@meshconnect/uwc-core 1.0.1-snapshot.c7e65ce → 1.0.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +66 -211
- package/dist/events.d.ts +2 -69
- package/dist/events.d.ts.map +1 -1
- package/dist/events.js +1 -40
- package/dist/events.js.map +1 -1
- package/dist/index.d.ts +0 -2
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +0 -1
- package/dist/index.js.map +1 -1
- package/dist/managers/event-manager.d.ts.map +1 -1
- package/dist/managers/event-manager.js +1 -5
- package/dist/managers/event-manager.js.map +1 -1
- package/dist/services/connection-service.d.ts +1 -2
- package/dist/services/connection-service.d.ts.map +1 -1
- package/dist/services/connection-service.js +15 -35
- package/dist/services/connection-service.js.map +1 -1
- package/dist/services/network-switch-service.d.ts +1 -2
- package/dist/services/network-switch-service.d.ts.map +1 -1
- package/dist/services/network-switch-service.js +15 -33
- package/dist/services/network-switch-service.js.map +1 -1
- package/dist/universal-wallet-connector.d.ts +2 -51
- package/dist/universal-wallet-connector.d.ts.map +1 -1
- package/dist/universal-wallet-connector.js +61 -163
- package/dist/universal-wallet-connector.js.map +1 -1
- package/package.json +5 -5
- package/src/events.ts +1 -114
- package/src/index.ts +0 -6
- package/src/managers/event-manager.test.ts +0 -25
- package/src/managers/event-manager.ts +1 -5
- package/src/services/connection-service.test.ts +1 -66
- package/src/services/connection-service.ts +32 -54
- package/src/services/network-switch-service.test.ts +1 -51
- package/src/services/network-switch-service.ts +23 -43
- package/src/universal-wallet-connector.ts +71 -244
- package/dist/logger/create-logger.d.ts +0 -32
- package/dist/logger/create-logger.d.ts.map +0 -1
- package/dist/logger/create-logger.js +0 -69
- package/dist/logger/create-logger.js.map +0 -1
- package/dist/observability/connect-observer.d.ts +0 -22
- package/dist/observability/connect-observer.d.ts.map +0 -1
- package/dist/observability/connect-observer.js +0 -60
- package/dist/observability/connect-observer.js.map +0 -1
- package/dist/observability/instrument-handoff.d.ts +0 -39
- package/dist/observability/instrument-handoff.d.ts.map +0 -1
- package/dist/observability/instrument-handoff.js +0 -86
- package/dist/observability/instrument-handoff.js.map +0 -1
- package/dist/observability/scrub.d.ts +0 -30
- package/dist/observability/scrub.d.ts.map +0 -1
- package/dist/observability/scrub.js +0 -135
- package/dist/observability/scrub.js.map +0 -1
- package/dist/observability/telemetry.d.ts +0 -77
- package/dist/observability/telemetry.d.ts.map +0 -1
- package/dist/observability/telemetry.js +0 -138
- package/dist/observability/telemetry.js.map +0 -1
- package/dist/utils/id.d.ts +0 -2
- package/dist/utils/id.d.ts.map +0 -1
- package/dist/utils/id.js +0 -41
- package/dist/utils/id.js.map +0 -1
- package/dist/utils/to-wallet-error.d.ts +0 -16
- package/dist/utils/to-wallet-error.d.ts.map +0 -1
- package/dist/utils/to-wallet-error.js +0 -33
- package/dist/utils/to-wallet-error.js.map +0 -1
- package/src/logger/create-logger.test.ts +0 -111
- package/src/logger/create-logger.ts +0 -101
- package/src/observability/connect-observer.test.ts +0 -100
- package/src/observability/connect-observer.ts +0 -71
- package/src/observability/instrument-handoff.test.ts +0 -150
- package/src/observability/instrument-handoff.ts +0 -122
- package/src/observability/scrub.test.ts +0 -109
- package/src/observability/scrub.ts +0 -142
- package/src/observability/telemetry.test.ts +0 -134
- package/src/observability/telemetry.ts +0 -211
- package/src/universal-wallet-connector.observability.test.ts +0 -265
- package/src/utils/id.test.ts +0 -15
- package/src/utils/id.ts +0 -48
- package/src/utils/to-wallet-error.ts +0 -36
|
@@ -1,39 +0,0 @@
|
|
|
1
|
-
import type { ConnectionMode, Namespace, NetworkId } from '@meshconnect/uwc-types';
|
|
2
|
-
import type { EventManager } from '../managers/event-manager';
|
|
3
|
-
import type { UWCOperation } from '../events';
|
|
4
|
-
/** Routing facets known at the moment of a wallet handoff. No address, no payload. */
|
|
5
|
-
export interface HandoffContext {
|
|
6
|
-
operation: UWCOperation;
|
|
7
|
-
connectionMode: ConnectionMode;
|
|
8
|
-
walletId?: string | undefined;
|
|
9
|
-
namespace?: Namespace | undefined;
|
|
10
|
-
chainId?: NetworkId | undefined;
|
|
11
|
-
}
|
|
12
|
-
export interface InstrumentHandoffOptions {
|
|
13
|
-
eventManager: EventManager;
|
|
14
|
-
/**
|
|
15
|
-
* Deadline after which `walletTimedOut` fires as a SIDE marker (never rejects).
|
|
16
|
-
* `0` disables the marker. `tonConnect` is always skipped — TON bounds its own
|
|
17
|
-
* wallet response internally, so a second observational timer would be noise.
|
|
18
|
-
*/
|
|
19
|
-
timeoutMs: number;
|
|
20
|
-
/** Clock injectable for deterministic tests. */
|
|
21
|
-
now?: () => number;
|
|
22
|
-
}
|
|
23
|
-
/**
|
|
24
|
-
* Instrument one wallet-boundary op so the blind window is measured.
|
|
25
|
-
*
|
|
26
|
-
* Emits `awaitingWallet` immediately (before the await that hands control to the
|
|
27
|
-
* wallet), then exactly one terminal — `walletSucceeded` (success),
|
|
28
|
-
* `walletRejected` (explicit user no), or `walletFailed` (any other error) — all
|
|
29
|
-
* carrying the same `handoffId` and a `durationMs`. An intentional abort emits no
|
|
30
|
-
* terminal (the caller cancelled; it isn't a wallet outcome).
|
|
31
|
-
*
|
|
32
|
-
* A non-cancelling `walletTimedOut` marker fires if the deadline passes while the
|
|
33
|
-
* op is still pending; it is cleared the instant the op settles, so a fast op
|
|
34
|
-
* never false-fires it, and it NEVER rejects/aborts/mutates state — the wrapped
|
|
35
|
-
* promise stays the single terminal source of truth. This is a deliberate
|
|
36
|
-
* deviation from TON's cancelling `withWalletResponseTimeout`.
|
|
37
|
-
*/
|
|
38
|
-
export declare function instrumentHandoff<T>(options: InstrumentHandoffOptions, context: HandoffContext, fn: () => Promise<T>): Promise<T>;
|
|
39
|
-
//# sourceMappingURL=instrument-handoff.d.ts.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"instrument-handoff.d.ts","sourceRoot":"","sources":["../../src/observability/instrument-handoff.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,cAAc,EACd,SAAS,EACT,SAAS,EACV,MAAM,wBAAwB,CAAA;AAC/B,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,2BAA2B,CAAA;AAC7D,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,WAAW,CAAA;AAS7C,sFAAsF;AACtF,MAAM,WAAW,cAAc;IAC7B,SAAS,EAAE,YAAY,CAAA;IACvB,cAAc,EAAE,cAAc,CAAA;IAC9B,QAAQ,CAAC,EAAE,MAAM,GAAG,SAAS,CAAA;IAC7B,SAAS,CAAC,EAAE,SAAS,GAAG,SAAS,CAAA;IACjC,OAAO,CAAC,EAAE,SAAS,GAAG,SAAS,CAAA;CAChC;AAED,MAAM,WAAW,wBAAwB;IACvC,YAAY,EAAE,YAAY,CAAA;IAC1B;;;;OAIG;IACH,SAAS,EAAE,MAAM,CAAA;IACjB,gDAAgD;IAChD,GAAG,CAAC,EAAE,MAAM,MAAM,CAAA;CACnB;AAED;;;;;;;;;;;;;;GAcG;AACH,wBAAsB,iBAAiB,CAAC,CAAC,EACvC,OAAO,EAAE,wBAAwB,EACjC,OAAO,EAAE,cAAc,EACvB,EAAE,EAAE,MAAM,OAAO,CAAC,CAAC,CAAC,GACnB,OAAO,CAAC,CAAC,CAAC,CAkEZ"}
|
|
@@ -1,86 +0,0 @@
|
|
|
1
|
-
import { generateId } from '../utils/id';
|
|
2
|
-
import { isAbortError, isUserRejection, toWalletError } from '../utils/to-wallet-error';
|
|
3
|
-
import { derivePlatform, deriveWalletFlowType } from './telemetry';
|
|
4
|
-
/**
|
|
5
|
-
* Instrument one wallet-boundary op so the blind window is measured.
