@ledgerhq/device-trusted-app-kit-ledger-keyring-protocol 0.0.0-ledger-button-20250808091712 → 0.0.0-legacy-speculos-datasource-20250819074123

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (206) hide show
  1. package/lib/cjs/api/LedgerKeyringProtocol.js +1 -1
  2. package/lib/cjs/api/LedgerKeyringProtocol.js.map +1 -1
  3. package/lib/cjs/api/LedgerKeyringProtocolBuilder.js +1 -1
  4. package/lib/cjs/api/LedgerKeyringProtocolBuilder.js.map +3 -3
  5. package/lib/cjs/api/app-binder/AddToTrustchainDeviceActionTypes.js +1 -1
  6. package/lib/cjs/api/app-binder/AddToTrustchainDeviceActionTypes.js.map +1 -1
  7. package/lib/cjs/api/app-binder/AuthenticateDeviceActionTypes.js +1 -1
  8. package/lib/cjs/api/app-binder/AuthenticateDeviceActionTypes.js.map +1 -1
  9. package/lib/cjs/api/app-binder/Errors.js +1 -1
  10. package/lib/cjs/api/app-binder/Errors.js.map +3 -3
  11. package/lib/cjs/api/app-binder/LKRPTypes.js +1 -1
  12. package/lib/cjs/api/app-binder/LKRPTypes.js.map +3 -3
  13. package/lib/cjs/api/app-binder/SignBlockHeaderCommandTypes.js +1 -1
  14. package/lib/cjs/api/app-binder/SignBlockHeaderCommandTypes.js.map +1 -1
  15. package/lib/cjs/internal/DefaultLedgerKeyringProtocol.js +1 -1
  16. package/lib/cjs/internal/DefaultLedgerKeyringProtocol.js.map +3 -3
  17. package/lib/cjs/internal/app-binder/LedgerKeyringProtocolBinder.js +1 -1
  18. package/lib/cjs/internal/app-binder/LedgerKeyringProtocolBinder.js.map +3 -3
  19. package/lib/cjs/internal/app-binder/command/SetTrustedMemberCommand.js +1 -1
  20. package/lib/cjs/internal/app-binder/command/SetTrustedMemberCommand.js.map +3 -3
  21. package/lib/cjs/internal/app-binder/command/SignBlockHeader.js +1 -1
  22. package/lib/cjs/internal/app-binder/command/SignBlockHeader.js.map +3 -3
  23. package/lib/cjs/internal/app-binder/command/SignBlockHeader.test.js +1 -1
  24. package/lib/cjs/internal/app-binder/command/SignBlockHeader.test.js.map +3 -3
  25. package/lib/cjs/internal/app-binder/device-action/AddToTrustchainDeviceAction.js +1 -1
  26. package/lib/cjs/internal/app-binder/device-action/AddToTrustchainDeviceAction.js.map +3 -3
  27. package/lib/cjs/internal/app-binder/device-action/AuthenticateDeviceAction.js +1 -1
  28. package/lib/cjs/internal/app-binder/device-action/AuthenticateDeviceAction.js.map +2 -2
  29. package/lib/cjs/internal/app-binder/task/ParseStreamToDeviceTask.js +1 -1
  30. package/lib/cjs/internal/app-binder/task/ParseStreamToDeviceTask.js.map +3 -3
  31. package/lib/cjs/internal/app-binder/task/SignBlockTask.js +1 -1
  32. package/lib/cjs/internal/app-binder/task/SignBlockTask.js.map +3 -3
  33. package/lib/cjs/internal/app-binder/task/SignChallengeWithKeypairTask.js +1 -1
  34. package/lib/cjs/internal/app-binder/task/SignChallengeWithKeypairTask.js.map +2 -2
  35. package/lib/cjs/internal/app-binder/task/utils/TrustedProperties.js +1 -1
  36. package/lib/cjs/internal/app-binder/task/utils/TrustedProperties.js.map +3 -3
  37. package/lib/cjs/internal/di.js +1 -1
  38. package/lib/cjs/internal/di.js.map +3 -3
  39. package/lib/cjs/internal/externalTypes.js +1 -1
  40. package/lib/cjs/internal/externalTypes.js.map +2 -2
  41. package/lib/cjs/internal/lkrp-datasource/data/HttpLKRPDataSource.js +1 -1
  42. package/lib/cjs/internal/lkrp-datasource/data/HttpLKRPDataSource.js.map +3 -3
  43. package/lib/cjs/internal/lkrp-datasource/data/HttpLKRPDataSource.test.js +1 -1
  44. package/lib/cjs/internal/lkrp-datasource/data/HttpLKRPDataSource.test.js.map +2 -2
  45. package/lib/cjs/internal/lkrp-datasource/data/LKRPDataSource.js +1 -1
  46. package/lib/cjs/internal/lkrp-datasource/data/LKRPDataSource.js.map +1 -1
  47. package/lib/cjs/internal/use-cases/authentication/AuthenticateUseCase.js +1 -1
  48. package/lib/cjs/internal/use-cases/authentication/AuthenticateUseCase.js.map +3 -3
  49. package/lib/cjs/internal/utils/LKRPBlock.js.map +2 -2
  50. package/lib/cjs/internal/utils/LKRPBlock.test.js +1 -1
  51. package/lib/cjs/internal/utils/LKRPBlock.test.js.map +3 -3
  52. package/lib/cjs/internal/utils/LKRPBlockStream.js +2 -2
  53. package/lib/cjs/internal/utils/LKRPBlockStream.js.map +3 -3
  54. package/lib/cjs/internal/utils/LKRPBlockStream.test.js +3 -3
  55. package/lib/cjs/internal/utils/LKRPBlockStream.test.js.map +3 -3
  56. package/lib/cjs/internal/utils/LKRPCommand.js +2 -2
  57. package/lib/cjs/internal/utils/LKRPCommand.js.map +3 -3
  58. package/lib/cjs/internal/utils/LKRPCommand.test.js +1 -1
  59. package/lib/cjs/internal/utils/LKRPCommand.test.js.map +3 -3
  60. package/lib/cjs/internal/utils/TLVBuilder.js +1 -1
  61. package/lib/cjs/internal/utils/TLVBuilder.js.map +3 -3
  62. package/lib/cjs/internal/utils/TLVParser.js +1 -1
  63. package/lib/cjs/internal/utils/TLVParser.js.map +3 -3
  64. package/lib/cjs/internal/utils/TLVParser.test.js +1 -1
  65. package/lib/cjs/internal/utils/TLVParser.test.js.map +3 -3
  66. package/lib/cjs/internal/{models/Tags.js → utils/TLVTags.js} +1 -1
  67. package/lib/cjs/internal/{models/Tags.js.map → utils/TLVTags.js.map} +2 -2
  68. package/lib/cjs/internal/utils/hex.js +1 -1
  69. package/lib/cjs/internal/utils/hex.js.map +3 -3
  70. package/lib/cjs/internal/utils/types.js +2 -0
  71. package/lib/cjs/internal/utils/types.js.map +7 -0
  72. package/lib/esm/api/LedgerKeyringProtocolBuilder.js +1 -1
  73. package/lib/esm/api/LedgerKeyringProtocolBuilder.js.map +3 -3
  74. package/lib/esm/api/app-binder/Errors.js +1 -1
  75. package/lib/esm/api/app-binder/Errors.js.map +3 -3
  76. package/lib/esm/api/app-binder/LKRPTypes.js +1 -1
  77. package/lib/esm/api/app-binder/LKRPTypes.js.map +3 -3
  78. package/lib/esm/internal/DefaultLedgerKeyringProtocol.js +1 -1
  79. package/lib/esm/internal/DefaultLedgerKeyringProtocol.js.map +3 -3
  80. package/lib/esm/internal/app-binder/LedgerKeyringProtocolBinder.js +1 -1
  81. package/lib/esm/internal/app-binder/LedgerKeyringProtocolBinder.js.map +3 -3
  82. package/lib/esm/internal/app-binder/command/SetTrustedMemberCommand.js +1 -1
  83. package/lib/esm/internal/app-binder/command/SetTrustedMemberCommand.js.map +2 -2
  84. package/lib/esm/internal/app-binder/command/SignBlockHeader.js +1 -1
  85. package/lib/esm/internal/app-binder/command/SignBlockHeader.js.map +3 -3
  86. package/lib/esm/internal/app-binder/command/SignBlockHeader.test.js +1 -1
  87. package/lib/esm/internal/app-binder/command/SignBlockHeader.test.js.map +3 -3
  88. package/lib/esm/internal/app-binder/device-action/AddToTrustchainDeviceAction.js +1 -1
  89. package/lib/esm/internal/app-binder/device-action/AddToTrustchainDeviceAction.js.map +3 -3
  90. package/lib/esm/internal/app-binder/device-action/AuthenticateDeviceAction.js +1 -1
  91. package/lib/esm/internal/app-binder/device-action/AuthenticateDeviceAction.js.map +3 -3
  92. package/lib/esm/internal/app-binder/task/ParseStreamToDeviceTask.js +1 -1
  93. package/lib/esm/internal/app-binder/task/ParseStreamToDeviceTask.js.map +3 -3
  94. package/lib/esm/internal/app-binder/task/SignBlockTask.js +1 -1
  95. package/lib/esm/internal/app-binder/task/SignBlockTask.js.map +3 -3
  96. package/lib/esm/internal/app-binder/task/SignChallengeWithKeypairTask.js +1 -1
  97. package/lib/esm/internal/app-binder/task/SignChallengeWithKeypairTask.js.map +3 -3
  98. package/lib/esm/internal/app-binder/task/utils/TrustedProperties.js +1 -1
  99. package/lib/esm/internal/app-binder/task/utils/TrustedProperties.js.map +3 -3
  100. package/lib/esm/internal/di.js +1 -1
  101. package/lib/esm/internal/di.js.map +3 -3
  102. package/lib/esm/internal/externalTypes.js +1 -1
  103. package/lib/esm/internal/externalTypes.js.map +2 -2
  104. package/lib/esm/internal/lkrp-datasource/data/HttpLKRPDataSource.js +1 -1
  105. package/lib/esm/internal/lkrp-datasource/data/HttpLKRPDataSource.js.map +3 -3
  106. package/lib/esm/internal/lkrp-datasource/data/HttpLKRPDataSource.test.js +1 -1
  107. package/lib/esm/internal/lkrp-datasource/data/HttpLKRPDataSource.test.js.map +3 -3
  108. package/lib/esm/internal/use-cases/authentication/AuthenticateUseCase.js +1 -1
  109. package/lib/esm/internal/use-cases/authentication/AuthenticateUseCase.js.map +3 -3
  110. package/lib/esm/internal/utils/LKRPBlock.js.map +2 -2
  111. package/lib/esm/internal/utils/LKRPBlock.test.js +1 -1
  112. package/lib/esm/internal/utils/LKRPBlock.test.js.map +3 -3
  113. package/lib/esm/internal/utils/LKRPBlockStream.js +2 -2
  114. package/lib/esm/internal/utils/LKRPBlockStream.js.map +3 -3
  115. package/lib/esm/internal/utils/LKRPBlockStream.test.js +3 -3
  116. package/lib/esm/internal/utils/LKRPBlockStream.test.js.map +3 -3
  117. package/lib/esm/internal/utils/LKRPCommand.js +2 -2
  118. package/lib/esm/internal/utils/LKRPCommand.js.map +3 -3
  119. package/lib/esm/internal/utils/LKRPCommand.test.js +1 -1
  120. package/lib/esm/internal/utils/LKRPCommand.test.js.map +3 -3
  121. package/lib/esm/internal/utils/TLVBuilder.js +1 -1
  122. package/lib/esm/internal/utils/TLVBuilder.js.map +2 -2
  123. package/lib/esm/internal/utils/TLVParser.js +1 -1
  124. package/lib/esm/internal/utils/TLVParser.js.map +3 -3
  125. package/lib/esm/internal/utils/TLVParser.test.js +1 -1
  126. package/lib/esm/internal/utils/TLVParser.test.js.map +3 -3
  127. package/lib/esm/internal/{models/Tags.js → utils/TLVTags.js} +1 -1
  128. package/lib/esm/internal/{models/Tags.js.map → utils/TLVTags.js.map} +1 -1
  129. package/lib/esm/internal/utils/hex.js +1 -1
  130. package/lib/esm/internal/utils/hex.js.map +3 -3
  131. package/lib/esm/internal/utils/types.js +1 -0
  132. package/lib/types/api/LedgerKeyringProtocol.d.ts +4 -3
  133. package/lib/types/api/LedgerKeyringProtocol.d.ts.map +1 -1
  134. package/lib/types/api/LedgerKeyringProtocolBuilder.d.ts +3 -8
  135. package/lib/types/api/LedgerKeyringProtocolBuilder.d.ts.map +1 -1
  136. package/lib/types/api/app-binder/AddToTrustchainDeviceActionTypes.d.ts +4 -4
  137. package/lib/types/api/app-binder/AddToTrustchainDeviceActionTypes.d.ts.map +1 -1
  138. package/lib/types/api/app-binder/AuthenticateDeviceActionTypes.d.ts +5 -5
  139. package/lib/types/api/app-binder/AuthenticateDeviceActionTypes.d.ts.map +1 -1
  140. package/lib/types/api/app-binder/Errors.d.ts +12 -38
  141. package/lib/types/api/app-binder/Errors.d.ts.map +1 -1
  142. package/lib/types/api/app-binder/LKRPTypes.d.ts +0 -4
  143. package/lib/types/api/app-binder/LKRPTypes.d.ts.map +1 -1
  144. package/lib/types/api/app-binder/SignBlockHeaderCommandTypes.d.ts +1 -2
  145. package/lib/types/api/app-binder/SignBlockHeaderCommandTypes.d.ts.map +1 -1
  146. package/lib/types/internal/DefaultLedgerKeyringProtocol.d.ts +6 -7
  147. package/lib/types/internal/DefaultLedgerKeyringProtocol.d.ts.map +1 -1
  148. package/lib/types/internal/app-binder/LedgerKeyringProtocolBinder.d.ts +4 -3
  149. package/lib/types/internal/app-binder/LedgerKeyringProtocolBinder.d.ts.map +1 -1
  150. package/lib/types/internal/app-binder/command/SignBlockHeader.d.ts +0 -1
  151. package/lib/types/internal/app-binder/command/SignBlockHeader.d.ts.map +1 -1
  152. package/lib/types/internal/app-binder/device-action/AddToTrustchainDeviceAction.d.ts +2 -2
  153. package/lib/types/internal/app-binder/device-action/AddToTrustchainDeviceAction.d.ts.map +1 -1
  154. package/lib/types/internal/app-binder/device-action/AuthenticateDeviceAction.d.ts +1 -1
  155. package/lib/types/internal/app-binder/device-action/AuthenticateDeviceAction.d.ts.map +1 -1
  156. package/lib/types/internal/app-binder/task/ParseStreamToDeviceTask.d.ts +3 -3
  157. package/lib/types/internal/app-binder/task/ParseStreamToDeviceTask.d.ts.map +1 -1
  158. package/lib/types/internal/app-binder/task/SignBlockTask.d.ts +7 -6
  159. package/lib/types/internal/app-binder/task/SignBlockTask.d.ts.map +1 -1
  160. package/lib/types/internal/app-binder/task/SignChallengeWithKeypairTask.d.ts +3 -2
  161. package/lib/types/internal/app-binder/task/SignChallengeWithKeypairTask.d.ts.map +1 -1
  162. package/lib/types/internal/app-binder/task/utils/TrustedProperties.d.ts +1 -1
  163. package/lib/types/internal/app-binder/task/utils/TrustedProperties.d.ts.map +1 -1
  164. package/lib/types/internal/di.d.ts +1 -4
  165. package/lib/types/internal/di.d.ts.map +1 -1
  166. package/lib/types/internal/externalTypes.d.ts +0 -1
  167. package/lib/types/internal/externalTypes.d.ts.map +1 -1
  168. package/lib/types/internal/lkrp-datasource/data/HttpLKRPDataSource.d.ts +6 -6
  169. package/lib/types/internal/lkrp-datasource/data/HttpLKRPDataSource.d.ts.map +1 -1
  170. package/lib/types/internal/lkrp-datasource/data/LKRPDataSource.d.ts +7 -7
  171. package/lib/types/internal/lkrp-datasource/data/LKRPDataSource.d.ts.map +1 -1
  172. package/lib/types/internal/use-cases/authentication/AuthenticateUseCase.d.ts +2 -2
  173. package/lib/types/internal/use-cases/authentication/AuthenticateUseCase.d.ts.map +1 -1
  174. package/lib/types/internal/utils/LKRPBlock.d.ts +1 -1
  175. package/lib/types/internal/utils/LKRPBlock.d.ts.map +1 -1
  176. package/lib/types/internal/utils/LKRPBlockStream.d.ts +3 -3
  177. package/lib/types/internal/utils/LKRPBlockStream.d.ts.map +1 -1
  178. package/lib/types/internal/utils/LKRPCommand.d.ts +2 -3
  179. package/lib/types/internal/utils/LKRPCommand.d.ts.map +1 -1
  180. package/lib/types/internal/utils/TLVParser.d.ts +2 -3
  181. package/lib/types/internal/utils/TLVParser.d.ts.map +1 -1
  182. package/lib/types/internal/{models/Tags.d.ts → utils/TLVTags.d.ts} +1 -1
  183. package/lib/types/internal/utils/TLVTags.d.ts.map +1 -0
  184. package/lib/types/internal/utils/hex.d.ts.map +1 -1
  185. package/lib/types/internal/{models/LKRPCommandTypes.d.ts → utils/types.d.ts} +29 -6
  186. package/lib/types/internal/utils/types.d.ts.map +1 -0
  187. package/lib/types/tsconfig.prod.tsbuildinfo +1 -1
  188. package/package.json +5 -5
  189. package/lib/cjs/internal/models/LKRPBlockTypes.js +0 -2
  190. package/lib/cjs/internal/models/LKRPBlockTypes.js.map +0 -7
  191. package/lib/cjs/internal/models/LKRPCommandTypes.js +0 -2
  192. package/lib/cjs/internal/models/LKRPCommandTypes.js.map +0 -7
  193. package/lib/cjs/internal/models/Types.js +0 -2
  194. package/lib/cjs/internal/models/Types.js.map +0 -7
  195. package/lib/esm/internal/models/LKRPBlockTypes.js +0 -1
  196. package/lib/esm/internal/models/LKRPCommandTypes.js +0 -1
  197. package/lib/esm/internal/models/LKRPCommandTypes.js.map +0 -7
  198. package/lib/esm/internal/models/Types.js +0 -1
  199. package/lib/esm/internal/models/Types.js.map +0 -7
  200. package/lib/types/internal/models/LKRPBlockTypes.d.ts +0 -11
  201. package/lib/types/internal/models/LKRPBlockTypes.d.ts.map +0 -1
  202. package/lib/types/internal/models/LKRPCommandTypes.d.ts.map +0 -1
  203. package/lib/types/internal/models/Tags.d.ts.map +0 -1
  204. package/lib/types/internal/models/Types.d.ts +0 -14
  205. package/lib/types/internal/models/Types.d.ts.map +0 -1
  206. /package/lib/esm/internal/{models/LKRPBlockTypes.js.map → utils/types.js.map} +0 -0
package/lib/cjs/internal/app-binder/device-action/AddToTrustchainDeviceAction.js.map CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "version": 3,
3
3
  "sources": ["../../../../../src/internal/app-binder/device-action/AddToTrustchainDeviceAction.ts"],
4
- "sourcesContent": ["import {\n type DeviceActionStateMachine,\n hexaStringToBuffer,\n type InternalApi,\n type StateMachineTypes,\n UserInteractionRequired,\n XStateDeviceAction,\n} from \"@ledgerhq/device-management-kit\";\nimport { type Either, EitherAsync, Left, Maybe, Right } from \"purify-ts\";\nimport { assign, fromPromise, setup } from \"xstate\";\n\nimport {\n type AddToTrustchainDAError,\n type AddToTrustchainDAInput,\n type AddToTrustchainDAIntermediateValue,\n type AddToTrustchainDAInternalState,\n type AddToTrustchainDAOutput,\n} from \"@api/app-binder/AddToTrustchainDeviceActionTypes\";\nimport {\n LKRPTrustchainNotReady,\n LKRPUnknownError,\n} from \"@api/app-binder/Errors\";\nimport { type Keypair } from \"@api/index\";\nimport { type LKRPDeviceCommandError } from \"@internal/app-binder/command/utils/ledgerKeyringProtocolErrors\";\nimport { InitTask } from \"@internal/app-binder/task/InitTask\";\nimport {\n ParseStreamToDeviceTask,\n type ParseStreamToDeviceTaskInput,\n} from \"@internal/app-binder/task/ParseStreamToDeviceTask\";\nimport {\n SignBlockTask,\n type SignBlockTaskInput,\n} from \"@internal/app-binder/task/SignBlockTask\";\nimport { eitherSeqRecord } from \"@internal/utils/eitherSeqRecord\";\nimport { required } from \"@internal/utils/required\";\n\nimport { raiseAndAssign } from \"./utils/raiseAndAssign\";\n\nexport class AddToTrustchainDeviceAction extends XStateDeviceAction<\n AddToTrustchainDAOutput,\n AddToTrustchainDAInput,\n AddToTrustchainDAError,\n AddToTrustchainDAIntermediateValue,\n AddToTrustchainDAInternalState\n> {\n makeStateMachine(\n internalApi: InternalApi,\n ): DeviceActionStateMachine<\n AddToTrustchainDAOutput,\n AddToTrustchainDAInput,\n AddToTrustchainDAError,\n AddToTrustchainDAIntermediateValue,\n AddToTrustchainDAInternalState\n > {\n type types = StateMachineTypes<\n AddToTrustchainDAOutput,\n AddToTrustchainDAInput,\n AddToTrustchainDAError,\n AddToTrustchainDAIntermediateValue,\n AddToTrustchainDAInternalState\n >;\n\n const { initCommand, parseStream, signBlock } =\n this.extractDependencies(internalApi);\n\n return setup({\n types: {\n input: {} as types[\"input\"],\n context: {} as types[\"context\"],\n output: {} as types[\"output\"],\n },\n\n actors: {\n initCommand: fromPromise(initCommand),\n parseStream: fromPromise(parseStream),\n signBlock: fromPromise(signBlock),\n },\n\n actions: {\n assignErrorFromEvent: raiseAndAssign(\n ({ event }) =>\n Left(\n new LKRPUnknownError(\n String((event as { error?: unknown }).error),\n ),\n ), // NOTE: it should never happen, the error is not typed anymore here\n ),\n },\n\n guards: {\n isTustchainEmpty: ({ context }) =>\n context.input\n .toMaybe()\n .chain((input) => input.applicationStream.parse().toMaybe())\n .map((blocks) => blocks.length === 0)\n .orDefault(true),\n },\n }).createMachine({\n /** @xstate-layout N4IgpgJg5mDOIC5QEEIQCoHt0CcCusALgMYAWAhgJYB2AImAG6XFjLGGWbUB0AktZUIBlOLE7UAxBC5huNBpgDWsmoIDCmALaby1CAG0ADAF1EoAA6YxHLmZAAPRAEZDAdm6unAFgAcAJi9PLwA2PycAVmCAGhAAT0QAZhDucJDXAE5XcO9wsOCAX3yY1AxsfCIyKjpGZlZ2cT4BYVFxCTAcHEwcbnMAG3JCADMuzTkmjW1dAxM7S2txO0cEdPTuMMN0hKcEnycMwx9ouMQ-cITuDYTg1wOb4PScwuK0LFwCEgoaeiYWNhsefiCESwMRcCSwPDEFggoymJAgOaCBbwpYJVLcBKuLwrQx+dJnbZeGLxBAJALcLxOYLhHGGFx+BJPEAlV7lD5Vb61P4NQHNEGtdqdHCw2ZWJG2FGJdGY7HpXH4rZJYmIXx+NaywKbBk3VyMorMl5ld6VL41X71LjcAAK5BwsDAQkIODA5E0UhkYwUyh6tvtjudrpF8MR-0WiDOwW4wT2ex8CTJ122yoQYR8FzSPkyEWyXiuTJZRoqn2qPzq-2tvodTpdbsFXR6-SGIx9dqrAc0QYsYtDkoQuUjNNcwUC4V2up8yac5JpV2CCTcVJ8XgZ+cNbyLHLNZYaNtb-pr4Mh0NgnYR3eRoCWrlcad1udcpxWu0xyb8fkM3CpwWCBzlSR8o5eKupTruypqltylq7n61aum0HRdKeIYXg4iDXreSSYo+6TPq4yZoucWIrF4dLxlcaLAayxrFpy5rlmopBgMQijIOYfTMAM4j7q6ACi9iUEQEhIeeEqXs4VJeCkN5+D4D4-ocESvm+3APNSP6+GSETpAU+oFqBJollyFo8AxTEsWxvQcf83GaHxAmEEJThwl28yiahCBOE4hwYoYvi+D4dIHLiyYALRTu4bh4mcN43psAGUYWYGGXRDQFnZRA0FANnutQKjUF6shiFA1AAEK9JgzHCa51Bhh5XjLtwAWBIYwQARJU6hXikm5CEnleOEWSUk4CX6TRW6QTwaX8Rl1BZbBtYId0fQDMMOCjEVpXlZVMzBiJNW9t4DKfpEpy7JEmbaaFOxqgk6Tvp5A1-vVerPCBbIGbR26WlN9mZdlEJQqIVXivtYkecOapZD4sleYYhgDd+nUZBSlKpNDWG5CN71jRBxncD9M1ze28FCsDPZg1S4ThBc773IE843IpxwIGFBweLdGyyZhByyVj1Gbrj5YFgAcmAADu2XSLlnpKIVlDFWVFWKGTKFLIdkZDjs2ZtS+zOYh4NxwxkAXpNicZ8xu4FGULhqixL80k-Wy1Nmt3AbYr23OWe1W1d4ewYps0ZTpsmxZKFvhrOEdLXg8LgtbdFtJZ9E347b4v-UeQM7S5IO+xDHijtpgR+PciPM94kZuLieK3XiRvpInH3jXjIvpw7dbCtn3u5wd1LU7iLWm7qVdMySYSSZSpzeDsngl1OhT6tQmAQHAdh6djAvWyhyFuUsYXh-cjUPE+ThxW+w26WuG9Wyllq8sCoKg935PuYEyb1ZJKwrAEERxtkWSNxxlvKClYbKih9r2QI7hKQkSjhsM4pt8JUgpF-KkaJNj1XCIAzet8TKMWYqxdixBOJcBsulQg4Ce5gzlE4A2mEGRPlNgkJSH5vx9xuNiOGYRXDYJvl9SahpyF-XmpQl+atMSRm2KmNwAFUhlxJCFd85x4yjnHpPQIvheHJX4anUodswG7QgRTK4qxoyGB2GbN8qZJzkgeLsH80ZNjw2hlo5OeMhCZxBKI1Wzg4yrBajSe6A1erhE6gFKMDwBrbHxP1O8rjm7lh4otbxu9fEDRSFqUcUNIgHFCi4VYOE5Q4RahsRcOlChAA */\n\n id: \"AddToTrustchainDeviceAction\",\n context: ({ input }) => ({\n input,\n intermediateValue: {\n requiredUserInteraction: UserInteractionRequired.None,\n },\n _internalState: Right({\n sessionKeypair: null,\n }),\n }),\n\n initial: \"InitSession\",\n states: {\n InitSession: {\n on: { success: \"ParseStream\", error: \"Error\" },\n invoke: {\n id: \"initCommand\",\n src: \"initCommand\",\n onError: { actions: \"assignErrorFromEvent\" },\n onDone: {\n actions: raiseAndAssign(({ event }) =>\n event.output.map((sessionKeypair) => ({\n raise: \"success\",\n assign: { sessionKeypair },\n })),\n ),\n },\n },\n },\n\n ParseStream: {\n on: { success: \"CheckApplicationStreamExist\", error: \"Error\" },\n invoke: {\n id: \"parseStream\",\n src: \"parseStream\",\n input: ({ context }) =>\n context.input.chain((input) =>\n required(input.trustchain?.[\"m/\"], \"Missing root stream\")\n .chain((rootStream) => rootStream.parse())\n .chain((blocks) => required(blocks[0], \"Missing seed block\"))\n .map((seedBlock) => ({\n seedBlock,\n applicationStream: input.applicationStream,\n })),\n ),\n onError: { actions: \"assignErrorFromEvent\" },\n onDone: {\n actions: raiseAndAssign(({ event }) =>\n event.output.map(() => ({ raise: \"success\" })),\n ),\n },\n },\n },\n\n CheckApplicationStreamExist: {\n always: [\n { target: \"AddToNewStream\", guard: \"isTustchainEmpty\" },\n { target: \"AddToExistingStream\" },\n ],\n },\n\n AddToExistingStream: {\n on: { success: \"Success\", error: \"Error\" },\n entry: assign({\n intermediateValue: {\n requiredUserInteraction: \"add-ledger-sync\",\n },\n }),\n exit: assign({\n intermediateValue: {\n requiredUserInteraction: UserInteractionRequired.None,\n },\n }),\n invoke: {\n id: \"signBlock\",\n src: \"signBlock\",\n input: ({ context }) =>\n context.input.chain((input) =>\n eitherSeqRecord({\n lkrpDataSource: input.lkrpDataSource,\n trustchainId: input.trustchainId,\n jwt: input.jwt,\n clientName: input.clientName,\n sessionKeypair: () =>\n context._internalState.chain(({ sessionKeypair }) =>\n required(sessionKeypair, \"Missing session keypair\"),\n ),\n path: () =>\n required(\n input.applicationStream.getPath().extract(),\n \"Missing application path\",\n ),\n parent: () =>\n required(\n input.applicationStream\n .parse()\n .toMaybe()\n .chainNullable((blocks) => blocks.at(-1)?.hash())\n .chainNullable(hexaStringToBuffer)\n .extract(),\n \"Missing parent block\",\n ),\n blockFlow: {\n type: \"addMember\",\n data: {\n name: input.clientName,\n publicKey: input.keypair.pubKeyToU8a(),\n permissions: input.permissions,\n },\n },\n }),\n ),\n onError: { actions: \"assignErrorFromEvent\" },\n onDone: {\n actions: raiseAndAssign(({ event }) =>\n event.output.map(() => ({ raise: \"success\" })),\n ),\n },\n },\n },\n\n AddToNewStream: {\n on: { success: \"Success\", error: \"Error\" },\n entry: assign({\n intermediateValue: {\n requiredUserInteraction: \"add-ledger-sync\",\n },\n }),\n exit: assign({\n intermediateValue: {\n requiredUserInteraction: UserInteractionRequired.None,\n },\n }),\n invoke: {\n id: \"signBlock\",\n src: \"signBlock\",\n input: ({ context }) =>\n context.input.chain((input) =>\n eitherSeqRecord({\n lkrpDataSource: input.lkrpDataSource,\n trustchainId: input.trustchainId,\n jwt: input.jwt,\n clientName: input.clientName,\n sessionKeypair: () =>\n context._internalState.chain(({ sessionKeypair }) =>\n required(sessionKeypair, \"Missing session keypair\"),\n ),\n path: () =>\n required(\n input.applicationStream.getPath().extract(),\n \"Missing application path\",\n ),\n parent: () =>\n required(\n Maybe.fromNullable(input.trustchain[\"m/\"])\n .chain((rootStream) => rootStream.parse().toMaybe())\n .chainNullable((blocks) => blocks[0]?.hash())\n .chainNullable(hexaStringToBuffer)\n .extract(),\n \"Missing init block\",\n ),\n blockFlow: {\n type: \"derive\",\n data: {\n name: input.clientName,\n publicKey: input.keypair.pubKeyToU8a(),\n permissions: input.permissions,\n },\n },\n }).chain(() => Left(new LKRPTrustchainNotReady())),\n ),\n onError: { actions: \"assignErrorFromEvent\" },\n onDone: {\n actions: raiseAndAssign(({ event }) =>\n event.output.map(() => ({ raise: \"success\" })),\n ),\n },\n },\n },\n\n Success: { type: \"final\" },\n\n Error: { type: \"final\" },\n },\n\n output: ({ context }) => context._internalState.map((_) => undefined),\n });\n }\n\n extractDependencies(internalApi: InternalApi) {\n return {\n initCommand: (): Promise<Either<LKRPDeviceCommandError, Keypair>> =>\n new InitTask(internalApi).run(),\n\n parseStream: async (args: {\n input: Either<AddToTrustchainDAError, ParseStreamToDeviceTaskInput>;\n }) =>\n EitherAsync.liftEither(args.input)\n .chain<AddToTrustchainDAError, unknown>((input) =>\n new ParseStreamToDeviceTask(internalApi).run(input),\n )\n .run(),\n\n signBlock: (args: {\n input: Either<AddToTrustchainDAError, SignBlockTaskInput>;\n }): Promise<Either<AddToTrustchainDAError, void>> =>\n EitherAsync.liftEither(args.input)\n .chain((input) => new SignBlockTask(internalApi).run(input))\n .run(),\n };\n }\n}\n"],
