker;
|
|
49
|
+
private wasm;
|
|
50
|
+
private initialized;
|
|
51
|
+
private initializingPromise;
|
|
52
|
+
/**
|
|
53
|
+
* Create a new TLSNotary instance
|
|
54
|
+
*
|
|
55
|
+
* @param config - Configuration with notary and proxy URLs
|
|
56
|
+
*/
|
|
57
|
+
constructor(config: TLSNotaryConfig);
|
|
58
|
+
/**
|
|
59
|
+
* Initialize the WASM module
|
|
60
|
+
*
|
|
61
|
+
* Must be called before any attestation operations.
|
|
62
|
+
* Only needs to be called once per page load.
|
|
63
|
+
*
|
|
64
|
+
* @throws Error if WASM initialization fails
|
|
65
|
+
*/
|
|
66
|
+
initialize(): Promise<void>;
|
|
67
|
+
/**
|
|
68
|
+
* Attest an HTTPS request using the step-by-step method
|
|
69
|
+
*
|
|
70
|
+
* This provides full control over the attestation process including
|
|
71
|
+
* custom commit ranges for selective disclosure.
|
|
72
|
+
*
|
|
73
|
+
* @param request - Request configuration (URL, method, headers, body)
|
|
74
|
+
* @param commit - Optional commit ranges for selective disclosure
|
|
75
|
+
* @param onStatus - Optional status callback for progress updates
|
|
76
|
+
* @returns Attestation result with proof and verification
|
|
77
|
+
*
|
|
78
|
+
* @example
|
|
79
|
+
* ```typescript
|
|
80
|
+
* const result = await tlsn.attest({
|
|
81
|
+
* url: 'https://api.example.com/user',
|
|
82
|
+
* method: 'GET',
|
|
83
|
+
* headers: { 'Authorization': 'Bearer token' },
|
|
84
|
+
* }, {
|
|
85
|
+
* // Hide authorization header in the proof
|
|
86
|
+
* sent: [{ start: 0, end: 50 }, { start: 100, end: 200 }],
|
|
87
|
+
* recv: [{ start: 0, end: 500 }],
|
|
88
|
+
* });
|
|
89
|
+
* ```
|
|
90
|
+
*/
|
|
91
|
+
attest(request: AttestRequest, commit?: CommitRanges, onStatus?: StatusCallback): Promise<AttestResult>;
|
|
92
|
+
/**
|
|
93
|
+
* Quick attestation using the helper method
|
|
94
|
+
*
|
|
95
|
+
* Simpler API with less control over the process.
|
|
96
|
+
* Good for straightforward use cases.
|
|
97
|
+
*
|
|
98
|
+
* @param options - Attestation options including request and commit config
|
|
99
|
+
* @returns Attestation result with proof and verification
|
|
100
|
+
*
|
|
101
|
+
* @example
|
|
102
|
+
* ```typescript
|
|
103
|
+
* const result = await tlsn.attestQuick({
|
|
104
|
+
* url: 'https://api.coingecko.com/api/v3/simple/price?ids=bitcoin&vs_currencies=usd',
|
|
105
|
+
* });
|
|
106
|
+
* ```
|
|
107
|
+
*/
|
|
108
|
+
attestQuick(options: AttestOptions): Promise<AttestResult>;
|
|
109
|
+
/**
|
|
110
|
+
* Verify a presentation/proof
|
|
111
|
+
*
|
|
112
|
+
* Can be used to verify proofs from other sources.
|
|
113
|
+
* This operation can be done offline.
|
|
114
|
+
*
|
|
115
|
+
* @param presentationJSON - The presentation to verify
|
|
116
|
+
* @returns Verification result with extracted data
|
|
117
|
+
*
|
|
118
|
+
* @example
|
|
119
|
+
* ```typescript
|
|
120
|
+
* // Load a saved proof
|
|
121
|
+
* const savedProof = JSON.parse(localStorage.getItem('proof'));
|
|
122
|
+
* const result = await tlsn.verify(savedProof);
|
|
123
|
+
*
|
|
124
|
+
* console.log('Server:', result.serverName);
|
|
125
|
+
* console.log('Time:', new Date(result.time * 1000));
|
|
126
|
+
* console.log('Response:', result.recv);
|
|
127
|
+
* ```
|
|
128
|
+
*/
|
|
129
|
+
verify(presentationJSON: PresentationJSON): Promise<VerificationResult>;
|
|
130
|
+
/**
|
|
131
|
+
* Get the transcript from an attestation for inspection
|
|
132
|
+
*
|
|
133
|
+
* Useful for determining commit ranges for selective disclosure.
|
|
134
|
+
*
|
|
135
|
+
* @param request - Request to send (without creating attestation)
|
|
136
|
+
* @returns Transcript with sent and received bytes
|
|
137
|
+
*/
|
|
138
|
+
getTranscript(request: AttestRequest): Promise<TranscriptInfo>;
|
|
139
|
+
/**
|
|
140
|
+
* Cleanup resources
|
|
141
|
+
*
|
|
142
|
+
* Call when done with TLSNotary to release the Web Worker.
|
|
143
|
+
*/
|
|
144
|
+
destroy(): void;
|
|
145
|
+
/**
|
|
146
|
+
* Check if WASM is initialized
|
|
147
|
+
*/
|
|
148
|
+
isInitialized(): boolean;
|
|
149
|
+
/**
|
|
150
|
+
* Get current configuration
|
|
151
|
+
*/
|
|
152
|
+
getConfig(): TLSNotaryConfig;
|
|
153
|
+
/**
|
|
154
|
+
* Update configuration
|
|
155
|
+
*
|
|
156
|
+
* Note: Changes take effect on next attestation.
|
|
157
|
+
* If changing notary URL, you may want to re-initialize.
|
|
158
|
+
*/
|
|
159
|
+
updateConfig(config: Partial<TLSNotaryConfig>): void;
|
|
160
|
+
}
|
|
161
|
+
export default TLSNotary;
|