|
|
6
|
-
*
|
|
7
|
-
* Emits `awaitingWallet` immediately (before the await that hands control to the
|
|
8
|
-
* wallet), then exactly one terminal — `walletSucceeded` (success),
|
|
9
|
-
* `walletRejected` (explicit user no), or `walletFailed` (any other error) — all
|
|
10
|
-
* carrying the same `handoffId` and a `durationMs`. An intentional abort emits no
|
|
11
|
-
* terminal (the caller cancelled; it isn't a wallet outcome).
|
|
12
|
-
*
|
|
13
|
-
* A non-cancelling `walletTimedOut` marker fires if the deadline passes while the
|
|
14
|
-
* op is still pending; it is cleared the instant the op settles, so a fast op
|
|
15
|
-
* never false-fires it, and it NEVER rejects/aborts/mutates state — the wrapped
|
|
16
|
-
* promise stays the single terminal source of truth. This is a deliberate
|
|
17
|
-
* deviation from TON's cancelling `withWalletResponseTimeout`.
|
|
18
|
-
*/
|
|
19
|
-
export async function instrumentHandoff(options, context, fn) {
|
|
20
|
-
const { eventManager, timeoutMs } = options;
|
|
21
|
-
const now = options.now ?? Date.now;
|
|
22
|
-
const handoffId = generateId();
|
|
23
|
-
const platform = derivePlatform();
|
|
24
|
-
const start = now();
|
|
25
|
-
eventManager.emit('awaitingWallet', {
|
|
26
|
-
operation: context.operation,
|
|
27
|
-
connectionMode: context.connectionMode,
|
|
28
|
-
walletId: context.walletId,
|
|
29
|
-
namespace: context.namespace,
|
|
30
|
-
chainId: context.chainId,
|
|
31
|
-
handoffId,
|
|
32
|
-
walletFlowType: deriveWalletFlowType(context.connectionMode, platform),
|
|
33
|
-
platform,
|
|
34
|
-
timestamp: start
|
|
35
|
-
});
|
|
36
|
-
const shouldTime = timeoutMs > 0 && context.connectionMode !== 'tonConnect';
|
|
37
|
-
const timer = shouldTime
|
|
38
|
-
? setTimeout(() => {
|
|
39
|
-
eventManager.emit('walletTimedOut', {
|
|
40
|
-
handoffId,
|
|
41
|
-
operation: context.operation,
|
|
42
|
-
durationMs: now() - start
|
|
43
|
-
});
|
|
44
|
-
}, timeoutMs)
|
|
45
|
-
: undefined;
|
|
46
|
-
try {
|
|
47
|
-
const result = await fn();
|
|
48
|
-
eventManager.emit('walletSucceeded', {
|
|
49
|
-
handoffId,
|
|
50
|
-
operation: context.operation,
|
|
51
|
-
durationMs: now() - start
|
|
52
|
-
});
|
|
53
|
-
return result;
|
|
54
|
-
}
|
|
55
|
-
catch (error) {
|
|
56
|
-
// Caller-driven cancellation isn't a wallet outcome — leave it unterminated,
|
|
57
|
-
// mirroring the façade's `emitError` AbortError skip. Checked BEFORE rejection
|
|
58
|
-
// is safe: real user rejections surface as WalletConnectorError{rejected} or
|
|
59
|
-
// EIP-1193 4001 (see isUserRejection), never as an AbortError — within UWC's
|
|
60
|
-
// dependency surface AbortError is produced only by the caller's AbortSignal.
|
|
61
|
-
if (isAbortError(error))
|
|
62
|
-
throw error;
|
|
63
|
-
const durationMs = now() - start;
|
|
64
|
-
if (isUserRejection(error)) {
|
|
65
|
-
eventManager.emit('walletRejected', {
|
|
66
|
-
handoffId,
|
|
67
|
-
operation: context.operation,
|
|
68
|
-
durationMs
|
|
69
|
-
});
|
|
70
|
-
}
|
|
71
|
-
else {
|
|
72
|
-
eventManager.emit('walletFailed', {
|
|
73
|
-
handoffId,
|
|
74
|
-
operation: context.operation,
|
|
75
|
-
durationMs,
|
|
76
|
-
error: toWalletError(error)
|
|
77
|
-
});
|
|
78
|
-
}
|
|
79
|
-
throw error;
|
|
80
|
-
}
|
|
81
|
-
finally {
|
|
82
|
-
if (timer)
|
|
83
|
-
clearTimeout(timer);
|
|
84
|
-
}
|
|
85
|
-
}
|
|
86
|
-
//# sourceMappingURL=instrument-handoff.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"instrument-handoff.js","sourceRoot":"","sources":["../../src/observability/instrument-handoff.ts"],"names":[],"mappings":"AAOA,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAA;AACxC,OAAO,EACL,YAAY,EACZ,eAAe,EACf,aAAa,EACd,MAAM,0BAA0B,CAAA;AACjC,OAAO,EAAE,cAAc,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAA;AAuBlE;;;;;;;;;;;;;;GAcG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CACrC,OAAiC,EACjC,OAAuB,EACvB,EAAoB;IAEpB,MAAM,EAAE,YAAY,EAAE,SAAS,EAAE,GAAG,OAAO,CAAA;IAC3C,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,IAAI,IAAI,CAAC,GAAG,CAAA;IAEnC,MAAM,SAAS,GAAG,UAAU,EAAE,CAAA;IAC9B,MAAM,QAAQ,GAAG,cAAc,EAAE,CAAA;IACjC,MAAM,KAAK,GAAG,GAAG,EAAE,CAAA;IAEnB,YAAY,CAAC,IAAI,CAAC,gBAAgB,EAAE;QAClC,SAAS,EAAE,OAAO,CAAC,SAAS;QAC5B,cAAc,EAAE,OAAO,CAAC,cAAc;QACtC,QAAQ,EAAE,OAAO,CAAC,QAAQ;QAC1B,SAAS,EAAE,OAAO,CAAC,SAAS;QAC5B,OAAO,EAAE,OAAO,CAAC,OAAO;QACxB,SAAS;QACT,cAAc,EAAE,oBAAoB,CAAC,OAAO,CAAC,cAAc,EAAE,QAAQ,CAAC;QACtE,QAAQ;QACR,SAAS,EAAE,KAAK;KACjB,CAAC,CAAA;IAEF,MAAM,UAAU,GAAG,SAAS,GAAG,CAAC,IAAI,OAAO,CAAC,cAAc,KAAK,YAAY,CAAA;IAC3E,MAAM,KAAK,GAA8C,UAAU;QACjE,CAAC,CAAC,UAAU,CAAC,GAAG,EAAE;YACd,YAAY,CAAC,IAAI,CAAC,gBAAgB,EAAE;gBAClC,SAAS;gBACT,SAAS,EAAE,OAAO,CAAC,SAAS;gBAC5B,UAAU,EAAE,GAAG,EAAE,GAAG,KAAK;aAC1B,CAAC,CAAA;QACJ,CAAC,EAAE,SAAS,CAAC;QACf,CAAC,CAAC,SAAS,CAAA;IAEb,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,EAAE,EAAE,CAAA;QACzB,YAAY,CAAC,IAAI,CAAC,iBAAiB,EAAE;YACnC,SAAS;YACT,SAAS,EAAE,OAAO,CAAC,SAAS;YAC5B,UAAU,EAAE,GAAG,EAAE,GAAG,KAAK;SAC1B,CAAC,CAAA;QACF,OAAO,MAAM,CAAA;IACf,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,6EAA6E;QAC7E,+EAA+E;QAC/E,6EAA6E;QAC7E,6EAA6E;QAC7E,8EAA8E;QAC9E,IAAI,YAAY,CAAC,KAAK,CAAC;YAAE,MAAM,KAAK,CAAA;QAEpC,MAAM,UAAU,GAAG,GAAG,EAAE,GAAG,KAAK,CAAA;QAChC,IAAI,eAAe,CAAC,KAAK,CAAC,EAAE,CAAC;YAC3B,YAAY,CAAC,IAAI,CAAC,gBAAgB,EAAE;gBAClC,SAAS;gBACT,SAAS,EAAE,OAAO,CAAC,SAAS;gBAC5B,UAAU;aACX,CAAC,CAAA;QACJ,CAAC;aAAM,CAAC;YACN,YAAY,CAAC,IAAI,CAAC,cAAc,EAAE;gBAChC,SAAS;gBACT,SAAS,EAAE,OAAO,CAAC,SAAS;gBAC5B,UAAU;gBACV,KAAK,EAAE,aAAa,CAAC,KAAK,CAAC;aAC5B,CAAC,CAAA;QACJ,CAAC;QACD,MAAM,KAAK,CAAA;IACb,CAAC;YAAS,CAAC;QACT,IAAI,KAAK;YAAE,YAAY,CAAC,KAAK,CAAC,CAAA;IAChC,CAAC;AACH,CAAC"}
|
|
@@ -1,30 +0,0 @@
|
|
|
1
|
-
/**
|
|
2
|
-
* PII / secret scrubber for data leaving UWC through the observer seam.
