@mysten/seal 0.2.0 → 0.3.0

package/dist/cjs/error.js

@@ -0,0 +1,175 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __typeError = (msg) => {
+  throw TypeError(msg);
+};
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var __accessCheck = (obj, member, msg) => member.has(obj) || __typeError("Cannot " + msg);
+var __privateAdd = (obj, member, value) => member.has(obj) ? __typeError("Cannot add the same private member more than once") : member instanceof WeakSet ? member.add(obj) : member.set(obj, value);
+var __privateMethod = (obj, member, method) => (__accessCheck(obj, member, "access private method"), method);
+var error_exports = {};
+__export(error_exports, {
+  ExpiredSessionKeyError: () => ExpiredSessionKeyError,
+  GeneralError: () => GeneralError,
+  InconsistentKeyServersError: () => InconsistentKeyServersError,
+  InternalError: () => InternalError,
+  InvalidCiphertextError: () => InvalidCiphertextError,
+  InvalidGetObjectError: () => InvalidGetObjectError,
+  InvalidKeyServerError: () => InvalidKeyServerError,
+  InvalidPTBError: () => InvalidPTBError,
+  InvalidPackageError: () => InvalidPackageError,
+  InvalidPersonalMessageSignatureError: () => InvalidPersonalMessageSignatureError,
+  InvalidSessionKeySignatureError: () => InvalidSessionKeySignatureError,
+  InvalidThresholdError: () => InvalidThresholdError,
+  InvalidUserSignatureError: () => InvalidUserSignatureError,
+  NoAccessError: () => NoAccessError,
+  OldPackageError: () => OldPackageError,
+  SealAPIError: () => SealAPIError,
+  SealError: () => SealError,
+  UnsupportedFeatureError: () => UnsupportedFeatureError,
+  UnsupportedNetworkError: () => UnsupportedNetworkError,
+  UserError: () => UserError,
+  toMajorityError: () => toMajorityError
+});
+module.exports = __toCommonJS(error_exports);
+var _SealAPIError_static, generate_fn;
+class SealError extends Error {
+}
+class UserError extends SealError {
+}
+const _SealAPIError = class _SealAPIError extends SealError {
+  constructor(message, requestId, status) {
+    super(message);
+    this.requestId = requestId;
+    this.status = status;
+  }
+  static async assertResponse(response, requestId) {
+    var _a;
+    if (response.ok) {
+      return;
+    }
+    let errorInstance;
+    try {
+      const text = await response.text();
+      const error = JSON.parse(text)["error"];
+      errorInstance = __privateMethod(_a = _SealAPIError, _SealAPIError_static, generate_fn).call(_a, error, requestId);
+    } catch (e) {
+      errorInstance = new GeneralError(response.statusText, requestId, response.status);
+    }
+    throw errorInstance;
+  }
+};
+_SealAPIError_static = new WeakSet();
+generate_fn = function(message, requestId, status) {
+  switch (message) {
+    case "InvalidPTB":
+      return new InvalidPTBError(requestId);
+    case "InvalidPackage":
+      return new InvalidPackageError(requestId);
+    case "NoAccess":
+      return new NoAccessError(requestId);
+    case "InvalidCertificate":
+      return new ExpiredSessionKeyError(requestId);
+    case "OldPackageVersion":
+      return new OldPackageError(requestId);
+    case "InvalidSignature":
+      return new InvalidUserSignatureError(requestId);
+    case "InvalidSessionSignature":
+      return new InvalidSessionKeySignatureError(requestId);
+    case "Failure":
+      return new InternalError(requestId);
+    default:
+      return new GeneralError(message, requestId, status);
+  }
+};
+__privateAdd(_SealAPIError, _SealAPIError_static);
+let SealAPIError = _SealAPIError;
+class InvalidPTBError extends SealAPIError {
+  constructor(requestId) {
+    super("PTB does not conform to the expected format", requestId);
+  }
+}
+class InvalidPackageError extends SealAPIError {
+  constructor(requestId) {
+    super("Package ID used in PTB is invalid", requestId);
+  }
+}
+class OldPackageError extends SealAPIError {
+  constructor(requestId) {
+    super("PTB must call the latest version of the package", requestId);
+  }
+}
+class InvalidUserSignatureError extends SealAPIError {
+  constructor(requestId) {
+    super("User signature on the session key is invalid", requestId);
+  }
+}
+class InvalidSessionKeySignatureError extends SealAPIError {
+  constructor(requestId) {
+    super("Session key signature is invalid", requestId);
+  }
+}
+class NoAccessError extends SealAPIError {
+  constructor(requestId) {
+    super("User does not have access to one or more of the requested keys", requestId);
+  }
+}
+class ExpiredSessionKeyError extends SealAPIError {
+  constructor(requestId) {
+    super("Session key has expired", requestId);
+  }
+}
+class InternalError extends SealAPIError {
+  constructor(requestId) {
+    super("Internal server error, caller should retry", requestId);
+  }
+}
+class GeneralError extends SealAPIError {
+}
+class InvalidPersonalMessageSignatureError extends UserError {
+}
+class InvalidGetObjectError extends UserError {
+}
+class UnsupportedFeatureError extends UserError {
+}
+class UnsupportedNetworkError extends UserError {
+}
+class InvalidKeyServerError extends UserError {
+}
+class InvalidCiphertextError extends UserError {
+}
+class InvalidThresholdError extends UserError {
+}
+class InconsistentKeyServersError extends UserError {
+}
+function toMajorityError(errors) {
+  let maxCount = 0;
+  let majorityError = errors[0];
+  const counts = /* @__PURE__ */ new Map();
+  for (const error of errors) {
+    const errorName = error.constructor.name;
+    const newCount = (counts.get(errorName) || 0) + 1;
+    counts.set(errorName, newCount);
+    if (newCount > maxCount) {
+      maxCount = newCount;
+      majorityError = error;
+    }
+  }
+  return majorityError;
+}
+//# sourceMappingURL=error.js.map

