@ledgerhq/device-trusted-app-kit-ledger-keyring-protocol 0.0.0-ledger-button-20250808181454 → 0.0.0-legacy-speculos-datasource-20250819074123

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (206) hide show
  1. package/lib/cjs/api/LedgerKeyringProtocol.js +1 -1
  2. package/lib/cjs/api/LedgerKeyringProtocol.js.map +1 -1
  3. package/lib/cjs/api/LedgerKeyringProtocolBuilder.js +1 -1
  4. package/lib/cjs/api/LedgerKeyringProtocolBuilder.js.map +3 -3
  5. package/lib/cjs/api/app-binder/AddToTrustchainDeviceActionTypes.js +1 -1
  6. package/lib/cjs/api/app-binder/AddToTrustchainDeviceActionTypes.js.map +1 -1
  7. package/lib/cjs/api/app-binder/AuthenticateDeviceActionTypes.js +1 -1
  8. package/lib/cjs/api/app-binder/AuthenticateDeviceActionTypes.js.map +1 -1
  9. package/lib/cjs/api/app-binder/Errors.js +1 -1
  10. package/lib/cjs/api/app-binder/Errors.js.map +3 -3
  11. package/lib/cjs/api/app-binder/LKRPTypes.js +1 -1
  12. package/lib/cjs/api/app-binder/LKRPTypes.js.map +3 -3
  13. package/lib/cjs/api/app-binder/SignBlockHeaderCommandTypes.js +1 -1
  14. package/lib/cjs/api/app-binder/SignBlockHeaderCommandTypes.js.map +1 -1
  15. package/lib/cjs/internal/DefaultLedgerKeyringProtocol.js +1 -1
  16. package/lib/cjs/internal/DefaultLedgerKeyringProtocol.js.map +3 -3
  17. package/lib/cjs/internal/app-binder/LedgerKeyringProtocolBinder.js +1 -1
  18. package/lib/cjs/internal/app-binder/LedgerKeyringProtocolBinder.js.map +3 -3
  19. package/lib/cjs/internal/app-binder/command/SetTrustedMemberCommand.js +1 -1
  20. package/lib/cjs/internal/app-binder/command/SetTrustedMemberCommand.js.map +3 -3
  21. package/lib/cjs/internal/app-binder/command/SignBlockHeader.js +1 -1
  22. package/lib/cjs/internal/app-binder/command/SignBlockHeader.js.map +3 -3
  23. package/lib/cjs/internal/app-binder/command/SignBlockHeader.test.js +1 -1
  24. package/lib/cjs/internal/app-binder/command/SignBlockHeader.test.js.map +3 -3
  25. package/lib/cjs/internal/app-binder/device-action/AddToTrustchainDeviceAction.js +1 -1
  26. package/lib/cjs/internal/app-binder/device-action/AddToTrustchainDeviceAction.js.map +3 -3
  27. package/lib/cjs/internal/app-binder/device-action/AuthenticateDeviceAction.js +1 -1
  28. package/lib/cjs/internal/app-binder/device-action/AuthenticateDeviceAction.js.map +2 -2
  29. package/lib/cjs/internal/app-binder/task/ParseStreamToDeviceTask.js +1 -1
  30. package/lib/cjs/internal/app-binder/task/ParseStreamToDeviceTask.js.map +3 -3
  31. package/lib/cjs/internal/app-binder/task/SignBlockTask.js +1 -1
  32. package/lib/cjs/internal/app-binder/task/SignBlockTask.js.map +3 -3
  33. package/lib/cjs/internal/app-binder/task/SignChallengeWithKeypairTask.js +1 -1
  34. package/lib/cjs/internal/app-binder/task/SignChallengeWithKeypairTask.js.map +2 -2
  35. package/lib/cjs/internal/app-binder/task/utils/TrustedProperties.js +1 -1
  36. package/lib/cjs/internal/app-binder/task/utils/TrustedProperties.js.map +3 -3
  37. package/lib/cjs/internal/di.js +1 -1
  38. package/lib/cjs/internal/di.js.map +3 -3
  39. package/lib/cjs/internal/externalTypes.js +1 -1
  40. package/lib/cjs/internal/externalTypes.js.map +2 -2
  41. package/lib/cjs/internal/lkrp-datasource/data/HttpLKRPDataSource.js +1 -1
  42. package/lib/cjs/internal/lkrp-datasource/data/HttpLKRPDataSource.js.map +3 -3
  43. package/lib/cjs/internal/lkrp-datasource/data/HttpLKRPDataSource.test.js +1 -1
  44. package/lib/cjs/internal/lkrp-datasource/data/HttpLKRPDataSource.test.js.map +2 -2
  45. package/lib/cjs/internal/lkrp-datasource/data/LKRPDataSource.js +1 -1
  46. package/lib/cjs/internal/lkrp-datasource/data/LKRPDataSource.js.map +1 -1
  47. package/lib/cjs/internal/use-cases/authentication/AuthenticateUseCase.js +1 -1
  48. package/lib/cjs/internal/use-cases/authentication/AuthenticateUseCase.js.map +3 -3
  49. package/lib/cjs/internal/utils/LKRPBlock.js.map +2 -2
  50. package/lib/cjs/internal/utils/LKRPBlock.test.js +1 -1
  51. package/lib/cjs/internal/utils/LKRPBlock.test.js.map +3 -3
  52. package/lib/cjs/internal/utils/LKRPBlockStream.js +2 -2
  53. package/lib/cjs/internal/utils/LKRPBlockStream.js.map +3 -3
  54. package/lib/cjs/internal/utils/LKRPBlockStream.test.js +3 -3
  55. package/lib/cjs/internal/utils/LKRPBlockStream.test.js.map +3 -3
  56. package/lib/cjs/internal/utils/LKRPCommand.js +2 -2
  57. package/lib/cjs/internal/utils/LKRPCommand.js.map +3 -3
  58. package/lib/cjs/internal/utils/LKRPCommand.test.js +1 -1
  59. package/lib/cjs/internal/utils/LKRPCommand.test.js.map +3 -3
  60. package/lib/cjs/internal/utils/TLVBuilder.js +1 -1
  61. package/lib/cjs/internal/utils/TLVBuilder.js.map +3 -3
  62. package/lib/cjs/internal/utils/TLVParser.js +1 -1
  63. package/lib/cjs/internal/utils/TLVParser.js.map +3 -3
  64. package/lib/cjs/internal/utils/TLVParser.test.js +1 -1
  65. package/lib/cjs/internal/utils/TLVParser.test.js.map +3 -3
  66. package/lib/cjs/internal/{models/Tags.js → utils/TLVTags.js} +1 -1
  67. package/lib/cjs/internal/{models/Tags.js.map → utils/TLVTags.js.map} +2 -2
  68. package/lib/cjs/internal/utils/hex.js +1 -1
  69. package/lib/cjs/internal/utils/hex.js.map +3 -3
  70. package/lib/cjs/internal/utils/types.js +2 -0
  71. package/lib/cjs/internal/utils/types.js.map +7 -0
  72. package/lib/esm/api/LedgerKeyringProtocolBuilder.js +1 -1
  73. package/lib/esm/api/LedgerKeyringProtocolBuilder.js.map +3 -3
  74. package/lib/esm/api/app-binder/Errors.js +1 -1
  75. package/lib/esm/api/app-binder/Errors.js.map +3 -3
  76. package/lib/esm/api/app-binder/LKRPTypes.js +1 -1
  77. package/lib/esm/api/app-binder/LKRPTypes.js.map +3 -3
  78. package/lib/esm/internal/DefaultLedgerKeyringProtocol.js +1 -1
  79. package/lib/esm/internal/DefaultLedgerKeyringProtocol.js.map +3 -3
  80. package/lib/esm/internal/app-binder/LedgerKeyringProtocolBinder.js +1 -1
  81. package/lib/esm/internal/app-binder/LedgerKeyringProtocolBinder.js.map +3 -3
  82. package/lib/esm/internal/app-binder/command/SetTrustedMemberCommand.js +1 -1
  83. package/lib/esm/internal/app-binder/command/SetTrustedMemberCommand.js.map +2 -2
  84. package/lib/esm/internal/app-binder/command/SignBlockHeader.js +1 -1
  85. package/lib/esm/internal/app-binder/command/SignBlockHeader.js.map +3 -3
  86. package/lib/esm/internal/app-binder/command/SignBlockHeader.test.js +1 -1
  87. package/lib/esm/internal/app-binder/command/SignBlockHeader.test.js.map +3 -3
  88. package/lib/esm/internal/app-binder/device-action/AddToTrustchainDeviceAction.js +1 -1
  89. package/lib/esm/internal/app-binder/device-action/AddToTrustchainDeviceAction.js.map +3 -3
  90. package/lib/esm/internal/app-binder/device-action/AuthenticateDeviceAction.js +1 -1
  91. package/lib/esm/internal/app-binder/device-action/AuthenticateDeviceAction.js.map +3 -3
  92. package/lib/esm/internal/app-binder/task/ParseStreamToDeviceTask.js +1 -1
  93. package/lib/esm/internal/app-binder/task/ParseStreamToDeviceTask.js.map +3 -3
  94. package/lib/esm/internal/app-binder/task/SignBlockTask.js +1 -1
  95. package/lib/esm/internal/app-binder/task/SignBlockTask.js.map +3 -3
  96. package/lib/esm/internal/app-binder/task/SignChallengeWithKeypairTask.js +1 -1
  97. package/lib/esm/internal/app-binder/task/SignChallengeWithKeypairTask.js.map +3 -3
  98. package/lib/esm/internal/app-binder/task/utils/TrustedProperties.js +1 -1
  99. package/lib/esm/internal/app-binder/task/utils/TrustedProperties.js.map +3 -3
  100. package/lib/esm/internal/di.js +1 -1
  101. package/lib/esm/internal/di.js.map +3 -3
  102. package/lib/esm/internal/externalTypes.js +1 -1
  103. package/lib/esm/internal/externalTypes.js.map +2 -2
  104. package/lib/esm/internal/lkrp-datasource/data/HttpLKRPDataSource.js +1 -1
  105. package/lib/esm/internal/lkrp-datasource/data/HttpLKRPDataSource.js.map +3 -3
  106. package/lib/esm/internal/lkrp-datasource/data/HttpLKRPDataSource.test.js +1 -1
  107. package/lib/esm/internal/lkrp-datasource/data/HttpLKRPDataSource.test.js.map +3 -3
  108. package/lib/esm/internal/use-cases/authentication/AuthenticateUseCase.js +1 -1
  109. package/lib/esm/internal/use-cases/authentication/AuthenticateUseCase.js.map +3 -3
  110. package/lib/esm/internal/utils/LKRPBlock.js.map +2 -2
  111. package/lib/esm/internal/utils/LKRPBlock.test.js +1 -1
  112. package/lib/esm/internal/utils/LKRPBlock.test.js.map +3 -3
  113. package/lib/esm/internal/utils/LKRPBlockStream.js +2 -2
  114. package/lib/esm/internal/utils/LKRPBlockStream.js.map +3 -3
  115. package/lib/esm/internal/utils/LKRPBlockStream.test.js +3 -3
  116. package/lib/esm/internal/utils/LKRPBlockStream.test.js.map +3 -3
  117. package/lib/esm/internal/utils/LKRPCommand.js +2 -2
  118. package/lib/esm/internal/utils/LKRPCommand.js.map +3 -3
  119. package/lib/esm/internal/utils/LKRPCommand.test.js +1 -1
  120. package/lib/esm/internal/utils/LKRPCommand.test.js.map +3 -3
  121. package/lib/esm/internal/utils/TLVBuilder.js +1 -1
  122. package/lib/esm/internal/utils/TLVBuilder.js.map +2 -2
  123. package/lib/esm/internal/utils/TLVParser.js +1 -1
  124. package/lib/esm/internal/utils/TLVParser.js.map +3 -3
  125. package/lib/esm/internal/utils/TLVParser.test.js +1 -1
  126. package/lib/esm/internal/utils/TLVParser.test.js.map +3 -3
  127. package/lib/esm/internal/{models/Tags.js → utils/TLVTags.js} +1 -1
  128. package/lib/esm/internal/{models/Tags.js.map → utils/TLVTags.js.map} +1 -1
  129. package/lib/esm/internal/utils/hex.js +1 -1
  130. package/lib/esm/internal/utils/hex.js.map +3 -3
  131. package/lib/esm/internal/utils/types.js +1 -0
  132. package/lib/types/api/LedgerKeyringProtocol.d.ts +4 -3
  133. package/lib/types/api/LedgerKeyringProtocol.d.ts.map +1 -1
  134. package/lib/types/api/LedgerKeyringProtocolBuilder.d.ts +3 -8
  135. package/lib/types/api/LedgerKeyringProtocolBuilder.d.ts.map +1 -1
  136. package/lib/types/api/app-binder/AddToTrustchainDeviceActionTypes.d.ts +4 -4
  137. package/lib/types/api/app-binder/AddToTrustchainDeviceActionTypes.d.ts.map +1 -1
  138. package/lib/types/api/app-binder/AuthenticateDeviceActionTypes.d.ts +5 -5
  139. package/lib/types/api/app-binder/AuthenticateDeviceActionTypes.d.ts.map +1 -1
  140. package/lib/types/api/app-binder/Errors.d.ts +12 -38
  141. package/lib/types/api/app-binder/Errors.d.ts.map +1 -1
  142. package/lib/types/api/app-binder/LKRPTypes.d.ts +0 -4
  143. package/lib/types/api/app-binder/LKRPTypes.d.ts.map +1 -1
  144. package/lib/types/api/app-binder/SignBlockHeaderCommandTypes.d.ts +1 -2
  145. package/lib/types/api/app-binder/SignBlockHeaderCommandTypes.d.ts.map +1 -1
  146. package/lib/types/internal/DefaultLedgerKeyringProtocol.d.ts +6 -7
  147. package/lib/types/internal/DefaultLedgerKeyringProtocol.d.ts.map +1 -1
  148. package/lib/types/internal/app-binder/LedgerKeyringProtocolBinder.d.ts +4 -3
  149. package/lib/types/internal/app-binder/LedgerKeyringProtocolBinder.d.ts.map +1 -1
  150. package/lib/types/internal/app-binder/command/SignBlockHeader.d.ts +0 -1
  151. package/lib/types/internal/app-binder/command/SignBlockHeader.d.ts.map +1 -1
  152. package/lib/types/internal/app-binder/device-action/AddToTrustchainDeviceAction.d.ts +2 -2
  153. package/lib/types/internal/app-binder/device-action/AddToTrustchainDeviceAction.d.ts.map +1 -1
  154. package/lib/types/internal/app-binder/device-action/AuthenticateDeviceAction.d.ts +1 -1
  155. package/lib/types/internal/app-binder/device-action/AuthenticateDeviceAction.d.ts.map +1 -1
  156. package/lib/types/internal/app-binder/task/ParseStreamToDeviceTask.d.ts +3 -3
  157. package/lib/types/internal/app-binder/task/ParseStreamToDeviceTask.d.ts.map +1 -1
  158. package/lib/types/internal/app-binder/task/SignBlockTask.d.ts +7 -6
  159. package/lib/types/internal/app-binder/task/SignBlockTask.d.ts.map +1 -1
  160. package/lib/types/internal/app-binder/task/SignChallengeWithKeypairTask.d.ts +3 -2
  161. package/lib/types/internal/app-binder/task/SignChallengeWithKeypairTask.d.ts.map +1 -1
  162. package/lib/types/internal/app-binder/task/utils/TrustedProperties.d.ts +1 -1
  163. package/lib/types/internal/app-binder/task/utils/TrustedProperties.d.ts.map +1 -1
  164. package/lib/types/internal/di.d.ts +1 -4
  165. package/lib/types/internal/di.d.ts.map +1 -1
  166. package/lib/types/internal/externalTypes.d.ts +0 -1
  167. package/lib/types/internal/externalTypes.d.ts.map +1 -1
  168. package/lib/types/internal/lkrp-datasource/data/HttpLKRPDataSource.d.ts +6 -6
  169. package/lib/types/internal/lkrp-datasource/data/HttpLKRPDataSource.d.ts.map +1 -1
  170. package/lib/types/internal/lkrp-datasource/data/LKRPDataSource.d.ts +7 -7
  171. package/lib/types/internal/lkrp-datasource/data/LKRPDataSource.d.ts.map +1 -1
  172. package/lib/types/internal/use-cases/authentication/AuthenticateUseCase.d.ts +2 -2
  173. package/lib/types/internal/use-cases/authentication/AuthenticateUseCase.d.ts.map +1 -1
  174. package/lib/types/internal/utils/LKRPBlock.d.ts +1 -1
  175. package/lib/types/internal/utils/LKRPBlock.d.ts.map +1 -1
  176. package/lib/types/internal/utils/LKRPBlockStream.d.ts +3 -3
  177. package/lib/types/internal/utils/LKRPBlockStream.d.ts.map +1 -1
  178. package/lib/types/internal/utils/LKRPCommand.d.ts +2 -3
  179. package/lib/types/internal/utils/LKRPCommand.d.ts.map +1 -1
  180. package/lib/types/internal/utils/TLVParser.d.ts +2 -3
  181. package/lib/types/internal/utils/TLVParser.d.ts.map +1 -1
  182. package/lib/types/internal/{models/Tags.d.ts → utils/TLVTags.d.ts} +1 -1
  183. package/lib/types/internal/utils/TLVTags.d.ts.map +1 -0
  184. package/lib/types/internal/utils/hex.d.ts.map +1 -1
  185. package/lib/types/internal/{models/LKRPCommandTypes.d.ts → utils/types.d.ts} +29 -6
  186. package/lib/types/internal/utils/types.d.ts.map +1 -0
  187. package/lib/types/tsconfig.prod.tsbuildinfo +1 -1
  188. package/package.json +4 -4
  189. package/lib/cjs/internal/models/LKRPBlockTypes.js +0 -2
  190. package/lib/cjs/internal/models/LKRPBlockTypes.js.map +0 -7
  191. package/lib/cjs/internal/models/LKRPCommandTypes.js +0 -2
  192. package/lib/cjs/internal/models/LKRPCommandTypes.js.map +0 -7
  193. package/lib/cjs/internal/models/Types.js +0 -2
  194. package/lib/cjs/internal/models/Types.js.map +0 -7
  195. package/lib/esm/internal/models/LKRPBlockTypes.js +0 -1
  196. package/lib/esm/internal/models/LKRPCommandTypes.js +0 -1
  197. package/lib/esm/internal/models/LKRPCommandTypes.js.map +0 -7
  198. package/lib/esm/internal/models/Types.js +0 -1
  199. package/lib/esm/internal/models/Types.js.map +0 -7
  200. package/lib/types/internal/models/LKRPBlockTypes.d.ts +0 -11
  201. package/lib/types/internal/models/LKRPBlockTypes.d.ts.map +0 -1
  202. package/lib/types/internal/models/LKRPCommandTypes.d.ts.map +0 -1
  203. package/lib/types/internal/models/Tags.d.ts.map +0 -1
  204. package/lib/types/internal/models/Types.d.ts +0 -14
  205. package/lib/types/internal/models/Types.d.ts.map +0 -1
  206. /package/lib/esm/internal/{models/LKRPBlockTypes.js.map → utils/types.js.map} +0 -0
package/lib/esm/internal/app-binder/device-action/AddToTrustchainDeviceAction.js CHANGED
@@ -1,2 +1,2 @@
1
- import{hexaStringToBuffer as d,UserInteractionRequired as p,XStateDeviceAction as A}from"@ledgerhq/device-management-kit";import{EitherAsync as m,Left as l,Maybe as y,Right as S}from"purify-ts";import{assign as c,fromPromise as u,setup as D}from"xstate";import{LKRPTrustchainNotReady as E,LKRPUnknownError as g}from"../../../api/app-binder/Errors";import{InitTask as k}from"../../app-binder/task/InitTask";import{ParseStreamToDeviceTask as I}from"../../app-binder/task/ParseStreamToDeviceTask";import{SignBlockTask as f}from"../../app-binder/task/SignBlockTask";import{eitherSeqRecord as h}from"../../utils/eitherSeqRecord";import{required as a}from"../../utils/required";import{raiseAndAssign as o}from"./utils/raiseAndAssign";class V extends A{makeStateMachine(i){const{initCommand:n,parseStream:s,signBlock:T}=this.extractDependencies(i);return D({types:{input:{},context:{},output:{}},actors:{initCommand:u(n),parseStream:u(s),signBlock:u(T)},actions:{assignErrorFromEvent:o(({event:t})=>l(new g(String(t.error))))},guards:{isTustchainEmpty:({context:t})=>t.input.toMaybe().chain(e=>e.applicationStream.parse().toMaybe()).map(e=>e.length===0).orDefault(!0)}}).createMachine({id:"AddToTrustchainDeviceAction",context:({input:t})=>({input:t,intermediateValue:{requiredUserInteraction:p.None},_internalState:S({sessionKeypair:null})}),initial:"InitSession",states:{InitSession:{on:{success:"ParseStream",error:"Error"},invoke:{id:"initCommand",src:"initCommand",onError:{actions:"assignErrorFromEvent"},onDone:{actions:o(({event:t})=>t.output.map(e=>({raise:"success",assign:{sessionKeypair:e}})))}}},ParseStream:{on:{success:"CheckApplicationStreamExist",error:"Error"},invoke:{id:"parseStream",src:"parseStream",input:({context:t})=>t.input.chain(e=>a(e.trustchain?.["m/"],"Missing root stream").chain(r=>r.parse()).chain(r=>a(r[0],"Missing seed block")).map(r=>({seedBlock:r,applicationStream:e.applicationStream}))),onError:{actions:"assignErrorFromEvent"},onDone:{actions:o(({event:t})=>t.output.map(()=>({raise:"success"})))}}},CheckApplicationStreamExist:{always:[{target:"AddToNewStream",guard:"isTustchainEmpty"},{target:"AddToExistingStream"}]},AddToExistingStream:{on:{success:"Success",error:"Error"},entry:c({intermediateValue:{requiredUserInteraction:"add-ledger-sync"}}),exit:c({intermediateValue:{requiredUserInteraction:p.None}}),invoke:{id:"signBlock",src:"signBlock",input:({context:t})=>t.input.chain(e=>h({lkrpDataSource:e.lkrpDataSource,trustchainId:e.trustchainId,jwt:e.jwt,clientName:e.clientName,sessionKeypair:()=>t._internalState.chain(({sessionKeypair:r})=>a(r,"Missing session keypair")),path:()=>a(e.applicationStream.getPath().extract(),"Missing application path"),parent:()=>a(e.applicationStream.parse().toMaybe().chainNullable(r=>r.at(-1)?.hash()).chainNullable(d).extract(),"Missing parent block"),blockFlow:{type:"addMember",data:{name:e.clientName,publicKey:e.keypair.pubKeyToU8a(),permissions:e.permissions}}})),onError:{actions:"assignErrorFromEvent"},onDone:{actions:o(({event:t})=>t.output.map(()=>({raise:"success"})))}}},AddToNewStream:{on:{success:"Success",error:"Error"},entry:c({intermediateValue:{requiredUserInteraction:"add-ledger-sync"}}),exit:c({intermediateValue:{requiredUserInteraction:p.None}}),invoke:{id:"signBlock",src:"signBlock",input:({context:t})=>t.input.chain(e=>h({lkrpDataSource:e.lkrpDataSource,trustchainId:e.trustchainId,jwt:e.jwt,clientName:e.clientName,sessionKeypair:()=>t._internalState.chain(({sessionKeypair:r})=>a(r,"Missing session keypair")),path:()=>a(e.applicationStream.getPath().extract(),"Missing application path"),parent:()=>a(y.fromNullable(e.trustchain["m/"]).chain(r=>r.parse().toMaybe()).chainNullable(r=>r[0]?.hash()).chainNullable(d).extract(),"Missing init block"),blockFlow:{type:"derive",data:{name:e.clientName,publicKey:e.keypair.pubKeyToU8a(),permissions:e.permissions}}}).chain(()=>l(new E))),onError:{actions:"assignErrorFromEvent"},onDone:{actions:o(({event:t})=>t.output.map(()=>({raise:"success"})))}}},Success:{type:"final"},Error:{type:"final"}},output:({context:t})=>t._internalState.map(e=>{})})}extractDependencies(i){return{initCommand:()=>new k(i).run(),parseStream:async n=>m.liftEither(n.input).chain(s=>new I(i).run(s)).run(),signBlock:n=>m.liftEither(n.input).chain(s=>new f(i).run(s)).run()}}}export{V as AddToTrustchainDeviceAction};
1
+ import{hexaStringToBuffer as d,UnknownDAError as T,UserInteractionRequired as p,XStateDeviceAction as A}from"@ledgerhq/device-management-kit";import{EitherAsync as m,Left as y,Maybe as S,Right as D}from"purify-ts";import{assign as c,fromPromise as u,setup as E}from"xstate";import{InitTask as g}from"../../app-binder/task/InitTask";import{ParseStreamToDeviceTask as k}from"../../app-binder/task/ParseStreamToDeviceTask";import{SignBlockTask as I}from"../../app-binder/task/SignBlockTask";import{eitherSeqRecord as l}from"../../utils/eitherSeqRecord";import{required as a}from"../../utils/required";import{raiseAndAssign as o}from"./utils/raiseAndAssign";class C extends A{makeStateMachine(i){const{initCommand:n,parseStream:s,signBlock:h}=this.extractDependencies(i);return E({types:{input:{},context:{},output:{}},actors:{initCommand:u(n),parseStream:u(s),signBlock:u(h)},actions:{assignErrorFromEvent:o(({event:t})=>y(new T(String(t.error))))},guards:{isTustchainEmpty:({context:t})=>t.input.toMaybe().chain(e=>e.applicationStream.parse().toMaybe()).map(e=>e.length===0).orDefault(!0)}}).createMachine({id:"AddToTrustchainDeviceAction",context:({input:t})=>({input:t,intermediateValue:{requiredUserInteraction:p.None},_internalState:D({sessionKeypair:null})}),initial:"InitSession",states:{InitSession:{on:{success:"ParseStream",error:"Error"},invoke:{id:"initCommand",src:"initCommand",onError:{actions:"assignErrorFromEvent"},onDone:{actions:o(({event:t})=>t.output.map(e=>({raise:"success",assign:{sessionKeypair:e}})))}}},ParseStream:{on:{success:"CheckApplicationStreamExist",error:"Error"},invoke:{id:"parseStream",src:"parseStream",input:({context:t})=>t.input.chain(e=>a(e.trustchain?.["m/"],"Missing root stream").chain(r=>r.parse()).chain(r=>a(r[0],"Missing seed block")).map(r=>({seedBlock:r,applicationStream:e.applicationStream}))),onError:{actions:"assignErrorFromEvent"},onDone:{actions:o(({event:t})=>t.output.map(()=>({raise:"success"})))}}},CheckApplicationStreamExist:{always:[{target:"AddToNewStream",guard:"isTustchainEmpty"},{target:"AddToExistingStream"}]},AddToExistingStream:{on:{success:"Success",error:"Error"},entry:c({intermediateValue:{requiredUserInteraction:"add-ledger-sync"}}),exit:c({intermediateValue:{requiredUserInteraction:p.None}}),invoke:{id:"signBlock",src:"signBlock",input:({context:t})=>t.input.chain(e=>l({lkrpDataSource:e.lkrpDataSource,trustchainId:e.trustchainId,jwt:e.jwt,clientName:e.clientName,sessionKeypair:()=>t._internalState.chain(({sessionKeypair:r})=>a(r,"Missing session keypair")),path:()=>a(e.applicationStream.getPath().extract(),"Missing application path"),parent:()=>a(e.applicationStream.parse().toMaybe().chainNullable(r=>r.at(-1)?.hash()).chainNullable(d).extract(),"Missing parent block"),blockFlow:{type:"addMember",data:{name:e.clientName,publicKey:e.keypair.pubKeyToU8a(),permissions:e.permissions}}})),onError:{actions:"assignErrorFromEvent"},onDone:{actions:o(({event:t})=>t.output.map(()=>({raise:"success"})))}}},AddToNewStream:{on:{success:"Success",error:"Error"},entry:c({intermediateValue:{requiredUserInteraction:"add-ledger-sync"}}),exit:c({intermediateValue:{requiredUserInteraction:p.None}}),invoke:{id:"signBlock",src:"signBlock",input:({context:t})=>t.input.chain(e=>l({lkrpDataSource:e.lkrpDataSource,trustchainId:e.trustchainId,jwt:e.jwt,clientName:e.clientName,sessionKeypair:()=>t._internalState.chain(({sessionKeypair:r})=>a(r,"Missing session keypair")),path:()=>a(e.applicationStream.getPath().extract(),"Missing application path"),parent:()=>a(S.fromNullable(e.trustchain["m/"]).chain(r=>r.parse().toMaybe()).chainNullable(r=>r[0]?.hash()).chainNullable(d).extract(),"Missing init block"),blockFlow:{type:"derive",data:{name:e.clientName,publicKey:e.keypair.pubKeyToU8a(),permissions:e.permissions}}})),onError:{actions:"assignErrorFromEvent"},onDone:{actions:o(({event:t})=>t.output.map(()=>({raise:"success"})))}}},Success:{type:"final"},Error:{type:"final"}},output:({context:t})=>t._internalState.map(e=>{})})}extractDependencies(i){return{initCommand:()=>new g(i).run(),parseStream:async n=>m.liftEither(n.input).chain(s=>new k(i).run(s)).run(),signBlock:n=>m.liftEither(n.input).chain(s=>new I(i).run(s)).run()}}}export{C as AddToTrustchainDeviceAction};