|
|
3
|
-
*
|
|
4
|
-
* Security-first: the normalized `UWCTelemetryEvent` excludes signing payloads
|
|
5
|
-
* and addresses by construction — its STRUCTURED fields have no slot for them
|
|
6
|
-
* (§ telemetry.ts). This scrubber is the second line of defence for the two
|
|
7
|
-
* surfaces that CAN still carry free-form data on the observer path: the
|
|
8
|
-
* `WalletError.message` forwarded to `observer.onEvent`, and the `args` forwarded
|
|
9
|
-
* to `observer.onLog`. (The console / custom-logger sink receives raw data — it's
|
|
10
|
-
* local, not egress.)
|
|
11
|
-
*
|
|
12
|
-
* Two detection layers:
|
|
13
|
-
* - KEY-based redaction of sensitive object keys — substring match (not regex),
|
|
14
|
-
* avoiding the ReDoS class that Wiz flags on user-input regexes.
|
|
15
|
-
* - CONTENT-based redaction of secrets embedded in free-form strings (hex blobs,
|
|
16
|
-
* secret k/v params, bearer tokens) — via linear, single-quantifier regexes
|
|
17
|
-
* (see SECRET_CONTENT_PATTERNS) that carry no catastrophic-backtracking risk.
|
|
18
|
-
*/
|
|
19
|
-
/**
|
|
20
|
-
* Recursively copy `value`, redacting sensitive object-keys, capping long
|
|
21
|
-
* strings, and rendering non-serializable values inert. The returned objects use
|
|
22
|
-
* a null prototype so a malicious `__proto__`/`constructor` key in attacker-shaped
|
|
23
|
-
* input can't pollute `Object.prototype` downstream.
|
|
24
|
-
*/
|
|
25
|
-
export declare function scrubValue(value: unknown, depth?: number): unknown;
|
|
26
|
-
/** Scrub a free-form error message (string in → capped string out). */
|
|
27
|
-
export declare function scrubMessage(message: string): string;
|
|
28
|
-
/** Scrub a variadic `args` array before it reaches `observer.onLog`. */
|
|
29
|
-
export declare function scrubArgs(args: unknown[]): unknown[];
|
|
30
|
-
//# sourceMappingURL=scrub.d.ts.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"scrub.d.ts","sourceRoot":"","sources":["../../src/observability/scrub.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;GAiBG;AAyEH;;;;;GAKG;AACH,wBAAgB,UAAU,CAAC,KAAK,EAAE,OAAO,EAAE,KAAK,SAAI,GAAG,OAAO,CAmC7D;AAED,uEAAuE;AACvE,wBAAgB,YAAY,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,CAEpD;AAED,wEAAwE;AACxE,wBAAgB,SAAS,CAAC,IAAI,EAAE,OAAO,EAAE,GAAG,OAAO,EAAE,CAEpD"}
|
|
@@ -1,135 +0,0 @@
|
|
|
1
|
-
/**
|
|
2
|
-
* PII / secret scrubber for data leaving UWC through the observer seam.
|
|
3
|
-
*
|
|
4
|
-
* Security-first: the normalized `UWCTelemetryEvent` excludes signing payloads
|
|
5
|
-
* and addresses by construction — its STRUCTURED fields have no slot for them
|
|
6
|
-
* (§ telemetry.ts). This scrubber is the second line of defence for the two
|
|
7
|
-
* surfaces that CAN still carry free-form data on the observer path: the
|
|
8
|
-
* `WalletError.message` forwarded to `observer.onEvent`, and the `args` forwarded
|
|
9
|
-
* to `observer.onLog`. (The console / custom-logger sink receives raw data — it's
|
|
10
|
-
* local, not egress.)
|
|
11
|
-
*
|
|
12
|
-
* Two detection layers:
|
|
13
|
-
* - KEY-based redaction of sensitive object keys — substring match (not regex),
|
|
14
|
-
* avoiding the ReDoS class that Wiz flags on user-input regexes.
|
|
15
|
-
* - CONTENT-based redaction of secrets embedded in free-form strings (hex blobs,
|
|
16
|
-
* secret k/v params, bearer tokens) — via linear, single-quantifier regexes
|
|
17
|
-
* (see SECRET_CONTENT_PATTERNS) that carry no catastrophic-backtracking risk.
|
|
18
|
-
*/
|
|
19
|
-
/**
|
|
20
|
-
* Separator-free, lower-cased fragments that mark a value as sensitive. Keys are
|
|
21
|
-
* normalized (separators stripped) before matching, so `walletPrivateKey`,
|
|
22
|
-
* `private_key`, `x-api-key`, and `authToken` all hit the same short list. This
|
|
23
|
-
* over-redacts by design (a `security`-first scrubber prefers a false redaction
|
|
24
|
-
* to a leak).
|
|
25
|
-
*/
|
|
26
|
-
const SENSITIVE_KEY_FRAGMENTS = [
|
|
27
|
-
'seed',
|
|
28
|
-
'mnemonic',
|
|
29
|
-
'privatekey',
|
|
30
|
-
'secret',
|
|
31
|
-
'password',
|
|
32
|
-
'passphrase',
|
|
33
|
-
'signature',
|
|
34
|
-
'message',
|
|
35
|
-
'payload',
|
|
36
|
-
'token',
|
|
37
|
-
'apikey',
|
|
38
|
-
'authorization',
|
|
39
|
-
'auth'
|
|
40
|
-
];
|
|
41
|
-
const MAX_STRING_LENGTH = 500;
|
|
42
|
-
const MAX_DEPTH = 4;
|
|
43
|
-
const REDACTED = '[Redacted]';
|
|
44
|
-
function isSensitiveKey(key) {
|
|
45
|
-
// Strip separators so `private_key` / `x-api-key` normalize to the bare form.
|
|
46
|
-
const normalized = key.toLowerCase().split('-').join('').split('_').join('');
|
|
47
|
-
return SENSITIVE_KEY_FRAGMENTS.some(fragment => normalized.includes(fragment));
|
|
48
|
-
}
|
|
49
|
-
// Content patterns for secrets embedded in FREE-FORM strings (error messages,
|
|
50
|
-
// log args) where key-based redaction can't reach. All are linear, anchored,
|
|
51
|
-
// single-quantifier expressions — no nested/overlapping quantifiers — so they
|
|
52
|
-
// carry no catastrophic-backtracking (ReDoS) risk on attacker-controlled input.
|
|
53
|
-
const SECRET_CONTENT_PATTERNS = [
|
|
54
|
-
// 0x-prefixed hex blobs: EVM addresses (40 nibbles) and longer
|
|
55
|
-
// signatures/keys/hashes/calldata (64+). Over-redacts public hashes by design.
|
|
56
|
-
[/0x[a-fA-F0-9]{40,}/g, '0x[redacted-hex]'],
|
|
57
|
-
// `secret=…` / `token=…` / `key=…` query-string or k/v fragments.