package/dist/cjs/error.js.map

@@ -0,0 +1,7 @@
+{
+  "version": 3,
+  "sources": ["../../src/error.ts"],
+  "sourcesContent": ["// Copyright (c) Mysten Labs, Inc.\n// SPDX-License-Identifier: Apache-2.0\n\nexport class SealError extends Error {}\n\nexport class UserError extends SealError {}\n\n// Errors returned by the Seal server\nexport class SealAPIError extends SealError {\n\tconstructor(\n\t\tmessage: string,\n\t\tpublic requestId?: string,\n\t\tpublic status?: number,\n\t) {\n\t\tsuper(message);\n\t}\n\n\tstatic #generate(message: string, requestId: string, status?: number) {\n\t\tswitch (message) {\n\t\t\tcase 'InvalidPTB':\n\t\t\t\treturn new InvalidPTBError(requestId);\n\t\t\tcase 'InvalidPackage':\n\t\t\t\treturn new InvalidPackageError(requestId);\n\t\t\tcase 'NoAccess':\n\t\t\t\treturn new NoAccessError(requestId);\n\t\t\tcase 'InvalidCertificate':\n\t\t\t\treturn new ExpiredSessionKeyError(requestId);\n\t\t\tcase 'OldPackageVersion':\n\t\t\t\treturn new OldPackageError(requestId);\n\t\t\tcase 'InvalidSignature':\n\t\t\t\treturn new InvalidUserSignatureError(requestId);\n\t\t\tcase 'InvalidSessionSignature':\n\t\t\t\treturn new InvalidSessionKeySignatureError(requestId);\n\t\t\tcase 'Failure':\n\t\t\t\treturn new InternalError(requestId);\n\t\t\tdefault:\n\t\t\t\treturn new GeneralError(message, requestId, status);\n\t\t}\n\t}\n\n\tstatic async assertResponse(response: Response, requestId: string) {\n\t\tif (response.ok) {\n\t\t\treturn;\n\t\t}\n\t\tlet errorInstance: SealAPIError;\n\t\ttry {\n\t\t\tconst text = await response.text();\n\t\t\tconst error = JSON.parse(text)['error'];\n\t\t\terrorInstance = SealAPIError.#generate(error, requestId);\n\t\t} catch (e) {\n\t\t\t// If we can't parse the response as JSON or if it doesn't have the expected format,\n\t\t\t// fall back to using the status text\n\t\t\terrorInstance = new GeneralError(response.statusText, requestId, response.status);\n\t\t}\n\t\tthrow errorInstance;\n\t}\n}\n\n// Errors returned by the Seal server that indicate that the PTB is invalid\n\nexport class InvalidPTBError extends SealAPIError {\n\tconstructor(requestId?: string) {\n\t\tsuper('PTB does not conform to the expected format', requestId);\n\t}\n}\n\nexport class InvalidPackageError extends SealAPIError {\n\tconstructor(requestId?: string) {\n\t\tsuper('Package ID used in PTB is invalid', requestId);\n\t}\n}\n\nexport class OldPackageError extends SealAPIError {\n\tconstructor(requestId?: string) {\n\t\tsuper('PTB must call the latest version of the package', requestId);\n\t}\n}\n\n// Errors returned by the Seal server that indicate that the user's signature is invalid\n\nexport class InvalidUserSignatureError extends SealAPIError {\n\tconstructor(requestId?: string) {\n\t\tsuper('User signature on the session key is invalid', requestId);\n\t}\n}\n\nexport class InvalidSessionKeySignatureError extends SealAPIError {\n\tconstructor(requestId?: string) {\n\t\tsuper('Session key signature is invalid', requestId);\n\t}\n}\n\n/** Server error indicating that the user does not have access to one or more of the requested keys */\nexport class NoAccessError extends SealAPIError {\n\tconstructor(requestId?: string) {\n\t\tsuper('User does not have access to one or more of the requested keys', requestId);\n\t}\n}\n\n/** Server error indicating that the session key has expired */\nexport class ExpiredSessionKeyError extends SealAPIError {\n\tconstructor(requestId?: string) {\n\t\tsuper('Session key has expired', requestId);\n\t}\n}\n\n/** Internal server error, caller should retry */\nexport class InternalError extends SealAPIError {\n\tconstructor(requestId?: string) {\n\t\tsuper('Internal server error, caller should retry', requestId);\n\t}\n}\n\n/** General server errors that are not specific to the Seal API (e.g., 404 \"Not Found\") */\nexport class GeneralError extends SealAPIError {}\n\n// Errors returned by the SDK\nexport class InvalidPersonalMessageSignatureError extends UserError {}\nexport class InvalidGetObjectError extends UserError {}\nexport class UnsupportedFeatureError extends UserError {}\nexport class UnsupportedNetworkError extends UserError {}\nexport class InvalidKeyServerError extends UserError {}\nexport class InvalidCiphertextError extends UserError {}\nexport class InvalidThresholdError extends UserError {}\nexport class InconsistentKeyServersError extends UserError {}\n\nexport function toMajorityError(errors: Error[]): Error {\n\tlet maxCount = 0;\n\tlet majorityError = errors[0];\n\tconst counts = new Map<string, number>();\n\tfor (const error of errors) {\n\t\tconst errorName = error.constructor.name;\n\t\tconst newCount = (counts.get(errorName) || 0) + 1;\n\t\tcounts.set(errorName, newCount);\n\n\t\tif (newCount > maxCount) {\n\t\t\tmaxCount = newCount;\n\t\t\tmajorityError = error;\n\t\t}\n\t}\n\n\treturn majorityError;\n}\n"],
+  "mappings": ";;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAGO,MAAM,kBAAkB,MAAM;AAAC;AAE/B,MAAM,kBAAkB,UAAU;AAAC;AAGnC,MAAM,gBAAN,MAAM,sBAAqB,UAAU;AAAA,EAC3C,YACC,SACO,WACA,QACN;AACD,UAAM,OAAO;AAHN;AACA;AAAA,EAGR;AAAA,EAyBA,aAAa,eAAe,UAAoB,WAAmB;AAxCpE;AAyCE,QAAI,SAAS,IAAI;AAChB;AAAA,IACD;AACA,QAAI;AACJ,QAAI;AACH,YAAM,OAAO,MAAM,SAAS,KAAK;AACjC,YAAM,QAAQ,KAAK,MAAM,IAAI,EAAE,OAAO;AACtC,sBAAgB,oCAAa,mCAAb,SAAuB,OAAO;AAAA,IAC/C,SAAS,GAAG;AAGX,sBAAgB,IAAI,aAAa,SAAS,YAAY,WAAW,SAAS,MAAM;AAAA,IACjF;AACA,UAAM;AAAA,EACP;AACD;AAhDO;AASC,cAAS,SAAC,SAAiB,WAAmB,QAAiB;AACrE,UAAQ,SAAS;AAAA,IAChB,KAAK;AACJ,aAAO,IAAI,gBAAgB,SAAS;AAAA,IACrC,KAAK;AACJ,aAAO,IAAI,oBAAoB,SAAS;AAAA,IACzC,KAAK;AACJ,aAAO,IAAI,cAAc,SAAS;AAAA,IACnC,KAAK;AACJ,aAAO,IAAI,uBAAuB,SAAS;AAAA,IAC5C,KAAK;AACJ,aAAO,IAAI,gBAAgB,SAAS;AAAA,IACrC,KAAK;AACJ,aAAO,IAAI,0BAA0B,SAAS;AAAA,IAC/C,KAAK;AACJ,aAAO,IAAI,gCAAgC,SAAS;AAAA,IACrD,KAAK;AACJ,aAAO,IAAI,cAAc,SAAS;AAAA,IACnC;AACC,aAAO,IAAI,aAAa,SAAS,WAAW,MAAM;AAAA,EACpD;AACD;AA9BM,aAAM,eAAN;AAAA,IAAM,eAAN;AAoDA,MAAM,wBAAwB,aAAa;AAAA,EACjD,YAAY,WAAoB;AAC/B,UAAM,+CAA+C,SAAS;AAAA,EAC/D;AACD;AAEO,MAAM,4BAA4B,aAAa;AAAA,EACrD,YAAY,WAAoB;AAC/B,UAAM,qCAAqC,SAAS;AAAA,EACrD;AACD;AAEO,MAAM,wBAAwB,aAAa;AAAA,EACjD,YAAY,WAAoB;AAC/B,UAAM,mDAAmD,SAAS;AAAA,EACnE;AACD;AAIO,MAAM,kCAAkC,aAAa;AAAA,EAC3D,YAAY,WAAoB;AAC/B,UAAM,gDAAgD,SAAS;AAAA,EAChE;AACD;AAEO,MAAM,wCAAwC,aAAa;AAAA,EACjE,YAAY,WAAoB;AAC/B,UAAM,oCAAoC,SAAS;AAAA,EACpD;AACD;AAGO,MAAM,sBAAsB,aAAa;AAAA,EAC/C,YAAY,WAAoB;AAC/B,UAAM,kEAAkE,SAAS;AAAA,EAClF;AACD;AAGO,MAAM,+BAA+B,aAAa;AAAA,EACxD,YAAY,WAAoB;AAC/B,UAAM,2BAA2B,SAAS;AAAA,EAC3C;AACD;AAGO,MAAM,sBAAsB,aAAa;AAAA,EAC/C,YAAY,WAAoB;AAC/B,UAAM,8CAA8C,SAAS;AAAA,EAC9D;AACD;AAGO,MAAM,qBAAqB,aAAa;AAAC;AAGzC,MAAM,6CAA6C,UAAU;AAAC;AAC9D,MAAM,8BAA8B,UAAU;AAAC;AAC/C,MAAM,gCAAgC,UAAU;AAAC;AACjD,MAAM,gCAAgC,UAAU;AAAC;AACjD,MAAM,8BAA8B,UAAU;AAAC;AAC/C,MAAM,+BAA+B,UAAU;AAAC;AAChD,MAAM,8BAA8B,UAAU;AAAC;AAC/C,MAAM,oCAAoC,UAAU;AAAC;AAErD,SAAS,gBAAgB,QAAwB;AACvD,MAAI,WAAW;AACf,MAAI,gBAAgB,OAAO,CAAC;AAC5B,QAAM,SAAS,oBAAI,IAAoB;AACvC,aAAW,SAAS,QAAQ;AAC3B,UAAM,YAAY,MAAM,YAAY;AACpC,UAAM,YAAY,OAAO,IAAI,SAAS,KAAK,KAAK;AAChD,WAAO,IAAI,WAAW,QAAQ;AAE9B,QAAI,WAAW,UAAU;AACxB,iBAAW;AACX,sBAAgB;AAAA,IACjB;AAAA,EACD;AAEA,SAAO;AACR;",
+  "names": []
+}