2
2
  //# sourceMappingURL=AddToTrustchainDeviceAction.js.map
package/lib/esm/internal/app-binder/device-action/AddToTrustchainDeviceAction.js.map CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "version": 3,
3
3
  "sources": ["../../../../../src/internal/app-binder/device-action/AddToTrustchainDeviceAction.ts"],
4
- "sourcesContent": ["import {\n type DeviceActionStateMachine,\n hexaStringToBuffer,\n type InternalApi,\n type StateMachineTypes,\n UserInteractionRequired,\n XStateDeviceAction,\n} from \"@ledgerhq/device-management-kit\";\nimport { type Either, EitherAsync, Left, Maybe, Right } from \"purify-ts\";\nimport { assign, fromPromise, setup } from \"xstate\";\n\nimport {\n type AddToTrustchainDAError,\n type AddToTrustchainDAInput,\n type AddToTrustchainDAIntermediateValue,\n type AddToTrustchainDAInternalState,\n type AddToTrustchainDAOutput,\n} from \"@api/app-binder/AddToTrustchainDeviceActionTypes\";\nimport {\n LKRPTrustchainNotReady,\n LKRPUnknownError,\n} from \"@api/app-binder/Errors\";\nimport { type Keypair } from \"@api/index\";\nimport { type LKRPDeviceCommandError } from \"@internal/app-binder/command/utils/ledgerKeyringProtocolErrors\";\nimport { InitTask } from \"@internal/app-binder/task/InitTask\";\nimport {\n ParseStreamToDeviceTask,\n type ParseStreamToDeviceTaskInput,\n} from \"@internal/app-binder/task/ParseStreamToDeviceTask\";\nimport {\n SignBlockTask,\n type SignBlockTaskInput,\n} from \"@internal/app-binder/task/SignBlockTask\";\nimport { eitherSeqRecord } from \"@internal/utils/eitherSeqRecord\";\nimport { required } from \"@internal/utils/required\";\n\nimport { raiseAndAssign } from \"./utils/raiseAndAssign\";\n\nexport class AddToTrustchainDeviceAction extends XStateDeviceAction<\n AddToTrustchainDAOutput,\n AddToTrustchainDAInput,\n AddToTrustchainDAError,\n AddToTrustchainDAIntermediateValue,\n AddToTrustchainDAInternalState\n> {\n makeStateMachine(\n internalApi: InternalApi,\n ): DeviceActionStateMachine<\n AddToTrustchainDAOutput,\n AddToTrustchainDAInput,\n AddToTrustchainDAError,\n AddToTrustchainDAIntermediateValue,\n AddToTrustchainDAInternalState\n > {\n type types = StateMachineTypes<\n AddToTrustchainDAOutput,\n AddToTrustchainDAInput,\n AddToTrustchainDAError,\n AddToTrustchainDAIntermediateValue,\n AddToTrustchainDAInternalState\n >;\n\n const { initCommand, parseStream, signBlock } =\n this.extractDependencies(internalApi);\n\n return setup({\n types: {\n input: {} as types[\"input\"],\n context: {} as types[\"context\"],\n output: {} as types[\"output\"],\n },\n\n actors: {\n initCommand: fromPromise(initCommand),\n parseStream: fromPromise(parseStream),\n signBlock: fromPromise(signBlock),\n },\n\n actions: {\n assignErrorFromEvent: raiseAndAssign(\n ({ event }) =>\n Left(\n new LKRPUnknownError(\n String((event as { error?: unknown }).error),\n ),\n ), // NOTE: it should never happen, the error is not typed anymore here\n ),\n },\n\n guards: {\n isTustchainEmpty: ({ context }) =>\n context.input\n .toMaybe()\n .chain((input) => input.applicationStream.parse().toMaybe())\n .map((blocks) => blocks.length === 0)\n .orDefault(true),\n },\n }).createMachine({\n /** @xstate-layout N4IgpgJg5mDOIC5QEEIQCoHt0CcCusALgMYAWAhgJYB2AImAG6XFjLGGWbUB0AktZUIBlOLE7UAxBC5huNBpgDWsmoIDCmALaby1CAG0ADAF1EoAA6YxHLmZAAPRAEZDAdm6unAFgAcAJi9PLwA2PycAVmCAGhAAT0QAZhDucJDXAE5XcO9wsOCAX3yY1AxsfCIyKjpGZlZ2cT4BYVFxCTAcHEwcbnMAG3JCADMuzTkmjW1dAxM7S2txO0cEdPTuMMN0hKcEnycMwx9ouMQ-cITuDYTg1wOb4PScwuK0LFwCEgoaeiYWNhsefiCESwMRcCSwPDEFggoymJAgOaCBbwpYJVLcBKuLwrQx+dJnbZeGLxBAJALcLxOYLhHGGFx+BJPEAlV7lD5Vb61P4NQHNEGtdqdHCw2ZWJG2FGJdGY7HpXH4rZJYmIXx+NaywKbBk3VyMorMl5ld6VL41X71LjcAAK5BwsDAQkIODA5E0UhkYwUyh6tvtjudrpF8MR-0WiDOwW4wT2ex8CTJ122yoQYR8FzSPkyEWyXiuTJZRoqn2qPzq-2tvodTpdbsFXR6-SGIx9dqrAc0QYsYtDkoQuUjNNcwUC4V2up8yac5JpV2CCTcVJ8XgZ+cNbyLHLNZYaNtb-pr4Mh0NgnYR3eRoCWrlcad1udcpxWu0xyb8fkM3CpwWCBzlSR8o5eKupTruypqltylq7n61aum0HRdKeIYXg4iDXreSSYo+6TPq4yZoucWIrF4dLxlcaLAayxrFpy5rlmopBgMQijIOYfTMAM4j7q6ACi9iUEQEhIeeEqXs4VJeCkN5+D4D4-ocESvm+3APNSP6+GSETpAU+oFqBJollyFo8AxTEsWxvQcf83GaHxAmEEJThwl28yiahCBOE4hwYoYvi+D4dIHLiyYALRTu4bh4mcN43psAGUYWYGGXRDQFnZRA0FANnutQKjUF6shiFA1AAEK9JgzHCa51Bhh5XjLtwAWBIYwQARJU6hXikm5CEnleOEWSUk4CX6TRW6QTwaX8Rl1BZbBtYId0fQDMMOCjEVpXlZVMzBiJNW9t4DKfpEpy7JEmbaaFOxqgk6Tvp5A1-vVerPCBbIGbR26WlN9mZdlEJQqIVXivtYkecOapZD4sleYYhgDd+nUZBSlKpNDWG5CN71jRBxncD9M1ze28FCsDPZg1S4ThBc773IE843IpxwIGFBweLdGyyZhByyVj1Gbrj5YFgAcmAADu2XSLlnpKIVlDFWVFWKGTKFLIdkZDjs2ZtS+zOYh4NxwxkAXpNicZ8xu4FGULhqixL80k-Wy1Nmt3AbYr23OWe1W1d4ewYps0ZTpsmxZKFvhrOEdLXg8LgtbdFtJZ9E347b4v-UeQM7S5IO+xDHijtpgR+PciPM94kZuLieK3XiRvpInH3jXjIvpw7dbCtn3u5wd1LU7iLWm7qVdMySYSSZSpzeDsngl1OhT6tQmAQHAdh6djAvWyhyFuUsYXh-cjUPE+ThxW+w26WuG9Wyllq8sCoKg935PuYEyb1ZJKwrAEERxtkWSNxxlvKClYbKih9r2QI7hKQkSjhsM4pt8JUgpF-KkaJNj1XCIAzet8TKMWYqxdixBOJcBsulQg4Ce5gzlE4A2mEGRPlNgkJSH5vx9xuNiOGYRXDYJvl9SahpyF-XmpQl+atMSRm2KmNwAFUhlxJCFd85x4yjnHpPQIvheHJX4anUodswG7QgRTK4qxoyGB2GbN8qZJzkgeLsH80ZNjw2hlo5OeMhCZxBKI1Wzg4yrBajSe6A1erhE6gFKMDwBrbHxP1O8rjm7lh4otbxu9fEDRSFqUcUNIgHFCi4VYOE5Q4RahsRcOlChAA */\n\n id: \"AddToTrustchainDeviceAction\",\n context: ({ input }) => ({\n input,\n intermediateValue: {\n requiredUserInteraction: UserInteractionRequired.None,\n },\n _internalState: Right({\n sessionKeypair: null,\n }),\n }),\n\n initial: \"InitSession\",\n states: {\n InitSession: {\n on: { success: \"ParseStream\", error: \"Error\" },\n invoke: {\n id: \"initCommand\",\n src: \"initCommand\",\n onError: { actions: \"assignErrorFromEvent\" },\n onDone: {\n actions: raiseAndAssign(({ event }) =>\n event.output.map((sessionKeypair) => ({\n raise: \"success\",\n assign: { sessionKeypair },\n })),\n ),\n },\n },\n },\n\n ParseStream: {\n on: { success: \"CheckApplicationStreamExist\", error: \"Error\" },\n invoke: {\n id: \"parseStream\",\n src: \"parseStream\",\n input: ({ context }) =>\n context.input.chain((input) =>\n required(input.trustchain?.[\"m/\"], \"Missing root stream\")\n .chain((rootStream) => rootStream.parse())\n .chain((blocks) => required(blocks[0], \"Missing seed block\"))\n .map((seedBlock) => ({\n seedBlock,\n applicationStream: input.applicationStream,\n })),\n ),\n onError: { actions: \"assignErrorFromEvent\" },\n onDone: {\n actions: raiseAndAssign(({ event }) =>\n event.output.map(() => ({ raise: \"success\" })),\n ),\n },\n },\n },\n\n CheckApplicationStreamExist: {\n always: [\n { target: \"AddToNewStream\", guard: \"isTustchainEmpty\" },\n { target: \"AddToExistingStream\" },\n ],\n },\n\n AddToExistingStream: {\n on: { success: \"Success\", error: \"Error\" },\n entry: assign({\n intermediateValue: {\n requiredUserInteraction: \"add-ledger-sync\",\n },\n }),\n exit: assign({\n intermediateValue: {\n requiredUserInteraction: UserInteractionRequired.None,\n },\n }),\n invoke: {\n id: \"signBlock\",\n src: \"signBlock\",\n input: ({ context }) =>\n context.input.chain((input) =>\n eitherSeqRecord({\n lkrpDataSource: input.lkrpDataSource,\n trustchainId: input.trustchainId,\n jwt: input.jwt,\n clientName: input.clientName,\n sessionKeypair: () =>\n context._internalState.chain(({ sessionKeypair }) =>\n required(sessionKeypair, \"Missing session keypair\"),\n ),\n path: () =>\n required(\n input.applicationStream.getPath().extract(),\n \"Missing application path\",\n ),\n parent: () =>\n required(\n input.applicationStream\n .parse()\n .toMaybe()\n .chainNullable((blocks) => blocks.at(-1)?.hash())\n .chainNullable(hexaStringToBuffer)\n .extract(),\n \"Missing parent block\",\n ),\n blockFlow: {\n type: \"addMember\",\n data: {\n name: input.clientName,\n publicKey: input.keypair.pubKeyToU8a(),\n permissions: input.permissions,\n },\n },\n }),\n ),\n onError: { actions: \"assignErrorFromEvent\" },\n onDone: {\n actions: raiseAndAssign(({ event }) =>\n event.output.map(() => ({ raise: \"success\" })),\n ),\n },\n },\n },\n\n AddToNewStream: {\n on: { success: \"Success\", error: \"Error\" },\n entry: assign({\n intermediateValue: {\n requiredUserInteraction: \"add-ledger-sync\",\n },\n }),\n exit: assign({\n intermediateValue: {\n requiredUserInteraction: UserInteractionRequired.None,\n },\n }),\n invoke: {\n id: \"signBlock\",\n src: \"signBlock\",\n input: ({ context }) =>\n context.input.chain((input) =>\n eitherSeqRecord({\n lkrpDataSource: input.lkrpDataSource,\n trustchainId: input.trustchainId,\n jwt: input.jwt,\n clientName: input.clientName,\n sessionKeypair: () =>\n context._internalState.chain(({ sessionKeypair }) =>\n required(sessionKeypair, \"Missing session keypair\"),\n ),\n path: () =>\n required(\n input.applicationStream.getPath().extract(),\n \"Missing application path\",\n ),\n parent: () =>\n required(\n Maybe.fromNullable(input.trustchain[\"m/\"])\n .chain((rootStream) => rootStream.parse().toMaybe())\n .chainNullable((blocks) => blocks[0]?.hash())\n .chainNullable(hexaStringToBuffer)\n .extract(),\n \"Missing init block\",\n ),\n blockFlow: {\n type: \"derive\",\n data: {\n name: input.clientName,\n publicKey: input.keypair.pubKeyToU8a(),\n permissions: input.permissions,\n },\n },\n }).chain(() => Left(new LKRPTrustchainNotReady())),\n ),\n onError: { actions: \"assignErrorFromEvent\" },\n onDone: {\n actions: raiseAndAssign(({ event }) =>\n event.output.map(() => ({ raise: \"success\" })),\n ),\n },\n },\n },\n\n Success: { type: \"final\" },\n\n Error: { type: \"final\" },\n },\n\n output: ({ context }) => context._internalState.map((_) => undefined),\n });\n }\n\n extractDependencies(internalApi: InternalApi) {\n return {\n initCommand: (): Promise<Either<LKRPDeviceCommandError, Keypair>> =>\n new InitTask(internalApi).run(),\n\n parseStream: async (args: {\n input: Either<AddToTrustchainDAError, ParseStreamToDeviceTaskInput>;\n }) =>\n EitherAsync.liftEither(args.input)\n .chain<AddToTrustchainDAError, unknown>((input) =>\n new ParseStreamToDeviceTask(internalApi).run(input),\n )\n .run(),\n\n signBlock: (args: {\n input: Either<AddToTrustchainDAError, SignBlockTaskInput>;\n }): Promise<Either<AddToTrustchainDAError, void>> =>\n EitherAsync.liftEither(args.input)\n .chain((input) => new SignBlockTask(internalApi).run(input))\n .run(),\n };\n }\n}\n"],
5
- "mappings": "AAAA,OAEE,sBAAAA,EAGA,2BAAAC,EACA,sBAAAC,MACK,kCACP,OAAsB,eAAAC,EAAa,QAAAC,EAAM,SAAAC,EAAO,SAAAC,MAAa,YAC7D,OAAS,UAAAC,EAAQ,eAAAC,EAAa,SAAAC,MAAa,SAS3C,OACE,0BAAAC,EACA,oBAAAC,MACK,yBAGP,OAAS,YAAAC,MAAgB,qCACzB,OACE,2BAAAC,MAEK,oDACP,OACE,iBAAAC,MAEK,0CACP,OAAS,mBAAAC,MAAuB,kCAChC,OAAS,YAAAC,MAAgB,2BAEzB,OAAS,kBAAAC,MAAsB,yBAExB,MAAMC,UAAoChB,CAM/C,CACA,iBACEiB,EAOA,CASA,KAAM,CAAE,YAAAC,EAAa,YAAAC,EAAa,UAAAC,CAAU,EAC1C,KAAK,oBAAoBH,CAAW,EAEtC,OAAOV,EAAM,CACX,MAAO,CACL,MAAO,CAAC,EACR,QAAS,CAAC,EACV,OAAQ,CAAC,CACX,EAEA,OAAQ,CACN,YAAaD,EAAYY,CAAW,EACpC,YAAaZ,EAAYa,CAAW,EACpC,UAAWb,EAAYc,CAAS,CAClC,EAEA,QAAS,CACP,qBAAsBL,EACpB,CAAC,CAAE,MAAAM,CAAM,IACPnB,EACE,IAAIO,EACF,OAAQY,EAA8B,KAAK,CAC7C,CACF,CACJ,CACF,EAEA,OAAQ,CACN,iBAAkB,CAAC,CAAE,QAAAC,CAAQ,IAC3BA,EAAQ,MACL,QAAQ,EACR,MAAOC,GAAUA,EAAM,kBAAkB,MAAM,EAAE,QAAQ,CAAC,EAC1D,IAAKC,GAAWA,EAAO,SAAW,CAAC,EACnC,UAAU,EAAI,CACrB,CACF,CAAC,EAAE,cAAc,CAGf,GAAI,8BACJ,QAAS,CAAC,CAAE,MAAAD,CAAM,KAAO,CACvB,MAAAA,EACA,kBAAmB,CACjB,wBAAyBxB,EAAwB,IACnD,EACA,eAAgBK,EAAM,CACpB,eAAgB,IAClB,CAAC,CACH,GAEA,QAAS,cACT,OAAQ,CACN,YAAa,CACX,GAAI,CAAE,QAAS,cAAe,MAAO,OAAQ,EAC7C,OAAQ,CACN,GAAI,cACJ,IAAK,cACL,QAAS,CAAE,QAAS,sBAAuB,EAC3C,OAAQ,CACN,QAASW,EAAe,CAAC,CAAE,MAAAM,CAAM,IAC/BA,EAAM,OAAO,IAAKI,IAAoB,CACpC,MAAO,UACP,OAAQ,CAAE,eAAAA,CAAe,CAC3B,EAAE,CACJ,CACF,CACF,CACF,EAEA,YAAa,CACX,GAAI,CAAE,QAAS,8BAA+B,MAAO,OAAQ,EAC7D,OAAQ,CACN,GAAI,cACJ,IAAK,cACL,MAAO,CAAC,CAAE,QAAAH,CAAQ,IAChBA,EAAQ,MAAM,MAAOC,GACnBT,EAASS,EAAM,aAAa,IAAI,EAAG,qBAAqB,EACrD,MAAOG,GAAeA,EAAW,MAAM,CAAC,EACxC,MAAOF,GAAWV,EAASU,EAAO,CAAC,EAAG,oBAAoB,CAAC,EAC3D,IAAKG,IAAe,CACnB,UAAAA,EACA,kBAAmBJ,EAAM,iBAC3B,EAAE,CACN,EACF,QAAS,CAAE,QAAS,sBAAuB,EAC3C,OAAQ,CACN,QAASR,EAAe,CAAC,CAAE,MAAAM,CAAM,IAC/BA,EAAM,OAAO,IAAI,KAAO,CAAE,MAAO,SAAU,EAAE,CAC/C,CACF,CACF,CACF,EAEA,4BAA6B,CAC3B,OAAQ,CACN,CAAE,OAAQ,iBAAkB,MAAO,kBAAmB,EACtD,CAAE,OAAQ,qBAAsB,CAClC,CACF,EAEA,oBAAqB,CACnB,GAAI,CAAE,QAAS,UAAW,MAAO,OAAQ,EACzC,MAAOhB,EAAO,CACZ,kBAAmB,CACjB,wBAAyB,iBAC3B,CACF,CAAC,EACD,KAAMA,EAAO,CACX,kBAAmB,CACjB,wBAAyBN,EAAwB,IACnD,CACF,CAAC,EACD,OAAQ,CACN,GAAI,YACJ,IAAK,YACL,MAAO,CAAC,CAAE,QAAAuB,CAAQ,IAChBA,EAAQ,MAAM,MAAOC,GACnBV,EAAgB,CACd,eAAgBU,EAAM,eACtB,aAAcA,EAAM,aACpB,IAAKA,EAAM,IACX,WAAYA,EAAM,WAClB,eAAgB,IACdD,EAAQ,eAAe,MAAM,CAAC,CAAE,eAAAG,CAAe,IAC7CX,EAASW,EAAgB,yBAAyB,CACpD,EACF,KAAM,IACJX,EACES,EAAM,kBAAkB,QAAQ,EAAE,QAAQ,EAC1C,0BACF,EACF,OAAQ,IACNT,EACES,EAAM,kBACH,MAAM,EACN,QAAQ,EACR,cAAeC,GAAWA,EAAO,GAAG,EAAE,GAAG,KAAK,CAAC,EAC/C,cAAc1B,CAAkB,EAChC,QAAQ,EACX,sBACF,EACF,UAAW,CACT,KAAM,YACN,KAAM,CACJ,KAAMyB,EAAM,WACZ,UAAWA,EAAM,QAAQ,YAAY,EACrC,YAAaA,EAAM,WACrB,CACF,CACF,CAAC,CACH,EACF,QAAS,CAAE,QAAS,sBAAuB,EAC3C,OAAQ,CACN,QAASR,EAAe,CAAC,CAAE,MAAAM,CAAM,IAC/BA,EAAM,OAAO,IAAI,KAAO,CAAE,MAAO,SAAU,EAAE,CAC/C,CACF,CACF,CACF,EAEA,eAAgB,CACd,GAAI,CAAE,QAAS,UAAW,MAAO,OAAQ,EACzC,MAAOhB,EAAO,CACZ,kBAAmB,CACjB,wBAAyB,iBAC3B,CACF,CAAC,EACD,KAAMA,EAAO,CACX,kBAAmB,CACjB,wBAAyBN,EAAwB,IACnD,CACF,CAAC,EACD,OAAQ,CACN,GAAI,YACJ,IAAK,YACL,MAAO,CAAC,CAAE,QAAAuB,CAAQ,IAChBA,EAAQ,MAAM,MAAOC,GACnBV,EAAgB,CACd,eAAgBU,EAAM,eACtB,aAAcA,EAAM,aACpB,IAAKA,EAAM,IACX,WAAYA,EAAM,WAClB,eAAgB,IACdD,EAAQ,eAAe,MAAM,CAAC,CAAE,eAAAG,CAAe,IAC7CX,EAASW,EAAgB,yBAAyB,CACpD,EACF,KAAM,IACJX,EACES,EAAM,kBAAkB,QAAQ,EAAE,QAAQ,EAC1C,0BACF,EACF,OAAQ,IACNT,EACEX,EAAM,aAAaoB,EAAM,WAAW,IAAI,CAAC,EACtC,MAAOG,GAAeA,EAAW,MAAM,EAAE,QAAQ,CAAC,EAClD,cAAeF,GAAWA,EAAO,CAAC,GAAG,KAAK,CAAC,EAC3C,cAAc1B,CAAkB,EAChC,QAAQ,EACX,oBACF,EACF,UAAW,CACT,KAAM,SACN,KAAM,CACJ,KAAMyB,EAAM,WACZ,UAAWA,EAAM,QAAQ,YAAY,EACrC,YAAaA,EAAM,WACrB,CACF,CACF,CAAC,EAAE,MAAM,IAAMrB,EAAK,IAAIM,CAAwB,CAAC,CACnD,EACF,QAAS,CAAE,QAAS,sBAAuB,EAC3C,OAAQ,CACN,QAASO,EAAe,CAAC,CAAE,MAAAM,CAAM,IAC/BA,EAAM,OAAO,IAAI,KAAO,CAAE,MAAO,SAAU,EAAE,CAC/C,CACF,CACF,CACF,EAEA,QAAS,CAAE,KAAM,OAAQ,EAEzB,MAAO,CAAE,KAAM,OAAQ,CACzB,EAEA,OAAQ,CAAC,CAAE,QAAAC,CAAQ,IAAMA,EAAQ,eAAe,IAAKM,GAAG,EAAY,CACtE,CAAC,CACH,CAEA,oBAAoBX,EAA0B,CAC5C,MAAO,CACL,YAAa,IACX,IAAIP,EAASO,CAAW,EAAE,IAAI,EAEhC,YAAa,MAAOY,GAGlB5B,EAAY,WAAW4B,EAAK,KAAK,EAC9B,MAAwCN,GACvC,IAAIZ,EAAwBM,CAAW,EAAE,IAAIM,CAAK,CACpD,EACC,IAAI,EAET,UAAYM,GAGV5B,EAAY,WAAW4B,EAAK,KAAK,EAC9B,MAAON,GAAU,IAAIX,EAAcK,CAAW,EAAE,IAAIM,CAAK,CAAC,EAC1D,IAAI,CACX,CACF,CACF",
6
- "names": ["hexaStringToBuffer", "UserInteractionRequired", "XStateDeviceAction", "EitherAsync", "Left", "Maybe", "Right", "assign", "fromPromise", "setup", "LKRPTrustchainNotReady", "LKRPUnknownError", "InitTask", "ParseStreamToDeviceTask", "SignBlockTask", "eitherSeqRecord", "required", "raiseAndAssign", "AddToTrustchainDeviceAction", "internalApi", "initCommand", "parseStream", "signBlock", "event", "context", "input", "blocks", "sessionKeypair", "rootStream", "seedBlock", "_", "args"]
4
+ "sourcesContent": ["import {\n type DeviceActionStateMachine,\n hexaStringToBuffer,\n type InternalApi,\n type StateMachineTypes,\n UnknownDAError,\n UserInteractionRequired,\n XStateDeviceAction,\n} from \"@ledgerhq/device-management-kit\";\nimport { type Either, EitherAsync, Left, Maybe, Right } from \"purify-ts\";\nimport { assign, fromPromise, setup } from \"xstate\";\n\nimport {\n type AddToTrustchainDAError,\n type AddToTrustchainDAInput,\n type AddToTrustchainDAIntermediateValue,\n type AddToTrustchainDAInternalState,\n type AddToTrustchainDAOutput,\n} from \"@api/app-binder/AddToTrustchainDeviceActionTypes\";\nimport { type Keypair } from \"@api/index\";\nimport { type LKRPDeviceCommandError } from \"@internal/app-binder/command/utils/ledgerKeyringProtocolErrors\";\nimport { InitTask } from \"@internal/app-binder/task/InitTask\";\nimport {\n ParseStreamToDeviceTask,\n type ParseStreamToDeviceTaskInput,\n} from \"@internal/app-binder/task/ParseStreamToDeviceTask\";\nimport {\n type SignBlockError,\n SignBlockTask,\n type SignBlockTaskInput,\n} from \"@internal/app-binder/task/SignBlockTask\";\nimport { eitherSeqRecord } from \"@internal/utils/eitherSeqRecord\";\nimport { required } from \"@internal/utils/required\";\n\nimport { raiseAndAssign } from \"./utils/raiseAndAssign\";\n\nexport class AddToTrustchainDeviceAction extends XStateDeviceAction<\n AddToTrustchainDAOutput,\n AddToTrustchainDAInput,\n AddToTrustchainDAError,\n AddToTrustchainDAIntermediateValue,\n AddToTrustchainDAInternalState\n> {\n makeStateMachine(\n internalApi: InternalApi,\n ): DeviceActionStateMachine<\n AddToTrustchainDAOutput,\n AddToTrustchainDAInput,\n AddToTrustchainDAError,\n AddToTrustchainDAIntermediateValue,\n AddToTrustchainDAInternalState\n > {\n type types = StateMachineTypes<\n AddToTrustchainDAOutput,\n AddToTrustchainDAInput,\n AddToTrustchainDAError,\n AddToTrustchainDAIntermediateValue,\n AddToTrustchainDAInternalState\n >;\n\n const { initCommand, parseStream, signBlock } =\n this.extractDependencies(internalApi);\n\n return setup({\n types: {\n input: {} as types[\"input\"],\n context: {} as types[\"context\"],\n output: {} as types[\"output\"],\n },\n\n actors: {\n initCommand: fromPromise(initCommand),\n parseStream: fromPromise(parseStream),\n signBlock: fromPromise(signBlock),\n },\n\n actions: {\n assignErrorFromEvent: raiseAndAssign(\n ({ event }) =>\n Left(\n new UnknownDAError(String((event as { error?: unknown }).error)),\n ), // NOTE: it should never happen, the error is not typed anymore here\n ),\n },\n\n guards: {\n isTustchainEmpty: ({ context }) =>\n context.input\n .toMaybe()\n .chain((input) => input.applicationStream.parse().toMaybe())\n .map((blocks) => blocks.length === 0)\n .orDefault(true),\n },\n }).createMachine({\n /** @xstate-layout N4IgpgJg5mDOIC5QEEIQCoHt0CcCusALgMYAWAhgJYB2AImAG6XFjLGGWbUB0AktZUIBlOLE7UAxBC5huNBpgDWsmoIDCmALaby1CAG0ADAF1EoAA6YxHLmZAAPRAEZDAdm6unAFgAcAJi9PLwA2PycAVmCAGhAAT0QAZhDucJDXAE5XcO9wsOCAX3yY1AxsfCIyKjpGZlZ2cT4BYVFxCTAcHEwcbnMAG3JCADMuzTkmjW1dAxM7S2txO0cEdPTuMMN0hKcEnycMwx9ouMQ-cITuDYTg1wOb4PScwuK0LFwCEgoaeiYWNhsefiCESwMRcCSwPDEFggoymJAgOaCBbwpYJVLcBKuLwrQx+dJnbZeGLxBAJALcLxOYLhHGGFx+BJPEAlV7lD5Vb61P4NQHNEGtdqdHCw2ZWJG2FGJdGY7HpXH4rZJYmIXx+NaywKbBk3VyMorMl5ld6VL41X71LjcAAK5BwsDAQkIODA5E0UhkYwUyh6tvtjudrpF8MR-0WiDOwW4wT2ex8CTJ122yoQYR8FzSPkyEWyXiuTJZRoqn2qPzq-2tvodTpdbsFXR6-SGIx9dqrAc0QYsYtDkoQuUjNNcwUC4V2up8yac5JpV2CCTcVJ8XgZ+cNbyLHLNZYaNtb-pr4Mh0NgnYR3eRoCWrlcad1udcpxWu0xyb8fkM3CpwWCBzlSR8o5eKupTruypqltylq7n61aum0HRdKeIYXg4iDXreSSYo+6TPq4yZoucWIrF4dLxlcaLAayxrFpy5rlmopBgMQijIOYfTMAM4j7q6ACi9iUEQEhIeeEqXs4VJeCkN5+D4D4-ocESvm+3APNSP6+GSETpAU+oFqBJollyFo8AxTEsWxvQcf83GaHxAmEEJThwl28yiahCBOE4hwYoYvi+D4dIHLiyYALRTu4bh4mcN43psAGUYWYGGXRDQFnZRA0FANnutQKjUF6shiFA1AAEK9JgzHCa51Bhh5XjLtwAWBIYwQARJU6hXikm5CEnleOEWSUk4CX6TRW6QTwaX8Rl1BZbBtYId0fQDMMOCjEVpXlZVMzBiJNW9t4DKfpEpy7JEmbaaFOxqgk6Tvp5A1-vVerPCBbIGbR26WlN9mZdlEJQqIVXivtYkecOapZD4sleYYhgDd+nUZBSlKpNDWG5CN71jRBxncD9M1ze28FCsDPZg1S4ThBc773IE843IpxwIGFBweLdGyyZhByyVj1Gbrj5YFgAcmAADu2XSLlnpKIVlDFWVFWKGTKFLIdkZDjs2ZtS+zOYh4NxwxkAXpNicZ8xu4FGULhqixL80k-Wy1Nmt3AbYr23OWe1W1d4ewYps0ZTpsmxZKFvhrOEdLXg8LgtbdFtJZ9E347b4v-UeQM7S5IO+xDHijtpgR+PciPM94kZuLieK3XiRvpInH3jXjIvpw7dbCtn3u5wd1LU7iLWm7qVdMySYSSZSpzeDsngl1OhT6tQmAQHAdh6djAvWyhyFuUsYXh-cjUPE+ThxW+w26WuG9Wyllq8sCoKg935PuYEyb1ZJKwrAEERxtkWSNxxlvKClYbKih9r2QI7hKQkSjhsM4pt8JUgpF-KkaJNj1XCIAzet8TKMWYqxdixBOJcBsulQg4Ce5gzlE4A2mEGRPlNgkJSH5vx9xuNiOGYRXDYJvl9SahpyF-XmpQl+atMSRm2KmNwAFUhlxJCFd85x4yjnHpPQIvheHJX4anUodswG7QgRTK4qxoyGB2GbN8qZJzkgeLsH80ZNjw2hlo5OeMhCZxBKI1Wzg4yrBajSe6A1erhE6gFKMDwBrbHxP1O8rjm7lh4otbxu9fEDRSFqUcUNIgHFCi4VYOE5Q4RahsRcOlChAA */\n\n id: \"AddToTrustchainDeviceAction\",\n context: ({ input }) => ({\n input,\n intermediateValue: {\n requiredUserInteraction: UserInteractionRequired.None,\n },\n _internalState: Right({\n sessionKeypair: null,\n }),\n }),\n\n initial: \"InitSession\",\n states: {\n InitSession: {\n on: { success: \"ParseStream\", error: \"Error\" },\n invoke: {\n id: \"initCommand\",\n src: \"initCommand\",\n onError: { actions: \"assignErrorFromEvent\" },\n onDone: {\n actions: raiseAndAssign(({ event }) =>\n event.output.map((sessionKeypair) => ({\n raise: \"success\",\n assign: { sessionKeypair },\n })),\n ),\n },\n },\n },\n\n ParseStream: {\n on: { success: \"CheckApplicationStreamExist\", error: \"Error\" },\n invoke: {\n id: \"parseStream\",\n src: \"parseStream\",\n input: ({ context }) =>\n context.input.chain((input) =>\n required(input.trustchain?.[\"m/\"], \"Missing root stream\")\n .chain((rootStream) => rootStream.parse())\n .chain((blocks) => required(blocks[0], \"Missing seed block\"))\n .map((seedBlock) => ({\n seedBlock,\n applicationStream: input.applicationStream,\n })),\n ),\n onError: { actions: \"assignErrorFromEvent\" },\n onDone: {\n actions: raiseAndAssign(({ event }) =>\n event.output.map(() => ({ raise: \"success\" })),\n ),\n },\n },\n },\n\n CheckApplicationStreamExist: {\n always: [\n { target: \"AddToNewStream\", guard: \"isTustchainEmpty\" },\n { target: \"AddToExistingStream\" },\n ],\n },\n\n AddToExistingStream: {\n on: { success: \"Success\", error: \"Error\" },\n entry: assign({\n intermediateValue: {\n requiredUserInteraction: \"add-ledger-sync\",\n },\n }),\n exit: assign({\n intermediateValue: {\n requiredUserInteraction: UserInteractionRequired.None,\n },\n }),\n invoke: {\n id: \"signBlock\",\n src: \"signBlock\",\n input: ({ context }) =>\n context.input.chain((input) =>\n eitherSeqRecord({\n lkrpDataSource: input.lkrpDataSource,\n trustchainId: input.trustchainId,\n jwt: input.jwt,\n clientName: input.clientName,\n sessionKeypair: () =>\n context._internalState.chain(({ sessionKeypair }) =>\n required(sessionKeypair, \"Missing session keypair\"),\n ),\n path: () =>\n required(\n input.applicationStream.getPath().extract(),\n \"Missing application path\",\n ),\n parent: () =>\n required(\n input.applicationStream\n .parse()\n .toMaybe()\n .chainNullable((blocks) => blocks.at(-1)?.hash())\n .chainNullable(hexaStringToBuffer)\n .extract(),\n \"Missing parent block\",\n ),\n blockFlow: {\n type: \"addMember\",\n data: {\n name: input.clientName,\n publicKey: input.keypair.pubKeyToU8a(),\n permissions: input.permissions,\n },\n },\n }),\n ),\n onError: { actions: \"assignErrorFromEvent\" },\n onDone: {\n actions: raiseAndAssign(({ event }) =>\n event.output.map(() => ({ raise: \"success\" })),\n ),\n },\n },\n },\n\n AddToNewStream: {\n on: { success: \"Success\", error: \"Error\" },\n entry: assign({\n intermediateValue: {\n requiredUserInteraction: \"add-ledger-sync\",\n },\n }),\n exit: assign({\n intermediateValue: {\n requiredUserInteraction: UserInteractionRequired.None,\n },\n }),\n invoke: {\n id: \"signBlock\",\n src: \"signBlock\",\n input: ({ context }) =>\n context.input.chain((input) =>\n eitherSeqRecord({\n lkrpDataSource: input.lkrpDataSource,\n trustchainId: input.trustchainId,\n jwt: input.jwt,\n clientName: input.clientName,\n sessionKeypair: () =>\n context._internalState.chain(({ sessionKeypair }) =>\n required(sessionKeypair, \"Missing session keypair\"),\n ),\n path: () =>\n required(\n input.applicationStream.getPath().extract(),\n \"Missing application path\",\n ),\n parent: () =>\n required(\n Maybe.fromNullable(input.trustchain[\"m/\"])\n .chain((rootStream) => rootStream.parse().toMaybe())\n .chainNullable((blocks) => blocks[0]?.hash())\n .chainNullable(hexaStringToBuffer)\n .extract(),\n \"Missing init block\",\n ),\n blockFlow: {\n type: \"derive\",\n data: {\n name: input.clientName,\n publicKey: input.keypair.pubKeyToU8a(),\n permissions: input.permissions,\n },\n },\n }),\n ),\n onError: { actions: \"assignErrorFromEvent\" },\n onDone: {\n actions: raiseAndAssign(({ event }) =>\n event.output.map(() => ({ raise: \"success\" })),\n ),\n },\n },\n },\n\n Success: { type: \"final\" },\n\n Error: { type: \"final\" },\n },\n\n output: ({ context }) => context._internalState.map((_) => undefined),\n });\n }\n\n extractDependencies(internalApi: InternalApi) {\n return {\n initCommand: (): Promise<Either<LKRPDeviceCommandError, Keypair>> =>\n new InitTask(internalApi).run(),\n\n parseStream: async (args: {\n input: Either<AddToTrustchainDAError, ParseStreamToDeviceTaskInput>;\n }) =>\n EitherAsync.liftEither(args.input)\n .chain<AddToTrustchainDAError, unknown>((input) =>\n new ParseStreamToDeviceTask(internalApi).run(input),\n )\n .run(),\n\n signBlock: (args: {\n input: Either<AddToTrustchainDAError, SignBlockTaskInput>;\n }): Promise<Either<SignBlockError, void>> =>\n EitherAsync.liftEither(args.input)\n .chain((input) => new SignBlockTask(internalApi).run(input))\n .run(),\n };\n }\n}\n"],