|
|
58
|
-
[
|
|
59
|
-
/\b(token|key|secret|auth|sig|signature|password|passphrase|mnemonic|seed|apikey)=[^\s&"']+/gi,
|
|
60
|
-
'$1=[redacted]'
|
|
61
|
-
],
|
|
62
|
-
// `Bearer <opaque>` / `Basic <opaque>` authorization values.
|
|
63
|
-
[/\b(bearer|basic)\s+[A-Za-z0-9._~+/-]+=*/gi, '$1 [redacted]']
|
|
64
|
-
];
|
|
65
|
-
/**
|
|
66
|
-
* Redact secrets that live INSIDE a free-form string. Best-effort and
|
|
67
|
-
* deliberately conservative toward over-redaction: a wallet error string can
|
|
68
|
-
* embed an address, a reverted-tx calldata blob, or a URL with a token, none of
|
|
69
|
-
* which key-based redaction sees. Two documented best-effort gaps, both left
|
|
70
|
-
* unmatched to avoid destroying legitimate data:
|
|
71
|
-
* - Base58 (Solana) / TON `EQ…` addresses — indistinguishable from ordinary
|
|
72
|
-
* words without false positives.
|
|
73
|
-
* - BARE (non-`0x`) hex blobs — a raw 64-char hex string is far more often a
|
|
74
|
-
* legitimate id/hash than a secret, so only `0x`-prefixed hex is redacted.
|
|
75
|
-
* Structured telemetry fields never carry addresses regardless (see telemetry.ts);
|
|
76
|
-
* this pass only hardens the free-form `error.message` / log-arg surface.
|
|
77
|
-
*/
|
|
78
|
-
function redactSecretsInString(input) {
|
|
79
|
-
let out = input;
|
|
80
|
-
for (const [pattern, replacement] of SECRET_CONTENT_PATTERNS) {
|
|
81
|
-
out = out.replace(pattern, replacement);
|
|
82
|
-
}
|
|
83
|
-
return out;
|
|
84
|
-
}
|
|
85
|
-
/**
|
|
86
|
-
* Recursively copy `value`, redacting sensitive object-keys, capping long
|
|
87
|
-
* strings, and rendering non-serializable values inert. The returned objects use
|
|
88
|
-
* a null prototype so a malicious `__proto__`/`constructor` key in attacker-shaped
|
|
89
|
-
* input can't pollute `Object.prototype` downstream.
|
|
90
|
-
*/
|
|
91
|
-
export function scrubValue(value, depth = 0) {
|
|
92
|
-
if (depth > MAX_DEPTH)
|
|
93
|
-
return '[Truncated: max depth]';
|
|
94
|
-
if (value === null || value === undefined)
|
|
95
|
-
return value;
|
|
96
|
-
const type = typeof value;
|
|
97
|
-
if (type === 'string') {
|
|
98
|
-
// Redact embedded secrets BEFORE capping, so the cap can't slice a pattern
|
|
99
|
-
// in half and leak its tail.
|
|
100
|
-
const str = redactSecretsInString(value);
|
|
101
|
-
return str.length > MAX_STRING_LENGTH
|
|
102
|
-
? str.slice(0, MAX_STRING_LENGTH) + '…[truncated]'
|
|
103
|
-
: str;
|
|
104
|
-
}
|
|
105
|
-
if (type === 'number' || type === 'boolean')
|
|
106
|
-
return value;
|
|
107
|
-
if (type === 'bigint')
|
|
108
|
-
return value.toString();
|
|
109
|
-
if (type === 'function' || type === 'symbol')
|
|
110
|
-
return `[${type}]`;
|
|
111
|
-
if (Array.isArray(value)) {
|
|
112
|
-
return value.map(item => scrubValue(item, depth + 1));
|
|
113
|
-
}
|
|
114
|
-
if (type === 'object') {
|
|
115
|
-
// Error instances carry a useful message but also a stack we don't want.
|
|
116
|
-
if (value instanceof Error) {
|
|
117
|
-
return { name: value.name, message: scrubValue(value.message, depth + 1) };
|
|
118
|
-
}
|
|
119
|
-
const out = Object.create(null);
|
|
120
|
-
for (const [key, val] of Object.entries(value)) {
|
|
121
|
-
out[key] = isSensitiveKey(key) ? REDACTED : scrubValue(val, depth + 1);
|
|
122
|
-
}
|
|
123
|
-
return out;
|
|
124
|
-
}
|
|
125
|
-
return '[Unserializable]';
|
|
126
|
-
}
|
|
127
|
-
/** Scrub a free-form error message (string in → capped string out). */
|
|
128
|
-
export function scrubMessage(message) {
|
|
129
|
-
return scrubValue(message);
|
|
130
|
-
}
|
|
131
|
-
/** Scrub a variadic `args` array before it reaches `observer.onLog`. */
|
|
132
|
-
export function scrubArgs(args) {
|
|
133
|
-
return args.map(arg => scrubValue(arg));
|
|
134
|
-
}
|
|
135
|
-
//# sourceMappingURL=scrub.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"scrub.js","sourceRoot":"","sources":["../../src/observability/scrub.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;GAiBG;AAEH;;;;;;GAMG;AACH,MAAM,uBAAuB,GAAG;IAC9B,MAAM;IACN,UAAU;IACV,YAAY;IACZ,QAAQ;IACR,UAAU;IACV,YAAY;IACZ,WAAW;IACX,SAAS;IACT,SAAS;IACT,OAAO;IACP,QAAQ;IACR,eAAe;IACf,MAAM;CACP,CAAA;AAED,MAAM,iBAAiB,GAAG,GAAG,CAAA;AAC7B,MAAM,SAAS,GAAG,CAAC,CAAA;AACnB,MAAM,QAAQ,GAAG,YAAY,CAAA;AAE7B,SAAS,cAAc,CAAC,GAAW;IACjC,8EAA8E;IAC9E,MAAM,UAAU,GAAG,GAAG,CAAC,WAAW,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;IAC5E,OAAO,uBAAuB,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,CAAA;AAChF,CAAC;AAED,8EAA8E;AAC9E,6EAA6E;AAC7E,8EAA8E;AAC9E,gFAAgF;AAChF,MAAM,uBAAuB,GAA6C;IACxE,+DAA+D;IAC/D,+EAA+E;IAC/E,CAAC,qBAAqB,EAAE,kBAAkB,CAAC;IAC3C,kEAAkE;IAClE;QACE,8FAA8F;QAC9F,eAAe;KAChB;IACD,6DAA6D;IAC7D,CAAC,2CAA2C,EAAE,eAAe,CAAC;CAC/D,CAAA;AAED;;;;;;;;;;;;GAYG;AACH,SAAS,qBAAqB,CAAC,KAAa;IAC1C,IAAI,GAAG,GAAG,KAAK,CAAA;IACf,KAAK,MAAM,CAAC,OAAO,EAAE,WAAW,CAAC,IAAI,uBAAuB,EAAE,CAAC;QAC7D,GAAG,GAAG,GAAG,CAAC,OAAO,CAAC,OAAO,EAAE,WAAW,CAAC,CAAA;IACzC,CAAC;IACD,OAAO,GAAG,CAAA;AACZ,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,UAAU,CAAC,KAAc,EAAE,KAAK,GAAG,CAAC;IAClD,IAAI,KAAK,GAAG,SAAS;QAAE,OAAO,wBAAwB,CAAA;IAEtD,IAAI,KAAK,KAAK,IAAI,IAAI,KAAK,KAAK,SAAS;QAAE,OAAO,KAAK,CAAA;IAEvD,MAAM,IAAI,GAAG,OAAO,KAAK,CAAA;IACzB,IAAI,IAAI,KAAK,QAAQ,EAAE,CAAC;QACtB,2EAA2E;QAC3E,6BAA6B;QAC7B,MAAM,GAAG,GAAG,qBAAqB,CAAC,KAAe,CAAC,CAAA;QAClD,OAAO,GAAG,CAAC,MAAM,GAAG,iBAAiB;YACnC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,iBAAiB,CAAC,GAAG,cAAc;YAClD,CAAC,CAAC,GAAG,CAAA;IACT,CAAC;IACD,IAAI,IAAI,KAAK,QAAQ,IAAI,IAAI,KAAK,SAAS;QAAE,OAAO,KAAK,CAAA;IACzD,IAAI,IAAI,KAAK,QAAQ;QAAE,OAAQ,KAAgB,CAAC,QAAQ,EAAE,CAAA;IAC1D,IAAI,IAAI,KAAK,UAAU,IAAI,IAAI,KAAK,QAAQ;QAAE,OAAO,IAAI,IAAI,GAAG,CAAA;IAEhE,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QACzB,OAAO,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,IAAI,EAAE,KAAK,GAAG,CAAC,CAAC,CAAC,CAAA;IACvD,CAAC;IAED,IAAI,IAAI,KAAK,QAAQ,EAAE,CAAC;QACtB,yEAAyE;QACzE,IAAI,KAAK,YAAY,KAAK,EAAE,CAAC;YAC3B,OAAO,EAAE,IAAI,EAAE,KAAK,CAAC,IAAI,EAAE,OAAO,EAAE,UAAU,CAAC,KAAK,CAAC,OAAO,EAAE,KAAK,GAAG,CAAC,CAAC,EAAE,CAAA;QAC5E,CAAC;QACD,MAAM,GAAG,GAA4B,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAA;QACxD,KAAK,MAAM,CAAC,GAAG,EAAE,GAAG,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAgC,CAAC,EAAE,CAAC;YAC1E,GAAG,CAAC,GAAG,CAAC,GAAG,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,EAAE,KAAK,GAAG,CAAC,CAAC,CAAA;QACxE,CAAC;QACD,OAAO,GAAG,CAAA;IACZ,CAAC;IAED,OAAO,kBAAkB,CAAA;AAC3B,CAAC;AAED,uEAAuE;AACvE,MAAM,UAAU,YAAY,CAAC,OAAe;IAC1C,OAAO,UAAU,CAAC,OAAO,CAAW,CAAA;AACtC,CAAC;AAED,wEAAwE;AACxE,MAAM,UAAU,SAAS,CAAC,IAAe;IACvC,OAAO,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAA;AACzC,CAAC"}
|
|
@@ -1,77 +0,0 @@
|
|
|
1
|
-
import type { ConnectionMode, WalletError, WalletFlowType, Platform, LogLevel, Namespace, NetworkId } from '@meshconnect/uwc-types';
|
|
2
|
-
import type { UWCEventName, UWCEventMap, UWCOperation } from '../events';
|
|
3
|
-
/**
|
|
4
|
-
* A normalized, PII-safe telemetry record derived from a `UWCEventMap` event.
