@nevermined-io/core-kit 0.1.4 → 0.1.6

package/dist/nevermined/utils/BlockchainViemUtils.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"BlockchainViemUtils.d.ts","sourceRoot":"","sources":["../../../src/nevermined/utils/BlockchainViemUtils.ts"],"names":[],"mappings":"AAOA,OAAO,EAML,mBAAmB,EAEpB,MAAM,cAAc,CAAA;AAErB,OAAO,EACL,OAAO,EAaP,KAAK,GAAG,EACR,KAAK,QAAQ,EACb,KAAK,WAAW,EAChB,KAAK,OAAO,EACZ,KAAK,YAAY,EACjB,KAAK,kBAAkB,EACxB,MAAM,MAAM,CAAA;AACb,OAAO,EAAE,YAAY,EAAE,MAAM,0BAA0B,CAAA;AAQvD,OAAO,EAAE,YAAY,EAAE,kBAAkB,EAAE,WAAW,EAAE,MAAM,gCAAgC,CAAA;AAI9F,OAAO,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAA;AAI3C;;;GAGG;AACH,qBAAa,mBAAoB,SAAQ,YAAY;gBACvC,MAAM,EAAE,kBAAkB;CAIvC;AAQD;;;;;;GAMG;AACH,wBAAsB,qBAAqB,CAAC,EAC1C,MAAM,EACN,SAAa,EACb,YAAY,GACb,EAAE;IACD,MAAM,EAAE,KAAK,MAAM,EAAE,CAAA;IACrB,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB,YAAY,EAAE,YAAY,CAAA;CAC3B,GAAG,OAAO,CAAC,kBAAkB,CAAC,CAsB9B;AAED;;;;;;;GAOG;AACH,wBAAsB,mBAAmB,CAAC,eAAe,EAAE,MAAM,EAAE,GAAG,EAAE,GAAG,EAAE,MAAM,EAAE,WAAW;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAM/F;AAID;;;;;;GAMG;AACH,wBAAgB,iBAAiB,CAAC,GAAG,EAAE,GAAG,EAAE,QAAQ,EAAE,MAAM,EAAE,IAAI,GAAE,GAAG,EAAO,GAAG,WAAW,CAM3F;AAED;;;;;GAKG;AACH,wBAAgB,cAAc,CAAC,GAAG,EAAE,GAAG,EAAE,SAAS,EAAE,MAAM,GAAG,QAAQ,CASpE;AAED;;;;;;GAMG;AACH,wBAAgB,sBAAsB,CAAC,GAAG,EAAE,GAAG,EAAE,QAAQ,EAAE,MAAM,EAAE,IAAI,GAAE,GAAG,EAAO,GAAG,WAAW,CAEhG;AAED;;;;;;GAMG;AACH,wBAAgB,mBAAmB,CAAC,GAAG,EAAE,GAAG,EAAE,QAAQ,EAAE,MAAM,EAAE,IAAI,GAAE,GAAG,EAAO,0CAE/E;AAED;;;;;;GAMG;AACH,wBAAgB,4BAA4B,CAAC,GAAG,EAAE,GAAG,EAAE,QAAQ,EAAE,MAAM,EAAE,IAAI,GAAE,GAAG,EAAO;;;IAOxF;AAID;;;;GAIG;AACH,wBAAgB,kBAAkB,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,CAE1D;AAED;;;;GAIG;AACH,wBAAgB,cAAc,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAEvD;AAED;;;;;GAKG;AACH,wBAAgB,QAAQ,CAAC,OAAO,EAAE,MAAM,GAAG,UAAU,CAEpD;AAED;;;;;GAKG;AACH,wBAAgB,YAAY,CAAC,KAAK,EAAE,KAAK,MAAM,EAAE,GAAG,UAAU,EAAE,MAAM,EAAE,MAAM,GAAG,MAAM,CAEtF;AAED;;;;GAIG;AACH,wBAAgB,mBAAmB,CAAC,OAAO,EAAE,MAAM,iBAElD;AAGD;;;;;GAKG;AACH,wBAAgB,UAAU,CAAC,UAAU,EAAE,MAAM,EAAE,YAAY,SAAI,GAAG,OAAO,CAExE;AAED;;;;;GAKG;AACH,wBAAgB,WAAW,CAAC,UAAU,EAAE,MAAM,EAAE,WAAW,SAAK,aAM/D;AAED;;;GAGG;AACH,wBAAgB,gBAAgB,IAAI,OAAO,CAG1C;AAED;;;;GAIG;AACH,wBAAgB,iBAAiB,CAAC,WAAW,SAAK,GAAG,OAAO,EAAE,CAG7D;AAID;;;;GAIG;AACH,wBAAgB,SAAS,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,CAE9C;AAED;;;;;GAKG;AACH,wBAAgB,mBAAmB,CAAC,KAAK,EAAE,GAAG,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,GAAG,MAAM,CAGvE;AAED;;;;;GAKG;AACH,wBAAgB,eAAe,CAAC,KAAK,EAAE,GAAG,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,GAAG,MAAM,CAEnE;AAID;;;;;;GAMG;AACH,wBAAsB,kBAAkB,CACtC,aAAa,EAAE,YAAY,EAC3B,OAAO,EAAE,MAAM,EACf,gBAAgB,EAAE,MAAM,EACxB,YAAY,EAAE,GAAG,GAChB,OAAO,CAAC,mBAAmB,CAAC,CAyB9B;AAED,wBAAsB,wBAAwB,CAC5C,MAAM,EAAE,MAAM,EACd,YAAY,EAAE,YAAY,GACzB,OAAO,CAAC,YAAY,CAAC,CAcvB;AAED,wBAAsB,WAAW,CAAC,MAAM,EAAE,MAAM,EAAE,YAAY,EAAE,GAAG,EAAE,QAAQ,EAAE,GAAG,EAAE,mBAyBnF;AAED,wBAAsB,aAAa,CAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,YAAY,EAAE,GAAG,wEAatF;AAED,wBAAsB,gBAAgB,CAAC,MAAM,EAAE,MAAM,EAAE,YAAY,EAAE,GAAG,EAAE,QAAQ,EAAE,GAAG,EAAE,mBA6BxF;AAED,wBAAsB,aAAa,CAAC,oBAAoB,EAAE,MAAM,EAAE,YAAY,EAAE,GAAG,wEASlF;AAED;;;;;;;;;GASG;AACH,wBAAsB,mCAAmC,CACvD,aAAa,EAAE,YAAY,EAC3B,YAAY,EAAE,YAAY,EAC1B,QAAQ,EAAE,GAAG,EAAE,GACd,OAAO,CAAC,MAAM,CAAC,CAsCjB;AAED,eAAO,MAAM,WAAW;;;;;CAKvB,CAAA"}

package/dist/nevermined/utils/BlockchainViemUtils.js

@@ -0,0 +1,408 @@
+import { signerToEcdsaValidator } from '@zerodev/ecdsa-validator';
+import { deserializePermissionAccount, serializePermissionAccount, toPermissionValidator, } from '@zerodev/permissions';
+import { toECDSASigner } from '@zerodev/permissions/signers';
+import { addressToEmptyAccount, createKernelAccount, createKernelAccountClient, createZeroDevPaymasterClient, getUserOperationGasPrice, } from '@zerodev/sdk';
+import { KERNEL_V3_1, getEntryPoint } from '@zerodev/sdk/constants';
+import { TransactionReceiptNotFoundError, encodeAbiParameters, getAbiItem, getAddress, getContract, http, isAddress, pad, stringToBytes, stringToHex, toBytes, keccak256 as viemKeccak256, } from 'viem';
+import { english, generateMnemonic, generatePrivateKey, mnemonicToAccount, privateKeyToAccount, } from 'viem/accounts';
+import { Instantiable } from '../../Instantiable.abstract.js';
+import { ContractsError } from '../../errors/NeverminedErrors.js';
+import { getChain } from '../../utils/Network.js';
+import { _sleep } from '../../utils/helpers.js';
+const ENTRY_POINT_VERSION = '0.7';
+/**
+ * Utility class with methods that allow the interaction with the blockchain.