5
+ "mappings": "AAAA,OAEE,sBAAAA,EAGA,kBAAAC,EACA,2BAAAC,EACA,sBAAAC,MACK,kCACP,OAAsB,eAAAC,EAAa,QAAAC,EAAM,SAAAC,EAAO,SAAAC,MAAa,YAC7D,OAAS,UAAAC,EAAQ,eAAAC,EAAa,SAAAC,MAAa,SAW3C,OAAS,YAAAC,MAAgB,qCACzB,OACE,2BAAAC,MAEK,oDACP,OAEE,iBAAAC,MAEK,0CACP,OAAS,mBAAAC,MAAuB,kCAChC,OAAS,YAAAC,MAAgB,2BAEzB,OAAS,kBAAAC,MAAsB,yBAExB,MAAMC,UAAoCd,CAM/C,CACA,iBACEe,EAOA,CASA,KAAM,CAAE,YAAAC,EAAa,YAAAC,EAAa,UAAAC,CAAU,EAC1C,KAAK,oBAAoBH,CAAW,EAEtC,OAAOR,EAAM,CACX,MAAO,CACL,MAAO,CAAC,EACR,QAAS,CAAC,EACV,OAAQ,CAAC,CACX,EAEA,OAAQ,CACN,YAAaD,EAAYU,CAAW,EACpC,YAAaV,EAAYW,CAAW,EACpC,UAAWX,EAAYY,CAAS,CAClC,EAEA,QAAS,CACP,qBAAsBL,EACpB,CAAC,CAAE,MAAAM,CAAM,IACPjB,EACE,IAAIJ,EAAe,OAAQqB,EAA8B,KAAK,CAAC,CACjE,CACJ,CACF,EAEA,OAAQ,CACN,iBAAkB,CAAC,CAAE,QAAAC,CAAQ,IAC3BA,EAAQ,MACL,QAAQ,EACR,MAAOC,GAAUA,EAAM,kBAAkB,MAAM,EAAE,QAAQ,CAAC,EAC1D,IAAKC,GAAWA,EAAO,SAAW,CAAC,EACnC,UAAU,EAAI,CACrB,CACF,CAAC,EAAE,cAAc,CAGf,GAAI,8BACJ,QAAS,CAAC,CAAE,MAAAD,CAAM,KAAO,CACvB,MAAAA,EACA,kBAAmB,CACjB,wBAAyBtB,EAAwB,IACnD,EACA,eAAgBK,EAAM,CACpB,eAAgB,IAClB,CAAC,CACH,GAEA,QAAS,cACT,OAAQ,CACN,YAAa,CACX,GAAI,CAAE,QAAS,cAAe,MAAO,OAAQ,EAC7C,OAAQ,CACN,GAAI,cACJ,IAAK,cACL,QAAS,CAAE,QAAS,sBAAuB,EAC3C,OAAQ,CACN,QAASS,EAAe,CAAC,CAAE,MAAAM,CAAM,IAC/BA,EAAM,OAAO,IAAKI,IAAoB,CACpC,MAAO,UACP,OAAQ,CAAE,eAAAA,CAAe,CAC3B,EAAE,CACJ,CACF,CACF,CACF,EAEA,YAAa,CACX,GAAI,CAAE,QAAS,8BAA+B,MAAO,OAAQ,EAC7D,OAAQ,CACN,GAAI,cACJ,IAAK,cACL,MAAO,CAAC,CAAE,QAAAH,CAAQ,IAChBA,EAAQ,MAAM,MAAOC,GACnBT,EAASS,EAAM,aAAa,IAAI,EAAG,qBAAqB,EACrD,MAAOG,GAAeA,EAAW,MAAM,CAAC,EACxC,MAAOF,GAAWV,EAASU,EAAO,CAAC,EAAG,oBAAoB,CAAC,EAC3D,IAAKG,IAAe,CACnB,UAAAA,EACA,kBAAmBJ,EAAM,iBAC3B,EAAE,CACN,EACF,QAAS,CAAE,QAAS,sBAAuB,EAC3C,OAAQ,CACN,QAASR,EAAe,CAAC,CAAE,MAAAM,CAAM,IAC/BA,EAAM,OAAO,IAAI,KAAO,CAAE,MAAO,SAAU,EAAE,CAC/C,CACF,CACF,CACF,EAEA,4BAA6B,CAC3B,OAAQ,CACN,CAAE,OAAQ,iBAAkB,MAAO,kBAAmB,EACtD,CAAE,OAAQ,qBAAsB,CAClC,CACF,EAEA,oBAAqB,CACnB,GAAI,CAAE,QAAS,UAAW,MAAO,OAAQ,EACzC,MAAOd,EAAO,CACZ,kBAAmB,CACjB,wBAAyB,iBAC3B,CACF,CAAC,EACD,KAAMA,EAAO,CACX,kBAAmB,CACjB,wBAAyBN,EAAwB,IACnD,CACF,CAAC,EACD,OAAQ,CACN,GAAI,YACJ,IAAK,YACL,MAAO,CAAC,CAAE,QAAAqB,CAAQ,IAChBA,EAAQ,MAAM,MAAOC,GACnBV,EAAgB,CACd,eAAgBU,EAAM,eACtB,aAAcA,EAAM,aACpB,IAAKA,EAAM,IACX,WAAYA,EAAM,WAClB,eAAgB,IACdD,EAAQ,eAAe,MAAM,CAAC,CAAE,eAAAG,CAAe,IAC7CX,EAASW,EAAgB,yBAAyB,CACpD,EACF,KAAM,IACJX,EACES,EAAM,kBAAkB,QAAQ,EAAE,QAAQ,EAC1C,0BACF,EACF,OAAQ,IACNT,EACES,EAAM,kBACH,MAAM,EACN,QAAQ,EACR,cAAeC,GAAWA,EAAO,GAAG,EAAE,GAAG,KAAK,CAAC,EAC/C,cAAczB,CAAkB,EAChC,QAAQ,EACX,sBACF,EACF,UAAW,CACT,KAAM,YACN,KAAM,CACJ,KAAMwB,EAAM,WACZ,UAAWA,EAAM,QAAQ,YAAY,EACrC,YAAaA,EAAM,WACrB,CACF,CACF,CAAC,CACH,EACF,QAAS,CAAE,QAAS,sBAAuB,EAC3C,OAAQ,CACN,QAASR,EAAe,CAAC,CAAE,MAAAM,CAAM,IAC/BA,EAAM,OAAO,IAAI,KAAO,CAAE,MAAO,SAAU,EAAE,CAC/C,CACF,CACF,CACF,EAEA,eAAgB,CACd,GAAI,CAAE,QAAS,UAAW,MAAO,OAAQ,EACzC,MAAOd,EAAO,CACZ,kBAAmB,CACjB,wBAAyB,iBAC3B,CACF,CAAC,EACD,KAAMA,EAAO,CACX,kBAAmB,CACjB,wBAAyBN,EAAwB,IACnD,CACF,CAAC,EACD,OAAQ,CACN,GAAI,YACJ,IAAK,YACL,MAAO,CAAC,CAAE,QAAAqB,CAAQ,IAChBA,EAAQ,MAAM,MAAOC,GACnBV,EAAgB,CACd,eAAgBU,EAAM,eACtB,aAAcA,EAAM,aACpB,IAAKA,EAAM,IACX,WAAYA,EAAM,WAClB,eAAgB,IACdD,EAAQ,eAAe,MAAM,CAAC,CAAE,eAAAG,CAAe,IAC7CX,EAASW,EAAgB,yBAAyB,CACpD,EACF,KAAM,IACJX,EACES,EAAM,kBAAkB,QAAQ,EAAE,QAAQ,EAC1C,0BACF,EACF,OAAQ,IACNT,EACET,EAAM,aAAakB,EAAM,WAAW,IAAI,CAAC,EACtC,MAAOG,GAAeA,EAAW,MAAM,EAAE,QAAQ,CAAC,EAClD,cAAeF,GAAWA,EAAO,CAAC,GAAG,KAAK,CAAC,EAC3C,cAAczB,CAAkB,EAChC,QAAQ,EACX,oBACF,EACF,UAAW,CACT,KAAM,SACN,KAAM,CACJ,KAAMwB,EAAM,WACZ,UAAWA,EAAM,QAAQ,YAAY,EACrC,YAAaA,EAAM,WACrB,CACF,CACF,CAAC,CACH,EACF,QAAS,CAAE,QAAS,sBAAuB,EAC3C,OAAQ,CACN,QAASR,EAAe,CAAC,CAAE,MAAAM,CAAM,IAC/BA,EAAM,OAAO,IAAI,KAAO,CAAE,MAAO,SAAU,EAAE,CAC/C,CACF,CACF,CACF,EAEA,QAAS,CAAE,KAAM,OAAQ,EAEzB,MAAO,CAAE,KAAM,OAAQ,CACzB,EAEA,OAAQ,CAAC,CAAE,QAAAC,CAAQ,IAAMA,EAAQ,eAAe,IAAKM,GAAG,EAAY,CACtE,CAAC,CACH,CAEA,oBAAoBX,EAA0B,CAC5C,MAAO,CACL,YAAa,IACX,IAAIP,EAASO,CAAW,EAAE,IAAI,EAEhC,YAAa,MAAOY,GAGlB1B,EAAY,WAAW0B,EAAK,KAAK,EAC9B,MAAwCN,GACvC,IAAIZ,EAAwBM,CAAW,EAAE,IAAIM,CAAK,CACpD,EACC,IAAI,EAET,UAAYM,GAGV1B,EAAY,WAAW0B,EAAK,KAAK,EAC9B,MAAON,GAAU,IAAIX,EAAcK,CAAW,EAAE,IAAIM,CAAK,CAAC,EAC1D,IAAI,CACX,CACF,CACF",
6
+ "names": ["hexaStringToBuffer", "UnknownDAError", "UserInteractionRequired", "XStateDeviceAction", "EitherAsync", "Left", "Maybe", "Right", "assign", "fromPromise", "setup", "InitTask", "ParseStreamToDeviceTask", "SignBlockTask", "eitherSeqRecord", "required", "raiseAndAssign", "AddToTrustchainDeviceAction", "internalApi", "initCommand", "parseStream", "signBlock", "event", "context", "input", "blocks", "sessionKeypair", "rootStream", "seedBlock", "_", "args"]
7
7
  }
package/lib/esm/internal/app-binder/device-action/AuthenticateDeviceAction.js CHANGED
@@ -1,2 +1,2 @@
1
- import{OpenAppDeviceAction as g,UserInteractionRequired as d,XStateDeviceAction as S}from"@ledgerhq/device-management-kit";import{EitherAsync as m,Left as h,Right as l}from"purify-ts";import{assign as y,fromPromise as p,setup as I}from"xstate";import{LKRPDataSourceError as k,LKRPMissingDataError as D,LKRPTrustchainNotReady as f,LKRPUnauthorizedError as M,LKRPUnknownError as E}from"../../../api/app-binder/Errors";import{SignChallengeWithDeviceTask as v}from"../../app-binder/task/SignChallengeWithDeviceTask";import{SignChallengeWithKeypairTask as K}from"../../app-binder/task/SignChallengeWithKeypairTask";import{eitherSeqRecord as A}from"../../utils/eitherSeqRecord";import{LKRPBlockStream as w}from"../../utils/LKRPBlockStream";import{required as n}from"../../utils/required";import{raiseAndAssign as u}from"./utils/raiseAndAssign";import{AddToTrustchainDeviceAction as P}from"./AddToTrustchainDeviceAction";const T="Ledger Sync";class W extends S{makeStateMachine(c){const{deviceAuth:r,keypairAuth:i,getTrustchain:s,extractEncryptionKey:o}=this.extractDependencies(c);return I({types:{input:{},context:{},output:{}},actors:{openAppStateMachine:new g({input:{appName:T}}).makeStateMachine(c),deviceAuth:p(r),keypairAuth:p(i),getTrustchain:p(s),addToTrustchainStateMachine:new P({input:h(new D("Missing input for GetEncryptionKey"))}).makeStateMachine(c),extractEncryptionKey:p(o)},actions:{assignErrorFromEvent:u(({event:t})=>h(new E(String(t.error))))},guards:{hasNoTrustchainId:({context:t})=>!t.input.trustchainId,isTrustchainMember:({context:t})=>t._internalState.toMaybe().map(e=>e.wasAddedToTrustchain||e.applicationStream?.hasMember(t.input.keypair.pubKeyToHex())).extract()??!1}}).createMachine({id:"AuthenticateDeviceAction",context:({input:t})=>({input:t,intermediateValue:{requiredUserInteraction:d.None},_internalState:l({trustchainId:null,jwt:null,trustchain:null,applicationStream:null,encryptionKey:null,wasAddedToTrustchain:!1})}),initial:"CheckCredentials",states:{CheckCredentials:{always:[{target:"DeviceAuth",guard:"hasNoTrustchainId"},{target:"KeypairAuth"}]},KeypairAuth:{on:{success:"GetTrustchain",invalidCredentials:"DeviceAuth",error:"Error"},invoke:{id:"keypairAuth",src:"keypairAuth",input:({context:t})=>({lkrpDataSource:t.input.lkrpDataSource,keypair:t.input.keypair,trustchainId:n(t.input.trustchainId,"Missing Trustchain ID in the input")}),onError:{actions:"assignErrorFromEvent"},onDone:{actions:u(({context:t,event:e})=>e.output.map(({jwt:a})=>({raise:"success",assign:{jwt:a}})).mapLeft(a=>a instanceof k&&a.status==="UNAUTHORIZED"?new M(t.input.trustchainId):a))}}},DeviceAuth:{on:{success:"GetTrustchain",error:"Error"},initial:"OpenApp",states:{OpenApp:{on:{success:"Auth"},invoke:{id:"openApp",src:"openAppStateMachine",input:{appName:T},onError:{actions:"assignErrorFromEvent"},onDone:{actions:u(({event:t})=>t.output.map(()=>({raise:"success"})))}}},Auth:{entry:y({intermediateValue:{requiredUserInteraction:"connect-ledger-sync"}}),exit:y({intermediateValue:{requiredUserInteraction:d.None}}),invoke:{id:"deviceAuth",src:"deviceAuth",input:({context:t})=>t.input,onError:{actions:"assignErrorFromEvent"},onDone:{actions:u(({event:t})=>t.output.chain(e=>e.trustchainId.caseOf({Nothing:()=>h(new f),Just:a=>l({raise:"success",assign:{jwt:e.jwt,trustchainId:a}})})))}}}}},GetTrustchain:{on:{success:"CheckIsMembers",invalidCredentials:"KeypairAuth",error:"Error"},invoke:{id:"getTrustchain",src:"getTrustchain",input:({context:t})=>t._internalState.chain(e=>A({lkrpDataSource:t.input.lkrpDataSource,applicationId:t.input.applicationId,trustchainId:()=>n(e.trustchainId??t.input.trustchainId,"Missing Trustchain ID for GetTrustchain"),jwt:()=>n(e.jwt,"Missing JWT for GetTrustchain")})),onError:{actions:"assignErrorFromEvent"},onDone:{actions:u(({event:t})=>t.output.map(({trustchain:e,applicationStream:a})=>({raise:"success",assign:{trustchain:e,applicationStream:a}})))}}},CheckIsMembers:{always:[{target:"ExtractEncryptionKey",guard:"isTrustchainMember"},{target:"AddToTrustchain"}]},AddToTrustchain:{on:{success:"GetTrustchain",error:"Error"},invoke:{id:"AddToTrustchain",src:"addToTrustchainStateMachine",input:({context:t})=>t._internalState.mapLeft(()=>new D("Missing data in the input for AddToTrustchain")).chain(e=>A({lkrpDataSource:t.input.lkrpDataSource,keypair:t.input.keypair,clientName:t.input.clientName,permissions:t.input.permissions,jwt:()=>n(e.jwt,"Missing JWT for AddToTrustchain"),trustchainId:()=>n(e.trustchainId??t.input.trustchainId,"Missing Trustchain ID for AddToTrustchain"),trustchain:()=>n(e.trustchain,"Missing Trustchain for AddToTrustchain"),applicationStream:()=>n(e.applicationStream,"Missing application stream for AddToTrustchain")})),onError:{actions:"assignErrorFromEvent"},onDone:{actions:u(({event:t})=>t.output.map(()=>({raise:"success",assign:{wasAddedToTrustchain:!0}})))}}},ExtractEncryptionKey:{on:{success:"Success",error:"Error"},invoke:{id:"ExtractEncryptionKey",src:"extractEncryptionKey",input:({context:t})=>t._internalState.chain(e=>n(e.applicationStream,"Missing application stream for ExtractEncryptionKey").map(a=>({applicationStream:a,keypair:t.input.keypair}))),onError:{actions:"assignErrorFromEvent"},onDone:{actions:u(({event:t})=>t.output.map(e=>({raise:"success",assign:{encryptionKey:e}})))}}},Success:{type:"final"},Error:{type:"final"}},output:({context:t})=>t._internalState.chain(e=>A({trustchainId:()=>n(e.trustchainId??t.input.trustchainId,"Missing Trustchain ID in the output"),jwt:()=>n(e.jwt,"Missing JWT in the output"),applicationPath:()=>n(e.applicationStream?.getPath().extract(),"Missing application path in the output"),encryptionKey:()=>n(e.encryptionKey,"Missing encryption key in the output")}))})}extractDependencies(c){return{deviceAuth:r=>this.auth(r.input.lkrpDataSource,new v(c)).run(),keypairAuth:r=>{const{lkrpDataSource:i,keypair:s}=r.input;return m.liftEither(r.input.trustchainId).chain(o=>this.auth(i,new K(s,o))).run()},getTrustchain:r=>m.liftEither(r.input).chain(({applicationId:i,lkrpDataSource:s,trustchainId:o,jwt:t})=>s.getTrustchainById(o,t).map(e=>({trustchain:e,applicationStream:e[`m/${i}'`]??w.fromPath(`m/0'/${i}'/0'`)}))).run(),extractEncryptionKey:async r=>Promise.resolve(r.input.chain(({applicationStream:i,keypair:s})=>i.getPublishedKey(s).toEither(new E("There is no encryption key for the current member in the application stream."))).map(i=>i.privateKey))}}auth(c,r){return c.getChallenge().chain(i=>r.run(i)).chain(i=>c.authenticate(i))}}export{W as AuthenticateDeviceAction};
1
+ import{OpenAppDeviceAction as E,UnknownDAError as l,UserInteractionRequired as m,XStateDeviceAction as S}from"@ledgerhq/device-management-kit";import{EitherAsync as y,Left as p,Right as A}from"purify-ts";import{assign as D,fromPromise as h,setup as k}from"xstate";import{LKRPMissingDataError as g,LKRPUnauthorizedError as I,LKRPUnhandledState as f}from"../../../api/app-binder/Errors";import{SignChallengeWithDeviceTask as v}from"../../app-binder/task/SignChallengeWithDeviceTask";import{SignChallengeWithKeypairTask as M}from"../../app-binder/task/SignChallengeWithKeypairTask";import{eitherSeqRecord as d}from"../../utils/eitherSeqRecord";import{LKRPBlockStream as w}from"../../utils/LKRPBlockStream";import{required as r}from"../../utils/required";import{raiseAndAssign as s}from"./utils/raiseAndAssign";import{AddToTrustchainDeviceAction as K}from"./AddToTrustchainDeviceAction";const T="Ledger Sync";class V extends S{makeStateMachine(a){const{deviceAuth:n,keypairAuth:i,getTrustchain:u,extractEncryptionKey:c}=this.extractDependencies(a);return k({types:{input:{},context:{},output:{}},actors:{openAppStateMachine:new E({input:{appName:T}}).makeStateMachine(a),deviceAuth:h(n),keypairAuth:h(i),getTrustchain:h(u),addToTrustchainStateMachine:new K({input:p(new g("Missing input for GetEncryptionKey"))}).makeStateMachine(a),extractEncryptionKey:h(c)},actions:{assignErrorFromEvent:s(({event:t})=>p(new l(String(t.error))))},guards:{hasNoTrustchainId:({context:t})=>!t.input.trustchainId,hasNoJwt:({context:t})=>!t.input.jwt,isTrustchainMember:({context:t})=>t._internalState.toMaybe().map(e=>e.wasAddedToTrustchain||e.applicationStream?.hasMember(t.input.keypair.pubKeyToHex())).extract()??!1}}).createMachine({id:"AuthenticateDeviceAction",context:({input:t})=>({input:t,intermediateValue:{requiredUserInteraction:m.None},_internalState:A({trustchainId:null,jwt:null,trustchain:null,applicationStream:null,encryptionKey:null,wasAddedToTrustchain:!1})}),initial:"CheckCredentials",states:{CheckCredentials:{always:[{target:"DeviceAuth",guard:"hasNoTrustchainId"},{target:"KeypairAuth",guard:"hasNoJwt"},{target:"GetTrustchain"}]},KeypairAuth:{on:{success:"GetTrustchain",invalidCredentials:"DeviceAuth",error:"Error"},invoke:{id:"keypairAuth",src:"keypairAuth",input:({context:t})=>({lkrpDataSource:t.input.lkrpDataSource,keypair:t.input.keypair,trustchainId:r(t.input.trustchainId,"Missing Trustchain ID in the input")}),onError:{actions:"assignErrorFromEvent"},onDone:{actions:s(({event:t})=>t.output.map(({jwt:e})=>({raise:"success",assign:{jwt:e}})).chainLeft(e=>e instanceof I?A({raise:"invalidCredentials"}):p(e)))}}},DeviceAuth:{on:{success:"GetTrustchain",error:"Error"},initial:"OpenApp",states:{OpenApp:{on:{success:"Auth"},invoke:{id:"openApp",src:"openAppStateMachine",input:{appName:T},onError:{actions:"assignErrorFromEvent"},onDone:{actions:s(({event:t})=>t.output.map(()=>({raise:"success"})))}}},Auth:{entry:D({intermediateValue:{requiredUserInteraction:"connect-ledger-sync"}}),exit:D({intermediateValue:{requiredUserInteraction:m.None}}),invoke:{id:"deviceAuth",src:"deviceAuth",input:({context:t})=>t.input,onError:{actions:"assignErrorFromEvent"},onDone:{actions:s(({event:t})=>t.output.chain(e=>e.trustchainId.caseOf({Nothing:()=>p(new f("The trustchain is empty")),Just:o=>A({raise:"success",assign:{jwt:e.jwt,trustchainId:o}})})))}}}}},GetTrustchain:{on:{success:"CheckIsMembers",invalidCredentials:"KeypairAuth",error:"Error"},invoke:{id:"getTrustchain",src:"getTrustchain",input:({context:t})=>t._internalState.chain(e=>d({lkrpDataSource:t.input.lkrpDataSource,applicationId:t.input.applicationId,trustchainId:()=>r(e.trustchainId??t.input.trustchainId,"Missing Trustchain ID in the input for GetTrustchain"),jwt:()=>r(e.jwt??t.input.jwt,"Missing JWT in the input for GetTrustchain")})),onError:{actions:"assignErrorFromEvent"},onDone:{actions:s(({event:t})=>t.output.map(({trustchain:e,applicationStream:o})=>({raise:"success",assign:{trustchain:e,applicationStream:o}})))}}},CheckIsMembers:{always:[{target:"ExtractEncryptionKey",guard:"isTrustchainMember"},{target:"AddToTrustchain"}]},AddToTrustchain:{on:{success:"GetTrustchain",error:"Error"},invoke:{id:"AddToTrustchain",src:"addToTrustchainStateMachine",input:({context:t})=>t._internalState.mapLeft(()=>new g("Missing data in the input for AddToTrustchain")).chain(e=>d({lkrpDataSource:t.input.lkrpDataSource,keypair:t.input.keypair,clientName:t.input.clientName,permissions:t.input.permissions,jwt:()=>r(e.jwt??t.input.jwt,"Missing JWT in the input for AddToTrustchain"),trustchainId:()=>r(e.trustchainId??t.input.trustchainId,"Missing Trustchain ID in the input for GetTrustchain"),trustchain:()=>r(e.trustchain,"Missing Trustchain in the input for AddToTrustchain"),applicationStream:()=>r(e.applicationStream,"Missing application stream in the input for AddToTrustchain")})),onError:{actions:"assignErrorFromEvent"},onDone:{actions:s(({event:t})=>t.output.map(()=>({raise:"success",assign:{wasAddedToTrustchain:!0}})))}}},ExtractEncryptionKey:{on:{success:"Success",error:"Error"},invoke:{id:"ExtractEncryptionKey",src:"extractEncryptionKey",input:({context:t})=>t._internalState.chain(e=>r(e.applicationStream,"Missing application stream").map(o=>({applicationStream:o,keypair:t.input.keypair}))),onError:{actions:"assignErrorFromEvent"},onDone:{actions:s(({event:t})=>t.output.map(e=>({raise:"success",assign:{encryptionKey:e}})))}}},Success:{type:"final"},Error:{type:"final"}},output:({context:t})=>t._internalState.chain(e=>d({trustchainId:()=>r(e.trustchainId??t.input.trustchainId,"Missing Trustchain ID in the output"),jwt:()=>r(e.jwt??t.input.jwt,"Missing JWT in the output"),applicationPath:()=>r(e.applicationStream?.getPath().extract(),"Missing application path in the output"),encryptionKey:()=>r(e.encryptionKey,"Missing encryption key in the output")}))})}extractDependencies(a){return{deviceAuth:n=>this.auth(n.input.lkrpDataSource,new v(a)).run(),keypairAuth:n=>{const{lkrpDataSource:i,keypair:u}=n.input;return y.liftEither(n.input.trustchainId).chain(c=>this.auth(i,new M(u,c))).run()},getTrustchain:n=>y.liftEither(n.input).chain(({applicationId:i,lkrpDataSource:u,trustchainId:c,jwt:t})=>u.getTrustchainById(c,t).map(e=>({trustchain:e,applicationStream:e[`m/${i}'`]??w.fromPath(`m/0'/${i}'/0'`)}))).run(),extractEncryptionKey:async n=>Promise.resolve(n.input.chain(({applicationStream:i,keypair:u})=>i.getPublishedKey(u).toEither(new l("There is no encryption key for the current member in the application stream."))).map(i=>i.privateKey))}}auth(a,n){return a.getChallenge().chain(i=>n.run(i)).chain(i=>a.authenticate(i))}}export{V as AuthenticateDeviceAction};
2
2
  //# sourceMappingURL=AuthenticateDeviceAction.js.map
package/lib/esm/internal/app-binder/device-action/AuthenticateDeviceAction.js.map CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "version": 3,
3
3
  "sources": ["../../../../../src/internal/app-binder/device-action/AuthenticateDeviceAction.ts"],
4