5
- "mappings": "yaAAA,IAAAA,EAAA,GAAAC,EAAAD,EAAA,iCAAAE,IAAA,eAAAC,EAAAH,GAAA,IAAAI,EAOO,2CACPC,EAA6D,qBAC7DC,EAA2C,kBAS3CC,EAGO,kCAGPC,EAAyB,8CACzBC,EAGO,6DACPC,EAGO,mDACPC,EAAgC,2CAChCC,EAAyB,oCAEzBC,EAA+B,kCAExB,MAAMX,UAAoC,oBAM/C,CACA,iBACEY,EAOA,CASA,KAAM,CAAE,YAAAC,EAAa,YAAAC,EAAa,UAAAC,CAAU,EAC1C,KAAK,oBAAoBH,CAAW,EAEtC,SAAO,SAAM,CACX,MAAO,CACL,MAAO,CAAC,EACR,QAAS,CAAC,EACV,OAAQ,CAAC,CACX,EAEA,OAAQ,CACN,eAAa,eAAYC,CAAW,EACpC,eAAa,eAAYC,CAAW,EACpC,aAAW,eAAYC,CAAS,CAClC,EAEA,QAAS,CACP,wBAAsB,kBACpB,CAAC,CAAE,MAAAC,CAAM,OACP,QACE,IAAI,mBACF,OAAQA,EAA8B,KAAK,CAC7C,CACF,CACJ,CACF,EAEA,OAAQ,CACN,iBAAkB,CAAC,CAAE,QAAAC,CAAQ,IAC3BA,EAAQ,MACL,QAAQ,EACR,MAAOC,GAAUA,EAAM,kBAAkB,MAAM,EAAE,QAAQ,CAAC,EAC1D,IAAKC,GAAWA,EAAO,SAAW,CAAC,EACnC,UAAU,EAAI,CACrB,CACF,CAAC,EAAE,cAAc,CAGf,GAAI,8BACJ,QAAS,CAAC,CAAE,MAAAD,CAAM,KAAO,CACvB,MAAAA,EACA,kBAAmB,CACjB,wBAAyB,0BAAwB,IACnD,EACA,kBAAgB,SAAM,CACpB,eAAgB,IAClB,CAAC,CACH,GAEA,QAAS,cACT,OAAQ,CACN,YAAa,CACX,GAAI,CAAE,QAAS,cAAe,MAAO,OAAQ,EAC7C,OAAQ,CACN,GAAI,cACJ,IAAK,cACL,QAAS,CAAE,QAAS,sBAAuB,EAC3C,OAAQ,CACN,WAAS,kBAAe,CAAC,CAAE,MAAAF,CAAM,IAC/BA,EAAM,OAAO,IAAKI,IAAoB,CACpC,MAAO,UACP,OAAQ,CAAE,eAAAA,CAAe,CAC3B,EAAE,CACJ,CACF,CACF,CACF,EAEA,YAAa,CACX,GAAI,CAAE,QAAS,8BAA+B,MAAO,OAAQ,EAC7D,OAAQ,CACN,GAAI,cACJ,IAAK,cACL,MAAO,CAAC,CAAE,QAAAH,CAAQ,IAChBA,EAAQ,MAAM,MAAOC,MACnB,YAASA,EAAM,aAAa,IAAI,EAAG,qBAAqB,EACrD,MAAOG,GAAeA,EAAW,MAAM,CAAC,EACxC,MAAOF,MAAW,YAASA,EAAO,CAAC,EAAG,oBAAoB,CAAC,EAC3D,IAAKG,IAAe,CACnB,UAAAA,EACA,kBAAmBJ,EAAM,iBAC3B,EAAE,CACN,EACF,QAAS,CAAE,QAAS,sBAAuB,EAC3C,OAAQ,CACN,WAAS,kBAAe,CAAC,CAAE,MAAAF,CAAM,IAC/BA,EAAM,OAAO,IAAI,KAAO,CAAE,MAAO,SAAU,EAAE,CAC/C,CACF,CACF,CACF,EAEA,4BAA6B,CAC3B,OAAQ,CACN,CAAE,OAAQ,iBAAkB,MAAO,kBAAmB,EACtD,CAAE,OAAQ,qBAAsB,CAClC,CACF,EAEA,oBAAqB,CACnB,GAAI,CAAE,QAAS,UAAW,MAAO,OAAQ,EACzC,SAAO,UAAO,CACZ,kBAAmB,CACjB,wBAAyB,iBAC3B,CACF,CAAC,EACD,QAAM,UAAO,CACX,kBAAmB,CACjB,wBAAyB,0BAAwB,IACnD,CACF,CAAC,EACD,OAAQ,CACN,GAAI,YACJ,IAAK,YACL,MAAO,CAAC,CAAE,QAAAC,CAAQ,IAChBA,EAAQ,MAAM,MAAOC,MACnB,mBAAgB,CACd,eAAgBA,EAAM,eACtB,aAAcA,EAAM,aACpB,IAAKA,EAAM,IACX,WAAYA,EAAM,WAClB,eAAgB,IACdD,EAAQ,eAAe,MAAM,CAAC,CAAE,eAAAG,CAAe,OAC7C,YAASA,EAAgB,yBAAyB,CACpD,EACF,KAAM,OACJ,YACEF,EAAM,kBAAkB,QAAQ,EAAE,QAAQ,EAC1C,0BACF,EACF,OAAQ,OACN,YACEA,EAAM,kBACH,MAAM,EACN,QAAQ,EACR,cAAeC,GAAWA,EAAO,GAAG,EAAE,GAAG,KAAK,CAAC,EAC/C,cAAc,oBAAkB,EAChC,QAAQ,EACX,sBACF,EACF,UAAW,CACT,KAAM,YACN,KAAM,CACJ,KAAMD,EAAM,WACZ,UAAWA,EAAM,QAAQ,YAAY,EACrC,YAAaA,EAAM,WACrB,CACF,CACF,CAAC,CACH,EACF,QAAS,CAAE,QAAS,sBAAuB,EAC3C,OAAQ,CACN,WAAS,kBAAe,CAAC,CAAE,MAAAF,CAAM,IAC/BA,EAAM,OAAO,IAAI,KAAO,CAAE,MAAO,SAAU,EAAE,CAC/C,CACF,CACF,CACF,EAEA,eAAgB,CACd,GAAI,CAAE,QAAS,UAAW,MAAO,OAAQ,EACzC,SAAO,UAAO,CACZ,kBAAmB,CACjB,wBAAyB,iBAC3B,CACF,CAAC,EACD,QAAM,UAAO,CACX,kBAAmB,CACjB,wBAAyB,0BAAwB,IACnD,CACF,CAAC,EACD,OAAQ,CACN,GAAI,YACJ,IAAK,YACL,MAAO,CAAC,CAAE,QAAAC,CAAQ,IAChBA,EAAQ,MAAM,MAAOC,MACnB,mBAAgB,CACd,eAAgBA,EAAM,eACtB,aAAcA,EAAM,aACpB,IAAKA,EAAM,IACX,WAAYA,EAAM,WAClB,eAAgB,IACdD,EAAQ,eAAe,MAAM,CAAC,CAAE,eAAAG,CAAe,OAC7C,YAASA,EAAgB,yBAAyB,CACpD,EACF,KAAM,OACJ,YACEF,EAAM,kBAAkB,QAAQ,EAAE,QAAQ,EAC1C,0BACF,EACF,OAAQ,OACN,YACE,QAAM,aAAaA,EAAM,WAAW,IAAI,CAAC,EACtC,MAAOG,GAAeA,EAAW,MAAM,EAAE,QAAQ,CAAC,EAClD,cAAeF,GAAWA,EAAO,CAAC,GAAG,KAAK,CAAC,EAC3C,cAAc,oBAAkB,EAChC,QAAQ,EACX,oBACF,EACF,UAAW,CACT,KAAM,SACN,KAAM,CACJ,KAAMD,EAAM,WACZ,UAAWA,EAAM,QAAQ,YAAY,EACrC,YAAaA,EAAM,WACrB,CACF,CACF,CAAC,EAAE,MAAM,OAAM,QAAK,IAAI,wBAAwB,CAAC,CACnD,EACF,QAAS,CAAE,QAAS,sBAAuB,EAC3C,OAAQ,CACN,WAAS,kBAAe,CAAC,CAAE,MAAAF,CAAM,IAC/BA,EAAM,OAAO,IAAI,KAAO,CAAE,MAAO,SAAU,EAAE,CAC/C,CACF,CACF,CACF,EAEA,QAAS,CAAE,KAAM,OAAQ,EAEzB,MAAO,CAAE,KAAM,OAAQ,CACzB,EAEA,OAAQ,CAAC,CAAE,QAAAC,CAAQ,IAAMA,EAAQ,eAAe,IAAKM,GAAG,EAAY,CACtE,CAAC,CACH,CAEA,oBAAoBX,EAA0B,CAC5C,MAAO,CACL,YAAa,IACX,IAAI,WAASA,CAAW,EAAE,IAAI,EAEhC,YAAa,MAAOY,GAGlB,cAAY,WAAWA,EAAK,KAAK,EAC9B,MAAwCN,GACvC,IAAI,0BAAwBN,CAAW,EAAE,IAAIM,CAAK,CACpD,EACC,IAAI,EAET,UAAYM,GAGV,cAAY,WAAWA,EAAK,KAAK,EAC9B,MAAON,GAAU,IAAI,gBAAcN,CAAW,EAAE,IAAIM,CAAK,CAAC,EAC1D,IAAI,CACX,CACF,CACF",
6
- "names": ["AddToTrustchainDeviceAction_exports", "__export", "AddToTrustchainDeviceAction", "__toCommonJS", "import_device_management_kit", "import_purify_ts", "import_xstate", "import_Errors", "import_InitTask", "import_ParseStreamToDeviceTask", "import_SignBlockTask", "import_eitherSeqRecord", "import_required", "import_raiseAndAssign", "internalApi", "initCommand", "parseStream", "signBlock", "event", "context", "input", "blocks", "sessionKeypair", "rootStream", "seedBlock", "_", "args"]
4
+ "sourcesContent": ["import {\n type DeviceActionStateMachine,\n hexaStringToBuffer,\n type InternalApi,\n type StateMachineTypes,\n UnknownDAError,\n UserInteractionRequired,\n XStateDeviceAction,\n} from \"@ledgerhq/device-management-kit\";\nimport { type Either, EitherAsync, Left, Maybe, Right } from \"purify-ts\";\nimport { assign, fromPromise, setup } from \"xstate\";\n\nimport {\n type AddToTrustchainDAError,\n type AddToTrustchainDAInput,\n type AddToTrustchainDAIntermediateValue,\n type AddToTrustchainDAInternalState,\n type AddToTrustchainDAOutput,\n} from \"@api/app-binder/AddToTrustchainDeviceActionTypes\";\nimport { type Keypair } from \"@api/index\";\nimport { type LKRPDeviceCommandError } from \"@internal/app-binder/command/utils/ledgerKeyringProtocolErrors\";\nimport { InitTask } from \"@internal/app-binder/task/InitTask\";\nimport {\n ParseStreamToDeviceTask,\n type ParseStreamToDeviceTaskInput,\n} from \"@internal/app-binder/task/ParseStreamToDeviceTask\";\nimport {\n type SignBlockError,\n SignBlockTask,\n type SignBlockTaskInput,\n} from \"@internal/app-binder/task/SignBlockTask\";\nimport { eitherSeqRecord } from \"@internal/utils/eitherSeqRecord\";\nimport { required } from \"@internal/utils/required\";\n\nimport { raiseAndAssign } from \"./utils/raiseAndAssign\";\n\nexport class AddToTrustchainDeviceAction extends XStateDeviceAction<\n AddToTrustchainDAOutput,\n AddToTrustchainDAInput,\n AddToTrustchainDAError,\n AddToTrustchainDAIntermediateValue,\n AddToTrustchainDAInternalState\n> {\n makeStateMachine(\n internalApi: InternalApi,\n ): DeviceActionStateMachine<\n AddToTrustchainDAOutput,\n AddToTrustchainDAInput,\n AddToTrustchainDAError,\n AddToTrustchainDAIntermediateValue,\n AddToTrustchainDAInternalState\n > {\n type types = StateMachineTypes<\n AddToTrustchainDAOutput,\n AddToTrustchainDAInput,\n AddToTrustchainDAError,\n AddToTrustchainDAIntermediateValue,\n AddToTrustchainDAInternalState\n >;\n\n const { initCommand, parseStream, signBlock } =\n this.extractDependencies(internalApi);\n\n return setup({\n types: {\n input: {} as types[\"input\"],\n context: {} as types[\"context\"],\n output: {} as types[\"output\"],\n },\n\n actors: {\n initCommand: fromPromise(initCommand),\n parseStream: fromPromise(parseStream),\n signBlock: fromPromise(signBlock),\n },\n\n actions: {\n assignErrorFromEvent: raiseAndAssign(\n ({ event }) =>\n Left(\n new UnknownDAError(String((event as { error?: unknown }).error)),\n ), // NOTE: it should never happen, the error is not typed anymore here\n ),\n },\n\n guards: {\n isTustchainEmpty: ({ context }) =>\n context.input\n .toMaybe()\n .chain((input) => input.applicationStream.parse().toMaybe())\n .map((blocks) => blocks.length === 0)\n .orDefault(true),\n },\n }).createMachine({\n /** @xstate-layout N4IgpgJg5mDOIC5QEEIQCoHt0CcCusALgMYAWAhgJYB2AImAG6XFjLGGWbUB0AktZUIBlOLE7UAxBC5huNBpgDWsmoIDCmALaby1CAG0ADAF1EoAA6YxHLmZAAPRAEZDAdm6unAFgAcAJi9PLwA2PycAVmCAGhAAT0QAZhDucJDXAE5XcO9wsOCAX3yY1AxsfCIyKjpGZlZ2cT4BYVFxCTAcHEwcbnMAG3JCADMuzTkmjW1dAxM7S2txO0cEdPTuMMN0hKcEnycMwx9ouMQ-cITuDYTg1wOb4PScwuK0LFwCEgoaeiYWNhsefiCESwMRcCSwPDEFggoymJAgOaCBbwpYJVLcBKuLwrQx+dJnbZeGLxBAJALcLxOYLhHGGFx+BJPEAlV7lD5Vb61P4NQHNEGtdqdHCw2ZWJG2FGJdGY7HpXH4rZJYmIXx+NaywKbBk3VyMorMl5ld6VL41X71LjcAAK5BwsDAQkIODA5E0UhkYwUyh6tvtjudrpF8MR-0WiDOwW4wT2ex8CTJ122yoQYR8FzSPkyEWyXiuTJZRoqn2qPzq-2tvodTpdbsFXR6-SGIx9dqrAc0QYsYtDkoQuUjNNcwUC4V2up8yac5JpV2CCTcVJ8XgZ+cNbyLHLNZYaNtb-pr4Mh0NgnYR3eRoCWrlcad1udcpxWu0xyb8fkM3CpwWCBzlSR8o5eKupTruypqltylq7n61aum0HRdKeIYXg4iDXreSSYo+6TPq4yZoucWIrF4dLxlcaLAayxrFpy5rlmopBgMQijIOYfTMAM4j7q6ACi9iUEQEhIeeEqXs4VJeCkN5+D4D4-ocESvm+3APNSP6+GSETpAU+oFqBJollyFo8AxTEsWxvQcf83GaHxAmEEJThwl28yiahCBOE4hwYoYvi+D4dIHLiyYALRTu4bh4mcN43psAGUYWYGGXRDQFnZRA0FANnutQKjUF6shiFA1AAEK9JgzHCa51Bhh5XjLtwAWBIYwQARJU6hXikm5CEnleOEWSUk4CX6TRW6QTwaX8Rl1BZbBtYId0fQDMMOCjEVpXlZVMzBiJNW9t4DKfpEpy7JEmbaaFOxqgk6Tvp5A1-vVerPCBbIGbR26WlN9mZdlEJQqIVXivtYkecOapZD4sleYYhgDd+nUZBSlKpNDWG5CN71jRBxncD9M1ze28FCsDPZg1S4ThBc773IE843IpxwIGFBweLdGyyZhByyVj1Gbrj5YFgAcmAADu2XSLlnpKIVlDFWVFWKGTKFLIdkZDjs2ZtS+zOYh4NxwxkAXpNicZ8xu4FGULhqixL80k-Wy1Nmt3AbYr23OWe1W1d4ewYps0ZTpsmxZKFvhrOEdLXg8LgtbdFtJZ9E347b4v-UeQM7S5IO+xDHijtpgR+PciPM94kZuLieK3XiRvpInH3jXjIvpw7dbCtn3u5wd1LU7iLWm7qVdMySYSSZSpzeDsngl1OhT6tQmAQHAdh6djAvWyhyFuUsYXh-cjUPE+ThxW+w26WuG9Wyllq8sCoKg935PuYEyb1ZJKwrAEERxtkWSNxxlvKClYbKih9r2QI7hKQkSjhsM4pt8JUgpF-KkaJNj1XCIAzet8TKMWYqxdixBOJcBsulQg4Ce5gzlE4A2mEGRPlNgkJSH5vx9xuNiOGYRXDYJvl9SahpyF-XmpQl+atMSRm2KmNwAFUhlxJCFd85x4yjnHpPQIvheHJX4anUodswG7QgRTK4qxoyGB2GbN8qZJzkgeLsH80ZNjw2hlo5OeMhCZxBKI1Wzg4yrBajSe6A1erhE6gFKMDwBrbHxP1O8rjm7lh4otbxu9fEDRSFqUcUNIgHFCi4VYOE5Q4RahsRcOlChAA */\n\n id: \"AddToTrustchainDeviceAction\",\n context: ({ input }) => ({\n input,\n intermediateValue: {\n requiredUserInteraction: UserInteractionRequired.None,\n },\n _internalState: Right({\n sessionKeypair: null,\n }),\n }),\n\n initial: \"InitSession\",\n states: {\n InitSession: {\n on: { success: \"ParseStream\", error: \"Error\" },\n invoke: {\n id: \"initCommand\",\n src: \"initCommand\",\n onError: { actions: \"assignErrorFromEvent\" },\n onDone: {\n actions: raiseAndAssign(({ event }) =>\n event.output.map((sessionKeypair) => ({\n raise: \"success\",\n assign: { sessionKeypair },\n })),\n ),\n },\n },\n },\n\n ParseStream: {\n on: { success: \"CheckApplicationStreamExist\", error: \"Error\" },\n invoke: {\n id: \"parseStream\",\n src: \"parseStream\",\n input: ({ context }) =>\n context.input.chain((input) =>\n required(input.trustchain?.[\"m/\"], \"Missing root stream\")\n .chain((rootStream) => rootStream.parse())\n .chain((blocks) => required(blocks[0], \"Missing seed block\"))\n .map((seedBlock) => ({\n seedBlock,\n applicationStream: input.applicationStream,\n })),\n ),\n onError: { actions: \"assignErrorFromEvent\" },\n onDone: {\n actions: raiseAndAssign(({ event }) =>\n event.output.map(() => ({ raise: \"success\" })),\n ),\n },\n },\n },\n\n CheckApplicationStreamExist: {\n always: [\n { target: \"AddToNewStream\", guard: \"isTustchainEmpty\" },\n { target: \"AddToExistingStream\" },\n ],\n },\n\n AddToExistingStream: {\n on: { success: \"Success\", error: \"Error\" },\n entry: assign({\n intermediateValue: {\n requiredUserInteraction: \"add-ledger-sync\",\n },\n }),\n exit: assign({\n intermediateValue: {\n requiredUserInteraction: UserInteractionRequired.None,\n },\n }),\n invoke: {\n id: \"signBlock\",\n src: \"signBlock\",\n input: ({ context }) =>\n context.input.chain((input) =>\n eitherSeqRecord({\n lkrpDataSource: input.lkrpDataSource,\n trustchainId: input.trustchainId,\n jwt: input.jwt,\n clientName: input.clientName,\n sessionKeypair: () =>\n context._internalState.chain(({ sessionKeypair }) =>\n required(sessionKeypair, \"Missing session keypair\"),\n ),\n path: () =>\n required(\n input.applicationStream.getPath().extract(),\n \"Missing application path\",\n ),\n parent: () =>\n required(\n input.applicationStream\n .parse()\n .toMaybe()\n .chainNullable((blocks) => blocks.at(-1)?.hash())\n .chainNullable(hexaStringToBuffer)\n .extract(),\n \"Missing parent block\",\n ),\n blockFlow: {\n type: \"addMember\",\n data: {\n name: input.clientName,\n publicKey: input.keypair.pubKeyToU8a(),\n permissions: input.permissions,\n },\n },\n }),\n ),\n onError: { actions: \"assignErrorFromEvent\" },\n onDone: {\n actions: raiseAndAssign(({ event }) =>\n event.output.map(() => ({ raise: \"success\" })),\n ),\n },\n },\n },\n\n AddToNewStream: {\n on: { success: \"Success\", error: \"Error\" },\n entry: assign({\n intermediateValue: {\n requiredUserInteraction: \"add-ledger-sync\",\n },\n }),\n exit: assign({\n intermediateValue: {\n requiredUserInteraction: UserInteractionRequired.None,\n },\n }),\n invoke: {\n id: \"signBlock\",\n src: \"signBlock\",\n input: ({ context }) =>\n context.input.chain((input) =>\n eitherSeqRecord({\n lkrpDataSource: input.lkrpDataSource,\n trustchainId: input.trustchainId,\n jwt: input.jwt,\n clientName: input.clientName,\n sessionKeypair: () =>\n context._internalState.chain(({ sessionKeypair }) =>\n required(sessionKeypair, \"Missing session keypair\"),\n ),\n path: () =>\n required(\n input.applicationStream.getPath().extract(),\n \"Missing application path\",\n ),\n parent: () =>\n required(\n Maybe.fromNullable(input.trustchain[\"m/\"])\n .chain((rootStream) => rootStream.parse().toMaybe())\n .chainNullable((blocks) => blocks[0]?.hash())\n .chainNullable(hexaStringToBuffer)\n .extract(),\n \"Missing init block\",\n ),\n blockFlow: {\n type: \"derive\",\n data: {\n name: input.clientName,\n publicKey: input.keypair.pubKeyToU8a(),\n permissions: input.permissions,\n },\n },\n }),\n ),\n onError: { actions: \"assignErrorFromEvent\" },\n onDone: {\n actions: raiseAndAssign(({ event }) =>\n event.output.map(() => ({ raise: \"success\" })),\n ),\n },\n },\n },\n\n Success: { type: \"final\" },\n\n Error: { type: \"final\" },\n },\n\n output: ({ context }) => context._internalState.map((_) => undefined),\n });\n }\n\n extractDependencies(internalApi: InternalApi) {\n return {\n initCommand: (): Promise<Either<LKRPDeviceCommandError, Keypair>> =>\n new InitTask(internalApi).run(),\n\n parseStream: async (args: {\n input: Either<AddToTrustchainDAError, ParseStreamToDeviceTaskInput>;\n }) =>\n EitherAsync.liftEither(args.input)\n .chain<AddToTrustchainDAError, unknown>((input) =>\n new ParseStreamToDeviceTask(internalApi).run(input),\n )\n .run(),\n\n signBlock: (args: {\n input: Either<AddToTrustchainDAError, SignBlockTaskInput>;\n }): Promise<Either<SignBlockError, void>> =>\n EitherAsync.liftEither(args.input)\n .chain((input) => new SignBlockTask(internalApi).run(input))\n .run(),\n };\n }\n}\n"],
5
+ "mappings": "yaAAA,IAAAA,EAAA,GAAAC,EAAAD,EAAA,iCAAAE,IAAA,eAAAC,EAAAH,GAAA,IAAAI,EAQO,2CACPC,EAA6D,qBAC7DC,EAA2C,kBAW3CC,EAAyB,8CACzBC,EAGO,6DACPC,EAIO,mDACPC,EAAgC,2CAChCC,EAAyB,oCAEzBC,EAA+B,kCAExB,MAAMV,UAAoC,oBAM/C,CACA,iBACEW,EAOA,CASA,KAAM,CAAE,YAAAC,EAAa,YAAAC,EAAa,UAAAC,CAAU,EAC1C,KAAK,oBAAoBH,CAAW,EAEtC,SAAO,SAAM,CACX,MAAO,CACL,MAAO,CAAC,EACR,QAAS,CAAC,EACV,OAAQ,CAAC,CACX,EAEA,OAAQ,CACN,eAAa,eAAYC,CAAW,EACpC,eAAa,eAAYC,CAAW,EACpC,aAAW,eAAYC,CAAS,CAClC,EAEA,QAAS,CACP,wBAAsB,kBACpB,CAAC,CAAE,MAAAC,CAAM,OACP,QACE,IAAI,iBAAe,OAAQA,EAA8B,KAAK,CAAC,CACjE,CACJ,CACF,EAEA,OAAQ,CACN,iBAAkB,CAAC,CAAE,QAAAC,CAAQ,IAC3BA,EAAQ,MACL,QAAQ,EACR,MAAOC,GAAUA,EAAM,kBAAkB,MAAM,EAAE,QAAQ,CAAC,EAC1D,IAAKC,GAAWA,EAAO,SAAW,CAAC,EACnC,UAAU,EAAI,CACrB,CACF,CAAC,EAAE,cAAc,CAGf,GAAI,8BACJ,QAAS,CAAC,CAAE,MAAAD,CAAM,KAAO,CACvB,MAAAA,EACA,kBAAmB,CACjB,wBAAyB,0BAAwB,IACnD,EACA,kBAAgB,SAAM,CACpB,eAAgB,IAClB,CAAC,CACH,GAEA,QAAS,cACT,OAAQ,CACN,YAAa,CACX,GAAI,CAAE,QAAS,cAAe,MAAO,OAAQ,EAC7C,OAAQ,CACN,GAAI,cACJ,IAAK,cACL,QAAS,CAAE,QAAS,sBAAuB,EAC3C,OAAQ,CACN,WAAS,kBAAe,CAAC,CAAE,MAAAF,CAAM,IAC/BA,EAAM,OAAO,IAAKI,IAAoB,CACpC,MAAO,UACP,OAAQ,CAAE,eAAAA,CAAe,CAC3B,EAAE,CACJ,CACF,CACF,CACF,EAEA,YAAa,CACX,GAAI,CAAE,QAAS,8BAA+B,MAAO,OAAQ,EAC7D,OAAQ,CACN,GAAI,cACJ,IAAK,cACL,MAAO,CAAC,CAAE,QAAAH,CAAQ,IAChBA,EAAQ,MAAM,MAAOC,MACnB,YAASA,EAAM,aAAa,IAAI,EAAG,qBAAqB,EACrD,MAAOG,GAAeA,EAAW,MAAM,CAAC,EACxC,MAAOF,MAAW,YAASA,EAAO,CAAC,EAAG,oBAAoB,CAAC,EAC3D,IAAKG,IAAe,CACnB,UAAAA,EACA,kBAAmBJ,EAAM,iBAC3B,EAAE,CACN,EACF,QAAS,CAAE,QAAS,sBAAuB,EAC3C,OAAQ,CACN,WAAS,kBAAe,CAAC,CAAE,MAAAF,CAAM,IAC/BA,EAAM,OAAO,IAAI,KAAO,CAAE,MAAO,SAAU,EAAE,CAC/C,CACF,CACF,CACF,EAEA,4BAA6B,CAC3B,OAAQ,CACN,CAAE,OAAQ,iBAAkB,MAAO,kBAAmB,EACtD,CAAE,OAAQ,qBAAsB,CAClC,CACF,EAEA,oBAAqB,CACnB,GAAI,CAAE,QAAS,UAAW,MAAO,OAAQ,EACzC,SAAO,UAAO,CACZ,kBAAmB,CACjB,wBAAyB,iBAC3B,CACF,CAAC,EACD,QAAM,UAAO,CACX,kBAAmB,CACjB,wBAAyB,0BAAwB,IACnD,CACF,CAAC,EACD,OAAQ,CACN,GAAI,YACJ,IAAK,YACL,MAAO,CAAC,CAAE,QAAAC,CAAQ,IAChBA,EAAQ,MAAM,MAAOC,MACnB,mBAAgB,CACd,eAAgBA,EAAM,eACtB,aAAcA,EAAM,aACpB,IAAKA,EAAM,IACX,WAAYA,EAAM,WAClB,eAAgB,IACdD,EAAQ,eAAe,MAAM,CAAC,CAAE,eAAAG,CAAe,OAC7C,YAASA,EAAgB,yBAAyB,CACpD,EACF,KAAM,OACJ,YACEF,EAAM,kBAAkB,QAAQ,EAAE,QAAQ,EAC1C,0BACF,EACF,OAAQ,OACN,YACEA,EAAM,kBACH,MAAM,EACN,QAAQ,EACR,cAAeC,GAAWA,EAAO,GAAG,EAAE,GAAG,KAAK,CAAC,EAC/C,cAAc,oBAAkB,EAChC,QAAQ,EACX,sBACF,EACF,UAAW,CACT,KAAM,YACN,KAAM,CACJ,KAAMD,EAAM,WACZ,UAAWA,EAAM,QAAQ,YAAY,EACrC,YAAaA,EAAM,WACrB,CACF,CACF,CAAC,CACH,EACF,QAAS,CAAE,QAAS,sBAAuB,EAC3C,OAAQ,CACN,WAAS,kBAAe,CAAC,CAAE,MAAAF,CAAM,IAC/BA,EAAM,OAAO,IAAI,KAAO,CAAE,MAAO,SAAU,EAAE,CAC/C,CACF,CACF,CACF,EAEA,eAAgB,CACd,GAAI,CAAE,QAAS,UAAW,MAAO,OAAQ,EACzC,SAAO,UAAO,CACZ,kBAAmB,CACjB,wBAAyB,iBAC3B,CACF,CAAC,EACD,QAAM,UAAO,CACX,kBAAmB,CACjB,wBAAyB,0BAAwB,IACnD,CACF,CAAC,EACD,OAAQ,CACN,GAAI,YACJ,IAAK,YACL,MAAO,CAAC,CAAE,QAAAC,CAAQ,IAChBA,EAAQ,MAAM,MAAOC,MACnB,mBAAgB,CACd,eAAgBA,EAAM,eACtB,aAAcA,EAAM,aACpB,IAAKA,EAAM,IACX,WAAYA,EAAM,WAClB,eAAgB,IACdD,EAAQ,eAAe,MAAM,CAAC,CAAE,eAAAG,CAAe,OAC7C,YAASA,EAAgB,yBAAyB,CACpD,EACF,KAAM,OACJ,YACEF,EAAM,kBAAkB,QAAQ,EAAE,QAAQ,EAC1C,0BACF,EACF,OAAQ,OACN,YACE,QAAM,aAAaA,EAAM,WAAW,IAAI,CAAC,EACtC,MAAOG,GAAeA,EAAW,MAAM,EAAE,QAAQ,CAAC,EAClD,cAAeF,GAAWA,EAAO,CAAC,GAAG,KAAK,CAAC,EAC3C,cAAc,oBAAkB,EAChC,QAAQ,EACX,oBACF,EACF,UAAW,CACT,KAAM,SACN,KAAM,CACJ,KAAMD,EAAM,WACZ,UAAWA,EAAM,QAAQ,YAAY,EACrC,YAAaA,EAAM,WACrB,CACF,CACF,CAAC,CACH,EACF,QAAS,CAAE,QAAS,sBAAuB,EAC3C,OAAQ,CACN,WAAS,kBAAe,CAAC,CAAE,MAAAF,CAAM,IAC/BA,EAAM,OAAO,IAAI,KAAO,CAAE,MAAO,SAAU,EAAE,CAC/C,CACF,CACF,CACF,EAEA,QAAS,CAAE,KAAM,OAAQ,EAEzB,MAAO,CAAE,KAAM,OAAQ,CACzB,EAEA,OAAQ,CAAC,CAAE,QAAAC,CAAQ,IAAMA,EAAQ,eAAe,IAAKM,GAAG,EAAY,CACtE,CAAC,CACH,CAEA,oBAAoBX,EAA0B,CAC5C,MAAO,CACL,YAAa,IACX,IAAI,WAASA,CAAW,EAAE,IAAI,EAEhC,YAAa,MAAOY,GAGlB,cAAY,WAAWA,EAAK,KAAK,EAC9B,MAAwCN,GACvC,IAAI,0BAAwBN,CAAW,EAAE,IAAIM,CAAK,CACpD,EACC,IAAI,EAET,UAAYM,GAGV,cAAY,WAAWA,EAAK,KAAK,EAC9B,MAAON,GAAU,IAAI,gBAAcN,CAAW,EAAE,IAAIM,CAAK,CAAC,EAC1D,IAAI,CACX,CACF,CACF",
6
+ "names": ["AddToTrustchainDeviceAction_exports", "__export", "AddToTrustchainDeviceAction", "__toCommonJS", "import_device_management_kit", "import_purify_ts", "import_xstate", "import_InitTask", "import_ParseStreamToDeviceTask", "import_SignBlockTask", "import_eitherSeqRecord", "import_required", "import_raiseAndAssign", "internalApi", "initCommand", "parseStream", "signBlock", "event", "context", "input", "blocks", "sessionKeypair", "rootStream", "seedBlock", "_", "args"]
7
7
  }
package/lib/cjs/internal/app-binder/device-action/AuthenticateDeviceAction.js CHANGED
@@ -1,2 +1,2 @@
1
