@moon-x/core 0.3.0 → 0.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/sdk/index.js CHANGED
@@ -31,10 +31,12 @@ var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: tru
31
31
  var sdk_exports = {};
32
32
  __export(sdk_exports, {
33
33
  assertPasskeyInParent: () => assertPasskeyInParent,
34
+ flattenPresenceTokens: () => flattenPresenceTokens,
34
35
  getHeadlessAuthenticationMethods: () => getHeadlessAuthenticationMethods,
35
36
  getHeadlessEthereumMethods: () => getHeadlessEthereumMethods,
36
37
  getHeadlessGeneralMethods: () => getHeadlessGeneralMethods,
37
38
  getHeadlessSolanaMethods: () => getHeadlessSolanaMethods,
39
+ getInternalPresenceTokens: () => getInternalPresenceTokens,
38
40
  getPresenceToken: () => getPresenceToken
39
41
  });
40
42
  module.exports = __toCommonJS(sdk_exports);
@@ -66,34 +68,6 @@ var toB64url = (bytes) => {
66
68
  return btoa(str).replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
67
69
  };
68
70
 
69
- // src/lib/passkey/passkey-cache.ts
70
- var cacheTtlMs = 0;
71
- var cache = null;
72
- var clearParentAssertCache = () => {
73
- cache = null;
74
- };
75
- var readParentAssertCache = () => {
76
- if (cacheTtlMs <= 0) return null;
77
- if (!cache) return null;
78
- if (Date.now() - cache.ts >= cacheTtlMs) return null;
79
- return {
80
- userHandleB64url: cache.userHandleB64url,
81
- credentialIdB64url: cache.credentialIdB64url
82
- };
83
- };
84
- var writeParentAssertCache = (entry) => {
85
- if (cacheTtlMs <= 0) return;
86
- cache = { ...entry, ts: Date.now() };
87
- };
88
- var withClearOnFailure = async (fn) => {
89
- try {
90
- return await fn();
91
- } catch (error) {
92
- clearParentAssertCache();
93
- throw error;
94
- }
95
- };
96
-
97
71
  // src/lib/ethereum/chains.ts
98
72
  var import_viem = require("viem");
99
73
 
@@ -317,13 +291,8 @@ var assertPasskeyInParent = async ({
317
291
  transport,
318
292
  passkey,
319
293
  publishableKey,
320
- requireFreshAssertion = false,
321
294
  validateCredentialInAllowList = false
322
295
  }) => {
323
- if (!requireFreshAssertion) {
324
- const cached = readParentAssertCache();
325
- if (cached) return cached;
326
- }
327
296
  const dekInfo = await transport.send(
328
297
  PostMessageType.AUTH,
329
298
  PostMessageMethod.GET_DEK_INFO,
@@ -347,12 +316,10 @@ var assertPasskeyInParent = async ({
347
316
  if (validateCredentialInAllowList && !allowList.includes(credential.rawIdB64url)) {
348
317
  throw new Error("unknown_passkey_for_this_account");
349
318
  }
350
- const result = {
319
+ return {
351
320
  userHandleB64url: credential.userHandleB64url,
352
321
  credentialIdB64url: credential.rawIdB64url
353
322
  };
354
- writeParentAssertCache(result);
355
- return result;
356
323
  };
357
324
 
358
325
  // src/sdk/get-presence-token.ts
@@ -384,19 +351,66 @@ var getPresenceToken = async ({
384
351
  };
385
352
  };
386
353
 
354
+ // src/sdk/get-internal-presence-tokens.ts
355
+ var getInternalPresenceTokens = async ({
356
+ transport,
357
+ passkey,
358
+ publishableKey,
359
+ relyingPartyOrigin,
360
+ scopes
361
+ }) => {
362
+ const { token, optionsJSON } = await transport.send(
363
+ PostMessageType.AUTH,