+ * This class uses Viem library to interact with the blockchain.
+ */
+export class BlockchainViemUtils extends Instantiable {
+    constructor(config) {
+        super();
+        this.setInstanceConfig(config);
+    }
+}
+//////////////////////////
+///// UTILITIES //////////
+//////////////////////////
+///// CONTRACTS
+/**
+ * Given a transaction hash, it returns the transaction receipt.
+ * If this function is called before the transaction is mined, it will iterate a few times in order to wait for the transaction to be mined.
+ * @param txHash - the transaction hash
+ * @param iteration - the iteration number
+ * @returns the transaction receipt
+ */
+export async function getTransactionReceipt({ txHash, iteration = 1, publicClient, }) {
+    if (iteration < 10) {
+        try {
+            return await publicClient.getTransactionReceipt({ hash: txHash });
+        }
+        catch (error) {
+            if (error instanceof TransactionReceiptNotFoundError) {
+                // this.logger.log(
+                //   `Unable to get transaction receipt from hash ${txHash} on iteration ${iteration}. Sleeping and retrying.`,
+                // )
+                await _sleep(150);
+                return getTransactionReceipt({ txHash, iteration: iteration + 1, publicClient });
+            }
+            else {
+                const errorMessage = `Unknown error getting transaction receipt with hash: ${txHash}. Error: ${error}`;
+                // this.logger.error(errorMessage)
+                throw new ContractsError(errorMessage);
+            }
+        }
+    }
+    else {
+        const errorMessage = `Unable to get transaction receipt with hash: ${txHash} after ${iteration} iterations.`;
+        // this.logger.error(errorMessage)
+        throw new ContractsError(errorMessage);
+    }
+}
+/**
+ * Given an already deployed contract address and the ABI, it returns the contract instance.
+ *
+ * @param contractAddress - the contract address
+ * @param abi - the contract artifact
+ * @param client - the client to interact with the blockchain
+ * @returns a contract instance
+ */
+export async function getContractInstance(contractAddress, abi, client) {
+    return getContract({
+        abi,
+        address: contractAddress,
+        client: { wallet: client.wallet, public: client.public },
+    });
+}
+///// ABIs
+/**
+ * It searchs an ABI function in the ABI.
+ * @param abi the ABI of the contract
+ * @param funcName the function name
+ * @param args the args of the function
+ * @returns the function found
+ */
+export function searchAbiFunction(abi, funcName, args = []) {
+    const func = getAbiItem({ abi, name: funcName, args });
+    if (!func || func.type !== 'function') {
+        throw new ContractsError(`Function "${funcName}" is not part of contract`);
+    }
+    return func;
+}
+/**
+ * It searchs an ABI event in the ABI.
+ * @param abi the ABI of the contract
+ * @param funcName the event name
+ * @returns the event found
+ */
+export function searchAbiEvent(abi, eventName) {
+    const event = getAbiItem({
+        abi,
+        name: eventName,
+    });
+    if (!event || event.type !== 'event') {
+        throw new ContractsError(`Event "${event}" is not part of contract`);
+    }
+    return event;
+}
+/**
+ * It searchs an ABI function in the ABI.
+ * @param abi the ABI of the contract
+ * @param funcName the function name
+ * @param args the args of the function
+ * @returns the function found
+ */
+export function getSignatureOfFunction(abi, funcName, args = []) {
+    return searchAbiFunction(abi, funcName, args);
+}
+/**
+ * It searchs an ABI function in the ABI and return the inputs.
+ * @param abi the ABI of the contract
+ * @param funcName the function name
+ * @param args the args of the function
+ * @returns the function found
+ */
+export function getInputsOfFunction(abi, funcName, args = []) {
+    return searchAbiFunction(abi, funcName, args).inputs;
+}
+/**
+ * It searchs an ABI function in the ABI and return the inputs formatted.
