@livo-build/runtime 0.2.4 → 0.2.6

package/dist/eip712.d.ts

@@ -0,0 +1,45 @@
+import { type Bytes, type Hex } from "./hex.js";
+export interface TypedDataField {
+    name: string;
+    type: string;
+}
+export interface TypedDataDomain {
+    name?: string;
+    version?: string;
+    chainId?: number | bigint;
+    verifyingContract?: string;
+    salt?: string;
+}
+export type TypedDataTypes = Record<string, readonly TypedDataField[]>;
+export interface TypedDataDefinition {
+    domain: TypedDataDomain;
+    types: TypedDataTypes;
+    primaryType: string;
+    message: Record<string, unknown>;
+}
+/** The 32-byte EIP-712 digest (`keccak256(0x1901 ‖ domainSeparator ‖ hashStruct)`). */
+export declare function hashTypedData(def: TypedDataDefinition): Bytes;
+/**
+ * Sign EIP-712 typed data with a raw private key. Returns the 65-byte
+ * `r ‖ s ‖ v` signature (v = 27/28), the form Ethereum verifiers expect.
+ */
+export declare function signTypedData(def: TypedDataDefinition & {
+    privateKey: string;
+}): Hex;
+/** Viem-style typed-data params (what a viem local account's signTypedData receives). */
+export interface ViemTypedDataParams {
+    domain: TypedDataDomain;
+    types: TypedDataTypes;
+    primaryType: string;
+    message: Record<string, unknown>;
+}
+export interface LocalAccount {
+    address: Hex;
+    signTypedData(params: ViemTypedDataParams): Promise<Hex>;
+}
+/**
+ * A viem-"local account"-shaped signer backed by a raw private key — `{ address,
+ * signTypedData }`. Drops into SDKs that accept a viem account (e.g.
+ * @nktkas/hyperliquid's ExchangeClient) without depending on viem itself.
+ */
+export declare function localAccount(privateKey: string): LocalAccount;