364
+ PostMessageMethod.PASSKEY_PRESENCE_BEGIN,
365
+ { publishableKey, relyingPartyOrigin }
366
+ );
367
+ const { response, userHandleB64url, credentialIdB64url } = await passkey.assertForInternalPresence({ optionsJSON });
368
+ const verify = await transport.send(
369
+ PostMessageType.AUTH,
370
+ PostMessageMethod.PASSKEY_PRESENCE_VERIFY,
371
+ {
372
+ publishableKey,
373
+ relyingPartyOrigin,
374
+ token,
375
+ response,
376
+ purpose: "internal",
377
+ scopes
378
+ }
379
+ );
380
+ const out = {};
381
+ for (const [scope, t] of Object.entries(verify.tokens ?? {})) {
382
+ out[scope] = { token: t.token, expiresAt: t.expires_at };
383
+ }
384
+ return {
385
+ tokens: out,
386
+ userHandleB64url,
387
+ credentialIdB64url
388
+ };
389
+ };
390
+ var flattenPresenceTokens = (result) => {
391
+ const out = {};
392
+ for (const [scope, t] of Object.entries(result.tokens)) {
393
+ out[scope] = t.token;
394
+ }
395
+ return out;
396
+ };
397
+
387
398
  // src/sdk/headless-ethereum.ts
399
+ var SCOPES_SIGN = ["keyshare_read", "sign"];
388
400
  var getHeadlessEthereumMethods = ({
389
401
  transport,
390
402
  passkey,
391
- publishableKey
403
+ publishableKey,
404
+ relyingPartyOrigin
392
405
  }) => ({
393
- signEthereumMessageHeadless: async (params) => withClearOnFailure(async () => {
406
+ signEthereumMessageHeadless: async (params) => {
394
407
  if (!transport.isReady()) throw new Error("SDK not ready");
395
- const { userHandleB64url, credentialIdB64url } = await assertPasskeyInParent({
408
+ const { userHandleB64url, credentialIdB64url, tokens } = await getInternalPresenceTokens({
396
409
  transport,
397
410
  passkey,
398
411
  publishableKey,
399
- requireFreshAssertion: params.requireFreshAssertion
412
+ relyingPartyOrigin,
413
+ scopes: SCOPES_SIGN
400
414
  });
401
415
  return transport.send(
402
416
  PostMessageType.WALLET,
@@ -407,17 +421,23 @@ var getHeadlessEthereumMethods = ({
407
421
  wallet: params.wallet,
408
422
  uiOptions: params.options?.uiOptions,
409
423
  userHandleB64url,
410
- credentialIdB64url
424
+ credentialIdB64url,
425
+ presenceTokens: flattenPresenceTokens({
426
+ tokens,
427
+ userHandleB64url,
428
+ credentialIdB64url
429
+ })
411
430
  }
412
431
  );
413
- }),
414
- signEthereumTransactionHeadless: async (params) => withClearOnFailure(async () => {
432
+ },
433
+ signEthereumTransactionHeadless: async (params) => {
415
434
  if (!transport.isReady()) throw new Error("SDK not ready");
416
- const { userHandleB64url, credentialIdB64url } = await assertPasskeyInParent({
435
+ const { userHandleB64url, credentialIdB64url, tokens } = await getInternalPresenceTokens({
417
436
  transport,
418
437
  passkey,
419
438
  publishableKey,
420
- requireFreshAssertion: params.requireFreshAssertion
439
+ relyingPartyOrigin,
440
+ scopes: SCOPES_SIGN
421
441
  });
422
442
  return transport.send(
423
443
  PostMessageType.WALLET,
@@ -429,17 +449,23 @@ var getHeadlessEthereumMethods = ({
429
449
  wallet: params.wallet,
430
450
  options: params.options,
431
451
  userHandleB64url,
432
- credentialIdB64url
452
+ credentialIdB64url,
453
+ presenceTokens: flattenPresenceTokens({
454
+ tokens,
455