package/dist/cjs/ibe.d.ts

@@ -1,6 +1,6 @@
+import type { IBEEncryptions } from './bcs.js';
 import { G1Element, G2Element } from './bls12381.js';
 import type { KeyServer } from './key-server.js';
-import type { IBEEncryptionsType } from './types.js';
 /**
  * The domain separation tag for the hash-to-group function.
  */
@@ -13,12 +13,8 @@ export declare const DST_POP: Uint8Array;
  * The interface for the key servers.
  */
 export declare abstract class IBEServers {
-    protected readonly object_ids: Uint8Array[];
-    protected constructor(object_ids: Uint8Array[]);
-    /**
-     * The object IDs of the key servers.
-     */
-    getObjectIds(): Uint8Array[];
+    objectIds: string[];
+    constructor(objectIds: string[]);
     /**
      * The number of key servers.
      */
@@ -27,25 +23,25 @@ export declare abstract class IBEServers {
      * Encrypt a batch of messages for the given identity.
      *
      * @param id The identity.
-     * @param msg_and_infos The messages and an additional info parameter which will be included in the KDF.
+     * @param msgAndInfos The messages and an additional info parameter which will be included in the KDF.
      * @returns The encrypted messages.
      */
-    abstract encryptBatched(id: Uint8Array, msg_and_infos: {
+    abstract encryptBatched(id: Uint8Array, msgAndInfos: {
         msg: Uint8Array;
         info: Uint8Array;
-    }[]): IBEEncryptionsType;
+    }[], randomnessKey: Uint8Array): typeof IBEEncryptions.$inferType;
 }
 /**
  * Identity-based encryption based on the Boneh-Franklin IBE scheme.
  * This object represents a set of key servers that can be used to encrypt messages for a given identity.
  */
 export declare class BonehFranklinBLS12381Services extends IBEServers {
-    readonly public_keys: G2Element[];
+    readonly publicKeys: G2Element[];
     constructor(services: KeyServer[]);
-    encryptBatched(id: Uint8Array, msg_and_infos: {
+    encryptBatched(id: Uint8Array, msgAndInfos: {
         msg: Uint8Array;
         info: Uint8Array;
-    }[]): IBEEncryptionsType;
+    }[], randomnessKey: Uint8Array): typeof IBEEncryptions.$inferType;
     /**
      * Returns true if the user secret key is valid for the given public key and id.
      * @param user_secret_key - The user secret key.
@@ -53,7 +49,7 @@ export declare class BonehFranklinBLS12381Services extends IBEServers {
      * @param public_key - The public key.
      * @returns True if the user secret key is valid for the given public key and id.
      */
-    static verifyUserSecretKey(user_secret_key: G1Element, id: Uint8Array, public_key: G2Element): boolean;
+    static verifyUserSecretKey(userSecretKey: G1Element, id: string, publicKey: G2Element): boolean;
     /**
      * Identity-based decryption.
      *

package/dist/cjs/ibe.js

@@ -24,45 +24,42 @@ __export(ibe_exports, {
   IBEServers: () => IBEServers
 });
 module.exports = __toCommonJS(ibe_exports);
+var import_bcs = require("@mysten/bcs");
 var import_bls12381 = require("./bls12381.js");
 var import_kdf = require("./kdf.js");
 var import_utils = require("./utils.js");
 const DST = new TextEncoder().encode("SUI-SEAL-IBE-BLS12381-00");
-const DST_POP = new TextEncoder().encode("SUI-SEAL-IBE-BLS12381-00-POP");
+const DST_POP = new TextEncoder().encode("SUI-SEAL-IBE-BLS12381-POP-00");
 class IBEServers {
-  constructor(object_ids) {
-    this.object_ids = object_ids;
-  }
-  /**
-   * The object IDs of the key servers.
-   */
-  getObjectIds() {
-    return this.object_ids;
+  constructor(objectIds) {
+    this.objectIds = objectIds;
   }
   /**
    * The number of key servers.
    */
   size() {
-    return this.object_ids.length;
+    return this.objectIds.length;
   }
 }
 class BonehFranklinBLS12381Services extends IBEServers {
   constructor(services) {
     super(services.map((service) => service.objectId));
-    this.public_keys = services.map((service) => import_bls12381.G2Element.fromBytes(service.pk));
+    this.publicKeys = services.map((service) => import_bls12381.G2Element.fromBytes(service.pk));
   }
-  encryptBatched(id, msg_and_infos) {
-    if (this.public_keys.length === 0 || this.public_keys.length !== msg_and_infos.length) {
-      throw new Error("Invalid input");
+  encryptBatched(id, msgAndInfos, randomnessKey) {
+    if (this.publicKeys.length === 0 || this.publicKeys.length !== msgAndInfos.length) {
+      throw new Error("Invalid public keys");
     }
-    const [nonce, keys] = encapBatched(this.public_keys, id);
-    const encrypted_msgs = msg_and_infos.map(
-      (msg_and_info, i) => (0, import_utils.xor)(msg_and_info.msg, (0, import_kdf.kdf)(keys[i], msg_and_info.info))
+    const [r, nonce, keys] = encapBatched(this.publicKeys, id);
+    const encryptedShares = msgAndInfos.map(
+      (msgAndInfo, i) => (0, import_utils.xor)(msgAndInfo.msg, (0, import_kdf.kdf)(keys[i], msgAndInfo.info))
     );
+    const encryptedRandomness = (0, import_utils.xor)(randomnessKey, r.toBytes());
     return {
       BonehFranklinBLS12381: {
-        encapsulation: nonce.toBytes(),
-        shares: encrypted_msgs
+        nonce: nonce.toBytes(),
+        encryptedShares,
+        encryptedRandomness
       },
       $kind: "BonehFranklinBLS12381"
     };
@@ -74,9 +71,9 @@ class BonehFranklinBLS12381Services extends IBEServers {
    * @param public_key - The public key.
    * @returns True if the user secret key is valid for the given public key and id.
    */
-  static verifyUserSecretKey(user_secret_key, id, public_key) {
-    const lhs = user_secret_key.pairing(import_bls12381.G2Element.generator()).toBytes();
-    const rhs = import_bls12381.G1Element.hashToCurve(id).pairing(public_key).toBytes();
+  static verifyUserSecretKey(userSecretKey, id, publicKey) {
+    const lhs = userSecretKey.pairing(import_bls12381.G2Element.generator()).toBytes();
+    const rhs = import_bls12381.G1Element.hashToCurve((0, import_bcs.fromHex)(id)).pairing(publicKey).toBytes();
     return lhs.length === rhs.length && lhs.every((value, index) => value === rhs[index]);
   }
   /**
@@ -92,14 +89,14 @@ class BonehFranklinBLS12381Services extends IBEServers {
     return (0, import_utils.xor)(ciphertext, (0, import_kdf.kdf)(decap(nonce, sk), info));
   }
 }
-function encapBatched(public_keys, id) {
-  if (public_keys.length === 0) {
-    throw new Error("Invalid input");
+function encapBatched(publicKeys, id) {
+  if (publicKeys.length === 0) {
+    throw new Error("No public keys provided");
   }
   const r = import_bls12381.Scalar.random();
   const nonce = import_bls12381.G2Element.generator().multiply(r);
   const gid = import_bls12381.G1Element.hashToCurve(id).multiply(r);
-  return [nonce, public_keys.map((public_key) => gid.pairing(public_key))];
+  return [r, nonce, publicKeys.map((public_key) => gid.pairing(public_key))];
 }
 function decap(nonce, usk) {
   return usk.pairing(nonce);

