npm - @morseai/sdk - Versions diffs - 0.1.0-beta.6 → 0.1.0-beta.8 - Mend

@morseai/sdk 0.1.0-beta.6 → 0.1.0-beta.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

package/README.md CHANGED Viewed

@@ -6,7 +6,7 @@
 TypeScript SDK for creating and accessing encrypted signals in the MORSE platform.
-**Version:** 0.1.0-beta.6 (Beta Release)
+**Version:** 0.1.0-beta.8 (Beta Release)
 > ⚠️ **Beta Notice**: This is a beta release. The API is stable but may have minor changes before the 1.0.0 release. Please report any issues you encounter.

package/dist/index.d.mts CHANGED Viewed

@@ -73,6 +73,16 @@ interface CreateSignalOptionsEncrypted {
         enabled: boolean;
         network: string;
     };
+    /**
+     * Domain for key derivation (optional, defaults to "morseai.tech")
+     * Should match the domain used when opening the signal
+     */
+    domain?: string;
+    /**
+     * Chain ID for key derivation (optional, defaults to 8453 for Base)
+     * Should match the chain ID used when opening the signal
+     */
+    chainId?: number;
     /**
      * Specific expiration date and time (ISO 8601 format).
      * Use this for custom expiration dates.

package/dist/index.d.ts CHANGED Viewed

@@ -73,6 +73,16 @@ interface CreateSignalOptionsEncrypted {
         enabled: boolean;
         network: string;
     };
+    /**
+     * Domain for key derivation (optional, defaults to "morseai.tech")
+     * Should match the domain used when opening the signal
+     */
+    domain?: string;
+    /**
+     * Chain ID for key derivation (optional, defaults to 8453 for Base)
+     * Should match the chain ID used when opening the signal
+     */
+    chainId?: number;
     /**
      * Specific expiration date and time (ISO 8601 format).
      * Use this for custom expiration dates.

package/dist/index.js CHANGED Viewed

@@ -32,6 +32,7 @@ __export(crypto_x25519_exports, {
   deriveKeyPairFromWalletSignature: () => deriveKeyPairFromWalletSignature,
   generateSignalId: () => generateSignalId,
   openSharedSignal: () => openSharedSignal,
+  sealDataKey: () => sealDataKey,
   verifyKeyCertificate: () => verifyKeyCertificate
 });
 async function getSodium() {
@@ -291,6 +292,54 @@ async function openSharedSignal(encryptedPayloadBase64, payloadNonceBase64, seal
   );
   return payload;
 }
+async function sealDataKey(dataKeyBytes, walletTarget, walletCreator, expiresAt, signalId, domain, chainId, signMessage) {
+  await getSodium();
+  const senderKeypair = sodium.crypto_box_keypair();
+  const recipientKeypair = await deriveKeyPairFromWalletSignature(
+    walletTarget,
+    domain,
+    chainId,
+    signMessage
+  );
+  const recipientPubKey = recipientKeypair.publicKey;
+  const sharedSecret = sodium.crypto_scalarmult(
+    senderKeypair.privateKey,
+    recipientPubKey
+  );
+  const salt = `MORSE_SEAL_${signalId}_v1`;
+  const info = "wrap_datakey";
+  const wrappingKey = await hkdfSha256(sharedSecret, salt, info, 32);
+  const sealedNonce = sodium.randombytes_buf(sodium.crypto_aead_xchacha20poly1305_ietf_NPUBBYTES);
+  const expiresAtInt = Math.floor(Number(expiresAt));
+  const abiCoder = ethers.ethers.AbiCoder.defaultAbiCoder();
+  const senderEphemeralPubKeyHex = ethers.ethers.zeroPadValue(ethers.ethers.hexlify(senderKeypair.publicKey), 32);
+  const aad = abiCoder.encode(
+    ["string", "address", "address", "uint64", "string", "bytes32"],
+    [
+      signalId,
+      walletTarget.toLowerCase(),
+      walletCreator.toLowerCase(),
+      expiresAtInt,
+      exports.X25519_CIPHER_VERSION,
+      senderEphemeralPubKeyHex
+    ]
+  );
+  const aadBytes = ethers.ethers.getBytes(aad);
+  const aadHash = ethers.ethers.keccak256(aad).slice(2);
+  const sealedDataKey = sodium.crypto_aead_xchacha20poly1305_ietf_encrypt(
+    dataKeyBytes,
+    aadBytes,
+    null,
+    sealedNonce,
+    wrappingKey
+  );
+  return {
+    sealedDataKey: Buffer.from(sealedDataKey).toString("base64"),
+    sealedNonce: Buffer.from(sealedNonce).toString("base64"),
+    senderEphemeralPublicKey: Buffer.from(senderKeypair.publicKey).toString("base64"),
+    aadHash
+  };
+}
 function generateSignalId() {
   const bytes = new Uint8Array(16);
   globalThis.crypto.getRandomValues(bytes);
@@ -1249,7 +1298,36 @@ var MorseSDKV1 = class {
   }
   async createPrivateSignalEncrypted(wallet, options) {
     const key = await generateKey();
-    await exportKey(key);
+    const keyBase64 = await exportKey(key);
+    const signalId = options.signalId || generateSignalId();
+    let expiresAtMs;
+    if (options.expiresAt) {
+      expiresAtMs = new Date(options.expiresAt).getTime();
+    } else if (options.expiresIn) {
+      const match = options.expiresIn.match(/^(\d+)([smhd])$/);
+      if (!match) throw new Error("Invalid expiresIn format");
+      const value = parseInt(match[1], 10);
+      const unit = match[2];
+      const multipliers = { s: 1e3, m: 6e4, h: 36e5, d: 864e5 };
+      expiresAtMs = Date.now() + value * multipliers[unit];
+    } else {
+      expiresAtMs = Date.now() + 24 * 60 * 60 * 1e3;
+    }
+    const walletTarget = wallet.address;
+    const walletCreator = wallet.address;
+    const domain = options.domain || "morseai.tech";
+    const chainId = options.chainId ?? 8453;
+    const keyBytes = this.base64ToUint8Array(keyBase64);
+    const sealedBox = await sealDataKey(
+      keyBytes,
+      walletTarget.toLowerCase(),
+      walletCreator.toLowerCase(),
+      expiresAtMs,
+      signalId,
+      domain,
+      chainId,
+      wallet.signMessage
+    );
     let encryptedText;
     let payloadNonce;
     let fileOptions;
@@ -1276,6 +1354,7 @@ var MorseSDKV1 = class {
       };
     }
     const signalOptions = {
+      signalId,
       walletTarget: options.walletTarget,
       shareWithRecipient: options.shareWithRecipient,
       mode: options.mode,
@@ -1284,10 +1363,13 @@ var MorseSDKV1 = class {
       cipherVersion: getCipherVersion(),
       encryptedText,
       payloadNonce,
+      sealedDataKey: sealedBox.sealedDataKey,
+      sealedNonce: sealedBox.sealedNonce,
+      senderEphemeralPublicKey: sealedBox.senderEphemeralPublicKey,
+      aadHash: sealedBox.aadHash,
       file: fileOptions,
       onChainNotification: options.onChainNotification,
-      expiresAt: options.expiresAt,
-      expiresIn: options.expiresIn
+      expiresAt: new Date(expiresAtMs).toISOString()
     };
     const result = await this.createSignal(wallet, signalOptions);
     const shareableLink = generateShareableLink(FRONTEND_BASE_URL, result.signalId);