- "use strict";var y=Object.defineProperty;var I=Object.getOwnPropertyDescriptor;var k=Object.getOwnPropertyNames;var f=Object.prototype.hasOwnProperty;var M=(h,i)=>{for(var r in i)y(h,r,{get:i[r],enumerable:!0})},v=(h,i,r,n)=>{if(i&&typeof i=="object"||typeof i=="function")for(let a of k(i))!f.call(h,a)&&a!==r&&y(h,a,{get:()=>i[a],enumerable:!(n=I(i,a))||n.enumerable});return h};var K=h=>v(y({},"__esModule",{value:!0}),h);var P={};M(P,{AuthenticateDeviceAction:()=>w});module.exports=K(P);var d=require("@ledgerhq/device-management-kit"),p=require("purify-ts"),o=require("xstate"),s=require("../../../api/app-binder/Errors"),E=require("../../app-binder/task/SignChallengeWithDeviceTask"),T=require("../../app-binder/task/SignChallengeWithKeypairTask"),l=require("../../utils/eitherSeqRecord"),g=require("../../utils/LKRPBlockStream"),c=require("../../utils/required"),A=require("./utils/raiseAndAssign"),S=require("./AddToTrustchainDeviceAction");const D="Ledger Sync";class w extends d.XStateDeviceAction{makeStateMachine(i){const{deviceAuth:r,keypairAuth:n,getTrustchain:a,extractEncryptionKey:m}=this.extractDependencies(i);return(0,o.setup)({types:{input:{},context:{},output:{}},actors:{openAppStateMachine:new d.OpenAppDeviceAction({input:{appName:D}}).makeStateMachine(i),deviceAuth:(0,o.fromPromise)(r),keypairAuth:(0,o.fromPromise)(n),getTrustchain:(0,o.fromPromise)(a),addToTrustchainStateMachine:new S.AddToTrustchainDeviceAction({input:(0,p.Left)(new s.LKRPMissingDataError("Missing input for GetEncryptionKey"))}).makeStateMachine(i),extractEncryptionKey:(0,o.fromPromise)(m)},actions:{assignErrorFromEvent:(0,A.raiseAndAssign)(({event:t})=>(0,p.Left)(new s.LKRPUnknownError(String(t.error))))},guards:{hasNoTrustchainId:({context:t})=>!t.input.trustchainId,isTrustchainMember:({context:t})=>t._internalState.toMaybe().map(e=>e.wasAddedToTrustchain||e.applicationStream?.hasMember(t.input.keypair.pubKeyToHex())).extract()??!1}}).createMachine({id:"AuthenticateDeviceAction",context:({input:t})=>({input:t,intermediateValue:{requiredUserInteraction:d.UserInteractionRequired.None},_internalState:(0,p.Right)({trustchainId:null,jwt:null,trustchain:null,applicationStream:null,encryptionKey:null,wasAddedToTrustchain:!1})}),initial:"CheckCredentials",states:{CheckCredentials:{always:[{target:"DeviceAuth",guard:"hasNoTrustchainId"},{target:"KeypairAuth"}]},KeypairAuth:{on:{success:"GetTrustchain",invalidCredentials:"DeviceAuth",error:"Error"},invoke:{id:"keypairAuth",src:"keypairAuth",input:({context:t})=>({lkrpDataSource:t.input.lkrpDataSource,keypair:t.input.keypair,trustchainId:(0,c.required)(t.input.trustchainId,"Missing Trustchain ID in the input")}),onError:{actions:"assignErrorFromEvent"},onDone:{actions:(0,A.raiseAndAssign)(({context:t,event:e})=>e.output.map(({jwt:u})=>({raise:"success",assign:{jwt:u}})).mapLeft(u=>u instanceof s.LKRPDataSourceError&&u.status==="UNAUTHORIZED"?new s.LKRPUnauthorizedError(t.input.trustchainId):u))}}},DeviceAuth:{on:{success:"GetTrustchain",error:"Error"},initial:"OpenApp",states:{OpenApp:{on:{success:"Auth"},invoke:{id:"openApp",src:"openAppStateMachine",input:{appName:D},onError:{actions:"assignErrorFromEvent"},onDone:{actions:(0,A.raiseAndAssign)(({event:t})=>t.output.map(()=>({raise:"success"})))}}},Auth:{entry:(0,o.assign)({intermediateValue:{requiredUserInteraction:"connect-ledger-sync"}}),exit:(0,o.assign)({intermediateValue:{requiredUserInteraction:d.UserInteractionRequired.None}}),invoke:{id:"deviceAuth",src:"deviceAuth",input:({context:t})=>t.input,onError:{actions:"assignErrorFromEvent"},onDone:{actions:(0,A.raiseAndAssign)(({event:t})=>t.output.chain(e=>e.trustchainId.caseOf({Nothing:()=>(0,p.Left)(new s.LKRPTrustchainNotReady),Just:u=>(0,p.Right)({raise:"success",assign:{jwt:e.jwt,trustchainId:u}})})))}}}}},GetTrustchain:{on:{success:"CheckIsMembers",invalidCredentials:"KeypairAuth",error:"Error"},invoke:{id:"getTrustchain",src:"getTrustchain",input:({context:t})=>t._internalState.chain(e=>(0,l.eitherSeqRecord)({lkrpDataSource:t.input.lkrpDataSource,applicationId:t.input.applicationId,trustchainId:()=>(0,c.required)(e.trustchainId??t.input.trustchainId,"Missing Trustchain ID for GetTrustchain"),jwt:()=>(0,c.required)(e.jwt,"Missing JWT for GetTrustchain")})),onError:{actions:"assignErrorFromEvent"},onDone:{actions:(0,A.raiseAndAssign)(({event:t})=>t.output.map(({trustchain:e,applicationStream:u})=>({raise:"success",assign:{trustchain:e,applicationStream:u}})))}}},CheckIsMembers:{always:[{target:"ExtractEncryptionKey",guard:"isTrustchainMember"},{target:"AddToTrustchain"}]},AddToTrustchain:{on:{success:"GetTrustchain",error:"Error"},invoke:{id:"AddToTrustchain",src:"addToTrustchainStateMachine",input:({context:t})=>t._internalState.mapLeft(()=>new s.LKRPMissingDataError("Missing data in the input for AddToTrustchain")).chain(e=>(0,l.eitherSeqRecord)({lkrpDataSource:t.input.lkrpDataSource,keypair:t.input.keypair,clientName:t.input.clientName,permissions:t.input.permissions,jwt:()=>(0,c.required)(e.jwt,"Missing JWT for AddToTrustchain"),trustchainId:()=>(0,c.required)(e.trustchainId??t.input.trustchainId,"Missing Trustchain ID for AddToTrustchain"),trustchain:()=>(0,c.required)(e.trustchain,"Missing Trustchain for AddToTrustchain"),applicationStream:()=>(0,c.required)(e.applicationStream,"Missing application stream for AddToTrustchain")})),onError:{actions:"assignErrorFromEvent"},onDone:{actions:(0,A.raiseAndAssign)(({event:t})=>t.output.map(()=>({raise:"success",assign:{wasAddedToTrustchain:!0}})))}}},ExtractEncryptionKey:{on:{success:"Success",error:"Error"},invoke:{id:"ExtractEncryptionKey",src:"extractEncryptionKey",input:({context:t})=>t._internalState.chain(e=>(0,c.required)(e.applicationStream,"Missing application stream for ExtractEncryptionKey").map(u=>({applicationStream:u,keypair:t.input.keypair}))),onError:{actions:"assignErrorFromEvent"},onDone:{actions:(0,A.raiseAndAssign)(({event:t})=>t.output.map(e=>({raise:"success",assign:{encryptionKey:e}})))}}},Success:{type:"final"},Error:{type:"final"}},output:({context:t})=>t._internalState.chain(e=>(0,l.eitherSeqRecord)({trustchainId:()=>(0,c.required)(e.trustchainId??t.input.trustchainId,"Missing Trustchain ID in the output"),jwt:()=>(0,c.required)(e.jwt,"Missing JWT in the output"),applicationPath:()=>(0,c.required)(e.applicationStream?.getPath().extract(),"Missing application path in the output"),encryptionKey:()=>(0,c.required)(e.encryptionKey,"Missing encryption key in the output")}))})}extractDependencies(i){return{deviceAuth:r=>this.auth(r.input.lkrpDataSource,new E.SignChallengeWithDeviceTask(i)).run(),keypairAuth:r=>{const{lkrpDataSource:n,keypair:a}=r.input;return p.EitherAsync.liftEither(r.input.trustchainId).chain(m=>this.auth(n,new T.SignChallengeWithKeypairTask(a,m))).run()},getTrustchain:r=>p.EitherAsync.liftEither(r.input).chain(({applicationId:n,lkrpDataSource:a,trustchainId:m,jwt:t})=>a.getTrustchainById(m,t).map(e=>({trustchain:e,applicationStream:e[`m/${n}'`]??g.LKRPBlockStream.fromPath(`m/0'/${n}'/0'`)}))).run(),extractEncryptionKey:async r=>Promise.resolve(r.input.chain(({applicationStream:n,keypair:a})=>n.getPublishedKey(a).toEither(new s.LKRPUnknownError("There is no encryption key for the current member in the application stream."))).map(n=>n.privateKey))}}auth(i,r){return i.getChallenge().chain(n=>r.run(n)).chain(n=>i.authenticate(n))}}0&&(module.exports={AuthenticateDeviceAction});
1
+ "use strict";var y=Object.defineProperty;var k=Object.getOwnPropertyDescriptor;var I=Object.getOwnPropertyNames;var f=Object.prototype.hasOwnProperty;var v=(p,i)=>{for(var n in i)y(p,n,{get:i[n],enumerable:!0})},M=(p,i,n,r)=>{if(i&&typeof i=="object"||typeof i=="function")for(let a of I(i))!f.call(p,a)&&a!==n&&y(p,a,{get:()=>i[a],enumerable:!(r=k(i,a))||r.enumerable});return p};var w=p=>M(y({},"__esModule",{value:!0}),p);var P={};v(P,{AuthenticateDeviceAction:()=>K});module.exports=w(P);var o=require("@ledgerhq/device-management-kit"),s=require("purify-ts"),c=require("xstate"),A=require("../../../api/app-binder/Errors"),g=require("../../app-binder/task/SignChallengeWithDeviceTask"),T=require("../../app-binder/task/SignChallengeWithKeypairTask"),m=require("../../utils/eitherSeqRecord"),E=require("../../utils/LKRPBlockStream"),u=require("../../utils/required"),h=require("./utils/raiseAndAssign"),S=require("./AddToTrustchainDeviceAction");const D="Ledger Sync";class K extends o.XStateDeviceAction{makeStateMachine(i){const{deviceAuth:n,keypairAuth:r,getTrustchain:a,extractEncryptionKey:d}=this.extractDependencies(i);return(0,c.setup)({types:{input:{},context:{},output:{}},actors:{openAppStateMachine:new o.OpenAppDeviceAction({input:{appName:D}}).makeStateMachine(i),deviceAuth:(0,c.fromPromise)(n),keypairAuth:(0,c.fromPromise)(r),getTrustchain:(0,c.fromPromise)(a),addToTrustchainStateMachine:new S.AddToTrustchainDeviceAction({input:(0,s.Left)(new A.LKRPMissingDataError("Missing input for GetEncryptionKey"))}).makeStateMachine(i),extractEncryptionKey:(0,c.fromPromise)(d)},actions:{assignErrorFromEvent:(0,h.raiseAndAssign)(({event:t})=>(0,s.Left)(new o.UnknownDAError(String(t.error))))},guards:{hasNoTrustchainId:({context:t})=>!t.input.trustchainId,hasNoJwt:({context:t})=>!t.input.jwt,isTrustchainMember:({context:t})=>t._internalState.toMaybe().map(e=>e.wasAddedToTrustchain||e.applicationStream?.hasMember(t.input.keypair.pubKeyToHex())).extract()??!1}}).createMachine({id:"AuthenticateDeviceAction",context:({input:t})=>({input:t,intermediateValue:{requiredUserInteraction:o.UserInteractionRequired.None},_internalState:(0,s.Right)({trustchainId:null,jwt:null,trustchain:null,applicationStream:null,encryptionKey:null,wasAddedToTrustchain:!1})}),initial:"CheckCredentials",states:{CheckCredentials:{always:[{target:"DeviceAuth",guard:"hasNoTrustchainId"},{target:"KeypairAuth",guard:"hasNoJwt"},{target:"GetTrustchain"}]},KeypairAuth:{on:{success:"GetTrustchain",invalidCredentials:"DeviceAuth",error:"Error"},invoke:{id:"keypairAuth",src:"keypairAuth",input:({context:t})=>({lkrpDataSource:t.input.lkrpDataSource,keypair:t.input.keypair,trustchainId:(0,u.required)(t.input.trustchainId,"Missing Trustchain ID in the input")}),onError:{actions:"assignErrorFromEvent"},onDone:{actions:(0,h.raiseAndAssign)(({event:t})=>t.output.map(({jwt:e})=>({raise:"success",assign:{jwt:e}})).chainLeft(e=>e instanceof A.LKRPUnauthorizedError?(0,s.Right)({raise:"invalidCredentials"}):(0,s.Left)(e)))}}},DeviceAuth:{on:{success:"GetTrustchain",error:"Error"},initial:"OpenApp",states:{OpenApp:{on:{success:"Auth"},invoke:{id:"openApp",src:"openAppStateMachine",input:{appName:D},onError:{actions:"assignErrorFromEvent"},onDone:{actions:(0,h.raiseAndAssign)(({event:t})=>t.output.map(()=>({raise:"success"})))}}},Auth:{entry:(0,c.assign)({intermediateValue:{requiredUserInteraction:"connect-ledger-sync"}}),exit:(0,c.assign)({intermediateValue:{requiredUserInteraction:o.UserInteractionRequired.None}}),invoke:{id:"deviceAuth",src:"deviceAuth",input:({context:t})=>t.input,onError:{actions:"assignErrorFromEvent"},onDone:{actions:(0,h.raiseAndAssign)(({event:t})=>t.output.chain(e=>e.trustchainId.caseOf({Nothing:()=>(0,s.Left)(new A.LKRPUnhandledState("The trustchain is empty")),Just:l=>(0,s.Right)({raise:"success",assign:{jwt:e.jwt,trustchainId:l}})})))}}}}},GetTrustchain:{on:{success:"CheckIsMembers",invalidCredentials:"KeypairAuth",error:"Error"},invoke:{id:"getTrustchain",src:"getTrustchain",input:({context:t})=>t._internalState.chain(e=>(0,m.eitherSeqRecord)({lkrpDataSource:t.input.lkrpDataSource,applicationId:t.input.applicationId,trustchainId:()=>(0,u.required)(e.trustchainId??t.input.trustchainId,"Missing Trustchain ID in the input for GetTrustchain"),jwt:()=>(0,u.required)(e.jwt??t.input.jwt,"Missing JWT in the input for GetTrustchain")})),onError:{actions:"assignErrorFromEvent"},onDone:{actions:(0,h.raiseAndAssign)(({event:t})=>t.output.map(({trustchain:e,applicationStream:l})=>({raise:"success",assign:{trustchain:e,applicationStream:l}})))}}},CheckIsMembers:{always:[{target:"ExtractEncryptionKey",guard:"isTrustchainMember"},{target:"AddToTrustchain"}]},AddToTrustchain:{on:{success:"GetTrustchain",error:"Error"},invoke:{id:"AddToTrustchain",src:"addToTrustchainStateMachine",input:({context:t})=>t._internalState.mapLeft(()=>new A.LKRPMissingDataError("Missing data in the input for AddToTrustchain")).chain(e=>(0,m.eitherSeqRecord)({lkrpDataSource:t.input.lkrpDataSource,keypair:t.input.keypair,clientName:t.input.clientName,permissions:t.input.permissions,jwt:()=>(0,u.required)(e.jwt??t.input.jwt,"Missing JWT in the input for AddToTrustchain"),trustchainId:()=>(0,u.required)(e.trustchainId??t.input.trustchainId,"Missing Trustchain ID in the input for GetTrustchain"),trustchain:()=>(0,u.required)(e.trustchain,"Missing Trustchain in the input for AddToTrustchain"),applicationStream:()=>(0,u.required)(e.applicationStream,"Missing application stream in the input for AddToTrustchain")})),onError:{actions:"assignErrorFromEvent"},onDone:{actions:(0,h.raiseAndAssign)(({event:t})=>t.output.map(()=>({raise:"success",assign:{wasAddedToTrustchain:!0}})))}}},ExtractEncryptionKey:{on:{success:"Success",error:"Error"},invoke:{id:"ExtractEncryptionKey",src:"extractEncryptionKey",input:({context:t})=>t._internalState.chain(e=>(0,u.required)(e.applicationStream,"Missing application stream").map(l=>({applicationStream:l,keypair:t.input.keypair}))),onError:{actions:"assignErrorFromEvent"},onDone:{actions:(0,h.raiseAndAssign)(({event:t})=>t.output.map(e=>({raise:"success",assign:{encryptionKey:e}})))}}},Success:{type:"final"},Error:{type:"final"}},output:({context:t})=>t._internalState.chain(e=>(0,m.eitherSeqRecord)({trustchainId:()=>(0,u.required)(e.trustchainId??t.input.trustchainId,"Missing Trustchain ID in the output"),jwt:()=>(0,u.required)(e.jwt??t.input.jwt,"Missing JWT in the output"),applicationPath:()=>(0,u.required)(e.applicationStream?.getPath().extract(),"Missing application path in the output"),encryptionKey:()=>(0,u.required)(e.encryptionKey,"Missing encryption key in the output")}))})}extractDependencies(i){return{deviceAuth:n=>this.auth(n.input.lkrpDataSource,new g.SignChallengeWithDeviceTask(i)).run(),keypairAuth:n=>{const{lkrpDataSource:r,keypair:a}=n.input;return s.EitherAsync.liftEither(n.input.trustchainId).chain(d=>this.auth(r,new T.SignChallengeWithKeypairTask(a,d))).run()},getTrustchain:n=>s.EitherAsync.liftEither(n.input).chain(({applicationId:r,lkrpDataSource:a,trustchainId:d,jwt:t})=>a.getTrustchainById(d,t).map(e=>({trustchain:e,applicationStream:e[`m/${r}'`]??E.LKRPBlockStream.fromPath(`m/0'/${r}'/0'`)}))).run(),extractEncryptionKey:async n=>Promise.resolve(n.input.chain(({applicationStream:r,keypair:a})=>r.getPublishedKey(a).toEither(new o.UnknownDAError("There is no encryption key for the current member in the application stream."))).map(r=>r.privateKey))}}auth(i,n){return i.getChallenge().chain(r=>n.run(r)).chain(r=>i.authenticate(r))}}0&&(module.exports={AuthenticateDeviceAction});
2
2
  //# sourceMappingURL=AuthenticateDeviceAction.js.map
package/lib/cjs/internal/app-binder/device-action/AuthenticateDeviceAction.js.map CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "version": 3,
3
3
  "sources": ["../../../../../src/internal/app-binder/device-action/AuthenticateDeviceAction.ts"],
4
- "sourcesContent": ["import {\n type DeviceActionStateMachine,\n type InternalApi,\n OpenAppDeviceAction,\n type StateMachineTypes,\n UserInteractionRequired,\n XStateDeviceAction,\n} from \"@ledgerhq/device-management-kit\";\nimport { type Either, EitherAsync, Left, Right } from \"purify-ts\";\nimport { assign, fromPromise, setup } from \"xstate\";\n\nimport {\n type AuthenticateDAError,\n type AuthenticateDAInput,\n type AuthenticateDAIntermediateValue,\n type AuthenticateDAInternalState,\n type AuthenticateDAOutput,\n} from \"@api/app-binder/AuthenticateDeviceActionTypes\";\nimport {\n LKRPDataSourceError,\n LKRPMissingDataError,\n LKRPTrustchainNotReady,\n LKRPUnauthorizedError,\n LKRPUnknownError,\n} from \"@api/app-binder/Errors\";\nimport { type Keypair } from \"@api/app-binder/LKRPTypes\";\nimport { type JWT } from \"@api/index\";\nimport { SignChallengeWithDeviceTask } from \"@internal/app-binder/task/SignChallengeWithDeviceTask\";\nimport { SignChallengeWithKeypairTask } from \"@internal/app-binder/task/SignChallengeWithKeypairTask\";\nimport {\n type AuthenticationPayload,\n type Challenge,\n type LKRPDataSource,\n} from \"@internal/lkrp-datasource/data/LKRPDataSource\";\nimport { eitherSeqRecord } from \"@internal/utils/eitherSeqRecord\";\nimport { LKRPBlockStream } from \"@internal/utils/LKRPBlockStream\";\nimport { required } from \"@internal/utils/required\";\n\nimport { raiseAndAssign } from \"./utils/raiseAndAssign\";\nimport { AddToTrustchainDeviceAction } from \"./AddToTrustchainDeviceAction\";\n\nconst APP_NAME = \"Ledger Sync\";\n\nexport class AuthenticateDeviceAction extends XStateDeviceAction<\n AuthenticateDAOutput,\n AuthenticateDAInput,\n AuthenticateDAError,\n AuthenticateDAIntermediateValue,\n AuthenticateDAInternalState\n> {\n makeStateMachine(\n internalApi: InternalApi,\n ): DeviceActionStateMachine<\n AuthenticateDAOutput,\n AuthenticateDAInput,\n AuthenticateDAError,\n AuthenticateDAIntermediateValue,\n AuthenticateDAInternalState\n > {\n type types = StateMachineTypes<\n AuthenticateDAOutput,\n AuthenticateDAInput,\n AuthenticateDAError,\n AuthenticateDAIntermediateValue,\n AuthenticateDAInternalState\n >;\n\n const { deviceAuth, keypairAuth, getTrustchain, extractEncryptionKey } =\n this.extractDependencies(internalApi);\n\n return setup({\n types: {\n input: {} as types[\"input\"],\n context: {} as types[\"context\"],\n output: {} as types[\"output\"],\n },\n\n actors: {\n openAppStateMachine: new OpenAppDeviceAction({\n input: { appName: APP_NAME },\n }).makeStateMachine(internalApi),\n\n deviceAuth: fromPromise(deviceAuth),\n keypairAuth: fromPromise(keypairAuth),\n\n getTrustchain: fromPromise(getTrustchain),\n\n addToTrustchainStateMachine: new AddToTrustchainDeviceAction({\n input: Left(\n new LKRPMissingDataError(\"Missing input for GetEncryptionKey\"),\n ),\n }).makeStateMachine(internalApi),\n\n extractEncryptionKey: fromPromise(extractEncryptionKey),\n },\n\n actions: {\n assignErrorFromEvent: raiseAndAssign(\n ({ event }) =>\n Left(\n new LKRPUnknownError(\n String((event as { error?: unknown }).error),\n ),\n ), // NOTE: it should never happen, the error is not typed anymore here\n ),\n },\n\n guards: {\n hasNoTrustchainId: ({ context }) => !context.input.trustchainId,\n isTrustchainMember: ({ context }) =>\n context._internalState\n .toMaybe()\n .map(\n (state) =>\n state.wasAddedToTrustchain ||\n state.applicationStream?.hasMember(\n context.input.keypair.pubKeyToHex(),\n ),\n )\n .extract() ?? false,\n },\n }).createMachine({\n /** @xstate-layout N4IgpgJg5mDOIC5QEECuAXAFmAduglgMYCG6YAImAG5FjKEED2OAdAMLaEDWbATpLgLEANrADEAbQAMAXUSgADo1j4mOeSAAeiAMxSALC30BOHfoDsAJinGAHADYp94wBoQAT0QBaAKwsf9lYBAIzB9jrm5vr6OgC+sW5oWIJEpBTUtPRq7Jw8-BApIuISwXJIIEoqahraCDrBOizG+pb2tq06PlJStvo+bp4IPsZSLBHBprZWnVI+tvGJGNh4qWSUNIR0DPjMOWDcfAIrRZKWZYrKqjvq5bU6lsZGkb0Rsz1TOgOII34+oebGQJmOytBYgJLLAgkNYZTZZa4sADSYHcCmI+F4ELEEGYYBY+BwVEYXDxJNR6MxS2k5wql2qt0Q9miLEsJh8lmewWGrK+Q30wSMOk61k6OjaLTBEJS0PSGy22WR5IxWLAvF4jF4LAUwlIADMNQBbFhktHKqmyDSVK7MGqM+r+Fr6WyA8xM2zBSy86LmJq2Axi-T2YZTQGSpbStLrTLbXaK02UrBiWCoQibWCwamWunXW0IYw+H2BVmWOa2MxScy88xSAXmYJlh5CiYBYxh5IrGVRuEx1hxilYglUET4CCHArHUSZ8pW+mgWrO0b8-kPYyWDkxfS8gujWb2Cb3fmRAxtyGrWXRhUo+MqtUaqcXKo5hl55xNMzBCyzZp9TceRl-FhHCcHo11aKIfBPCMYTleFdi7OgliTFM0wzC1p2zG1nw9fRRmaRwTDXcIuk9P8EEDUZzB0fNLGCOtzB8LpWwScFww7SNYXlBF4JvdVeHvWlH0wudEA-GwjFomsDBsHDPlIj9DFsdkAldZ4WhLSC2Ogi8uI4iEWAAeQUXBkAUBRsVxfFCWJPFGCMnATIUfiZyfYSEHsIMmkiB4PUsCJ3RIwZaMaBouVdFoqJ8Cx5mYqVNPPbtsm4pYDLshyxFVXitR1dB9V4I1bOM0ynIwm5XKZQwGMi3yzHuBsq0eQJehsCZFNdCYNKhdiYJ7FgkqwFLCrM5NUzgVCaWcoStG+MIWArYIDF6BiPzaXkHgq3o2qZSxFLiGLWM6rSEp0mDkqxHEcDxQdrJYAoTqwYrBNKqaEHm0wWHaLoJnMP12nCXl61sFkPymAJulscHAw6s9uJ6vrMBYHiNSyvVDRu3TzXGkrc3mgExmMBoTBGIifFkwZmhYNrqzLejGLsKHO10nqAHEwHQAAVXhUFgdBCEwdEcHMi7LKJEkWBgdnOe53n+Ye60ntqBoAPc4wrHCewaO+gLEHdAVqbaJwwmaXbFnbA74s43YWYlrmeb5gl0tvTVtRRvKxdZjmbelglZdnZ6CYq-MLDMaIpAefpSLrPwehsBxqw9Tp6a67TLfdyXbf5pCRvTH2XL9gI-HoktXv5aTeVMRpJidZ0HgrGxE8Oi3WCtj2pbtgXB2HUd8kKSc0IfOXc3CQHKJ0Z0zHV9oJl5BwKOmesbGLMt6-N2Cm9Tz224d3ic8mhWTEBlpXWaKQxXaepeSDAUgLaEsZnm42WNN6HGeyDh9i4ABJWAAFkwANAAjVU4h8CwAAAQGj-oAvifcBIDywmPQC3RPx6Eos4Um3wVbvX9A8QIPRL7Lxhq-XIX9f4AKAWIEBoCcCMHQOAyBqod7yxEiGCmykGjuiApRMuvkjABFHv5eoJgCEvwRG-bgJD6G8HEBlO8MCJpMJeuBd6Jh1azDDs4C+Stug3xJp9E+wjurZGQBACAbNGAt3Tvbc6l0rKi2MaY8xacvY4EYbmGizoxjemMCMU+oRbD1UaM6J0dg5jxwfrFM2hCET2LMRY5xW8kbOxyqjGJjiN4yzkVjZ8NERizQ9ACVohF6JVgMLNIC3R6glimJYAxydWCpLiZvYaKFXHZL6IDPQYRb4ODFKYMuHkIZ+iIt4qItSjq7AaU4zeMjoGY0em4z8-hwg0Vqg0E+v5Bjg0BmEP4gIzAPGsPYMZjcWAAFFNDoF4MQBgpycCEF4KiNQipM4tMyfM7JE93oAnaFMb6AJ0EvXWf4CswwIishPq6Y5q8zkXKuTcu5DyFBPJRAk2ZWZ3muVaDWFgH5lreL9Ixew-S-AQzrICE+phjxgmoQUeA5QInP0MbneRuY-Q4vmlMQIEwwiOErKRLw+Yxg0VLJEAGYpwn7UZXUvYBxu4Tjpf3X2Cttrsp6Cpbl7kKy8i8D6d0VgTA1lqvmJee0n4MyZbGK8-Yljorga5dkPoR7OnmkGCp4dBjhEeODTVjp2GzChbDdGWBbVKsQA6poq5Vzg1mO6fx-LdXCudN9dyJM6zRRNqec10q4YDXsqZENudagFj8N4g50bQlxsGByAUcwLAxCZOXMwAbEpBvhhCAtu8RIUtVWEPo4ryqrQcIBfWLRfpgWCM2hEzcpn8w7Qoj0DExj0XxSTcqAL8aLlHhYRwTJd1HNNZmpO4zWBiM-j-SRCrYGhpem0A+1gGw0VmH8d12tvFNACNEfMdZgIQQPVBFePVJnpIJHOtxu5ZpRBaiYLyGztZlgprRJNURVFNr-XFKJuxzmXOuegW59zHnXEVKBtpM0Qx7kog4RwHp-pAq6K6fW4rKL6EnbsAAyshUaxHMWuksEK9R312j4xo0KFkBYmQ7JGN0cwLHWCnMdlx56HJ6IshLNtcC3ogz9MMOECwxYnTAn3fEIAA */\n\n id: \"AuthenticateDeviceAction\",\n context: ({ input }): types[\"context\"] => ({\n input,\n intermediateValue: {\n requiredUserInteraction: UserInteractionRequired.None,\n },\n _internalState: Right({\n trustchainId: null,\n jwt: null,\n trustchain: null,\n applicationStream: null,\n encryptionKey: null,\n wasAddedToTrustchain: false,\n }),\n }),\n\n initial: \"CheckCredentials\",\n states: {\n CheckCredentials: {\n always: [\n { target: \"DeviceAuth\", guard: \"hasNoTrustchainId\" },\n { target: \"KeypairAuth\" },\n ],\n },\n\n KeypairAuth: {\n on: {\n success: \"GetTrustchain\",\n invalidCredentials: \"DeviceAuth\",\n error: \"Error\",\n },\n invoke: {\n id: \"keypairAuth\",\n src: \"keypairAuth\",\n input: ({ context }) => ({\n lkrpDataSource: context.input.lkrpDataSource,\n keypair: context.input.keypair,\n trustchainId: required(\n context.input.trustchainId,\n \"Missing Trustchain ID in the input\",\n ),\n }),\n onError: { actions: \"assignErrorFromEvent\" },\n onDone: {\n actions: raiseAndAssign(({ context, event }) =>\n event.output\n .map(({ jwt }) => ({ raise: \"success\", assign: { jwt } }))\n .mapLeft((error) =>\n error instanceof LKRPDataSourceError &&\n error.status === \"UNAUTHORIZED\"\n ? new LKRPUnauthorizedError(context.input.trustchainId)\n : error,\n ),\n ),\n },\n },\n },\n\n DeviceAuth: {\n on: { success: \"GetTrustchain\", error: \"Error\" },\n initial: \"OpenApp\",\n states: {\n OpenApp: {\n // TODO snapshot for intermediateValue\n on: { success: \"Auth\" },\n invoke: {\n id: \"openApp\",\n src: \"openAppStateMachine\",\n input: { appName: APP_NAME },\n onError: { actions: \"assignErrorFromEvent\" },\n onDone: {\n actions: raiseAndAssign(({ event }) =>\n event.output.map(() => ({ raise: \"success\" })),\n ),\n },\n },\n },\n\n Auth: {\n entry: assign({\n intermediateValue: {\n requiredUserInteraction: \"connect-ledger-sync\",\n },\n }),\n exit: assign({\n intermediateValue: {\n requiredUserInteraction: UserInteractionRequired.None,\n },\n }),\n invoke: {\n id: \"deviceAuth\",\n src: \"deviceAuth\",\n input: ({ context }) => context.input,\n onError: { actions: \"assignErrorFromEvent\" },\n onDone: {\n actions: raiseAndAssign(({ event }) =>\n event.output.chain((payload) =>\n payload.trustchainId.caseOf({\n Nothing: () => Left(new LKRPTrustchainNotReady()),\n Just: (trustchainId) =>\n Right({\n raise: \"success\",\n assign: { jwt: payload.jwt, trustchainId },\n }),\n }),\n ),\n ),\n },\n },\n },\n },\n },\n\n GetTrustchain: {\n on: {\n success: \"CheckIsMembers\",\n invalidCredentials: \"KeypairAuth\",\n error: \"Error\",\n },\n invoke: {\n id: \"getTrustchain\",\n src: \"getTrustchain\",\n input: ({ context }) =>\n context._internalState.chain((state) =>\n eitherSeqRecord({\n lkrpDataSource: context.input.lkrpDataSource,\n applicationId: context.input.applicationId,\n trustchainId: () =>\n required(\n state.trustchainId ?? context.input.trustchainId,\n \"Missing Trustchain ID for GetTrustchain\",\n ),\n jwt: () =>\n required(state.jwt, \"Missing JWT for GetTrustchain\"),\n }),\n ),\n onError: { actions: \"assignErrorFromEvent\" },\n onDone: {\n actions: raiseAndAssign(({ event }) =>\n event.output.map(({ trustchain, applicationStream }) => ({\n raise: \"success\",\n assign: { trustchain, applicationStream },\n })),\n ),\n },\n },\n },\n\n CheckIsMembers: {\n always: [\n { target: \"ExtractEncryptionKey\", guard: \"isTrustchainMember\" },\n { target: \"AddToTrustchain\" },\n ],\n },\n\n AddToTrustchain: {\n // TODO snapshot for intermediateValue\n on: {\n