@neuraiproject/neurai-message 0.8.0 → 0.9.0

package/dist/src/browser-shims.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/src/browser.d.ts

@@ -0,0 +1 @@
+export * from "./core";

package/dist/src/core.d.ts

@@ -0,0 +1,6 @@
+/** returns a base64 encoded string representation of the legacy signature */
+export declare function sign(message: string, privateKey: Uint8Array, compressed?: boolean): string;
+export declare function signPQMessage(message: string, privateKey: Uint8Array, publicKey: Uint8Array): string;
+export declare function verifyLegacyMessage(message: string, address: string, signature: string | Uint8Array): any;
+export declare function verifyPQMessage(message: string, address: string, signature: string | Uint8Array): any;
+export declare function verifyMessage(message: string, address: string, signature: string | Uint8Array): any;

package/dist/src/global.d.ts

@@ -0,0 +1,8 @@
+import * as api from "./browser";
+declare global {
+    interface Window {
+        NeuraiMessage: typeof api;
+    }
+}
+export * from "./browser";
+export default api;

package/dist/src/index.d.ts

@@ -0,0 +1 @@
+export * from "./core";

package/dist/src/legacy-message.d.ts

@@ -0,0 +1,6 @@
+/// <reference types="node" />
+/// <reference types="node" />
+import { Buffer } from "buffer";
+export declare function magicHash(message: string | Buffer, messagePrefix: string | Buffer): any;
+export declare function signLegacyMessage(message: string, privateKey: Uint8Array, compressed: boolean, messagePrefix: string | Buffer): Buffer;
+export declare function verifyLegacyCompactMessage(message: string, address: string, signature: Uint8Array, messagePrefix: string | Buffer): any;

