@mysten/sui 2.6.0 → 2.7.0

package/src/graphql/generated/schema.graphql

@@ -567,6 +567,27 @@ input CheckpointFilter {
 	beforeCheckpoint: UInt53
 }
 
+"""
+A G1 elliptic curve point with 3 base10-encoded Bn254 field elements.
+"""
+type CircomG1 {
+	e0: String
+	e1: String
+	e2: String
+}
+
+"""
+A G2 elliptic curve point with 6 base10-encoded Bn254 field elements.
+"""
+type CircomG2 {
+	e00: String
+	e01: String
+	e10: String
+	e11: String
+	e20: String
+	e21: String
+}
+
 """
 System transaction for creating the coin deny list state.
 """
@@ -1140,6 +1161,30 @@ The value of a dynamic field (`MoveValue`) or dynamic object field (`MoveObject`
 """
 union DynamicFieldValue = MoveObject | MoveValue
 
+"""
+An Ed25519 public key.
+"""
+type Ed25519PublicKey {
+	"""
+	The raw public key bytes.
+	"""
+	bytes: Base64
+}
+
+"""
+An Ed25519 signature.
+"""
+type Ed25519Signature {
+	"""
+	The public key bytes.
+	"""
+	publicKey: Base64
+	"""
+	The raw signature bytes.
+	"""
+	signature: Base64
+}
+
 """
 System transaction that supersedes `ChangeEpochTransaction` as the new way to run transactions at the end of an epoch. Behaves similarly to `ChangeEpochTransaction` but can accommodate other optional transactions to run at the end of the epoch.
 """
@@ -2655,6 +2700,12 @@ type MoveValue {
 	"""
 	asAddress: Address
 	"""
+	Attempts to treat this value as a `vector<T>` and paginate over its elements.
+	
+	Values of other types cannot be interpreted as vectors, and `null` is returned.
+	"""
+	asVector(first: Int, after: String, last: Int, before: String): MoveValueConnection
+	"""
 	The BCS representation of this value, Base64-encoded.
 	"""
 	bcs: Base64
@@ -2696,6 +2747,35 @@ type MoveValue {
 	type: MoveType
 }
 
+type MoveValueConnection {
+	"""
+	A list of edges.
+	"""
+	edges: [MoveValueEdge!]!
+	"""
+	A list of nodes.
+	"""
+	nodes: [MoveValue!]!
+	"""
+	Information to aid in pagination.
+	"""
+	pageInfo: PageInfo!
+}
+
+"""
+An edge in a connection.
+"""
+type MoveValueEdge {
+	"""
+	A cursor for use in pagination
+	"""
+	cursor: String!
+	"""
+	The item at the end of the edge
+	"""
+	node: MoveValue!
+}
+
 """
 The visibility modifier describes which modules can access this module member.
 
@@ -2716,6 +2796,59 @@ enum MoveVisibility {
 	FRIEND
 }
 
+"""
+The multisig committee definition.
+"""
+type MultisigCommittee {
+	"""
+	The committee members (public key + weight).
+	"""
+	members: [MultisigMember!]
+	"""
+	The threshold number of weight needed for a valid multisig.
+	"""
+	threshold: Int
+}
+
+"""
+A single member of a multisig committee.
+"""
+type MultisigMember {
+	"""
+	The member's public key.
+	"""
+	publicKey: MultisigMemberPublicKey
+	"""
+	The member's weight in the committee.
+	"""
+	weight: Int
+}
+
+"""
+A multisig member's public key, varying by scheme.
+"""
+union MultisigMemberPublicKey = Ed25519PublicKey | Secp256K1PublicKey | Secp256R1PublicKey | PasskeyPublicKey | ZkLoginPublicIdentifier
+
+"""
+An aggregated multisig signature.
+"""
+type MultisigSignature {
+	"""
+	A bitmap indicating which members of the committee signed.
+	"""
+	bitmap: Int
+	"""
+	The multisig committee (public keys + weights + threshold).
+	"""
+	committee: MultisigCommittee
+	"""
+	The individual member signatures, one per signer who participated.
+	Compressed signatures within a multisig do not include the signer's public key,
+	so `publicKey` will be `null` for simple signature schemes (Ed25519, Secp256k1, Secp256r1).
+	"""
+	signatures: [SignatureScheme!]
+}
+
 """
 A transaction that wanted to mutate a consensus-managed object but couldn't because it became not-consensus-managed before the transaction executed (for example, it was deleted, turned into an owned object, or wrapped).
 """
@@ -3209,6 +3342,31 @@ type PageInfo {
 	startCursor: String
 }
 