success: \"GetTrustchain\",\n error: \"Error\",\n },\n invoke: {\n id: \"AddToTrustchain\",\n src: \"addToTrustchainStateMachine\",\n input: ({ context }) =>\n context._internalState\n .mapLeft(\n () =>\n new LKRPMissingDataError(\n \"Missing data in the input for AddToTrustchain\",\n ),\n )\n .chain((state) =>\n eitherSeqRecord({\n lkrpDataSource: context.input.lkrpDataSource,\n keypair: context.input.keypair,\n clientName: context.input.clientName,\n permissions: context.input.permissions,\n jwt: () =>\n required(state.jwt, \"Missing JWT for AddToTrustchain\"),\n trustchainId: () =>\n required(\n state.trustchainId ?? context.input.trustchainId,\n \"Missing Trustchain ID for AddToTrustchain\",\n ),\n trustchain: () =>\n required(\n state.trustchain,\n \"Missing Trustchain for AddToTrustchain\",\n ),\n applicationStream: () =>\n required(\n state.applicationStream,\n \"Missing application stream for AddToTrustchain\",\n ),\n }),\n ),\n onError: { actions: \"assignErrorFromEvent\" },\n onDone: {\n actions: raiseAndAssign(({ event }) =>\n event.output.map(() => ({\n raise: \"success\",\n assign: { wasAddedToTrustchain: true },\n })),\n ),\n },\n },\n },\n\n ExtractEncryptionKey: {\n on: { success: \"Success\", error: \"Error\" },\n invoke: {\n id: \"ExtractEncryptionKey\",\n src: \"extractEncryptionKey\",\n input: ({ context }) =>\n context._internalState.chain((state) =>\n required(\n state.applicationStream,\n \"Missing application stream for ExtractEncryptionKey\",\n ).map((applicationStream) => ({\n applicationStream,\n keypair: context.input.keypair,\n })),\n ),\n onError: { actions: \"assignErrorFromEvent\" },\n onDone: {\n actions: raiseAndAssign(({ event }) =>\n event.output.map((encryptionKey) => ({\n raise: \"success\",\n assign: { encryptionKey },\n })),\n ),\n },\n },\n },\n\n Success: { type: \"final\" },\n\n Error: { type: \"final\" },\n },\n\n output: ({ context }) =>\n context._internalState.chain((state) =>\n eitherSeqRecord({\n trustchainId: () =>\n required(\n state.trustchainId ?? context.input.trustchainId,\n \"Missing Trustchain ID in the output\",\n ),\n jwt: () => required(state.jwt, \"Missing JWT in the output\"),\n applicationPath: () =>\n required(\n state.applicationStream?.getPath().extract(),\n \"Missing application path in the output\",\n ),\n encryptionKey: () =>\n required(\n state.encryptionKey,\n \"Missing encryption key in the output\",\n ),\n }),\n ),\n });\n }\n\n extractDependencies(internalApi: InternalApi) {\n return {\n deviceAuth: (args: { input: { lkrpDataSource: LKRPDataSource } }) =>\n this.auth(\n args.input.lkrpDataSource,\n new SignChallengeWithDeviceTask(internalApi),\n ).run(),\n\n keypairAuth: (args: {\n input: Pick<AuthenticateDAInput, \"lkrpDataSource\" | \"keypair\"> & {\n trustchainId: Either<LKRPMissingDataError, string>;\n };\n }) => {\n const { lkrpDataSource, keypair } = args.input;\n return EitherAsync.liftEither(args.input.trustchainId)\n .chain((trustchainId) =>\n this.auth(\n lkrpDataSource,\n new SignChallengeWithKeypairTask(keypair, trustchainId),\n ),\n )\n .run();\n },\n\n getTrustchain: (args: {\n input: Either<\n AuthenticateDAError,\n {\n applicationId: number;\n lkrpDataSource: LKRPDataSource;\n trustchainId: string;\n jwt: JWT;\n }\n >;\n }) =>\n EitherAsync.liftEither(args.input)\n .chain(({ applicationId, lkrpDataSource, trustchainId, jwt }) =>\n lkrpDataSource\n .getTrustchainById(trustchainId, jwt)\n .map((trustchain) => ({\n trustchain,\n applicationStream:\n trustchain[`m/${applicationId}'`] ??\n LKRPBlockStream.fromPath(`m/0'/${applicationId}'/0'`),\n })),\n )\n .run(),\n\n extractEncryptionKey: async (args: {\n input: Either<\n AuthenticateDAError,\n {\n applicationStream: LKRPBlockStream;\n keypair: Keypair;\n }\n >;\n }) => {\n // TODO additional derivations should be supported:\n // https://github.com/LedgerHQ/ledger-live/blob/develop/libs/hw-ledger-key-ring-protocol/src/Device.ts#L216...L226\n // Probably not needed for Ledger Sync\n return Promise.resolve(\n args.input\n .chain(({ applicationStream, keypair }) =>\n applicationStream\n .getPublishedKey(keypair)\n .toEither(\n new LKRPUnknownError(\n \"There is no encryption key for the current member in the application stream.\",\n ),\n ),\n )\n .map((key) => key.privateKey),\n );\n },\n };\n }\n\n private auth(\n lkrpDataSource: LKRPDataSource,\n signerTask: {\n run: (\n challenge: Challenge,\n ) => PromiseLike<Either<AuthenticateDAError, AuthenticationPayload>>;\n },\n ) {\n return lkrpDataSource\n .getChallenge()\n .chain((challenge) => signerTask.run(challenge))\n .chain((payload) => lkrpDataSource.authenticate(payload));\n }\n}\n"],
5
- "mappings": "yaAAA,IAAAA,EAAA,GAAAC,EAAAD,EAAA,8BAAAE,IAAA,eAAAC,EAAAH,GAAA,IAAAI,EAOO,2CACPC,EAAsD,qBACtDC,EAA2C,kBAS3CC,EAMO,kCAGPC,EAA4C,iEAC5CC,EAA6C,kEAM7CC,EAAgC,2CAChCC,EAAgC,2CAChCC,EAAyB,oCAEzBC,EAA+B,kCAC/BC,EAA4C,yCAE5C,MAAMC,EAAW,cAEV,MAAMb,UAAiC,oBAM5C,CACA,iBACEc,EAOA,CASA,KAAM,CAAE,WAAAC,EAAY,YAAAC,EAAa,cAAAC,EAAe,qBAAAC,CAAqB,EACnE,KAAK,oBAAoBJ,CAAW,EAEtC,SAAO,SAAM,CACX,MAAO,CACL,MAAO,CAAC,EACR,QAAS,CAAC,EACV,OAAQ,CAAC,CACX,EAEA,OAAQ,CACN,oBAAqB,IAAI,sBAAoB,CAC3C,MAAO,CAAE,QAASD,CAAS,CAC7B,CAAC,EAAE,iBAAiBC,CAAW,EAE/B,cAAY,eAAYC,CAAU,EAClC,eAAa,eAAYC,CAAW,EAEpC,iBAAe,eAAYC,CAAa,EAExC,4BAA6B,IAAI,8BAA4B,CAC3D,SAAO,QACL,IAAI,uBAAqB,oCAAoC,CAC/D,CACF,CAAC,EAAE,iBAAiBH,CAAW,EAE/B,wBAAsB,eAAYI,CAAoB,CACxD,EAEA,QAAS,CACP,wBAAsB,kBACpB,CAAC,CAAE,MAAAC,CAAM,OACP,QACE,IAAI,mBACF,OAAQA,EAA8B,KAAK,CAC7C,CACF,CACJ,CACF,EAEA,OAAQ,CACN,kBAAmB,CAAC,CAAE,QAAAC,CAAQ,IAAM,CAACA,EAAQ,MAAM,aACnD,mBAAoB,CAAC,CAAE,QAAAA,CAAQ,IAC7BA,EAAQ,eACL,QAAQ,EACR,IACEC,GACCA,EAAM,sBACNA,EAAM,mBAAmB,UACvBD,EAAQ,MAAM,QAAQ,YAAY,CACpC,CACJ,EACC,QAAQ,GAAK,EACpB,CACF,CAAC,EAAE,cAAc,CAGf,GAAI,2BACJ,QAAS,CAAC,CAAE,MAAAE,CAAM,KAAyB,CACzC,MAAAA,EACA,kBAAmB,CACjB,wBAAyB,0BAAwB,IACnD,EACA,kBAAgB,SAAM,CACpB,aAAc,KACd,IAAK,KACL,WAAY,KACZ,kBAAmB,KACnB,cAAe,KACf,qBAAsB,EACxB,CAAC,CACH,GAEA,QAAS,mBACT,OAAQ,CACN,iBAAkB,CAChB,OAAQ,CACN,CAAE,OAAQ,aAAc,MAAO,mBAAoB,EACnD,CAAE,OAAQ,aAAc,CAC1B,CACF,EAEA,YAAa,CACX,GAAI,CACF,QAAS,gBACT,mBAAoB,aACpB,MAAO,OACT,EACA,OAAQ,CACN,GAAI,cACJ,IAAK,cACL,MAAO,CAAC,CAAE,QAAAF,CAAQ,KAAO,CACvB,eAAgBA,EAAQ,MAAM,eAC9B,QAASA,EAAQ,MAAM,QACvB,gBAAc,YACZA,EAAQ,MAAM,aACd,oCACF,CACF,GACA,QAAS,CAAE,QAAS,sBAAuB,EAC3C,OAAQ,CACN,WAAS,kBAAe,CAAC,CAAE,QAAAA,EAAS,MAAAD,CAAM,IACxCA,EAAM,OACH,IAAI,CAAC,CAAE,IAAAI,CAAI,KAAO,CAAE,MAAO,UAAW,OAAQ,CAAE,IAAAA,CAAI,CAAE,EAAE,EACxD,QAASC,GACRA,aAAiB,uBACjBA,EAAM,SAAW,eACb,IAAI,wBAAsBJ,EAAQ,MAAM,YAAY,EACpDI,CACN,CACJ,CACF,CACF,CACF,EAEA,WAAY,CACV,GAAI,CAAE,QAAS,gBAAiB,MAAO,OAAQ,EAC/C,QAAS,UACT,OAAQ,CACN,QAAS,CAEP,GAAI,CAAE,QAAS,MAAO,EACtB,OAAQ,CACN,GAAI,UACJ,IAAK,sBACL,MAAO,CAAE,QAASX,CAAS,EAC3B,QAAS,CAAE,QAAS,sBAAuB,EAC3C,OAAQ,CACN,WAAS,kBAAe,CAAC,CAAE,MAAAM,CAAM,IAC/BA,EAAM,OAAO,IAAI,KAAO,CAAE,MAAO,SAAU,EAAE,CAC/C,CACF,CACF,CACF,EAEA,KAAM,CACJ,SAAO,UAAO,CACZ,kBAAmB,CACjB,wBAAyB,qBAC3B,CACF,CAAC,EACD,QAAM,UAAO,CACX,kBAAmB,CACjB,wBAAyB,0BAAwB,IACnD,CACF,CAAC,EACD,OAAQ,CACN,GAAI,aACJ,IAAK,aACL,MAAO,CAAC,CAAE,QAAAC,CAAQ,IAAMA,EAAQ,MAChC,QAAS,CAAE,QAAS,sBAAuB,EAC3C,OAAQ,CACN,WAAS,kBAAe,CAAC,CAAE,MAAAD,CAAM,IAC/BA,EAAM,OAAO,MAAOM,GAClBA,EAAQ,aAAa,OAAO,CAC1B,QAAS,OAAM,QAAK,IAAI,wBAAwB,EAChD,KAAOC,MACL,SAAM,CACJ,MAAO,UACP,OAAQ,CAAE,IAAKD,EAAQ,IAAK,aAAAC,CAAa,CAC3C,CAAC,CACL,CAAC,CACH,CACF,CACF,CACF,CACF,CACF,CACF,EAEA,cAAe,CACb,GAAI,CACF,QAAS,iBACT,mBAAoB,cACpB,MAAO,OACT,EACA,OAAQ,CACN,GAAI,gBACJ,IAAK,gBACL,MAAO,CAAC,CAAE,QAAAN,CAAQ,IAChBA,EAAQ,eAAe,MAAOC,MAC5B,mBAAgB,CACd,eAAgBD,EAAQ,MAAM,eAC9B,cAAeA,EAAQ,MAAM,cAC7B,aAAc,OACZ,YACEC,EAAM,cAAgBD,EAAQ,MAAM,aACpC,yCACF,EACF,IAAK,OACH,YAASC,EAAM,IAAK,+BAA+B,CACvD,CAAC,CACH,EACF,QAAS,CAAE,QAAS,sBAAuB,EAC3C,OAAQ,CACN,WAAS,kBAAe,CAAC,CAAE,MAAAF,CAAM,IAC/BA,EAAM,OAAO,IAAI,CAAC,CAAE,WAAAQ,EAAY,kBAAAC,CAAkB,KAAO,CACvD,MAAO,UACP,OAAQ,CAAE,WAAAD,EAAY,kBAAAC,CAAkB,CAC1C,EAAE,CACJ,CACF,CACF,CACF,EAEA,eAAgB,CACd,OAAQ,CACN,CAAE,OAAQ,uBAAwB,MAAO,oBAAqB,EAC9D,CAAE,OAAQ,iBAAkB,CAC9B,CACF,EAEA,gBAAiB,CAEf,GAAI,CACF,QAAS,gBACT,MAAO,OACT,EACA,OAAQ,CACN,GAAI,kBACJ,IAAK,8BACL,MAAO,CAAC,CAAE,QAAAR,CAAQ,IAChBA,EAAQ,eACL,QACC,IACE,IAAI,uBACF,+CACF,CACJ,EACC,MAAOC,MACN,mBAAgB,CACd,eAAgBD,EAAQ,MAAM,eAC9B,QAASA,EAAQ,MAAM,QACvB,WAAYA,EAAQ,MAAM,WAC1B,YAAaA,EAAQ,MAAM,YAC3B,IAAK,OACH,YAASC,EAAM,IAAK,iCAAiC,EACvD,aAAc,OACZ,YACEA,EAAM,cAAgBD,EAAQ,MAAM,aACpC,2CACF,EACF,WAAY,OACV,YACEC,EAAM,WACN,wCACF,EACF,kBAAmB,OACjB,YACEA,EAAM,kBACN,gDACF,CACJ,CAAC,CACH,EACJ,QAAS,CAAE,QAAS,sBAAuB,EAC3C,OAAQ,CACN,WAAS,kBAAe,CAAC,CAAE,MAAAF,CAAM,IAC/BA,EAAM,OAAO,IAAI,KAAO,CACtB,MAAO,UACP,OAAQ,CAAE,qBAAsB,EAAK,CACvC,EAAE,CACJ,CACF,CACF,CACF,EAEA,qBAAsB,CACpB,GAAI,CAAE,QAAS,UAAW,MAAO,OAAQ,EACzC,OAAQ,CACN,GAAI,uBACJ,IAAK,uBACL,MAAO,CAAC,CAAE,QAAAC,CAAQ,IAChBA,EAAQ,eAAe,MAAOC,MAC5B,YACEA,EAAM,kBACN,qDACF,EAAE,IAAKO,IAAuB,CAC5B,kBAAAA,EACA,QAASR,EAAQ,MAAM,OACzB,EAAE,CACJ,EACF,QAAS,CAAE,QAAS,sBAAuB,EAC3C,OAAQ,CACN,WAAS,kBAAe,CAAC,CAAE,MAAAD,CAAM,IAC/BA,EAAM,OAAO,IAAKU,IAAmB,CACnC,MAAO,UACP,OAAQ,CAAE,cAAAA,CAAc,CAC1B,EAAE,CACJ,CACF,CACF,CACF,EAEA,QAAS,CAAE,KAAM,OAAQ,EAEzB,MAAO,CAAE,KAAM,OAAQ,CACzB,EAEA,OAAQ,CAAC,CAAE,QAAAT,CAAQ,IACjBA,EAAQ,eAAe,MAAOC,MAC5B,mBAAgB,CACd,aAAc,OACZ,YACEA,EAAM,cAAgBD,EAAQ,MAAM,aACpC,qCACF,EACF,IAAK,OAAM,YAASC,EAAM,IAAK,2BAA2B,EAC1D,gBAAiB,OACf,YACEA,EAAM,mBAAmB,QAAQ,EAAE,QAAQ,EAC3C,wCACF,EACF,cAAe,OACb,YACEA,EAAM,cACN,sCACF,CACJ,CAAC,CACH,CACJ,CAAC,CACH,CAEA,oBAAoBP,EAA0B,CAC5C,MAAO,CACL,WAAagB,GACX,KAAK,KACHA,EAAK,MAAM,eACX,IAAI,8BAA4BhB,CAAW,CAC7C,EAAE,IAAI,EAER,YAAcgB,GAIR,CACJ,KAAM,CAAE,eAAAC,EAAgB,QAAAC,CAAQ,EAAIF,EAAK,MACzC,OAAO,cAAY,WAAWA,EAAK,MAAM,YAAY,EAClD,MAAOJ,GACN,KAAK,KACHK,EACA,IAAI,+BAA6BC,EAASN,CAAY,CACxD,CACF,EACC,IAAI,CACT,EAEA,cAAgBI,GAWd,cAAY,WAAWA,EAAK,KAAK,EAC9B,MAAM,CAAC,CAAE,cAAAG,EAAe,eAAAF,EAAgB,aAAAL,EAAc,IAAAH,CAAI,IACzDQ,EACG,kBAAkBL,EAAcH,CAAG,EACnC,IAAKI,IAAgB,CACpB,WAAAA,EACA,kBACEA,EAAW,KAAKM,CAAa,GAAG,GAChC,kBAAgB,SAAS,QAAQA,CAAa,MAAM,CACxD,EAAE,CACN,EACC,IAAI,EAET,qBAAsB,MAAOH,GAYpB,QAAQ,QACbA,EAAK,MACF,MAAM,CAAC,CAAE,kBAAAF,EAAmB,QAAAI,CAAQ,IACnCJ,EACG,gBAAgBI,CAAO,EACvB,SACC,IAAI,mBACF,8EACF,CACF,CACJ,EACC,IAAKE,GAAQA,EAAI,UAAU,CAChC,CAEJ,CACF,CAEQ,KACNH,EACAI,EAKA,CACA,OAAOJ,EACJ,aAAa,EACb,MAAOK,GAAcD,EAAW,IAAIC,CAAS,CAAC,EAC9C,MAAOX,GAAYM,EAAe,aAAaN,CAAO,CAAC,CAC5D,CACF",
4
+ "sourcesContent": ["import {\n type DeviceActionStateMachine,\n type InternalApi,\n OpenAppDeviceAction,\n type StateMachineTypes,\n UnknownDAError,\n UserInteractionRequired,\n XStateDeviceAction,\n} from \"@ledgerhq/device-management-kit\";\nimport { type Either, EitherAsync, Left, Right } from \"purify-ts\";\nimport { assign, fromPromise, setup } from \"xstate\";\n\nimport {\n type AuthenticateDAError,\n type AuthenticateDAInput,\n type AuthenticateDAIntermediateValue,\n type AuthenticateDAInternalState,\n type AuthenticateDAOutput,\n} from \"@api/app-binder/AuthenticateDeviceActionTypes\";\nimport {\n LKRPMissingDataError,\n LKRPUnauthorizedError,\n LKRPUnhandledState,\n} from \"@api/app-binder/Errors\";\nimport { type Keypair } from \"@api/app-binder/LKRPTypes\";\nimport { type JWT } from \"@api/index\";\nimport { SignChallengeWithDeviceTask } from \"@internal/app-binder/task/SignChallengeWithDeviceTask\";\nimport { SignChallengeWithKeypairTask } from \"@internal/app-binder/task/SignChallengeWithKeypairTask\";\nimport {\n type AuthenticationPayload,\n type Challenge,\n type LKRPDataSource,\n} from \"@internal/lkrp-datasource/data/LKRPDataSource\";\nimport { eitherSeqRecord } from \"@internal/utils/eitherSeqRecord\";\nimport { LKRPBlockStream } from \"@internal/utils/LKRPBlockStream\";\nimport { required } from \"@internal/utils/required\";\n\nimport { raiseAndAssign } from \"./utils/raiseAndAssign\";\nimport { AddToTrustchainDeviceAction } from \"./AddToTrustchainDeviceAction\";\n\nconst APP_NAME = \"Ledger Sync\";\n\nexport class AuthenticateDeviceAction extends XStateDeviceAction<\n AuthenticateDAOutput,\n AuthenticateDAInput,\n AuthenticateDAError,\n AuthenticateDAIntermediateValue,\n AuthenticateDAInternalState\n> {\n makeStateMachine(\n internalApi: InternalApi,\n ): DeviceActionStateMachine<\n AuthenticateDAOutput,\n AuthenticateDAInput,\n AuthenticateDAError,\n AuthenticateDAIntermediateValue,\n AuthenticateDAInternalState\n > {\n type types = StateMachineTypes<\n AuthenticateDAOutput,\n AuthenticateDAInput,\n AuthenticateDAError,\n AuthenticateDAIntermediateValue,\n AuthenticateDAInternalState\n >;\n\n const { deviceAuth, keypairAuth, getTrustchain, extractEncryptionKey } =\n this.extractDependencies(internalApi);\n\n return setup({\n types: {\n input: {} as types[\"input\"],\n context: {} as types[\"context\"],\n output: {} as types[\"output\"],\n },\n\n actors: {\n openAppStateMachine: new OpenAppDeviceAction({\n input: { appName: APP_NAME },\n }).makeStateMachine(internalApi),\n\n deviceAuth: fromPromise(deviceAuth),\n keypairAuth: fromPromise(keypairAuth),\n\n getTrustchain: fromPromise(getTrustchain),\n\n addToTrustchainStateMachine: new AddToTrustchainDeviceAction({\n input: Left(\n new LKRPMissingDataError(\"Missing input for GetEncryptionKey\"),\n ),\n }).makeStateMachine(internalApi),\n\n extractEncryptionKey: fromPromise(extractEncryptionKey),\n },\n\n actions: {\n assignErrorFromEvent: raiseAndAssign(\n ({ event }) =>\n Left(\n new UnknownDAError(String((event as { error?: unknown }).error)),\n ), // NOTE: it should never happen, the error is not typed anymore here\n ),\n },\n\n guards: {\n hasNoTrustchainId: ({ context }) => !context.input.trustchainId,\n hasNoJwt: ({ context }) => !context.input.jwt,\n isTrustchainMember: ({ context }) =>\n context._internalState\n .toMaybe()\n .map(\n (state) =>\n state.wasAddedToTrustchain ||\n state.applicationStream?.hasMember(\n context.input.keypair.pubKeyToHex(),\n ),\n )\n .extract() ?? false,\n },\n }).createMachine({\n /** @xstate-layout N4IgpgJg5mDOIC5QEECuAXAFmAduglgMYCG6YAImAG5FjKEED2OAdAMLaEDWbATpLgLEANrADEAbQAMAXUSgADo1j4mOeSAAeiAMxSALC30BOHfoDsAJinGAHADYp94wBoQAT0QBaAKwsf9lYBAIzB9jrm5vr6OgC+sW5oWIJEpBTUtPRq7Jw8-BApIuISwXJIIEoqahraCDrBOizG+pb2tq06PlJStvo+bp4IPsZSLBHBprZWnVI+tvGJGNh4qWSUNIR0DPjMOWDcfAIrRZKWZYrKqjvq5bU6lsZGkb0Rsz1TOgOII34+oebGQJmOytBYgJLLAgkNYZTZZa4sADSYHcCmI+F4ELEEGYYBY+BwVEYXDxJNR6MxS2k5wql2qt0Q9miLEsJh8lmewWGrK+Q30wSMOk61k6OjaLTBEJS0PSGy22WR5IxWLAvF4jF4LAUwlIADMNQBbFhktHKqmyDSVK7MGqM+r+Fr6WyA8xM2zBSy86LmJq2Axi-T2YZTQGSpbStLrTLbXaK02UrBiWCoQibWCwamWunXW0IYw+H2BVmWOa2MxScy88xSAXmYJlh5CiYBYxh5IrGVRuEx1hxilYglUET4CCHArHUSZ8pW+mgWrO0b8-kPYyWDkxfS8gujWb2Cb3fmRAxtyGrWXRhUo+MqtUaqcXKo5hl55xNMzBCyzZp9TceRl-FhHCcHo11aKIfBPCMYTleFdi7OgliTFM0wzC1p2zG1nw9fRRmaRwTDXcIuk9P8EEDUZzB0fNLGCOtzB8LpWwScFww7SNYXlBF4JvdVeHvWlH0wudEA-GwjFomsDBsHDPlIj9DFsdkAldZ4WhLSC2Ogi8uI4iEWAAeQUXBkAUBRsVxfFCWJPFGCMnATIUfiZyfYSEHsIMmkiB4PUsCJ3RIwZaMaBouVdFoqJ8Cx5mYqVNPPbtsm4pYDLshyxFVXitR1dB9V4I1bOM0ynIwm5XKZQwGMi3yzHuBsq0eQJehsCZFNdCYNKhdiYJ7FgkqwFLCrM5NUzgVCaWcoStG+MIWArYIDF6BiPzaXkHgq3o2qZSxFLiGLWM6rSEp0mDkqxHEcDxQdrJYAoTqwYrBNKqaEHm0wWHaLoJnMP12nCXl61sFkPymAJulscHAw6s9uJ6vrMBYHiNSyvVDRu3TzXGkrc3mgExmMBoTBGIifFkwZmhYNrqzLejGLsKHO10nqAHEwHQAAVXhUFgdBCEwdEcHMi7LKJEkWBgdnOe53n+Ye60ntqBoAPc4wrHCewaO+gLEHdAVqbaJwwmaXbFnbA74s43YWYlrmeb5gl0tvTVtRRvKxdZjmbelglZdnZ6CYq-MLDMaIpAefpSLrPwehsBxqw9Tp6a67TLfdyXbf5pCRvTH2XL9gI-HoktXv5aTeVMRpJidZ0HgrGxE8Oi3WCtj2pbtgXB2HUd8kKSc0IfOXc3CQHKJ0Z0zHV9oJl5BwKOmesbGLMt6-N2Cm9Tz224d3ic8mhWTEBlpXWaKQxXaepeSDAUgLaEsZnm42WNN6HGeyDh9i4ABJWAAFkwANAAjVU4h8CwAAAQGj-oAvifcBIDywmPQC3RPx6Eos4Um3wVbvX9A8QIPRL7Lxhq-XIX9f4AKAWIEBoCcCMHQOAyBqod7yxEiGCmykGjuiApRMuvkjABFHv5eoJgCEvwRG-bgJD6G8HEBlO8MCJpMJeuBd6Jh1azDDs4C+Stug3xJp9E+wjurZGQBACAbNGAt3Tvbc6l0rKi2MaY8xacvY4EYbmGizoxjemMCMU+oRbD1UaM6J0dg5jxwfrFM2hCET2LMRY5xW8kbOxyqjGJjiN4yzkVjZ8NERizQ9ACVohF6JVgMLNIC3R6glimJYAxydWCpLiZvYaKFXHZL6IDPQYRb4ODFKYMuHkIZ+iIt4qItSjq7AaU4zeMjoGY0em4z8-hwg0Vqg0E+v5Bjg0BmEP4gIzAPGsPYMZjcWAAFFNDoF4MQBgpycCEF4KiNQipM4tMyfM7JE93oAnaFMb6AJ0EvXWf4CswwIishPq6Y5q8zkXKuTcu5DyFBPJRAk2ZWZ3muVaDWFgH5lreL9Ixew-S-AQzrICE+phjxgmoQUeA5QInP0MbneRuY-Q4vmlMQIEwwiOErKRLw+Yxg0VLJEAGYpwn7UZXUvYBxu4Tjpf3X2Cttrsp6Cpbl7kKy8i8D6d0VgTA1lqvmJee0n4MyZbGK8-Yljorga5dkPoR7OnmkGCp4dBjhEeODTVjp2GzChbDdGWBbVKsQA6poq5Vzg1mO6fx-LdXCudN9dyJM6zRRNqec10q4YDXsqZENudagFj8N4g50bQlxsGByAUcwLAxCZOXMwAbEpBvhhCAtu8RIUtVWEPo4ryqrQcIBfWLRfpgWCM2hEzcpn8w7Qoj0DExj0XxSTcqAL8aLlHhYRwTJd1HNNZmpO4zWBiM-j-SRCrYGhpem0A+1gGw0VmH8d12tvFNACNEfMdZgIQQPVBFePVJnpIJHOtxu5ZpRBaiYLyGztZlgprRJNURVFNr-XFKJuxzmXOuegW59zHnXEVKBtpM0Qx7kog4RwHp-pAq6K6fW4rKL6EnbsAAyshUaxHMWuksEK9R312j4xo0KFkBYmQ7JGN0cwLHWCnMdlx56HJ6IshLNtcC3ogz9MMOECwxYnTAn3fEIAA */\n\n id: \"AuthenticateDeviceAction\",\n context: ({ input }): types[\"context\"] => ({\n input,\n intermediateValue: {\n requiredUserInteraction: UserInteractionRequired.None,\n },\n _internalState: Right({\n trustchainId: null,\n jwt: null,\n trustchain: null,\n applicationStream: null,\n encryptionKey: null,\n wasAddedToTrustchain: false,\n }),\n }),\n\n initial: \"CheckCredentials\",\n states: {\n CheckCredentials: {\n always: [\n { target: \"DeviceAuth\", guard: \"hasNoTrustchainId\" },\n { target: \"KeypairAuth\", guard: \"hasNoJwt\" },\n { target: \"GetTrustchain\" },\n ],\n },\n\n KeypairAuth: {\n on: {\n success: \"GetTrustchain\",\n invalidCredentials: \"DeviceAuth\",\n error: \"Error\",\n },\n invoke: {\n id: \"keypairAuth\",\n src: \"keypairAuth\",\n input: ({ context }) => ({\n lkrpDataSource: context.input.lkrpDataSource,\n keypair: context.input.keypair,\n trustchainId: required(\n context.input.trustchainId,\n \"Missing Trustchain ID in the input\",\n ),\n }),\n onError: { actions: \"assignErrorFromEvent\" },\n onDone: {\n actions: raiseAndAssign(({ event }) =>\n event.output\n .map(({ jwt }) => ({\n raise: \"success\",\n assign: { jwt },\n }))\n .chainLeft((error) =>\n error instanceof LKRPUnauthorizedError\n ? Right({ raise: \"invalidCredentials\" })\n : Left(error),\n ),\n ),\n },\n },\n },\n\n DeviceAuth: {\n on: { success: \"GetTrustchain\", error: \"Error\" },\n initial: \"OpenApp\",\n states: {\n OpenApp: {\n // TODO snapshot for intermediateValue\n on: { success: \"Auth\" },\n invoke: {\n id: \"openApp\",\n src: \"openAppStateMachine\",\n input: { appName: APP_NAME },\n onError: { actions: \"assignErrorFromEvent\" },\n onDone: {\n actions: raiseAndAssign(({ event }) =>\n event.output.map(() => ({ raise: \"success\" })),\n ),\n },\n },\n },\n\n Auth: {\n entry: assign({\n intermediateValue: {\n requiredUserInteraction: \"connect-ledger-sync\",\n },\n }),\n exit: assign({\n intermediateValue: {\n requiredUserInteraction: UserInteractionRequired.None,\n },\n }),\n invoke: {\n id: \"deviceAuth\",\n src: \"deviceAuth\",\n input: ({ context }) => context.input,\n onError: { actions: \"assignErrorFromEvent\" },\n onDone: {\n actions: raiseAndAssign(({ event }) =>\n event.output.chain((payload) =>\n payload.trustchainId.caseOf({\n Nothing: () =>\n Left(\n new LKRPUnhandledState(\"The trustchain is empty\"),\n ),\n Just: (trustchainId) =>\n Right({\n raise: \"success\",\n assign: { jwt: payload.jwt, trustchainId },\n }),\n }),\n ),\n ),\n },\n },\n },\n },\n },\n\n GetTrustchain: {\n on: {\n success: \"CheckIsMembers\",\n invalidCredentials: \"KeypairAuth\",\n error: \"Error\",\n },\n invoke: {\n id: \"getTrustchain\",\n src: \"getTrustchain\",\n input: ({ context }) =>\n context._internalState.chain((state) =>\n eitherSeqRecord({\n lkrpDataSource: context.input.lkrpDataSource,\n applicationId: context.input.applicationId,\n trustchainId: () =>\n required(\n state.trustchainId ?? context.input.trustchainId,\n \"Missing Trustchain ID in the input for GetTrustchain\",\n ),\n jwt: () =>\n required(\n state.jwt ?? context.input.jwt,\n \"Missing JWT in the input for GetTrustchain\",\n ),\n }),\n ),\n onError: { actions: \"assignErrorFromEvent\" },\n onDone: {\n actions: raiseAndAssign(({ event }) =>\n event.output.map(({ trustchain, applicationStream }) => ({\n raise: \"success\",\n assign: { trustchain, applicationStream },\n })),\n ),\n },\n },\n },\n\n CheckIsMembers: {\n always: [\n { target: \"ExtractEncryptionKey\", guard: \"isTrustchainMember\" },\n { target: \"AddToTrustchain\" },\n ],\n },\n\n AddToTrustchain: {\n // TODO snapshot for intermediateValue\n on: {\n success: \"GetTrustchain\",\n error: \"Error\",\n },\n invoke: {\n id: \"AddToTrustchain\",\n src: \"addToTrustchainStateMachine\",\n input: ({ context }) =>\n context._internalState\n .mapLeft(\n () =>\n new LKRPMissingDataError(\n \"Missing data in the input for AddToTrustchain\",\n ),\n )\n .chain((state) =>\n eitherSeqRecord({\n lkrpDataSource: context.input.lkrpDataSource,\n keypair: context.input.keypair,\n clientName: context.input.clientName,\n permissions: context.input.permissions,\n jwt: () =>\n required(\n state.jwt ?? context.input.jwt,\n \"Missing JWT in the input for AddToTrustchain\",\n ),\n trustchainId: () =>\n required(\n state.trustchainId ?? context.input.trustchainId,\n \"Missing Trustchain ID in the input for GetTrustchain\",\n ),\n trustchain: () =>\n required(\n state.trustchain,\n \"Missing Trustchain in the input for AddToTrustchain\",\n ),\n applicationStream: () =>\n required(\n state.applicationStream,\n \"Missing application stream in the input for AddToTrustchain\",\n ),\n }),\n ),\n onError: { actions: \"assignErrorFromEvent\" },\n onDone: {\n actions: raiseAndAssign(({ event }) =>\n event.output.map(() => ({\n raise: \"success\",\n assign: { wasAddedToTrustchain: true },\n })),\n ),\n },\n },\n },\n\n ExtractEncryptionKey: {\n on: { success: \"Success\", error: \"Error\" },\n invoke: {\n id: \"ExtractEncryptionKey\",\n src: \"extractEncryptionKey\",\n input: ({ context }) =>\n context._internalState.chain((state) =>\n required(\n state.applicationStream,\n \"Missing application stream\",\n ).map((applicationStream) => ({\n applicationStream,\n keypair: context.input.keypair,\n })),\n ),\n onError: { actions: \"assignErrorFromEvent\" },\n onDone: {\n actions: raiseAndAssign(({ event }) =>\n event.output.map((encryptionKey) => ({\n raise: \"success\",\n assign: { encryptionKey },\n })),\n ),\n },\n },\n },\n\n Success: { type: \"final\" },\n\n Error: { type: \"final\" },\n },\n\n output: ({ context }) =>\n context._internalState.chain((state) =>\n eitherSeqRecord({\n trustchainId: () =>\n required(\n state.trustchainId ?? context.input.trustchainId,\n \"Missing Trustchain ID in the output\",\n ),\n jwt: () =>\n required(\n state.jwt ?? context.input.jwt,\n \"Missing JWT in the output\",\n ),\n applicationPath: () =>\n required(\n state.applicationStream?.getPath().extract(),\n \"Missing application path in the output\",\n ),\n encryptionKey: () =>\n required(\n state.encryptionKey,\n \"Missing encryption key in the output\",\n ),\n }),\n ),\n });\n }\n\n extractDependencies(internalApi: InternalApi) {\n return {\n deviceAuth: (args: { input: { lkrpDataSource: LKRPDataSource } }) =>\n this.auth(\n args.input.lkrpDataSource,\n new SignChallengeWithDeviceTask(internalApi),\n ).run(),\n\n keypairAuth: (args: {\n input: Pick<AuthenticateDAInput, \"lkrpDataSource\" | \"keypair\"> & {\n trustchainId: Either<LKRPMissingDataError, string>;\n };\n }) => {\n const { lkrpDataSource, keypair } = args.input;\n return EitherAsync.liftEither(args.input.trustchainId)\n .chain((trustchainId) =>\n this.auth(\n lkrpDataSource,\n new SignChallengeWithKeypairTask(keypair, trustchainId),\n ),\n )\n .run();\n },\n\n getTrustchain: (args: {\n input: Either<\n AuthenticateDAError,\n {\n applicationId: number;\n lkrpDataSource: LKRPDataSource;\n trustchainId: string;\n jwt: JWT;\n }\n >;\n }) =>\n EitherAsync.liftEither(args.input)\n .chain(({ applicationId, lkrpDataSource, trustchainId, jwt }) =>\n lkrpDataSource\n .getTrustchainById(trustchainId, jwt)\n .map((trustchain) => ({\n trustchain,\n applicationStream:\n trustchain[`m/${applicationId}'`] ??\n LKRPBlockStream.fromPath(`m/0'/${applicationId}'/0'`),\n })),\n )\n .run(),\n\n extractEncryptionKey: async (args: {\n input: Either<\n AuthenticateDAError,\n {\n applicationStream: LKRPBlockStream;\n keypair: Keypair;\n }\n >;\n }) => {\n // TODO additional derivations should be supported:\n // https://github.com/LedgerHQ/ledger-live/blob/develop/libs/hw-ledger-key-ring-protocol/src/Device.ts#L216...L226\n // Probably not needed for Ledger Sync\n return Promise.resolve(\n args.input\n .chain(({ applicationStream, keypair }) =>\n applicationStream\n .getPublishedKey(keypair)\n .toEither(\n new UnknownDAError(\n \"There is no encryption key for the current member in the application stream.\",\n ),\n ),\n )\n .map((key) => key.privateKey),\n );\n },\n };\n }\n\n private auth(\n lkrpDataSource: LKRPDataSource,\n signerTask: {\n run: (\n challenge: Challenge,\n ) => PromiseLike<Either<AuthenticateDAError, AuthenticationPayload>>;\n },\n ) {\n return lkrpDataSource\n .getChallenge()\n .chain((challenge) => signerTask.run(challenge))\n .chain((payload) => lkrpDataSource.authenticate(payload));\n }\n}\n"],