|
|
5
|
-
*
|
|
6
|
-
* This is the ONLY shape that reaches `observer.onEvent`. It is the PII boundary:
|
|
7
|
-
* it has no field for a signing payload, signature, raw transaction, or wallet
|
|
8
|
-
* address — leaking those is structurally impossible, not merely discouraged.
|
|
9
|
-
*/
|
|
10
|
-
export interface UWCTelemetryEvent {
|
|
11
|
-
/** The originating event name. */
|
|
12
|
-
name: UWCEventName;
|
|
13
|
-
/** Per-connector-instance correlation id (stamped on every event). */
|
|
14
|
-
sdkSessionId: string;
|
|
15
|
-
/** ms since epoch when the record was produced. */
|
|
16
|
-
timestamp: number;
|
|
17
|
-
/** Wallet-boundary op, when the event relates to one. */
|
|
18
|
-
operation?: UWCOperation | undefined;
|
|
19
|
-
connectionMode?: ConnectionMode | undefined;
|
|
20
|
-
/** CAIP namespace (eip155 | solana | tron | tvm …) — never an address. */
|
|
21
|
-
namespace?: Namespace | undefined;
|
|
22
|
-
/** CAIP chain id (e.g. `eip155:1`) — never an address. */
|
|
23
|
-
chainId?: NetworkId | undefined;
|
|
24
|
-
/** Catalog wallet id — never an address. */
|
|
25
|
-
walletId?: string | undefined;
|
|
26
|
-
/** Correlates a handoff start with its terminal. */
|
|
27
|
-
handoffId?: string | undefined;
|
|
28
|
-
durationMs?: number | undefined;
|
|
29
|
-
walletFlowType?: WalletFlowType | undefined;
|
|
30
|
-
platform?: Platform | undefined;
|
|
31
|
-
/** Present on failure events. `message` is scrubbed before egress. */
|
|
32
|
-
error?: WalletError | undefined;
|
|
33
|
-
/** Log level, present only for `name === 'log'`. */
|
|
34
|
-
level?: LogLevel | undefined;
|
|
35
|
-
}
|
|
36
|
-
/**
|
|
37
|
-
* Vendor-agnostic telemetry sink. Consumers implement; UWC ships no vendor SDK.
|
|
38
|
-
* Both methods are optional and called best-effort (throws are swallowed upstream).
|
|
39
|
-
*
|
|
40
|
-
* CONTRACT — both methods are invoked **synchronously on the wallet-operation
|
|
41
|
-
* path**. A terminal event (e.g. `walletSucceeded`) fires between the wallet
|
|
42
|
-
* returning a result and that result reaching the caller, so a slow handler adds
|
|
43
|
-
* latency to connect / sign / sendTransaction. Keep handlers **non-blocking**:
|
|
44
|
-
* hand off to a queue-backed sink (Datadog `addAction`, Segment `track`, etc. are
|
|
45
|
-
* already non-blocking) or defer heavy work yourself — e.g.
|
|
46
|
-
* `onEvent: e => queueMicrotask(() => doHeavyWork(e))`. Do not perform synchronous
|
|
47
|
-
* network/IO or expensive serialization inline.
|
|
48
|
-
*/
|
|
49
|
-
export interface UWCObserver {
|
|
50
|
-
/** A normalized, PII-safe event. Forward to Datadog / Amplitude / Segment / … (non-blocking). */
|
|
51
|
-
onEvent?(event: UWCTelemetryEvent): void;
|
|
52
|
-
/** A log line (all levels). `args` is already scrubbed. Keep non-blocking. */
|
|
53
|
-
onLog?(level: LogLevel, message: string, args: unknown[]): void;
|
|
54
|
-
}
|
|
55
|
-
/**
|
|
56
|
-
* Best-effort coarse runtime surface. HEURISTIC — user agents lie and in-app
|
|
57
|
-
* browsers are hard to detect; treat `webview` as a hint, not a guarantee.
|
|
58
|
-
* Never returns the raw UA (PII / high-cardinality).
|
|
59
|
-
*/
|
|
60
|
-
export declare function derivePlatform(): Platform;
|
|
61
|
-
/**
|
|
62
|
-
* Derive the flow taxonomy from connection mode + surface. HEURISTIC — UWC does
|
|
63
|
-
* not always know whether a WalletConnect handoff used a deeplink vs a QR scan;
|
|
64
|
-
* we infer from the platform (mobile ⇒ deeplink, desktop ⇒ QR), matching link-v2's
|
|
65
|
-
* historical intent. Consumers with better context may override downstream.
|
|
66
|
-
*/
|
|
67
|
-
export declare function deriveWalletFlowType(connectionMode: ConnectionMode, platform: Platform): WalletFlowType;
|
|
68
|
-
/**
|
|
69
|
-
* Map a raw `UWCEventMap` event to its PII-safe `UWCTelemetryEvent`.
|
|
70
|
-
*
|
|
71
|
-
* Per-event allow-listing: only known-safe fields are copied. Payloads carrying a
|
|
72
|
-
* `Session`/`Network` (which include the wallet address) are reduced to
|
|
73
|
-
* `namespace` + `chainId` + `walletId`. Unknown/noisy payloads collapse to just
|
|
74
|
-
* the name. `error.message` is scrubbed.