+"""
+A Passkey public key.
+"""
+type PasskeyPublicKey {
+	"""
+	The raw public key bytes.
+	"""
+	bytes: Base64
+}
+
+type PasskeySignature {
+	"""
+	The authenticator data returned by the passkey device.
+	"""
+	authenticatorData: Base64
+	"""
+	The client data JSON string passed to the authenticator.
+	"""
+	clientDataJson: String
+	"""
+	The inner user signature (secp256r1).
+	"""
+	signature: SignatureScheme
+}
+
 type PerEpochConfig {
 	"""
 	The per-epoch configuration object as of when the transaction was executed.
@@ -3523,16 +3681,16 @@ type Query {
 	"""
 	type(type: String!): MoveType
 	"""
-	Verify a zkLogin signature os from the given `author`.
+	Verify a zkLogin signature is from the given `author`.
 	
-	Returns a `ZkLoginVerifyResult` where `success` is `true` and `error` is empty if the signature is valid. If the signature is invalid, `success` is `false` and `error` contains the relevant error message.
+	Returns successfully if the signature is valid. If the signature is invalid, returns an error with the reason for the failure.
 	
 	- `bytes` are either the bytes of a serialized personal message, or `TransactionData`, Base64-encoded.
 	- `signature` is a serialized zkLogin signature, also Base64-encoded.
 	- `intentScope` indicates whether `bytes` are to be parsed as a personal message or `TransactionData`.
 	- `author` is the signer's address.
 	"""
-	verifyZkLoginSignature(bytes: Base64!, signature: Base64!, intentScope: ZkLoginIntentScope!, author: SuiAddress!): ZkLoginVerifyResult!
+	verifyZkLoginSignature(bytes: Base64!, signature: Base64!, intentScope: ZkLoginIntentScope!, author: SuiAddress!): ZkLoginVerifyResult
 }
 
 """
@@ -3602,6 +3760,54 @@ enum RegulatedState {
 	UNREGULATED
 }
 
+"""
+A Secp256k1 public key.
+"""
+type Secp256K1PublicKey {
+	"""
+	The raw public key bytes.
+	"""
+	bytes: Base64
+}
+
+"""
+A Secp256k1 signature.
+"""
+type Secp256K1Signature {
+	"""
+	The public key bytes.
+	"""
+	publicKey: Base64
+	"""
+	The raw signature bytes.
+	"""
+	signature: Base64
+}
+
+"""
+A Secp256r1 public key.
+"""
+type Secp256R1PublicKey {
+	"""
+	The raw public key bytes.
+	"""
+	bytes: Base64
+}
+
+"""
+A Secp256r1 signature.
+"""
+type Secp256R1Signature {
+	"""
+	The public key bytes.
+	"""
+	publicKey: Base64
+	"""
+	The raw signature bytes.
+	"""
+	signature: Base64
+}
+
 type ServiceConfig {
 	"""
 	Range of checkpoints for which data is available for a query type, field and optional filter. If filter is not provided, the strictest retention range for the query and type is returned.
@@ -3765,6 +3971,11 @@ type SharedInput {
 	mutable: Boolean
 }
 