5
+ "mappings": "yaAAA,IAAAA,EAAA,GAAAC,EAAAD,EAAA,8BAAAE,IAAA,eAAAC,EAAAH,GAAA,IAAAI,EAQO,2CACPC,EAAsD,qBACtDC,EAA2C,kBAS3CC,EAIO,kCAGPC,EAA4C,iEAC5CC,EAA6C,kEAM7CC,EAAgC,2CAChCC,EAAgC,2CAChCC,EAAyB,oCAEzBC,EAA+B,kCAC/BC,EAA4C,yCAE5C,MAAMC,EAAW,cAEV,MAAMb,UAAiC,oBAM5C,CACA,iBACEc,EAOA,CASA,KAAM,CAAE,WAAAC,EAAY,YAAAC,EAAa,cAAAC,EAAe,qBAAAC,CAAqB,EACnE,KAAK,oBAAoBJ,CAAW,EAEtC,SAAO,SAAM,CACX,MAAO,CACL,MAAO,CAAC,EACR,QAAS,CAAC,EACV,OAAQ,CAAC,CACX,EAEA,OAAQ,CACN,oBAAqB,IAAI,sBAAoB,CAC3C,MAAO,CAAE,QAASD,CAAS,CAC7B,CAAC,EAAE,iBAAiBC,CAAW,EAE/B,cAAY,eAAYC,CAAU,EAClC,eAAa,eAAYC,CAAW,EAEpC,iBAAe,eAAYC,CAAa,EAExC,4BAA6B,IAAI,8BAA4B,CAC3D,SAAO,QACL,IAAI,uBAAqB,oCAAoC,CAC/D,CACF,CAAC,EAAE,iBAAiBH,CAAW,EAE/B,wBAAsB,eAAYI,CAAoB,CACxD,EAEA,QAAS,CACP,wBAAsB,kBACpB,CAAC,CAAE,MAAAC,CAAM,OACP,QACE,IAAI,iBAAe,OAAQA,EAA8B,KAAK,CAAC,CACjE,CACJ,CACF,EAEA,OAAQ,CACN,kBAAmB,CAAC,CAAE,QAAAC,CAAQ,IAAM,CAACA,EAAQ,MAAM,aACnD,SAAU,CAAC,CAAE,QAAAA,CAAQ,IAAM,CAACA,EAAQ,MAAM,IAC1C,mBAAoB,CAAC,CAAE,QAAAA,CAAQ,IAC7BA,EAAQ,eACL,QAAQ,EACR,IACEC,GACCA,EAAM,sBACNA,EAAM,mBAAmB,UACvBD,EAAQ,MAAM,QAAQ,YAAY,CACpC,CACJ,EACC,QAAQ,GAAK,EACpB,CACF,CAAC,EAAE,cAAc,CAGf,GAAI,2BACJ,QAAS,CAAC,CAAE,MAAAE,CAAM,KAAyB,CACzC,MAAAA,EACA,kBAAmB,CACjB,wBAAyB,0BAAwB,IACnD,EACA,kBAAgB,SAAM,CACpB,aAAc,KACd,IAAK,KACL,WAAY,KACZ,kBAAmB,KACnB,cAAe,KACf,qBAAsB,EACxB,CAAC,CACH,GAEA,QAAS,mBACT,OAAQ,CACN,iBAAkB,CAChB,OAAQ,CACN,CAAE,OAAQ,aAAc,MAAO,mBAAoB,EACnD,CAAE,OAAQ,cAAe,MAAO,UAAW,EAC3C,CAAE,OAAQ,eAAgB,CAC5B,CACF,EAEA,YAAa,CACX,GAAI,CACF,QAAS,gBACT,mBAAoB,aACpB,MAAO,OACT,EACA,OAAQ,CACN,GAAI,cACJ,IAAK,cACL,MAAO,CAAC,CAAE,QAAAF,CAAQ,KAAO,CACvB,eAAgBA,EAAQ,MAAM,eAC9B,QAASA,EAAQ,MAAM,QACvB,gBAAc,YACZA,EAAQ,MAAM,aACd,oCACF,CACF,GACA,QAAS,CAAE,QAAS,sBAAuB,EAC3C,OAAQ,CACN,WAAS,kBAAe,CAAC,CAAE,MAAAD,CAAM,IAC/BA,EAAM,OACH,IAAI,CAAC,CAAE,IAAAI,CAAI,KAAO,CACjB,MAAO,UACP,OAAQ,CAAE,IAAAA,CAAI,CAChB,EAAE,EACD,UAAWC,GACVA,aAAiB,2BACb,SAAM,CAAE,MAAO,oBAAqB,CAAC,KACrC,QAAKA,CAAK,CAChB,CACJ,CACF,CACF,CACF,EAEA,WAAY,CACV,GAAI,CAAE,QAAS,gBAAiB,MAAO,OAAQ,EAC/C,QAAS,UACT,OAAQ,CACN,QAAS,CAEP,GAAI,CAAE,QAAS,MAAO,EACtB,OAAQ,CACN,GAAI,UACJ,IAAK,sBACL,MAAO,CAAE,QAASX,CAAS,EAC3B,QAAS,CAAE,QAAS,sBAAuB,EAC3C,OAAQ,CACN,WAAS,kBAAe,CAAC,CAAE,MAAAM,CAAM,IAC/BA,EAAM,OAAO,IAAI,KAAO,CAAE,MAAO,SAAU,EAAE,CAC/C,CACF,CACF,CACF,EAEA,KAAM,CACJ,SAAO,UAAO,CACZ,kBAAmB,CACjB,wBAAyB,qBAC3B,CACF,CAAC,EACD,QAAM,UAAO,CACX,kBAAmB,CACjB,wBAAyB,0BAAwB,IACnD,CACF,CAAC,EACD,OAAQ,CACN,GAAI,aACJ,IAAK,aACL,MAAO,CAAC,CAAE,QAAAC,CAAQ,IAAMA,EAAQ,MAChC,QAAS,CAAE,QAAS,sBAAuB,EAC3C,OAAQ,CACN,WAAS,kBAAe,CAAC,CAAE,MAAAD,CAAM,IAC/BA,EAAM,OAAO,MAAOM,GAClBA,EAAQ,aAAa,OAAO,CAC1B,QAAS,OACP,QACE,IAAI,qBAAmB,yBAAyB,CAClD,EACF,KAAOC,MACL,SAAM,CACJ,MAAO,UACP,OAAQ,CAAE,IAAKD,EAAQ,IAAK,aAAAC,CAAa,CAC3C,CAAC,CACL,CAAC,CACH,CACF,CACF,CACF,CACF,CACF,CACF,EAEA,cAAe,CACb,GAAI,CACF,QAAS,iBACT,mBAAoB,cACpB,MAAO,OACT,EACA,OAAQ,CACN,GAAI,gBACJ,IAAK,gBACL,MAAO,CAAC,CAAE,QAAAN,CAAQ,IAChBA,EAAQ,eAAe,MAAOC,MAC5B,mBAAgB,CACd,eAAgBD,EAAQ,MAAM,eAC9B,cAAeA,EAAQ,MAAM,cAC7B,aAAc,OACZ,YACEC,EAAM,cAAgBD,EAAQ,MAAM,aACpC,sDACF,EACF,IAAK,OACH,YACEC,EAAM,KAAOD,EAAQ,MAAM,IAC3B,4CACF,CACJ,CAAC,CACH,EACF,QAAS,CAAE,QAAS,sBAAuB,EAC3C,OAAQ,CACN,WAAS,kBAAe,CAAC,CAAE,MAAAD,CAAM,IAC/BA,EAAM,OAAO,IAAI,CAAC,CAAE,WAAAQ,EAAY,kBAAAC,CAAkB,KAAO,CACvD,MAAO,UACP,OAAQ,CAAE,WAAAD,EAAY,kBAAAC,CAAkB,CAC1C,EAAE,CACJ,CACF,CACF,CACF,EAEA,eAAgB,CACd,OAAQ,CACN,CAAE,OAAQ,uBAAwB,MAAO,oBAAqB,EAC9D,CAAE,OAAQ,iBAAkB,CAC9B,CACF,EAEA,gBAAiB,CAEf,GAAI,CACF,QAAS,gBACT,MAAO,OACT,EACA,OAAQ,CACN,GAAI,kBACJ,IAAK,8BACL,MAAO,CAAC,CAAE,QAAAR,CAAQ,IAChBA,EAAQ,eACL,QACC,IACE,IAAI,uBACF,+CACF,CACJ,EACC,MAAOC,MACN,mBAAgB,CACd,eAAgBD,EAAQ,MAAM,eAC9B,QAASA,EAAQ,MAAM,QACvB,WAAYA,EAAQ,MAAM,WAC1B,YAAaA,EAAQ,MAAM,YAC3B,IAAK,OACH,YACEC,EAAM,KAAOD,EAAQ,MAAM,IAC3B,8CACF,EACF,aAAc,OACZ,YACEC,EAAM,cAAgBD,EAAQ,MAAM,aACpC,sDACF,EACF,WAAY,OACV,YACEC,EAAM,WACN,qDACF,EACF,kBAAmB,OACjB,YACEA,EAAM,kBACN,6DACF,CACJ,CAAC,CACH,EACJ,QAAS,CAAE,QAAS,sBAAuB,EAC3C,OAAQ,CACN,WAAS,kBAAe,CAAC,CAAE,MAAAF,CAAM,IAC/BA,EAAM,OAAO,IAAI,KAAO,CACtB,MAAO,UACP,OAAQ,CAAE,qBAAsB,EAAK,CACvC,EAAE,CACJ,CACF,CACF,CACF,EAEA,qBAAsB,CACpB,GAAI,CAAE,QAAS,UAAW,MAAO,OAAQ,EACzC,OAAQ,CACN,GAAI,uBACJ,IAAK,uBACL,MAAO,CAAC,CAAE,QAAAC,CAAQ,IAChBA,EAAQ,eAAe,MAAOC,MAC5B,YACEA,EAAM,kBACN,4BACF,EAAE,IAAKO,IAAuB,CAC5B,kBAAAA,EACA,QAASR,EAAQ,MAAM,OACzB,EAAE,CACJ,EACF,QAAS,CAAE,QAAS,sBAAuB,EAC3C,OAAQ,CACN,WAAS,kBAAe,CAAC,CAAE,MAAAD,CAAM,IAC/BA,EAAM,OAAO,IAAKU,IAAmB,CACnC,MAAO,UACP,OAAQ,CAAE,cAAAA,CAAc,CAC1B,EAAE,CACJ,CACF,CACF,CACF,EAEA,QAAS,CAAE,KAAM,OAAQ,EAEzB,MAAO,CAAE,KAAM,OAAQ,CACzB,EAEA,OAAQ,CAAC,CAAE,QAAAT,CAAQ,IACjBA,EAAQ,eAAe,MAAOC,MAC5B,mBAAgB,CACd,aAAc,OACZ,YACEA,EAAM,cAAgBD,EAAQ,MAAM,aACpC,qCACF,EACF,IAAK,OACH,YACEC,EAAM,KAAOD,EAAQ,MAAM,IAC3B,2BACF,EACF,gBAAiB,OACf,YACEC,EAAM,mBAAmB,QAAQ,EAAE,QAAQ,EAC3C,wCACF,EACF,cAAe,OACb,YACEA,EAAM,cACN,sCACF,CACJ,CAAC,CACH,CACJ,CAAC,CACH,CAEA,oBAAoBP,EAA0B,CAC5C,MAAO,CACL,WAAagB,GACX,KAAK,KACHA,EAAK,MAAM,eACX,IAAI,8BAA4BhB,CAAW,CAC7C,EAAE,IAAI,EAER,YAAcgB,GAIR,CACJ,KAAM,CAAE,eAAAC,EAAgB,QAAAC,CAAQ,EAAIF,EAAK,MACzC,OAAO,cAAY,WAAWA,EAAK,MAAM,YAAY,EAClD,MAAOJ,GACN,KAAK,KACHK,EACA,IAAI,+BAA6BC,EAASN,CAAY,CACxD,CACF,EACC,IAAI,CACT,EAEA,cAAgBI,GAWd,cAAY,WAAWA,EAAK,KAAK,EAC9B,MAAM,CAAC,CAAE,cAAAG,EAAe,eAAAF,EAAgB,aAAAL,EAAc,IAAAH,CAAI,IACzDQ,EACG,kBAAkBL,EAAcH,CAAG,EACnC,IAAKI,IAAgB,CACpB,WAAAA,EACA,kBACEA,EAAW,KAAKM,CAAa,GAAG,GAChC,kBAAgB,SAAS,QAAQA,CAAa,MAAM,CACxD,EAAE,CACN,EACC,IAAI,EAET,qBAAsB,MAAOH,GAYpB,QAAQ,QACbA,EAAK,MACF,MAAM,CAAC,CAAE,kBAAAF,EAAmB,QAAAI,CAAQ,IACnCJ,EACG,gBAAgBI,CAAO,EACvB,SACC,IAAI,iBACF,8EACF,CACF,CACJ,EACC,IAAKE,GAAQA,EAAI,UAAU,CAChC,CAEJ,CACF,CAEQ,KACNH,EACAI,EAKA,CACA,OAAOJ,EACJ,aAAa,EACb,MAAOK,GAAcD,EAAW,IAAIC,CAAS,CAAC,EAC9C,MAAOX,GAAYM,EAAe,aAAaN,CAAO,CAAC,CAC5D,CACF",
6
6
  "names": ["AuthenticateDeviceAction_exports", "__export", "AuthenticateDeviceAction", "__toCommonJS", "import_device_management_kit", "import_purify_ts", "import_xstate", "import_Errors", "import_SignChallengeWithDeviceTask", "import_SignChallengeWithKeypairTask", "import_eitherSeqRecord", "import_LKRPBlockStream", "import_required", "import_raiseAndAssign", "import_AddToTrustchainDeviceAction", "APP_NAME", "internalApi", "deviceAuth", "keypairAuth", "getTrustchain", "extractEncryptionKey", "event", "context", "state", "input", "jwt", "error", "payload", "trustchainId", "trustchain", "applicationStream", "encryptionKey", "args", "lkrpDataSource", "keypair", "applicationId", "key", "signerTask", "challenge"]
7
7
  }
package/lib/cjs/internal/app-binder/task/ParseStreamToDeviceTask.js CHANGED
@@ -1,2 +1,2 @@
1
- "use strict";var m=Object.defineProperty;var l=Object.getOwnPropertyDescriptor;var k=Object.getOwnPropertyNames;var S=Object.prototype.hasOwnProperty;var T=(n,t)=>{for(var r in t)m(n,r,{get:t[r],enumerable:!0})},g=(n,t,r,e)=>{if(t&&typeof t=="object"||typeof t=="function")for(let a of k(t))!S.call(n,a)&&a!==r&&m(n,a,{get:()=>t[a],enumerable:!(e=l(t,a))||e.enumerable});return n};var R=n=>g(m({},"__esModule",{value:!0}),n);var L={};T(L,{ParseStreamToDeviceTask:()=>E});module.exports=R(L);var o=require("@ledgerhq/device-management-kit"),s=require("purify-ts"),i=require("../../../api/app-binder/Errors"),c=require("../../app-binder/command/ParseBlockSignatureCommand"),d=require("../../app-binder/command/ParseStreamBlockCommand"),p=require("../../app-binder/command/ParseStreamBlockHeader"),P=require("../../app-binder/command/SetTrustedMemberCommand"),h=require("../../utils/eitherSeqRecord"),u=require("../../utils/hex"),f=require("./utils/TrustedProperties");class E{constructor(t){this.api=t}lastTrustedMember=null;trustedMembers=new Map;run({seedBlock:t,applicationStream:r}){return this.parseBlock(t).chain(()=>r?this.parseStream(r):s.EitherAsync.liftEither((0,s.Right)(void 0)))}parseStream(t){return s.EitherAsync.liftEither(t.parse()).chain(r=>s.EitherAsync.sequence(r.map(e=>this.parseBlock(e))))}parseBlock(t){return s.EitherAsync.liftEither(t.parse()).chain(r=>this.setTrustedMember((0,u.bytesToHex)(r.issuer)).map(()=>r)).chain(async r=>{try{const e=await this.api.sendCommand(new p.ParseBlockHeaderCommand(r));if(e.status!==o.CommandResultStatus.Success)return(0,s.Left)(e.error)}catch(e){return(0,s.Left)(new i.LKRPUnknownError(String(e)))}return(0,s.Right)(r)}).chain(r=>s.EitherAsync.sequence(r.commands.map(e=>this.parseCommand(e,(0,u.bytesToHex)(r.issuer)))).map(()=>r)).chain(async r=>{try{const e=await this.api.sendCommand(new c.ParseBlockSignatureCommand(r));if(e.status!==o.CommandResultStatus.Success)return(0,s.Left)(e.error)}catch(e){return(0,s.Left)(new i.LKRPUnknownError(String(e)))}return(0,s.Right)(void 0)})}parseCommand(t,r){const e=t.getPublicKey().orDefault(r);return this.setTrustedMember(e).chain(async()=>{try{const a=await this.api.sendCommand(new d.ParseSingleCommand({command:t.toU8A()}));return a.status!==o.CommandResultStatus.Success?(0,s.Left)(a.error):this.recordTrustedMembers(e,a.data)}catch(a){return(0,s.Left)(new i.LKRPUnknownError(String(a)))}})}setTrustedMember(t){return s.EitherAsync.fromPromise(async()=>{if(t===this.lastTrustedMember)return(0,s.Right)(void 0);const r=this.trustedMembers.get(t);if(!r)return(0,s.Right)(void 0);try{const e=await this.api.sendCommand(new P.SetTrustedMemberCommand(r));if(e.status!==o.CommandResultStatus.Success)return(0,s.Left)(e.error)}catch(e){return(0,s.Left)(new i.LKRPUnknownError(String(e)))}return(0,s.Right)(void 0)})}recordTrustedMembers(t,r){if(this.lastTrustedMember=t,r.length===0||this.trustedMembers.has(t))return(0,s.Right)(void 0);const e=new f.TrustedProperties(r);return(0,h.eitherSeqRecord)({iv:()=>e.getIv(),memberTlv:()=>e.getNewMember()}).ifRight(a=>this.trustedMembers.set(t,a))}}0&&(module.exports={ParseStreamToDeviceTask});
1
+ "use strict";var i=Object.defineProperty;var f=Object.getOwnPropertyDescriptor;var l=Object.getOwnPropertyNames;var k=Object.prototype.hasOwnProperty;var S=(o,t)=>{for(var r in t)i(o,r,{get:t[r],enumerable:!0})},T=(o,t,r,e)=>{if(t&&typeof t=="object"||typeof t=="function")for(let a of l(t))!k.call(o,a)&&a!==r&&i(o,a,{get:()=>t[a],enumerable:!(e=f(t,a))||e.enumerable});return o};var g=o=>T(i({},"__esModule",{value:!0}),o);var R={};S(R,{ParseStreamToDeviceTask:()=>E});module.exports=g(R);var n=require("@ledgerhq/device-management-kit"),s=require("purify-ts"),u=require("../../app-binder/command/ParseBlockSignatureCommand"),c=require("../../app-binder/command/ParseStreamBlockCommand"),d=require("../../app-binder/command/ParseStreamBlockHeader"),p=require("../../app-binder/command/SetTrustedMemberCommand"),P=require("../../utils/eitherSeqRecord"),m=require("../../utils/hex"),h=require("./utils/TrustedProperties");class E{constructor(t){this.api=t}lastTrustedMember=null;trustedMembers=new Map;run({seedBlock:t,applicationStream:r}){return this.parseBlock(t).chain(()=>r?this.parseStream(r):s.EitherAsync.liftEither((0,s.Right)(void 0)))}parseStream(t){return s.EitherAsync.liftEither(t.parse()).chain(r=>s.EitherAsync.sequence(r.map(e=>this.parseBlock(e))))}parseBlock(t){return s.EitherAsync.liftEither(t.parse()).chain(r=>this.setTrustedMember((0,m.bytesToHex)(r.issuer)).map(()=>r)).chain(async r=>{try{const e=await this.api.sendCommand(new d.ParseBlockHeaderCommand(r));if(e.status!==n.CommandResultStatus.Success)return(0,s.Left)(e.error)}catch(e){return(0,s.Left)(new n.UnknownDAError(String(e)))}return(0,s.Right)(r)}).chain(r=>s.EitherAsync.sequence(r.commands.map(e=>this.parseCommand(e,(0,m.bytesToHex)(r.issuer)))).map(()=>r)).chain(async r=>{try{const e=await this.api.sendCommand(new u.ParseBlockSignatureCommand(r));if(e.status!==n.CommandResultStatus.Success)return(0,s.Left)(e.error)}catch(e){return(0,s.Left)(new n.UnknownDAError(String(e)))}return(0,s.Right)(void 0)})}parseCommand(t,r){const e=t.getPublicKey().orDefault(r);return this.setTrustedMember(e).chain(async()=>{try{const a=await this.api.sendCommand(new c.ParseSingleCommand({command:t.toU8A()}));return a.status!==n.CommandResultStatus.Success?(0,s.Left)(a.error):this.recordTrustedMembers(e,a.data)}catch(a){return(0,s.Left)(new n.UnknownDAError(String(a)))}})}setTrustedMember(t){return s.EitherAsync.fromPromise(async()=>{if(t===this.lastTrustedMember)return(0,s.Right)(void 0);const r=this.trustedMembers.get(t);if(!r)return(0,s.Right)(void 0);try{const e=await this.api.sendCommand(new p.SetTrustedMemberCommand(r));if(e.status!==n.CommandResultStatus.Success)return(0,s.Left)(e.error)}catch(e){return(0,s.Left)(new n.UnknownDAError(String(e)))}return(0,s.Right)(void 0)})}recordTrustedMembers(t,r){if(this.lastTrustedMember=t,r.length===0||this.trustedMembers.has(t))return(0,s.Right)(void 0);const e=new h.TrustedProperties(r);return(0,P.eitherSeqRecord)({iv:()=>e.getIv(),memberTlv:()=>e.getNewMember()}).ifRight(a=>this.trustedMembers.set(t,a))}}0&&(module.exports={ParseStreamToDeviceTask});
2
2
  //# sourceMappingURL=ParseStreamToDeviceTask.js.map
package/lib/cjs/internal/app-binder/task/ParseStreamToDeviceTask.js.map CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "version": 3,
3
3
  "sources": ["../../../../../src/internal/app-binder/task/ParseStreamToDeviceTask.ts"],
4
- "sourcesContent": ["import {\n CommandResultStatus,\n type InternalApi,\n} from \"@ledgerhq/device-management-kit\";\nimport { type Either, EitherAsync, Left, Right } from \"purify-ts\";\n\nimport {\n type LKRPMissingDataError,\n type LKRPParsingError,\n LKRPUnknownError,\n} from \"@api/app-binder/Errors\";\nimport { type SetTrustedMemberCommandArgs } from \"@api/app-binder/SetTrustedMemberTypes\";\nimport { ParseBlockSignatureCommand } from \"@internal/app-binder/command/ParseBlockSignatureCommand\";\nimport { ParseSingleCommand } from \"@internal/app-binder/command/ParseStreamBlockCommand\";\nimport { ParseBlockHeaderCommand } from \"@internal/app-binder/command/ParseStreamBlockHeader\";\nimport { SetTrustedMemberCommand } from \"@internal/app-binder/command/SetTrustedMemberCommand\";\nimport { type LKRPDeviceCommandError } from \"@internal/app-binder/command/utils/ledgerKeyringProtocolErrors\";\nimport { type LKRPBlockParsedData } from \"@internal/models/LKRPBlockTypes\";\nimport { eitherSeqRecord } from \"@internal/utils/eitherSeqRecord\";\nimport { bytesToHex } from \"@internal/utils/hex\";\nimport { type LKRPBlock } from \"@internal/utils/LKRPBlock\";\nimport { type LKRPBlockStream } from \"@internal/utils/LKRPBlockStream\";\nimport { type LKRPCommand } from \"@internal/utils/LKRPCommand\";\n\nimport { TrustedProperties } from \"./utils/TrustedProperties\";\n\nexport type ParseStreamToDeviceTaskInput = {\n seedBlock: LKRPBlock; // The seed block is mandatory for now because the trustchain creation / parse empty stream are not yet implemented\n applicationStream: LKRPBlockStream | null;\n};\n\ntype ParseStreamTaskError =\n | LKRPDeviceCommandError\n | LKRPParsingError\n | LKRPMissingDataError\n | LKRPUnknownError;\n\nexport class ParseStreamToDeviceTask {\n private lastTrustedMember: string | null = null;\n private trustedMembers = new Map<string, SetTrustedMemberCommandArgs>();\n\n constructor(private readonly api: InternalApi) {}\n\n run({ seedBlock, applicationStream }: ParseStreamToDeviceTaskInput) {\n return this.parseBlock(seedBlock).chain<ParseStreamTaskError, unknown>(\n () =>\n applicationStream\n ? this.parseStream(applicationStream)\n : EitherAsync.liftEither(Right(undefined)),\n );\n }\n\n parseStream(stream: LKRPBlockStream) {\n return EitherAsync.liftEither(stream.parse()).chain<\n ParseStreamTaskError,\n unknown\n >((blocks) =>\n EitherAsync.sequence(blocks.map((block) => this.parseBlock(block))),\n );\n }\n\n parseBlock(block: LKRPBlock) {\n return (\n EitherAsync.liftEither(block.parse())\n\n .chain<ParseStreamTaskError, LKRPBlockParsedData>((data) =>\n this.setTrustedMember(bytesToHex(data.issuer)).map(() => data),\n )\n\n // Parse the block header\n .chain<ParseStreamTaskError, LKRPBlockParsedData>(async (data) => {\n try {\n const response = await this.api.sendCommand(\n new ParseBlockHeaderCommand(data),\n );\n if (response.status !== CommandResultStatus.Success) {\n return Left(response.error);\n }\n } catch (error) {\n return Left(new LKRPUnknownError(String(error)));\n }\n return Right(data);\n })\n\n // Parse each command\n .chain<ParseStreamTaskError, LKRPBlockParsedData>((data) =>\n EitherAsync.sequence(\n data.commands.map((command) =>\n this.parseCommand(command, bytesToHex(data.issuer)),\n ),\n ).map(() => data),\n )\n\n // Parse the block signature\n .chain<ParseStreamTaskError, void>(async (data) => {\n try {\n const response = await this.api.sendCommand(\n new ParseBlockSignatureCommand(data),\n );\n if (response.status !== CommandResultStatus.Success) {\n return Left(response.error);\n }\n } catch (error) {\n return Left(new LKRPUnknownError(String(error)));\n }\n return Right(undefined);\n })\n );\n }\n\n parseCommand(command: LKRPCommand, blockIssuer: string) {\n const publicKey = command.getPublicKey().orDefault(blockIssuer);\n\n // Parse the command\n return this.setTrustedMember(publicKey).chain<\n ParseStreamTaskError,\n unknown\n >(async () => {\n try {\n const response = await this.api.sendCommand(\n new ParseSingleCommand({ command: command.toU8A() }),\n );\n if (response.status !== CommandResultStatus.Success) {\n return Left(response.error);\n }\n return this.recordTrustedMembers(publicKey, response.data);\n } catch (error) {\n return Left(new LKRPUnknownError(String(error)));\n }\n });\n }\n\n setTrustedMember(publicKey: string) {\n // NOTE: Set Trusted Member only when needed\n // i.e: when this command wasn't signed by the device (see recordTrustedMembers NOTE) nor the last trusted member\n return EitherAsync.fromPromise<ParseStreamTaskError, void>(async () => {\n if (publicKey === this.lastTrustedMember) {\n return Right(undefined);\n }\n const trustedMember = this.trustedMembers.get(publicKey);\n if (!trustedMember) {\n return Right(undefined);\n }\n try {\n const response = await this.api.sendCommand(\n new SetTrustedMemberCommand(trustedMember),\n );\n if (response.status !== CommandResultStatus.Success) {\n return Left(response.error);\n }\n } catch (error) {\n return Left(new LKRPUnknownError(String(error)));\n }\n return Right(undefined);\n });\n }\n\n recordTrustedMembers(\n publicKey: string,\n trustedPropsBytes: Uint8Array,\n ): Either<LKRPParsingError | LKRPMissingDataError, unknown> {\n this.lastTrustedMember = publicKey;\n\n // NOTE: Whenever a command which was signed by the device is parsed on the same device\n // the parse block apdu returns empty trusted properties.\n // Therefore this function will never record the device as a trusted member.\n // (which is fine because the device doesn't need to set itself as a trusted member).\n if (trustedPropsBytes.length === 0 || this.trustedMembers.has(publicKey)) {\n return Right(undefined);\n }\n\n const trustedProps = new TrustedProperties(trustedPropsBytes);\n return eitherSeqRecord({\n iv: () => trustedProps.getIv(),\n memberTlv: () => trustedProps.getNewMember(),\n }).ifRight((trustedMember) =>\n this.trustedMembers.set(publicKey, trustedMember),\n );\n }\n}\n"],
5
- "mappings": "yaAAA,IAAAA,EAAA,GAAAC,EAAAD,EAAA,6BAAAE,IAAA,eAAAC,EAAAH,GAAA,IAAAI,EAGO,2CACPC,EAAsD,qBAEtDC,EAIO,kCAEPC,EAA2C,mEAC3CC,EAAmC,gEACnCC,EAAwC,+DACxCC,EAAwC,gEAGxCC,EAAgC,2CAChCC,EAA2B,+BAK3BC,EAAkC,qCAa3B,MAAMX,CAAwB,CAInC,YAA6BY,EAAkB,CAAlB,SAAAA,CAAmB,CAHxC,kBAAmC,KACnC,eAAiB,IAAI,IAI7B,IAAI,CAAE,UAAAC,EAAW,kBAAAC,CAAkB,EAAiC,CAClE,OAAO,KAAK,WAAWD,CAAS,EAAE,MAChC,IACEC,EACI,KAAK,YAAYA,CAAiB,EAClC,cAAY,cAAW,SAAM,MAAS,CAAC,CAC/C,CACF,CAEA,YAAYC,EAAyB,CACnC,OAAO,cAAY,WAAWA,EAAO,MAAM,CAAC,EAAE,MAG3CC,GACD,cAAY,SAASA,EAAO,IAAKC,GAAU,KAAK,WAAWA,CAAK,CAAC,CAAC,CACpE,CACF,CAEA,WAAWA,EAAkB,CAC3B,OACE,cAAY,WAAWA,EAAM,MAAM,CAAC,EAEjC,MAAkDC,GACjD,KAAK,oBAAiB,cAAWA,EAAK,MAAM,CAAC,EAAE,IAAI,IAAMA,CAAI,CAC/D,EAGC,MAAiD,MAAOA,GAAS,CAChE,GAAI,CACF,MAAMC,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAI,0BAAwBD,CAAI,CAClC,EACA,GAAIC,EAAS,SAAW,sBAAoB,QAC1C,SAAO,QAAKA,EAAS,KAAK,CAE9B,OAASC,EAAO,CACd,SAAO,QAAK,IAAI,mBAAiB,OAAOA,CAAK,CAAC,CAAC,CACjD,CACA,SAAO,SAAMF,CAAI,CACnB,CAAC,EAGA,MAAkDA,GACjD,cAAY,SACVA,EAAK,SAAS,IAAKG,GACjB,KAAK,aAAaA,KAAS,cAAWH,EAAK,MAAM,CAAC,CACpD,CACF,EAAE,IAAI,IAAMA,CAAI,CAClB,EAGC,MAAkC,MAAOA,GAAS,CACjD,GAAI,CACF,MAAMC,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAI,6BAA2BD,CAAI,CACrC,EACA,GAAIC,EAAS,SAAW,sBAAoB,QAC1C,SAAO,QAAKA,EAAS,KAAK,CAE9B,OAASC,EAAO,CACd,SAAO,QAAK,IAAI,mBAAiB,OAAOA,CAAK,CAAC,CAAC,CACjD,CACA,SAAO,SAAM,MAAS,CACxB,CAAC,CAEP,CAEA,aAAaC,EAAsBC,EAAqB,CACtD,MAAMC,EAAYF,EAAQ,aAAa,EAAE,UAAUC,CAAW,EAG9D,OAAO,KAAK,iBAAiBC,CAAS,EAAE,MAGtC,SAAY,CACZ,GAAI,CACF,MAAMJ,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAI,qBAAmB,CAAE,QAASE,EAAQ,MAAM,CAAE,CAAC,CACrD,EACA,OAAIF,EAAS,SAAW,sBAAoB,WACnC,QAAKA,EAAS,KAAK,EAErB,KAAK,qBAAqBI,EAAWJ,EAAS,IAAI,CAC3D,OAASC,EAAO,CACd,SAAO,QAAK,IAAI,mBAAiB,OAAOA,CAAK,CAAC,CAAC,CACjD,CACF,CAAC,CACH,CAEA,iBAAiBG,EAAmB,CAGlC,OAAO,cAAY,YAAwC,SAAY,CACrE,GAAIA,IAAc,KAAK,kBACrB,SAAO,SAAM,MAAS,EAExB,MAAMC,EAAgB,KAAK,eAAe,IAAID,CAAS,EACvD,GAAI,CAACC,EACH,SAAO,SAAM,MAAS,EAExB,GAAI,CACF,MAAML,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAI,0BAAwBK,CAAa,CAC3C,EACA,GAAIL,EAAS,SAAW,sBAAoB,QAC1C,SAAO,QAAKA,EAAS,KAAK,CAE9B,OAASC,EAAO,CACd,SAAO,QAAK,IAAI,mBAAiB,OAAOA,CAAK,CAAC,CAAC,CACjD,CACA,SAAO,SAAM,MAAS,CACxB,CAAC,CACH,CAEA,qBACEG,EACAE,EAC0D,CAO1D,GANA,KAAK,kBAAoBF,EAMrBE,EAAkB,SAAW,GAAK,KAAK,eAAe,IAAIF,CAAS,EACrE,SAAO,SAAM,MAAS,EAGxB,MAAMG,EAAe,IAAI,oBAAkBD,CAAiB,EAC5D,SAAO,mBAAgB,CACrB,GAAI,IAAMC,EAAa,MAAM,EAC7B,UAAW,IAAMA,EAAa,aAAa,CAC7C,CAAC,EAAE,QAASF,GACV,KAAK,eAAe,IAAID,EAAWC,CAAa,CAClD,CACF,CACF",