package/index.ts

@@ -1,256 +1 @@
-import { createHash } from "crypto";
-import { bech32m } from "bech32";
-import * as bitcoinMessage from "bitcoinjs-message";
-import { ml_dsa44 } from "@noble/post-quantum/ml-dsa.js";
-
-const MESSAGE_MAGIC = "Neurai Signed Message:\n";
-const PQ_MESSAGE_SIGNATURE_PREFIX = 0x35;
-const PQ_SERIALIZED_PUBKEY_PREFIX = 0x05;
-const PQ_PUBLIC_KEY_LENGTH = 1312;
-const PQ_SERIALIZED_PUBKEY_LENGTH = 1 + PQ_PUBLIC_KEY_LENGTH;
-const PQ_SIGNATURE_LENGTH = 2420;
-const LEGACY_MESSAGE_PREFIX =
-  String.fromCharCode(Buffer.byteLength(MESSAGE_MAGIC, "utf8")) +
-  MESSAGE_MAGIC;
-
-function encodeCompactSize(value: number): Buffer {
-  if (!Number.isInteger(value) || value < 0) {
-    throw new Error("CompactSize value must be a non-negative integer");
-  }
-
-  if (value < 253) {
-    return Buffer.from([value]);
-  }
-
-  if (value <= 0xffff) {
-    const buffer = Buffer.alloc(3);
-    buffer[0] = 0xfd;
-    buffer.writeUInt16LE(value, 1);
-    return buffer;
-  }
-
-  if (value <= 0xffffffff) {
-    const buffer = Buffer.alloc(5);
-    buffer[0] = 0xfe;
-    buffer.writeUInt32LE(value, 1);
-    return buffer;
-  }
-
-  throw new Error("CompactSize values above uint32 are not supported");
-}
-
-function decodeCompactSize(buffer: Buffer, offset: number) {
-  if (offset >= buffer.length) {
-    throw new Error("Unexpected end of CompactSize data");
-  }
-
-  const first = buffer[offset];
-  if (first < 253) {
-    return { value: first, offset: offset + 1 };
-  }
-
-  if (first === 0xfd) {
-    if (offset + 3 > buffer.length) {
-      throw new Error("Unexpected end of CompactSize uint16 data");
-    }
-    return { value: buffer.readUInt16LE(offset + 1), offset: offset + 3 };
-  }
-
-  if (first === 0xfe) {
-    if (offset + 5 > buffer.length) {
-      throw new Error("Unexpected end of CompactSize uint32 data");
-    }
-    return { value: buffer.readUInt32LE(offset + 1), offset: offset + 5 };
-  }
-
-  if (first === 0xff) {
-    throw new Error("CompactSize uint64 is not supported");
-  }
-
-  throw new Error("Invalid CompactSize prefix");
-}
-
-function sha256(bytes: Uint8Array) {
-  return createHash("sha256").update(bytes).digest();
-}
-
-function hash256(bytes: Uint8Array) {
-  return sha256(sha256(bytes));
-}
-
-function hash160(bytes: Uint8Array) {
-  return createHash("ripemd160").update(sha256(bytes)).digest();
-}
-
-function encodeMessageHash(message: string) {
-  const messageBytes = Buffer.from(message, "utf8");
-  const magicBytes = Buffer.from(MESSAGE_MAGIC, "utf8");
-  const payload = Buffer.concat([
-    encodeCompactSize(magicBytes.length),
-    magicBytes,
-    encodeCompactSize(messageBytes.length),
-    messageBytes,
-  ]);
-
-  return hash256(payload);
-}
-
-function toSignatureBuffer(signature: string | Uint8Array) {
-  return typeof signature === "string"
-    ? Buffer.from(signature, "base64")
-    : Buffer.from(signature);
-}
-
-function normalizePQPublicKey(publicKey: Uint8Array) {
-  const buffer = Buffer.from(publicKey);
-
-  if (
-    buffer.length === PQ_SERIALIZED_PUBKEY_LENGTH &&
-    buffer[0] === PQ_SERIALIZED_PUBKEY_PREFIX
-  ) {
-    return buffer;
-  }
-
-  if (buffer.length === PQ_PUBLIC_KEY_LENGTH) {
-    return Buffer.concat([Buffer.from([PQ_SERIALIZED_PUBKEY_PREFIX]), buffer]);
-  }
-
-  throw new Error("Invalid PQ public key length");
-}
-
-function isPQMessageSignature(signature: string | Uint8Array) {
-  const buffer = toSignatureBuffer(signature);
-  return buffer.length > 0 && buffer[0] === PQ_MESSAGE_SIGNATURE_PREFIX;
-}
-
-function decodePQAddress(address: string) {
-  const decoded = bech32m.decode(address);
-  if (decoded.words.length === 0) {
-    throw new Error("Invalid bech32m address");
-  }
-
-  return {
-    prefix: decoded.prefix,
-    version: decoded.words[0],
-    program: Buffer.from(bech32m.fromWords(decoded.words.slice(1))),
-  };
-}
-
-/** returns a base64 encoded string representation of the legacy signature */
-export function sign(message: string, privateKey: Uint8Array, compressed = true) {
-  const signature = bitcoinMessage.sign(
-    message,
-    Buffer.from(privateKey),
-    compressed,
-    LEGACY_MESSAGE_PREFIX
-  );
-
-  return signature.toString("base64");
-}
-
-export function signPQMessage(
-  message: string,
-  privateKey: Uint8Array,
-  publicKey: Uint8Array
-) {
-  const serializedPublicKey = normalizePQPublicKey(publicKey);
-  const hash = encodeMessageHash(message);
-  const pqSignature = Buffer.from(ml_dsa44.sign(hash, Buffer.from(privateKey)));
-
-  const payload = Buffer.concat([
-    Buffer.from([PQ_MESSAGE_SIGNATURE_PREFIX]),
-    encodeCompactSize(serializedPublicKey.length),
-    serializedPublicKey,
-    encodeCompactSize(pqSignature.length),
-    pqSignature,
-  ]);
-
-  return payload.toString("base64");
-}
-
-export function verifyLegacyMessage(
-  message: string,
-  address: string,
-  signature: string | Uint8Array
-) {
-  try {
-    return bitcoinMessage.verify(
-      message,
-      address,
-      toSignatureBuffer(signature),
-      LEGACY_MESSAGE_PREFIX
-    );
-  } catch {
-    return false;
-  }
-}
-
-export function verifyPQMessage(
-  message: string,
-  address: string,
-  signature: string | Uint8Array
-) {
-  try {
-    const payload = toSignatureBuffer(signature);
-    let offset = 0;
-
-    if (payload[offset++] !== PQ_MESSAGE_SIGNATURE_PREFIX) {
-      return false;
-    }
-
-    const publicKeyLength = decodeCompactSize(payload, offset);
-    offset = publicKeyLength.offset;
-
-    const serializedPublicKey = payload.subarray(
-      offset,
-      offset + publicKeyLength.value
-    );
-    offset += publicKeyLength.value;
-
-    const signatureLength = decodeCompactSize(payload, offset);
-    offset = signatureLength.offset;
-
-    const pqSignature = payload.subarray(offset, offset + signatureLength.value);
-    offset += signatureLength.value;
-
-    if (offset !== payload.length) {
-      return false;
-    }
-
-    if (
-      serializedPublicKey.length !== PQ_SERIALIZED_PUBKEY_LENGTH ||
-      serializedPublicKey[0] !== PQ_SERIALIZED_PUBKEY_PREFIX ||
-      pqSignature.length !== PQ_SIGNATURE_LENGTH
-    ) {
-      return false;
-    }
-
-    const decodedAddress = decodePQAddress(address);
-    if (decodedAddress.version !== 1 || decodedAddress.program.length !== 20) {
-      return false;
-    }
-
-    const expectedProgram = hash160(serializedPublicKey);
-    if (!expectedProgram.equals(decodedAddress.program)) {
-      return false;
-    }
-
-    return ml_dsa44.verify(
-      pqSignature,
-      encodeMessageHash(message),
-      serializedPublicKey.subarray(1)
-    );
-  } catch {
-    return false;
-  }
-}
-
-export function verifyMessage(
-  message: string,
-  address: string,
-  signature: string | Uint8Array
-) {
-  return isPQMessageSignature(signature)
-    ? verifyPQMessage(message, address, signature)
-    : verifyLegacyMessage(message, address, signature);
-}
+export * from "./src/index";