|
|
75
|
-
*/
|
|
76
|
-
export declare function normalizeEvent<K extends UWCEventName>(name: K, data: UWCEventMap[K], sdkSessionId: string, now: number): UWCTelemetryEvent;
|
|
77
|
-
//# sourceMappingURL=telemetry.d.ts.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"telemetry.d.ts","sourceRoot":"","sources":["../../src/observability/telemetry.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,cAAc,EACd,WAAW,EACX,cAAc,EACd,QAAQ,EACR,QAAQ,EACR,SAAS,EACT,SAAS,EACV,MAAM,wBAAwB,CAAA;AAC/B,OAAO,KAAK,EAAE,YAAY,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,WAAW,CAAA;AAGxE;;;;;;GAMG;AACH,MAAM,WAAW,iBAAiB;IAChC,kCAAkC;IAClC,IAAI,EAAE,YAAY,CAAA;IAClB,sEAAsE;IACtE,YAAY,EAAE,MAAM,CAAA;IACpB,mDAAmD;IACnD,SAAS,EAAE,MAAM,CAAA;IACjB,yDAAyD;IACzD,SAAS,CAAC,EAAE,YAAY,GAAG,SAAS,CAAA;IACpC,cAAc,CAAC,EAAE,cAAc,GAAG,SAAS,CAAA;IAC3C,0EAA0E;IAC1E,SAAS,CAAC,EAAE,SAAS,GAAG,SAAS,CAAA;IACjC,0DAA0D;IAC1D,OAAO,CAAC,EAAE,SAAS,GAAG,SAAS,CAAA;IAC/B,4CAA4C;IAC5C,QAAQ,CAAC,EAAE,MAAM,GAAG,SAAS,CAAA;IAC7B,oDAAoD;IACpD,SAAS,CAAC,EAAE,MAAM,GAAG,SAAS,CAAA;IAC9B,UAAU,CAAC,EAAE,MAAM,GAAG,SAAS,CAAA;IAC/B,cAAc,CAAC,EAAE,cAAc,GAAG,SAAS,CAAA;IAC3C,QAAQ,CAAC,EAAE,QAAQ,GAAG,SAAS,CAAA;IAC/B,sEAAsE;IACtE,KAAK,CAAC,EAAE,WAAW,GAAG,SAAS,CAAA;IAC/B,oDAAoD;IACpD,KAAK,CAAC,EAAE,QAAQ,GAAG,SAAS,CAAA;CAC7B;AAED;;;;;;;;;;;;GAYG;AACH,MAAM,WAAW,WAAW;IAC1B,iGAAiG;IACjG,OAAO,CAAC,CAAC,KAAK,EAAE,iBAAiB,GAAG,IAAI,CAAA;IACxC,8EAA8E;IAC9E,KAAK,CAAC,CAAC,KAAK,EAAE,QAAQ,EAAE,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,GAAG,IAAI,CAAA;CAChE;AAED;;;;GAIG;AACH,wBAAgB,cAAc,IAAI,QAAQ,CAWzC;AAED;;;;;GAKG;AACH,wBAAgB,oBAAoB,CAClC,cAAc,EAAE,cAAc,EAC9B,QAAQ,EAAE,QAAQ,GACjB,cAAc,CAehB;AAED;;;;;;;GAOG;AACH,wBAAgB,cAAc,CAAC,CAAC,SAAS,YAAY,EACnD,IAAI,EAAE,CAAC,EACP,IAAI,EAAE,WAAW,CAAC,CAAC,CAAC,EACpB,YAAY,EAAE,MAAM,EACpB,GAAG,EAAE,MAAM,GACV,iBAAiB,CAuFnB"}
|
|
@@ -1,138 +0,0 @@
|
|
|
1
|
-
import { scrubMessage } from './scrub';
|
|
2
|
-
/**
|
|
3
|
-
* Best-effort coarse runtime surface. HEURISTIC — user agents lie and in-app
|
|
4
|
-
* browsers are hard to detect; treat `webview` as a hint, not a guarantee.
|
|
5
|
-
* Never returns the raw UA (PII / high-cardinality).
|
|
6
|
-
*/
|
|
7
|
-
export function derivePlatform() {
|
|
8
|
-
if (typeof navigator === 'undefined' || !navigator.userAgent)
|
|
9
|
-
return 'unknown';
|
|
10
|
-
const ua = navigator.userAgent;
|
|
11
|
-
const isIOS = /iPhone|iPad|iPod/i.test(ua);
|
|
12
|
-
const isAndroid = /Android/i.test(ua);
|
|
13
|
-
// Android in-app browsers tag the UA with `; wv`; iOS WKWebViews lack `Safari`.
|
|
14
|
-
const isWebview = (isAndroid && /; wv\)/i.test(ua)) || (isIOS && !/Safari/i.test(ua));
|
|
15
|
-
if (isWebview)
|
|
16
|
-
return 'webview';
|
|
17
|
-
if (isIOS || isAndroid)
|
|
18
|
-
return 'mobile';
|
|
19
|
-
return 'desktop';
|
|
20
|
-
}
|
|
21
|
-
/**
|
|
22
|
-
* Derive the flow taxonomy from connection mode + surface. HEURISTIC — UWC does
|
|
23
|
-
* not always know whether a WalletConnect handoff used a deeplink vs a QR scan;
|
|
24
|
-
* we infer from the platform (mobile ⇒ deeplink, desktop ⇒ QR), matching link-v2's
|
|
25
|
-
* historical intent. Consumers with better context may override downstream.
|
|
26
|
-
*/
|
|
27
|
-
export function deriveWalletFlowType(connectionMode, platform) {
|
|
28
|
-
const isDesktop = platform === 'desktop';
|
|
29
|
-
switch (connectionMode) {
|
|
30
|
-
case 'injected':
|
|
31
|
-
// Injected on a phone almost always means we're inside a wallet's browser.
|
|
32
|
-
return isDesktop ? 'browser_extension_flow' : 'in_wallet_browser_flow';
|
|
33
|
-
case 'walletConnect':
|
|
34
|
-
return isDesktop
|
|
35
|
-
? 'wallet_connect_qr_flow'
|
|
36
|
-
: 'wallet_connect_deep_link_flow';
|
|
37
|
-
case 'tonConnect':
|
|
38
|
-
return isDesktop ? 'ton_connect_qr_flow' : 'ton_connect_deep_link_flow';
|
|
39
|
-
default:
|
|
40
|
-
return 'unknown';
|
|
41
|
-
}
|
|
42
|
-
}
|
|
43
|
-
/**
|
|
44
|
-
* Map a raw `UWCEventMap` event to its PII-safe `UWCTelemetryEvent`.
|
|
45
|
-
*
|
|
46
|
-
* Per-event allow-listing: only known-safe fields are copied. Payloads carrying a
|
|
47
|
-
* `Session`/`Network` (which include the wallet address) are reduced to
|
|
48
|
-
* `namespace` + `chainId` + `walletId`. Unknown/noisy payloads collapse to just
|
|
49
|
-
* the name. `error.message` is scrubbed.
|
|
50
|
-
*/
|
|
51
|
-
export function normalizeEvent(name, data, sdkSessionId, now) {
|
|
52
|
-
const base = { name, sdkSessionId, timestamp: now };
|
|
53
|
-
switch (name) {
|
|
54
|
-
case 'connecting': {
|
|
55
|
-
const d = data;
|
|
56
|
-
return {
|
|
57
|
-
...base,
|
|
58
|
-
operation: 'connect',
|
|
59
|
-
connectionMode: d.connectionMode,
|
|
60
|
-
walletId: d.walletId
|
|
61
|
-
};
|
|
62
|
-
}
|
|
63
|
-
case 'connected':
|
|
64
|
-
case 'sessionChanged': {
|
|
65
|
-
const d = data;
|
|
66
|
-
const session = d.session;
|
|
67
|
-
return {
|
|
68
|
-
...base,
|
|
69
|
-
connectionMode: session.connectionMode ?? undefined,
|
|
70
|
-
namespace: session.activeNetwork?.namespace,
|
|
71
|
-
chainId: session.activeNetwork?.id,
|
|
72
|
-
walletId: session.activeWallet?.id
|
|
73
|
-
};
|
|
74
|
-
}
|
|
75
|
-
case 'networkSwitched': {
|
|
76
|
-
const d = data;
|
|
77
|
-
return {
|
|
78
|
-
...base,
|
|
79
|
-
operation: 'switchNetwork',
|
|
80
|
-
namespace: d.network.namespace,
|
|
81
|
-
chainId: d.network.id
|
|
82
|
-
};
|
|
83
|
-
}
|
|
84
|
-
case 'connectionUri': {
|
|
85
|
-
// Carry the mode but NEVER the URI itself (a relay/pairing string).