+ userHandleB64url,
456
+ credentialIdB64url
457
+ })
433
458
  }
434
459
  );
435
- }),
436
- signEthereumTypedDataHeadless: async (params) => withClearOnFailure(async () => {
460
+ },
461
+ signEthereumTypedDataHeadless: async (params) => {
437
462
  if (!transport.isReady()) throw new Error("SDK not ready");
438
- const { userHandleB64url, credentialIdB64url } = await assertPasskeyInParent({
463
+ const { userHandleB64url, credentialIdB64url, tokens } = await getInternalPresenceTokens({
439
464
  transport,
440
465
  passkey,
441
466
  publishableKey,
442
- requireFreshAssertion: params.requireFreshAssertion
467
+ relyingPartyOrigin,
468
+ scopes: SCOPES_SIGN
443
469
  });
444
470
  return transport.send(
445
471
  PostMessageType.WALLET,
@@ -453,17 +479,23 @@ var getHeadlessEthereumMethods = ({
453
479
  wallet: params.wallet,
454
480
  options: params.options,
455
481
  userHandleB64url,
456
- credentialIdB64url
482
+ credentialIdB64url,
483
+ presenceTokens: flattenPresenceTokens({
484
+ tokens,
485
+ userHandleB64url,
486
+ credentialIdB64url
487
+ })
457
488
  }
458
489
  );
459
- }),
460
- signEthereumHashHeadless: async (params) => withClearOnFailure(async () => {
490
+ },
491
+ signEthereumHashHeadless: async (params) => {
461
492
  if (!transport.isReady()) throw new Error("SDK not ready");
462
- const { userHandleB64url, credentialIdB64url } = await assertPasskeyInParent({
493
+ const { userHandleB64url, credentialIdB64url, tokens } = await getInternalPresenceTokens({
463
494
  transport,
464
495
  passkey,
465
496
  publishableKey,
466
- requireFreshAssertion: params.requireFreshAssertion
497
+ relyingPartyOrigin,
498
+ scopes: SCOPES_SIGN
467
499
  });
468
500
  return transport.send(
469
501
  PostMessageType.WALLET,
@@ -474,17 +506,23 @@ var getHeadlessEthereumMethods = ({
474
506
  wallet: params.wallet,
475
507
  options: params.options,
476
508
  userHandleB64url,
477
- credentialIdB64url
509
+ credentialIdB64url,
510
+ presenceTokens: flattenPresenceTokens({
511
+ tokens,
512
+ userHandleB64url,
513
+ credentialIdB64url
514
+ })
478
515
  }
479
516
  );
480
- }),
481
- signEthereum7702AuthorizationHeadless: async (params) => withClearOnFailure(async () => {
517
+ },
518
+ signEthereum7702AuthorizationHeadless: async (params) => {
482
519
  if (!transport.isReady()) throw new Error("SDK not ready");
483
- const { userHandleB64url, credentialIdB64url } = await assertPasskeyInParent({
520
+ const { userHandleB64url, credentialIdB64url, tokens } = await getInternalPresenceTokens({
484
521
  transport,
485
522
  passkey,
486
523
  publishableKey,
487
- requireFreshAssertion: params.requireFreshAssertion
524
+ relyingPartyOrigin,
525
+ scopes: SCOPES_SIGN
488
526
  });
489
527
  return transport.send(
490
528
  PostMessageType.WALLET,
@@ -498,17 +536,23 @@ var getHeadlessEthereumMethods = ({
498
536
  wallet: params.wallet,
499
537
  options: params.options,
500
538
  userHandleB64url,
501
- credentialIdB64url
539
+ credentialIdB64url,
540
+ presenceTokens: flattenPresenceTokens({
541
+ tokens,
542
+ userHandleB64url,
543
+ credentialIdB64url
544
+ })
502
545
  }
503
546
  );
504
- }),
505