package/package.json

@@ -1,22 +1,31 @@
 {
   "name": "@neuraiproject/neurai-message",
-  "version": "0.8.0",
+  "version": "0.9.0",
   "description": "Sign and Verify messages in Neurai",
   "source": "index.ts",
-  "main": "dist/main.js",
-  "module": "dist/module.js",
-  "types": "dist/types.d.ts",
-  "targets": {
-    "main": {
-      "includeNodeModules": true
+  "main": "dist/index.cjs",
+  "module": "dist/index.mjs",
+  "types": "dist/index.d.ts",
+  "browser": {
+    "stream": "stream-browserify",
+    "buffer": "buffer/",
+    "process": "process/browser"
+  },
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.mjs",
+      "require": "./dist/index.cjs"
+    },
+    "./browser": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/browser.mjs"
     },
-    "module": {
-      "includeNodeModules": true
-    }
+    "./global": "./dist/NeuraiMessage.global.js"
   },
   "scripts": {
-    "test": "npm run build && node --experimental-vm-modules ./node_modules/jest/bin/jest.js",
-    "build": "npx parcel build index.ts --no-autoinstall"
+    "test": "npm run build && vitest run",
+    "build": "esbuild src/index.ts --bundle --platform=node --target=es2020 --format=cjs --outfile=dist/index.cjs && esbuild src/index.ts --bundle --platform=node --target=es2020 --format=esm --outfile=dist/index.mjs && esbuild src/browser.ts --bundle --platform=browser --target=es2020 --format=esm --main-fields=browser,module,main --outfile=dist/browser.mjs --inject:./src/browser-shims.ts && esbuild src/global.ts --bundle --platform=browser --target=es2020 --format=iife --global-name=NeuraiMessage --main-fields=browser,module,main --outfile=dist/NeuraiMessage.global.js --inject:./src/browser-shims.ts && tsc --emitDeclarationOnly --declaration --outDir dist"
   },
   "repository": {
     "type": "git",
@@ -33,17 +42,22 @@
   },
   "homepage": "https://github.com/neuraiproject/neurai-message#readme",
   "dependencies": {
+    "@noble/hashes": "^2.0.1",
     "@noble/post-quantum": "^0.6.0",
+    "@noble/secp256k1": "^3.0.0",
     "bech32": "^2.0.0",
-    "bitcoinjs-message": "^2.2.0"
+    "bs58check": "^2.1.2",
+    "create-hash": "^1.2.0",
+    "varuint-bitcoin": "^1.1.2"
   },
   "devDependencies": {
-    "@parcel/packager-ts": "^2.8.3",
-    "@parcel/transformer-typescript-types": "2.16.4",
-    "@types/jest": "^28.1.4",
     "@types/node": "^18.0.0",
-    "jest": "^29.4.0",
-    "parcel": "^2.8.3",
-    "typescript": "^4.9.4"
+    "buffer": "^6.0.3",
+    "esbuild": "^0.25.0",
+    "events": "^3.3.0",
+    "process": "^0.11.10",
+    "stream-browserify": "^3.0.0",
+    "typescript": "^4.9.4",
+    "vitest": "^3.2.4"
   }
 }

package/src/browser-shims.ts

@@ -0,0 +1,9 @@
+import { Buffer } from "buffer";
+import process from "process/browser";
+
+if (typeof globalThis !== "undefined") {
+  (globalThis as typeof globalThis & { Buffer?: typeof Buffer }).Buffer ??=
+    Buffer;
+  (globalThis as typeof globalThis & { process?: typeof process }).process ??=
+    process;
+}