- "sourcesContent": ["import {\n type DeviceActionStateMachine,\n type InternalApi,\n OpenAppDeviceAction,\n type StateMachineTypes,\n UserInteractionRequired,\n XStateDeviceAction,\n} from \"@ledgerhq/device-management-kit\";\nimport { type Either, EitherAsync, Left, Right } from \"purify-ts\";\nimport { assign, fromPromise, setup } from \"xstate\";\n\nimport {\n type AuthenticateDAError,\n type AuthenticateDAInput,\n type AuthenticateDAIntermediateValue,\n type AuthenticateDAInternalState,\n type AuthenticateDAOutput,\n} from \"@api/app-binder/AuthenticateDeviceActionTypes\";\nimport {\n LKRPDataSourceError,\n LKRPMissingDataError,\n LKRPTrustchainNotReady,\n LKRPUnauthorizedError,\n LKRPUnknownError,\n} from \"@api/app-binder/Errors\";\nimport { type Keypair } from \"@api/app-binder/LKRPTypes\";\nimport { type JWT } from \"@api/index\";\nimport { SignChallengeWithDeviceTask } from \"@internal/app-binder/task/SignChallengeWithDeviceTask\";\nimport { SignChallengeWithKeypairTask } from \"@internal/app-binder/task/SignChallengeWithKeypairTask\";\nimport {\n type AuthenticationPayload,\n type Challenge,\n type LKRPDataSource,\n} from \"@internal/lkrp-datasource/data/LKRPDataSource\";\nimport { eitherSeqRecord } from \"@internal/utils/eitherSeqRecord\";\nimport { LKRPBlockStream } from \"@internal/utils/LKRPBlockStream\";\nimport { required } from \"@internal/utils/required\";\n\nimport { raiseAndAssign } from \"./utils/raiseAndAssign\";\nimport { AddToTrustchainDeviceAction } from \"./AddToTrustchainDeviceAction\";\n\nconst APP_NAME = \"Ledger Sync\";\n\nexport class AuthenticateDeviceAction extends XStateDeviceAction<\n AuthenticateDAOutput,\n AuthenticateDAInput,\n AuthenticateDAError,\n AuthenticateDAIntermediateValue,\n AuthenticateDAInternalState\n> {\n makeStateMachine(\n internalApi: InternalApi,\n ): DeviceActionStateMachine<\n AuthenticateDAOutput,\n AuthenticateDAInput,\n AuthenticateDAError,\n AuthenticateDAIntermediateValue,\n AuthenticateDAInternalState\n > {\n type types = StateMachineTypes<\n AuthenticateDAOutput,\n AuthenticateDAInput,\n AuthenticateDAError,\n AuthenticateDAIntermediateValue,\n AuthenticateDAInternalState\n >;\n\n const { deviceAuth, keypairAuth, getTrustchain, extractEncryptionKey } =\n this.extractDependencies(internalApi);\n\n return setup({\n types: {\n input: {} as types[\"input\"],\n context: {} as types[\"context\"],\n output: {} as types[\"output\"],\n },\n\n actors: {\n openAppStateMachine: new OpenAppDeviceAction({\n input: { appName: APP_NAME },\n }).makeStateMachine(internalApi),\n\n deviceAuth: fromPromise(deviceAuth),\n keypairAuth: fromPromise(keypairAuth),\n\n getTrustchain: fromPromise(getTrustchain),\n\n addToTrustchainStateMachine: new AddToTrustchainDeviceAction({\n input: Left(\n new LKRPMissingDataError(\"Missing input for GetEncryptionKey\"),\n ),\n }).makeStateMachine(internalApi),\n\n extractEncryptionKey: fromPromise(extractEncryptionKey),\n },\n\n actions: {\n assignErrorFromEvent: raiseAndAssign(\n ({ event }) =>\n Left(\n new LKRPUnknownError(\n String((event as { error?: unknown }).error),\n ),\n ), // NOTE: it should never happen, the error is not typed anymore here\n ),\n },\n\n guards: {\n hasNoTrustchainId: ({ context }) => !context.input.trustchainId,\n isTrustchainMember: ({ context }) =>\n context._internalState\n .toMaybe()\n .map(\n (state) =>\n state.wasAddedToTrustchain ||\n state.applicationStream?.hasMember(\n context.input.keypair.pubKeyToHex(),\n ),\n )\n .extract() ?? false,\n },\n }).createMachine({\n /** @xstate-layout N4IgpgJg5mDOIC5QEECuAXAFmAduglgMYCG6YAImAG5FjKEED2OAdAMLaEDWbATpLgLEANrADEAbQAMAXUSgADo1j4mOeSAAeiAMxSALC30BOHfoDsAJinGAHADYp94wBoQAT0QBaAKwsf9lYBAIzB9jrm5vr6OgC+sW5oWIJEpBTUtPRq7Jw8-BApIuISwXJIIEoqahraCDrBOizG+pb2tq06PlJStvo+bp4IPsZSLBHBprZWnVI+tvGJGNh4qWSUNIR0DPjMOWDcfAIrRZKWZYrKqjvq5bU6lsZGkb0Rsz1TOgOII34+oebGQJmOytBYgJLLAgkNYZTZZa4sADSYHcCmI+F4ELEEGYYBY+BwVEYXDxJNR6MxS2k5wql2qt0Q9miLEsJh8lmewWGrK+Q30wSMOk61k6OjaLTBEJS0PSGy22WR5IxWLAvF4jF4LAUwlIADMNQBbFhktHKqmyDSVK7MGqM+r+Fr6WyA8xM2zBSy86LmJq2Axi-T2YZTQGSpbStLrTLbXaK02UrBiWCoQibWCwamWunXW0IYw+H2BVmWOa2MxScy88xSAXmYJlh5CiYBYxh5IrGVRuEx1hxilYglUET4CCHArHUSZ8pW+mgWrO0b8-kPYyWDkxfS8gujWb2Cb3fmRAxtyGrWXRhUo+MqtUaqcXKo5hl55xNMzBCyzZp9TceRl-FhHCcHo11aKIfBPCMYTleFdi7OgliTFM0wzC1p2zG1nw9fRRmaRwTDXcIuk9P8EEDUZzB0fNLGCOtzB8LpWwScFww7SNYXlBF4JvdVeHvWlH0wudEA-GwjFomsDBsHDPlIj9DFsdkAldZ4WhLSC2Ogi8uI4iEWAAeQUXBkAUBRsVxfFCWJPFGCMnATIUfiZyfYSEHsIMmkiB4PUsCJ3RIwZaMaBouVdFoqJ8Cx5mYqVNPPbtsm4pYDLshyxFVXitR1dB9V4I1bOM0ynIwm5XKZQwGMi3yzHuBsq0eQJehsCZFNdCYNKhdiYJ7FgkqwFLCrM5NUzgVCaWcoStG+MIWArYIDF6BiPzaXkHgq3o2qZSxFLiGLWM6rSEp0mDkqxHEcDxQdrJYAoTqwYrBNKqaEHm0wWHaLoJnMP12nCXl61sFkPymAJulscHAw6s9uJ6vrMBYHiNSyvVDRu3TzXGkrc3mgExmMBoTBGIifFkwZmhYNrqzLejGLsKHO10nqAHEwHQAAVXhUFgdBCEwdEcHMi7LKJEkWBgdnOe53n+Ye60ntqBoAPc4wrHCewaO+gLEHdAVqbaJwwmaXbFnbA74s43YWYlrmeb5gl0tvTVtRRvKxdZjmbelglZdnZ6CYq-MLDMaIpAefpSLrPwehsBxqw9Tp6a67TLfdyXbf5pCRvTH2XL9gI-HoktXv5aTeVMRpJidZ0HgrGxE8Oi3WCtj2pbtgXB2HUd8kKSc0IfOXc3CQHKJ0Z0zHV9oJl5BwKOmesbGLMt6-N2Cm9Tz224d3ic8mhWTEBlpXWaKQxXaepeSDAUgLaEsZnm42WNN6HGeyDh9i4ABJWAAFkwANAAjVU4h8CwAAAQGj-oAvifcBIDywmPQC3RPx6Eos4Um3wVbvX9A8QIPRL7Lxhq-XIX9f4AKAWIEBoCcCMHQOAyBqod7yxEiGCmykGjuiApRMuvkjABFHv5eoJgCEvwRG-bgJD6G8HEBlO8MCJpMJeuBd6Jh1azDDs4C+Stug3xJp9E+wjurZGQBACAbNGAt3Tvbc6l0rKi2MaY8xacvY4EYbmGizoxjemMCMU+oRbD1UaM6J0dg5jxwfrFM2hCET2LMRY5xW8kbOxyqjGJjiN4yzkVjZ8NERizQ9ACVohF6JVgMLNIC3R6glimJYAxydWCpLiZvYaKFXHZL6IDPQYRb4ODFKYMuHkIZ+iIt4qItSjq7AaU4zeMjoGY0em4z8-hwg0Vqg0E+v5Bjg0BmEP4gIzAPGsPYMZjcWAAFFNDoF4MQBgpycCEF4KiNQipM4tMyfM7JE93oAnaFMb6AJ0EvXWf4CswwIishPq6Y5q8zkXKuTcu5DyFBPJRAk2ZWZ3muVaDWFgH5lreL9Ixew-S-AQzrICE+phjxgmoQUeA5QInP0MbneRuY-Q4vmlMQIEwwiOErKRLw+Yxg0VLJEAGYpwn7UZXUvYBxu4Tjpf3X2Cttrsp6Cpbl7kKy8i8D6d0VgTA1lqvmJee0n4MyZbGK8-Yljorga5dkPoR7OnmkGCp4dBjhEeODTVjp2GzChbDdGWBbVKsQA6poq5Vzg1mO6fx-LdXCudN9dyJM6zRRNqec10q4YDXsqZENudagFj8N4g50bQlxsGByAUcwLAxCZOXMwAbEpBvhhCAtu8RIUtVWEPo4ryqrQcIBfWLRfpgWCM2hEzcpn8w7Qoj0DExj0XxSTcqAL8aLlHhYRwTJd1HNNZmpO4zWBiM-j-SRCrYGhpem0A+1gGw0VmH8d12tvFNACNEfMdZgIQQPVBFePVJnpIJHOtxu5ZpRBaiYLyGztZlgprRJNURVFNr-XFKJuxzmXOuegW59zHnXEVKBtpM0Qx7kog4RwHp-pAq6K6fW4rKL6EnbsAAyshUaxHMWuksEK9R312j4xo0KFkBYmQ7JGN0cwLHWCnMdlx56HJ6IshLNtcC3ogz9MMOECwxYnTAn3fEIAA */\n\n id: \"AuthenticateDeviceAction\",\n context: ({ input }): types[\"context\"] => ({\n input,\n intermediateValue: {\n requiredUserInteraction: UserInteractionRequired.None,\n },\n _internalState: Right({\n trustchainId: null,\n jwt: null,\n trustchain: null,\n applicationStream: null,\n encryptionKey: null,\n wasAddedToTrustchain: false,\n }),\n }),\n\n initial: \"CheckCredentials\",\n states: {\n CheckCredentials: {\n always: [\n { target: \"DeviceAuth\", guard: \"hasNoTrustchainId\" },\n { target: \"KeypairAuth\" },\n ],\n },\n\n KeypairAuth: {\n on: {\n success: \"GetTrustchain\",\n invalidCredentials: \"DeviceAuth\",\n error: \"Error\",\n },\n invoke: {\n id: \"keypairAuth\",\n src: \"keypairAuth\",\n input: ({ context }) => ({\n lkrpDataSource: context.input.lkrpDataSource,\n keypair: context.input.keypair,\n trustchainId: required(\n context.input.trustchainId,\n \"Missing Trustchain ID in the input\",\n ),\n }),\n onError: { actions: \"assignErrorFromEvent\" },\n onDone: {\n actions: raiseAndAssign(({ context, event }) =>\n event.output\n .map(({ jwt }) => ({ raise: \"success\", assign: { jwt } }))\n .mapLeft((error) =>\n error instanceof LKRPDataSourceError &&\n error.status === \"UNAUTHORIZED\"\n ? new LKRPUnauthorizedError(context.input.trustchainId)\n : error,\n ),\n ),\n },\n },\n },\n\n DeviceAuth: {\n on: { success: \"GetTrustchain\", error: \"Error\" },\n initial: \"OpenApp\",\n states: {\n OpenApp: {\n // TODO snapshot for intermediateValue\n on: { success: \"Auth\" },\n invoke: {\n id: \"openApp\",\n src: \"openAppStateMachine\",\n input: { appName: APP_NAME },\n onError: { actions: \"assignErrorFromEvent\" },\n onDone: {\n actions: raiseAndAssign(({ event }) =>\n event.output.map(() => ({ raise: \"success\" })),\n ),\n },\n },\n },\n\n Auth: {\n entry: assign({\n intermediateValue: {\n requiredUserInteraction: \"connect-ledger-sync\",\n },\n }),\n exit: assign({\n intermediateValue: {\n requiredUserInteraction: UserInteractionRequired.None,\n },\n }),\n invoke: {\n id: \"deviceAuth\",\n src: \"deviceAuth\",\n input: ({ context }) => context.input,\n onError: { actions: \"assignErrorFromEvent\" },\n onDone: {\n actions: raiseAndAssign(({ event }) =>\n event.output.chain((payload) =>\n payload.trustchainId.caseOf({\n Nothing: () => Left(new LKRPTrustchainNotReady()),\n Just: (trustchainId) =>\n Right({\n raise: \"success\",\n assign: { jwt: payload.jwt, trustchainId },\n }),\n }),\n ),\n ),\n },\n },\n },\n },\n },\n\n GetTrustchain: {\n on: {\n success: \"CheckIsMembers\",\n invalidCredentials: \"KeypairAuth\",\n error: \"Error\",\n },\n invoke: {\n id: \"getTrustchain\",\n src: \"getTrustchain\",\n input: ({ context }) =>\n context._internalState.chain((state) =>\n eitherSeqRecord({\n lkrpDataSource: context.input.lkrpDataSource,\n applicationId: context.input.applicationId,\n trustchainId: () =>\n required(\n state.trustchainId ?? context.input.trustchainId,\n \"Missing Trustchain ID for GetTrustchain\",\n ),\n jwt: () =>\n required(state.jwt, \"Missing JWT for GetTrustchain\"),\n }),\n ),\n onError: { actions: \"assignErrorFromEvent\" },\n onDone: {\n actions: raiseAndAssign(({ event }) =>\n event.output.map(({ trustchain, applicationStream }) => ({\n raise: \"success\",\n assign: { trustchain, applicationStream },\n })),\n ),\n },\n },\n },\n\n CheckIsMembers: {\n always: [\n { target: \"ExtractEncryptionKey\", guard: \"isTrustchainMember\" },\n { target: \"AddToTrustchain\" },\n ],\n },\n\n AddToTrustchain: {\n // TODO snapshot for intermediateValue\n on: {\n success: \"GetTrustchain\",\n error: \"Error\",\n },\n invoke: {\n id: \"AddToTrustchain\",\n src: \"addToTrustchainStateMachine\",\n input: ({ context }) =>\n context._internalState\n .mapLeft(\n () =>\n new LKRPMissingDataError(\n \"Missing data in the input for AddToTrustchain\",\n ),\n )\n .chain((state) =>\n eitherSeqRecord({\n lkrpDataSource: context.input.lkrpDataSource,\n keypair: context.input.keypair,\n clientName: context.input.clientName,\n permissions: context.input.permissions,\n jwt: () =>\n required(state.jwt, \"Missing JWT for AddToTrustchain\"),\n trustchainId: () =>\n required(\n state.trustchainId ?? context.input.trustchainId,\n \"Missing Trustchain ID for AddToTrustchain\",\n ),\n trustchain: () =>\n required(\n state.trustchain,\n \"Missing Trustchain for AddToTrustchain\",\n ),\n applicationStream: () =>\n required(\n state.applicationStream,\n \"Missing application stream for AddToTrustchain\",\n ),\n }),\n ),\n onError: { actions: \"assignErrorFromEvent\" },\n onDone: {\n actions: raiseAndAssign(({ event }) =>\n event.output.map(() => ({\n raise: \"success\",\n assign: { wasAddedToTrustchain: true },\n })),\n ),\n },\n },\n },\n\n ExtractEncryptionKey: {\n on: { success: \"Success\", error: \"Error\" },\n invoke: {\n id: \"ExtractEncryptionKey\",\n src: \"extractEncryptionKey\",\n input: ({ context }) =>\n context._internalState.chain((state) =>\n required(\n state.applicationStream,\n \"Missing application stream for ExtractEncryptionKey\",\n ).map((applicationStream) => ({\n applicationStream,\n keypair: context.input.keypair,\n })),\n ),\n onError: { actions: \"assignErrorFromEvent\" },\n onDone: {\n actions: raiseAndAssign(({ event }) =>\n event.output.map((encryptionKey) => ({\n raise: \"success\",\n assign: { encryptionKey },\n })),\n ),\n },\n },\n },\n\n Success: { type: \"final\" },\n\n Error: { type: \"final\" },\n },\n\n output: ({ context }) =>\n context._internalState.chain((state) =>\n eitherSeqRecord({\n trustchainId: () =>\n required(\n state.trustchainId ?? context.input.trustchainId,\n \"Missing Trustchain ID in the output\",\n ),\n jwt: () => required(state.jwt, \"Missing JWT in the output\"),\n applicationPath: () =>\n required(\n state.applicationStream?.getPath().extract(),\n \"Missing application path in the output\",\n ),\n encryptionKey: () =>\n required(\n state.encryptionKey,\n \"Missing encryption key in the output\",\n ),\n }),\n ),\n });\n }\n\n extractDependencies(internalApi: InternalApi) {\n return {\n deviceAuth: (args: { input: { lkrpDataSource: LKRPDataSource } }) =>\n this.auth(\n args.input.lkrpDataSource,\n new SignChallengeWithDeviceTask(internalApi),\n ).run(),\n\n keypairAuth: (args: {\n input: Pick<AuthenticateDAInput, \"lkrpDataSource\" | \"keypair\"> & {\n trustchainId: Either<LKRPMissingDataError, string>;\n };\n }) => {\n const { lkrpDataSource, keypair } = args.input;\n return EitherAsync.liftEither(args.input.trustchainId)\n .chain((trustchainId) =>\n this.auth(\n lkrpDataSource,\n new SignChallengeWithKeypairTask(keypair, trustchainId),\n ),\n )\n .run();\n },\n\n getTrustchain: (args: {\n input: Either<\n AuthenticateDAError,\n {\n applicationId: number;\n lkrpDataSource: LKRPDataSource;\n trustchainId: string;\n jwt: JWT;\n }\n >;\n }) =>\n EitherAsync.liftEither(args.input)\n .chain(({ applicationId, lkrpDataSource, trustchainId, jwt }) =>\n lkrpDataSource\n .getTrustchainById(trustchainId, jwt)\n .map((trustchain) => ({\n trustchain,\n applicationStream:\n trustchain[`m/${applicationId}'`] ??\n LKRPBlockStream.fromPath(`m/0'/${applicationId}'/0'`),\n })),\n )\n .run(),\n\n extractEncryptionKey: async (args: {\n input: Either<\n AuthenticateDAError,\n {\n applicationStream: LKRPBlockStream;\n keypair: Keypair;\n }\n >;\n }) => {\n // TODO additional derivations should be supported:\n // https://github.com/LedgerHQ/ledger-live/blob/develop/libs/hw-ledger-key-ring-protocol/src/Device.ts#L216...L226\n // Probably not needed for Ledger Sync\n return Promise.resolve(\n args.input\n .chain(({ applicationStream, keypair }) =>\n applicationStream\n .getPublishedKey(keypair)\n .toEither(\n new LKRPUnknownError(\n \"There is no encryption key for the current member in the application stream.\",\n ),\n ),\n )\n .map((key) => key.privateKey),\n );\n },\n };\n }\n\n private auth(\n lkrpDataSource: LKRPDataSource,\n signerTask: {\n run: (\n challenge: Challenge,\n ) => PromiseLike<Either<AuthenticateDAError, AuthenticationPayload>>;\n },\n ) {\n return lkrpDataSource\n .getChallenge()\n .chain((challenge) => signerTask.run(challenge))\n .chain((payload) => lkrpDataSource.authenticate(payload));\n }\n}\n"],
5
- "mappings": "AAAA,OAGE,uBAAAA,EAEA,2BAAAC,EACA,sBAAAC,MACK,kCACP,OAAsB,eAAAC,EAAa,QAAAC,EAAM,SAAAC,MAAa,YACtD,OAAS,UAAAC,EAAQ,eAAAC,EAAa,SAAAC,MAAa,SAS3C,OACE,uBAAAC,EACA,wBAAAC,EACA,0BAAAC,EACA,yBAAAC,EACA,oBAAAC,MACK,yBAGP,OAAS,+BAAAC,MAAmC,wDAC5C,OAAS,gCAAAC,MAAoC,yDAM7C,OAAS,mBAAAC,MAAuB,kCAChC,OAAS,mBAAAC,MAAuB,kCAChC,OAAS,YAAAC,MAAgB,2BAEzB,OAAS,kBAAAC,MAAsB,yBAC/B,OAAS,+BAAAC,MAAmC,gCAE5C,MAAMC,EAAW,cAEV,MAAMC,UAAiCpB,CAM5C,CACA,iBACEqB,EAOA,CASA,KAAM,CAAE,WAAAC,EAAY,YAAAC,EAAa,cAAAC,EAAe,qBAAAC,CAAqB,EACnE,KAAK,oBAAoBJ,CAAW,EAEtC,OAAOf,EAAM,CACX,MAAO,CACL,MAAO,CAAC,EACR,QAAS,CAAC,EACV,OAAQ,CAAC,CACX,EAEA,OAAQ,CACN,oBAAqB,IAAIR,EAAoB,CAC3C,MAAO,CAAE,QAASqB,CAAS,CAC7B,CAAC,EAAE,iBAAiBE,CAAW,EAE/B,WAAYhB,EAAYiB,CAAU,EAClC,YAAajB,EAAYkB,CAAW,EAEpC,cAAelB,EAAYmB,CAAa,EAExC,4BAA6B,IAAIN,EAA4B,CAC3D,MAAOhB,EACL,IAAIM,EAAqB,oCAAoC,CAC/D,CACF,CAAC,EAAE,iBAAiBa,CAAW,EAE/B,qBAAsBhB,EAAYoB,CAAoB,CACxD,EAEA,QAAS,CACP,qBAAsBR,EACpB,CAAC,CAAE,MAAAS,CAAM,IACPxB,EACE,IAAIS,EACF,OAAQe,EAA8B,KAAK,CAC7C,CACF,CACJ,CACF,EAEA,OAAQ,CACN,kBAAmB,CAAC,CAAE,QAAAC,CAAQ,IAAM,CAACA,EAAQ,MAAM,aACnD,mBAAoB,CAAC,CAAE,QAAAA,CAAQ,IAC7BA,EAAQ,eACL,QAAQ,EACR,IACEC,GACCA,EAAM,sBACNA,EAAM,mBAAmB,UACvBD,EAAQ,MAAM,QAAQ,YAAY,CACpC,CACJ,EACC,QAAQ,GAAK,EACpB,CACF,CAAC,EAAE,cAAc,CAGf,GAAI,2BACJ,QAAS,CAAC,CAAE,MAAAE,CAAM,KAAyB,CACzC,MAAAA,EACA,kBAAmB,CACjB,wBAAyB9B,EAAwB,IACnD,EACA,eAAgBI,EAAM,CACpB,aAAc,KACd,IAAK,KACL,WAAY,KACZ,kBAAmB,KACnB,cAAe,KACf,qBAAsB,EACxB,CAAC,CACH,GAEA,QAAS,mBACT,OAAQ,CACN,iBAAkB,CAChB,OAAQ,CACN,CAAE,OAAQ,aAAc,MAAO,mBAAoB,EACnD,CAAE,OAAQ,aAAc,CAC1B,CACF,EAEA,YAAa,CACX,GAAI,CACF,QAAS,gBACT,mBAAoB,aACpB,MAAO,OACT,EACA,OAAQ,CACN,GAAI,cACJ,IAAK,cACL,MAAO,CAAC,CAAE,QAAAwB,CAAQ,KAAO,CACvB,eAAgBA,EAAQ,MAAM,eAC9B,QAASA,EAAQ,MAAM,QACvB,aAAcX,EACZW,EAAQ,MAAM,aACd,oCACF,CACF,GACA,QAAS,CAAE,QAAS,sBAAuB,EAC3C,OAAQ,CACN,QAASV,EAAe,CAAC,CAAE,QAAAU,EAAS,MAAAD,CAAM,IACxCA,EAAM,OACH,IAAI,CAAC,CAAE,IAAAI,CAAI,KAAO,CAAE,MAAO,UAAW,OAAQ,CAAE,IAAAA,CAAI,CAAE,EAAE,EACxD,QAASC,GACRA,aAAiBxB,GACjBwB,EAAM,SAAW,eACb,IAAIrB,EAAsBiB,EAAQ,MAAM,YAAY,EACpDI,CACN,CACJ,CACF,CACF,CACF,EAEA,WAAY,CACV,GAAI,CAAE,QAAS,gBAAiB,MAAO,OAAQ,EAC/C,QAAS,UACT,OAAQ,CACN,QAAS,CAEP,GAAI,CAAE,QAAS,MAAO,EACtB,OAAQ,CACN,GAAI,UACJ,IAAK,sBACL,MAAO,CAAE,QAASZ,CAAS,EAC3B,QAAS,CAAE,QAAS,sBAAuB,EAC3C,OAAQ,CACN,QAASF,EAAe,CAAC,CAAE,MAAAS,CAAM,IAC/BA,EAAM,OAAO,IAAI,KAAO,CAAE,MAAO,SAAU,EAAE,CAC/C,CACF,CACF,CACF,EAEA,KAAM,CACJ,MAAOtB,EAAO,CACZ,kBAAmB,CACjB,wBAAyB,qBAC3B,CACF,CAAC,EACD,KAAMA,EAAO,CACX,kBAAmB,CACjB,wBAAyBL,EAAwB,IACnD,CACF,CAAC,EACD,OAAQ,CACN,GAAI,aACJ,IAAK,aACL,MAAO,CAAC,CAAE,QAAA4B,CAAQ,IAAMA,EAAQ,MAChC,QAAS,CAAE,QAAS,sBAAuB,EAC3C,OAAQ,CACN,QAASV,EAAe,CAAC,CAAE,MAAAS,CAAM,IAC/BA,EAAM,OAAO,MAAOM,GAClBA,EAAQ,aAAa,OAAO,CAC1B,QAAS,IAAM9B,EAAK,IAAIO,CAAwB,EAChD,KAAOwB,GACL9B,EAAM,CACJ,MAAO,UACP,OAAQ,CAAE,IAAK6B,EAAQ,IAAK,aAAAC,CAAa,CAC3C,CAAC,CACL,CAAC,CACH,CACF,CACF,CACF,CACF,CACF,CACF,EAEA,cAAe,CACb,GAAI,CACF,QAAS,iBACT,mBAAoB,cACpB,MAAO,OACT,EACA,OAAQ,CACN,GAAI,gBACJ,IAAK,gBACL,MAAO,CAAC,CAAE,QAAAN,CAAQ,IAChBA,EAAQ,eAAe,MAAOC,GAC5Bd,EAAgB,CACd,eAAgBa,EAAQ,MAAM,eAC9B,cAAeA,EAAQ,MAAM,cAC7B,aAAc,IACZX,EACEY,EAAM,cAAgBD,EAAQ,MAAM,aACpC,yCACF,EACF,IAAK,IACHX,EAASY,EAAM,IAAK,+BAA+B,CACvD,CAAC,CACH,EACF,QAAS,CAAE,QAAS,sBAAuB,EAC3C,OAAQ,CACN,QAASX,EAAe,CAAC,CAAE,MAAAS,CAAM,IAC/BA,EAAM,OAAO,IAAI,CAAC,CAAE,WAAAQ,EAAY,kBAAAC,CAAkB,KAAO,CACvD,MAAO,UACP,OAAQ,CAAE,WAAAD,EAAY,kBAAAC,CAAkB,CAC1C,EAAE,CACJ,CACF,CACF,CACF,EAEA,eAAgB,CACd,OAAQ,CACN,CAAE,OAAQ,uBAAwB,MAAO,oBAAqB,EAC9D,CAAE,OAAQ,iBAAkB,CAC9B,CACF,EAEA,gBAAiB,CAEf,GAAI,CACF,QAAS,gBACT,MAAO,OACT,EACA,OAAQ,CACN,GAAI,kBACJ,IAAK,8BACL,MAAO,CAAC,CAAE,QAAAR,CAAQ,IAChBA,EAAQ,eACL,QACC,IACE,IAAInB,EACF,+CACF,CACJ,EACC,MAAOoB,GACNd,EAAgB,CACd,eAAgBa,EAAQ,MAAM,eAC9B,QAASA,EAAQ,MAAM,QACvB,WAAYA,EAAQ,MAAM,WAC1B,YAAaA,EAAQ,MAAM,YAC3B,IAAK,IACHX,EAASY,EAAM,IAAK,iCAAiC,EACvD,aAAc,IACZZ,EACEY,EAAM,cAAgBD,EAAQ,MAAM,aACpC,2CACF,EACF,WAAY,IACVX,EACEY,EAAM,WACN,wCACF,EACF,kBAAmB,IACjBZ,EACEY,EAAM,kBACN,gDACF,CACJ,CAAC,CACH,EACJ,QAAS,CAAE,QAAS,sBAAuB,EAC3C,OAAQ,CACN,QAASX,EAAe,CAAC,CAAE,MAAAS,CAAM,IAC/BA,EAAM,OAAO,IAAI,KAAO,CACtB,MAAO,UACP,OAAQ,CAAE,qBAAsB,EAAK,CACvC,EAAE,CACJ,CACF,CACF,CACF,EAEA,qBAAsB,CACpB,GAAI,CAAE,QAAS,UAAW,MAAO,OAAQ,EACzC,OAAQ,CACN,GAAI,uBACJ,IAAK,uBACL,MAAO,CAAC,CAAE,QAAAC,CAAQ,IAChBA,EAAQ,eAAe,MAAOC,GAC5BZ,EACEY,EAAM,kBACN,qDACF,EAAE,IAAKO,IAAuB,CAC5B,kBAAAA,EACA,QAASR,EAAQ,MAAM,OACzB,EAAE,CACJ,EACF,QAAS,CAAE,QAAS,sBAAuB,EAC3C,OAAQ,CACN,QAASV,EAAe,CAAC,CAAE,MAAAS,CAAM,IAC/BA,EAAM,OAAO,IAAKU,IAAmB,CACnC,MAAO,UACP,OAAQ,CAAE,cAAAA,CAAc,CAC1B,EAAE,CACJ,CACF,CACF,CACF,EAEA,QAAS,CAAE,KAAM,OAAQ,EAEzB,MAAO,CAAE,KAAM,OAAQ,CACzB,EAEA,OAAQ,CAAC,CAAE,QAAAT,CAAQ,IACjBA,EAAQ,eAAe,MAAOC,GAC5Bd,EAAgB,CACd,aAAc,IACZE,EACEY,EAAM,cAAgBD,EAAQ,MAAM,aACpC,qCACF,EACF,IAAK,IAAMX,EAASY,EAAM,IAAK,2BAA2B,EAC1D,gBAAiB,IACfZ,EACEY,EAAM,mBAAmB,QAAQ,EAAE,QAAQ,EAC3C,wCACF,EACF,cAAe,IACbZ,EACEY,EAAM,cACN,sCACF,CACJ,CAAC,CACH,CACJ,CAAC,CACH,CAEA,oBAAoBP,EAA0B,CAC5C,MAAO,CACL,WAAagB,GACX,KAAK,KACHA,EAAK,MAAM,eACX,IAAIzB,EAA4BS,CAAW,CAC7C,EAAE,IAAI,EAER,YAAcgB,GAIR,CACJ,KAAM,CAAE,eAAAC,EAAgB,QAAAC,CAAQ,EAAIF,EAAK,MACzC,OAAOpC,EAAY,WAAWoC,EAAK,MAAM,YAAY,EAClD,MAAOJ,GACN,KAAK,KACHK,EACA,IAAIzB,EAA6B0B,EAASN,CAAY,CACxD,CACF,EACC,IAAI,CACT,EAEA,cAAgBI,GAWdpC,EAAY,WAAWoC,EAAK,KAAK,EAC9B,MAAM,CAAC,CAAE,cAAAG,EAAe,eAAAF,EAAgB,aAAAL,EAAc,IAAAH,CAAI,IACzDQ,EACG,kBAAkBL,EAAcH,CAAG,EACnC,IAAKI,IAAgB,CACpB,WAAAA,EACA,kBACEA,EAAW,KAAKM,CAAa,GAAG,GAChCzB,EAAgB,SAAS,QAAQyB,CAAa,MAAM,CACxD,EAAE,CACN,EACC,IAAI,EAET,qBAAsB,MAAOH,GAYpB,QAAQ,QACbA,EAAK,MACF,MAAM,CAAC,CAAE,kBAAAF,EAAmB,QAAAI,CAAQ,IACnCJ,EACG,gBAAgBI,CAAO,EACvB,SACC,IAAI5B,EACF,8EACF,CACF,CACJ,EACC,IAAK8B,GAAQA,EAAI,UAAU,CAChC,CAEJ,CACF,CAEQ,KACNH,EACAI,EAKA,CACA,OAAOJ,EACJ,aAAa,EACb,MAAOK,GAAcD,EAAW,IAAIC,CAAS,CAAC,EAC9C,MAAOX,GAAYM,EAAe,aAAaN,CAAO,CAAC,CAC5D,CACF",
6
- "names": ["OpenAppDeviceAction", "UserInteractionRequired", "XStateDeviceAction", "EitherAsync", "Left", "Right", "assign", "fromPromise", "setup", "LKRPDataSourceError", "LKRPMissingDataError", "LKRPTrustchainNotReady", "LKRPUnauthorizedError", "LKRPUnknownError", "SignChallengeWithDeviceTask", "SignChallengeWithKeypairTask", "eitherSeqRecord", "LKRPBlockStream", "required", "raiseAndAssign", "AddToTrustchainDeviceAction", "APP_NAME", "AuthenticateDeviceAction", "internalApi", "deviceAuth", "keypairAuth", "getTrustchain", "extractEncryptionKey", "event", "context", "state", "input", "jwt", "error", "payload", "trustchainId", "trustchain", "applicationStream", "encryptionKey", "args", "lkrpDataSource", "keypair", "applicationId", "key", "signerTask", "challenge"]
4
+ "sourcesContent": ["import {\n type DeviceActionStateMachine,\n type InternalApi,\n OpenAppDeviceAction,\n type StateMachineTypes,\n UnknownDAError,\n UserInteractionRequired,\n XStateDeviceAction,\n} from \"@ledgerhq/device-management-kit\";\nimport { type Either, EitherAsync, Left, Right } from \"purify-ts\";\nimport { assign, fromPromise, setup } from \"xstate\";\n\nimport {\n type AuthenticateDAError,\n type AuthenticateDAInput,\n type AuthenticateDAIntermediateValue,\n type AuthenticateDAInternalState,\n type AuthenticateDAOutput,\n} from \"@api/app-binder/AuthenticateDeviceActionTypes\";\nimport {\n LKRPMissingDataError,\n LKRPUnauthorizedError,\n LKRPUnhandledState,\n} from \"@api/app-binder/Errors\";\nimport { type Keypair } from \"@api/app-binder/LKRPTypes\";\nimport { type JWT } from \"@api/index\";\nimport { SignChallengeWithDeviceTask } from \"@internal/app-binder/task/SignChallengeWithDeviceTask\";\nimport { SignChallengeWithKeypairTask } from \"@internal/app-binder/task/SignChallengeWithKeypairTask\";\nimport {\n type AuthenticationPayload,\n type Challenge,\n type LKRPDataSource,\n} from \"@internal/lkrp-datasource/data/LKRPDataSource\";\nimport { eitherSeqRecord } from \"@internal/utils/eitherSeqRecord\";\nimport { LKRPBlockStream } from \"@internal/utils/LKRPBlockStream\";\nimport { required } from \"@internal/utils/required\";\n\nimport { raiseAndAssign } from \"./utils/raiseAndAssign\";\nimport { AddToTrustchainDeviceAction } from \"./AddToTrustchainDeviceAction\";\n\nconst APP_NAME = \"Ledger Sync\";\n\nexport class AuthenticateDeviceAction extends XStateDeviceAction<\n AuthenticateDAOutput,\n AuthenticateDAInput,\n AuthenticateDAError,\n AuthenticateDAIntermediateValue,\n AuthenticateDAInternalState\n> {\n makeStateMachine(\n internalApi: InternalApi,\n ): DeviceActionStateMachine<\n AuthenticateDAOutput,\n AuthenticateDAInput,\n AuthenticateDAError,\n AuthenticateDAIntermediateValue,\n AuthenticateDAInternalState\n > {\n type types = StateMachineTypes<\n AuthenticateDAOutput,\n AuthenticateDAInput,\n AuthenticateDAError,\n AuthenticateDAIntermediateValue,\n AuthenticateDAInternalState\n >;\n\n const { deviceAuth, keypairAuth, getTrustchain, extractEncryptionKey } =\n this.extractDependencies(internalApi);\n\n return setup({\n types: {\n input: {} as types[\"input\"],\n context: {} as types[\"context\"],\n output: {} as types[\"output\"],\n },\n\n actors: {\n openAppStateMachine: new OpenAppDeviceAction({\n input: { appName: APP_NAME },\n }).makeStateMachine(internalApi),\n\n deviceAuth: fromPromise(deviceAuth),\n keypairAuth: fromPromise(keypairAuth),\n\n getTrustchain: fromPromise(getTrustchain),\n\n addToTrustchainStateMachine: new AddToTrustchainDeviceAction({\n input: Left(\n new LKRPMissingDataError(\"Missing input for GetEncryptionKey\"),\n ),\n }).makeStateMachine(internalApi),\n\n extractEncryptionKey: fromPromise(extractEncryptionKey),\n },\n\n actions: {\n assignErrorFromEvent: raiseAndAssign(\n ({ event }) =>\n Left(\n new UnknownDAError(String((event as { error?: unknown }).error)),\n ), // NOTE: it should never happen, the error is not typed anymore here\n ),\n },\n\n guards: {\n hasNoTrustchainId: ({ context }) => !context.input.trustchainId,\n hasNoJwt: ({ context }) => !context.input.jwt,\n isTrustchainMember: ({ context }) =>\n context._internalState\n .toMaybe()\n .map(\n (state) =>\n state.wasAddedToTrustchain ||\n state.applicationStream?.hasMember(\n context.input.keypair.pubKeyToHex(),\n ),\n )\n .extract() ?? false,\n },\n }).createMachine({\n /** @xstate-layout