- sendEthereumTransactionHeadless: async (params) => withClearOnFailure(async () => {
547
+ },
548
+ sendEthereumTransactionHeadless: async (params) => {
506
549
  if (!transport.isReady()) throw new Error("SDK not ready");
507
- const { userHandleB64url, credentialIdB64url } = await assertPasskeyInParent({
550
+ const { userHandleB64url, credentialIdB64url, tokens } = await getInternalPresenceTokens({
508
551
  transport,
509
552
  passkey,
510
553
  publishableKey,
511
- requireFreshAssertion: params.requireFreshAssertion
554
+ relyingPartyOrigin,
555
+ scopes: SCOPES_SIGN
512
556
  });
513
557
  const serializedTransaction = await serializeEthereumTransaction(
514
558
  params.transaction
@@ -522,7 +566,12 @@ var getHeadlessEthereumMethods = ({
522
566
  wallet: params.wallet,
523
567
  options: params.options,
524
568
  userHandleB64url,
525
- credentialIdB64url
569
+ credentialIdB64url,
570
+ presenceTokens: flattenPresenceTokens({
571
+ tokens,
572
+ userHandleB64url,
573
+ credentialIdB64url
574
+ })
526
575
  }
527
576
  );
528
577
  if (!signed.serializedSigned) {
@@ -535,7 +584,7 @@ var getHeadlessEthereumMethods = ({
535
584
  signed.serializedSigned
536
585
  );
537
586
  return { hash };
538
- }),
587
+ },
539
588
  getEthereumBalance: async (params) => {
540
589
  if (!transport.isReady()) throw new Error("SDK not ready");
541
590
  return transport.send(
@@ -571,18 +620,21 @@ var getHeadlessEthereumMethods = ({
571
620
  });
572
621
 
573
622
  // src/sdk/headless-solana.ts
623
+ var SCOPES_SIGN2 = ["keyshare_read", "sign"];
574
624
  var getHeadlessSolanaMethods = ({
575
625
  transport,
576
626
  passkey,
577
- publishableKey
627
+ publishableKey,
628
+ relyingPartyOrigin
578
629
  }) => ({
579
- signSolanaMessageHeadless: async (params) => withClearOnFailure(async () => {
630
+ signSolanaMessageHeadless: async (params) => {
580
631
  if (!transport.isReady()) throw new Error("SDK not ready");
581
- const { userHandleB64url, credentialIdB64url } = await assertPasskeyInParent({
632
+ const { userHandleB64url, credentialIdB64url, tokens } = await getInternalPresenceTokens({
582
633
  transport,
583
634
  passkey,
584
635
  publishableKey,
585
- requireFreshAssertion: params.requireFreshAssertion
636
+ relyingPartyOrigin,
637
+ scopes: SCOPES_SIGN2
586
638
  });
587
639
  const { signature } = await transport.send(
588
640
  PostMessageType.WALLET,
@@ -593,18 +645,24 @@ var getHeadlessSolanaMethods = ({
593
645
  wallet: params.wallet,
594
646
  uiOptions: params.options?.uiOptions,
595
647
  userHandleB64url,
596
- credentialIdB64url
648
+ credentialIdB64url,
649
+ presenceTokens: flattenPresenceTokens({
650
+ tokens,
651
+ userHandleB64url,
652
+ credentialIdB64url
653
+ })
597
654
  }
598
655
  );
599
656
  return { signature: arrayLikeToBytes(signature) };
600
- }),
601
- signSolanaTransactionHeadless: async (params) => withClearOnFailure(async () => {
657
+ },
658
+ signSolanaTransactionHeadless: async (params) => {
602
659
  if (!transport.isReady()) throw new Error("SDK not ready");
603
- const { userHandleB64url, credentialIdB64url } = await assertPasskeyInParent({
660
+ const { userHandleB64url, credentialIdB64url, tokens } = await getInternalPresenceTokens({