package/dist/eip712.js

@@ -0,0 +1,160 @@
+// EIP-712 typed-data hashing + signing — the missing primitive both the
+// Hyperliquid and Polymarket helpers need (their auth/order signatures are all
+// EIP-712). Implemented on the same audited @noble crypto as tx.ts/sig.ts and
+// validated byte-for-byte against viem in the test suite. Worker-safe, no deps
+// beyond noble.
+//
+// `localAccount(privateKey)` returns a viem-"local account"-shaped object
+// ({ address, signTypedData(params) }) so it drops straight into SDKs that accept
+// a viem account (e.g. @nktkas/hyperliquid's ExchangeClient) without pulling viem.
+import { secp256k1 } from "@noble/curves/secp256k1";
+import { keccak_256 } from "@noble/hashes/sha3";
+import { bytesToHex, concatBytes, hexToBytes, toBytes, toBytesSigned, } from "./hex.js";
+import { toChecksumAddress } from "./tx.js";
+// The canonical field order for the EIP712Domain struct — only the present fields
+// are included, matching what viem/ethers produce.
+const DOMAIN_FIELDS = [
+    { name: "name", type: "string" },
+    { name: "version", type: "string" },
+    { name: "chainId", type: "uint256" },
+    { name: "verifyingContract", type: "address" },
+    { name: "salt", type: "bytes32" },
+];
+function domainTypes(domain) {
+    return DOMAIN_FIELDS.filter((f) => domain[f.name] !== undefined && domain[f.name] !== null).map((f) => ({ name: f.name, type: f.type }));
+}
+// Collect the struct types `primaryType` depends on (transitively), excluding the
+// well-known EIP712Domain. Used to build the canonical `encodeType` string.
+function dependencies(primaryType, types, found = new Set()) {
+    const base = primaryType.replace(/\[.*\]$/, "");
+    if (found.has(base) || !types[base] || base === "EIP712Domain")
+        return [...found];
+    found.add(base);
+    for (const field of types[base]) {
+        for (const dep of dependencies(field.type, types, found))
+            found.add(dep);
+    }
+    return [...found];
+}
+function encodeType(primaryType, types) {
+    const deps = dependencies(primaryType, types).filter((d) => d !== primaryType);
+    deps.sort();
+    const ordered = [primaryType, ...deps];
+    return ordered
+        .map((t) => `${t}(${(types[t] ?? []).map((f) => `${f.type} ${f.name}`).join(",")})`)
+        .join("");
+}
+function typeHash(primaryType, types) {
+    return keccak_256(new TextEncoder().encode(encodeType(primaryType, types)));
+}
+function isArrayType(type) {
+    return type.endsWith("]");
+}
+// Encode one field to its 32-byte (or, for arrays/structs, hashed-to-32) chunk.
+function encodeField(types, type, value) {
+    if (types[type]) {
+        // nested struct → hash of its encodeData
+        return keccak_256(encodeData(type, value, types));
+    }
+    if (isArrayType(type)) {
+        const baseType = type.slice(0, type.lastIndexOf("["));
+        const arr = value;
+        return keccak_256(concatBytes(...arr.map((item) => encodeField(types, baseType, item))));
+    }
+    if (type === "string") {
+        return keccak_256(new TextEncoder().encode(String(value)));
+    }
+    if (type === "bytes") {
+        return keccak_256(hexToBytes(String(value)));
+    }
+    if (type === "bool") {
+        return toBytes(value ? 1n : 0n, 32);
+    }
+    if (type === "address") {
+        const addr = hexToBytes(String(value));
+        if (addr.length !== 20)
+            throw new Error(`address must be 20 bytes: ${String(value)}`);
+        return concatBytes(new Uint8Array(12), addr);
+    }
+    const bytesN = type.match(/^bytes(\d+)$/);
+    if (bytesN) {
+        const raw = hexToBytes(String(value));
+        const out = new Uint8Array(32);
+        out.set(raw.slice(0, Number(bytesN[1])), 0); // right-padded
+        return out;
+    }
+    const uint = type.match(/^uint(\d+)?$/);
+    if (uint)
+        return toBytes(toBigIntValue(value), 32);
+    const int = type.match(/^int(\d+)?$/);
+    if (int)
+        return toBytesSigned(toBigIntValue(value), 32);
+    throw new Error(`unsupported EIP-712 type: ${type}`);
+}
+function toBigIntValue(value) {
+    if (typeof value === "bigint")
+        return value;
+    if (typeof value === "number")
+        return BigInt(value);
+    return BigInt(String(value)); // decimal or 0x-hex string
+}
+function encodeData(primaryType, data, types) {
+    const parts = [typeHash(primaryType, types)];
+    for (const field of types[primaryType]) {
+        parts.push(encodeField(types, field.type, data[field.name]));
+    }
+    return concatBytes(...parts);
+}
+function hashStruct(primaryType, data, types) {
+    return keccak_256(encodeData(primaryType, data, types));
+}
+function domainSeparator(domain) {
+    const types = { EIP712Domain: domainTypes(domain) };
+    const data = {};
+    for (const f of domainTypes(domain)) {
+        const key = f.name;
+        data[f.name] = f.type === "uint256" ? toBigIntValue(domain[key]) : domain[key];
+    }
+    return hashStruct("EIP712Domain", data, types);
+}
+/** The 32-byte EIP-712 digest (`keccak256(0x1901 ‖ domainSeparator ‖ hashStruct)`). */
+export function hashTypedData(def) {
+    // `types` may carry an EIP712Domain entry (viem-style) — ignore it; the domain
+    // separator is derived from the present domain fields.
+    const sep = domainSeparator(def.domain);
+    const struct = hashStruct(def.primaryType, def.message, def.types);
+    return keccak_256(concatBytes(new Uint8Array([0x19, 0x01]), sep, struct));
+}
+function normalizeKey(privateKey) {
+    const k = privateKey.trim().replace(/^0x/, "");
+    if (!/^[0-9a-fA-F]{64}$/.test(k))
+        throw new Error("private key must be 32 bytes (64 hex chars)");
+    return hexToBytes(k);
+}
+/**
+ * Sign EIP-712 typed data with a raw private key. Returns the 65-byte
+ * `r ‖ s ‖ v` signature (v = 27/28), the form Ethereum verifiers expect.
+ */
+export function signTypedData(def) {
+    const digest = hashTypedData(def);
+    const sig = secp256k1.sign(digest, normalizeKey(def.privateKey), { lowS: true });
+    const r = toBytes(sig.r, 32);
+    const s = toBytes(sig.s, 32);
+    const v = new Uint8Array([27 + sig.recovery]);
+    return bytesToHex(concatBytes(r, s, v));
+}
+/**
+ * A viem-"local account"-shaped signer backed by a raw private key — `{ address,
+ * signTypedData }`. Drops into SDKs that accept a viem account (e.g.
+ * @nktkas/hyperliquid's ExchangeClient) without depending on viem itself.
+ */
+export function localAccount(privateKey) {
+    const pub = secp256k1.getPublicKey(normalizeKey(privateKey), false).slice(1);
+    const address = toChecksumAddress(bytesToHex(keccak_256(pub).slice(-20)));
+    return {
+        address,
+        async signTypedData(params) {
+            return signTypedData({ ...params, privateKey });
+        },
+    };
+}