N4IgpgJg5mDOIC5QEECuAXAFmAduglgMYCG6YAImAG5FjKEED2OAdAMLaEDWbATpLgLEANrADEAbQAMAXUSgADo1j4mOeSAAeiAMxSALC30BOHfoDsAJinGAHADYp94wBoQAT0QBaAKwsf9lYBAIzB9jrm5vr6OgC+sW5oWIJEpBTUtPRq7Jw8-BApIuISwXJIIEoqahraCDrBOizG+pb2tq06PlJStvo+bp4IPsZSLBHBprZWnVI+tvGJGNh4qWSUNIR0DPjMOWDcfAIrRZKWZYrKqjvq5bU6lsZGkb0Rsz1TOgOII34+oebGQJmOytBYgJLLAgkNYZTZZa4sADSYHcCmI+F4ELEEGYYBY+BwVEYXDxJNR6MxS2k5wql2qt0Q9miLEsJh8lmewWGrK+Q30wSMOk61k6OjaLTBEJS0PSGy22WR5IxWLAvF4jF4LAUwlIADMNQBbFhktHKqmyDSVK7MGqM+r+Fr6WyA8xM2zBSy86LmJq2Axi-T2YZTQGSpbStLrTLbXaK02UrBiWCoQibWCwamWunXW0IYw+H2BVmWOa2MxScy88xSAXmYJlh5CiYBYxh5IrGVRuEx1hxilYglUET4CCHArHUSZ8pW+mgWrO0b8-kPYyWDkxfS8gujWb2Cb3fmRAxtyGrWXRhUo+MqtUaqcXKo5hl55xNMzBCyzZp9TceRl-FhHCcHo11aKIfBPCMYTleFdi7OgliTFM0wzC1p2zG1nw9fRRmaRwTDXcIuk9P8EEDUZzB0fNLGCOtzB8LpWwScFww7SNYXlBF4JvdVeHvWlH0wudEA-GwjFomsDBsHDPlIj9DFsdkAldZ4WhLSC2Ogi8uI4iEWAAeQUXBkAUBRsVxfFCWJPFGCMnATIUfiZyfYSEHsIMmkiB4PUsCJ3RIwZaMaBouVdFoqJ8Cx5mYqVNPPbtsm4pYDLshyxFVXitR1dB9V4I1bOM0ynIwm5XKZQwGMi3yzHuBsq0eQJehsCZFNdCYNKhdiYJ7FgkqwFLCrM5NUzgVCaWcoStG+MIWArYIDF6BiPzaXkHgq3o2qZSxFLiGLWM6rSEp0mDkqxHEcDxQdrJYAoTqwYrBNKqaEHm0wWHaLoJnMP12nCXl61sFkPymAJulscHAw6s9uJ6vrMBYHiNSyvVDRu3TzXGkrc3mgExmMBoTBGIifFkwZmhYNrqzLejGLsKHO10nqAHEwHQAAVXhUFgdBCEwdEcHMi7LKJEkWBgdnOe53n+Ye60ntqBoAPc4wrHCewaO+gLEHdAVqbaJwwmaXbFnbA74s43YWYlrmeb5gl0tvTVtRRvKxdZjmbelglZdnZ6CYq-MLDMaIpAefpSLrPwehsBxqw9Tp6a67TLfdyXbf5pCRvTH2XL9gI-HoktXv5aTeVMRpJidZ0HgrGxE8Oi3WCtj2pbtgXB2HUd8kKSc0IfOXc3CQHKJ0Z0zHV9oJl5BwKOmesbGLMt6-N2Cm9Tz224d3ic8mhWTEBlpXWaKQxXaepeSDAUgLaEsZnm42WNN6HGeyDh9i4ABJWAAFkwANAAjVU4h8CwAAAQGj-oAvifcBIDywmPQC3RPx6Eos4Um3wVbvX9A8QIPRL7Lxhq-XIX9f4AKAWIEBoCcCMHQOAyBqod7yxEiGCmykGjuiApRMuvkjABFHv5eoJgCEvwRG-bgJD6G8HEBlO8MCJpMJeuBd6Jh1azDDs4C+Stug3xJp9E+wjurZGQBACAbNGAt3Tvbc6l0rKi2MaY8xacvY4EYbmGizoxjemMCMU+oRbD1UaM6J0dg5jxwfrFM2hCET2LMRY5xW8kbOxyqjGJjiN4yzkVjZ8NERizQ9ACVohF6JVgMLNIC3R6glimJYAxydWCpLiZvYaKFXHZL6IDPQYRb4ODFKYMuHkIZ+iIt4qItSjq7AaU4zeMjoGY0em4z8-hwg0Vqg0E+v5Bjg0BmEP4gIzAPGsPYMZjcWAAFFNDoF4MQBgpycCEF4KiNQipM4tMyfM7JE93oAnaFMb6AJ0EvXWf4CswwIishPq6Y5q8zkXKuTcu5DyFBPJRAk2ZWZ3muVaDWFgH5lreL9Ixew-S-AQzrICE+phjxgmoQUeA5QInP0MbneRuY-Q4vmlMQIEwwiOErKRLw+Yxg0VLJEAGYpwn7UZXUvYBxu4Tjpf3X2Cttrsp6Cpbl7kKy8i8D6d0VgTA1lqvmJee0n4MyZbGK8-Yljorga5dkPoR7OnmkGCp4dBjhEeODTVjp2GzChbDdGWBbVKsQA6poq5Vzg1mO6fx-LdXCudN9dyJM6zRRNqec10q4YDXsqZENudagFj8N4g50bQlxsGByAUcwLAxCZOXMwAbEpBvhhCAtu8RIUtVWEPo4ryqrQcIBfWLRfpgWCM2hEzcpn8w7Qoj0DExj0XxSTcqAL8aLlHhYRwTJd1HNNZmpO4zWBiM-j-SRCrYGhpem0A+1gGw0VmH8d12tvFNACNEfMdZgIQQPVBFePVJnpIJHOtxu5ZpRBaiYLyGztZlgprRJNURVFNr-XFKJuxzmXOuegW59zHnXEVKBtpM0Qx7kog4RwHp-pAq6K6fW4rKL6EnbsAAyshUaxHMWuksEK9R312j4xo0KFkBYmQ7JGN0cwLHWCnMdlx56HJ6IshLNtcC3ogz9MMOECwxYnTAn3fEIAA */\n\n id: \"AuthenticateDeviceAction\",\n context: ({ input }): types[\"context\"] => ({\n input,\n intermediateValue: {\n requiredUserInteraction: UserInteractionRequired.None,\n },\n _internalState: Right({\n trustchainId: null,\n jwt: null,\n trustchain: null,\n applicationStream: null,\n encryptionKey: null,\n wasAddedToTrustchain: false,\n }),\n }),\n\n initial: \"CheckCredentials\",\n states: {\n CheckCredentials: {\n always: [\n { target: \"DeviceAuth\", guard: \"hasNoTrustchainId\" },\n { target: \"KeypairAuth\", guard: \"hasNoJwt\" },\n { target: \"GetTrustchain\" },\n ],\n },\n\n KeypairAuth: {\n on: {\n success: \"GetTrustchain\",\n invalidCredentials: \"DeviceAuth\",\n error: \"Error\",\n },\n invoke: {\n id: \"keypairAuth\",\n src: \"keypairAuth\",\n input: ({ context }) => ({\n lkrpDataSource: context.input.lkrpDataSource,\n keypair: context.input.keypair,\n trustchainId: required(\n context.input.trustchainId,\n \"Missing Trustchain ID in the input\",\n ),\n }),\n onError: { actions: \"assignErrorFromEvent\" },\n onDone: {\n actions: raiseAndAssign(({ event }) =>\n event.output\n .map(({ jwt }) => ({\n raise: \"success\",\n assign: { jwt },\n }))\n .chainLeft((error) =>\n error instanceof LKRPUnauthorizedError\n ? Right({ raise: \"invalidCredentials\" })\n : Left(error),\n ),\n ),\n },\n },\n },\n\n DeviceAuth: {\n on: { success: \"GetTrustchain\", error: \"Error\" },\n initial: \"OpenApp\",\n states: {\n OpenApp: {\n // TODO snapshot for intermediateValue\n on: { success: \"Auth\" },\n invoke: {\n id: \"openApp\",\n src: \"openAppStateMachine\",\n input: { appName: APP_NAME },\n onError: { actions: \"assignErrorFromEvent\" },\n onDone: {\n actions: raiseAndAssign(({ event }) =>\n event.output.map(() => ({ raise: \"success\" })),\n ),\n },\n },\n },\n\n Auth: {\n entry: assign({\n intermediateValue: {\n requiredUserInteraction: \"connect-ledger-sync\",\n },\n }),\n exit: assign({\n intermediateValue: {\n requiredUserInteraction: UserInteractionRequired.None,\n },\n }),\n invoke: {\n id: \"deviceAuth\",\n src: \"deviceAuth\",\n input: ({ context }) => context.input,\n onError: { actions: \"assignErrorFromEvent\" },\n onDone: {\n actions: raiseAndAssign(({ event }) =>\n event.output.chain((payload) =>\n payload.trustchainId.caseOf({\n Nothing: () =>\n Left(\n new LKRPUnhandledState(\"The trustchain is empty\"),\n ),\n Just: (trustchainId) =>\n Right({\n raise: \"success\",\n assign: { jwt: payload.jwt, trustchainId },\n }),\n }),\n ),\n ),\n },\n },\n },\n },\n },\n\n GetTrustchain: {\n on: {\n success: \"CheckIsMembers\",\n invalidCredentials: \"KeypairAuth\",\n error: \"Error\",\n },\n invoke: {\n id: \"getTrustchain\",\n src: \"getTrustchain\",\n input: ({ context }) =>\n context._internalState.chain((state) =>\n eitherSeqRecord({\n lkrpDataSource: context.input.lkrpDataSource,\n applicationId: context.input.applicationId,\n trustchainId: () =>\n required(\n state.trustchainId ?? context.input.trustchainId,\n \"Missing Trustchain ID in the input for GetTrustchain\",\n ),\n jwt: () =>\n required(\n state.jwt ?? context.input.jwt,\n \"Missing JWT in the input for GetTrustchain\",\n ),\n }),\n ),\n onError: { actions: \"assignErrorFromEvent\" },\n onDone: {\n actions: raiseAndAssign(({ event }) =>\n event.output.map(({ trustchain, applicationStream }) => ({\n raise: \"success\",\n assign: { trustchain, applicationStream },\n })),\n ),\n },\n },\n },\n\n CheckIsMembers: {\n always: [\n { target: \"ExtractEncryptionKey\", guard: \"isTrustchainMember\" },\n { target: \"AddToTrustchain\" },\n ],\n },\n\n AddToTrustchain: {\n // TODO snapshot for intermediateValue\n on: {\n success: \"GetTrustchain\",\n error: \"Error\",\n },\n invoke: {\n id: \"AddToTrustchain\",\n src: \"addToTrustchainStateMachine\",\n input: ({ context }) =>\n context._internalState\n .mapLeft(\n () =>\n new LKRPMissingDataError(\n \"Missing data in the input for AddToTrustchain\",\n ),\n )\n .chain((state) =>\n eitherSeqRecord({\n lkrpDataSource: context.input.lkrpDataSource,\n keypair: context.input.keypair,\n clientName: context.input.clientName,\n permissions: context.input.permissions,\n jwt: () =>\n required(\n state.jwt ?? context.input.jwt,\n \"Missing JWT in the input for AddToTrustchain\",\n ),\n trustchainId: () =>\n required(\n state.trustchainId ?? context.input.trustchainId,\n \"Missing Trustchain ID in the input for GetTrustchain\",\n ),\n trustchain: () =>\n required(\n state.trustchain,\n \"Missing Trustchain in the input for AddToTrustchain\",\n ),\n applicationStream: () =>\n required(\n state.applicationStream,\n \"Missing application stream in the input for AddToTrustchain\",\n ),\n }),\n ),\n onError: { actions: \"assignErrorFromEvent\" },\n onDone: {\n actions: raiseAndAssign(({ event }) =>\n event.output.map(() => ({\n raise: \"success\",\n assign: { wasAddedToTrustchain: true },\n })),\n ),\n },\n },\n },\n\n ExtractEncryptionKey: {\n on: { success: \"Success\", error: \"Error\" },\n invoke: {\n id: \"ExtractEncryptionKey\",\n src: \"extractEncryptionKey\",\n input: ({ context }) =>\n context._internalState.chain((state) =>\n required(\n state.applicationStream,\n \"Missing application stream\",\n ).map((applicationStream) => ({\n applicationStream,\n keypair: context.input.keypair,\n })),\n ),\n onError: { actions: \"assignErrorFromEvent\" },\n onDone: {\n actions: raiseAndAssign(({ event }) =>\n event.output.map((encryptionKey) => ({\n raise: \"success\",\n assign: { encryptionKey },\n })),\n ),\n },\n },\n },\n\n Success: { type: \"final\" },\n\n Error: { type: \"final\" },\n },\n\n output: ({ context }) =>\n context._internalState.chain((state) =>\n eitherSeqRecord({\n trustchainId: () =>\n required(\n state.trustchainId ?? context.input.trustchainId,\n \"Missing Trustchain ID in the output\",\n ),\n jwt: () =>\n required(\n state.jwt ?? context.input.jwt,\n \"Missing JWT in the output\",\n ),\n applicationPath: () =>\n required(\n state.applicationStream?.getPath().extract(),\n \"Missing application path in the output\",\n ),\n encryptionKey: () =>\n required(\n state.encryptionKey,\n \"Missing encryption key in the output\",\n ),\n }),\n ),\n });\n }\n\n extractDependencies(internalApi: InternalApi) {\n return {\n deviceAuth: (args: { input: { lkrpDataSource: LKRPDataSource } }) =>\n this.auth(\n args.input.lkrpDataSource,\n new SignChallengeWithDeviceTask(internalApi),\n ).run(),\n\n keypairAuth: (args: {\n input: Pick<AuthenticateDAInput, \"lkrpDataSource\" | \"keypair\"> & {\n trustchainId: Either<LKRPMissingDataError, string>;\n };\n }) => {\n const { lkrpDataSource, keypair } = args.input;\n return EitherAsync.liftEither(args.input.trustchainId)\n .chain((trustchainId) =>\n this.auth(\n lkrpDataSource,\n new SignChallengeWithKeypairTask(keypair, trustchainId),\n ),\n )\n .run();\n },\n\n getTrustchain: (args: {\n input: Either<\n AuthenticateDAError,\n {\n applicationId: number;\n lkrpDataSource: LKRPDataSource;\n trustchainId: string;\n jwt: JWT;\n }\n >;\n }) =>\n EitherAsync.liftEither(args.input)\n .chain(({ applicationId, lkrpDataSource, trustchainId, jwt }) =>\n lkrpDataSource\n .getTrustchainById(trustchainId, jwt)\n .map((trustchain) => ({\n trustchain,\n applicationStream:\n trustchain[`m/${applicationId}'`] ??\n LKRPBlockStream.fromPath(`m/0'/${applicationId}'/0'`),\n })),\n )\n .run(),\n\n extractEncryptionKey: async (args: {\n input: Either<\n AuthenticateDAError,\n {\n applicationStream: LKRPBlockStream;\n keypair: Keypair;\n }\n >;\n }) => {\n // TODO additional derivations should be supported:\n // https://github.com/LedgerHQ/ledger-live/blob/develop/libs/hw-ledger-key-ring-protocol/src/Device.ts#L216...L226\n // Probably not needed for Ledger Sync\n return Promise.resolve(\n args.input\n .chain(({ applicationStream, keypair }) =>\n applicationStream\n .getPublishedKey(keypair)\n .toEither(\n new UnknownDAError(\n \"There is no encryption key for the current member in the application stream.\",\n ),\n ),\n )\n .map((key) => key.privateKey),\n );\n },\n };\n }\n\n private auth(\n lkrpDataSource: LKRPDataSource,\n signerTask: {\n run: (\n challenge: Challenge,\n ) => PromiseLike<Either<AuthenticateDAError, AuthenticationPayload>>;\n },\n ) {\n return lkrpDataSource\n .getChallenge()\n .chain((challenge) => signerTask.run(challenge))\n .chain((payload) => lkrpDataSource.authenticate(payload));\n }\n}\n"],
5
+ "mappings": "AAAA,OAGE,uBAAAA,EAEA,kBAAAC,EACA,2BAAAC,EACA,sBAAAC,MACK,kCACP,OAAsB,eAAAC,EAAa,QAAAC,EAAM,SAAAC,MAAa,YACtD,OAAS,UAAAC,EAAQ,eAAAC,EAAa,SAAAC,MAAa,SAS3C,OACE,wBAAAC,EACA,yBAAAC,EACA,sBAAAC,MACK,yBAGP,OAAS,+BAAAC,MAAmC,wDAC5C,OAAS,gCAAAC,MAAoC,yDAM7C,OAAS,mBAAAC,MAAuB,kCAChC,OAAS,mBAAAC,MAAuB,kCAChC,OAAS,YAAAC,MAAgB,2BAEzB,OAAS,kBAAAC,MAAsB,yBAC/B,OAAS,+BAAAC,MAAmC,gCAE5C,MAAMC,EAAW,cAEV,MAAMC,UAAiClB,CAM5C,CACA,iBACEmB,EAOA,CASA,KAAM,CAAE,WAAAC,EAAY,YAAAC,EAAa,cAAAC,EAAe,qBAAAC,CAAqB,EACnE,KAAK,oBAAoBJ,CAAW,EAEtC,OAAOb,EAAM,CACX,MAAO,CACL,MAAO,CAAC,EACR,QAAS,CAAC,EACV,OAAQ,CAAC,CACX,EAEA,OAAQ,CACN,oBAAqB,IAAIT,EAAoB,CAC3C,MAAO,CAAE,QAASoB,CAAS,CAC7B,CAAC,EAAE,iBAAiBE,CAAW,EAE/B,WAAYd,EAAYe,CAAU,EAClC,YAAaf,EAAYgB,CAAW,EAEpC,cAAehB,EAAYiB,CAAa,EAExC,4BAA6B,IAAIN,EAA4B,CAC3D,MAAOd,EACL,IAAIK,EAAqB,oCAAoC,CAC/D,CACF,CAAC,EAAE,iBAAiBY,CAAW,EAE/B,qBAAsBd,EAAYkB,CAAoB,CACxD,EAEA,QAAS,CACP,qBAAsBR,EACpB,CAAC,CAAE,MAAAS,CAAM,IACPtB,EACE,IAAIJ,EAAe,OAAQ0B,EAA8B,KAAK,CAAC,CACjE,CACJ,CACF,EAEA,OAAQ,CACN,kBAAmB,CAAC,CAAE,QAAAC,CAAQ,IAAM,CAACA,EAAQ,MAAM,aACnD,SAAU,CAAC,CAAE,QAAAA,CAAQ,IAAM,CAACA,EAAQ,MAAM,IAC1C,mBAAoB,CAAC,CAAE,QAAAA,CAAQ,IAC7BA,EAAQ,eACL,QAAQ,EACR,IACEC,GACCA,EAAM,sBACNA,EAAM,mBAAmB,UACvBD,EAAQ,MAAM,QAAQ,YAAY,CACpC,CACJ,EACC,QAAQ,GAAK,EACpB,CACF,CAAC,EAAE,cAAc,CAGf,GAAI,2BACJ,QAAS,CAAC,CAAE,MAAAE,CAAM,KAAyB,CACzC,MAAAA,EACA,kBAAmB,CACjB,wBAAyB5B,EAAwB,IACnD,EACA,eAAgBI,EAAM,CACpB,aAAc,KACd,IAAK,KACL,WAAY,KACZ,kBAAmB,KACnB,cAAe,KACf,qBAAsB,EACxB,CAAC,CACH,GAEA,QAAS,mBACT,OAAQ,CACN,iBAAkB,CAChB,OAAQ,CACN,CAAE,OAAQ,aAAc,MAAO,mBAAoB,EACnD,CAAE,OAAQ,cAAe,MAAO,UAAW,EAC3C,CAAE,OAAQ,eAAgB,CAC5B,CACF,EAEA,YAAa,CACX,GAAI,CACF,QAAS,gBACT,mBAAoB,aACpB,MAAO,OACT,EACA,OAAQ,CACN,GAAI,cACJ,IAAK,cACL,MAAO,CAAC,CAAE,QAAAsB,CAAQ,KAAO,CACvB,eAAgBA,EAAQ,MAAM,eAC9B,QAASA,EAAQ,MAAM,QACvB,aAAcX,EACZW,EAAQ,MAAM,aACd,oCACF,CACF,GACA,QAAS,CAAE,QAAS,sBAAuB,EAC3C,OAAQ,CACN,QAASV,EAAe,CAAC,CAAE,MAAAS,CAAM,IAC/BA,EAAM,OACH,IAAI,CAAC,CAAE,IAAAI,CAAI,KAAO,CACjB,MAAO,UACP,OAAQ,CAAE,IAAAA,CAAI,CAChB,EAAE,EACD,UAAWC,GACVA,aAAiBrB,EACbL,EAAM,CAAE,MAAO,oBAAqB,CAAC,EACrCD,EAAK2B,CAAK,CAChB,CACJ,CACF,CACF,CACF,EAEA,WAAY,CACV,GAAI,CAAE,QAAS,gBAAiB,MAAO,OAAQ,EAC/C,QAAS,UACT,OAAQ,CACN,QAAS,CAEP,GAAI,CAAE,QAAS,MAAO,EACtB,OAAQ,CACN,GAAI,UACJ,IAAK,sBACL,MAAO,CAAE,QAASZ,CAAS,EAC3B,QAAS,CAAE,QAAS,sBAAuB,EAC3C,OAAQ,CACN,QAASF,EAAe,CAAC,CAAE,MAAAS,CAAM,IAC/BA,EAAM,OAAO,IAAI,KAAO,CAAE,MAAO,SAAU,EAAE,CAC/C,CACF,CACF,CACF,EAEA,KAAM,CACJ,MAAOpB,EAAO,CACZ,kBAAmB,CACjB,wBAAyB,qBAC3B,CACF,CAAC,EACD,KAAMA,EAAO,CACX,kBAAmB,CACjB,wBAAyBL,EAAwB,IACnD,CACF,CAAC,EACD,OAAQ,CACN,GAAI,aACJ,IAAK,aACL,MAAO,CAAC,CAAE,QAAA0B,CAAQ,IAAMA,EAAQ,MAChC,QAAS,CAAE,QAAS,sBAAuB,EAC3C,OAAQ,CACN,QAASV,EAAe,CAAC,CAAE,MAAAS,CAAM,IAC/BA,EAAM,OAAO,MAAOM,GAClBA,EAAQ,aAAa,OAAO,CAC1B,QAAS,IACP5B,EACE,IAAIO,EAAmB,yBAAyB,CAClD,EACF,KAAOsB,GACL5B,EAAM,CACJ,MAAO,UACP,OAAQ,CAAE,IAAK2B,EAAQ,IAAK,aAAAC,CAAa,CAC3C,CAAC,CACL,CAAC,CACH,CACF,CACF,CACF,CACF,CACF,CACF,EAEA,cAAe,CACb,GAAI,CACF,QAAS,iBACT,mBAAoB,cACpB,MAAO,OACT,EACA,OAAQ,CACN,GAAI,gBACJ,IAAK,gBACL,MAAO,CAAC,CAAE,QAAAN,CAAQ,IAChBA,EAAQ,eAAe,MAAOC,GAC5Bd,EAAgB,CACd,eAAgBa,EAAQ,MAAM,eAC9B,cAAeA,EAAQ,MAAM,cAC7B,aAAc,IACZX,EACEY,EAAM,cAAgBD,EAAQ,MAAM,aACpC,sDACF,EACF,IAAK,IACHX,EACEY,EAAM,KAAOD,EAAQ,MAAM,IAC3B,4CACF,CACJ,CAAC,CACH,EACF,QAAS,CAAE,QAAS,sBAAuB,EAC3C,OAAQ,CACN,QAASV,EAAe,CAAC,CAAE,MAAAS,CAAM,IAC/BA,EAAM,OAAO,IAAI,CAAC,CAAE,WAAAQ,EAAY,kBAAAC,CAAkB,KAAO,CACvD,MAAO,UACP,OAAQ,CAAE,WAAAD,EAAY,kBAAAC,CAAkB,CAC1C,EAAE,CACJ,CACF,CACF,CACF,EAEA,eAAgB,CACd,OAAQ,CACN,CAAE,OAAQ,uBAAwB,MAAO,oBAAqB,EAC9D,CAAE,OAAQ,iBAAkB,CAC9B,CACF,EAEA,gBAAiB,CAEf,GAAI,CACF,QAAS,gBACT,MAAO,OACT,EACA,OAAQ,CACN,GAAI,kBACJ,IAAK,8BACL,MAAO,CAAC,CAAE,QAAAR,CAAQ,IAChBA,EAAQ,eACL,QACC,IACE,IAAIlB,EACF,+CACF,CACJ,EACC,MAAOmB,GACNd,EAAgB,CACd,eAAgBa,EAAQ,MAAM,eAC9B,QAASA,EAAQ,MAAM,QACvB,WAAYA,EAAQ,MAAM,WAC1B,YAAaA,EAAQ,MAAM,YAC3B,IAAK,IACHX,EACEY,EAAM,KAAOD,EAAQ,MAAM,IAC3B,8CACF,EACF,aAAc,IACZX,EACEY,EAAM,cAAgBD,EAAQ,MAAM,aACpC,sDACF,EACF,WAAY,IACVX,EACEY,EAAM,WACN,qDACF,EACF,kBAAmB,IACjBZ,EACEY,EAAM,kBACN,6DACF,CACJ,CAAC,CACH,EACJ,QAAS,CAAE,QAAS,sBAAuB,EAC3C,OAAQ,CACN,QAASX,EAAe,CAAC,CAAE,MAAAS,CAAM,IAC/BA,EAAM,OAAO,IAAI,KAAO,CACtB,MAAO,UACP,OAAQ,CAAE,qBAAsB,EAAK,CACvC,EAAE,CACJ,CACF,CACF,CACF,EAEA,qBAAsB,CACpB,GAAI,CAAE,QAAS,UAAW,MAAO,OAAQ,EACzC,OAAQ,CACN,GAAI,uBACJ,IAAK,uBACL,MAAO,CAAC,CAAE,QAAAC,CAAQ,IAChBA,EAAQ,eAAe,MAAOC,GAC5BZ,EACEY,EAAM,kBACN,4BACF,EAAE,IAAKO,IAAuB,CAC5B,kBAAAA,EACA,QAASR,EAAQ,MAAM,OACzB,EAAE,CACJ,EACF,QAAS,CAAE,QAAS,sBAAuB,EAC3C,OAAQ,CACN,QAASV,EAAe,CAAC,CAAE,MAAAS,CAAM,IAC/BA,EAAM,OAAO,IAAKU,IAAmB,CACnC,MAAO,UACP,OAAQ,CAAE,cAAAA,CAAc,CAC1B,EAAE,CACJ,CACF,CACF,CACF,EAEA,QAAS,CAAE,KAAM,OAAQ,EAEzB,MAAO,CAAE,KAAM,OAAQ,CACzB,EAEA,OAAQ,CAAC,CAAE,QAAAT,CAAQ,IACjBA,EAAQ,eAAe,MAAOC,GAC5Bd,EAAgB,CACd,aAAc,IACZE,EACEY,EAAM,cAAgBD,EAAQ,MAAM,aACpC,qCACF,EACF,IAAK,IACHX,EACEY,EAAM,KAAOD,EAAQ,MAAM,IAC3B,2BACF,EACF,gBAAiB,IACfX,EACEY,EAAM,mBAAmB,QAAQ,EAAE,QAAQ,EAC3C,wCACF,EACF,cAAe,IACbZ,EACEY,EAAM,cACN,sCACF,CACJ,CAAC,CACH,CACJ,CAAC,CACH,CAEA,oBAAoBP,EAA0B,CAC5C,MAAO,CACL,WAAagB,GACX,KAAK,KACHA,EAAK,MAAM,eACX,IAAIzB,EAA4BS,CAAW,CAC7C,EAAE,IAAI,EAER,YAAcgB,GAIR,CACJ,KAAM,CAAE,eAAAC,EAAgB,QAAAC,CAAQ,EAAIF,EAAK,MACzC,OAAOlC,EAAY,WAAWkC,EAAK,MAAM,YAAY,EAClD,MAAOJ,GACN,KAAK,KACHK,EACA,IAAIzB,EAA6B0B,EAASN,CAAY,CACxD,CACF,EACC,IAAI,CACT,EAEA,cAAgBI,GAWdlC,EAAY,WAAWkC,EAAK,KAAK,EAC9B,MAAM,CAAC,CAAE,cAAAG,EAAe,eAAAF,EAAgB,aAAAL,EAAc,IAAAH,CAAI,IACzDQ,EACG,kBAAkBL,EAAcH,CAAG,EACnC,IAAKI,IAAgB,CACpB,WAAAA,EACA,kBACEA,EAAW,KAAKM,CAAa,GAAG,GAChCzB,EAAgB,SAAS,QAAQyB,CAAa,MAAM,CACxD,EAAE,CACN,EACC,IAAI,EAET,qBAAsB,MAAOH,GAYpB,QAAQ,QACbA,EAAK,MACF,MAAM,CAAC,CAAE,kBAAAF,EAAmB,QAAAI,CAAQ,IACnCJ,EACG,gBAAgBI,CAAO,EACvB,SACC,IAAIvC,EACF,8EACF,CACF,CACJ,EACC,IAAKyC,GAAQA,EAAI,UAAU,CAChC,CAEJ,CACF,CAEQ,KACNH,EACAI,EAKA,CACA,OAAOJ,EACJ,aAAa,EACb,MAAOK,GAAcD,EAAW,IAAIC,CAAS,CAAC,EAC9C,MAAOX,GAAYM,EAAe,aAAaN,CAAO,CAAC,CAC5D,CACF",
6
+ "names": ["OpenAppDeviceAction", "UnknownDAError", "UserInteractionRequired", "XStateDeviceAction", "EitherAsync", "Left", "Right", "assign", "fromPromise", "setup", "LKRPMissingDataError", "LKRPUnauthorizedError", "LKRPUnhandledState", "SignChallengeWithDeviceTask", "SignChallengeWithKeypairTask", "eitherSeqRecord", "LKRPBlockStream", "required", "raiseAndAssign", "AddToTrustchainDeviceAction", "APP_NAME", "AuthenticateDeviceAction", "internalApi", "deviceAuth", "keypairAuth", "getTrustchain", "extractEncryptionKey", "event", "context", "state", "input", "jwt", "error", "payload", "trustchainId", "trustchain", "applicationStream", "encryptionKey", "args", "lkrpDataSource", "keypair", "applicationId", "key", "signerTask", "challenge"]
7
7
  }
package/lib/esm/internal/app-binder/task/ParseStreamToDeviceTask.js CHANGED
@@ -1,2 +1,2 @@
1
- import{CommandResultStatus as i}from"@ledgerhq/device-management-kit";import{EitherAsync as o,Left as s,Right as n}from"purify-ts";import{LKRPUnknownError as m}from"../../../api/app-binder/Errors";import{ParseBlockSignatureCommand as c}from"../../app-binder/command/ParseBlockSignatureCommand";import{ParseSingleCommand as d}from"../../app-binder/command/ParseStreamBlockCommand";import{ParseBlockHeaderCommand as p}from"../../app-binder/command/ParseStreamBlockHeader";import{SetTrustedMemberCommand as P}from"../../app-binder/command/SetTrustedMemberCommand";import{eitherSeqRecord as h}from"../../utils/eitherSeqRecord";import{bytesToHex as u}from"../../utils/hex";import{TrustedProperties as f}from"./utils/TrustedProperties";class M{constructor(t){this.api=t}lastTrustedMember=null;trustedMembers=new Map;run({seedBlock:t,applicationStream:r}){return this.parseBlock(t).chain(()=>r?this.parseStream(r):o.liftEither(n(void 0)))}parseStream(t){return o.liftEither(t.parse()).chain(r=>o.sequence(r.map(e=>this.parseBlock(e))))}parseBlock(t){return o.liftEither(t.parse()).chain(r=>this.setTrustedMember(u(r.issuer)).map(()=>r)).chain(async r=>{try{const e=await this.api.sendCommand(new p(r));if(e.status!==i.Success)return s(e.error)}catch(e){return s(new m(String(e)))}return n(r)}).chain(r=>o.sequence(r.commands.map(e=>this.parseCommand(e,u(r.issuer)))).map(()=>r)).chain(async r=>{try{const e=await this.api.sendCommand(new c(r));if(e.status!==i.Success)return s(e.error)}catch(e){return s(new m(String(e)))}return n(void 0)})}parseCommand(t,r){const e=t.getPublicKey().orDefault(r);return this.setTrustedMember(e).chain(async()=>{try{const a=await this.api.sendCommand(new d({command:t.toU8A()}));return a.status!==i.Success?s(a.error):this.recordTrustedMembers(e,a.data)}catch(a){return s(new m(String(a)))}})}setTrustedMember(t){return o.fromPromise(async()=>{if(t===this.lastTrustedMember)return n(void 0);const r=this.trustedMembers.get(t);if(!r)return n(void 0);try{const e=await this.api.sendCommand(new P(r));if(e.status!==i.Success)return s(e.error)}catch(e){return s(new m(String(e)))}return n(void 0)})}recordTrustedMembers(t,r){if(this.lastTrustedMember=t,r.length===0||this.trustedMembers.has(t))return n(void 0);const e=new f(r);return h({iv:()=>e.getIv(),memberTlv:()=>e.getNewMember()}).ifRight(a=>this.trustedMembers.set(t,a))}}export{M as ParseStreamToDeviceTask};
1
+ import{CommandResultStatus as i,UnknownDAError as m}from"@ledgerhq/device-management-kit";import{EitherAsync as o,Left as s,Right as n}from"purify-ts";import{ParseBlockSignatureCommand as c}from"../../app-binder/command/ParseBlockSignatureCommand";import{ParseSingleCommand as d}from"../../app-binder/command/ParseStreamBlockCommand";import{ParseBlockHeaderCommand as p}from"../../app-binder/command/ParseStreamBlockHeader";import{SetTrustedMemberCommand as P}from"../../app-binder/command/SetTrustedMemberCommand";import{eitherSeqRecord as h}from"../../utils/eitherSeqRecord";import{bytesToHex as u}from"../../utils/hex";import{TrustedProperties as f}from"./utils/TrustedProperties";class M{constructor(t){this.api=t}lastTrustedMember=null;trustedMembers=new Map;run({seedBlock:t,applicationStream:r}){return this.parseBlock(t).chain(()=>r?this.parseStream(r):o.liftEither(n(void 0)))}parseStream(t){return o.liftEither(t.parse()).chain(r=>o.sequence(r.map(e=>this.parseBlock(e))))}parseBlock(t){return o.liftEither(t.parse()).chain(r=>this.setTrustedMember(u(r.issuer)).map(()=>r)).chain(async r=>{try{const e=await this.api.sendCommand(new p(r));if(e.status!==i.Success)return s(e.error)}catch(e){return s(new m(String(e)))}return n(r)}).chain(r=>o.sequence(r.commands.map(e=>this.parseCommand(e,u(r.issuer)))).map(()=>r)).chain(async r=>{try{const e=await this.api.sendCommand(new c(r));if(e.status!==i.Success)return s(e.error)}catch(e){return s(new m(String(e)))}return n(void 0)})}parseCommand(t,r){const e=t.getPublicKey().orDefault(r);return this.setTrustedMember(e).chain(async()=>{try{const a=await this.api.sendCommand(new d({command:t.toU8A()}));return a.status!==i.Success?s(a.error):this.recordTrustedMembers(e,a.data)}catch(a){return s(new m(String(a)))}})}setTrustedMember(t){return o.fromPromise(async()=>{if(t===this.lastTrustedMember)return n(void 0);const r=this.trustedMembers.get(t);if(!r)return n(void 0);try{const e=await this.api.sendCommand(new P(r));if(e.status!==i.Success)return s(e.error)}catch(e){return s(new m(String(e)))}return n(void 0)})}recordTrustedMembers(t,r){if(this.lastTrustedMember=t,r.length===0||this.trustedMembers.has(t))return n(void 0);const e=new f(r);return h({iv:()=>e.getIv(),memberTlv:()=>e.getNewMember()}).ifRight(a=>this.trustedMembers.set(t,a))}}export{M as ParseStreamToDeviceTask};
2
2
  //# sourceMappingURL=ParseStreamToDeviceTask.js.map
package/lib/esm/internal/app-binder/task/ParseStreamToDeviceTask.js.map CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "version": 3,
3
3
  "sources": ["../../../../../src/internal/app-binder/task/ParseStreamToDeviceTask.ts"],
4