package/dist/cjs/ibe.js.map

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../../src/ibe.ts"],
-  "sourcesContent": ["// Copyright (c) Mysten Labs, Inc.\n// SPDX-License-Identifier: Apache-2.0\n\nimport type { GTElement } from './bls12381.js';\nimport { G1Element, G2Element, Scalar } from './bls12381.js';\nimport { kdf } from './kdf.js';\nimport type { KeyServer } from './key-server.js';\nimport type { IBEEncryptionsType } from './types.js';\nimport { xor } from './utils.js';\n\n/**\n * The domain separation tag for the hash-to-group function.\n */\nexport const DST: Uint8Array = new TextEncoder().encode('SUI-SEAL-IBE-BLS12381-00');\n\n/**\n * The domain separation tag for the signing proof of possession.\n */\nexport const DST_POP: Uint8Array = new TextEncoder().encode('SUI-SEAL-IBE-BLS12381-00-POP');\n\n/**\n * The interface for the key servers.\n */\nexport abstract class IBEServers {\n\tprotected readonly object_ids: Uint8Array[];\n\n\tprotected constructor(object_ids: Uint8Array[]) {\n\t\tthis.object_ids = object_ids;\n\t}\n\n\t/**\n\t * The object IDs of the key servers.\n\t */\n\tgetObjectIds(): Uint8Array[] {\n\t\treturn this.object_ids;\n\t}\n\n\t/**\n\t * The number of key servers.\n\t */\n\tsize(): number {\n\t\treturn this.object_ids.length;\n\t}\n\n\t/**\n\t * Encrypt a batch of messages for the given identity.\n\t *\n\t * @param id The identity.\n\t * @param msg_and_infos The messages and an additional info parameter which will be included in the KDF.\n\t * @returns The encrypted messages.\n\t */\n\tabstract encryptBatched(\n\t\tid: Uint8Array,\n\t\tmsg_and_infos: { msg: Uint8Array; info: Uint8Array }[],\n\t): IBEEncryptionsType;\n}\n\n/**\n * Identity-based encryption based on the Boneh-Franklin IBE scheme.\n * This object represents a set of key servers that can be used to encrypt messages for a given identity.\n */\nexport class BonehFranklinBLS12381Services extends IBEServers {\n\treadonly public_keys: G2Element[];\n\n\tconstructor(services: KeyServer[]) {\n\t\tsuper(services.map((service) => service.objectId));\n\t\tthis.public_keys = services.map((service) => G2Element.fromBytes(service.pk));\n\t}\n\n\tencryptBatched(\n\t\tid: Uint8Array,\n\t\tmsg_and_infos: { msg: Uint8Array; info: Uint8Array }[],\n\t): IBEEncryptionsType {\n\t\tif (this.public_keys.length === 0 || this.public_keys.length !== msg_and_infos.length) {\n\t\t\tthrow new Error('Invalid input');\n\t\t}\n\t\tconst [nonce, keys] = encapBatched(this.public_keys, id);\n\t\tconst encrypted_msgs = msg_and_infos.map((msg_and_info, i) =>\n\t\t\txor(msg_and_info.msg, kdf(keys[i], msg_and_info.info)),\n\t\t);\n\n\t\treturn {\n\t\t\tBonehFranklinBLS12381: {\n\t\t\t\tencapsulation: nonce.toBytes(),\n\t\t\t\tshares: encrypted_msgs,\n\t\t\t},\n\t\t\t$kind: 'BonehFranklinBLS12381',\n\t\t};\n\t}\n\n\t/**\n\t * Returns true if the user secret key is valid for the given public key and id.\n\t * @param user_secret_key - The user secret key.\n\t * @param id - The identity.\n\t * @param public_key - The public key.\n\t * @returns True if the user secret key is valid for the given public key and id.\n\t */\n\tstatic verifyUserSecretKey(\n\t\tuser_secret_key: G1Element,\n\t\tid: Uint8Array,\n\t\tpublic_key: G2Element,\n\t): boolean {\n\t\tconst lhs = user_secret_key.pairing(G2Element.generator()).toBytes();\n\t\tconst rhs = G1Element.hashToCurve(id).pairing(public_key).toBytes();\n\t\treturn lhs.length === rhs.length && lhs.every((value, index) => value === rhs[index]);\n\t}\n\n\t/**\n\t * Identity-based decryption.\n\t *\n\t * @param nonce The encryption nonce.\n\t * @param sk The user secret key.\n\t * @param ciphertext The encrypted message.\n\t * @param info An info parameter also included in the KDF.\n\t * @returns The decrypted message.\n\t */\n\tstatic decrypt(\n\t\tnonce: G2Element,\n\t\tsk: G1Element,\n\t\tciphertext: Uint8Array,\n\t\tinfo: Uint8Array,\n\t): Uint8Array {\n\t\treturn xor(ciphertext, kdf(decap(nonce, sk), info));\n\t}\n}\n\n/**\n * Batched identity-based key-encapsulation mechanism: encapsulate multiple keys for given identity using different key servers.\n *\n * @param public_keys Public keys for a set of key servers.\n * @param id The identity used to encapsulate the keys.\n * @returns A common nonce of the keys and a list of keys, 32 bytes each.\n */\nfunction encapBatched(public_keys: G2Element[], id: Uint8Array): [G2Element, GTElement[]] {\n\tif (public_keys.length === 0) {\n\t\tthrow new Error('Invalid input');\n\t}\n\tconst r = Scalar.random();\n\tconst nonce = G2Element.generator().multiply(r);\n\tconst gid = G1Element.hashToCurve(id).multiply(r);\n\treturn [nonce, public_keys.map((public_key) => gid.pairing(public_key))];\n}\n\n/**\n * Decapsulate a key using a user secret key and the nonce.\n *\n * @param usk The user secret key.\n * @param nonce The nonce.\n * @returns The encapsulated key.\n */\nfunction decap(nonce: G2Element, usk: G1Element): GTElement {\n\treturn usk.pairing(nonce);\n}\n"],
-  "mappings": ";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAIA,sBAA6C;AAC7C,iBAAoB;AAGpB,mBAAoB;AAKb,MAAM,MAAkB,IAAI,YAAY,EAAE,OAAO,0BAA0B;AAK3E,MAAM,UAAsB,IAAI,YAAY,EAAE,OAAO,8BAA8B;AAKnF,MAAe,WAAW;AAAA,EAGtB,YAAY,YAA0B;AAC/C,SAAK,aAAa;AAAA,EACnB;AAAA;AAAA;AAAA;AAAA,EAKA,eAA6B;AAC5B,WAAO,KAAK;AAAA,EACb;AAAA;AAAA;AAAA;AAAA,EAKA,OAAe;AACd,WAAO,KAAK,WAAW;AAAA,EACxB;AAaD;AAMO,MAAM,sCAAsC,WAAW;AAAA,EAG7D,YAAY,UAAuB;AAClC,UAAM,SAAS,IAAI,CAAC,YAAY,QAAQ,QAAQ,CAAC;AACjD,SAAK,cAAc,SAAS,IAAI,CAAC,YAAY,0BAAU,UAAU,QAAQ,EAAE,CAAC;AAAA,EAC7E;AAAA,EAEA,eACC,IACA,eACqB;AACrB,QAAI,KAAK,YAAY,WAAW,KAAK,KAAK,YAAY,WAAW,cAAc,QAAQ;AACtF,YAAM,IAAI,MAAM,eAAe;AAAA,IAChC;AACA,UAAM,CAAC,OAAO,IAAI,IAAI,aAAa,KAAK,aAAa,EAAE;AACvD,UAAM,iBAAiB,cAAc;AAAA,MAAI,CAAC,cAAc,UACvD,kBAAI,aAAa,SAAK,gBAAI,KAAK,CAAC,GAAG,aAAa,IAAI,CAAC;AAAA,IACtD;AAEA,WAAO;AAAA,MACN,uBAAuB;AAAA,QACtB,eAAe,MAAM,QAAQ;AAAA,QAC7B,QAAQ;AAAA,MACT;AAAA,MACA,OAAO;AAAA,IACR;AAAA,EACD;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASA,OAAO,oBACN,iBACA,IACA,YACU;AACV,UAAM,MAAM,gBAAgB,QAAQ,0BAAU,UAAU,CAAC,EAAE,QAAQ;AACnE,UAAM,MAAM,0BAAU,YAAY,EAAE,EAAE,QAAQ,UAAU,EAAE,QAAQ;AAClE,WAAO,IAAI,WAAW,IAAI,UAAU,IAAI,MAAM,CAAC,OAAO,UAAU,UAAU,IAAI,KAAK,CAAC;AAAA,EACrF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAWA,OAAO,QACN,OACA,IACA,YACA,MACa;AACb,eAAO,kBAAI,gBAAY,gBAAI,MAAM,OAAO,EAAE,GAAG,IAAI,CAAC;AAAA,EACnD;AACD;AASA,SAAS,aAAa,aAA0B,IAA0C;AACzF,MAAI,YAAY,WAAW,GAAG;AAC7B,UAAM,IAAI,MAAM,eAAe;AAAA,EAChC;AACA,QAAM,IAAI,uBAAO,OAAO;AACxB,QAAM,QAAQ,0BAAU,UAAU,EAAE,SAAS,CAAC;AAC9C,QAAM,MAAM,0BAAU,YAAY,EAAE,EAAE,SAAS,CAAC;AAChD,SAAO,CAAC,OAAO,YAAY,IAAI,CAAC,eAAe,IAAI,QAAQ,UAAU,CAAC,CAAC;AACxE;AASA,SAAS,MAAM,OAAkB,KAA2B;AAC3D,SAAO,IAAI,QAAQ,KAAK;AACzB;",
