@lombard.finance/sdk-common 4.0.0 → 4.1.0-canary.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@lombard.finance/sdk-common",
3
- "version": "4.0.0",
3
+ "version": "4.1.0-canary.9",
4
4
  "description": "Shared utilities and types for the Lombard SDK packages",
5
5
  "exports": {
6
6
  ".": {
package/src/modules.ts CHANGED
@@ -72,8 +72,10 @@ export interface SdkModule<TId extends string = string, TService = unknown> {
72
72
  * }
73
73
  * ```
74
74
  */
75
- export interface ChainModule<TChain extends string = string, TService = unknown>
76
- extends SdkModule<TChain, TService> {
75
+ export interface ChainModule<
76
+ TChain extends string = string,
77
+ TService = unknown,
78
+ > extends SdkModule<TChain, TService> {
77
79
  /** Chain type this module provides services for */
78
80
  chain: TChain;
79
81
  }
@@ -94,8 +96,10 @@ export type ModuleId<TModule> =
94
96
  /**
95
97
  * Extract service type from a module by ID
96
98
  */
97
- export type ServiceOf<TModule extends SdkModule<string, unknown>, TId extends string> =
98
- TModule extends SdkModule<TId, infer TService> ? TService : never;
99
+ export type ServiceOf<
100
+ TModule extends SdkModule<string, unknown>,
101
+ TId extends string,
102
+ > = TModule extends SdkModule<TId, infer TService> ? TService : never;
99
103
 
100
104
  /**
101
105
  * @deprecated Use ServiceOf instead
@@ -0,0 +1,84 @@
1
+ /**
2
+ * Wallet Auth Service
3
+ *
4
+ * Contract for the wallet-based authentication flow used by the Lombard
5
+ * backend (v2):
6
+ *
7
+ * 1. `requestChallenge` — server returns a payload the wallet must sign.
8
+ * 2. `verifySignature` — server validates the signature and issues a JWT.
9
+ * 3. `revokeToken` — invalidates a JWT server-side (e.g. on disconnect).
10
+ *
11
+ * Signing the challenge with the user's wallet is intentionally NOT part of
12
+ * this contract — signing primitives are chain-specific and live in the
13
+ * corresponding chain SDK packages.
14
+ */
15
+
16
+ /**
17
+ * Supported chain identifiers accepted by the auth API.
18
+ *
19
+ * Free-form string to stay open to chains added on the backend before the
20
+ * SDK is updated. Common values: `'ethereum'`, `'solana'`, `'sui'`,
21
+ * `'starknet'`, `'cosmos'`.
22
+ */
23
+ export type WalletAuthChain = string;
24
+
25
+ export interface WalletChallengeRequest {
26
+ /** Wallet address performing the auth flow. */
27
+ address: string;
28
+ /** Chain the address belongs to. */
29
+ chain: WalletAuthChain;
30
+ }
31
+
32
+ export interface WalletChallengeResponse {
33
+ /** Random nonce embedded in the payload. */
34
+ nonce: string;
35
+ /** Chain-specific payload the user must sign with their wallet. */
36
+ payload: string;
37
+ /** ISO-8601 timestamp when this challenge expires. */
38
+ expiresAt: string;
39
+ }
40
+
41
+ export interface WalletVerifyRequest {
42
+ address: string;
43
+ /** The payload returned by `requestChallenge`. */
44
+ payload: string;
45
+ /** Signature produced by the wallet over `payload`. */
46
+ signature: string;
47
+ chain: WalletAuthChain;
48
+ /**
49
+ * Required for chains where the public key cannot be recovered from the
50
+ * signature (Starknet, Cosmos). Ignored elsewhere.
51
+ */
52
+ publicKey?: string;
53
+ }
54
+
55
+ export interface WalletVerifyResponse {
56
+ /** JWT bound to the verified wallet address. */
57
+ jwt: string;
58
+ /** ISO-8601 timestamp when the JWT expires. */
59
+ expiresAt: string;
60
+ }
61
+
62
+ export interface RevokeWalletTokenRequest {
63
+ /** JWT to invalidate server-side. */
64
+ jwt: string;
65
+ }
66
+
67
+ /**
68
+ * Wallet auth service contract. Implementations live in `@lombard.finance/sdk`.
69
+ */
70
+ export interface WalletAuthService {
71
+ /** Request a challenge payload for the given wallet. */
72
+ requestChallenge(
73
+ params: WalletChallengeRequest,
74
+ ): Promise<WalletChallengeResponse>;
75
+
76
+ /** Submit a signed challenge and receive a JWT. */
77
+ verifySignature(params: WalletVerifyRequest): Promise<WalletVerifyResponse>;
78
+
79
+ /**
80
+ * Invalidate a JWT server-side. Best-effort: implementations may swallow
81
+ * network errors so callers can always clear local state.
82
+ */
83
+ revokeToken(params: RevokeWalletTokenRequest): Promise<void>;
84
+ }
@@ -13,6 +13,7 @@
13
13
 
14
14
  // Core services (provided by sdk)
15
15
  export * from './api';
16
+ export * from './auth';
16
17
  export * from './btc';
17
18
  export * from './evm';
18
19