- "sourcesContent": ["import {\n CommandResultStatus,\n type InternalApi,\n} from \"@ledgerhq/device-management-kit\";\nimport { type Either, EitherAsync, Left, Right } from \"purify-ts\";\n\nimport {\n type LKRPMissingDataError,\n type LKRPParsingError,\n LKRPUnknownError,\n} from \"@api/app-binder/Errors\";\nimport { type SetTrustedMemberCommandArgs } from \"@api/app-binder/SetTrustedMemberTypes\";\nimport { ParseBlockSignatureCommand } from \"@internal/app-binder/command/ParseBlockSignatureCommand\";\nimport { ParseSingleCommand } from \"@internal/app-binder/command/ParseStreamBlockCommand\";\nimport { ParseBlockHeaderCommand } from \"@internal/app-binder/command/ParseStreamBlockHeader\";\nimport { SetTrustedMemberCommand } from \"@internal/app-binder/command/SetTrustedMemberCommand\";\nimport { type LKRPDeviceCommandError } from \"@internal/app-binder/command/utils/ledgerKeyringProtocolErrors\";\nimport { type LKRPBlockParsedData } from \"@internal/models/LKRPBlockTypes\";\nimport { eitherSeqRecord } from \"@internal/utils/eitherSeqRecord\";\nimport { bytesToHex } from \"@internal/utils/hex\";\nimport { type LKRPBlock } from \"@internal/utils/LKRPBlock\";\nimport { type LKRPBlockStream } from \"@internal/utils/LKRPBlockStream\";\nimport { type LKRPCommand } from \"@internal/utils/LKRPCommand\";\n\nimport { TrustedProperties } from \"./utils/TrustedProperties\";\n\nexport type ParseStreamToDeviceTaskInput = {\n seedBlock: LKRPBlock; // The seed block is mandatory for now because the trustchain creation / parse empty stream are not yet implemented\n applicationStream: LKRPBlockStream | null;\n};\n\ntype ParseStreamTaskError =\n | LKRPDeviceCommandError\n | LKRPParsingError\n | LKRPMissingDataError\n | LKRPUnknownError;\n\nexport class ParseStreamToDeviceTask {\n private lastTrustedMember: string | null = null;\n private trustedMembers = new Map<string, SetTrustedMemberCommandArgs>();\n\n constructor(private readonly api: InternalApi) {}\n\n run({ seedBlock, applicationStream }: ParseStreamToDeviceTaskInput) {\n return this.parseBlock(seedBlock).chain<ParseStreamTaskError, unknown>(\n () =>\n applicationStream\n ? this.parseStream(applicationStream)\n : EitherAsync.liftEither(Right(undefined)),\n );\n }\n\n parseStream(stream: LKRPBlockStream) {\n return EitherAsync.liftEither(stream.parse()).chain<\n ParseStreamTaskError,\n unknown\n >((blocks) =>\n EitherAsync.sequence(blocks.map((block) => this.parseBlock(block))),\n );\n }\n\n parseBlock(block: LKRPBlock) {\n return (\n EitherAsync.liftEither(block.parse())\n\n .chain<ParseStreamTaskError, LKRPBlockParsedData>((data) =>\n this.setTrustedMember(bytesToHex(data.issuer)).map(() => data),\n )\n\n // Parse the block header\n .chain<ParseStreamTaskError, LKRPBlockParsedData>(async (data) => {\n try {\n const response = await this.api.sendCommand(\n new ParseBlockHeaderCommand(data),\n );\n if (response.status !== CommandResultStatus.Success) {\n return Left(response.error);\n }\n } catch (error) {\n return Left(new LKRPUnknownError(String(error)));\n }\n return Right(data);\n })\n\n // Parse each command\n .chain<ParseStreamTaskError, LKRPBlockParsedData>((data) =>\n EitherAsync.sequence(\n data.commands.map((command) =>\n this.parseCommand(command, bytesToHex(data.issuer)),\n ),\n ).map(() => data),\n )\n\n // Parse the block signature\n .chain<ParseStreamTaskError, void>(async (data) => {\n try {\n const response = await this.api.sendCommand(\n new ParseBlockSignatureCommand(data),\n );\n if (response.status !== CommandResultStatus.Success) {\n return Left(response.error);\n }\n } catch (error) {\n return Left(new LKRPUnknownError(String(error)));\n }\n return Right(undefined);\n })\n );\n }\n\n parseCommand(command: LKRPCommand, blockIssuer: string) {\n const publicKey = command.getPublicKey().orDefault(blockIssuer);\n\n // Parse the command\n return this.setTrustedMember(publicKey).chain<\n ParseStreamTaskError,\n unknown\n >(async () => {\n try {\n const response = await this.api.sendCommand(\n new ParseSingleCommand({ command: command.toU8A() }),\n );\n if (response.status !== CommandResultStatus.Success) {\n return Left(response.error);\n }\n return this.recordTrustedMembers(publicKey, response.data);\n } catch (error) {\n return Left(new LKRPUnknownError(String(error)));\n }\n });\n }\n\n setTrustedMember(publicKey: string) {\n // NOTE: Set Trusted Member only when needed\n // i.e: when this command wasn't signed by the device (see recordTrustedMembers NOTE) nor the last trusted member\n return EitherAsync.fromPromise<ParseStreamTaskError, void>(async () => {\n if (publicKey === this.lastTrustedMember) {\n return Right(undefined);\n }\n const trustedMember = this.trustedMembers.get(publicKey);\n if (!trustedMember) {\n return Right(undefined);\n }\n try {\n const response = await this.api.sendCommand(\n new SetTrustedMemberCommand(trustedMember),\n );\n if (response.status !== CommandResultStatus.Success) {\n return Left(response.error);\n }\n } catch (error) {\n return Left(new LKRPUnknownError(String(error)));\n }\n return Right(undefined);\n });\n }\n\n recordTrustedMembers(\n publicKey: string,\n trustedPropsBytes: Uint8Array,\n ): Either<LKRPParsingError | LKRPMissingDataError, unknown> {\n this.lastTrustedMember = publicKey;\n\n // NOTE: Whenever a command which was signed by the device is parsed on the same device\n // the parse block apdu returns empty trusted properties.\n // Therefore this function will never record the device as a trusted member.\n // (which is fine because the device doesn't need to set itself as a trusted member).\n if (trustedPropsBytes.length === 0 || this.trustedMembers.has(publicKey)) {\n return Right(undefined);\n }\n\n const trustedProps = new TrustedProperties(trustedPropsBytes);\n return eitherSeqRecord({\n iv: () => trustedProps.getIv(),\n memberTlv: () => trustedProps.getNewMember(),\n }).ifRight((trustedMember) =>\n this.trustedMembers.set(publicKey, trustedMember),\n );\n }\n}\n"],
5
- "mappings": "AAAA,OACE,uBAAAA,MAEK,kCACP,OAAsB,eAAAC,EAAa,QAAAC,EAAM,SAAAC,MAAa,YAEtD,OAGE,oBAAAC,MACK,yBAEP,OAAS,8BAAAC,MAAkC,0DAC3C,OAAS,sBAAAC,MAA0B,uDACnC,OAAS,2BAAAC,MAA+B,sDACxC,OAAS,2BAAAC,MAA+B,uDAGxC,OAAS,mBAAAC,MAAuB,kCAChC,OAAS,cAAAC,MAAkB,sBAK3B,OAAS,qBAAAC,MAAyB,4BAa3B,MAAMC,CAAwB,CAInC,YAA6BC,EAAkB,CAAlB,SAAAA,CAAmB,CAHxC,kBAAmC,KACnC,eAAiB,IAAI,IAI7B,IAAI,CAAE,UAAAC,EAAW,kBAAAC,CAAkB,EAAiC,CAClE,OAAO,KAAK,WAAWD,CAAS,EAAE,MAChC,IACEC,EACI,KAAK,YAAYA,CAAiB,EAClCd,EAAY,WAAWE,EAAM,MAAS,CAAC,CAC/C,CACF,CAEA,YAAYa,EAAyB,CACnC,OAAOf,EAAY,WAAWe,EAAO,MAAM,CAAC,EAAE,MAG3CC,GACDhB,EAAY,SAASgB,EAAO,IAAKC,GAAU,KAAK,WAAWA,CAAK,CAAC,CAAC,CACpE,CACF,CAEA,WAAWA,EAAkB,CAC3B,OACEjB,EAAY,WAAWiB,EAAM,MAAM,CAAC,EAEjC,MAAkDC,GACjD,KAAK,iBAAiBT,EAAWS,EAAK,MAAM,CAAC,EAAE,IAAI,IAAMA,CAAI,CAC/D,EAGC,MAAiD,MAAOA,GAAS,CAChE,GAAI,CACF,MAAMC,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAIb,EAAwBY,CAAI,CAClC,EACA,GAAIC,EAAS,SAAWpB,EAAoB,QAC1C,OAAOE,EAAKkB,EAAS,KAAK,CAE9B,OAASC,EAAO,CACd,OAAOnB,EAAK,IAAIE,EAAiB,OAAOiB,CAAK,CAAC,CAAC,CACjD,CACA,OAAOlB,EAAMgB,CAAI,CACnB,CAAC,EAGA,MAAkDA,GACjDlB,EAAY,SACVkB,EAAK,SAAS,IAAKG,GACjB,KAAK,aAAaA,EAASZ,EAAWS,EAAK,MAAM,CAAC,CACpD,CACF,EAAE,IAAI,IAAMA,CAAI,CAClB,EAGC,MAAkC,MAAOA,GAAS,CACjD,GAAI,CACF,MAAMC,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAIf,EAA2Bc,CAAI,CACrC,EACA,GAAIC,EAAS,SAAWpB,EAAoB,QAC1C,OAAOE,EAAKkB,EAAS,KAAK,CAE9B,OAASC,EAAO,CACd,OAAOnB,EAAK,IAAIE,EAAiB,OAAOiB,CAAK,CAAC,CAAC,CACjD,CACA,OAAOlB,EAAM,MAAS,CACxB,CAAC,CAEP,CAEA,aAAamB,EAAsBC,EAAqB,CACtD,MAAMC,EAAYF,EAAQ,aAAa,EAAE,UAAUC,CAAW,EAG9D,OAAO,KAAK,iBAAiBC,CAAS,EAAE,MAGtC,SAAY,CACZ,GAAI,CACF,MAAMJ,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAId,EAAmB,CAAE,QAASgB,EAAQ,MAAM,CAAE,CAAC,CACrD,EACA,OAAIF,EAAS,SAAWpB,EAAoB,QACnCE,EAAKkB,EAAS,KAAK,EAErB,KAAK,qBAAqBI,EAAWJ,EAAS,IAAI,CAC3D,OAASC,EAAO,CACd,OAAOnB,EAAK,IAAIE,EAAiB,OAAOiB,CAAK,CAAC,CAAC,CACjD,CACF,CAAC,CACH,CAEA,iBAAiBG,EAAmB,CAGlC,OAAOvB,EAAY,YAAwC,SAAY,CACrE,GAAIuB,IAAc,KAAK,kBACrB,OAAOrB,EAAM,MAAS,EAExB,MAAMsB,EAAgB,KAAK,eAAe,IAAID,CAAS,EACvD,GAAI,CAACC,EACH,OAAOtB,EAAM,MAAS,EAExB,GAAI,CACF,MAAMiB,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAIZ,EAAwBiB,CAAa,CAC3C,EACA,GAAIL,EAAS,SAAWpB,EAAoB,QAC1C,OAAOE,EAAKkB,EAAS,KAAK,CAE9B,OAASC,EAAO,CACd,OAAOnB,EAAK,IAAIE,EAAiB,OAAOiB,CAAK,CAAC,CAAC,CACjD,CACA,OAAOlB,EAAM,MAAS,CACxB,CAAC,CACH,CAEA,qBACEqB,EACAE,EAC0D,CAO1D,GANA,KAAK,kBAAoBF,EAMrBE,EAAkB,SAAW,GAAK,KAAK,eAAe,IAAIF,CAAS,EACrE,OAAOrB,EAAM,MAAS,EAGxB,MAAMwB,EAAe,IAAIhB,EAAkBe,CAAiB,EAC5D,OAAOjB,EAAgB,CACrB,GAAI,IAAMkB,EAAa,MAAM,EAC7B,UAAW,IAAMA,EAAa,aAAa,CAC7C,CAAC,EAAE,QAASF,GACV,KAAK,eAAe,IAAID,EAAWC,CAAa,CAClD,CACF,CACF",
6
- "names": ["CommandResultStatus", "EitherAsync", "Left", "Right", "LKRPUnknownError", "ParseBlockSignatureCommand", "ParseSingleCommand", "ParseBlockHeaderCommand", "SetTrustedMemberCommand", "eitherSeqRecord", "bytesToHex", "TrustedProperties", "ParseStreamToDeviceTask", "api", "seedBlock", "applicationStream", "stream", "blocks", "block", "data", "response", "error", "command", "blockIssuer", "publicKey", "trustedMember", "trustedPropsBytes", "trustedProps"]
4
+ "sourcesContent": ["import {\n CommandResultStatus,\n type InternalApi,\n UnknownDAError,\n} from \"@ledgerhq/device-management-kit\";\nimport { type Either, EitherAsync, Left, Right } from \"purify-ts\";\n\nimport {\n type LKRPMissingDataError,\n type LKRPParsingError,\n} from \"@api/app-binder/Errors\";\nimport { type SetTrustedMemberCommandArgs } from \"@api/app-binder/SetTrustedMemberTypes\";\nimport { ParseBlockSignatureCommand } from \"@internal/app-binder/command/ParseBlockSignatureCommand\";\nimport { ParseSingleCommand } from \"@internal/app-binder/command/ParseStreamBlockCommand\";\nimport { ParseBlockHeaderCommand } from \"@internal/app-binder/command/ParseStreamBlockHeader\";\nimport { SetTrustedMemberCommand } from \"@internal/app-binder/command/SetTrustedMemberCommand\";\nimport { type LKRPDeviceCommandError } from \"@internal/app-binder/command/utils/ledgerKeyringProtocolErrors\";\nimport { eitherSeqRecord } from \"@internal/utils/eitherSeqRecord\";\nimport { bytesToHex } from \"@internal/utils/hex\";\nimport { type LKRPBlock } from \"@internal/utils/LKRPBlock\";\nimport { type LKRPBlockStream } from \"@internal/utils/LKRPBlockStream\";\nimport { type LKRPCommand } from \"@internal/utils/LKRPCommand\";\nimport { type LKRPBlockParsedData } from \"@internal/utils/types\";\n\nimport { TrustedProperties } from \"./utils/TrustedProperties\";\n\nexport type ParseStreamToDeviceTaskInput = {\n seedBlock: LKRPBlock; // The seed block is mandatory for now because the trustchain creation / parse empty stream are not yet implemented\n applicationStream: LKRPBlockStream | null;\n};\n\ntype ParseStreamTaskError =\n | LKRPDeviceCommandError\n | LKRPParsingError\n | LKRPMissingDataError\n | UnknownDAError;\n\nexport class ParseStreamToDeviceTask {\n private lastTrustedMember: string | null = null;\n private trustedMembers = new Map<string, SetTrustedMemberCommandArgs>();\n\n constructor(private readonly api: InternalApi) {}\n\n run({ seedBlock, applicationStream }: ParseStreamToDeviceTaskInput) {\n return this.parseBlock(seedBlock).chain<ParseStreamTaskError, unknown>(\n () =>\n applicationStream\n ? this.parseStream(applicationStream)\n : EitherAsync.liftEither(Right(undefined)),\n );\n }\n\n parseStream(stream: LKRPBlockStream) {\n return EitherAsync.liftEither(stream.parse()).chain<\n ParseStreamTaskError,\n unknown\n >((blocks) =>\n EitherAsync.sequence(blocks.map((block) => this.parseBlock(block))),\n );\n }\n\n parseBlock(block: LKRPBlock) {\n return (\n EitherAsync.liftEither(block.parse())\n\n .chain<ParseStreamTaskError, LKRPBlockParsedData>((data) =>\n this.setTrustedMember(bytesToHex(data.issuer)).map(() => data),\n )\n\n // Parse the block header\n .chain<ParseStreamTaskError, LKRPBlockParsedData>(async (data) => {\n try {\n const response = await this.api.sendCommand(\n new ParseBlockHeaderCommand(data),\n );\n if (response.status !== CommandResultStatus.Success) {\n return Left(response.error);\n }\n } catch (error) {\n return Left(new UnknownDAError(String(error)));\n }\n return Right(data);\n })\n\n // Parse each command\n .chain<ParseStreamTaskError, LKRPBlockParsedData>((data) =>\n EitherAsync.sequence(\n data.commands.map((command) =>\n this.parseCommand(command, bytesToHex(data.issuer)),\n ),\n ).map(() => data),\n )\n\n // Parse the block signature\n .chain<ParseStreamTaskError, void>(async (data) => {\n try {\n const response = await this.api.sendCommand(\n new ParseBlockSignatureCommand(data),\n );\n if (response.status !== CommandResultStatus.Success) {\n return Left(response.error);\n }\n } catch (error) {\n return Left(new UnknownDAError(String(error)));\n }\n return Right(undefined);\n })\n );\n }\n\n parseCommand(command: LKRPCommand, blockIssuer: string) {\n const publicKey = command.getPublicKey().orDefault(blockIssuer);\n\n // Parse the command\n return this.setTrustedMember(publicKey).chain<\n ParseStreamTaskError,\n unknown\n >(async () => {\n try {\n const response = await this.api.sendCommand(\n new ParseSingleCommand({ command: command.toU8A() }),\n );\n if (response.status !== CommandResultStatus.Success) {\n return Left(response.error);\n }\n return this.recordTrustedMembers(publicKey, response.data);\n } catch (error) {\n return Left(new UnknownDAError(String(error)));\n }\n });\n }\n\n setTrustedMember(publicKey: string) {\n // NOTE: Set Trusted Member only when needed\n // i.e: when this command wasn't signed by the device (see recordTrustedMembers NOTE) nor the last trusted member\n return EitherAsync.fromPromise<ParseStreamTaskError, void>(async () => {\n if (publicKey === this.lastTrustedMember) {\n return Right(undefined);\n }\n const trustedMember = this.trustedMembers.get(publicKey);\n if (!trustedMember) {\n return Right(undefined);\n }\n try {\n const response = await this.api.sendCommand(\n new SetTrustedMemberCommand(trustedMember),\n );\n if (response.status !== CommandResultStatus.Success) {\n return Left(response.error);\n }\n } catch (error) {\n return Left(new UnknownDAError(String(error)));\n }\n return Right(undefined);\n });\n }\n\n recordTrustedMembers(\n publicKey: string,\n trustedPropsBytes: Uint8Array,\n ): Either<LKRPParsingError | LKRPMissingDataError, unknown> {\n this.lastTrustedMember = publicKey;\n\n // NOTE: Whenever a command which was signed by the device is parsed on the same device\n // the parse block apdu returns empty trusted properties.\n // Therefore this function will never record the device as a trusted member.\n // (which is fine because the device doesn't need to set itself as a trusted member).\n if (trustedPropsBytes.length === 0 || this.trustedMembers.has(publicKey)) {\n return Right(undefined);\n }\n\n const trustedProps = new TrustedProperties(trustedPropsBytes);\n return eitherSeqRecord({\n iv: () => trustedProps.getIv(),\n memberTlv: () => trustedProps.getNewMember(),\n }).ifRight((trustedMember) =>\n this.trustedMembers.set(publicKey, trustedMember),\n );\n }\n}\n"],
5
+ "mappings": "AAAA,OACE,uBAAAA,EAEA,kBAAAC,MACK,kCACP,OAAsB,eAAAC,EAAa,QAAAC,EAAM,SAAAC,MAAa,YAOtD,OAAS,8BAAAC,MAAkC,0DAC3C,OAAS,sBAAAC,MAA0B,uDACnC,OAAS,2BAAAC,MAA+B,sDACxC,OAAS,2BAAAC,MAA+B,uDAExC,OAAS,mBAAAC,MAAuB,kCAChC,OAAS,cAAAC,MAAkB,sBAM3B,OAAS,qBAAAC,MAAyB,4BAa3B,MAAMC,CAAwB,CAInC,YAA6BC,EAAkB,CAAlB,SAAAA,CAAmB,CAHxC,kBAAmC,KACnC,eAAiB,IAAI,IAI7B,IAAI,CAAE,UAAAC,EAAW,kBAAAC,CAAkB,EAAiC,CAClE,OAAO,KAAK,WAAWD,CAAS,EAAE,MAChC,IACEC,EACI,KAAK,YAAYA,CAAiB,EAClCb,EAAY,WAAWE,EAAM,MAAS,CAAC,CAC/C,CACF,CAEA,YAAYY,EAAyB,CACnC,OAAOd,EAAY,WAAWc,EAAO,MAAM,CAAC,EAAE,MAG3CC,GACDf,EAAY,SAASe,EAAO,IAAKC,GAAU,KAAK,WAAWA,CAAK,CAAC,CAAC,CACpE,CACF,CAEA,WAAWA,EAAkB,CAC3B,OACEhB,EAAY,WAAWgB,EAAM,MAAM,CAAC,EAEjC,MAAkDC,GACjD,KAAK,iBAAiBT,EAAWS,EAAK,MAAM,CAAC,EAAE,IAAI,IAAMA,CAAI,CAC/D,EAGC,MAAiD,MAAOA,GAAS,CAChE,GAAI,CACF,MAAMC,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAIb,EAAwBY,CAAI,CAClC,EACA,GAAIC,EAAS,SAAWpB,EAAoB,QAC1C,OAAOG,EAAKiB,EAAS,KAAK,CAE9B,OAASC,EAAO,CACd,OAAOlB,EAAK,IAAIF,EAAe,OAAOoB,CAAK,CAAC,CAAC,CAC/C,CACA,OAAOjB,EAAMe,CAAI,CACnB,CAAC,EAGA,MAAkDA,GACjDjB,EAAY,SACViB,EAAK,SAAS,IAAKG,GACjB,KAAK,aAAaA,EAASZ,EAAWS,EAAK,MAAM,CAAC,CACpD,CACF,EAAE,IAAI,IAAMA,CAAI,CAClB,EAGC,MAAkC,MAAOA,GAAS,CACjD,GAAI,CACF,MAAMC,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAIf,EAA2Bc,CAAI,CACrC,EACA,GAAIC,EAAS,SAAWpB,EAAoB,QAC1C,OAAOG,EAAKiB,EAAS,KAAK,CAE9B,OAASC,EAAO,CACd,OAAOlB,EAAK,IAAIF,EAAe,OAAOoB,CAAK,CAAC,CAAC,CAC/C,CACA,OAAOjB,EAAM,MAAS,CACxB,CAAC,CAEP,CAEA,aAAakB,EAAsBC,EAAqB,CACtD,MAAMC,EAAYF,EAAQ,aAAa,EAAE,UAAUC,CAAW,EAG9D,OAAO,KAAK,iBAAiBC,CAAS,EAAE,MAGtC,SAAY,CACZ,GAAI,CACF,MAAMJ,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAId,EAAmB,CAAE,QAASgB,EAAQ,MAAM,CAAE,CAAC,CACrD,EACA,OAAIF,EAAS,SAAWpB,EAAoB,QACnCG,EAAKiB,EAAS,KAAK,EAErB,KAAK,qBAAqBI,EAAWJ,EAAS,IAAI,CAC3D,OAASC,EAAO,CACd,OAAOlB,EAAK,IAAIF,EAAe,OAAOoB,CAAK,CAAC,CAAC,CAC/C,CACF,CAAC,CACH,CAEA,iBAAiBG,EAAmB,CAGlC,OAAOtB,EAAY,YAAwC,SAAY,CACrE,GAAIsB,IAAc,KAAK,kBACrB,OAAOpB,EAAM,MAAS,EAExB,MAAMqB,EAAgB,KAAK,eAAe,IAAID,CAAS,EACvD,GAAI,CAACC,EACH,OAAOrB,EAAM,MAAS,EAExB,GAAI,CACF,MAAMgB,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAIZ,EAAwBiB,CAAa,CAC3C,EACA,GAAIL,EAAS,SAAWpB,EAAoB,QAC1C,OAAOG,EAAKiB,EAAS,KAAK,CAE9B,OAASC,EAAO,CACd,OAAOlB,EAAK,IAAIF,EAAe,OAAOoB,CAAK,CAAC,CAAC,CAC/C,CACA,OAAOjB,EAAM,MAAS,CACxB,CAAC,CACH,CAEA,qBACEoB,EACAE,EAC0D,CAO1D,GANA,KAAK,kBAAoBF,EAMrBE,EAAkB,SAAW,GAAK,KAAK,eAAe,IAAIF,CAAS,EACrE,OAAOpB,EAAM,MAAS,EAGxB,MAAMuB,EAAe,IAAIhB,EAAkBe,CAAiB,EAC5D,OAAOjB,EAAgB,CACrB,GAAI,IAAMkB,EAAa,MAAM,EAC7B,UAAW,IAAMA,EAAa,aAAa,CAC7C,CAAC,EAAE,QAASF,GACV,KAAK,eAAe,IAAID,EAAWC,CAAa,CAClD,CACF,CACF",
6
+ "names": ["CommandResultStatus", "UnknownDAError", "EitherAsync", "Left", "Right", "ParseBlockSignatureCommand", "ParseSingleCommand", "ParseBlockHeaderCommand", "SetTrustedMemberCommand", "eitherSeqRecord", "bytesToHex", "TrustedProperties", "ParseStreamToDeviceTask", "api", "seedBlock", "applicationStream", "stream", "blocks", "block", "data", "response", "error", "command", "blockIssuer", "publicKey", "trustedMember", "trustedPropsBytes", "trustedProps"]
7
7
  }
package/lib/esm/internal/app-binder/task/SignBlockTask.js CHANGED
@@ -1,2 +1,2 @@
1
- import{bufferToHexaString as C,CommandResultStatus as g}from"@ledgerhq/device-management-kit";import{Either as P,EitherAsync as o,Left as m,Right as y}from"purify-ts";import{LKRPDataSourceError as K,LKRPOutdatedTrustchainError as v,LKRPUnknownError as u,LKRPUnsupportedCommandError as k}from"../../../api/app-binder/Errors";import{SignBlockHeaderCommand as B}from"../../app-binder/command/SignBlockHeader";import{SignBlockSignatureCommand as b}from"../../app-binder/command/SignBlockSignatureCommand";import{SignBlockSingleCommand as f}from"../../app-binder/command/SignBlockSingleCommand";import{CommandTags as i}from"../../models/Tags";import{CryptoUtils as h}from"../../utils/crypto";import{eitherAsyncSeqRecord as A,eitherSeqRecord as p}from"../../utils/eitherSeqRecord";import{LKRPBlock as D}from"../../utils/LKRPBlock";import{LKRPCommand as c}from"../../utils/LKRPCommand";import{TrustedProperties as E}from"./utils/TrustedProperties";class J{constructor(r){this.api=r}run({lkrpDataSource:r,trustchainId:e,path:t,jwt:n,parent:s,blockFlow:d,sessionKeypair:S}){const l=this.signCommands(t,d);return A({header:this.signBlockHeader(s,l.length),commands:o.sequence(l),signature:this.signBlockSignature(S)}).chain(a=>o.liftEither(this.decryptBlock(s,a))).chain(a=>{switch(d.type){case"derive":return r.postDerivation(e,a,n);case"addMember":return r.putCommands(e,t,a,n)}}).mapLeft(a=>a instanceof K&&a.status==="BAD_REQUEST"?new v:a)}signBlockHeader(r,e){return o.fromPromise(async()=>{try{const t=await this.api.sendCommand(new B({parent:r,commandCount:e}));if(t.status!==g.Success)return m(t.error);const n=new E(t.data);return p({iv:()=>n.getIv(),issuer:()=>n.getIssuer()})}catch(t){return m(new u(String(t)))}})}signBlockSignature(r){return o.fromPromise(async()=>{try{const e=await this.api.sendCommand(new b);if(e.status!==g.Success)return m(e.error);const{signature:t,deviceSessionKey:n}=e.data,s=r.ecdh(n).slice(1);return y({signature:t,secret:s})}catch(e){return m(new u(String(e)))}})}signCommands(r,e){switch(e.type){case"derive":return[this.signDeriveCommand(r),this.signAddMemberCommand(e.data),this.signPublishKeyCommand(e.data)];case"addMember":return[this.signAddMemberCommand(e.data),this.signPublishKeyCommand(e.data)]}}signSingleCommand(r){return o.fromPromise(async()=>{try{const e=await this.api.sendCommand(new f({command:r}));return e.status!==g.Success?m(e.error):y(new E(e.data))}catch(e){return m(new u(String(e)))}})}signDeriveCommand(r){return this.signSingleCommand(c.bytesFromUnsignedData({type:i.Derive,path:r})).chain(e=>o.liftEither(p({type:i.Derive,path:r,iv:()=>e.getIv(),xpriv:()=>e.getXPriv(),ephemeralPublicKey:()=>e.getEphemeralPublicKey(),commandIv:()=>e.getCommandIv(),groupKey:()=>e.getGroupKey(),newMember:()=>e.getNewMember()})))}signAddMemberCommand({name:r,publicKey:e,permissions:t}){return this.signSingleCommand(c.bytesFromUnsignedData({type:i.AddMember,name:r,publicKey:e,permissions:t})).chain(n=>o.liftEither(p({type:i.AddMember,name:r,publicKey:e,permissions:t,iv:()=>n.getIv(),newMember:()=>n.getNewMember()})))}signPublishKeyCommand({publicKey:r}){return this.signSingleCommand(c.bytesFromUnsignedData({type:i.PublishKey,recipient:r})).chain(e=>o.liftEither(p({type:i.PublishKey,recipient:r,iv:()=>e.getIv(),xpriv:()=>e.getXPriv(),ephemeralPublicKey:()=>e.getEphemeralPublicKey(),commandIv:()=>e.getCommandIv(),newMember:()=>e.getNewMember()})))}decryptBlock(r,{header:e,commands:t,signature:n}){const s=h.decrypt(n.secret,e.iv,e.issuer);return P.sequence(t.map(d=>this.decryptCommand(n.secret,d))).map(d=>D.fromData({parent:C(r),issuer:s,commands:d,signature:n.signature}))}decryptCommand(r,e){switch(e.type){case i.Derive:case i.PublishKey:{const t=h.decrypt(r,e.iv,e.xpriv);return y(c.fromData({...e,initializationVector:e.commandIv,encryptedXpriv:t}))}case i.AddMember:return y(c.fromData({...e}));default:return m(new k(e))}}}export{J as SignBlockTask};
1
+ import{bufferToHexaString as k,CommandResultStatus as u,UnknownDAError as y}from"@ledgerhq/device-management-kit";import{Either as A,EitherAsync as o,Left as m,Right as p}from"purify-ts";import{SignBlockHeaderCommand as b}from"../../app-binder/command/SignBlockHeader";import{SignBlockSignatureCommand as P}from"../../app-binder/command/SignBlockSignatureCommand";import{SignBlockSingleCommand as f}from"../../app-binder/command/SignBlockSingleCommand";import{CryptoUtils as E}from"../../utils/crypto";import{eitherAsyncSeqRecord as B,eitherSeqRecord as g}from"../../utils/eitherSeqRecord";import{LKRPBlock as K}from"../../utils/LKRPBlock";import{LKRPCommand as d}from"../../utils/LKRPCommand";import{CommandTags as a,GeneralTags as l}from"../../utils/TLVTags";import{TrustedProperties as S}from"./utils/TrustedProperties";const C=new Uint8Array([3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]);class N{constructor(r){this.api=r}run({lkrpDataSource:r,trustchainId:e,path:n,jwt:t,parent:i,blockFlow:s,sessionKeypair:v}){const h=this.signCommands(n,s);return B({header:this.signBlockHeader(i,h.length),commands:o.sequence(h),signature:this.signBlockSignature(v)}).chain(c=>o.liftEither(this.decryptBlock(i,c))).chain(c=>{switch(s.type){case"derive":return r.postDerivation(e,c,t);case"addMember":return r.putCommands(e,n,c,t)}})}signBlockHeader(r,e){return o.fromPromise(async()=>{const n=Uint8Array.from([[l.Int,1,1],[l.Hash,r.length,...r],[l.PublicKey,C.length,...C],[l.Int,1,e]].flat());try{const t=await this.api.sendCommand(new b({header:n}));if(t.status!==u.Success)return m(t.error);const i=new S(t.data);return g({iv:()=>i.getIv(),issuer:()=>i.getIssuer()})}catch(t){return m(new y(String(t)))}})}signBlockSignature(r){return o.fromPromise(async()=>{try{const e=await this.api.sendCommand(new P);if(e.status!==u.Success)return m(e.error);const{signature:n,deviceSessionKey:t}=e.data,i=r.ecdh(t).slice(1);return p({signature:n,secret:i})}catch(e){return m(new y(String(e)))}})}signCommands(r,e){switch(e.type){case"derive":return[this.signDeriveCommand(r),this.signAddMemberCommand(e.data),this.signPublishKeyCommand(e.data)];case"addMember":return[this.signAddMemberCommand(e.data),this.signPublishKeyCommand(e.data)]}}signSingleCommand(r){return o.fromPromise(async()=>{try{const e=await this.api.sendCommand(new f({command:r}));return e.status!==u.Success?m(e.error):p(new S(e.data))}catch(e){return m(new y(String(e)))}})}signDeriveCommand(r){return this.signSingleCommand(d.bytesFromUnsignedData({type:a.Derive,path:r})).chain(e=>o.liftEither(g({type:a.Derive,path:r,iv:()=>e.getIv(),xpriv:()=>e.getXPriv(),ephemeralPublicKey:()=>e.getEphemeralPublicKey(),commandIv:()=>e.getCommandIv(),groupKey:()=>e.getGroupKey(),newMember:()=>e.getNewMember()})))}signAddMemberCommand({name:r,publicKey:e,permissions:n}){return this.signSingleCommand(d.bytesFromUnsignedData({type:a.AddMember,name:r,publicKey:e,permissions:n})).chain(t=>o.liftEither(g({type:a.AddMember,name:r,publicKey:e,permissions:n,iv:()=>t.getIv(),newMember:()=>t.getNewMember()})))}signPublishKeyCommand({publicKey:r}){return this.signSingleCommand(d.bytesFromUnsignedData({type:a.PublishKey,recipient:r})).chain(e=>o.liftEither(g({type:a.PublishKey,recipient:r,iv:()=>e.getIv(),xpriv:()=>e.getXPriv(),ephemeralPublicKey:()=>e.getEphemeralPublicKey(),commandIv:()=>e.getCommandIv(),newMember:()=>e.getNewMember()})))}decryptBlock(r,{header:e,commands:n,signature:t}){const i=E.decrypt(t.secret,e.iv,e.issuer);return A.sequence(n.map(s=>this.decryptCommand(t.secret,s))).map(s=>K.fromData({parent:k(r),issuer:i,commands:s,signature:t.signature}))}decryptCommand(r,e){switch(e.type){case a.Derive:case a.PublishKey:{const n=E.decrypt(r,e.iv,e.xpriv);return p(d.fromData({...e,initializationVector:e.commandIv,encryptedXpriv:n}))}case a.AddMember:return p(d.fromData({...e}));default:return m(new y("Unsupported command type"))}}}export{C as ISSUER_PLACEHOLDER,N as SignBlockTask};