+ * @param abi the ABI of the contract
+ * @param funcName the function name
+ * @param args the args of the function
+ * @returns the function found
+ */
+export function getInputsOfFunctionFormatted(abi, funcName, args = []) {
+    return searchAbiFunction(abi, funcName, args).inputs.map((input, i) => {
+        return {
+            name: input.name,
+            value: args[i],
+        };
+    });
+}
+//////// UTILS
+/**
+ * Given an address it returns that address in checksum format.
+ * @param address the address
+ * @returns the same address in checksum format
+ */
+export function getChecksumAddress(address) {
+    return getAddress(address);
+}
+/**
+ * It checks if the address is a valid address.
+ * @param address the address to check
+ * @returns true of the address is valid
+ */
+export function isValidAddress(address) {
+    return isAddress(address);
+}
+/**
+ * Encodes a UTF-8 string into a byte array.
+
+ * @param message the string to encode
+ * @returns the encoded byte array
+ */
+export function getBytes(message) {
+    return stringToBytes(message);
+}
+/**
+ * It pads a value with zeros.
+ * @param value the value to pad
+ * @param length the expected longitutde of the value
+ * @returns the padded value
+ */
+export function zeroPadValue(value, length) {
+    return pad(value, { size: length });
+}
+/**
+ * Encodes a UTF-8 string into a hex string
+ * @param message the string to encode
+ * @returns the hex string
+ */
+export function encodeBytes32String(message) {
+    return stringToHex(message, { size: 32 });
+}
+////// ACCOUNTS
+/**
+ * Given a seedphrase, it returns an account.
+ * @param seedphrase - the seedphrase to be used to generate the account
+ * @param addressIndex - the address index
+ * @returns an account
+ */
+export function makeWallet(seedphrase, addressIndex = 0) {
+    return mnemonicToAccount(seedphrase, { addressIndex });
+}
+/**
+ * Given a seedphrase generates multiple accounts
+ * @param seedphrase - the seedphrase to be used to generate the account
+ * @param numAccounts - the number of accounts to create
+ * @returns the array of accounts
+ */
+export function makeWallets(seedphrase, numAccounts = 10) {
+    const accounts = [];
+    for (let i = 0; i < numAccounts; i++) {
+        accounts.push(makeWallet(seedphrase, i));
+    }
+    return accounts;
+}
+/**
+ * It generates a random account.
+ * @returns a new account
+ */
+export function makeRandomWallet() {
+    const mnemonic = generateMnemonic(english);
+    return makeWallet(mnemonic);
+}
+/**
+ * It generates a list of random accounts
+ * @param numAccounts - the number of accounts to create
+ * @returns the array of accounts
+ */
+export function makeRandomWallets(numAccounts = 10) {
+    const mnemonic = generateMnemonic(english);
+    return makeWallets(mnemonic, numAccounts);
+}
+/////// HASHES
+/**
+ * It hashes a string using keccak256.
+ * @param seed the string to hash
+ * @returns the hash
+ */
+export function keccak256(seed) {
+    return viemKeccak256(toBytes(seed));
+}
+/**
+ * It encodes and hashes a list of primitive values into an ABI-encoded hex value.
+ * @param types the types of the values
+ * @param values the values to encode
+ * @returns the hash
+ */
+export function keccak256WithEncode(types, values) {
+    const encoded = encodeAbiParameters(types, values);
+    return keccak256(encoded);
+}
+/**
+ * It encodes and hashes a list of primitive values into an ABI-encoded hex value.
+ * @param types the types of the values
+ * @param values the values to encode
+ * @returns the hash
+ */
+export function keccak256Packed(types, values) {
+    return keccak256WithEncode(types, values);
+}
+/////// ZERO DEV
+/**
+ * It creates a ZeroDev Kernel client.