+  "sourcesContent": ["// Copyright (c) Mysten Labs, Inc.\n// SPDX-License-Identifier: Apache-2.0\n\nimport { fromHex } from '@mysten/bcs';\n\nimport type { IBEEncryptions } from './bcs.js';\nimport type { GTElement } from './bls12381.js';\nimport { G1Element, G2Element, Scalar } from './bls12381.js';\nimport { kdf } from './kdf.js';\nimport type { KeyServer } from './key-server.js';\nimport { xor } from './utils.js';\n\n/**\n * The domain separation tag for the hash-to-group function.\n */\nexport const DST: Uint8Array = new TextEncoder().encode('SUI-SEAL-IBE-BLS12381-00');\n\n/**\n * The domain separation tag for the signing proof of possession.\n */\nexport const DST_POP: Uint8Array = new TextEncoder().encode('SUI-SEAL-IBE-BLS12381-POP-00');\n\n/**\n * The interface for the key servers.\n */\nexport abstract class IBEServers {\n\tobjectIds: string[];\n\n\tconstructor(objectIds: string[]) {\n\t\tthis.objectIds = objectIds;\n\t}\n\n\t/**\n\t * The number of key servers.\n\t */\n\tsize(): number {\n\t\treturn this.objectIds.length;\n\t}\n\n\t/**\n\t * Encrypt a batch of messages for the given identity.\n\t *\n\t * @param id The identity.\n\t * @param msgAndInfos The messages and an additional info parameter which will be included in the KDF.\n\t * @returns The encrypted messages.\n\t */\n\tabstract encryptBatched(\n\t\tid: Uint8Array,\n\t\tmsgAndInfos: { msg: Uint8Array; info: Uint8Array }[],\n\t\trandomnessKey: Uint8Array,\n\t): typeof IBEEncryptions.$inferType;\n}\n\n/**\n * Identity-based encryption based on the Boneh-Franklin IBE scheme.\n * This object represents a set of key servers that can be used to encrypt messages for a given identity.\n */\nexport class BonehFranklinBLS12381Services extends IBEServers {\n\treadonly publicKeys: G2Element[];\n\n\tconstructor(services: KeyServer[]) {\n\t\tsuper(services.map((service) => service.objectId));\n\t\tthis.publicKeys = services.map((service) => G2Element.fromBytes(service.pk));\n\t}\n\n\tencryptBatched(\n\t\tid: Uint8Array,\n\t\tmsgAndInfos: { msg: Uint8Array; info: Uint8Array }[],\n\t\trandomnessKey: Uint8Array,\n\t): typeof IBEEncryptions.$inferType {\n\t\tif (this.publicKeys.length === 0 || this.publicKeys.length !== msgAndInfos.length) {\n\t\t\tthrow new Error('Invalid public keys');\n\t\t}\n\t\tconst [r, nonce, keys] = encapBatched(this.publicKeys, id);\n\t\tconst encryptedShares = msgAndInfos.map((msgAndInfo, i) =>\n\t\t\txor(msgAndInfo.msg, kdf(keys[i], msgAndInfo.info)),\n\t\t);\n\t\tconst encryptedRandomness = xor(randomnessKey, r.toBytes());\n\n\t\treturn {\n\t\t\tBonehFranklinBLS12381: {\n\t\t\t\tnonce: nonce.toBytes(),\n\t\t\t\tencryptedShares,\n\t\t\t\tencryptedRandomness,\n\t\t\t},\n\t\t\t$kind: 'BonehFranklinBLS12381',\n\t\t};\n\t}\n\n\t/**\n\t * Returns true if the user secret key is valid for the given public key and id.\n\t * @param user_secret_key - The user secret key.\n\t * @param id - The identity.\n\t * @param public_key - The public key.\n\t * @returns True if the user secret key is valid for the given public key and id.\n\t */\n\tstatic verifyUserSecretKey(userSecretKey: G1Element, id: string, publicKey: G2Element): boolean {\n\t\tconst lhs = userSecretKey.pairing(G2Element.generator()).toBytes();\n\t\tconst rhs = G1Element.hashToCurve(fromHex(id)).pairing(publicKey).toBytes();\n\t\treturn lhs.length === rhs.length && lhs.every((value, index) => value === rhs[index]);\n\t}\n\n\t/**\n\t * Identity-based decryption.\n\t *\n\t * @param nonce The encryption nonce.\n\t * @param sk The user secret key.\n\t * @param ciphertext The encrypted message.\n\t * @param info An info parameter also included in the KDF.\n\t * @returns The decrypted message.\n\t */\n\tstatic decrypt(\n\t\tnonce: G2Element,\n\t\tsk: G1Element,\n\t\tciphertext: Uint8Array,\n\t\tinfo: Uint8Array,\n\t): Uint8Array {\n\t\treturn xor(ciphertext, kdf(decap(nonce, sk), info));\n\t}\n}\n\n/**\n * Batched identity-based key-encapsulation mechanism: encapsulate multiple keys for given identity using different key servers.\n *\n * @param publicKeys Public keys for a set of key servers.\n * @param id The identity used to encapsulate the keys.\n * @returns A common nonce of the keys and a list of keys, 32 bytes each.\n */\nfunction encapBatched(publicKeys: G2Element[], id: Uint8Array): [Scalar, G2Element, GTElement[]] {\n\tif (publicKeys.length === 0) {\n\t\tthrow new Error('No public keys provided');\n\t}\n\tconst r = Scalar.random();\n\tconst nonce = G2Element.generator().multiply(r);\n\tconst gid = G1Element.hashToCurve(id).multiply(r);\n\treturn [r, nonce, publicKeys.map((public_key) => gid.pairing(public_key))];\n}\n\n/**\n * Decapsulate a key using a user secret key and the nonce.\n *\n * @param usk The user secret key.\n * @param nonce The nonce.\n * @returns The encapsulated key.\n */\nfunction decap(nonce: G2Element, usk: G1Element): GTElement {\n\treturn usk.pairing(nonce);\n}\n"],
+  "mappings": ";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAGA,iBAAwB;AAIxB,sBAA6C;AAC7C,iBAAoB;AAEpB,mBAAoB;AAKb,MAAM,MAAkB,IAAI,YAAY,EAAE,OAAO,0BAA0B;AAK3E,MAAM,UAAsB,IAAI,YAAY,EAAE,OAAO,8BAA8B;AAKnF,MAAe,WAAW;AAAA,EAGhC,YAAY,WAAqB;AAChC,SAAK,YAAY;AAAA,EAClB;AAAA;AAAA;AAAA;AAAA,EAKA,OAAe;AACd,WAAO,KAAK,UAAU;AAAA,EACvB;AAcD;AAMO,MAAM,sCAAsC,WAAW;AAAA,EAG7D,YAAY,UAAuB;AAClC,UAAM,SAAS,IAAI,CAAC,YAAY,QAAQ,QAAQ,CAAC;AACjD,SAAK,aAAa,SAAS,IAAI,CAAC,YAAY,0BAAU,UAAU,QAAQ,EAAE,CAAC;AAAA,EAC5E;AAAA,EAEA,eACC,IACA,aACA,eACmC;AACnC,QAAI,KAAK,WAAW,WAAW,KAAK,KAAK,WAAW,WAAW,YAAY,QAAQ;AAClF,YAAM,IAAI,MAAM,qBAAqB;AAAA,IACtC;AACA,UAAM,CAAC,GAAG,OAAO,IAAI,IAAI,aAAa,KAAK,YAAY,EAAE;AACzD,UAAM,kBAAkB,YAAY;AAAA,MAAI,CAAC,YAAY,UACpD,kBAAI,WAAW,SAAK,gBAAI,KAAK,CAAC,GAAG,WAAW,IAAI,CAAC;AAAA,IAClD;AACA,UAAM,0BAAsB,kBAAI,eAAe,EAAE,QAAQ,CAAC;AAE1D,WAAO;AAAA,MACN,uBAAuB;AAAA,QACtB,OAAO,MAAM,QAAQ;AAAA,QACrB;AAAA,QACA;AAAA,MACD;AAAA,MACA,OAAO;AAAA,IACR;AAAA,EACD;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASA,OAAO,oBAAoB,eAA0B,IAAY,WAA+B;AAC/F,UAAM,MAAM,cAAc,QAAQ,0BAAU,UAAU,CAAC,EAAE,QAAQ;AACjE,UAAM,MAAM,0BAAU,gBAAY,oBAAQ,EAAE,CAAC,EAAE,QAAQ,SAAS,EAAE,QAAQ;AAC1E,WAAO,IAAI,WAAW,IAAI,UAAU,IAAI,MAAM,CAAC,OAAO,UAAU,UAAU,IAAI,KAAK,CAAC;AAAA,EACrF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAWA,OAAO,QACN,OACA,IACA,YACA,MACa;AACb,eAAO,kBAAI,gBAAY,gBAAI,MAAM,OAAO,EAAE,GAAG,IAAI,CAAC;AAAA,EACnD;AACD;AASA,SAAS,aAAa,YAAyB,IAAkD;AAChG,MAAI,WAAW,WAAW,GAAG;AAC5B,UAAM,IAAI,MAAM,yBAAyB;AAAA,EAC1C;AACA,QAAM,IAAI,uBAAO,OAAO;AACxB,QAAM,QAAQ,0BAAU,UAAU,EAAE,SAAS,CAAC;AAC9C,QAAM,MAAM,0BAAU,YAAY,EAAE,EAAE,SAAS,CAAC;AAChD,SAAO,CAAC,GAAG,OAAO,WAAW,IAAI,CAAC,eAAe,IAAI,QAAQ,UAAU,CAAC,CAAC;AAC1E;AASA,SAAS,MAAM,OAAkB,KAA2B;AAC3D,SAAO,IAAI,QAAQ,KAAK;AACzB;",
   "names": []
 }