2
2
  //# sourceMappingURL=SignBlockTask.js.map
package/lib/esm/internal/app-binder/task/SignBlockTask.js.map CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "version": 3,
3
3
  "sources": ["../../../../../src/internal/app-binder/task/SignBlockTask.ts"],
4
- "sourcesContent": ["import {\n bufferToHexaString,\n CommandResultStatus,\n type InternalApi,\n} from \"@ledgerhq/device-management-kit\";\nimport { Either, EitherAsync, Left, Right } from \"purify-ts\";\n\nimport {\n LKRPDataSourceError,\n type LKRPMissingDataError,\n LKRPOutdatedTrustchainError,\n type LKRPParsingError,\n LKRPUnknownError,\n LKRPUnsupportedCommandError,\n} from \"@api/app-binder/Errors\";\nimport { type JWT, type Keypair } from \"@api/index\";\nimport { SignBlockHeaderCommand } from \"@internal/app-binder/command/SignBlockHeader\";\nimport { SignBlockSignatureCommand } from \"@internal/app-binder/command/SignBlockSignatureCommand\";\nimport { SignBlockSingleCommand } from \"@internal/app-binder/command/SignBlockSingleCommand\";\nimport { type LKRPDeviceCommandError } from \"@internal/app-binder/command/utils/ledgerKeyringProtocolErrors\";\nimport { type LKRPDataSource } from \"@internal/lkrp-datasource/data/LKRPDataSource\";\nimport {\n type AddMemberUnsignedData,\n type EncryptedCommand,\n type EncryptedDeriveCommand,\n type EncryptedPublishKeyCommand,\n} from \"@internal/models/LKRPCommandTypes\";\nimport { CommandTags } from \"@internal/models/Tags\";\nimport { CryptoUtils } from \"@internal/utils/crypto\";\nimport {\n eitherAsyncSeqRecord,\n eitherSeqRecord,\n} from \"@internal/utils/eitherSeqRecord\";\nimport { LKRPBlock } from \"@internal/utils/LKRPBlock\";\nimport { LKRPCommand } from \"@internal/utils/LKRPCommand\";\n\nimport { TrustedProperties } from \"./utils/TrustedProperties\";\n\ntype BlockFlow =\n | { type: \"derive\"; data: AddMemberBlockData }\n | { type: \"addMember\"; data: AddMemberBlockData };\n\ntype AddMemberBlockData = {\n name: string;\n publicKey: Uint8Array;\n permissions: number;\n};\n\ntype HeaderPayload = {\n iv: Uint8Array;\n issuer: Uint8Array;\n};\ntype SignaturePayload = {\n secret: Uint8Array;\n signature: Uint8Array;\n};\n\ntype EncryptedBlock = {\n header: HeaderPayload;\n commands: EncryptedCommand[];\n signature: SignaturePayload;\n};\n\ntype SignBlockError =\n | LKRPDeviceCommandError\n | LKRPParsingError\n | LKRPMissingDataError\n | LKRPDataSourceError\n | LKRPOutdatedTrustchainError\n | LKRPUnknownError;\n\nexport type SignBlockTaskInput = {\n lkrpDataSource: LKRPDataSource;\n trustchainId: string;\n path: string;\n jwt: JWT;\n parent: Uint8Array;\n blockFlow: BlockFlow;\n sessionKeypair: Keypair;\n};\n\nexport class SignBlockTask {\n constructor(private readonly api: InternalApi) {}\n\n run({\n lkrpDataSource,\n trustchainId,\n path,\n jwt,\n parent,\n blockFlow,\n sessionKeypair,\n }: SignBlockTaskInput): EitherAsync<SignBlockError, void> {\n const commands = this.signCommands(path, blockFlow);\n return eitherAsyncSeqRecord({\n header: this.signBlockHeader(parent, commands.length),\n commands: EitherAsync.sequence(commands),\n signature: this.signBlockSignature(sessionKeypair),\n })\n .chain((encryptedBlock) =>\n EitherAsync.liftEither(this.decryptBlock(parent, encryptedBlock)),\n )\n .chain((block) => {\n switch (blockFlow.type) {\n case \"derive\":\n return lkrpDataSource.postDerivation(trustchainId, block, jwt);\n case \"addMember\":\n return lkrpDataSource.putCommands(trustchainId, path, block, jwt);\n }\n })\n .mapLeft((error) =>\n error instanceof LKRPDataSourceError && error.status === \"BAD_REQUEST\"\n ? new LKRPOutdatedTrustchainError()\n : error,\n );\n }\n\n signBlockHeader(\n parent: Uint8Array,\n commandCount: number,\n ): EitherAsync<SignBlockError, HeaderPayload> {\n return EitherAsync.fromPromise(async () => {\n try {\n const response = await this.api.sendCommand(\n new SignBlockHeaderCommand({ parent, commandCount }),\n );\n if (response.status !== CommandResultStatus.Success) {\n return Left(response.error);\n }\n const trustedProps = new TrustedProperties(response.data);\n return eitherSeqRecord({\n iv: () => trustedProps.getIv(),\n issuer: () => trustedProps.getIssuer(),\n }) as Either<SignBlockError, HeaderPayload>;\n } catch (error) {\n return Left(new LKRPUnknownError(String(error)));\n }\n });\n }\n\n signBlockSignature(\n sessionKeypair: Keypair,\n ): EitherAsync<SignBlockError, SignaturePayload> {\n return EitherAsync.fromPromise(async () => {\n try {\n const response = await this.api.sendCommand(\n new SignBlockSignatureCommand(),\n );\n if (response.status !== CommandResultStatus.Success) {\n return Left(response.error);\n }\n const { signature, deviceSessionKey } = response.data;\n // At this step, the shared secret is used directly as an encryption key after removing the first byte\n const secret = sessionKeypair.ecdh(deviceSessionKey).slice(1);\n return Right({ signature, secret });\n } catch (error) {\n return Left(new LKRPUnknownError(String(error)));\n }\n });\n }\n\n signCommands(\n applicationPath: string,\n block: BlockFlow,\n ): EitherAsync<SignBlockError, EncryptedCommand>[] {\n switch (block.type) {\n case \"derive\":\n return [\n this.signDeriveCommand(applicationPath),\n this.signAddMemberCommand(block.data),\n this.signPublishKeyCommand(block.data),\n ];\n case \"addMember\":\n return [\n this.signAddMemberCommand(block.data),\n this.signPublishKeyCommand(block.data),\n ];\n }\n }\n\n signSingleCommand(command: Uint8Array) {\n return EitherAsync.fromPromise(\n async (): Promise<Either<SignBlockError, TrustedProperties>> => {\n try {\n const response = await this.api.sendCommand(\n new SignBlockSingleCommand({ command }),\n );\n if (response.status !== CommandResultStatus.Success) {\n return Left(response.error);\n }\n return Right(new TrustedProperties(response.data));\n } catch (error) {\n return Left(new LKRPUnknownError(String(error)));\n }\n },\n );\n }\n\n signDeriveCommand(applicationPath: string) {\n return this.signSingleCommand(\n LKRPCommand.bytesFromUnsignedData({\n type: CommandTags.Derive,\n path: applicationPath,\n }),\n ).chain((trustedProps) =>\n EitherAsync.liftEither<SignBlockError, EncryptedDeriveCommand>(\n eitherSeqRecord({\n type: CommandTags.Derive,\n path: applicationPath,\n iv: () => trustedProps.getIv(),\n xpriv: () => trustedProps.getXPriv(),\n ephemeralPublicKey: () => trustedProps.getEphemeralPublicKey(),\n commandIv: () => trustedProps.getCommandIv(),\n groupKey: () => trustedProps.getGroupKey(),\n newMember: () => trustedProps.getNewMember(), // Just validate it's there\n }),\n ),\n );\n }\n\n signAddMemberCommand({ name, publicKey, permissions }: AddMemberBlockData) {\n return this.signSingleCommand(\n LKRPCommand.bytesFromUnsignedData({\n type: CommandTags.AddMember,\n name,\n publicKey,\n permissions,\n }),\n ).chain((trustedProps) =>\n EitherAsync.liftEither<SignBlockError, AddMemberUnsignedData>(\n eitherSeqRecord({\n type: CommandTags.AddMember,\n name,\n publicKey,\n permissions,\n iv: () => trustedProps.getIv(), // Just validate it's there\n newMember: () => trustedProps.getNewMember(), // Just validate it's there\n }),\n ),\n );\n }\n\n signPublishKeyCommand({ publicKey }: Pick<AddMemberBlockData, \"publicKey\">) {\n return this.signSingleCommand(\n LKRPCommand.bytesFromUnsignedData({\n type: CommandTags.PublishKey,\n recipient: publicKey,\n }),\n ).chain((trustedProps) =>\n EitherAsync.liftEither<SignBlockError, EncryptedPublishKeyCommand>(\n eitherSeqRecord({\n type: CommandTags.PublishKey,\n recipient: publicKey,\n iv: () => trustedProps.getIv(),\n xpriv: () => trustedProps.getXPriv(),\n ephemeralPublicKey: () => trustedProps.getEphemeralPublicKey(),\n commandIv: () => trustedProps.getCommandIv(),\n newMember: () => trustedProps.getNewMember(), // Just validate it's there,\n }),\n ),\n );\n }\n\n decryptBlock(\n parent: Uint8Array,\n { header, commands, signature }: EncryptedBlock,\n ): Either<SignBlockError, LKRPBlock> {\n const decryptedIssuer = CryptoUtils.decrypt(\n signature.secret,\n header.iv,\n header.issuer,\n );\n return Either.sequence(\n commands.map((command) => this.decryptCommand(signature.secret, command)),\n ).map((decryptedCommands) =>\n LKRPBlock.fromData({\n parent: bufferToHexaString(parent),\n issuer: decryptedIssuer,\n commands: decryptedCommands,\n signature: signature.signature,\n }),\n );\n }\n\n decryptCommand(\n secret: Uint8Array,\n command: EncryptedCommand,\n ): Either<LKRPUnknownError, LKRPCommand> {\n switch (command.type) {\n case CommandTags.Derive:\n case CommandTags.PublishKey: {\n const encryptedXpriv = CryptoUtils.decrypt(\n secret,\n command.iv,\n command.xpriv,\n );\n return Right(\n LKRPCommand.fromData({\n ...command,\n initializationVector: command.commandIv,\n encryptedXpriv,\n }),\n );\n }\n case CommandTags.AddMember:\n return Right(LKRPCommand.fromData({ ...command }));\n default:\n return Left(new LKRPUnsupportedCommandError(command));\n }\n }\n}\n"],
5
- "mappings": "AAAA,OACE,sBAAAA,EACA,uBAAAC,MAEK,kCACP,OAAS,UAAAC,EAAQ,eAAAC,EAAa,QAAAC,EAAM,SAAAC,MAAa,YAEjD,OACE,uBAAAC,EAEA,+BAAAC,EAEA,oBAAAC,EACA,+BAAAC,MACK,yBAEP,OAAS,0BAAAC,MAA8B,+CACvC,OAAS,6BAAAC,MAAiC,yDAC1C,OAAS,0BAAAC,MAA8B,sDASvC,OAAS,eAAAC,MAAmB,wBAC5B,OAAS,eAAAC,MAAmB,yBAC5B,OACE,wBAAAC,EACA,mBAAAC,MACK,kCACP,OAAS,aAAAC,MAAiB,4BAC1B,OAAS,eAAAC,MAAmB,8BAE5B,OAAS,qBAAAC,MAAyB,4BA6C3B,MAAMC,CAAc,CACzB,YAA6BC,EAAkB,CAAlB,SAAAA,CAAmB,CAEhD,IAAI,CACF,eAAAC,EACA,aAAAC,EACA,KAAAC,EACA,IAAAC,EACA,OAAAC,EACA,UAAAC,EACA,eAAAC,CACF,EAA0D,CACxD,MAAMC,EAAW,KAAK,aAAaL,EAAMG,CAAS,EAClD,OAAOZ,EAAqB,CAC1B,OAAQ,KAAK,gBAAgBW,EAAQG,EAAS,MAAM,EACpD,SAAU1B,EAAY,SAAS0B,CAAQ,EACvC,UAAW,KAAK,mBAAmBD,CAAc,CACnD,CAAC,EACE,MAAOE,GACN3B,EAAY,WAAW,KAAK,aAAauB,EAAQI,CAAc,CAAC,CAClE,EACC,MAAOC,GAAU,CAChB,OAAQJ,EAAU,KAAM,CACtB,IAAK,SACH,OAAOL,EAAe,eAAeC,EAAcQ,EAAON,CAAG,EAC/D,IAAK,YACH,OAAOH,EAAe,YAAYC,EAAcC,EAAMO,EAAON,CAAG,CACpE,CACF,CAAC,EACA,QAASO,GACRA,aAAiB1B,GAAuB0B,EAAM,SAAW,cACrD,IAAIzB,EACJyB,CACN,CACJ,CAEA,gBACEN,EACAO,EAC4C,CAC5C,OAAO9B,EAAY,YAAY,SAAY,CACzC,GAAI,CACF,MAAM+B,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAIxB,EAAuB,CAAE,OAAAgB,EAAQ,aAAAO,CAAa,CAAC,CACrD,EACA,GAAIC,EAAS,SAAWjC,EAAoB,QAC1C,OAAOG,EAAK8B,EAAS,KAAK,EAE5B,MAAMC,EAAe,IAAIhB,EAAkBe,EAAS,IAAI,EACxD,OAAOlB,EAAgB,CACrB,GAAI,IAAMmB,EAAa,MAAM,EAC7B,OAAQ,IAAMA,EAAa,UAAU,CACvC,CAAC,CACH,OAASH,EAAO,CACd,OAAO5B,EAAK,IAAII,EAAiB,OAAOwB,CAAK,CAAC,CAAC,CACjD,CACF,CAAC,CACH,CAEA,mBACEJ,EAC+C,CAC/C,OAAOzB,EAAY,YAAY,SAAY,CACzC,GAAI,CACF,MAAM+B,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAIvB,CACN,EACA,GAAIuB,EAAS,SAAWjC,EAAoB,QAC1C,OAAOG,EAAK8B,EAAS,KAAK,EAE5B,KAAM,CAAE,UAAAE,EAAW,iBAAAC,CAAiB,EAAIH,EAAS,KAE3CI,EAASV,EAAe,KAAKS,CAAgB,EAAE,MAAM,CAAC,EAC5D,OAAOhC,EAAM,CAAE,UAAA+B,EAAW,OAAAE,CAAO,CAAC,CACpC,OAASN,EAAO,CACd,OAAO5B,EAAK,IAAII,EAAiB,OAAOwB,CAAK,CAAC,CAAC,CACjD,CACF,CAAC,CACH,CAEA,aACEO,EACAR,EACiD,CACjD,OAAQA,EAAM,KAAM,CAClB,IAAK,SACH,MAAO,CACL,KAAK,kBAAkBQ,CAAe,EACtC,KAAK,qBAAqBR,EAAM,IAAI,EACpC,KAAK,sBAAsBA,EAAM,IAAI,CACvC,EACF,IAAK,YACH,MAAO,CACL,KAAK,qBAAqBA,EAAM,IAAI,EACpC,KAAK,sBAAsBA,EAAM,IAAI,CACvC,CACJ,CACF,CAEA,kBAAkBS,EAAqB,CACrC,OAAOrC,EAAY,YACjB,SAAgE,CAC9D,GAAI,CACF,MAAM+B,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAItB,EAAuB,CAAE,QAAA4B,CAAQ,CAAC,CACxC,EACA,OAAIN,EAAS,SAAWjC,EAAoB,QACnCG,EAAK8B,EAAS,KAAK,EAErB7B,EAAM,IAAIc,EAAkBe,EAAS,IAAI,CAAC,CACnD,OAASF,EAAO,CACd,OAAO5B,EAAK,IAAII,EAAiB,OAAOwB,CAAK,CAAC,CAAC,CACjD,CACF,CACF,CACF,CAEA,kBAAkBO,EAAyB,CACzC,OAAO,KAAK,kBACVrB,EAAY,sBAAsB,CAChC,KAAML,EAAY,OAClB,KAAM0B,CACR,CAAC,CACH,EAAE,MAAOJ,GACPhC,EAAY,WACVa,EAAgB,CACd,KAAMH,EAAY,OAClB,KAAM0B,EACN,GAAI,IAAMJ,EAAa,MAAM,EAC7B,MAAO,IAAMA,EAAa,SAAS,EACnC,mBAAoB,IAAMA,EAAa,sBAAsB,EAC7D,UAAW,IAAMA,EAAa,aAAa,EAC3C,SAAU,IAAMA,EAAa,YAAY,EACzC,UAAW,IAAMA,EAAa,aAAa,CAC7C,CAAC,CACH,CACF,CACF,CAEA,qBAAqB,CAAE,KAAAM,EAAM,UAAAC,EAAW,YAAAC,CAAY,EAAuB,CACzE,OAAO,KAAK,kBACVzB,EAAY,sBAAsB,CAChC,KAAML,EAAY,UAClB,KAAA4B,EACA,UAAAC,EACA,YAAAC,CACF,CAAC,CACH,EAAE,MAAOR,GACPhC,EAAY,WACVa,EAAgB,CACd,KAAMH,EAAY,UAClB,KAAA4B,EACA,UAAAC,EACA,YAAAC,EACA,GAAI,IAAMR,EAAa,MAAM,EAC7B,UAAW,IAAMA,EAAa,aAAa,CAC7C,CAAC,CACH,CACF,CACF,CAEA,sBAAsB,CAAE,UAAAO,CAAU,EAA0C,CAC1E,OAAO,KAAK,kBACVxB,EAAY,sBAAsB,CAChC,KAAML,EAAY,WAClB,UAAW6B,CACb,CAAC,CACH,EAAE,MAAOP,GACPhC,EAAY,WACVa,EAAgB,CACd,KAAMH,EAAY,WAClB,UAAW6B,EACX,GAAI,IAAMP,EAAa,MAAM,EAC7B,MAAO,IAAMA,EAAa,SAAS,EACnC,mBAAoB,IAAMA,EAAa,sBAAsB,EAC7D,UAAW,IAAMA,EAAa,aAAa,EAC3C,UAAW,IAAMA,EAAa,aAAa,CAC7C,CAAC,CACH,CACF,CACF,CAEA,aACET,EACA,CAAE,OAAAkB,EAAQ,SAAAf,EAAU,UAAAO,CAAU,EACK,CACnC,MAAMS,EAAkB/B,EAAY,QAClCsB,EAAU,OACVQ,EAAO,GACPA,EAAO,MACT,EACA,OAAO1C,EAAO,SACZ2B,EAAS,IAAKW,GAAY,KAAK,eAAeJ,EAAU,OAAQI,CAAO,CAAC,CAC1E,EAAE,IAAKM,GACL7B,EAAU,SAAS,CACjB,OAAQjB,EAAmB0B,CAAM,EACjC,OAAQmB,EACR,SAAUC,EACV,UAAWV,EAAU,SACvB,CAAC,CACH,CACF,CAEA,eACEE,EACAE,EACuC,CACvC,OAAQA,EAAQ,KAAM,CACpB,KAAK3B,EAAY,OACjB,KAAKA,EAAY,WAAY,CAC3B,MAAMkC,EAAiBjC,EAAY,QACjCwB,EACAE,EAAQ,GACRA,EAAQ,KACV,EACA,OAAOnC,EACLa,EAAY,SAAS,CACnB,GAAGsB,EACH,qBAAsBA,EAAQ,UAC9B,eAAAO,CACF,CAAC,CACH,CACF,CACA,KAAKlC,EAAY,UACf,OAAOR,EAAMa,EAAY,SAAS,CAAE,GAAGsB,CAAQ,CAAC,CAAC,EACnD,QACE,OAAOpC,EAAK,IAAIK,EAA4B+B,CAAO,CAAC,CACxD,CACF,CACF",
6
- "names": ["bufferToHexaString", "CommandResultStatus", "Either", "EitherAsync", "Left", "Right", "LKRPDataSourceError", "LKRPOutdatedTrustchainError", "LKRPUnknownError", "LKRPUnsupportedCommandError", "SignBlockHeaderCommand", "SignBlockSignatureCommand", "SignBlockSingleCommand", "CommandTags", "CryptoUtils", "eitherAsyncSeqRecord", "eitherSeqRecord", "LKRPBlock", "LKRPCommand", "TrustedProperties", "SignBlockTask", "api", "lkrpDataSource", "trustchainId", "path", "jwt", "parent", "blockFlow", "sessionKeypair", "commands", "encryptedBlock", "block", "error", "commandCount", "response", "trustedProps", "signature", "deviceSessionKey", "secret", "applicationPath", "command", "name", "publicKey", "permissions", "header", "decryptedIssuer", "decryptedCommands", "encryptedXpriv"]
4
+ "sourcesContent": ["import {\n bufferToHexaString,\n CommandResultStatus,\n type InternalApi,\n UnknownDAError,\n} from \"@ledgerhq/device-management-kit\";\nimport { Either, EitherAsync, Left, Right } from \"purify-ts\";\n\nimport {\n type LKRPHttpRequestError,\n type LKRPMissingDataError,\n type LKRPParsingError,\n} from \"@api/app-binder/Errors\";\nimport { type JWT, type Keypair } from \"@api/index\";\nimport { SignBlockHeaderCommand } from \"@internal/app-binder/command/SignBlockHeader\";\nimport { SignBlockSignatureCommand } from \"@internal/app-binder/command/SignBlockSignatureCommand\";\nimport { SignBlockSingleCommand } from \"@internal/app-binder/command/SignBlockSingleCommand\";\nimport { type LKRPDeviceCommandError } from \"@internal/app-binder/command/utils/ledgerKeyringProtocolErrors\";\nimport { type LKRPDataSource } from \"@internal/lkrp-datasource/data/LKRPDataSource\";\nimport { CryptoUtils } from \"@internal/utils/crypto\";\nimport {\n eitherAsyncSeqRecord,\n eitherSeqRecord,\n} from \"@internal/utils/eitherSeqRecord\";\nimport { LKRPBlock } from \"@internal/utils/LKRPBlock\";\nimport { LKRPCommand } from \"@internal/utils/LKRPCommand\";\nimport { CommandTags, GeneralTags } from \"@internal/utils/TLVTags\";\nimport {\n type AddMemberUnsignedData,\n type EncryptedCommand,\n type EncryptedDeriveCommand,\n type EncryptedPublishKeyCommand,\n} from \"@internal/utils/types\";\n\nimport { TrustedProperties } from \"./utils/TrustedProperties\";\n\ntype BlockFlow =\n | { type: \"derive\"; data: AddMemberBlockData }\n | { type: \"addMember\"; data: AddMemberBlockData };\n\ntype AddMemberBlockData = {\n name: string;\n publicKey: Uint8Array;\n permissions: number;\n};\n\ntype HeaderPayload = {\n iv: Uint8Array;\n issuer: Uint8Array;\n};\ntype SignaturePayload = {\n secret: Uint8Array;\n signature: Uint8Array;\n};\n\ntype EncryptedBlock = {\n header: HeaderPayload;\n commands: EncryptedCommand[];\n signature: SignaturePayload;\n};\n\nexport type SignBlockError =\n | LKRPDeviceCommandError\n | LKRPParsingError\n | LKRPMissingDataError\n | LKRPHttpRequestError\n | UnknownDAError;\n\nexport type SignBlockTaskInput = {\n lkrpDataSource: LKRPDataSource;\n trustchainId: string;\n path: string;\n jwt: JWT;\n parent: Uint8Array;\n blockFlow: BlockFlow;\n sessionKeypair: Keypair;\n};\n\nexport const ISSUER_PLACEHOLDER = new Uint8Array([\n 3, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,\n 0, 0, 0, 0, 0, 0, 0,\n]);\n\nexport class SignBlockTask {\n constructor(private readonly api: InternalApi) {}\n\n run({\n lkrpDataSource,\n trustchainId,\n path,\n jwt,\n parent,\n blockFlow,\n sessionKeypair,\n }: SignBlockTaskInput): EitherAsync<SignBlockError, void> {\n const commands = this.signCommands(path, blockFlow);\n return eitherAsyncSeqRecord({\n header: this.signBlockHeader(parent, commands.length),\n commands: EitherAsync.sequence(commands),\n signature: this.signBlockSignature(sessionKeypair),\n })\n .chain((encryptedBlock) =>\n EitherAsync.liftEither(this.decryptBlock(parent, encryptedBlock)),\n )\n .chain((block) => {\n switch (blockFlow.type) {\n case \"derive\":\n return lkrpDataSource.postDerivation(trustchainId, block, jwt);\n case \"addMember\":\n return lkrpDataSource.putCommands(trustchainId, path, block, jwt);\n }\n });\n }\n\n signBlockHeader(\n parent: Uint8Array,\n commandCount: number,\n ): EitherAsync<SignBlockError, HeaderPayload> {\n return EitherAsync.fromPromise(async () => {\n const header = Uint8Array.from(\n [\n [GeneralTags.Int, 1, 1], // Version 1\n [GeneralTags.Hash, parent.length, ...parent], // Parent block hash\n [\n GeneralTags.PublicKey,\n ISSUER_PLACEHOLDER.length,\n ...ISSUER_PLACEHOLDER,\n ], // Placeholder for issuer public key (will be replaced by the device)\n [GeneralTags.Int, 1, commandCount],\n ].flat(),\n );\n try {\n const response = await this.api.sendCommand(\n new SignBlockHeaderCommand({ header }),\n );\n if (response.status !== CommandResultStatus.Success) {\n return Left(response.error);\n }\n const trustedProps = new TrustedProperties(response.data);\n return eitherSeqRecord({\n iv: () => trustedProps.getIv(),\n issuer: () => trustedProps.getIssuer(),\n }) as Either<SignBlockError, HeaderPayload>;\n } catch (error) {\n return Left(new UnknownDAError(String(error)));\n }\n });\n }\n\n signBlockSignature(\n sessionKeypair: Keypair,\n ): EitherAsync<SignBlockError, SignaturePayload> {\n return EitherAsync.fromPromise(async () => {\n try {\n const response = await this.api.sendCommand(\n new SignBlockSignatureCommand(),\n );\n if (response.status !== CommandResultStatus.Success) {\n return Left(response.error);\n }\n const { signature, deviceSessionKey } = response.data;\n // At this step, the shared secret is used directly as an encryption key after removing the first byte\n const secret = sessionKeypair.ecdh(deviceSessionKey).slice(1);\n return Right({ signature, secret });\n } catch (error) {\n return Left(new UnknownDAError(String(error)));\n }\n });\n }\n\n signCommands(\n applicationPath: string,\n block: BlockFlow,\n ): EitherAsync<SignBlockError, EncryptedCommand>[] {\n switch (block.type) {\n case \"derive\":\n return [\n this.signDeriveCommand(applicationPath),\n this.signAddMemberCommand(block.data),\n this.signPublishKeyCommand(block.data),\n ];\n case \"addMember\":\n return [\n this.signAddMemberCommand(block.data),\n this.signPublishKeyCommand(block.data),\n ];\n }\n }\n\n signSingleCommand(command: Uint8Array) {\n return EitherAsync.fromPromise(\n async (): Promise<Either<SignBlockError, TrustedProperties>> => {\n try {\n const response = await this.api.sendCommand(\n new SignBlockSingleCommand({ command }),\n );\n if (response.status !== CommandResultStatus.Success) {\n return Left(response.error);\n }\n return Right(new TrustedProperties(response.data));\n } catch (error) {\n return Left(new UnknownDAError(String(error)));\n }\n },\n );\n }\n\n signDeriveCommand(applicationPath: string) {\n return this.signSingleCommand(\n LKRPCommand.bytesFromUnsignedData({\n type: CommandTags.Derive,\n path: applicationPath,\n }),\n ).chain((trustedProps) =>\n EitherAsync.liftEither<SignBlockError, EncryptedDeriveCommand>(\n eitherSeqRecord({\n type: CommandTags.Derive,\n path: applicationPath,\n iv: () => trustedProps.getIv(),\n xpriv: () => trustedProps.getXPriv(),\n ephemeralPublicKey: () => trustedProps.getEphemeralPublicKey(),\n commandIv: () => trustedProps.getCommandIv(),\n groupKey: () => trustedProps.getGroupKey(),\n newMember: () => trustedProps.getNewMember(), // Just validate it's there\n }),\n ),\n );\n }\n\n signAddMemberCommand({ name, publicKey, permissions }: AddMemberBlockData) {\n return this.signSingleCommand(\n LKRPCommand.bytesFromUnsignedData({\n type: CommandTags.AddMember,\n name,\n publicKey,\n permissions,\n }),\n ).chain((trustedProps) =>\n EitherAsync.liftEither<SignBlockError, AddMemberUnsignedData>(\n eitherSeqRecord({\n type: CommandTags.AddMember,\n name,\n publicKey,\n permissions,\n iv: () => trustedProps.getIv(), // Just validate it's there\n newMember: () => trustedProps.getNewMember(), // Just validate it's there\n }),\n ),\n );\n }\n\n signPublishKeyCommand({ publicKey }: Pick<AddMemberBlockData, \"publicKey\">) {\n return this.signSingleCommand(\n LKRPCommand.bytesFromUnsignedData({\n type: CommandTags.PublishKey,\n recipient: publicKey,\n }),\n ).chain((trustedProps) =>\n EitherAsync.liftEither<SignBlockError, EncryptedPublishKeyCommand>(\n eitherSeqRecord({\n type: CommandTags.PublishKey,\n recipient: publicKey,\n iv: () => trustedProps.getIv(),\n xpriv: () => trustedProps.getXPriv(),\n ephemeralPublicKey: () => trustedProps.getEphemeralPublicKey(),\n commandIv: () => trustedProps.getCommandIv(),\n newMember: () => trustedProps.getNewMember(), // Just validate it's there,\n }),\n ),\n );\n }\n\n decryptBlock(\n parent: Uint8Array,\n { header, commands, signature }: EncryptedBlock,\n ): Either<SignBlockError, LKRPBlock> {\n const decryptedIssuer = CryptoUtils.decrypt(\n signature.secret,\n header.iv,\n header.issuer,\n );\n return Either.sequence(\n commands.map((command) => this.decryptCommand(signature.secret, command)),\n ).map((decryptedCommands) =>\n LKRPBlock.fromData({\n parent: bufferToHexaString(parent),\n issuer: decryptedIssuer,\n commands: decryptedCommands,\n signature: signature.signature,\n }),\n );\n }\n\n decryptCommand(\n secret: Uint8Array,\n command: EncryptedCommand,\n ): Either<UnknownDAError, LKRPCommand> {\n switch (command.type) {\n case CommandTags.Derive:\n case CommandTags.PublishKey: {\n const encryptedXpriv = CryptoUtils.decrypt(\n secret,\n command.iv,\n command.xpriv,\n );\n return Right(\n LKRPCommand.fromData({\n ...command,\n initializationVector: command.commandIv,\n encryptedXpriv,\n }),\n );\n }\n case CommandTags.AddMember:\n return Right(LKRPCommand.fromData({ ...command }));\n default:\n return Left(new UnknownDAError(\"Unsupported command type\"));\n }\n }\n}\n"],