|
|
86
|
-
const d = data;
|
|
87
|
-
return { ...base, connectionMode: d.connectionMode };
|
|
88
|
-
}
|
|
89
|
-
case 'error': {
|
|
90
|
-
const d = data;
|
|
91
|
-
return {
|
|
92
|
-
...base,
|
|
93
|
-
operation: d.operation,
|
|
94
|
-
error: { type: d.error.type, message: scrubMessage(d.error.message) }
|
|
95
|
-
};
|
|
96
|
-
}
|
|
97
|
-
case 'awaitingWallet': {
|
|
98
|
-
const d = data;
|
|
99
|
-
return {
|
|
100
|
-
...base,
|
|
101
|
-
operation: d.operation,
|
|
102
|
-
connectionMode: d.connectionMode,
|
|
103
|
-
walletId: d.walletId,
|
|
104
|
-
namespace: d.namespace,
|
|
105
|
-
chainId: d.chainId,
|
|
106
|
-
handoffId: d.handoffId,
|
|
107
|
-
walletFlowType: d.walletFlowType,
|
|
108
|
-
platform: d.platform
|
|
109
|
-
};
|
|
110
|
-
}
|
|
111
|
-
case 'walletSucceeded':
|
|
112
|
-
case 'walletRejected':
|
|
113
|
-
case 'walletTimedOut': {
|
|
114
|
-
const d = data;
|
|
115
|
-
return {
|
|
116
|
-
...base,
|
|
117
|
-
operation: d.operation,
|
|
118
|
-
handoffId: d.handoffId,
|
|
119
|
-
durationMs: d.durationMs
|
|
120
|
-
};
|
|
121
|
-
}
|
|
122
|
-
case 'walletFailed': {
|
|
123
|
-
const d = data;
|
|
124
|
-
return {
|
|
125
|
-
...base,
|
|
126
|
-
operation: d.operation,
|
|
127
|
-
handoffId: d.handoffId,
|
|
128
|
-
durationMs: d.durationMs,
|
|
129
|
-
error: { type: d.error.type, message: scrubMessage(d.error.message) }
|
|
130
|
-
};
|
|
131
|
-
}
|
|
132
|
-
default:
|
|
133
|
-
// ready / walletsDetected / disconnected / networkSwitching /
|
|
134
|
-
// capabilitiesUpdated / change / log — name only (log goes via onLog).
|
|
135
|
-
return base;
|
|
136
|
-
}
|
|
137
|
-
}
|
|
138
|
-
//# sourceMappingURL=telemetry.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"telemetry.js","sourceRoot":"","sources":["../../src/observability/telemetry.ts"],"names":[],"mappings":"AAUA,OAAO,EAAE,YAAY,EAAE,MAAM,SAAS,CAAA;AAwDtC;;;;GAIG;AACH,MAAM,UAAU,cAAc;IAC5B,IAAI,OAAO,SAAS,KAAK,WAAW,IAAI,CAAC,SAAS,CAAC,SAAS;QAAE,OAAO,SAAS,CAAA;IAC9E,MAAM,EAAE,GAAG,SAAS,CAAC,SAAS,CAAA;IAC9B,MAAM,KAAK,GAAG,mBAAmB,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;IAC1C,MAAM,SAAS,GAAG,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;IACrC,gFAAgF;IAChF,MAAM,SAAS,GACb,CAAC,SAAS,IAAI,SAAS,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,KAAK,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAA;IACrE,IAAI,SAAS;QAAE,OAAO,SAAS,CAAA;IAC/B,IAAI,KAAK,IAAI,SAAS;QAAE,OAAO,QAAQ,CAAA;IACvC,OAAO,SAAS,CAAA;AAClB,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,oBAAoB,CAClC,cAA8B,EAC9B,QAAkB;IAElB,MAAM,SAAS,GAAG,QAAQ,KAAK,SAAS,CAAA;IACxC,QAAQ,cAAc,EAAE,CAAC;QACvB,KAAK,UAAU;YACb,2EAA2E;YAC3E,OAAO,SAAS,CAAC,CAAC,CAAC,wBAAwB,CAAC,CAAC,CAAC,wBAAwB,CAAA;QACxE,KAAK,eAAe;YAClB,OAAO,SAAS;gBACd,CAAC,CAAC,wBAAwB;gBAC1B,CAAC,CAAC,+BAA+B,CAAA;QACrC,KAAK,YAAY;YACf,OAAO,SAAS,CAAC,CAAC,CAAC,qBAAqB,CAAC,CAAC,CAAC,4BAA4B,CAAA;QACzE;YACE,OAAO,SAAS,CAAA;IACpB,CAAC;AACH,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,UAAU,cAAc,CAC5B,IAAO,EACP,IAAoB,EACpB,YAAoB,EACpB,GAAW;IAEX,MAAM,IAAI,GAAsB,EAAE,IAAI,EAAE,YAAY,EAAE,SAAS,EAAE,GAAG,EAAE,CAAA;IAEtE,QAAQ,IAAI,EAAE,CAAC;QACb,KAAK,YAAY,CAAC,CAAC,CAAC;YAClB,MAAM,CAAC,GAAG,IAAiC,CAAA;YAC3C,OAAO;gBACL,GAAG,IAAI;gBACP,SAAS,EAAE,SAAS;gBACpB,cAAc,EAAE,CAAC,CAAC,cAAc;gBAChC,QAAQ,EAAE,CAAC,CAAC,QAAQ;aACrB,CAAA;QACH,CAAC;QACD,KAAK,WAAW,CAAC;QACjB,KAAK,gBAAgB,CAAC,CAAC,CAAC;YACtB,MAAM,CAAC,GAAG,IAAgC,CAAA;YAC1C,MAAM,OAAO,GAAG,CAAC,CAAC,OAAO,CAAA;YACzB,OAAO;gBACL,GAAG,IAAI;gBACP,cAAc,EAAE,OAAO,CAAC,cAAc,IAAI,SAAS;gBACnD,SAAS,EAAE,OAAO,CAAC,aAAa,EAAE,SAAS;gBAC3C,OAAO,EAAE,OAAO,CAAC,aAAa,EAAE,EAAE;gBAClC,QAAQ,EAAE,OAAO,CAAC,YAAY,EAAE,EAAE;aACnC,CAAA;QACH,CAAC;QACD,KAAK,iBAAiB,CAAC,CAAC,CAAC;YACvB,MAAM,CAAC,GAAG,IAAsC,CAAA;YAChD,OAAO;gBACL,GAAG,IAAI;gBACP,SAAS,EAAE,eAAe;gBAC1B,SAAS,EAAE,CAAC,CAAC,OAAO,CAAC,SAAS;gBAC9B,OAAO,EAAE,CAAC,CAAC,OAAO,CAAC,EAAE;aACtB,CAAA;QACH,CAAC;QACD,KAAK,eAAe,CAAC,CAAC,CAAC;YACrB,oEAAoE;YACpE,MAAM,CAAC,GAAG,IAAoC,CAAA;YAC9C,OAAO,EAAE,GAAG,IAAI,EAAE,cAAc,EAAE,CAAC,CAAC,cAAc,EAAE,CAAA;QACtD,CAAC;QACD,KAAK,OAAO,CAAC,CAAC,CAAC;YACb,MAAM,CAAC,GAAG,IAA4B,CAAA;YACtC,OAAO;gBACL,GAAG,IAAI;gBACP,SAAS,EAAE,CAAC,CAAC,SAAS;gBACtB,KAAK,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,IAAI,EAAE,OAAO,EAAE,YAAY,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE;aACtE,CAAA;QACH,CAAC;QACD,KAAK,gBAAgB,CAAC,CAAC,CAAC;YACtB,MAAM,CAAC,GAAG,IAAqC,CAAA;YAC/C,OAAO;gBACL,GAAG,IAAI;gBACP,SAAS,EAAE,CAAC,CAAC,SAAS;gBACtB,cAAc,EAAE,CAAC,CAAC,cAAc;gBAChC,QAAQ,EAAE,CAAC,CAAC,QAAQ;gBACpB,SAAS,EAAE,CAAC,CAAC,SAAS;gBACtB,OAAO,EAAE,CAAC,CAAC,OAAO;gBAClB,SAAS,EAAE,CAAC,CAAC,SAAS;gBACtB,cAAc,EAAE,CAAC,CAAC,cAAc;gBAChC,QAAQ,EAAE,CAAC,CAAC,QAAQ;aACrB,CAAA;QACH,CAAC;QACD,KAAK,iBAAiB,CAAC;QACvB,KAAK,gBAAgB,CAAC;QACtB,KAAK,gBAAgB,CAAC,CAAC,CAAC;YACtB,MAAM,CAAC,GAAG,IAAsC,CAAA;YAChD,OAAO;gBACL,GAAG,IAAI;gBACP,SAAS,EAAE,CAAC,CAAC,SAAS;gBACtB,SAAS,EAAE,CAAC,CAAC,SAAS;gBACtB,UAAU,EAAE,CAAC,CAAC,UAAU;aACzB,CAAA;QACH,CAAC;QACD,KAAK,cAAc,CAAC,CAAC,CAAC;YACpB,MAAM,CAAC,GAAG,IAAmC,CAAA;YAC7C,OAAO;gBACL,GAAG,IAAI;gBACP,SAAS,EAAE,CAAC,CAAC,SAAS;gBACtB,SAAS,EAAE,CAAC,CAAC,SAAS;gBACtB,UAAU,EAAE,CAAC,CAAC,UAAU;gBACxB,KAAK,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,IAAI,EAAE,OAAO,EAAE,YAAY,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE;aACtE,CAAA;QACH,CAAC;QACD;YACE,8DAA8D;YAC9D,uEAAuE;YACvE,OAAO,IAAI,CAAA;IACf,CAAC;AACH,CAAC"}
|
package/dist/utils/id.d.ts
DELETED
package/dist/utils/id.d.ts.map
DELETED
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"id.d.ts","sourceRoot":"","sources":["../../src/utils/id.ts"],"names":[],"mappings":"AAgBA,wBAAgB,UAAU,IAAI,MAAM,CA+BnC"}
|
package/dist/utils/id.js
DELETED
|
@@ -1,41 +0,0 @@
|
|
|
1
|
-
/**
|
|
2
|
-
* Generate a correlation id (RFC-4122 v4 when available).