+"""
+The structured details of a signature, varying by scheme.
+"""
+union SignatureScheme = Ed25519Signature | Secp256K1Signature | Secp256R1Signature | MultisigSignature | ZkLoginSignature | PasskeySignature
+
 """
 The result of simulating a transaction, including the predicted effects.
 """
@@ -4185,6 +4396,10 @@ type UpgradeCommand {
 }
 
 type UserSignature {
+	"""
+	The structured signature details, parsed by scheme.
+	"""
+	scheme: SignatureScheme
 	"""
 	The signature bytes, Base64-encoded.
 	For simple signatures: flag || signature || pubkey
@@ -4313,6 +4528,42 @@ type WriteAccumulatorStorageCostTransaction {
 	_: Boolean
 }
 
+"""
+A Base64-encoded claim from the JWT used in zkLogin.
+"""
+type ZkLoginClaim {
+	"""
+	The index mod 4 used for Base64 decoding alignment.
+	"""
+	indexMod4: Int
+	"""
+	The Base64url-unpadded encoded claim value.
+	"""
+	value: String
+}
+
+"""
+The zkLogin inputs including proof, claim details, and JWT header.
+"""
+type ZkLoginInputs {
+	"""
+	The address seed as a base10-encoded string.
+	"""
+	addressSeed: String
+	"""
+	The Base64-encoded JWT header.
+	"""
+	headerBase64: String
+	"""
+	The Base64-encoded issuer claim details.
+	"""
+	issBase64Details: ZkLoginClaim
+	"""
+	The zero-knowledge proof points.
+	"""
+	proofPoints: ZkLoginProof
+}
+
 """
 An enum that specifies the intent scope to be used to parse the bytes for signature verification.
 """
@@ -4328,15 +4579,80 @@ enum ZkLoginIntentScope {
 }
 
 """
-The result of the zkLogin signature verification.
+A JWK (JSON Web Key) identifier.
 """
-type ZkLoginVerifyResult {
+type ZkLoginJwkId {
+	"""
+	The OIDC provider issuer string.
+	"""
+	iss: String
 	"""
-	The error field capture reasons why the signature could not be verified, assuming the inputs are valid and there are no internal errors.
+	The key ID that identifies the JWK.
 	"""
-	error: String
+	kid: String
+}
+
+"""
+The zero-knowledge proof consisting of three elliptic curve points.
+"""
+type ZkLoginProof {
+	"""
+	G1 point 'a'.
+	"""
+	a: CircomG1
+	"""
+	G2 point 'b'.
+	"""
+	b: CircomG2
+	"""
+	G1 point 'c'.
+	"""
+	c: CircomG1
+}
+
+"""
+A zkLogin public identifier, containing the OAuth issuer and address seed.
+"""
+type ZkLoginPublicIdentifier {
+	"""
+	The address seed as a decimal string.
+	"""
+	addressSeed: String
+	"""
+	The OAuth provider issuer string (e.g. "https://accounts.google.com").
+	"""
+	iss: String
+}
+
+type ZkLoginSignature {
+	"""
+	The zkLogin inputs including proof, claim details, and JWT header.
+	"""
+	inputs: ZkLoginInputs
+	"""
+	The JWK identifier used to verify the zkLogin proof.
+	"""
+	jwkId: ZkLoginJwkId
+	"""
+	The maximum epoch for which this signature is valid.
+	"""
+	maxEpoch: UInt53
+	"""
+	The public identifier (issuer + address seed) for this zkLogin authenticator.
+	"""
+	publicIdentifier: ZkLoginPublicIdentifier
+	"""
+	The inner user signature (ed25519/secp256k1/secp256r1).
+	"""
+	signature: SignatureScheme
+}
+
+"""
+The result of the zkLogin signature verification.
+"""
+type ZkLoginVerifyResult {
 	"""
-	The boolean result of the verification. If true, errors should be empty.
+	Whether the signature was verified successfully.
 	"""
 	success: Boolean
 }