package/dist/cjs/index.d.ts

@@ -1,6 +1,3 @@
-export { AesGcm256 } from './aes.js';
-export { encrypt } from './encrypt.js';
-export { getAllowlistedKeyServers, retrieveKeyServers, verifyKeyServer, type KeyServer, } from './key-server.js';
-export { KeyStore } from './key-store.js';
+export { getAllowlistedKeyServers } from './key-server.js';
+export { SealClient, type SealClientOptions } from './client.js';
 export { SessionKey } from './session-key.js';
-export { EncryptedObject } from './types.js';

package/dist/cjs/index.js

@@ -18,20 +18,12 @@ var __copyProps = (to, from, except, desc) => {
 var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
 var index_exports = {};
 __export(index_exports, {
-  AesGcm256: () => import_aes.AesGcm256,
-  EncryptedObject: () => import_types.EncryptedObject,
-  KeyStore: () => import_key_store.KeyStore,
+  SealClient: () => import_client.SealClient,
   SessionKey: () => import_session_key.SessionKey,
-  encrypt: () => import_encrypt.encrypt,
-  getAllowlistedKeyServers: () => import_key_server.getAllowlistedKeyServers,
-  retrieveKeyServers: () => import_key_server.retrieveKeyServers,
-  verifyKeyServer: () => import_key_server.verifyKeyServer
+  getAllowlistedKeyServers: () => import_key_server.getAllowlistedKeyServers
 });
 module.exports = __toCommonJS(index_exports);
-var import_aes = require("./aes.js");
-var import_encrypt = require("./encrypt.js");
 var import_key_server = require("./key-server.js");
-var import_key_store = require("./key-store.js");
+var import_client = require("./client.js");
 var import_session_key = require("./session-key.js");
-var import_types = require("./types.js");
 //# sourceMappingURL=index.js.map