|
|
3
|
-
*
|
|
4
|
-
* Used for the per-instance `sdkSessionId` and per-handoff `handoffId` — both are
|
|
5
|
-
* opaque correlation tokens, never derived from wallet data (no address, no key).
|
|
6
|
-
* Prefers the native `crypto.randomUUID()` (browsers + Node ≥ 16); falls back to a
|
|
7
|
-
* `crypto.getRandomValues`-backed v4, and finally to a timestamp + monotonic
|
|
8
|
-
* counter only in environments that expose neither. Correlation ids need to be
|
|
9
|
-
* collision-resistant enough to pair a start event with its terminal — NOT
|
|
10
|
-
* cryptographically unpredictable — so the last-resort branch uses no PRNG.
|
|
11
|
-
*/
|
|
12
|
-
// Monotonic counter for the no-crypto fallback: guarantees per-process uniqueness
|
|
13
|
-
// without any pseudo-random generator (correlation ids need uniqueness, not
|
|
14
|
-
// unpredictability — and a counter is strictly more collision-resistant here).
|
|
15
|
-
let fallbackCounter = 0;
|
|
16
|
-
export function generateId() {
|
|
17
|
-
const c = typeof globalThis !== 'undefined' ? globalThis.crypto : undefined;
|
|
18
|
-
if (c?.randomUUID) {
|
|
19
|
-
return c.randomUUID();
|
|
20
|
-
}
|
|
21
|
-
if (c?.getRandomValues) {
|
|
22
|
-
const bytes = c.getRandomValues(new Uint8Array(16));
|
|
23
|
-
// Set the version (4) and variant (10xx) bits per RFC 4122 §4.4.
|
|
24
|
-
bytes[6] = (bytes[6] & 0x0f) | 0x40;
|
|
25
|
-
bytes[8] = (bytes[8] & 0x3f) | 0x80;
|
|
26
|
-
const hex = Array.from(bytes, b => b.toString(16).padStart(2, '0'));
|
|
27
|
-
return (hex.slice(0, 4).join('') +
|
|
28
|
-
'-' +
|
|
29
|
-
hex.slice(4, 6).join('') +
|
|
30
|
-
'-' +
|
|
31
|
-
hex.slice(6, 8).join('') +
|
|
32
|
-
'-' +
|
|
33
|
-
hex.slice(8, 10).join('') +
|
|
34
|
-
'-' +
|
|
35
|
-
hex.slice(10, 16).join(''));
|
|
36
|
-
}
|
|
37
|
-
// Last-resort fallback (no Web Crypto). Timestamp + monotonic counter keeps
|
|
38
|
-
// ids unique within the process without a PRNG. Sufficient for correlation.
|
|
39
|
-
return ('uwc-' + Date.now().toString(36) + '-' + (fallbackCounter++).toString(36));
|
|
40
|
-
}
|
|
41
|
-
//# sourceMappingURL=id.js.map
|
package/dist/utils/id.js.map
DELETED
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"id.js","sourceRoot":"","sources":["../../src/utils/id.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AACH,kFAAkF;AAClF,4EAA4E;AAC5E,+EAA+E;AAC/E,IAAI,eAAe,GAAG,CAAC,CAAA;AAEvB,MAAM,UAAU,UAAU;IACxB,MAAM,CAAC,GAAG,OAAO,UAAU,KAAK,WAAW,CAAC,CAAC,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAA;IAE3E,IAAI,CAAC,EAAE,UAAU,EAAE,CAAC;QAClB,OAAO,CAAC,CAAC,UAAU,EAAE,CAAA;IACvB,CAAC;IAED,IAAI,CAAC,EAAE,eAAe,EAAE,CAAC;QACvB,MAAM,KAAK,GAAG,CAAC,CAAC,eAAe,CAAC,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC,CAAA;QACnD,iEAAiE;QACjE,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAE,GAAG,IAAI,CAAC,GAAG,IAAI,CAAA;QACpC,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAE,GAAG,IAAI,CAAC,GAAG,IAAI,CAAA;QACpC,MAAM,GAAG,GAAG,KAAK,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAA;QACnE,OAAO,CACL,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC;YACxB,GAAG;YACH,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC;YACxB,GAAG;YACH,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC;YACxB,GAAG;YACH,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC;YACzB,GAAG;YACH,GAAG,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAC3B,CAAA;IACH,CAAC;IAED,4EAA4E;IAC5E,4EAA4E;IAC5E,OAAO,CACL,MAAM,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,GAAG,GAAG,GAAG,CAAC,eAAe,EAAE,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAC1E,CAAA;AACH,CAAC"}
|
|
@@ -1,16 +0,0 @@
|
|
|
1
|
-
import { type WalletError } from '@meshconnect/uwc-types';
|
|
2
|
-
/** Normalize any thrown value into the PII-light `WalletError` shape. */
|
|
3
|
-
export declare function toWalletError(error: unknown): WalletError;
|
|
4
|
-
/**
|
|
5
|
-
* Whether a thrown value is an explicit user rejection. Connectors usually wrap
|
|
6
|
-
* these as `WalletConnectorError{type:'rejected'}`, but a raw EIP-1193 reject
|
|
7
|
-
* (code `4001`) or ethers' `ACTION_REJECTED` can also reach the façade.
|
|
8
|
-
*/
|
|
9
|
-
export declare function isUserRejection(error: unknown): boolean;
|
|
10
|
-
/**
|
|
11
|
-
* Whether a thrown value is an intentional cancellation (AbortSignal / fetch
|
|
12
|
-
* abort). Matched by `name` rather than `instanceof Error` because a real abort is
|
|
13
|
-
* a `DOMException`, which is not an `Error` subclass in every runtime.
|
|
14
|
-
*/
|
|
15
|
-
export declare function isAbortError(error: unknown): boolean;
|
|
16
|
-
//# sourceMappingURL=to-wallet-error.d.ts.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"to-wallet-error.d.ts","sourceRoot":"","sources":["../../src/utils/to-wallet-error.ts"],"names":[],"mappings":"AAAA,OAAO,EAAwB,KAAK,WAAW,EAAE,MAAM,wBAAwB,CAAA;AAE/E,yEAAyE;AACzE,wBAAgB,aAAa,CAAC,KAAK,EAAE,OAAO,GAAG,WAAW,CAQzD;AAED;;;;GAIG;AACH,wBAAgB,eAAe,CAAC,KAAK,EAAE,OAAO,GAAG,OAAO,CAIvD;AAED;;;;GAIG;AACH,wBAAgB,YAAY,CAAC,KAAK,EAAE,OAAO,GAAG,OAAO,CAMpD"}
|