6
- "names": ["ParseStreamToDeviceTask_exports", "__export", "ParseStreamToDeviceTask", "__toCommonJS", "import_device_management_kit", "import_purify_ts", "import_Errors", "import_ParseBlockSignatureCommand", "import_ParseStreamBlockCommand", "import_ParseStreamBlockHeader", "import_SetTrustedMemberCommand", "import_eitherSeqRecord", "import_hex", "import_TrustedProperties", "api", "seedBlock", "applicationStream", "stream", "blocks", "block", "data", "response", "error", "command", "blockIssuer", "publicKey", "trustedMember", "trustedPropsBytes", "trustedProps"]
4
+ "sourcesContent": ["import {\n CommandResultStatus,\n type InternalApi,\n UnknownDAError,\n} from \"@ledgerhq/device-management-kit\";\nimport { type Either, EitherAsync, Left, Right } from \"purify-ts\";\n\nimport {\n type LKRPMissingDataError,\n type LKRPParsingError,\n} from \"@api/app-binder/Errors\";\nimport { type SetTrustedMemberCommandArgs } from \"@api/app-binder/SetTrustedMemberTypes\";\nimport { ParseBlockSignatureCommand } from \"@internal/app-binder/command/ParseBlockSignatureCommand\";\nimport { ParseSingleCommand } from \"@internal/app-binder/command/ParseStreamBlockCommand\";\nimport { ParseBlockHeaderCommand } from \"@internal/app-binder/command/ParseStreamBlockHeader\";\nimport { SetTrustedMemberCommand } from \"@internal/app-binder/command/SetTrustedMemberCommand\";\nimport { type LKRPDeviceCommandError } from \"@internal/app-binder/command/utils/ledgerKeyringProtocolErrors\";\nimport { eitherSeqRecord } from \"@internal/utils/eitherSeqRecord\";\nimport { bytesToHex } from \"@internal/utils/hex\";\nimport { type LKRPBlock } from \"@internal/utils/LKRPBlock\";\nimport { type LKRPBlockStream } from \"@internal/utils/LKRPBlockStream\";\nimport { type LKRPCommand } from \"@internal/utils/LKRPCommand\";\nimport { type LKRPBlockParsedData } from \"@internal/utils/types\";\n\nimport { TrustedProperties } from \"./utils/TrustedProperties\";\n\nexport type ParseStreamToDeviceTaskInput = {\n seedBlock: LKRPBlock; // The seed block is mandatory for now because the trustchain creation / parse empty stream are not yet implemented\n applicationStream: LKRPBlockStream | null;\n};\n\ntype ParseStreamTaskError =\n | LKRPDeviceCommandError\n | LKRPParsingError\n | LKRPMissingDataError\n | UnknownDAError;\n\nexport class ParseStreamToDeviceTask {\n private lastTrustedMember: string | null = null;\n private trustedMembers = new Map<string, SetTrustedMemberCommandArgs>();\n\n constructor(private readonly api: InternalApi) {}\n\n run({ seedBlock, applicationStream }: ParseStreamToDeviceTaskInput) {\n return this.parseBlock(seedBlock).chain<ParseStreamTaskError, unknown>(\n () =>\n applicationStream\n ? this.parseStream(applicationStream)\n : EitherAsync.liftEither(Right(undefined)),\n );\n }\n\n parseStream(stream: LKRPBlockStream) {\n return EitherAsync.liftEither(stream.parse()).chain<\n ParseStreamTaskError,\n unknown\n >((blocks) =>\n EitherAsync.sequence(blocks.map((block) => this.parseBlock(block))),\n );\n }\n\n parseBlock(block: LKRPBlock) {\n return (\n EitherAsync.liftEither(block.parse())\n\n .chain<ParseStreamTaskError, LKRPBlockParsedData>((data) =>\n this.setTrustedMember(bytesToHex(data.issuer)).map(() => data),\n )\n\n // Parse the block header\n .chain<ParseStreamTaskError, LKRPBlockParsedData>(async (data) => {\n try {\n const response = await this.api.sendCommand(\n new ParseBlockHeaderCommand(data),\n );\n if (response.status !== CommandResultStatus.Success) {\n return Left(response.error);\n }\n } catch (error) {\n return Left(new UnknownDAError(String(error)));\n }\n return Right(data);\n })\n\n // Parse each command\n .chain<ParseStreamTaskError, LKRPBlockParsedData>((data) =>\n EitherAsync.sequence(\n data.commands.map((command) =>\n this.parseCommand(command, bytesToHex(data.issuer)),\n ),\n ).map(() => data),\n )\n\n // Parse the block signature\n .chain<ParseStreamTaskError, void>(async (data) => {\n try {\n const response = await this.api.sendCommand(\n new ParseBlockSignatureCommand(data),\n );\n if (response.status !== CommandResultStatus.Success) {\n return Left(response.error);\n }\n } catch (error) {\n return Left(new UnknownDAError(String(error)));\n }\n return Right(undefined);\n })\n );\n }\n\n parseCommand(command: LKRPCommand, blockIssuer: string) {\n const publicKey = command.getPublicKey().orDefault(blockIssuer);\n\n // Parse the command\n return this.setTrustedMember(publicKey).chain<\n ParseStreamTaskError,\n unknown\n >(async () => {\n try {\n const response = await this.api.sendCommand(\n new ParseSingleCommand({ command: command.toU8A() }),\n );\n if (response.status !== CommandResultStatus.Success) {\n return Left(response.error);\n }\n return this.recordTrustedMembers(publicKey, response.data);\n } catch (error) {\n return Left(new UnknownDAError(String(error)));\n }\n });\n }\n\n setTrustedMember(publicKey: string) {\n // NOTE: Set Trusted Member only when needed\n // i.e: when this command wasn't signed by the device (see recordTrustedMembers NOTE) nor the last trusted member\n return EitherAsync.fromPromise<ParseStreamTaskError, void>(async () => {\n if (publicKey === this.lastTrustedMember) {\n return Right(undefined);\n }\n const trustedMember = this.trustedMembers.get(publicKey);\n if (!trustedMember) {\n return Right(undefined);\n }\n try {\n const response = await this.api.sendCommand(\n new SetTrustedMemberCommand(trustedMember),\n );\n if (response.status !== CommandResultStatus.Success) {\n return Left(response.error);\n }\n } catch (error) {\n return Left(new UnknownDAError(String(error)));\n }\n return Right(undefined);\n });\n }\n\n recordTrustedMembers(\n publicKey: string,\n trustedPropsBytes: Uint8Array,\n ): Either<LKRPParsingError | LKRPMissingDataError, unknown> {\n this.lastTrustedMember = publicKey;\n\n // NOTE: Whenever a command which was signed by the device is parsed on the same device\n // the parse block apdu returns empty trusted properties.\n // Therefore this function will never record the device as a trusted member.\n // (which is fine because the device doesn't need to set itself as a trusted member).\n if (trustedPropsBytes.length === 0 || this.trustedMembers.has(publicKey)) {\n return Right(undefined);\n }\n\n const trustedProps = new TrustedProperties(trustedPropsBytes);\n return eitherSeqRecord({\n iv: () => trustedProps.getIv(),\n memberTlv: () => trustedProps.getNewMember(),\n }).ifRight((trustedMember) =>\n this.trustedMembers.set(publicKey, trustedMember),\n );\n }\n}\n"],
5
+ "mappings": "yaAAA,IAAAA,EAAA,GAAAC,EAAAD,EAAA,6BAAAE,IAAA,eAAAC,EAAAH,GAAA,IAAAI,EAIO,2CACPC,EAAsD,qBAOtDC,EAA2C,mEAC3CC,EAAmC,gEACnCC,EAAwC,+DACxCC,EAAwC,gEAExCC,EAAgC,2CAChCC,EAA2B,+BAM3BC,EAAkC,qCAa3B,MAAMV,CAAwB,CAInC,YAA6BW,EAAkB,CAAlB,SAAAA,CAAmB,CAHxC,kBAAmC,KACnC,eAAiB,IAAI,IAI7B,IAAI,CAAE,UAAAC,EAAW,kBAAAC,CAAkB,EAAiC,CAClE,OAAO,KAAK,WAAWD,CAAS,EAAE,MAChC,IACEC,EACI,KAAK,YAAYA,CAAiB,EAClC,cAAY,cAAW,SAAM,MAAS,CAAC,CAC/C,CACF,CAEA,YAAYC,EAAyB,CACnC,OAAO,cAAY,WAAWA,EAAO,MAAM,CAAC,EAAE,MAG3CC,GACD,cAAY,SAASA,EAAO,IAAKC,GAAU,KAAK,WAAWA,CAAK,CAAC,CAAC,CACpE,CACF,CAEA,WAAWA,EAAkB,CAC3B,OACE,cAAY,WAAWA,EAAM,MAAM,CAAC,EAEjC,MAAkDC,GACjD,KAAK,oBAAiB,cAAWA,EAAK,MAAM,CAAC,EAAE,IAAI,IAAMA,CAAI,CAC/D,EAGC,MAAiD,MAAOA,GAAS,CAChE,GAAI,CACF,MAAMC,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAI,0BAAwBD,CAAI,CAClC,EACA,GAAIC,EAAS,SAAW,sBAAoB,QAC1C,SAAO,QAAKA,EAAS,KAAK,CAE9B,OAASC,EAAO,CACd,SAAO,QAAK,IAAI,iBAAe,OAAOA,CAAK,CAAC,CAAC,CAC/C,CACA,SAAO,SAAMF,CAAI,CACnB,CAAC,EAGA,MAAkDA,GACjD,cAAY,SACVA,EAAK,SAAS,IAAKG,GACjB,KAAK,aAAaA,KAAS,cAAWH,EAAK,MAAM,CAAC,CACpD,CACF,EAAE,IAAI,IAAMA,CAAI,CAClB,EAGC,MAAkC,MAAOA,GAAS,CACjD,GAAI,CACF,MAAMC,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAI,6BAA2BD,CAAI,CACrC,EACA,GAAIC,EAAS,SAAW,sBAAoB,QAC1C,SAAO,QAAKA,EAAS,KAAK,CAE9B,OAASC,EAAO,CACd,SAAO,QAAK,IAAI,iBAAe,OAAOA,CAAK,CAAC,CAAC,CAC/C,CACA,SAAO,SAAM,MAAS,CACxB,CAAC,CAEP,CAEA,aAAaC,EAAsBC,EAAqB,CACtD,MAAMC,EAAYF,EAAQ,aAAa,EAAE,UAAUC,CAAW,EAG9D,OAAO,KAAK,iBAAiBC,CAAS,EAAE,MAGtC,SAAY,CACZ,GAAI,CACF,MAAMJ,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAI,qBAAmB,CAAE,QAASE,EAAQ,MAAM,CAAE,CAAC,CACrD,EACA,OAAIF,EAAS,SAAW,sBAAoB,WACnC,QAAKA,EAAS,KAAK,EAErB,KAAK,qBAAqBI,EAAWJ,EAAS,IAAI,CAC3D,OAASC,EAAO,CACd,SAAO,QAAK,IAAI,iBAAe,OAAOA,CAAK,CAAC,CAAC,CAC/C,CACF,CAAC,CACH,CAEA,iBAAiBG,EAAmB,CAGlC,OAAO,cAAY,YAAwC,SAAY,CACrE,GAAIA,IAAc,KAAK,kBACrB,SAAO,SAAM,MAAS,EAExB,MAAMC,EAAgB,KAAK,eAAe,IAAID,CAAS,EACvD,GAAI,CAACC,EACH,SAAO,SAAM,MAAS,EAExB,GAAI,CACF,MAAML,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAI,0BAAwBK,CAAa,CAC3C,EACA,GAAIL,EAAS,SAAW,sBAAoB,QAC1C,SAAO,QAAKA,EAAS,KAAK,CAE9B,OAASC,EAAO,CACd,SAAO,QAAK,IAAI,iBAAe,OAAOA,CAAK,CAAC,CAAC,CAC/C,CACA,SAAO,SAAM,MAAS,CACxB,CAAC,CACH,CAEA,qBACEG,EACAE,EAC0D,CAO1D,GANA,KAAK,kBAAoBF,EAMrBE,EAAkB,SAAW,GAAK,KAAK,eAAe,IAAIF,CAAS,EACrE,SAAO,SAAM,MAAS,EAGxB,MAAMG,EAAe,IAAI,oBAAkBD,CAAiB,EAC5D,SAAO,mBAAgB,CACrB,GAAI,IAAMC,EAAa,MAAM,EAC7B,UAAW,IAAMA,EAAa,aAAa,CAC7C,CAAC,EAAE,QAASF,GACV,KAAK,eAAe,IAAID,EAAWC,CAAa,CAClD,CACF,CACF",
6
+ "names": ["ParseStreamToDeviceTask_exports", "__export", "ParseStreamToDeviceTask", "__toCommonJS", "import_device_management_kit", "import_purify_ts", "import_ParseBlockSignatureCommand", "import_ParseStreamBlockCommand", "import_ParseStreamBlockHeader", "import_SetTrustedMemberCommand", "import_eitherSeqRecord", "import_hex", "import_TrustedProperties", "api", "seedBlock", "applicationStream", "stream", "blocks", "block", "data", "response", "error", "command", "blockIssuer", "publicKey", "trustedMember", "trustedPropsBytes", "trustedProps"]
7
7
  }
package/lib/cjs/internal/app-binder/task/SignBlockTask.js CHANGED
@@ -1,2 +1,2 @@
1
- "use strict";var u=Object.defineProperty;var k=Object.getOwnPropertyDescriptor;var B=Object.getOwnPropertyNames;var b=Object.prototype.hasOwnProperty;var f=(m,r)=>{for(var e in r)u(m,e,{get:r[e],enumerable:!0})},A=(m,r,e,n)=>{if(r&&typeof r=="object"||typeof r=="function")for(let i of B(r))!b.call(m,i)&&i!==e&&u(m,i,{get:()=>r[i],enumerable:!(n=k(r,i))||n.enumerable});return m};var D=m=>A(u({},"__esModule",{value:!0}),m);var R={};f(R,{SignBlockTask:()=>w});module.exports=D(R);var g=require("@ledgerhq/device-management-kit"),t=require("purify-ts"),o=require("../../../api/app-binder/Errors"),S=require("../../app-binder/command/SignBlockHeader"),C=require("../../app-binder/command/SignBlockSignatureCommand"),P=require("../../app-binder/command/SignBlockSingleCommand"),a=require("../../models/Tags"),l=require("../../utils/crypto"),d=require("../../utils/eitherSeqRecord"),K=require("../../utils/LKRPBlock"),p=require("../../utils/LKRPCommand"),h=require("./utils/TrustedProperties");class w{constructor(r){this.api=r}run({lkrpDataSource:r,trustchainId:e,path:n,jwt:i,parent:c,blockFlow:y,sessionKeypair:v}){const E=this.signCommands(n,y);return(0,d.eitherAsyncSeqRecord)({header:this.signBlockHeader(c,E.length),commands:t.EitherAsync.sequence(E),signature:this.signBlockSignature(v)}).chain(s=>t.EitherAsync.liftEither(this.decryptBlock(c,s))).chain(s=>{switch(y.type){case"derive":return r.postDerivation(e,s,i);case"addMember":return r.putCommands(e,n,s,i)}}).mapLeft(s=>s instanceof o.LKRPDataSourceError&&s.status==="BAD_REQUEST"?new o.LKRPOutdatedTrustchainError:s)}signBlockHeader(r,e){return t.EitherAsync.fromPromise(async()=>{try{const n=await this.api.sendCommand(new S.SignBlockHeaderCommand({parent:r,commandCount:e}));if(n.status!==g.CommandResultStatus.Success)return(0,t.Left)(n.error);const i=new h.TrustedProperties(n.data);return(0,d.eitherSeqRecord)({iv:()=>i.getIv(),issuer:()=>i.getIssuer()})}catch(n){return(0,t.Left)(new o.LKRPUnknownError(String(n)))}})}signBlockSignature(r){return t.EitherAsync.fromPromise(async()=>{try{const e=await this.api.sendCommand(new C.SignBlockSignatureCommand);if(e.status!==g.CommandResultStatus.Success)return(0,t.Left)(e.error);const{signature:n,deviceSessionKey:i}=e.data,c=r.ecdh(i).slice(1);return(0,t.Right)({signature:n,secret:c})}catch(e){return(0,t.Left)(new o.LKRPUnknownError(String(e)))}})}signCommands(r,e){switch(e.type){case"derive":return[this.signDeriveCommand(r),this.signAddMemberCommand(e.data),this.signPublishKeyCommand(e.data)];case"addMember":return[this.signAddMemberCommand(e.data),this.signPublishKeyCommand(e.data)]}}signSingleCommand(r){return t.EitherAsync.fromPromise(async()=>{try{const e=await this.api.sendCommand(new P.SignBlockSingleCommand({command:r}));return e.status!==g.CommandResultStatus.Success?(0,t.Left)(e.error):(0,t.Right)(new h.TrustedProperties(e.data))}catch(e){return(0,t.Left)(new o.LKRPUnknownError(String(e)))}})}signDeriveCommand(r){return this.signSingleCommand(p.LKRPCommand.bytesFromUnsignedData({type:a.CommandTags.Derive,path:r})).chain(e=>t.EitherAsync.liftEither((0,d.eitherSeqRecord)({type:a.CommandTags.Derive,path:r,iv:()=>e.getIv(),xpriv:()=>e.getXPriv(),ephemeralPublicKey:()=>e.getEphemeralPublicKey(),commandIv:()=>e.getCommandIv(),groupKey:()=>e.getGroupKey(),newMember:()=>e.getNewMember()})))}signAddMemberCommand({name:r,publicKey:e,permissions:n}){return this.signSingleCommand(p.LKRPCommand.bytesFromUnsignedData({type:a.CommandTags.AddMember,name:r,publicKey:e,permissions:n})).chain(i=>t.EitherAsync.liftEither((0,d.eitherSeqRecord)({type:a.CommandTags.AddMember,name:r,publicKey:e,permissions:n,iv:()=>i.getIv(),newMember:()=>i.getNewMember()})))}signPublishKeyCommand({publicKey:r}){return this.signSingleCommand(p.LKRPCommand.bytesFromUnsignedData({type:a.CommandTags.PublishKey,recipient:r})).chain(e=>t.EitherAsync.liftEither((0,d.eitherSeqRecord)({type:a.CommandTags.PublishKey,recipient:r,iv:()=>e.getIv(),xpriv:()=>e.getXPriv(),ephemeralPublicKey:()=>e.getEphemeralPublicKey(),commandIv:()=>e.getCommandIv(),newMember:()=>e.getNewMember()})))}decryptBlock(r,{header:e,commands:n,signature:i}){const c=l.CryptoUtils.decrypt(i.secret,e.iv,e.issuer);return t.Either.sequence(n.map(y=>this.decryptCommand(i.secret,y))).map(y=>K.LKRPBlock.fromData({parent:(0,g.bufferToHexaString)(r),issuer:c,commands:y,signature:i.signature}))}decryptCommand(r,e){switch(e.type){case a.CommandTags.Derive:case a.CommandTags.PublishKey:{const n=l.CryptoUtils.decrypt(r,e.iv,e.xpriv);return(0,t.Right)(p.LKRPCommand.fromData({...e,initializationVector:e.commandIv,encryptedXpriv:n}))}case a.CommandTags.AddMember:return(0,t.Right)(p.LKRPCommand.fromData({...e}));default:return(0,t.Left)(new o.LKRPUnsupportedCommandError(e))}}}0&&(module.exports={SignBlockTask});
1
+ "use strict";var g=Object.defineProperty;var b=Object.getOwnPropertyDescriptor;var P=Object.getOwnPropertyNames;var f=Object.prototype.hasOwnProperty;var B=(s,r)=>{for(var e in r)g(s,e,{get:r[e],enumerable:!0})},K=(s,r,e,i)=>{if(r&&typeof r=="object"||typeof r=="function")for(let n of P(r))!f.call(s,n)&&n!==e&&g(s,n,{get:()=>r[n],enumerable:!(i=b(r,n))||i.enumerable});return s};var D=s=>K(g({},"__esModule",{value:!0}),s);var M={};B(M,{ISSUER_PLACEHOLDER:()=>h,SignBlockTask:()=>w});module.exports=D(M);var o=require("@ledgerhq/device-management-kit"),t=require("purify-ts"),S=require("../../app-binder/command/SignBlockHeader"),C=require("../../app-binder/command/SignBlockSignatureCommand"),v=require("../../app-binder/command/SignBlockSingleCommand"),l=require("../../utils/crypto"),d=require("../../utils/eitherSeqRecord"),k=require("../../utils/LKRPBlock"),y=require("../../utils/LKRPCommand"),a=require("../../utils/TLVTags"),u=require("./utils/TrustedProperties");const h=new Uint8Array([3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]);class w{constructor(r){this.api=r}run({lkrpDataSource:r,trustchainId:e,path:i,jwt:n,parent:m,blockFlow:c,sessionKeypair:A}){const E=this.signCommands(i,c);return(0,d.eitherAsyncSeqRecord)({header:this.signBlockHeader(m,E.length),commands:t.EitherAsync.sequence(E),signature:this.signBlockSignature(A)}).chain(p=>t.EitherAsync.liftEither(this.decryptBlock(m,p))).chain(p=>{switch(c.type){case"derive":return r.postDerivation(e,p,n);case"addMember":return r.putCommands(e,i,p,n)}})}signBlockHeader(r,e){return t.EitherAsync.fromPromise(async()=>{const i=Uint8Array.from([[a.GeneralTags.Int,1,1],[a.GeneralTags.Hash,r.length,...r],[a.GeneralTags.PublicKey,h.length,...h],[a.GeneralTags.Int,1,e]].flat());try{const n=await this.api.sendCommand(new S.SignBlockHeaderCommand({header:i}));if(n.status!==o.CommandResultStatus.Success)return(0,t.Left)(n.error);const m=new u.TrustedProperties(n.data);return(0,d.eitherSeqRecord)({iv:()=>m.getIv(),issuer:()=>m.getIssuer()})}catch(n){return(0,t.Left)(new o.UnknownDAError(String(n)))}})}signBlockSignature(r){return t.EitherAsync.fromPromise(async()=>{try{const e=await this.api.sendCommand(new C.SignBlockSignatureCommand);if(e.status!==o.CommandResultStatus.Success)return(0,t.Left)(e.error);const{signature:i,deviceSessionKey:n}=e.data,m=r.ecdh(n).slice(1);return(0,t.Right)({signature:i,secret:m})}catch(e){return(0,t.Left)(new o.UnknownDAError(String(e)))}})}signCommands(r,e){switch(e.type){case"derive":return[this.signDeriveCommand(r),this.signAddMemberCommand(e.data),this.signPublishKeyCommand(e.data)];case"addMember":return[this.signAddMemberCommand(e.data),this.signPublishKeyCommand(e.data)]}}signSingleCommand(r){return t.EitherAsync.fromPromise(async()=>{try{const e=await this.api.sendCommand(new v.SignBlockSingleCommand({command:r}));return e.status!==o.CommandResultStatus.Success?(0,t.Left)(e.error):(0,t.Right)(new u.TrustedProperties(e.data))}catch(e){return(0,t.Left)(new o.UnknownDAError(String(e)))}})}signDeriveCommand(r){return this.signSingleCommand(y.LKRPCommand.bytesFromUnsignedData({type:a.CommandTags.Derive,path:r})).chain(e=>t.EitherAsync.liftEither((0,d.eitherSeqRecord)({type:a.CommandTags.Derive,path:r,iv:()=>e.getIv(),xpriv:()=>e.getXPriv(),ephemeralPublicKey:()=>e.getEphemeralPublicKey(),commandIv:()=>e.getCommandIv(),groupKey:()=>e.getGroupKey(),newMember:()=>e.getNewMember()})))}signAddMemberCommand({name:r,publicKey:e,permissions:i}){return this.signSingleCommand(y.LKRPCommand.bytesFromUnsignedData({type:a.CommandTags.AddMember,name:r,publicKey:e,permissions:i})).chain(n=>t.EitherAsync.liftEither((0,d.eitherSeqRecord)({type:a.CommandTags.AddMember,name:r,publicKey:e,permissions:i,iv:()=>n.getIv(),newMember:()=>n.getNewMember()})))}signPublishKeyCommand({publicKey:r}){return this.signSingleCommand(y.LKRPCommand.bytesFromUnsignedData({type:a.CommandTags.PublishKey,recipient:r})).chain(e=>t.EitherAsync.liftEither((0,d.eitherSeqRecord)({type:a.CommandTags.PublishKey,recipient:r,iv:()=>e.getIv(),xpriv:()=>e.getXPriv(),ephemeralPublicKey:()=>e.getEphemeralPublicKey(),commandIv:()=>e.getCommandIv(),newMember:()=>e.getNewMember()})))}decryptBlock(r,{header:e,commands:i,signature:n}){const m=l.CryptoUtils.decrypt(n.secret,e.iv,e.issuer);return t.Either.sequence(i.map(c=>this.decryptCommand(n.secret,c))).map(c=>k.LKRPBlock.fromData({parent:(0,o.bufferToHexaString)(r),issuer:m,commands:c,signature:n.signature}))}decryptCommand(r,e){switch(e.type){case a.CommandTags.Derive:case a.CommandTags.PublishKey:{const i=l.CryptoUtils.decrypt(r,e.iv,e.xpriv);return(0,t.Right)(y.LKRPCommand.fromData({...e,initializationVector:e.commandIv,encryptedXpriv:i}))}case a.CommandTags.AddMember:return(0,t.Right)(y.LKRPCommand.fromData({...e}));default:return(0,t.Left)(new o.UnknownDAError("Unsupported command type"))}}}0&&(module.exports={ISSUER_PLACEHOLDER,SignBlockTask});
2
2
  //# sourceMappingURL=SignBlockTask.js.map
package/lib/cjs/internal/app-binder/task/SignBlockTask.js.map CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "version": 3,
3
3
  "sources": ["../../../../../src/internal/app-binder/task/SignBlockTask.ts"],
4