package/src/browser.ts

@@ -0,0 +1 @@
+export * from "./core";

package/src/core.ts

@@ -0,0 +1,257 @@
+import { Buffer } from "buffer";
+import createHash from "create-hash";
+import { bech32m } from "bech32";
+import { ml_dsa44 } from "@noble/post-quantum/ml-dsa.js";
+import { signLegacyMessage, verifyLegacyCompactMessage } from "./legacy-message";
+
+const MESSAGE_MAGIC = "Neurai Signed Message:\n";
+const PQ_MESSAGE_SIGNATURE_PREFIX = 0x35;
+const PQ_SERIALIZED_PUBKEY_PREFIX = 0x05;
+const PQ_PUBLIC_KEY_LENGTH = 1312;
+const PQ_SERIALIZED_PUBKEY_LENGTH = 1 + PQ_PUBLIC_KEY_LENGTH;
+const PQ_SIGNATURE_LENGTH = 2420;
+const LEGACY_MESSAGE_PREFIX =
+  String.fromCharCode(Buffer.byteLength(MESSAGE_MAGIC, "utf8")) +
+  MESSAGE_MAGIC;
+
+function encodeCompactSize(value: number): Buffer {
+  if (!Number.isInteger(value) || value < 0) {
+    throw new Error("CompactSize value must be a non-negative integer");
+  }
+
+  if (value < 253) {
+    return Buffer.from([value]);
+  }
+
+  if (value <= 0xffff) {
+    const buffer = Buffer.alloc(3);
+    buffer[0] = 0xfd;
+    buffer.writeUInt16LE(value, 1);
+    return buffer;
+  }
+
+  if (value <= 0xffffffff) {
+    const buffer = Buffer.alloc(5);
+    buffer[0] = 0xfe;
+    buffer.writeUInt32LE(value, 1);
+    return buffer;
+  }
+
+  throw new Error("CompactSize values above uint32 are not supported");
+}
+
+function decodeCompactSize(buffer: Buffer, offset: number) {
+  if (offset >= buffer.length) {
+    throw new Error("Unexpected end of CompactSize data");
+  }
+
+  const first = buffer[offset];
+  if (first < 253) {
+    return { value: first, offset: offset + 1 };
+  }
+
+  if (first === 0xfd) {
+    if (offset + 3 > buffer.length) {
+      throw new Error("Unexpected end of CompactSize uint16 data");
+    }
+    return { value: buffer.readUInt16LE(offset + 1), offset: offset + 3 };
+  }
+
+  if (first === 0xfe) {
+    if (offset + 5 > buffer.length) {
+      throw new Error("Unexpected end of CompactSize uint32 data");
+    }
+    return { value: buffer.readUInt32LE(offset + 1), offset: offset + 5 };
+  }
+
+  if (first === 0xff) {
+    throw new Error("CompactSize uint64 is not supported");
+  }
+
+  throw new Error("Invalid CompactSize prefix");
+}
+
+function sha256(bytes: Uint8Array) {
+  return createHash("sha256").update(bytes).digest();
+}
+
+function hash256(bytes: Uint8Array) {
+  return sha256(sha256(bytes));
+}
+
+function hash160(bytes: Uint8Array) {
+  return createHash("ripemd160").update(sha256(bytes)).digest();
+}
+
+function encodeMessageHash(message: string) {
+  const messageBytes = Buffer.from(message, "utf8");
+  const magicBytes = Buffer.from(MESSAGE_MAGIC, "utf8");
+  const payload = Buffer.concat([
+    encodeCompactSize(magicBytes.length),
+    magicBytes,
+    encodeCompactSize(messageBytes.length),
+    messageBytes,
+  ]);
+
+  return hash256(payload);
+}
+
+function toSignatureBuffer(signature: string | Uint8Array) {
+  return typeof signature === "string"
+    ? Buffer.from(signature, "base64")
+    : Buffer.from(signature);
+}
+
+function normalizePQPublicKey(publicKey: Uint8Array) {
+  const buffer = Buffer.from(publicKey);
+
+  if (
+    buffer.length === PQ_SERIALIZED_PUBKEY_LENGTH &&
+    buffer[0] === PQ_SERIALIZED_PUBKEY_PREFIX
+  ) {
+    return buffer;
+  }
+
+  if (buffer.length === PQ_PUBLIC_KEY_LENGTH) {
+    return Buffer.concat([Buffer.from([PQ_SERIALIZED_PUBKEY_PREFIX]), buffer]);
+  }
+
+  throw new Error("Invalid PQ public key length");
+}
+
+function isPQMessageSignature(signature: string | Uint8Array) {
+  const buffer = toSignatureBuffer(signature);
+  return buffer.length > 0 && buffer[0] === PQ_MESSAGE_SIGNATURE_PREFIX;
+}
+
+function decodePQAddress(address: string) {