604
661
  transport,
605
662
  passkey,
606
663
  publishableKey,
607
- requireFreshAssertion: params.requireFreshAssertion
664
+ relyingPartyOrigin,
665
+ scopes: SCOPES_SIGN2
608
666
  });
609
667
  const { signedTransaction } = await transport.send(
610
668
  PostMessageType.WALLET,
@@ -615,18 +673,24 @@ var getHeadlessSolanaMethods = ({
615
673
  wallet: params.wallet,
616
674
  options: params.options,
617
675
  userHandleB64url,
618
- credentialIdB64url
676
+ credentialIdB64url,
677
+ presenceTokens: flattenPresenceTokens({
678
+ tokens,
679
+ userHandleB64url,
680
+ credentialIdB64url
681
+ })
619
682
  }
620
683
  );
621
684
  return { signedTransaction: await bs58ToBytes(signedTransaction) };
622
- }),
623
- sendSolanaTransactionHeadless: async (params) => withClearOnFailure(async () => {
685
+ },
686
+ sendSolanaTransactionHeadless: async (params) => {
624
687
  if (!transport.isReady()) throw new Error("SDK not ready");
625
- const { userHandleB64url, credentialIdB64url } = await assertPasskeyInParent({
688
+ const { userHandleB64url, credentialIdB64url, tokens } = await getInternalPresenceTokens({
626
689
  transport,
627
690
  passkey,
628
691
  publishableKey,
629
- requireFreshAssertion: params.requireFreshAssertion
692
+ relyingPartyOrigin,
693
+ scopes: SCOPES_SIGN2
630
694
  });
631
695
  const { signedTransaction } = await transport.send(
632
696
  PostMessageType.WALLET,
@@ -637,7 +701,12 @@ var getHeadlessSolanaMethods = ({
637
701
  wallet: params.wallet,
638
702
  options: params.options,
639
703
  userHandleB64url,
640
- credentialIdB64url
704
+ credentialIdB64url,
705
+ presenceTokens: flattenPresenceTokens({
706
+ tokens,
707
+ userHandleB64url,
708
+ credentialIdB64url
709
+ })
641
710
  }
642
711
  );
643
712
  const broadcastSignature = await broadcastSolanaSigned(
@@ -645,7 +714,7 @@ var getHeadlessSolanaMethods = ({
645
714
  signedTransaction
646
715
  );
647
716
  return { signature: await bs58ToBytes(broadcastSignature) };
648
- }),
717
+ },
649
718
  getSolanaBalance: async (params) => {
650
719
  if (!transport.isReady()) throw new Error("SDK not ready");
651
720
  return transport.send(
@@ -757,11 +826,15 @@ var getHeadlessAuthenticationMethods = ({
757
826
  });
758
827
 
759
828
  // src/sdk/headless-general.ts
829
+ var SCOPES_CREATE_WALLET = ["dek_bootstrap", "keyshare_write"];
830
+ var SCOPES_IMPORT_KEY = ["dek_bootstrap", "keyshare_write"];
831
+ var SCOPES_REMOVE_PASSKEY = ["passkey_remove"];
760
832
  var getHeadlessGeneralMethods = ({
761
833
  transport,
762
834
  passkey,
763
835
  storage,
764
836
  publishableKey,
837
+ relyingPartyOrigin,
765
838
  setIsAuthenticated,
766
839
  setUser
767
840
  }) => ({
@@ -771,18 +844,34 @@ var getHeadlessGeneralMethods = ({
771
844
  { publishableKey }
772
845
  ),
773
846
  removePasskey: async (credentialIdB64url) => {
847
+ const { tokens, userHandleB64url, credentialIdB64url: assertedCredId } = await getInternalPresenceTokens({
848
+ transport,
849
+ passkey,
850
+ publishableKey,
851
+ relyingPartyOrigin,
852
+ scopes: SCOPES_REMOVE_PASSKEY
853
+ });
774
854
  await transport.send(
775
855
  PostMessageType.AUTH,