package/dist/cjs/index.js.map

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../../src/index.ts"],
-  "sourcesContent": ["// Copyright (c) Mysten Labs, Inc.\n// SPDX-License-Identifier: Apache-2.0\n\nexport { AesGcm256 } from './aes.js';\nexport { encrypt } from './encrypt.js';\nexport {\n\tgetAllowlistedKeyServers,\n\tretrieveKeyServers,\n\tverifyKeyServer,\n\ttype KeyServer,\n} from './key-server.js';\nexport { KeyStore } from './key-store.js';\nexport { SessionKey } from './session-key.js';\nexport { EncryptedObject } from './types.js';\n"],
-  "mappings": ";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAGA,iBAA0B;AAC1B,qBAAwB;AACxB,wBAKO;AACP,uBAAyB;AACzB,yBAA2B;AAC3B,mBAAgC;",
+  "sourcesContent": ["// Copyright (c) Mysten Labs, Inc.\n// SPDX-License-Identifier: Apache-2.0\n\nexport { getAllowlistedKeyServers } from './key-server.js';\nexport { SealClient, type SealClientOptions } from './client.js';\nexport { SessionKey } from './session-key.js';\n"],
+  "mappings": ";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAGA,wBAAyC;AACzC,oBAAmD;AACnD,yBAA2B;",
   "names": []
 }

package/dist/cjs/kdf.d.ts

@@ -7,3 +7,8 @@ import type { GTElement } from './bls12381.js';
  * @returns The derived key.
  */
 export declare function kdf(element: GTElement, info: Uint8Array): Uint8Array;
+export declare enum KeyPurpose {
+    EncryptedRandomness = 0,
+    DEM = 1
+}
+export declare function deriveKey(purpose: KeyPurpose, baseKey: Uint8Array): Uint8Array;

package/dist/cjs/kdf.js

@@ -18,12 +18,39 @@ var __copyProps = (to, from, except, desc) => {
 var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
 var kdf_exports = {};
 __export(kdf_exports, {
+  KeyPurpose: () => KeyPurpose,
+  deriveKey: () => deriveKey,
   kdf: () => kdf
 });
 module.exports = __toCommonJS(kdf_exports);
 var import_hkdf = require("@noble/hashes/hkdf");
+var import_hmac = require("@noble/hashes/hmac");
 var import_sha3 = require("@noble/hashes/sha3");
 function kdf(element, info) {
-  return (0, import_hkdf.hkdf)(import_sha3.sha3_256, element.toBytes(), "", info, 32);
+  const GT_ELEMENT_BYTE_LENGTH = 576;
+  const PERMUTATION = [0, 2, 4, 1, 3, 5];
+  const COEFFICIENT_SIZE = GT_ELEMENT_BYTE_LENGTH / PERMUTATION.length;
+  const bytes = element.toBytes();
+  let permutedBytes = new Uint8Array(GT_ELEMENT_BYTE_LENGTH);
+  PERMUTATION.forEach((pi, i) => {
+    permutedBytes.set(
+      bytes.slice(i * COEFFICIENT_SIZE, (i + 1) * COEFFICIENT_SIZE),
+      pi * COEFFICIENT_SIZE
+    );
+  });
+  return (0, import_hkdf.hkdf)(import_sha3.sha3_256, permutedBytes, "", info, 32);
+}
+var KeyPurpose = /* @__PURE__ */ ((KeyPurpose2) => {
+  KeyPurpose2[KeyPurpose2["EncryptedRandomness"] = 0] = "EncryptedRandomness";
+  KeyPurpose2[KeyPurpose2["DEM"] = 1] = "DEM";
+  return KeyPurpose2;
+})(KeyPurpose || {});
+function deriveKey(purpose, baseKey) {
+  switch (purpose) {
+    case 0 /* EncryptedRandomness */:
+      return (0, import_hmac.hmac)(import_sha3.sha3_256, baseKey, new Uint8Array([0]));
+    case 1 /* DEM */:
+      return (0, import_hmac.hmac)(import_sha3.sha3_256, baseKey, new Uint8Array([1]));
+  }
 }
 //# sourceMappingURL=kdf.js.map

package/dist/cjs/kdf.js.map

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../../src/kdf.ts"],
-  "sourcesContent": ["// Copyright (c) Mysten Labs, Inc.\n// SPDX-License-Identifier: Apache-2.0\n\nimport { hkdf } from '@noble/hashes/hkdf';\nimport { sha3_256 } from '@noble/hashes/sha3';\n\nimport type { GTElement } from './bls12381.js';\n\n/**\n * The default key derivation function.\n *\n * @param element The GTElement to derive the key from.\n * @param info Optional context and application specific information.\n * @returns The derived key.\n */\nexport function kdf(element: GTElement, info: Uint8Array): Uint8Array {\n\treturn hkdf(sha3_256, element.toBytes(), '', info, 32);\n}\n"],
-  "mappings": ";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAGA,kBAAqB;AACrB,kBAAyB;AAWlB,SAAS,IAAI,SAAoB,MAA8B;AACrE,aAAO,kBAAK,sBAAU,QAAQ,QAAQ,GAAG,IAAI,MAAM,EAAE;AACtD;",
-  "names": []
+  "sourcesContent": ["// Copyright (c) Mysten Labs, Inc.\n// SPDX-License-Identifier: Apache-2.0\n\nimport { hkdf } from '@noble/hashes/hkdf';\nimport { hmac } from '@noble/hashes/hmac';\nimport { sha3_256 } from '@noble/hashes/sha3';\n\nimport type { GTElement } from './bls12381.js';\n\n/**\n * The default key derivation function.\n *\n * @param element The GTElement to derive the key from.\n * @param info Optional context and application specific information.\n * @returns The derived key.\n */\nexport function kdf(element: GTElement, info: Uint8Array): Uint8Array {\n\t// This permutation flips the order of 6 pairs of coefficients of the GT element.\n\t// The permutation may be computed as:\n\t// for i in 0..3 {\n\t//   for j in 0..2 {\n\t//     PERMUTATION[i + j * 3] = i * 2 + j;\n\t//   }\n\t// }\n\tconst GT_ELEMENT_BYTE_LENGTH = 576;\n\tconst PERMUTATION = [0, 2, 4, 1, 3, 5];\n\tconst COEFFICIENT_SIZE = GT_ELEMENT_BYTE_LENGTH / PERMUTATION.length;\n\n\tconst bytes = element.toBytes();\n\tlet permutedBytes = new Uint8Array(GT_ELEMENT_BYTE_LENGTH);\n\tPERMUTATION.forEach((pi, i) => {\n\t\tpermutedBytes.set(\n\t\t\tbytes.slice(i * COEFFICIENT_SIZE, (i + 1) * COEFFICIENT_SIZE),\n\t\t\tpi * COEFFICIENT_SIZE,\n\t\t);\n\t});\n\treturn hkdf(sha3_256, permutedBytes, '', info, 32);\n}\n\nexport enum KeyPurpose {\n\tEncryptedRandomness,\n\tDEM,\n}\n\nexport function deriveKey(purpose: KeyPurpose, baseKey: Uint8Array): Uint8Array {\n\tswitch (purpose) {\n\t\tcase KeyPurpose.EncryptedRandomness:\n\t\t\treturn hmac(sha3_256, baseKey, new Uint8Array([0]));\n\t\tcase KeyPurpose.DEM:\n\t\t\treturn hmac(sha3_256, baseKey, new Uint8Array([1]));\n\t}\n}\n"],
+  "mappings": ";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAGA,kBAAqB;AACrB,kBAAqB;AACrB,kBAAyB;AAWlB,SAAS,IAAI,SAAoB,MAA8B;AAQrE,QAAM,yBAAyB;AAC/B,QAAM,cAAc,CAAC,GAAG,GAAG,GAAG,GAAG,GAAG,CAAC;AACrC,QAAM,mBAAmB,yBAAyB,YAAY;AAE9D,QAAM,QAAQ,QAAQ,QAAQ;AAC9B,MAAI,gBAAgB,IAAI,WAAW,sBAAsB;AACzD,cAAY,QAAQ,CAAC,IAAI,MAAM;AAC9B,kBAAc;AAAA,MACb,MAAM,MAAM,IAAI,mBAAmB,IAAI,KAAK,gBAAgB;AAAA,MAC5D,KAAK;AAAA,IACN;AAAA,EACD,CAAC;AACD,aAAO,kBAAK,sBAAU,eAAe,IAAI,MAAM,EAAE;AAClD;AAEO,IAAK,aAAL,kBAAKA,gBAAL;AACN,EAAAA,wBAAA;AACA,EAAAA,wBAAA;AAFW,SAAAA;AAAA,GAAA;AAKL,SAAS,UAAU,SAAqB,SAAiC;AAC/E,UAAQ,SAAS;AAAA,IAChB,KAAK;AACJ,iBAAO,kBAAK,sBAAU,SAAS,IAAI,WAAW,CAAC,CAAC,CAAC,CAAC;AAAA,IACnD,KAAK;AACJ,iBAAO,kBAAK,sBAAU,SAAS,IAAI,WAAW,CAAC,CAAC,CAAC,CAAC;AAAA,EACpD;AACD;",
+  "names": ["KeyPurpose"]
 }