5
+ "mappings": "AAAA,OACE,sBAAAA,EACA,uBAAAC,EAEA,kBAAAC,MACK,kCACP,OAAS,UAAAC,EAAQ,eAAAC,EAAa,QAAAC,EAAM,SAAAC,MAAa,YAQjD,OAAS,0BAAAC,MAA8B,+CACvC,OAAS,6BAAAC,MAAiC,yDAC1C,OAAS,0BAAAC,MAA8B,sDAGvC,OAAS,eAAAC,MAAmB,yBAC5B,OACE,wBAAAC,EACA,mBAAAC,MACK,kCACP,OAAS,aAAAC,MAAiB,4BAC1B,OAAS,eAAAC,MAAmB,8BAC5B,OAAS,eAAAC,EAAa,eAAAC,MAAmB,0BAQzC,OAAS,qBAAAC,MAAyB,4BA4C3B,MAAMC,EAAqB,IAAI,WAAW,CAC/C,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAC3E,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,CACpB,CAAC,EAEM,MAAMC,CAAc,CACzB,YAA6BC,EAAkB,CAAlB,SAAAA,CAAmB,CAEhD,IAAI,CACF,eAAAC,EACA,aAAAC,EACA,KAAAC,EACA,IAAAC,EACA,OAAAC,EACA,UAAAC,EACA,eAAAC,CACF,EAA0D,CACxD,MAAMC,EAAW,KAAK,aAAaL,EAAMG,CAAS,EAClD,OAAOf,EAAqB,CAC1B,OAAQ,KAAK,gBAAgBc,EAAQG,EAAS,MAAM,EACpD,SAAUxB,EAAY,SAASwB,CAAQ,EACvC,UAAW,KAAK,mBAAmBD,CAAc,CACnD,CAAC,EACE,MAAOE,GACNzB,EAAY,WAAW,KAAK,aAAaqB,EAAQI,CAAc,CAAC,CAClE,EACC,MAAOC,GAAU,CAChB,OAAQJ,EAAU,KAAM,CACtB,IAAK,SACH,OAAOL,EAAe,eAAeC,EAAcQ,EAAON,CAAG,EAC/D,IAAK,YACH,OAAOH,EAAe,YAAYC,EAAcC,EAAMO,EAAON,CAAG,CACpE,CACF,CAAC,CACL,CAEA,gBACEC,EACAM,EAC4C,CAC5C,OAAO3B,EAAY,YAAY,SAAY,CACzC,MAAM4B,EAAS,WAAW,KACxB,CACE,CAAChB,EAAY,IAAK,EAAG,CAAC,EACtB,CAACA,EAAY,KAAMS,EAAO,OAAQ,GAAGA,CAAM,EAC3C,CACET,EAAY,UACZE,EAAmB,OACnB,GAAGA,CACL,EACA,CAACF,EAAY,IAAK,EAAGe,CAAY,CACnC,EAAE,KAAK,CACT,EACA,GAAI,CACF,MAAME,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAI1B,EAAuB,CAAE,OAAAyB,CAAO,CAAC,CACvC,EACA,GAAIC,EAAS,SAAWhC,EAAoB,QAC1C,OAAOI,EAAK4B,EAAS,KAAK,EAE5B,MAAMC,EAAe,IAAIjB,EAAkBgB,EAAS,IAAI,EACxD,OAAOrB,EAAgB,CACrB,GAAI,IAAMsB,EAAa,MAAM,EAC7B,OAAQ,IAAMA,EAAa,UAAU,CACvC,CAAC,CACH,OAASC,EAAO,CACd,OAAO9B,EAAK,IAAIH,EAAe,OAAOiC,CAAK,CAAC,CAAC,CAC/C,CACF,CAAC,CACH,CAEA,mBACER,EAC+C,CAC/C,OAAOvB,EAAY,YAAY,SAAY,CACzC,GAAI,CACF,MAAM6B,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAIzB,CACN,EACA,GAAIyB,EAAS,SAAWhC,EAAoB,QAC1C,OAAOI,EAAK4B,EAAS,KAAK,EAE5B,KAAM,CAAE,UAAAG,EAAW,iBAAAC,CAAiB,EAAIJ,EAAS,KAE3CK,EAASX,EAAe,KAAKU,CAAgB,EAAE,MAAM,CAAC,EAC5D,OAAO/B,EAAM,CAAE,UAAA8B,EAAW,OAAAE,CAAO,CAAC,CACpC,OAASH,EAAO,CACd,OAAO9B,EAAK,IAAIH,EAAe,OAAOiC,CAAK,CAAC,CAAC,CAC/C,CACF,CAAC,CACH,CAEA,aACEI,EACAT,EACiD,CACjD,OAAQA,EAAM,KAAM,CAClB,IAAK,SACH,MAAO,CACL,KAAK,kBAAkBS,CAAe,EACtC,KAAK,qBAAqBT,EAAM,IAAI,EACpC,KAAK,sBAAsBA,EAAM,IAAI,CACvC,EACF,IAAK,YACH,MAAO,CACL,KAAK,qBAAqBA,EAAM,IAAI,EACpC,KAAK,sBAAsBA,EAAM,IAAI,CACvC,CACJ,CACF,CAEA,kBAAkBU,EAAqB,CACrC,OAAOpC,EAAY,YACjB,SAAgE,CAC9D,GAAI,CACF,MAAM6B,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAIxB,EAAuB,CAAE,QAAA+B,CAAQ,CAAC,CACxC,EACA,OAAIP,EAAS,SAAWhC,EAAoB,QACnCI,EAAK4B,EAAS,KAAK,EAErB3B,EAAM,IAAIW,EAAkBgB,EAAS,IAAI,CAAC,CACnD,OAASE,EAAO,CACd,OAAO9B,EAAK,IAAIH,EAAe,OAAOiC,CAAK,CAAC,CAAC,CAC/C,CACF,CACF,CACF,CAEA,kBAAkBI,EAAyB,CACzC,OAAO,KAAK,kBACVzB,EAAY,sBAAsB,CAChC,KAAMC,EAAY,OAClB,KAAMwB,CACR,CAAC,CACH,EAAE,MAAOL,GACP9B,EAAY,WACVQ,EAAgB,CACd,KAAMG,EAAY,OAClB,KAAMwB,EACN,GAAI,IAAML,EAAa,MAAM,EAC7B,MAAO,IAAMA,EAAa,SAAS,EACnC,mBAAoB,IAAMA,EAAa,sBAAsB,EAC7D,UAAW,IAAMA,EAAa,aAAa,EAC3C,SAAU,IAAMA,EAAa,YAAY,EACzC,UAAW,IAAMA,EAAa,aAAa,CAC7C,CAAC,CACH,CACF,CACF,CAEA,qBAAqB,CAAE,KAAAO,EAAM,UAAAC,EAAW,YAAAC,CAAY,EAAuB,CACzE,OAAO,KAAK,kBACV7B,EAAY,sBAAsB,CAChC,KAAMC,EAAY,UAClB,KAAA0B,EACA,UAAAC,EACA,YAAAC,CACF,CAAC,CACH,EAAE,MAAOT,GACP9B,EAAY,WACVQ,EAAgB,CACd,KAAMG,EAAY,UAClB,KAAA0B,EACA,UAAAC,EACA,YAAAC,EACA,GAAI,IAAMT,EAAa,MAAM,EAC7B,UAAW,IAAMA,EAAa,aAAa,CAC7C,CAAC,CACH,CACF,CACF,CAEA,sBAAsB,CAAE,UAAAQ,CAAU,EAA0C,CAC1E,OAAO,KAAK,kBACV5B,EAAY,sBAAsB,CAChC,KAAMC,EAAY,WAClB,UAAW2B,CACb,CAAC,CACH,EAAE,MAAOR,GACP9B,EAAY,WACVQ,EAAgB,CACd,KAAMG,EAAY,WAClB,UAAW2B,EACX,GAAI,IAAMR,EAAa,MAAM,EAC7B,MAAO,IAAMA,EAAa,SAAS,EACnC,mBAAoB,IAAMA,EAAa,sBAAsB,EAC7D,UAAW,IAAMA,EAAa,aAAa,EAC3C,UAAW,IAAMA,EAAa,aAAa,CAC7C,CAAC,CACH,CACF,CACF,CAEA,aACET,EACA,CAAE,OAAAO,EAAQ,SAAAJ,EAAU,UAAAQ,CAAU,EACK,CACnC,MAAMQ,EAAkBlC,EAAY,QAClC0B,EAAU,OACVJ,EAAO,GACPA,EAAO,MACT,EACA,OAAO7B,EAAO,SACZyB,EAAS,IAAKY,GAAY,KAAK,eAAeJ,EAAU,OAAQI,CAAO,CAAC,CAC1E,EAAE,IAAKK,GACLhC,EAAU,SAAS,CACjB,OAAQb,EAAmByB,CAAM,EACjC,OAAQmB,EACR,SAAUC,EACV,UAAWT,EAAU,SACvB,CAAC,CACH,CACF,CAEA,eACEE,EACAE,EACqC,CACrC,OAAQA,EAAQ,KAAM,CACpB,KAAKzB,EAAY,OACjB,KAAKA,EAAY,WAAY,CAC3B,MAAM+B,EAAiBpC,EAAY,QACjC4B,EACAE,EAAQ,GACRA,EAAQ,KACV,EACA,OAAOlC,EACLQ,EAAY,SAAS,CACnB,GAAG0B,EACH,qBAAsBA,EAAQ,UAC9B,eAAAM,CACF,CAAC,CACH,CACF,CACA,KAAK/B,EAAY,UACf,OAAOT,EAAMQ,EAAY,SAAS,CAAE,GAAG0B,CAAQ,CAAC,CAAC,EACnD,QACE,OAAOnC,EAAK,IAAIH,EAAe,0BAA0B,CAAC,CAC9D,CACF,CACF",
6
+ "names": ["bufferToHexaString", "CommandResultStatus", "UnknownDAError", "Either", "EitherAsync", "Left", "Right", "SignBlockHeaderCommand", "SignBlockSignatureCommand", "SignBlockSingleCommand", "CryptoUtils", "eitherAsyncSeqRecord", "eitherSeqRecord", "LKRPBlock", "LKRPCommand", "CommandTags", "GeneralTags", "TrustedProperties", "ISSUER_PLACEHOLDER", "SignBlockTask", "api", "lkrpDataSource", "trustchainId", "path", "jwt", "parent", "blockFlow", "sessionKeypair", "commands", "encryptedBlock", "block", "commandCount", "header", "response", "trustedProps", "error", "signature", "deviceSessionKey", "secret", "applicationPath", "command", "name", "publicKey", "permissions", "decryptedIssuer", "decryptedCommands", "encryptedXpriv"]
7
7
  }
package/lib/esm/internal/app-binder/task/SignChallengeWithKeypairTask.js CHANGED
@@ -1,2 +1,2 @@
1
- import{ByteArrayParser as g}from"@ledgerhq/device-management-kit";import{EitherAsync as p,Left as h,Maybe as y}from"purify-ts";import{LKRPMissingDataError as i,LKRPUnknownError as c}from"../../../api/app-binder/Errors";import{CryptoUtils as m}from"../../utils/crypto";import{eitherSeqRecord as x}from"../../utils/eitherSeqRecord";import{bytesToHex as o,hexToBytes as l}from"../../utils/hex";class f{constructor(r,n){this.keypair=r;this.trustchainId=n}run(r){const n=this.getAttestation(),a=this.getCredential(this.keypair.pubKeyToHex());return p.liftEither(this.getUnsignedChallengeTLV(r.tlv)).map(m.hash).map(t=>this.keypair.sign(t)).map(o).map(t=>({challenge:r.json,signature:{attestation:n,credential:a,signature:t}})).mapLeft(t=>t instanceof i?t:new c(String(t)))}getAttestation(){const r=l(this.trustchainId),n=Uint8Array.from([2,r.length,...r]);return o(n)}getCredential(r){return{version:0,curveId:33,signAlgorithm:1,publicKey:r}}getUnsignedChallengeTLV(r){const n=new g(l(r)),a=new Map(function*(){for(;;){const e=n.extractFieldTLVEncoded();if(!e)break;yield[e.tag,e.value]}}());if(a.size>10)return h(new i("Challenge TLV contains unexpected data"));const t=(e,s)=>y.fromNullable(a.get(e)).toEither(new i(`Missing ${s} field`));return x({payloadType:()=>t(1,"Payload type"),version:()=>t(2,"Version"),challengeExpiry:()=>t(22,"Challenge expiry"),host:()=>t(32,"Host"),protocolVersion:()=>t(96,"Protocol version"),curveId:()=>t(50,"Curve ID"),publicKey:()=>t(51,"Public key"),challengeData:()=>t(18,"Challenge data"),signAlgorithm:()=>t(20,"Sign algorithm"),rpSignatureField:()=>t(21,"RP signature field")}).map(e=>Uint8Array.from([[1,e.payloadType.length,...e.payloadType],[2,e.version.length,...e.version],[18,e.challengeData.length,...e.challengeData],[22,e.challengeExpiry.length,...e.challengeExpiry],[32,e.host.length,...e.host],[96,e.protocolVersion.length,...e.protocolVersion]].flat()))}}export{f as SignChallengeWithKeypairTask};
1
+ import{ByteArrayParser as s,UnknownDAError as g}from"@ledgerhq/device-management-kit";import{EitherAsync as p,Left as h,Maybe as y}from"purify-ts";import{LKRPMissingDataError as i}from"../../../api/app-binder/Errors";import{CryptoUtils as c}from"../../utils/crypto";import{eitherSeqRecord as m}from"../../utils/eitherSeqRecord";import{bytesToHex as o,hexToBytes as x}from"../../utils/hex";class f{constructor(r,n){this.keypair=r;this.trustchainId=n}run(r){const n=this.getAttestation(),a=this.getCredential(this.keypair.pubKeyToHex());return p.liftEither(this.getUnsignedChallengeTLV(r.tlv)).map(c.hash).map(e=>this.keypair.sign(e)).map(o).map(e=>({challenge:r.json,signature:{attestation:n,credential:a,signature:e}})).mapLeft(e=>e instanceof i?e:new g(String(e)))}getAttestation(){const r=new TextEncoder().encode(this.trustchainId),n=Uint8Array.from([2,r.length,...r]);return o(n)}getCredential(r){return{version:0,curveId:33,signAlgorithm:1,publicKey:r}}getUnsignedChallengeTLV(r){const n=new s(x(r)),a=new Map(function*(){for(;;){const t=n.extractFieldTLVEncoded();if(!t)break;yield[t.tag,t.value]}}());if(a.size>10)return h(new i("Challenge TLV contains unexpected data"));const e=(t,l)=>y.fromNullable(a.get(t)).toEither(new i(`Missing ${l} field`));return m({payloadType:()=>e(1,"Payload type"),version:()=>e(2,"Version"),challengeExpiry:()=>e(22,"Challenge expiry"),host:()=>e(32,"Host"),protocolVersion:()=>e(96,"Protocol version"),curveId:()=>e(50,"Curve ID"),publicKey:()=>e(51,"Public key"),challengeData:()=>e(18,"Challenge data"),signAlgorithm:()=>e(20,"Sign algorithm"),rpSignatureField:()=>e(21,"RP signature field")}).map(t=>Uint8Array.from([[1,t.payloadType.length,...t.payloadType],[2,t.version.length,...t.version],[18,t.challengeData.length,...t.challengeData],[22,t.challengeExpiry.length,...t.challengeExpiry],[32,t.host.length,...t.host],[96,t.protocolVersion.length,...t.protocolVersion]].flat()))}}export{f as SignChallengeWithKeypairTask};
2
2
  //# sourceMappingURL=SignChallengeWithKeypairTask.js.map
package/lib/esm/internal/app-binder/task/SignChallengeWithKeypairTask.js.map CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "version": 3,
3
3
  "sources": ["../../../../../src/internal/app-binder/task/SignChallengeWithKeypairTask.ts"],
4
- "sourcesContent": ["import { ByteArrayParser } from \"@ledgerhq/device-management-kit\";\nimport { type Either, EitherAsync, Left, Maybe } from \"purify-ts\";\n\nimport { LKRPMissingDataError, LKRPUnknownError } from \"@api/app-binder/Errors\";\nimport { type Keypair } from \"@api/app-binder/LKRPTypes\";\nimport {\n type AuthenticationPayload,\n type Challenge,\n} from \"@internal/lkrp-datasource/data/LKRPDataSource\";\nimport { CryptoUtils } from \"@internal/utils/crypto\";\nimport { eitherSeqRecord } from \"@internal/utils/eitherSeqRecord\";\nimport { bytesToHex, hexToBytes } from \"@internal/utils/hex\";\n\nexport class SignChallengeWithKeypairTask {\n constructor(\n private readonly keypair: Keypair,\n private readonly trustchainId: string,\n ) {}\n\n run(\n challenge: Challenge,\n ): EitherAsync<\n LKRPMissingDataError | LKRPUnknownError,\n AuthenticationPayload\n > {\n const attestation = this.getAttestation();\n const credential = this.getCredential(this.keypair.pubKeyToHex());\n\n return EitherAsync.liftEither(this.getUnsignedChallengeTLV(challenge.tlv))\n .map(CryptoUtils.hash)\n .map((hash) => this.keypair.sign(hash))\n .map(bytesToHex)\n .map((signature) => ({\n challenge: challenge.json,\n signature: { attestation, credential, signature },\n }))\n .mapLeft((error) =>\n error instanceof LKRPMissingDataError\n ? error\n : new LKRPUnknownError(String(error)),\n );\n }\n\n // Spec https://ledgerhq.atlassian.net/wiki/spaces/TA/pages/4335960138/ARCH+LedgerLive+Auth+specifications\n private getAttestation() {\n const bytes = hexToBytes(this.trustchainId);\n const attestation = Uint8Array.from([0x02, bytes.length, ...bytes]);\n return bytesToHex(attestation);\n }\n\n private getCredential(publicKey: string) {\n return { version: 0, curveId: 33, signAlgorithm: 1, publicKey };\n }\n\n private getUnsignedChallengeTLV(\n tlv: string,\n ): Either<LKRPMissingDataError, Uint8Array> {\n const parser = new ByteArrayParser(hexToBytes(tlv));\n const parsed = new Map(\n (function* () {\n while (true) {\n const field = parser.extractFieldTLVEncoded();\n if (!field) break; // No more fields to extract\n yield [field.tag, field.value];\n }\n })(),\n );\n\n // We expect 10 fields in the TLV\n if (parsed.size > 10) {\n return Left(\n new LKRPMissingDataError(\"Challenge TLV contains unexpected data\"),\n );\n }\n\n const getField = (tag: number, fieldName: string) =>\n Maybe.fromNullable(parsed.get(tag)).toEither(\n new LKRPMissingDataError(`Missing ${fieldName} field`),\n );\n\n return eitherSeqRecord({\n // Unsigned fields\n payloadType: () => getField(0x01, \"Payload type\"),\n version: () => getField(0x02, \"Version\"),\n challengeExpiry: () => getField(0x16, \"Challenge expiry\"),\n host: () => getField(0x20, \"Host\"),\n protocolVersion: () => getField(0x60, \"Protocol version\"),\n\n // Signed fields\n curveId: () => getField(0x32, \"Curve ID\"),\n publicKey: () => getField(0x33, \"Public key\"),\n challengeData: () => getField(0x12, \"Challenge data\"),\n signAlgorithm: () => getField(0x14, \"Sign algorithm\"),\n rpSignatureField: () => getField(0x15, \"RP signature field\"),\n }).map((fields) =>\n Uint8Array.from(\n [\n [0x01, fields.payloadType.length, ...fields.payloadType],\n [0x02, fields.version.length, ...fields.version],\n [0x12, fields.challengeData.length, ...fields.challengeData],\n [0x16, fields.challengeExpiry.length, ...fields.challengeExpiry],\n [0x20, fields.host.length, ...fields.host],\n [0x60, fields.protocolVersion.length, ...fields.protocolVersion],\n ].flat(),\n ),\n );\n }\n}\n"],
5
- "mappings": "AAAA,OAAS,mBAAAA,MAAuB,kCAChC,OAAsB,eAAAC,EAAa,QAAAC,EAAM,SAAAC,MAAa,YAEtD,OAAS,wBAAAC,EAAsB,oBAAAC,MAAwB,yBAMvD,OAAS,eAAAC,MAAmB,yBAC5B,OAAS,mBAAAC,MAAuB,kCAChC,OAAS,cAAAC,EAAY,cAAAC,MAAkB,sBAEhC,MAAMC,CAA6B,CACxC,YACmBC,EACAC,EACjB,CAFiB,aAAAD,EACA,kBAAAC,CAChB,CAEH,IACEC,EAIA,CACA,MAAMC,EAAc,KAAK,eAAe,EAClCC,EAAa,KAAK,cAAc,KAAK,QAAQ,YAAY,CAAC,EAEhE,OAAOd,EAAY,WAAW,KAAK,wBAAwBY,EAAU,GAAG,CAAC,EACtE,IAAIP,EAAY,IAAI,EACpB,IAAKU,GAAS,KAAK,QAAQ,KAAKA,CAAI,CAAC,EACrC,IAAIR,CAAU,EACd,IAAKS,IAAe,CACnB,UAAWJ,EAAU,KACrB,UAAW,CAAE,YAAAC,EAAa,WAAAC,EAAY,UAAAE,CAAU,CAClD,EAAE,EACD,QAASC,GACRA,aAAiBd,EACbc,EACA,IAAIb,EAAiB,OAAOa,CAAK,CAAC,CACxC,CACJ,CAGQ,gBAAiB,CACvB,MAAMC,EAAQV,EAAW,KAAK,YAAY,EACpCK,EAAc,WAAW,KAAK,CAAC,EAAMK,EAAM,OAAQ,GAAGA,CAAK,CAAC,EAClE,OAAOX,EAAWM,CAAW,CAC/B,CAEQ,cAAcM,EAAmB,CACvC,MAAO,CAAE,QAAS,EAAG,QAAS,GAAI,cAAe,EAAG,UAAAA,CAAU,CAChE,CAEQ,wBACNC,EAC0C,CAC1C,MAAMC,EAAS,IAAItB,EAAgBS,EAAWY,CAAG,CAAC,EAC5CE,EAAS,IAAI,IAChB,WAAa,CACZ,OAAa,CACX,MAAMC,EAAQF,EAAO,uBAAuB,EAC5C,GAAI,CAACE,EAAO,MACZ,KAAM,CAACA,EAAM,IAAKA,EAAM,KAAK,CAC/B,CACF,EAAG,CACL,EAGA,GAAID,EAAO,KAAO,GAChB,OAAOrB,EACL,IAAIE,EAAqB,wCAAwC,CACnE,EAGF,MAAMqB,EAAW,CAACC,EAAaC,IAC7BxB,EAAM,aAAaoB,EAAO,IAAIG,CAAG,CAAC,EAAE,SAClC,IAAItB,EAAqB,WAAWuB,CAAS,QAAQ,CACvD,EAEF,OAAOpB,EAAgB,CAErB,YAAa,IAAMkB,EAAS,EAAM,cAAc,EAChD,QAAS,IAAMA,EAAS,EAAM,SAAS,EACvC,gBAAiB,IAAMA,EAAS,GAAM,kBAAkB,EACxD,KAAM,IAAMA,EAAS,GAAM,MAAM,EACjC,gBAAiB,IAAMA,EAAS,GAAM,kBAAkB,EAGxD,QAAS,IAAMA,EAAS,GAAM,UAAU,EACxC,UAAW,IAAMA,EAAS,GAAM,YAAY,EAC5C,cAAe,IAAMA,EAAS,GAAM,gBAAgB,EACpD,cAAe,IAAMA,EAAS,GAAM,gBAAgB,EACpD,iBAAkB,IAAMA,EAAS,GAAM,oBAAoB,CAC7D,CAAC,EAAE,IAAKG,GACN,WAAW,KACT,CACE,CAAC,EAAMA,EAAO,YAAY,OAAQ,GAAGA,EAAO,WAAW,EACvD,CAAC,EAAMA,EAAO,QAAQ,OAAQ,GAAGA,EAAO,OAAO,EAC/C,CAAC,GAAMA,EAAO,cAAc,OAAQ,GAAGA,EAAO,aAAa,EAC3D,CAAC,GAAMA,EAAO,gBAAgB,OAAQ,GAAGA,EAAO,eAAe,EAC/D,CAAC,GAAMA,EAAO,KAAK,OAAQ,GAAGA,EAAO,IAAI,EACzC,CAAC,GAAMA,EAAO,gBAAgB,OAAQ,GAAGA,EAAO,eAAe,CACjE,EAAE,KAAK,CACT,CACF,CACF,CACF",
6
- "names": ["ByteArrayParser", "EitherAsync", "Left", "Maybe", "LKRPMissingDataError", "LKRPUnknownError", "CryptoUtils", "eitherSeqRecord", "bytesToHex", "hexToBytes", "SignChallengeWithKeypairTask", "keypair", "trustchainId", "challenge", "attestation", "credential", "hash", "signature", "error", "bytes", "publicKey", "tlv", "parser", "parsed", "field", "getField", "tag", "fieldName", "fields"]
4
+ "sourcesContent": ["import {\n ByteArrayParser,\n UnknownDAError,\n} from \"@ledgerhq/device-management-kit\";\nimport { type Either, EitherAsync, Left, Maybe } from \"purify-ts\";\n\nimport { LKRPMissingDataError } from \"@api/app-binder/Errors\";\nimport { type Keypair } from \"@api/app-binder/LKRPTypes\";\nimport {\n type AuthenticationPayload,\n type Challenge,\n} from \"@internal/lkrp-datasource/data/LKRPDataSource\";\nimport { CryptoUtils } from \"@internal/utils/crypto\";\nimport { eitherSeqRecord } from \"@internal/utils/eitherSeqRecord\";\nimport { bytesToHex, hexToBytes } from \"@internal/utils/hex\";\n\nexport class SignChallengeWithKeypairTask {\n constructor(\n private readonly keypair: Keypair,\n private readonly trustchainId: string,\n ) {}\n\n run(\n challenge: Challenge,\n ): EitherAsync<LKRPMissingDataError | UnknownDAError, AuthenticationPayload> {\n const attestation = this.getAttestation();\n const credential = this.getCredential(this.keypair.pubKeyToHex());\n\n return EitherAsync.liftEither(this.getUnsignedChallengeTLV(challenge.tlv))\n .map(CryptoUtils.hash)\n .map((hash) => this.keypair.sign(hash))\n .map(bytesToHex)\n .map((signature) => ({\n challenge: challenge.json,\n signature: { attestation, credential, signature },\n }))\n .mapLeft((error) =>\n error instanceof LKRPMissingDataError\n ? error\n : new UnknownDAError(String(error)),\n );\n }\n\n // Spec https://ledgerhq.atlassian.net/wiki/spaces/TA/pages/4335960138/ARCH+LedgerLive+Auth+specifications\n private getAttestation() {\n const bytes = new TextEncoder().encode(this.trustchainId);\n const attestation = Uint8Array.from([0x02, bytes.length, ...bytes]);\n return bytesToHex(attestation);\n }\n\n private getCredential(publicKey: string) {\n return { version: 0, curveId: 33, signAlgorithm: 1, publicKey };\n }\n\n private getUnsignedChallengeTLV(\n tlv: string,\n ): Either<LKRPMissingDataError, Uint8Array> {\n const parser = new ByteArrayParser(hexToBytes(tlv));\n const parsed = new Map(\n (function* () {\n while (true) {\n const field = parser.extractFieldTLVEncoded();\n if (!field) break; // No more fields to extract\n yield [field.tag, field.value];\n }\n })(),\n );\n\n // We expect 10 fields in the TLV\n if (parsed.size > 10) {\n return Left(\n new LKRPMissingDataError(\"Challenge TLV contains unexpected data\"),\n );\n }\n\n const getField = (tag: number, fieldName: string) =>\n Maybe.fromNullable(parsed.get(tag)).toEither(\n new LKRPMissingDataError(`Missing ${fieldName} field`),\n );\n\n return eitherSeqRecord({\n // Unsigned fields\n payloadType: () => getField(0x01, \"Payload type\"),\n version: () => getField(0x02, \"Version\"),\n challengeExpiry: () => getField(0x16, \"Challenge expiry\"),\n host: () => getField(0x20, \"Host\"),\n protocolVersion: () => getField(0x60, \"Protocol version\"),\n\n // Signed fields\n curveId: () => getField(0x32, \"Curve ID\"),\n publicKey: () => getField(0x33, \"Public key\"),\n challengeData: () => getField(0x12, \"Challenge data\"),\n signAlgorithm: () => getField(0x14, \"Sign algorithm\"),\n rpSignatureField: () => getField(0x15, \"RP signature field\"),\n }).map((fields) =>\n Uint8Array.from(\n [\n [0x01, fields.payloadType.length, ...fields.payloadType],\n [0x02, fields.version.length, ...fields.version],\n [0x12, fields.challengeData.length, ...fields.challengeData],\n [0x16, fields.challengeExpiry.length, ...fields.challengeExpiry],\n [0x20, fields.host.length, ...fields.host],\n [0x60, fields.protocolVersion.length, ...fields.protocolVersion],\n ].flat(),\n ),\n );\n }\n}\n"],
5
+ "mappings": "AAAA,OACE,mBAAAA,EACA,kBAAAC,MACK,kCACP,OAAsB,eAAAC,EAAa,QAAAC,EAAM,SAAAC,MAAa,YAEtD,OAAS,wBAAAC,MAA4B,yBAMrC,OAAS,eAAAC,MAAmB,yBAC5B,OAAS,mBAAAC,MAAuB,kCAChC,OAAS,cAAAC,EAAY,cAAAC,MAAkB,sBAEhC,MAAMC,CAA6B,CACxC,YACmBC,EACAC,EACjB,CAFiB,aAAAD,EACA,kBAAAC,CAChB,CAEH,IACEC,EAC2E,CAC3E,MAAMC,EAAc,KAAK,eAAe,EAClCC,EAAa,KAAK,cAAc,KAAK,QAAQ,YAAY,CAAC,EAEhE,OAAOb,EAAY,WAAW,KAAK,wBAAwBW,EAAU,GAAG,CAAC,EACtE,IAAIP,EAAY,IAAI,EACpB,IAAKU,GAAS,KAAK,QAAQ,KAAKA,CAAI,CAAC,EACrC,IAAIR,CAAU,EACd,IAAKS,IAAe,CACnB,UAAWJ,EAAU,KACrB,UAAW,CAAE,YAAAC,EAAa,WAAAC,EAAY,UAAAE,CAAU,CAClD,EAAE,EACD,QAASC,GACRA,aAAiBb,EACba,EACA,IAAIjB,EAAe,OAAOiB,CAAK,CAAC,CACtC,CACJ,CAGQ,gBAAiB,CACvB,MAAMC,EAAQ,IAAI,YAAY,EAAE,OAAO,KAAK,YAAY,EAClDL,EAAc,WAAW,KAAK,CAAC,EAAMK,EAAM,OAAQ,GAAGA,CAAK,CAAC,EAClE,OAAOX,EAAWM,CAAW,CAC/B,CAEQ,cAAcM,EAAmB,CACvC,MAAO,CAAE,QAAS,EAAG,QAAS,GAAI,cAAe,EAAG,UAAAA,CAAU,CAChE,CAEQ,wBACNC,EAC0C,CAC1C,MAAMC,EAAS,IAAItB,EAAgBS,EAAWY,CAAG,CAAC,EAC5CE,EAAS,IAAI,IAChB,WAAa,CACZ,OAAa,CACX,MAAMC,EAAQF,EAAO,uBAAuB,EAC5C,GAAI,CAACE,EAAO,MACZ,KAAM,CAACA,EAAM,IAAKA,EAAM,KAAK,CAC/B,CACF,EAAG,CACL,EAGA,GAAID,EAAO,KAAO,GAChB,OAAOpB,EACL,IAAIE,EAAqB,wCAAwC,CACnE,EAGF,MAAMoB,EAAW,CAACC,EAAaC,IAC7BvB,EAAM,aAAamB,EAAO,IAAIG,CAAG,CAAC,EAAE,SAClC,IAAIrB,EAAqB,WAAWsB,CAAS,QAAQ,CACvD,EAEF,OAAOpB,EAAgB,CAErB,YAAa,IAAMkB,EAAS,EAAM,cAAc,EAChD,QAAS,IAAMA,EAAS,EAAM,SAAS,EACvC,gBAAiB,IAAMA,EAAS,GAAM,kBAAkB,EACxD,KAAM,IAAMA,EAAS,GAAM,MAAM,EACjC,gBAAiB,IAAMA,EAAS,GAAM,kBAAkB,EAGxD,QAAS,IAAMA,EAAS,GAAM,UAAU,EACxC,UAAW,IAAMA,EAAS,GAAM,YAAY,EAC5C,cAAe,IAAMA,EAAS,GAAM,gBAAgB,EACpD,cAAe,IAAMA,EAAS,GAAM,gBAAgB,EACpD,iBAAkB,IAAMA,EAAS,GAAM,oBAAoB,CAC7D,CAAC,EAAE,IAAKG,GACN,WAAW,KACT,CACE,CAAC,EAAMA,EAAO,YAAY,OAAQ,GAAGA,EAAO,WAAW,EACvD,CAAC,EAAMA,EAAO,QAAQ,OAAQ,GAAGA,EAAO,OAAO,EAC/C,CAAC,GAAMA,EAAO,cAAc,OAAQ,GAAGA,EAAO,aAAa,EAC3D,CAAC,GAAMA,EAAO,gBAAgB,OAAQ,GAAGA,EAAO,eAAe,EAC/D,CAAC,GAAMA,EAAO,KAAK,OAAQ,GAAGA,EAAO,IAAI,EACzC,CAAC,GAAMA,EAAO,gBAAgB,OAAQ,GAAGA,EAAO,eAAe,CACjE,EAAE,KAAK,CACT,CACF,CACF,CACF",
6
+ "names": ["ByteArrayParser", "UnknownDAError", "EitherAsync", "Left", "Maybe", "LKRPMissingDataError", "CryptoUtils", "eitherSeqRecord", "bytesToHex", "hexToBytes", "SignChallengeWithKeypairTask", "keypair", "trustchainId", "challenge", "attestation", "credential", "hash", "signature", "error", "bytes", "publicKey", "tlv", "parser", "parsed", "field", "getField", "tag", "fieldName", "fields"]
7
7
  }