776
856
  PostMessageMethod.REMOVE_PASSKEY,
777
- { publishableKey, credentialIdB64url }
857
+ {
858
+ publishableKey,
859
+ credentialIdB64url,
860
+ presenceTokens: flattenPresenceTokens({
861
+ tokens,
862
+ userHandleB64url,
863
+ credentialIdB64url: assertedCredId
864
+ })
865
+ }
778
866
  );
779
867
  },
780
- createWallet: (walletType, options) => withClearOnFailure(async () => {
781
- const { userHandleB64url, credentialIdB64url } = await assertPasskeyInParent({
868
+ createWallet: async (walletType, options) => {
869
+ const { userHandleB64url, credentialIdB64url, tokens } = await getInternalPresenceTokens({
782
870
  transport,
783
871
  passkey,
784
872
  publishableKey,
785
- requireFreshAssertion: options?.requireFreshAssertion
873
+ relyingPartyOrigin,
874
+ scopes: SCOPES_CREATE_WALLET
786
875
  });
787
876
  const wallet = await transport.send(
788
877
  PostMessageType.WALLET,
@@ -792,17 +881,23 @@ var getHeadlessGeneralMethods = ({
792
881
  publishableKey,
793
882
  options,
794
883
  userHandleB64url,
795
- credentialIdB64url
884
+ credentialIdB64url,
885
+ presenceTokens: flattenPresenceTokens({
886
+ tokens,
887
+ userHandleB64url,
888
+ credentialIdB64url
889
+ })
796
890
  }
797
891
  );
798
892
  return { wallet };
799
- }),
800
- importKey: (walletType, key, options) => withClearOnFailure(async () => {
801
- const { userHandleB64url, credentialIdB64url } = await assertPasskeyInParent({
893
+ },
894
+ importKey: async (walletType, key) => {
895
+ const { userHandleB64url, credentialIdB64url, tokens } = await getInternalPresenceTokens({
802
896
  transport,
803
897
  passkey,
804
898
  publishableKey,
805
- requireFreshAssertion: options?.requireFreshAssertion
899
+ relyingPartyOrigin,
900
+ scopes: SCOPES_IMPORT_KEY
806
901
  });
807
902
  const wallet = await transport.send(
808
903
  PostMessageType.WALLET,
@@ -812,11 +907,16 @@ var getHeadlessGeneralMethods = ({
812
907
  publishableKey,
813
908
  key,
814
909
  userHandleB64url,
815
- credentialIdB64url
910
+ credentialIdB64url,
911
+ presenceTokens: flattenPresenceTokens({
912
+ tokens,
913
+ userHandleB64url,
914
+ credentialIdB64url
915
+ })
816
916
  }
817
917
  );
818
918
  return { wallet };
819
- }),
919
+ },
820
920
  getWallets: async (walletType) => {
821
921
  const { wallets } = await transport.send(
822
922
  PostMessageType.WALLET,
@@ -856,7 +956,6 @@ var getHeadlessGeneralMethods = ({
856
956
  await transport.send(PostMessageType.AUTH, PostMessageMethod.LOGOUT, {
857
957
  publishableKey
858
958
  });
859
- clearParentAssertCache();
860
959
  await storage.remove("id_token");
861
960
  if (setIsAuthenticated) setIsAuthenticated(false);
862
961
  if (setUser) setUser(null);
@@ -905,9 +1004,11 @@ var getHeadlessGeneralMethods = ({
905
1004
  // Annotate the CommonJS export names for ESM import in node:
906
1005
  0 && (module.exports = {
907
1006
  assertPasskeyInParent,
1007
+ flattenPresenceTokens,
908
1008
  getHeadlessAuthenticationMethods,
909
1009
  getHeadlessEthereumMethods,
910
1010
  getHeadlessGeneralMethods,
911
1011
  getHeadlessSolanaMethods,
1012
+ getInternalPresenceTokens,
912
1013
  getPresenceToken
913
1014
  });