package/dist/eip712.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/eip712.test.js

@@ -0,0 +1,106 @@
+// EIP-712 correctness: our hashTypedData/signTypedData must match viem byte-for-byte
+// (these signatures move real money on Hyperliquid/Polymarket). viem is the oracle.
+import { describe, expect, it } from "vitest";
+import { hashTypedData as _viemHash } from "viem";
+import { privateKeyToAccount as _pkToAccount } from "viem/accounts";
+import { hashTypedData, signTypedData, localAccount } from "./eip712.js";
+import { bytesToHex } from "./hex.js";
+const PK = "0x59c6995e998f97a5a0044966f0945389dc9e86dae88c7a8412f4603b6b78690d";
+// A representative spread: domain with all fields, nested struct, array, bytes,
+// uint, address, bool, string.
+const PERSON_DEF = {
+    domain: {
+        name: "Ether Mail",
+        version: "1",
+        chainId: 1,
+        verifyingContract: "0xCcCCccccCCCCcCCCCCCcCcCccCcCCCcCcccccccC",
+    },
+    types: {
+        Person: [
+            { name: "name", type: "string" },
+            { name: "wallet", type: "address" },
+        ],
+        Mail: [
+            { name: "from", type: "Person" },
+            { name: "to", type: "Person" },
+            { name: "contents", type: "string" },
+        ],
+    },
+    primaryType: "Mail",
+    message: {
+        from: { name: "Cow", wallet: "0xCD2a3d9F938E13CD947Ec05AbC7FE734Df8DD826" },
+        to: { name: "Bob", wallet: "0xbBbBBBBbbBBBbbbBbbBbbbbBBbBbbbbBbBbbBBbB" },
+        contents: "Hello, Bob!",
+    },
+};
+// Hyperliquid's Agent typed data (chainId 1337, the "Exchange" domain).
+const HL_AGENT_DEF = {
+    domain: { name: "Exchange", version: "1", chainId: 1337, verifyingContract: "0x0000000000000000000000000000000000000000" },
+    types: { Agent: [{ name: "source", type: "string" }, { name: "connectionId", type: "bytes32" }] },
+    primaryType: "Agent",
+    message: { source: "a", connectionId: "0x" + "ab".repeat(32) },
+};
+// Polymarket CTF Exchange Order — the exact struct we post.
+const PM_ORDER_DEF = {
+    domain: { name: "Polymarket CTF Exchange", version: "1", chainId: 137, verifyingContract: "0x4bFb41d5B3570DeFd03C39a9A4D8dE6Bd8B8982E" },
+    types: {
+        Order: [
+            { name: "salt", type: "uint256" },
+            { name: "maker", type: "address" },
+            { name: "signer", type: "address" },
+            { name: "taker", type: "address" },
+            { name: "tokenId", type: "uint256" },
+            { name: "makerAmount", type: "uint256" },
+            { name: "takerAmount", type: "uint256" },
+            { name: "expiration", type: "uint256" },
+            { name: "nonce", type: "uint256" },
+            { name: "feeRateBps", type: "uint256" },
+            { name: "side", type: "uint8" },
+            { name: "signatureType", type: "uint8" },
+        ],
+    },
+    primaryType: "Order",
+    message: {
+        salt: "123456789",
+        maker: "0xCD2a3d9F938E13CD947Ec05AbC7FE734Df8DD826",
+        signer: "0xCD2a3d9F938E13CD947Ec05AbC7FE734Df8DD826",
+        taker: "0x0000000000000000000000000000000000000000",
+        tokenId: "71321045679252212594626385532706912750332728571942532289631379312455583992563",
+        makerAmount: "1000000",
+        takerAmount: "2000000",
+        expiration: "0",
+        nonce: "0",
+        feeRateBps: "0",
+        side: 0,
+        signatureType: 0,
+    },
+};
+describe("hashTypedData matches viem", () => {
+    for (const [label, def] of [
+        ["EIP-712 example (nested structs)", PERSON_DEF],
+        ["Hyperliquid Agent", HL_AGENT_DEF],
+        ["Polymarket Order", PM_ORDER_DEF],
+    ]) {
+        it(label, () => {
+            const ours = bytesToHex(hashTypedData(def));
+            const theirs = _viemHash(def);
+            expect(ours).toBe(theirs);
+        });
+    }
+});
+describe("signTypedData matches viem", () => {
+    it("produces the same 65-byte signature as a viem local account", async () => {
+        const ours = signTypedData({ ...PM_ORDER_DEF, privateKey: PK });
+        const account = _pkToAccount(PK);
+        const theirs = await account.signTypedData(PM_ORDER_DEF);
+        expect(ours).toBe(theirs);
+    });
+    it("localAccount address + signature match viem", async () => {
+        const acct = localAccount(PK);
+        const viemAcct = _pkToAccount(PK);
+        expect(acct.address.toLowerCase()).toBe(viemAcct.address.toLowerCase());
+        const ours = await acct.signTypedData(HL_AGENT_DEF);
+        const theirs = await viemAcct.signTypedData(HL_AGENT_DEF);
+        expect(ours).toBe(theirs);
+    });
+});