+  const decoded = bech32m.decode(address);
+  if (decoded.words.length === 0) {
+    throw new Error("Invalid bech32m address");
+  }
+
+  return {
+    prefix: decoded.prefix,
+    version: decoded.words[0],
+    program: Buffer.from(bech32m.fromWords(decoded.words.slice(1))),
+  };
+}
+
+/** returns a base64 encoded string representation of the legacy signature */
+export function sign(message: string, privateKey: Uint8Array, compressed = true) {
+  const signature = signLegacyMessage(
+    message,
+    Buffer.from(privateKey),
+    compressed,
+    LEGACY_MESSAGE_PREFIX
+  );
+
+  return signature.toString("base64");
+}
+
+export function signPQMessage(
+  message: string,
+  privateKey: Uint8Array,
+  publicKey: Uint8Array
+) {
+  const serializedPublicKey = normalizePQPublicKey(publicKey);
+  const hash = encodeMessageHash(message);
+  const pqSignature = Buffer.from(ml_dsa44.sign(hash, Buffer.from(privateKey)));
+
+  const payload = Buffer.concat([
+    Buffer.from([PQ_MESSAGE_SIGNATURE_PREFIX]),
+    encodeCompactSize(serializedPublicKey.length),
+    serializedPublicKey,
+    encodeCompactSize(pqSignature.length),
+    pqSignature,
+  ]);
+
+  return payload.toString("base64");
+}
+
+export function verifyLegacyMessage(
+  message: string,
+  address: string,
+  signature: string | Uint8Array
+) {
+  try {
+    return verifyLegacyCompactMessage(
+      message,
+      address,
+      toSignatureBuffer(signature),
+      LEGACY_MESSAGE_PREFIX
+    );
+  } catch {
+    return false;
+  }
+}
+
+export function verifyPQMessage(
+  message: string,
+  address: string,
+  signature: string | Uint8Array
+) {
+  try {
+    const payload = toSignatureBuffer(signature);
+    let offset = 0;
+
+    if (payload[offset++] !== PQ_MESSAGE_SIGNATURE_PREFIX) {
+      return false;
+    }
+
+    const publicKeyLength = decodeCompactSize(payload, offset);
+    offset = publicKeyLength.offset;
+
+    const serializedPublicKey = payload.subarray(
+      offset,
+      offset + publicKeyLength.value
+    );
+    offset += publicKeyLength.value;
+
+    const signatureLength = decodeCompactSize(payload, offset);
+    offset = signatureLength.offset;
+
+    const pqSignature = payload.subarray(offset, offset + signatureLength.value);
+    offset += signatureLength.value;
+
+    if (offset !== payload.length) {
+      return false;
+    }
+
+    if (
+      serializedPublicKey.length !== PQ_SERIALIZED_PUBKEY_LENGTH ||
+      serializedPublicKey[0] !== PQ_SERIALIZED_PUBKEY_PREFIX ||
+      pqSignature.length !== PQ_SIGNATURE_LENGTH
+    ) {
+      return false;
+    }
+
+    const decodedAddress = decodePQAddress(address);
+    if (decodedAddress.version !== 1 || decodedAddress.program.length !== 20) {
+      return false;
+    }
+
+    const expectedProgram = hash160(serializedPublicKey);
+    if (!expectedProgram.equals(decodedAddress.program)) {
+      return false;
+    }
+
+    return ml_dsa44.verify(
+      pqSignature,
+      encodeMessageHash(message),
+      serializedPublicKey.subarray(1)
+    );
+  } catch {
+    return false;
+  }
+}
+
+export function verifyMessage(
+  message: string,
+  address: string,
+  signature: string | Uint8Array
+) {
+  return isPQMessageSignature(signature)
+    ? verifyPQMessage(message, address, signature)
+    : verifyLegacyMessage(message, address, signature);
+}

package/src/global.ts

@@ -0,0 +1,15 @@
+import * as api from "./browser";
+
+declare global {
+  interface Window {
+    NeuraiMessage: typeof api;
+  }
+}
+
+if (typeof globalThis !== "undefined") {
+  (globalThis as typeof globalThis & { NeuraiMessage: typeof api }).NeuraiMessage =
+    api;
+}
+
+export * from "./browser";
+export default api;

package/src/index.ts

@@ -0,0 +1 @@
+export * from "./core";