package/dist/cjs/key-server.d.ts

@@ -1,6 +1,6 @@
 import type { SuiClient } from '@mysten/sui/client';
 export type KeyServer = {
-    objectId: Uint8Array;
+    objectId: string;
     name: string;
     url: string;
     keyType: KeyServerType;
@@ -14,7 +14,7 @@ export declare enum KeyServerType {
  * @param network - The network to use.
  * @returns The object id's of the key servers.
  */
-export declare function getAllowlistedKeyServers(network: 'testnet' | 'mainnet'): Uint8Array[];
+export declare function getAllowlistedKeyServers(network: 'testnet' | 'mainnet'): string[];
 /**
  * Given a list of key server object IDs, returns a list of SealKeyServer
  * from onchain state containing name, objectId, URL and pk.
@@ -24,15 +24,15 @@ export declare function getAllowlistedKeyServers(network: 'testnet' | 'mainnet')
  * @returns - An array of SealKeyServer.
  */
 export declare function retrieveKeyServers({ objectIds, client, }: {
-    objectIds: Uint8Array[];
+    objectIds: string[];
     client: SuiClient;
 }): Promise<KeyServer[]>;
 /**
- * Given a KeyServer, fetch the proof of possesion (PoP) from the URL and verify it
+ * Given a KeyServer, fetch the proof of possession (PoP) from the URL and verify it
  * against the pubkey. This should be used only rarely when the dapp uses a dynamic
  * set of key servers.
  *
  * @param server - The KeyServer to verify.
  * @returns - True if the key server is valid, false otherwise.
  */
-export declare function verifyKeyServer(server: KeyServer): Promise<boolean>;
+export declare function verifyKeyServer(server: KeyServer, timeout: number): Promise<boolean>;

package/dist/cjs/key-server.js

@@ -25,28 +25,23 @@ __export(key_server_exports, {
 });
 module.exports = __toCommonJS(key_server_exports);
 var import_bcs = require("@mysten/bcs");
-var import_bcs2 = require("@mysten/sui/bcs");
 var import_bls12_381 = require("@noble/curves/bls12-381");
+var import_bcs2 = require("./bcs.js");
+var import_error = require("./error.js");
 var import_ibe = require("./ibe.js");
+var import_version = require("./version.js");
 var KeyServerType = /* @__PURE__ */ ((KeyServerType2) => {
   KeyServerType2[KeyServerType2["BonehFranklinBLS12381"] = 0] = "BonehFranklinBLS12381";
   return KeyServerType2;
 })(KeyServerType || {});
-const KeyServerMove = import_bcs2.bcs.struct("KeyServer", {
-  id: import_bcs2.bcs.Address,
-  name: import_bcs2.bcs.string(),
-  url: import_bcs2.bcs.string(),
-  key_type: import_bcs2.bcs.u8(),
-  pk: import_bcs2.bcs.vector(import_bcs2.bcs.u8())
-});
 function getAllowlistedKeyServers(network) {
   if (network === "testnet") {
     return [
-      (0, import_bcs.fromHex)("0xb35a7228d8cf224ad1e828c0217c95a5153bafc2906d6f9c178197dce26fbcf8"),
-      (0, import_bcs.fromHex)("0x2d6cde8a9d9a65bde3b0a346566945a63b4bfb70e9a06c41bdb70807e2502b06")
+      "0xb35a7228d8cf224ad1e828c0217c95a5153bafc2906d6f9c178197dce26fbcf8",
+      "0x2d6cde8a9d9a65bde3b0a346566945a63b4bfb70e9a06c41bdb70807e2502b06"
     ];
   } else {
-    throw new Error("Network not supported");
+    throw new import_error.UnsupportedNetworkError(`Unsupported network ${network}`);
   }
 }
 async function retrieveKeyServers({
@@ -56,20 +51,22 @@ async function retrieveKeyServers({
   return await Promise.all(
     objectIds.map(async (objectId) => {
       const res = await client.getObject({
-        id: (0, import_bcs.toHex)(objectId),
+        id: objectId,
         options: {
           showBcs: true
         }
       });
       if (!res || res.error || !res.data) {
-        throw new Error(`KeyServer ${objectId} not found; ${res.error}`);
+        throw new import_error.InvalidGetObjectError(`KeyServer ${objectId} not found; ${res.error}`);
       }
       if (!res.data.bcs || !("bcsBytes" in res.data.bcs)) {
-        throw new Error(`Invalid KeyServer query: ${objectId}, expected object, got package`);
+        throw new import_error.InvalidGetObjectError(
+          `Invalid KeyServer query: ${objectId}, expected object, got package`
+        );
       }
-      let ks = KeyServerMove.parse((0, import_bcs.fromBase64)(res.data.bcs.bcsBytes));
-      if (ks.key_type !== 0) {
-        throw new Error("Unsupported key type");
+      let ks = import_bcs2.KeyServerMove.parse((0, import_bcs.fromBase64)(res.data.bcs.bcsBytes));
+      if (ks.keyType !== 0) {
+        throw new import_error.UnsupportedFeatureError(`Unsupported key type ${ks.keyType}`);
       }
       return {
         objectId,
@@ -81,18 +78,24 @@ async function retrieveKeyServers({
     })
   );
 }
-async function verifyKeyServer(server) {
+async function verifyKeyServer(server, timeout) {
+  const requestId = crypto.randomUUID();
   const response = await fetch(server.url + "/v1/service", {
     method: "GET",
     headers: {
-      "Content-Type": "application/json"
-    }
+      "Content-Type": "application/json",
+      "Request-Id": requestId,
+      "Client-Sdk-Type": "typescript",
+      "Client-Sdk-Version": import_version.PACKAGE_VERSION
+    },
+    signal: AbortSignal.timeout(timeout)
   });
+  await import_error.SealAPIError.assertResponse(response, requestId);
   const serviceResponse = await response.json();
   if (serviceResponse.service_id !== server.objectId) {
     return false;
   }
-  const fullMsg = new Uint8Array([...import_ibe.DST_POP, ...server.pk, ...server.objectId]);
+  const fullMsg = new Uint8Array([...import_ibe.DST_POP, ...server.pk, ...(0, import_bcs.fromHex)(server.objectId)]);
   return import_bls12_381.bls12_381.verifyShortSignature((0, import_bcs.fromBase64)(serviceResponse.pop), fullMsg, server.pk);
 }
 //# sourceMappingURL=key-server.js.map