package/dist/gate.d.ts

@@ -0,0 +1,10 @@
+import type { Chain } from "./chain.js";
+export declare function tokenBalanceOf(chain: Chain, token: string, owner: string): Promise<bigint>;
+export interface TokenGate {
+    /** ERC-20 / ERC-721 token address. */
+    token: string;
+    /** Minimum balance (base units for ERC-20; token count for ERC-721). */
+    minBalance: bigint;
+}
+/** Whether an owner currently meets a token gate. */
+export declare function meetsGate(chain: Chain, owner: string, gate: TokenGate): Promise<boolean>;

package/dist/gate.js

@@ -0,0 +1,18 @@
+// Token-gating helpers — does a wallet hold enough of a token to enter / stay in a
+// gated room? Works for ERC-20 (balance) and ERC-721 (count) since both expose
+// balanceOf(address). Read-only — a bot/keeper Chain needs only an RPC_URL.
+// The balanceOf(address)→uint256 of a token for an owner. Returns 0n on a failed
+// read (treat as "doesn't hold") rather than throwing the whole keeper sweep.
+export async function tokenBalanceOf(chain, token, owner) {
+    try {
+        const r = await chain.call(token, "balanceOf(address)(uint256)", [owner]);
+        return BigInt(r);
+    }
+    catch {
+        return 0n;
+    }
+}
+/** Whether an owner currently meets a token gate. */
+export async function meetsGate(chain, owner, gate) {
+    return (await tokenBalanceOf(chain, gate.token, owner)) >= gate.minBalance;
+}