- "sourcesContent": ["import {\n bufferToHexaString,\n CommandResultStatus,\n type InternalApi,\n} from \"@ledgerhq/device-management-kit\";\nimport { Either, EitherAsync, Left, Right } from \"purify-ts\";\n\nimport {\n LKRPDataSourceError,\n type LKRPMissingDataError,\n LKRPOutdatedTrustchainError,\n type LKRPParsingError,\n LKRPUnknownError,\n LKRPUnsupportedCommandError,\n} from \"@api/app-binder/Errors\";\nimport { type JWT, type Keypair } from \"@api/index\";\nimport { SignBlockHeaderCommand } from \"@internal/app-binder/command/SignBlockHeader\";\nimport { SignBlockSignatureCommand } from \"@internal/app-binder/command/SignBlockSignatureCommand\";\nimport { SignBlockSingleCommand } from \"@internal/app-binder/command/SignBlockSingleCommand\";\nimport { type LKRPDeviceCommandError } from \"@internal/app-binder/command/utils/ledgerKeyringProtocolErrors\";\nimport { type LKRPDataSource } from \"@internal/lkrp-datasource/data/LKRPDataSource\";\nimport {\n type AddMemberUnsignedData,\n type EncryptedCommand,\n type EncryptedDeriveCommand,\n type EncryptedPublishKeyCommand,\n} from \"@internal/models/LKRPCommandTypes\";\nimport { CommandTags } from \"@internal/models/Tags\";\nimport { CryptoUtils } from \"@internal/utils/crypto\";\nimport {\n eitherAsyncSeqRecord,\n eitherSeqRecord,\n} from \"@internal/utils/eitherSeqRecord\";\nimport { LKRPBlock } from \"@internal/utils/LKRPBlock\";\nimport { LKRPCommand } from \"@internal/utils/LKRPCommand\";\n\nimport { TrustedProperties } from \"./utils/TrustedProperties\";\n\ntype BlockFlow =\n | { type: \"derive\"; data: AddMemberBlockData }\n | { type: \"addMember\"; data: AddMemberBlockData };\n\ntype AddMemberBlockData = {\n name: string;\n publicKey: Uint8Array;\n permissions: number;\n};\n\ntype HeaderPayload = {\n iv: Uint8Array;\n issuer: Uint8Array;\n};\ntype SignaturePayload = {\n secret: Uint8Array;\n signature: Uint8Array;\n};\n\ntype EncryptedBlock = {\n header: HeaderPayload;\n commands: EncryptedCommand[];\n signature: SignaturePayload;\n};\n\ntype SignBlockError =\n | LKRPDeviceCommandError\n | LKRPParsingError\n | LKRPMissingDataError\n | LKRPDataSourceError\n | LKRPOutdatedTrustchainError\n | LKRPUnknownError;\n\nexport type SignBlockTaskInput = {\n lkrpDataSource: LKRPDataSource;\n trustchainId: string;\n path: string;\n jwt: JWT;\n parent: Uint8Array;\n blockFlow: BlockFlow;\n sessionKeypair: Keypair;\n};\n\nexport class SignBlockTask {\n constructor(private readonly api: InternalApi) {}\n\n run({\n lkrpDataSource,\n trustchainId,\n path,\n jwt,\n parent,\n blockFlow,\n sessionKeypair,\n }: SignBlockTaskInput): EitherAsync<SignBlockError, void> {\n const commands = this.signCommands(path, blockFlow);\n return eitherAsyncSeqRecord({\n header: this.signBlockHeader(parent, commands.length),\n commands: EitherAsync.sequence(commands),\n signature: this.signBlockSignature(sessionKeypair),\n })\n .chain((encryptedBlock) =>\n EitherAsync.liftEither(this.decryptBlock(parent, encryptedBlock)),\n )\n .chain((block) => {\n switch (blockFlow.type) {\n case \"derive\":\n return lkrpDataSource.postDerivation(trustchainId, block, jwt);\n case \"addMember\":\n return lkrpDataSource.putCommands(trustchainId, path, block, jwt);\n }\n })\n .mapLeft((error) =>\n error instanceof LKRPDataSourceError && error.status === \"BAD_REQUEST\"\n ? new LKRPOutdatedTrustchainError()\n : error,\n );\n }\n\n signBlockHeader(\n parent: Uint8Array,\n commandCount: number,\n ): EitherAsync<SignBlockError, HeaderPayload> {\n return EitherAsync.fromPromise(async () => {\n try {\n const response = await this.api.sendCommand(\n new SignBlockHeaderCommand({ parent, commandCount }),\n );\n if (response.status !== CommandResultStatus.Success) {\n return Left(response.error);\n }\n const trustedProps = new TrustedProperties(response.data);\n return eitherSeqRecord({\n iv: () => trustedProps.getIv(),\n issuer: () => trustedProps.getIssuer(),\n }) as Either<SignBlockError, HeaderPayload>;\n } catch (error) {\n return Left(new LKRPUnknownError(String(error)));\n }\n });\n }\n\n signBlockSignature(\n sessionKeypair: Keypair,\n ): EitherAsync<SignBlockError, SignaturePayload> {\n return EitherAsync.fromPromise(async () => {\n try {\n const response = await this.api.sendCommand(\n new SignBlockSignatureCommand(),\n );\n if (response.status !== CommandResultStatus.Success) {\n return Left(response.error);\n }\n const { signature, deviceSessionKey } = response.data;\n // At this step, the shared secret is used directly as an encryption key after removing the first byte\n const secret = sessionKeypair.ecdh(deviceSessionKey).slice(1);\n return Right({ signature, secret });\n } catch (error) {\n return Left(new LKRPUnknownError(String(error)));\n }\n });\n }\n\n signCommands(\n applicationPath: string,\n block: BlockFlow,\n ): EitherAsync<SignBlockError, EncryptedCommand>[] {\n switch (block.type) {\n case \"derive\":\n return [\n this.signDeriveCommand(applicationPath),\n this.signAddMemberCommand(block.data),\n this.signPublishKeyCommand(block.data),\n ];\n case \"addMember\":\n return [\n this.signAddMemberCommand(block.data),\n this.signPublishKeyCommand(block.data),\n ];\n }\n }\n\n signSingleCommand(command: Uint8Array) {\n return EitherAsync.fromPromise(\n async (): Promise<Either<SignBlockError, TrustedProperties>> => {\n try {\n const response = await this.api.sendCommand(\n new SignBlockSingleCommand({ command }),\n );\n if (response.status !== CommandResultStatus.Success) {\n return Left(response.error);\n }\n return Right(new TrustedProperties(response.data));\n } catch (error) {\n return Left(new LKRPUnknownError(String(error)));\n }\n },\n );\n }\n\n signDeriveCommand(applicationPath: string) {\n return this.signSingleCommand(\n LKRPCommand.bytesFromUnsignedData({\n type: CommandTags.Derive,\n path: applicationPath,\n }),\n ).chain((trustedProps) =>\n EitherAsync.liftEither<SignBlockError, EncryptedDeriveCommand>(\n eitherSeqRecord({\n type: CommandTags.Derive,\n path: applicationPath,\n iv: () => trustedProps.getIv(),\n xpriv: () => trustedProps.getXPriv(),\n ephemeralPublicKey: () => trustedProps.getEphemeralPublicKey(),\n commandIv: () => trustedProps.getCommandIv(),\n groupKey: () => trustedProps.getGroupKey(),\n newMember: () => trustedProps.getNewMember(), // Just validate it's there\n }),\n ),\n );\n }\n\n signAddMemberCommand({ name, publicKey, permissions }: AddMemberBlockData) {\n return this.signSingleCommand(\n LKRPCommand.bytesFromUnsignedData({\n type: CommandTags.AddMember,\n name,\n publicKey,\n permissions,\n }),\n ).chain((trustedProps) =>\n EitherAsync.liftEither<SignBlockError, AddMemberUnsignedData>(\n eitherSeqRecord({\n type: CommandTags.AddMember,\n name,\n publicKey,\n permissions,\n iv: () => trustedProps.getIv(), // Just validate it's there\n newMember: () => trustedProps.getNewMember(), // Just validate it's there\n }),\n ),\n );\n }\n\n signPublishKeyCommand({ publicKey }: Pick<AddMemberBlockData, \"publicKey\">) {\n return this.signSingleCommand(\n LKRPCommand.bytesFromUnsignedData({\n type: CommandTags.PublishKey,\n recipient: publicKey,\n }),\n ).chain((trustedProps) =>\n EitherAsync.liftEither<SignBlockError, EncryptedPublishKeyCommand>(\n eitherSeqRecord({\n type: CommandTags.PublishKey,\n recipient: publicKey,\n iv: () => trustedProps.getIv(),\n xpriv: () => trustedProps.getXPriv(),\n ephemeralPublicKey: () => trustedProps.getEphemeralPublicKey(),\n commandIv: () => trustedProps.getCommandIv(),\n newMember: () => trustedProps.getNewMember(), // Just validate it's there,\n }),\n ),\n );\n }\n\n decryptBlock(\n parent: Uint8Array,\n { header, commands, signature }: EncryptedBlock,\n ): Either<SignBlockError, LKRPBlock> {\n const decryptedIssuer = CryptoUtils.decrypt(\n signature.secret,\n header.iv,\n header.issuer,\n );\n return Either.sequence(\n commands.map((command) => this.decryptCommand(signature.secret, command)),\n ).map((decryptedCommands) =>\n LKRPBlock.fromData({\n parent: bufferToHexaString(parent),\n issuer: decryptedIssuer,\n commands: decryptedCommands,\n signature: signature.signature,\n }),\n );\n }\n\n decryptCommand(\n secret: Uint8Array,\n command: EncryptedCommand,\n ): Either<LKRPUnknownError, LKRPCommand> {\n switch (command.type) {\n case CommandTags.Derive:\n case CommandTags.PublishKey: {\n const encryptedXpriv = CryptoUtils.decrypt(\n secret,\n command.iv,\n command.xpriv,\n );\n return Right(\n LKRPCommand.fromData({\n ...command,\n initializationVector: command.commandIv,\n encryptedXpriv,\n }),\n );\n }\n case CommandTags.AddMember:\n return Right(LKRPCommand.fromData({ ...command }));\n default:\n return Left(new LKRPUnsupportedCommandError(command));\n }\n }\n}\n"],
5
- "mappings": "yaAAA,IAAAA,EAAA,GAAAC,EAAAD,EAAA,mBAAAE,IAAA,eAAAC,EAAAH,GAAA,IAAAI,EAIO,2CACPC,EAAiD,qBAEjDC,EAOO,kCAEPC,EAAuC,wDACvCC,EAA0C,kEAC1CC,EAAuC,+DASvCC,EAA4B,iCAC5BC,EAA4B,kCAC5BC,EAGO,2CACPC,EAA0B,qCAC1BC,EAA4B,uCAE5BC,EAAkC,qCA6C3B,MAAMb,CAAc,CACzB,YAA6Bc,EAAkB,CAAlB,SAAAA,CAAmB,CAEhD,IAAI,CACF,eAAAC,EACA,aAAAC,EACA,KAAAC,EACA,IAAAC,EACA,OAAAC,EACA,UAAAC,EACA,eAAAC,CACF,EAA0D,CACxD,MAAMC,EAAW,KAAK,aAAaL,EAAMG,CAAS,EAClD,SAAO,wBAAqB,CAC1B,OAAQ,KAAK,gBAAgBD,EAAQG,EAAS,MAAM,EACpD,SAAU,cAAY,SAASA,CAAQ,EACvC,UAAW,KAAK,mBAAmBD,CAAc,CACnD,CAAC,EACE,MAAOE,GACN,cAAY,WAAW,KAAK,aAAaJ,EAAQI,CAAc,CAAC,CAClE,EACC,MAAOC,GAAU,CAChB,OAAQJ,EAAU,KAAM,CACtB,IAAK,SACH,OAAOL,EAAe,eAAeC,EAAcQ,EAAON,CAAG,EAC/D,IAAK,YACH,OAAOH,EAAe,YAAYC,EAAcC,EAAMO,EAAON,CAAG,CACpE,CACF,CAAC,EACA,QAASO,GACRA,aAAiB,uBAAuBA,EAAM,SAAW,cACrD,IAAI,8BACJA,CACN,CACJ,CAEA,gBACEN,EACAO,EAC4C,CAC5C,OAAO,cAAY,YAAY,SAAY,CACzC,GAAI,CACF,MAAMC,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAI,yBAAuB,CAAE,OAAAR,EAAQ,aAAAO,CAAa,CAAC,CACrD,EACA,GAAIC,EAAS,SAAW,sBAAoB,QAC1C,SAAO,QAAKA,EAAS,KAAK,EAE5B,MAAMC,EAAe,IAAI,oBAAkBD,EAAS,IAAI,EACxD,SAAO,mBAAgB,CACrB,GAAI,IAAMC,EAAa,MAAM,EAC7B,OAAQ,IAAMA,EAAa,UAAU,CACvC,CAAC,CACH,OAASH,EAAO,CACd,SAAO,QAAK,IAAI,mBAAiB,OAAOA,CAAK,CAAC,CAAC,CACjD,CACF,CAAC,CACH,CAEA,mBACEJ,EAC+C,CAC/C,OAAO,cAAY,YAAY,SAAY,CACzC,GAAI,CACF,MAAMM,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAI,2BACN,EACA,GAAIA,EAAS,SAAW,sBAAoB,QAC1C,SAAO,QAAKA,EAAS,KAAK,EAE5B,KAAM,CAAE,UAAAE,EAAW,iBAAAC,CAAiB,EAAIH,EAAS,KAE3CI,EAASV,EAAe,KAAKS,CAAgB,EAAE,MAAM,CAAC,EAC5D,SAAO,SAAM,CAAE,UAAAD,EAAW,OAAAE,CAAO,CAAC,CACpC,OAASN,EAAO,CACd,SAAO,QAAK,IAAI,mBAAiB,OAAOA,CAAK,CAAC,CAAC,CACjD,CACF,CAAC,CACH,CAEA,aACEO,EACAR,EACiD,CACjD,OAAQA,EAAM,KAAM,CAClB,IAAK,SACH,MAAO,CACL,KAAK,kBAAkBQ,CAAe,EACtC,KAAK,qBAAqBR,EAAM,IAAI,EACpC,KAAK,sBAAsBA,EAAM,IAAI,CACvC,EACF,IAAK,YACH,MAAO,CACL,KAAK,qBAAqBA,EAAM,IAAI,EACpC,KAAK,sBAAsBA,EAAM,IAAI,CACvC,CACJ,CACF,CAEA,kBAAkBS,EAAqB,CACrC,OAAO,cAAY,YACjB,SAAgE,CAC9D,GAAI,CACF,MAAMN,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAI,yBAAuB,CAAE,QAAAM,CAAQ,CAAC,CACxC,EACA,OAAIN,EAAS,SAAW,sBAAoB,WACnC,QAAKA,EAAS,KAAK,KAErB,SAAM,IAAI,oBAAkBA,EAAS,IAAI,CAAC,CACnD,OAASF,EAAO,CACd,SAAO,QAAK,IAAI,mBAAiB,OAAOA,CAAK,CAAC,CAAC,CACjD,CACF,CACF,CACF,CAEA,kBAAkBO,EAAyB,CACzC,OAAO,KAAK,kBACV,cAAY,sBAAsB,CAChC,KAAM,cAAY,OAClB,KAAMA,CACR,CAAC,CACH,EAAE,MAAOJ,GACP,cAAY,cACV,mBAAgB,CACd,KAAM,cAAY,OAClB,KAAMI,EACN,GAAI,IAAMJ,EAAa,MAAM,EAC7B,MAAO,IAAMA,EAAa,SAAS,EACnC,mBAAoB,IAAMA,EAAa,sBAAsB,EAC7D,UAAW,IAAMA,EAAa,aAAa,EAC3C,SAAU,IAAMA,EAAa,YAAY,EACzC,UAAW,IAAMA,EAAa,aAAa,CAC7C,CAAC,CACH,CACF,CACF,CAEA,qBAAqB,CAAE,KAAAM,EAAM,UAAAC,EAAW,YAAAC,CAAY,EAAuB,CACzE,OAAO,KAAK,kBACV,cAAY,sBAAsB,CAChC,KAAM,cAAY,UAClB,KAAAF,EACA,UAAAC,EACA,YAAAC,CACF,CAAC,CACH,EAAE,MAAOR,GACP,cAAY,cACV,mBAAgB,CACd,KAAM,cAAY,UAClB,KAAAM,EACA,UAAAC,EACA,YAAAC,EACA,GAAI,IAAMR,EAAa,MAAM,EAC7B,UAAW,IAAMA,EAAa,aAAa,CAC7C,CAAC,CACH,CACF,CACF,CAEA,sBAAsB,CAAE,UAAAO,CAAU,EAA0C,CAC1E,OAAO,KAAK,kBACV,cAAY,sBAAsB,CAChC,KAAM,cAAY,WAClB,UAAWA,CACb,CAAC,CACH,EAAE,MAAOP,GACP,cAAY,cACV,mBAAgB,CACd,KAAM,cAAY,WAClB,UAAWO,EACX,GAAI,IAAMP,EAAa,MAAM,EAC7B,MAAO,IAAMA,EAAa,SAAS,EACnC,mBAAoB,IAAMA,EAAa,sBAAsB,EAC7D,UAAW,IAAMA,EAAa,aAAa,EAC3C,UAAW,IAAMA,EAAa,aAAa,CAC7C,CAAC,CACH,CACF,CACF,CAEA,aACET,EACA,CAAE,OAAAkB,EAAQ,SAAAf,EAAU,UAAAO,CAAU,EACK,CACnC,MAAMS,EAAkB,cAAY,QAClCT,EAAU,OACVQ,EAAO,GACPA,EAAO,MACT,EACA,OAAO,SAAO,SACZf,EAAS,IAAKW,GAAY,KAAK,eAAeJ,EAAU,OAAQI,CAAO,CAAC,CAC1E,EAAE,IAAKM,GACL,YAAU,SAAS,CACjB,UAAQ,sBAAmBpB,CAAM,EACjC,OAAQmB,EACR,SAAUC,EACV,UAAWV,EAAU,SACvB,CAAC,CACH,CACF,CAEA,eACEE,EACAE,EACuC,CACvC,OAAQA,EAAQ,KAAM,CACpB,KAAK,cAAY,OACjB,KAAK,cAAY,WAAY,CAC3B,MAAMO,EAAiB,cAAY,QACjCT,EACAE,EAAQ,GACRA,EAAQ,KACV,EACA,SAAO,SACL,cAAY,SAAS,CACnB,GAAGA,EACH,qBAAsBA,EAAQ,UAC9B,eAAAO,CACF,CAAC,CACH,CACF,CACA,KAAK,cAAY,UACf,SAAO,SAAM,cAAY,SAAS,CAAE,GAAGP,CAAQ,CAAC,CAAC,EACnD,QACE,SAAO,QAAK,IAAI,8BAA4BA,CAAO,CAAC,CACxD,CACF,CACF",
6
- "names": ["SignBlockTask_exports", "__export", "SignBlockTask", "__toCommonJS", "import_device_management_kit", "import_purify_ts", "import_Errors", "import_SignBlockHeader", "import_SignBlockSignatureCommand", "import_SignBlockSingleCommand", "import_Tags", "import_crypto", "import_eitherSeqRecord", "import_LKRPBlock", "import_LKRPCommand", "import_TrustedProperties", "api", "lkrpDataSource", "trustchainId", "path", "jwt", "parent", "blockFlow", "sessionKeypair", "commands", "encryptedBlock", "block", "error", "commandCount", "response", "trustedProps", "signature", "deviceSessionKey", "secret", "applicationPath", "command", "name", "publicKey", "permissions", "header", "decryptedIssuer", "decryptedCommands", "encryptedXpriv"]
4
+ "sourcesContent": ["import {\n bufferToHexaString,\n CommandResultStatus,\n type InternalApi,\n UnknownDAError,\n} from \"@ledgerhq/device-management-kit\";\nimport { Either, EitherAsync, Left, Right } from \"purify-ts\";\n\nimport {\n type LKRPHttpRequestError,\n type LKRPMissingDataError,\n type LKRPParsingError,\n} from \"@api/app-binder/Errors\";\nimport { type JWT, type Keypair } from \"@api/index\";\nimport { SignBlockHeaderCommand } from \"@internal/app-binder/command/SignBlockHeader\";\nimport { SignBlockSignatureCommand } from \"@internal/app-binder/command/SignBlockSignatureCommand\";\nimport { SignBlockSingleCommand } from \"@internal/app-binder/command/SignBlockSingleCommand\";\nimport { type LKRPDeviceCommandError } from \"@internal/app-binder/command/utils/ledgerKeyringProtocolErrors\";\nimport { type LKRPDataSource } from \"@internal/lkrp-datasource/data/LKRPDataSource\";\nimport { CryptoUtils } from \"@internal/utils/crypto\";\nimport {\n eitherAsyncSeqRecord,\n eitherSeqRecord,\n} from \"@internal/utils/eitherSeqRecord\";\nimport { LKRPBlock } from \"@internal/utils/LKRPBlock\";\nimport { LKRPCommand } from \"@internal/utils/LKRPCommand\";\nimport { CommandTags, GeneralTags } from \"@internal/utils/TLVTags\";\nimport {\n type AddMemberUnsignedData,\n type EncryptedCommand,\n type EncryptedDeriveCommand,\n type EncryptedPublishKeyCommand,\n} from \"@internal/utils/types\";\n\nimport { TrustedProperties } from \"./utils/TrustedProperties\";\n\ntype BlockFlow =\n | { type: \"derive\"; data: AddMemberBlockData }\n | { type: \"addMember\"; data: AddMemberBlockData };\n\ntype AddMemberBlockData = {\n name: string;\n publicKey: Uint8Array;\n permissions: number;\n};\n\ntype HeaderPayload = {\n iv: Uint8Array;\n issuer: Uint8Array;\n};\ntype SignaturePayload = {\n secret: Uint8Array;\n signature: Uint8Array;\n};\n\ntype EncryptedBlock = {\n header: HeaderPayload;\n commands: EncryptedCommand[];\n signature: SignaturePayload;\n};\n\nexport type SignBlockError =\n | LKRPDeviceCommandError\n | LKRPParsingError\n | LKRPMissingDataError\n | LKRPHttpRequestError\n | UnknownDAError;\n\nexport type SignBlockTaskInput = {\n lkrpDataSource: LKRPDataSource;\n trustchainId: string;\n path: string;\n jwt: JWT;\n parent: Uint8Array;\n blockFlow: BlockFlow;\n sessionKeypair: Keypair;\n};\n\nexport const ISSUER_PLACEHOLDER = new Uint8Array([\n 3, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,\n 0, 0, 0, 0, 0, 0, 0,\n]);\n\nexport class SignBlockTask {\n constructor(private readonly api: InternalApi) {}\n\n run({\n lkrpDataSource,\n trustchainId,\n path,\n jwt,\n parent,\n blockFlow,\n sessionKeypair,\n }: SignBlockTaskInput): EitherAsync<SignBlockError, void> {\n const commands = this.signCommands(path, blockFlow);\n return eitherAsyncSeqRecord({\n header: this.signBlockHeader(parent, commands.length),\n commands: EitherAsync.sequence(commands),\n signature: this.signBlockSignature(sessionKeypair),\n })\n .chain((encryptedBlock) =>\n EitherAsync.liftEither(this.decryptBlock(parent, encryptedBlock)),\n )\n .chain((block) => {\n switch (blockFlow.type) {\n case \"derive\":\n return lkrpDataSource.postDerivation(trustchainId, block, jwt);\n case \"addMember\":\n return lkrpDataSource.putCommands(trustchainId, path, block, jwt);\n }\n });\n }\n\n signBlockHeader(\n parent: Uint8Array,\n commandCount: number,\n ): EitherAsync<SignBlockError, HeaderPayload> {\n return EitherAsync.fromPromise(async () => {\n const header = Uint8Array.from(\n [\n [GeneralTags.Int, 1, 1], // Version 1\n [GeneralTags.Hash, parent.length, ...parent], // Parent block hash\n [\n GeneralTags.PublicKey,\n ISSUER_PLACEHOLDER.length,\n ...ISSUER_PLACEHOLDER,\n ], // Placeholder for issuer public key (will be replaced by the device)\n [GeneralTags.Int, 1, commandCount],\n ].flat(),\n );\n try {\n const response = await this.api.sendCommand(\n new SignBlockHeaderCommand({ header }),\n );\n if (response.status !== CommandResultStatus.Success) {\n return Left(response.error);\n }\n const trustedProps = new TrustedProperties(response.data);\n return eitherSeqRecord({\n iv: () => trustedProps.getIv(),\n issuer: () => trustedProps.getIssuer(),\n }) as Either<SignBlockError, HeaderPayload>;\n } catch (error) {\n return Left(new UnknownDAError(String(error)));\n }\n });\n }\n\n signBlockSignature(\n sessionKeypair: Keypair,\n ): EitherAsync<SignBlockError, SignaturePayload> {\n return EitherAsync.fromPromise(async () => {\n try {\n const response = await this.api.sendCommand(\n new SignBlockSignatureCommand(),\n );\n if (response.status !== CommandResultStatus.Success) {\n return Left(response.error);\n }\n const { signature, deviceSessionKey } = response.data;\n // At this step, the shared secret is used directly as an encryption key after removing the first byte\n const secret = sessionKeypair.ecdh(deviceSessionKey).slice(1);\n return Right({ signature, secret });\n } catch (error) {\n return Left(new UnknownDAError(String(error)));\n }\n });\n }\n\n signCommands(\n applicationPath: string,\n block: BlockFlow,\n ): EitherAsync<SignBlockError, EncryptedCommand>[] {\n switch (block.type) {\n case \"derive\":\n return [\n this.signDeriveCommand(applicationPath),\n this.signAddMemberCommand(block.data),\n this.signPublishKeyCommand(block.data),\n ];\n case \"addMember\":\n return [\n this.signAddMemberCommand(block.data),\n this.signPublishKeyCommand(block.data),\n ];\n }\n }\n\n signSingleCommand(command: Uint8Array) {\n return EitherAsync.fromPromise(\n async (): Promise<Either<SignBlockError, TrustedProperties>> => {\n try {\n const response = await this.api.sendCommand(\n new SignBlockSingleCommand({ command }),\n );\n if (response.status !== CommandResultStatus.Success) {\n return Left(response.error);\n }\n return Right(new TrustedProperties(response.data));\n } catch (error) {\n return Left(new UnknownDAError(String(error)));\n }\n },\n );\n }\n\n signDeriveCommand(applicationPath: string) {\n return this.signSingleCommand(\n LKRPCommand.bytesFromUnsignedData({\n type: CommandTags.Derive,\n path: applicationPath,\n }),\n ).chain((trustedProps) =>\n EitherAsync.liftEither<SignBlockError, EncryptedDeriveCommand>(\n eitherSeqRecord({\n type: CommandTags.Derive,\n path: applicationPath,\n iv: () => trustedProps.getIv(),\n xpriv: () => trustedProps.getXPriv(),\n ephemeralPublicKey: () => trustedProps.getEphemeralPublicKey(),\n commandIv: () => trustedProps.getCommandIv(),\n groupKey: () => trustedProps.getGroupKey(),\n newMember: () => trustedProps.getNewMember(), // Just validate it's there\n }),\n ),\n );\n }\n\n signAddMemberCommand({ name, publicKey, permissions }: AddMemberBlockData) {\n return this.signSingleCommand(\n LKRPCommand.bytesFromUnsignedData({\n type: CommandTags.AddMember,\n name,\n publicKey,\n permissions,\n }),\n ).chain((trustedProps) =>\n EitherAsync.liftEither<SignBlockError, AddMemberUnsignedData>(\n eitherSeqRecord({\n type: CommandTags.AddMember,\n name,\n publicKey,\n permissions,\n iv: () => trustedProps.getIv(), // Just validate it's there\n newMember: () => trustedProps.getNewMember(), // Just validate it's there\n }),\n ),\n );\n }\n\n signPublishKeyCommand({ publicKey }: Pick<AddMemberBlockData, \"publicKey\">) {\n return this.signSingleCommand(\n LKRPCommand.bytesFromUnsignedData({\n type: CommandTags.PublishKey,\n recipient: publicKey,\n }),\n ).chain((trustedProps) =>\n EitherAsync.liftEither<SignBlockError, EncryptedPublishKeyCommand>(\n eitherSeqRecord({\n type: CommandTags.PublishKey,\n recipient: publicKey,\n iv: () => trustedProps.getIv(),\n xpriv: () => trustedProps.getXPriv(),\n ephemeralPublicKey: () => trustedProps.getEphemeralPublicKey(),\n commandIv: () => trustedProps.getCommandIv(),\n newMember: () => trustedProps.getNewMember(), // Just validate it's there,\n }),\n ),\n );\n }\n\n decryptBlock(\n parent: Uint8Array,\n { header, commands, signature }: EncryptedBlock,\n ): Either<SignBlockError, LKRPBlock> {\n const decryptedIssuer = CryptoUtils.decrypt(\n signature.secret,\n header.iv,\n header.issuer,\n );\n return Either.sequence(\n commands.map((command) => this.decryptCommand(signature.secret, command)),\n ).map((decryptedCommands) =>\n LKRPBlock.fromData({\n parent: bufferToHexaString(parent),\n issuer: decryptedIssuer,\n commands: decryptedCommands,\n signature: signature.signature,\n }),\n );\n }\n\n decryptCommand(\n secret: Uint8Array,\n command: EncryptedCommand,\n ): Either<UnknownDAError, LKRPCommand> {\n switch (command.type) {\n case CommandTags.Derive:\n case CommandTags.PublishKey: {\n const encryptedXpriv = CryptoUtils.decrypt(\n secret,\n command.iv,\n command.xpriv,\n );\n return Right(\n LKRPCommand.fromData({\n ...command,\n initializationVector: command.commandIv,\n encryptedXpriv,\n }),\n );\n }\n case CommandTags.AddMember:\n return Right(LKRPCommand.fromData({ ...command }));\n default:\n return Left(new UnknownDAError(\"Unsupported command type\"));\n }\n }\n}\n"],
5
+ "mappings": "yaAAA,IAAAA,EAAA,GAAAC,EAAAD,EAAA,wBAAAE,EAAA,kBAAAC,IAAA,eAAAC,EAAAJ,GAAA,IAAAK,EAKO,2CACPC,EAAiD,qBAQjDC,EAAuC,wDACvCC,EAA0C,kEAC1CC,EAAuC,+DAGvCC,EAA4B,kCAC5BC,EAGO,2CACPC,EAA0B,qCAC1BC,EAA4B,uCAC5BC,EAAyC,mCAQzCC,EAAkC,qCA4C3B,MAAMb,EAAqB,IAAI,WAAW,CAC/C,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAC3E,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,CACpB,CAAC,EAEM,MAAMC,CAAc,CACzB,YAA6Ba,EAAkB,CAAlB,SAAAA,CAAmB,CAEhD,IAAI,CACF,eAAAC,EACA,aAAAC,EACA,KAAAC,EACA,IAAAC,EACA,OAAAC,EACA,UAAAC,EACA,eAAAC,CACF,EAA0D,CACxD,MAAMC,EAAW,KAAK,aAAaL,EAAMG,CAAS,EAClD,SAAO,wBAAqB,CAC1B,OAAQ,KAAK,gBAAgBD,EAAQG,EAAS,MAAM,EACpD,SAAU,cAAY,SAASA,CAAQ,EACvC,UAAW,KAAK,mBAAmBD,CAAc,CACnD,CAAC,EACE,MAAOE,GACN,cAAY,WAAW,KAAK,aAAaJ,EAAQI,CAAc,CAAC,CAClE,EACC,MAAOC,GAAU,CAChB,OAAQJ,EAAU,KAAM,CACtB,IAAK,SACH,OAAOL,EAAe,eAAeC,EAAcQ,EAAON,CAAG,EAC/D,IAAK,YACH,OAAOH,EAAe,YAAYC,EAAcC,EAAMO,EAAON,CAAG,CACpE,CACF,CAAC,CACL,CAEA,gBACEC,EACAM,EAC4C,CAC5C,OAAO,cAAY,YAAY,SAAY,CACzC,MAAMC,EAAS,WAAW,KACxB,CACE,CAAC,cAAY,IAAK,EAAG,CAAC,EACtB,CAAC,cAAY,KAAMP,EAAO,OAAQ,GAAGA,CAAM,EAC3C,CACE,cAAY,UACZnB,EAAmB,OACnB,GAAGA,CACL,EACA,CAAC,cAAY,IAAK,EAAGyB,CAAY,CACnC,EAAE,KAAK,CACT,EACA,GAAI,CACF,MAAME,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAI,yBAAuB,CAAE,OAAAD,CAAO,CAAC,CACvC,EACA,GAAIC,EAAS,SAAW,sBAAoB,QAC1C,SAAO,QAAKA,EAAS,KAAK,EAE5B,MAAMC,EAAe,IAAI,oBAAkBD,EAAS,IAAI,EACxD,SAAO,mBAAgB,CACrB,GAAI,IAAMC,EAAa,MAAM,EAC7B,OAAQ,IAAMA,EAAa,UAAU,CACvC,CAAC,CACH,OAASC,EAAO,CACd,SAAO,QAAK,IAAI,iBAAe,OAAOA,CAAK,CAAC,CAAC,CAC/C,CACF,CAAC,CACH,CAEA,mBACER,EAC+C,CAC/C,OAAO,cAAY,YAAY,SAAY,CACzC,GAAI,CACF,MAAMM,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAI,2BACN,EACA,GAAIA,EAAS,SAAW,sBAAoB,QAC1C,SAAO,QAAKA,EAAS,KAAK,EAE5B,KAAM,CAAE,UAAAG,EAAW,iBAAAC,CAAiB,EAAIJ,EAAS,KAE3CK,EAASX,EAAe,KAAKU,CAAgB,EAAE,MAAM,CAAC,EAC5D,SAAO,SAAM,CAAE,UAAAD,EAAW,OAAAE,CAAO,CAAC,CACpC,OAASH,EAAO,CACd,SAAO,QAAK,IAAI,iBAAe,OAAOA,CAAK,CAAC,CAAC,CAC/C,CACF,CAAC,CACH,CAEA,aACEI,EACAT,EACiD,CACjD,OAAQA,EAAM,KAAM,CAClB,IAAK,SACH,MAAO,CACL,KAAK,kBAAkBS,CAAe,EACtC,KAAK,qBAAqBT,EAAM,IAAI,EACpC,KAAK,sBAAsBA,EAAM,IAAI,CACvC,EACF,IAAK,YACH,MAAO,CACL,KAAK,qBAAqBA,EAAM,IAAI,EACpC,KAAK,sBAAsBA,EAAM,IAAI,CACvC,CACJ,CACF,CAEA,kBAAkBU,EAAqB,CACrC,OAAO,cAAY,YACjB,SAAgE,CAC9D,GAAI,CACF,MAAMP,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAI,yBAAuB,CAAE,QAAAO,CAAQ,CAAC,CACxC,EACA,OAAIP,EAAS,SAAW,sBAAoB,WACnC,QAAKA,EAAS,KAAK,KAErB,SAAM,IAAI,oBAAkBA,EAAS,IAAI,CAAC,CACnD,OAASE,EAAO,CACd,SAAO,QAAK,IAAI,iBAAe,OAAOA,CAAK,CAAC,CAAC,CAC/C,CACF,CACF,CACF,CAEA,kBAAkBI,EAAyB,CACzC,OAAO,KAAK,kBACV,cAAY,sBAAsB,CAChC,KAAM,cAAY,OAClB,KAAMA,CACR,CAAC,CACH,EAAE,MAAOL,GACP,cAAY,cACV,mBAAgB,CACd,KAAM,cAAY,OAClB,KAAMK,EACN,GAAI,IAAML,EAAa,MAAM,EAC7B,MAAO,IAAMA,EAAa,SAAS,EACnC,mBAAoB,IAAMA,EAAa,sBAAsB,EAC7D,UAAW,IAAMA,EAAa,aAAa,EAC3C,SAAU,IAAMA,EAAa,YAAY,EACzC,UAAW,IAAMA,EAAa,aAAa,CAC7C,CAAC,CACH,CACF,CACF,CAEA,qBAAqB,CAAE,KAAAO,EAAM,UAAAC,EAAW,YAAAC,CAAY,EAAuB,CACzE,OAAO,KAAK,kBACV,cAAY,sBAAsB,CAChC,KAAM,cAAY,UAClB,KAAAF,EACA,UAAAC,EACA,YAAAC,CACF,CAAC,CACH,EAAE,MAAOT,GACP,cAAY,cACV,mBAAgB,CACd,KAAM,cAAY,UAClB,KAAAO,EACA,UAAAC,EACA,YAAAC,EACA,GAAI,IAAMT,EAAa,MAAM,EAC7B,UAAW,IAAMA,EAAa,aAAa,CAC7C,CAAC,CACH,CACF,CACF,CAEA,sBAAsB,CAAE,UAAAQ,CAAU,EAA0C,CAC1E,OAAO,KAAK,kBACV,cAAY,sBAAsB,CAChC,KAAM,cAAY,WAClB,UAAWA,CACb,CAAC,CACH,EAAE,MAAOR,GACP,cAAY,cACV,mBAAgB,CACd,KAAM,cAAY,WAClB,UAAWQ,EACX,GAAI,IAAMR,EAAa,MAAM,EAC7B,MAAO,IAAMA,EAAa,SAAS,EACnC,mBAAoB,IAAMA,EAAa,sBAAsB,EAC7D,UAAW,IAAMA,EAAa,aAAa,EAC3C,UAAW,IAAMA,EAAa,aAAa,CAC7C,CAAC,CACH,CACF,CACF,CAEA,aACET,EACA,CAAE,OAAAO,EAAQ,SAAAJ,EAAU,UAAAQ,CAAU,EACK,CACnC,MAAMQ,EAAkB,cAAY,QAClCR,EAAU,OACVJ,EAAO,GACPA,EAAO,MACT,EACA,OAAO,SAAO,SACZJ,EAAS,IAAKY,GAAY,KAAK,eAAeJ,EAAU,OAAQI,CAAO,CAAC,CAC1E,EAAE,IAAKK,GACL,YAAU,SAAS,CACjB,UAAQ,sBAAmBpB,CAAM,EACjC,OAAQmB,EACR,SAAUC,EACV,UAAWT,EAAU,SACvB,CAAC,CACH,CACF,CAEA,eACEE,EACAE,EACqC,CACrC,OAAQA,EAAQ,KAAM,CACpB,KAAK,cAAY,OACjB,KAAK,cAAY,WAAY,CAC3B,MAAMM,EAAiB,cAAY,QACjCR,EACAE,EAAQ,GACRA,EAAQ,KACV,EACA,SAAO,SACL,cAAY,SAAS,CACnB,GAAGA,EACH,qBAAsBA,EAAQ,UAC9B,eAAAM,CACF,CAAC,CACH,CACF,CACA,KAAK,cAAY,UACf,SAAO,SAAM,cAAY,SAAS,CAAE,GAAGN,CAAQ,CAAC,CAAC,EACnD,QACE,SAAO,QAAK,IAAI,iBAAe,0BAA0B,CAAC,CAC9D,CACF,CACF",
6
+ "names": ["SignBlockTask_exports", "__export", "ISSUER_PLACEHOLDER", "SignBlockTask", "__toCommonJS", "import_device_management_kit", "import_purify_ts", "import_SignBlockHeader", "import_SignBlockSignatureCommand", "import_SignBlockSingleCommand", "import_crypto", "import_eitherSeqRecord", "import_LKRPBlock", "import_LKRPCommand", "import_TLVTags", "import_TrustedProperties", "api", "lkrpDataSource", "trustchainId", "path", "jwt", "parent", "blockFlow", "sessionKeypair", "commands", "encryptedBlock", "block", "commandCount", "header", "response", "trustedProps", "error", "signature", "deviceSessionKey", "secret", "applicationPath", "command", "name", "publicKey", "permissions", "decryptedIssuer", "decryptedCommands", "encryptedXpriv"]
7
7
  }
package/lib/cjs/internal/app-binder/task/SignChallengeWithKeypairTask.js CHANGED
@@ -1,2 +1,2 @@
1
- "use strict";var g=Object.defineProperty;var m=Object.getOwnPropertyDescriptor;var x=Object.getOwnPropertyNames;var u=Object.prototype.hasOwnProperty;var d=(a,t)=>{for(var n in t)g(a,n,{get:t[n],enumerable:!0})},E=(a,t,n,i)=>{if(t&&typeof t=="object"||typeof t=="function")for(let e of x(t))!u.call(a,e)&&e!==n&&g(a,e,{get:()=>t[e],enumerable:!(i=m(t,e))||i.enumerable});return a};var v=a=>E(g({},"__esModule",{value:!0}),a);var C={};d(C,{SignChallengeWithKeypairTask:()=>A});module.exports=v(C);var p=require("@ledgerhq/device-management-kit"),l=require("purify-ts"),o=require("../../../api/app-binder/Errors"),h=require("../../utils/crypto"),y=require("../../utils/eitherSeqRecord"),s=require("../../utils/hex");class A{constructor(t,n){this.keypair=t;this.trustchainId=n}run(t){const n=this.getAttestation(),i=this.getCredential(this.keypair.pubKeyToHex());return l.EitherAsync.liftEither(this.getUnsignedChallengeTLV(t.tlv)).map(h.CryptoUtils.hash).map(e=>this.keypair.sign(e)).map(s.bytesToHex).map(e=>({challenge:t.json,signature:{attestation:n,credential:i,signature:e}})).mapLeft(e=>e instanceof o.LKRPMissingDataError?e:new o.LKRPUnknownError(String(e)))}getAttestation(){const t=new TextEncoder().encode(this.trustchainId),n=Uint8Array.from([2,t.length,...t]);return(0,s.bytesToHex)(n)}getCredential(t){return{version:0,curveId:33,signAlgorithm:1,publicKey:t}}getUnsignedChallengeTLV(t){const n=new p.ByteArrayParser((0,s.hexToBytes)(t)),i=new Map(function*(){for(;;){const r=n.extractFieldTLVEncoded();if(!r)break;yield[r.tag,r.value]}}());if(i.size>10)return(0,l.Left)(new o.LKRPMissingDataError("Challenge TLV contains unexpected data"));const e=(r,c)=>l.Maybe.fromNullable(i.get(r)).toEither(new o.LKRPMissingDataError(`Missing ${c} field`));return(0,y.eitherSeqRecord)({payloadType:()=>e(1,"Payload type"),version:()=>e(2,"Version"),challengeExpiry:()=>e(22,"Challenge expiry"),host:()=>e(32,"Host"),protocolVersion:()=>e(96,"Protocol version"),curveId:()=>e(50,"Curve ID"),publicKey:()=>e(51,"Public key"),challengeData:()=>e(18,"Challenge data"),signAlgorithm:()=>e(20,"Sign algorithm"),rpSignatureField:()=>e(21,"RP signature field")}).map(r=>Uint8Array.from([[1,r.payloadType.length,...r.payloadType],[2,r.version.length,...r.version],[18,r.challengeData.length,...r.challengeData],[22,r.challengeExpiry.length,...r.challengeExpiry],[32,r.host.length,...r.host],[96,r.protocolVersion.length,...r.protocolVersion]].flat()))}}0&&(module.exports={SignChallengeWithKeypairTask});
1
+ "use strict";var p=Object.defineProperty;var m=Object.getOwnPropertyDescriptor;var x=Object.getOwnPropertyNames;var u=Object.prototype.hasOwnProperty;var d=(a,t)=>{for(var n in t)p(a,n,{get:t[n],enumerable:!0})},E=(a,t,n,i)=>{if(t&&typeof t=="object"||typeof t=="function")for(let e of x(t))!u.call(a,e)&&e!==n&&p(a,e,{get:()=>t[e],enumerable:!(i=m(t,e))||i.enumerable});return a};var v=a=>E(p({},"__esModule",{value:!0}),a);var C={};d(C,{SignChallengeWithKeypairTask:()=>A});module.exports=v(C);var g=require("@ledgerhq/device-management-kit"),o=require("purify-ts"),s=require("../../../api/app-binder/Errors"),h=require("../../utils/crypto"),y=require("../../utils/eitherSeqRecord"),l=require("../../utils/hex");class A{constructor(t,n){this.keypair=t;this.trustchainId=n}run(t){const n=this.getAttestation(),i=this.getCredential(this.keypair.pubKeyToHex());return o.EitherAsync.liftEither(this.getUnsignedChallengeTLV(t.tlv)).map(h.CryptoUtils.hash).map(e=>this.keypair.sign(e)).map(l.bytesToHex).map(e=>({challenge:t.json,signature:{attestation:n,credential:i,signature:e}})).mapLeft(e=>e instanceof s.LKRPMissingDataError?e:new g.UnknownDAError(String(e)))}getAttestation(){const t=new TextEncoder().encode(this.trustchainId),n=Uint8Array.from([2,t.length,...t]);return(0,l.bytesToHex)(n)}getCredential(t){return{version:0,curveId:33,signAlgorithm:1,publicKey:t}}getUnsignedChallengeTLV(t){const n=new g.ByteArrayParser((0,l.hexToBytes)(t)),i=new Map(function*(){for(;;){const r=n.extractFieldTLVEncoded();if(!r)break;yield[r.tag,r.value]}}());if(i.size>10)return(0,o.Left)(new s.LKRPMissingDataError("Challenge TLV contains unexpected data"));const e=(r,c)=>o.Maybe.fromNullable(i.get(r)).toEither(new s.LKRPMissingDataError(`Missing ${c} field`));return(0,y.eitherSeqRecord)({payloadType:()=>e(1,"Payload type"),version:()=>e(2,"Version"),challengeExpiry:()=>e(22,"Challenge expiry"),host:()=>e(32,"Host"),protocolVersion:()=>e(96,"Protocol version"),curveId:()=>e(50,"Curve ID"),publicKey:()=>e(51,"Public key"),challengeData:()=>e(18,"Challenge data"),signAlgorithm:()=>e(20,"Sign algorithm"),rpSignatureField:()=>e(21,"RP signature field")}).map(r=>Uint8Array.from([[1,r.payloadType.length,...r.payloadType],[2,r.version.length,...r.version],[18,r.challengeData.length,...r.challengeData],[22,r.challengeExpiry.length,...r.challengeExpiry],[32,r.host.length,...r.host],[96,r.protocolVersion.length,...r.protocolVersion]].flat()))}}0&&(module.exports={SignChallengeWithKeypairTask});
2
2
  //# sourceMappingURL=SignChallengeWithKeypairTask.js.map
package/lib/cjs/internal/app-binder/task/SignChallengeWithKeypairTask.js.map CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "version": 3,
3
3
  "sources": ["../../../../../src/internal/app-binder/task/SignChallengeWithKeypairTask.ts"],
4
- "sourcesContent": ["import { ByteArrayParser } from \"@ledgerhq/device-management-kit\";\nimport { type Either, EitherAsync, Left, Maybe } from \"purify-ts\";\n\nimport { LKRPMissingDataError, LKRPUnknownError } from \"@api/app-binder/Errors\";\nimport { type Keypair } from \"@api/app-binder/LKRPTypes\";\nimport {\n type AuthenticationPayload,\n type Challenge,\n} from \"@internal/lkrp-datasource/data/LKRPDataSource\";\nimport { CryptoUtils } from \"@internal/utils/crypto\";\nimport { eitherSeqRecord } from \"@internal/utils/eitherSeqRecord\";\nimport { bytesToHex, hexToBytes } from \"@internal/utils/hex\";\n\nexport class SignChallengeWithKeypairTask {\n constructor(\n private readonly keypair: Keypair,\n private readonly trustchainId: string,\n ) {}\n\n run(\n challenge: Challenge,\n ): EitherAsync<\n LKRPMissingDataError | LKRPUnknownError,\n AuthenticationPayload\n > {\n const attestation = this.getAttestation();\n const credential = this.getCredential(this.keypair.pubKeyToHex());\n\n return EitherAsync.liftEither(this.getUnsignedChallengeTLV(challenge.tlv))\n .map(CryptoUtils.hash)\n .map((hash) => this.keypair.sign(hash))\n .map(bytesToHex)\n .map((signature) => ({\n challenge: challenge.json,\n signature: { attestation, credential, signature },\n }))\n .mapLeft((error) =>\n error instanceof LKRPMissingDataError\n ? error\n : new LKRPUnknownError(String(error)),\n );\n }\n\n // Spec https://ledgerhq.atlassian.net/wiki/spaces/TA/pages/4335960138/ARCH+LedgerLive+Auth+specifications\n private getAttestation() {\n const bytes = new TextEncoder().encode(this.trustchainId);\n const attestation = Uint8Array.from([0x02, bytes.length, ...bytes]);\n return bytesToHex(attestation);\n }\n\n private getCredential(publicKey: string) {\n return { version: 0, curveId: 33, signAlgorithm: 1, publicKey };\n }\n\n private getUnsignedChallengeTLV(\n tlv: string,\n ): Either<LKRPMissingDataError, Uint8Array> {\n const parser = new ByteArrayParser(hexToBytes(tlv));\n const parsed = new Map(\n (function* () {\n while (true) {\n const field = parser.extractFieldTLVEncoded();\n if (!field) break; // No more fields to extract\n yield [field.tag, field.value];\n }\n })(),\n );\n\n // We expect 10 fields in the TLV\n if (parsed.size > 10) {\n return Left(\n new LKRPMissingDataError(\"Challenge TLV contains unexpected data\"),\n );\n }\n\n const getField = (tag: number, fieldName: string) =>\n Maybe.fromNullable(parsed.get(tag)).toEither(\n new LKRPMissingDataError(`Missing ${fieldName} field`),\n );\n\n return eitherSeqRecord({\n // Unsigned fields\n payloadType: () => getField(0x01, \"Payload type\"),\n version: () => getField(0x02, \"Version\"),\n challengeExpiry: () => getField(0x16, \"Challenge expiry\"),\n host: () => getField(0x20, \"Host\"),\n protocolVersion: () => getField(0x60, \"Protocol version\"),\n\n // Signed fields\n curveId: () => getField(0x32, \"Curve ID\"),\n publicKey: () => getField(0x33, \"Public key\"),\n challengeData: () => getField(0x12, \"Challenge data\"),\n signAlgorithm: () => getField(0x14, \"Sign algorithm\"),\n rpSignatureField: () => getField(0x15, \"RP signature field\"),\n }).map((fields) =>\n Uint8Array.from(\n [\n [0x01, fields.payloadType.length, ...fields.payloadType],\n [0x02, fields.version.length, ...fields.version],\n [0x12, fields.challengeData.length, ...fields.challengeData],\n [0x16, fields.challengeExpiry.length, ...fields.challengeExpiry],\n [0x20, fields.host.length, ...fields.host],\n [0x60, fields.protocolVersion.length, ...fields.protocolVersion],\n ].flat(),\n ),\n );\n }\n}\n"],
5
- "mappings": "yaAAA,IAAAA,EAAA,GAAAC,EAAAD,EAAA,kCAAAE,IAAA,eAAAC,EAAAH,GAAA,IAAAI,EAAgC,2CAChCC,EAAsD,qBAEtDC,EAAuD,kCAMvDC,EAA4B,kCAC5BC,EAAgC,2CAChCC,EAAuC,+BAEhC,MAAMP,CAA6B,CACxC,YACmBQ,EACAC,EACjB,CAFiB,aAAAD,EACA,kBAAAC,CAChB,CAEH,IACEC,EAIA,CACA,MAAMC,EAAc,KAAK,eAAe,EAClCC,EAAa,KAAK,cAAc,KAAK,QAAQ,YAAY,CAAC,EAEhE,OAAO,cAAY,WAAW,KAAK,wBAAwBF,EAAU,GAAG,CAAC,EACtE,IAAI,cAAY,IAAI,EACpB,IAAKG,GAAS,KAAK,QAAQ,KAAKA,CAAI,CAAC,EACrC,IAAI,YAAU,EACd,IAAKC,IAAe,CACnB,UAAWJ,EAAU,KACrB,UAAW,CAAE,YAAAC,EAAa,WAAAC,EAAY,UAAAE,CAAU,CAClD,EAAE,EACD,QAASC,GACRA,aAAiB,uBACbA,EACA,IAAI,mBAAiB,OAAOA,CAAK,CAAC,CACxC,CACJ,CAGQ,gBAAiB,CACvB,MAAMC,EAAQ,IAAI,YAAY,EAAE,OAAO,KAAK,YAAY,EAClDL,EAAc,WAAW,KAAK,CAAC,EAAMK,EAAM,OAAQ,GAAGA,CAAK,CAAC,EAClE,SAAO,cAAWL,CAAW,CAC/B,CAEQ,cAAcM,EAAmB,CACvC,MAAO,CAAE,QAAS,EAAG,QAAS,GAAI,cAAe,EAAG,UAAAA,CAAU,CAChE,CAEQ,wBACNC,EAC0C,CAC1C,MAAMC,EAAS,IAAI,qBAAgB,cAAWD,CAAG,CAAC,EAC5CE,EAAS,IAAI,IAChB,WAAa,CACZ,OAAa,CACX,MAAMC,EAAQF,EAAO,uBAAuB,EAC5C,GAAI,CAACE,EAAO,MACZ,KAAM,CAACA,EAAM,IAAKA,EAAM,KAAK,CAC/B,CACF,EAAG,CACL,EAGA,GAAID,EAAO,KAAO,GAChB,SAAO,QACL,IAAI,uBAAqB,wCAAwC,CACnE,EAGF,MAAME,EAAW,CAACC,EAAaC,IAC7B,QAAM,aAAaJ,EAAO,IAAIG,CAAG,CAAC,EAAE,SAClC,IAAI,uBAAqB,WAAWC,CAAS,QAAQ,CACvD,EAEF,SAAO,mBAAgB,CAErB,YAAa,IAAMF,EAAS,EAAM,cAAc,EAChD,QAAS,IAAMA,EAAS,EAAM,SAAS,EACvC,gBAAiB,IAAMA,EAAS,GAAM,kBAAkB,EACxD,KAAM,IAAMA,EAAS,GAAM,MAAM,EACjC,gBAAiB,IAAMA,EAAS,GAAM,kBAAkB,EAGxD,QAAS,IAAMA,EAAS,GAAM,UAAU,EACxC,UAAW,IAAMA,EAAS,GAAM,YAAY,EAC5C,cAAe,IAAMA,EAAS,GAAM,gBAAgB,EACpD,cAAe,IAAMA,EAAS,GAAM,gBAAgB,EACpD,iBAAkB,IAAMA,EAAS,GAAM,oBAAoB,CAC7D,CAAC,EAAE,IAAKG,GACN,WAAW,KACT,CACE,CAAC,EAAMA,EAAO,YAAY,OAAQ,GAAGA,EAAO,WAAW,EACvD,CAAC,EAAMA,EAAO,QAAQ,OAAQ,GAAGA,EAAO,OAAO,EAC/C,CAAC,GAAMA,EAAO,cAAc,OAAQ,GAAGA,EAAO,aAAa,EAC3D,CAAC,GAAMA,EAAO,gBAAgB,OAAQ,GAAGA,EAAO,eAAe,EAC/D,CAAC,GAAMA,EAAO,KAAK,OAAQ,GAAGA,EAAO,IAAI,EACzC,CAAC,GAAMA,EAAO,gBAAgB,OAAQ,GAAGA,EAAO,eAAe,CACjE,EAAE,KAAK,CACT,CACF,CACF,CACF",
4
+ "sourcesContent": ["import {\n ByteArrayParser,\n UnknownDAError,\n} from \"@ledgerhq/device-management-kit\";\nimport { type Either, EitherAsync, Left, Maybe } from \"purify-ts\";\n\nimport { LKRPMissingDataError } from \"@api/app-binder/Errors\";\nimport { type Keypair } from \"@api/app-binder/LKRPTypes\";\nimport {\n type AuthenticationPayload,\n type Challenge,\n} from \"@internal/lkrp-datasource/data/LKRPDataSource\";\nimport { CryptoUtils } from \"@internal/utils/crypto\";\nimport { eitherSeqRecord } from \"@internal/utils/eitherSeqRecord\";\nimport { bytesToHex, hexToBytes } from \"@internal/utils/hex\";\n\nexport class SignChallengeWithKeypairTask {\n constructor(\n private readonly keypair: Keypair,\n private readonly trustchainId: string,\n ) {}\n\n run(\n challenge: Challenge,\n ): EitherAsync<LKRPMissingDataError | UnknownDAError, AuthenticationPayload> {\n const attestation = this.getAttestation();\n const credential = this.getCredential(this.keypair.pubKeyToHex());\n\n return EitherAsync.liftEither(this.getUnsignedChallengeTLV(challenge.tlv))\n .map(CryptoUtils.hash)\n .map((hash) => this.keypair.sign(hash))\n .map(bytesToHex)\n .map((signature) => ({\n challenge: challenge.json,\n signature: { attestation, credential, signature },\n }))\n .mapLeft((error) =>\n error instanceof LKRPMissingDataError\n ? error\n : new UnknownDAError(String(error)),\n );\n }\n\n // Spec https://ledgerhq.atlassian.net/wiki/spaces/TA/pages/4335960138/ARCH+LedgerLive+Auth+specifications\n private getAttestation() {\n const bytes = new TextEncoder().encode(this.trustchainId);\n const attestation = Uint8Array.from([0x02, bytes.length, ...bytes]);\n return bytesToHex(attestation);\n }\n\n private getCredential(publicKey: string) {\n return { version: 0, curveId: 33, signAlgorithm: 1, publicKey };\n }\n\n private getUnsignedChallengeTLV(\n tlv: string,\n ): Either<LKRPMissingDataError, Uint8Array> {\n const parser = new ByteArrayParser(hexToBytes(tlv));\n const parsed = new Map(\n (function* () {\n while (true) {\n const field = parser.extractFieldTLVEncoded();\n if (!field) break; // No more fields to extract\n yield [field.tag, field.value];\n }\n })(),\n );\n\n // We expect 10 fields in the TLV\n if (parsed.size > 10) {\n return Left(\n new LKRPMissingDataError(\"Challenge TLV contains unexpected data\"),\n );\n }\n\n const getField = (tag: number, fieldName: string) =>\n Maybe.fromNullable(parsed.get(tag)).toEither(\n new LKRPMissingDataError(`Missing ${fieldName} field`),\n );\n\n return eitherSeqRecord({\n // Unsigned fields\n payloadType: () => getField(0x01, \"Payload type\"),\n version: () => getField(0x02, \"Version\"),\n challengeExpiry: () => getField(0x16, \"Challenge expiry\"),\n host: () => getField(0x20, \"Host\"),\n protocolVersion: () => getField(0x60, \"Protocol version\"),\n\n // Signed fields\n curveId: () => getField(0x32, \"Curve ID\"),\n publicKey: () => getField(0x33, \"Public key\"),\n challengeData: () => getField(0x12, \"Challenge data\"),\n signAlgorithm: () => getField(0x14, \"Sign algorithm\"),\n rpSignatureField: () => getField(0x15, \"RP signature field\"),\n }).map((fields) =>\n Uint8Array.from(\n [\n [0x01, fields.payloadType.length, ...fields.payloadType],\n [0x02, fields.version.length, ...fields.version],\n [0x12, fields.challengeData.length, ...fields.challengeData],\n [0x16, fields.challengeExpiry.length, ...fields.challengeExpiry],\n [0x20, fields.host.length, ...fields.host],\n [0x60, fields.protocolVersion.length, ...fields.protocolVersion],\n ].flat(),\n ),\n );\n }\n}\n"],
5
+ "mappings": "yaAAA,IAAAA,EAAA,GAAAC,EAAAD,EAAA,kCAAAE,IAAA,eAAAC,EAAAH,GAAA,IAAAI,EAGO,2CACPC,EAAsD,qBAEtDC,EAAqC,kCAMrCC,EAA4B,kCAC5BC,EAAgC,2CAChCC,EAAuC,+BAEhC,MAAMP,CAA6B,CACxC,YACmBQ,EACAC,EACjB,CAFiB,aAAAD,EACA,kBAAAC,CAChB,CAEH,IACEC,EAC2E,CAC3E,MAAMC,EAAc,KAAK,eAAe,EAClCC,EAAa,KAAK,cAAc,KAAK,QAAQ,YAAY,CAAC,EAEhE,OAAO,cAAY,WAAW,KAAK,wBAAwBF,EAAU,GAAG,CAAC,EACtE,IAAI,cAAY,IAAI,EACpB,IAAKG,GAAS,KAAK,QAAQ,KAAKA,CAAI,CAAC,EACrC,IAAI,YAAU,EACd,IAAKC,IAAe,CACnB,UAAWJ,EAAU,KACrB,UAAW,CAAE,YAAAC,EAAa,WAAAC,EAAY,UAAAE,CAAU,CAClD,EAAE,EACD,QAASC,GACRA,aAAiB,uBACbA,EACA,IAAI,iBAAe,OAAOA,CAAK,CAAC,CACtC,CACJ,CAGQ,gBAAiB,CACvB,MAAMC,EAAQ,IAAI,YAAY,EAAE,OAAO,KAAK,YAAY,EAClDL,EAAc,WAAW,KAAK,CAAC,EAAMK,EAAM,OAAQ,GAAGA,CAAK,CAAC,EAClE,SAAO,cAAWL,CAAW,CAC/B,CAEQ,cAAcM,EAAmB,CACvC,MAAO,CAAE,QAAS,EAAG,QAAS,GAAI,cAAe,EAAG,UAAAA,CAAU,CAChE,CAEQ,wBACNC,EAC0C,CAC1C,MAAMC,EAAS,IAAI,qBAAgB,cAAWD,CAAG,CAAC,EAC5CE,EAAS,IAAI,IAChB,WAAa,CACZ,OAAa,CACX,MAAMC,EAAQF,EAAO,uBAAuB,EAC5C,GAAI,CAACE,EAAO,MACZ,KAAM,CAACA,EAAM,IAAKA,EAAM,KAAK,CAC/B,CACF,EAAG,CACL,EAGA,GAAID,EAAO,KAAO,GAChB,SAAO,QACL,IAAI,uBAAqB,wCAAwC,CACnE,EAGF,MAAME,EAAW,CAACC,EAAaC,IAC7B,QAAM,aAAaJ,EAAO,IAAIG,CAAG,CAAC,EAAE,SAClC,IAAI,uBAAqB,WAAWC,CAAS,QAAQ,CACvD,EAEF,SAAO,mBAAgB,CAErB,YAAa,IAAMF,EAAS,EAAM,cAAc,EAChD,QAAS,IAAMA,EAAS,EAAM,SAAS,EACvC,gBAAiB,IAAMA,EAAS,GAAM,kBAAkB,EACxD,KAAM,IAAMA,EAAS,GAAM,MAAM,EACjC,gBAAiB,IAAMA,EAAS,GAAM,kBAAkB,EAGxD,QAAS,IAAMA,EAAS,GAAM,UAAU,EACxC,UAAW,IAAMA,EAAS,GAAM,YAAY,EAC5C,cAAe,IAAMA,EAAS,GAAM,gBAAgB,EACpD,cAAe,IAAMA,EAAS,GAAM,gBAAgB,EACpD,iBAAkB,IAAMA,EAAS,GAAM,oBAAoB,CAC7D,CAAC,EAAE,IAAKG,GACN,WAAW,KACT,CACE,CAAC,EAAMA,EAAO,YAAY,OAAQ,GAAGA,EAAO,WAAW,EACvD,CAAC,EAAMA,EAAO,QAAQ,OAAQ,GAAGA,EAAO,OAAO,EAC/C,CAAC,GAAMA,EAAO,cAAc,OAAQ,GAAGA,EAAO,aAAa,EAC3D,CAAC,GAAMA,EAAO,gBAAgB,OAAQ,GAAGA,EAAO,eAAe,EAC/D,CAAC,GAAMA,EAAO,KAAK,OAAQ,GAAGA,EAAO,IAAI,EACzC,CAAC,GAAMA,EAAO,gBAAgB,OAAQ,GAAGA,EAAO,eAAe,CACjE,EAAE,KAAK,CACT,CACF,CACF,CACF",
6
6
  "names": ["SignChallengeWithKeypairTask_exports", "__export", "SignChallengeWithKeypairTask", "__toCommonJS", "import_device_management_kit", "import_purify_ts", "import_Errors", "import_crypto", "import_eitherSeqRecord", "import_hex", "keypair", "trustchainId", "challenge", "attestation", "credential", "hash", "signature", "error", "bytes", "publicKey", "tlv", "parser", "parsed", "field", "getField", "tag", "fieldName", "fields"]
7
7
  }
package/lib/cjs/internal/app-binder/task/utils/TrustedProperties.js CHANGED
@@ -1,2 +1,2 @@
1
- "use strict";var p=Object.defineProperty;var g=Object.getOwnPropertyDescriptor;var y=Object.getOwnPropertyNames;var c=Object.prototype.hasOwnProperty;var d=(e,r)=>{for(var i in r)p(e,i,{get:r[i],enumerable:!0})},u=(e,r,i,o)=>{if(r&&typeof r=="object"||typeof r=="function")for(let a of y(r))!c.call(e,a)&&a!==i&&p(e,a,{get:()=>r[a],enumerable:!(o=g(r,a))||o.enumerable});return e};var h=e=>u(p({},"__esModule",{value:!0}),e);var m={};d(m,{TrustedProperties:()=>l});module.exports=h(m);var P=require("@ledgerhq/device-management-kit"),t=require("purify-ts"),E=require("../../../../api/app-binder/Errors"),s=require("../../../models/Tags"),n=require("../../../utils/required");class l{constructor(r){this.bytes=r;this.parser=new P.ByteArrayParser(r)}parser;iv=null;encryptedProps=null;getIv(){if(!this.iv){const r=this.parser.extractFieldTLVEncoded();if(!r||r.tag!==0)return(0,t.Left)(new E.LKRPParsingError("Invalid trusted property: missing IV"));this.iv=r.value}return(0,t.Right)(this.iv)}getIssuer(){return this.parseEncryptedProps().chain(r=>(0,n.required)(r.get(s.TPTags.ISSUER)?.value,"Missing issuer in trusted properties"))}getXPriv(){return this.parseEncryptedProps().chain(r=>(0,n.required)(r.get(s.TPTags.XPRIV)?.value,"Missing xpriv in trusted properties"))}getEphemeralPublicKey(){return this.parseEncryptedProps().chain(r=>(0,n.required)(r.get(s.TPTags.EPHEMERAL_PUBLIC_KEY)?.value,"Missing ephemeral public key in trusted properties"))}getCommandIv(){return this.parseEncryptedProps().chain(r=>(0,n.required)(r.get(s.TPTags.COMMAND_IV)?.value,"Missing command IV in trusted properties"))}getGroupKey(){return this.parseEncryptedProps().chain(r=>(0,n.required)(r.get(s.TPTags.GROUPKEY)?.value,"Missing group key in trusted properties"))}getNewMember(){return this.parseEncryptedProps().chain(r=>(0,n.required)(r.get(s.TPTags.NEW_MEMBER)?.tlv,"Missing new member in trusted properties"))}parseEncryptedProps(){return this.encryptedProps?(0,t.Right)(this.encryptedProps):this.getIv().chain(()=>t.Either.sequence(Array.from(R(this.parser)))).map(r=>new Map(r.map(i=>[i.tag,i]))).ifRight(r=>{this.encryptedProps=r})}}function*R(e){for(;;){const r=e.extractFieldTLVEncoded();if(!r)return;yield(0,t.Right)(r)}}0&&(module.exports={TrustedProperties});
1
+ "use strict";var p=Object.defineProperty;var g=Object.getOwnPropertyDescriptor;var y=Object.getOwnPropertyNames;var c=Object.prototype.hasOwnProperty;var d=(e,r)=>{for(var i in r)p(e,i,{get:r[i],enumerable:!0})},u=(e,r,i,o)=>{if(r&&typeof r=="object"||typeof r=="function")for(let a of y(r))!c.call(e,a)&&a!==i&&p(e,a,{get:()=>r[a],enumerable:!(o=g(r,a))||o.enumerable});return e};var h=e=>u(p({},"__esModule",{value:!0}),e);var m={};d(m,{TrustedProperties:()=>l});module.exports=h(m);var P=require("@ledgerhq/device-management-kit"),t=require("purify-ts"),E=require("../../../../api/app-binder/Errors"),s=require("../../../utils/required"),n=require("../../../utils/TLVTags");class l{constructor(r){this.bytes=r;this.parser=new P.ByteArrayParser(r)}parser;iv=null;encryptedProps=null;getIv(){if(!this.iv){const r=this.parser.extractFieldTLVEncoded();if(!r||r.tag!==0)return(0,t.Left)(new E.LKRPParsingError("Invalid trusted property: missing IV"));this.iv=r.value}return(0,t.Right)(this.iv)}getIssuer(){return this.parseEncryptedProps().chain(r=>(0,s.required)(r.get(n.TPTags.ISSUER)?.value,"Missing issuer in trusted properties"))}getXPriv(){return this.parseEncryptedProps().chain(r=>(0,s.required)(r.get(n.TPTags.XPRIV)?.value,"Missing xpriv in trusted properties"))}getEphemeralPublicKey(){return this.parseEncryptedProps().chain(r=>(0,s.required)(r.get(n.TPTags.EPHEMERAL_PUBLIC_KEY)?.value,"Missing ephemeral public key in trusted properties"))}getCommandIv(){return this.parseEncryptedProps().chain(r=>(0,s.required)(r.get(n.TPTags.COMMAND_IV)?.value,"Missing command IV in trusted properties"))}getGroupKey(){return this.parseEncryptedProps().chain(r=>(0,s.required)(r.get(n.TPTags.GROUPKEY)?.value,"Missing group key in trusted properties"))}getNewMember(){return this.parseEncryptedProps().chain(r=>(0,s.required)(r.get(n.TPTags.NEW_MEMBER)?.tlv,"Missing new member in trusted properties"))}parseEncryptedProps(){return this.encryptedProps?(0,t.Right)(this.encryptedProps):this.getIv().chain(()=>t.Either.sequence(Array.from(R(this.parser)))).map(r=>new Map(r.map(i=>[i.tag,i]))).ifRight(r=>{this.encryptedProps=r})}}function*R(e){for(;;){const r=e.extractFieldTLVEncoded();if(!r)return;yield(0,t.Right)(r)}}0&&(module.exports={TrustedProperties});
2
2
  //# sourceMappingURL=TrustedProperties.js.map