+ * @param signer the signer account
+ * @param chainId the chain id
+ * @param zeroDevProjectId the zero dev project id, you can get it from the ZeroDev dashboard
+ * @returns the kernel client
+ */
+export async function createKernelClient(kernelAccount, chainId, zeroDevProjectId, publicClient) {
+    const ZERODEV_RPC = `https://rpc.zerodev.app/api/v3/${zeroDevProjectId}/chain/${chainId}`;
+    return createKernelAccountClient({
+        account: kernelAccount,
+        chain: getChain(chainId),
+        bundlerTransport: http(ZERODEV_RPC),
+        client: publicClient,
+        paymaster: {
+            getPaymasterData: (userOperation) => {
+                const zerodevPaymaster = createZeroDevPaymasterClient({
+                    chain: getChain(chainId),
+                    transport: http(ZERODEV_RPC),
+                });
+                return zerodevPaymaster.sponsorUserOperation({
+                    userOperation,
+                });
+            },
+        },
+        userOperation: {
+            estimateFeesPerGas: async ({ bundlerClient }) => {
+                return getUserOperationGasPrice(bundlerClient);
+            },
+        },
+    });
+}
+export async function createKernelSmartAccount(signer, publicClient) {
+    const ecdsaValidator = await signerToEcdsaValidator(publicClient, {
+        signer: signer,
+        entryPoint: getEntryPoint(ENTRY_POINT_VERSION),
+        kernelVersion: KERNEL_V3_1,
+    });
+    return await createKernelAccount(publicClient, {
+        plugins: {
+            sudo: ecdsaValidator,
+        },
+        entryPoint: getEntryPoint(ENTRY_POINT_VERSION),
+        kernelVersion: KERNEL_V3_1,
+    });
+}
+export async function getApproval(signer, publicClient, policies) {
+    const ecdsaValidator = await signerToEcdsaValidator(publicClient, {
+        entryPoint: getEntryPoint(ENTRY_POINT_VERSION),
+        signer,
+        kernelVersion: KERNEL_V3_1,
+    });
+    const emptyAccount = addressToEmptyAccount(signer.address);
+    const emptySessionKeySigner = await toECDSASigner({ signer: emptyAccount });
+    const permissionPlugin = await toPermissionValidator(publicClient, {
+        entryPoint: getEntryPoint(ENTRY_POINT_VERSION),
+        signer: emptySessionKeySigner,
+        policies: policies,
+        kernelVersion: KERNEL_V3_1,
+    });
+    const sessionKeyAccount = await createKernelAccount(publicClient, {
+        entryPoint: getEntryPoint(ENTRY_POINT_VERSION),
+        plugins: {
+            sudo: ecdsaValidator,
+            regular: permissionPlugin,
+        },
+        kernelVersion: KERNEL_V3_1,
+    });
+    return await serializePermissionAccount(sessionKeyAccount);
+}
+export async function useSessionKey(approval, signer, publicClient) {
+    const sessionKeySigner = await toECDSASigner({
+        signer,
+    });
+    const sessionKeyAccount = await deserializePermissionAccount(publicClient, getEntryPoint(ENTRY_POINT_VERSION), KERNEL_V3_1, approval, sessionKeySigner);
+    return sessionKeyAccount;
+}
+export async function createSessionKey(signer, publicClient, policies) {
+    const ecdsaValidator = await signerToEcdsaValidator(publicClient, {
+        entryPoint: getEntryPoint(ENTRY_POINT_VERSION),
+        signer,
+        kernelVersion: KERNEL_V3_1,
+    });
+    const sessionPrivateKey = generatePrivateKey();
+    const masterAccount = privateKeyToAccount(sessionPrivateKey);
+    const sessionKeySigner = await toECDSASigner({
+        signer: masterAccount,
+    });
+    const permissionPlugin = await toPermissionValidator(publicClient, {
+        entryPoint: getEntryPoint(ENTRY_POINT_VERSION),
+        signer: sessionKeySigner,
+        policies: policies,
+        kernelVersion: KERNEL_V3_1,
+    });
+    const sessionKeyAccount = await createKernelAccount(publicClient, {
+        entryPoint: getEntryPoint(ENTRY_POINT_VERSION),
+        plugins: {
+            sudo: ecdsaValidator,
+            regular: permissionPlugin,
+        },
+        kernelVersion: KERNEL_V3_1,
+    });
+    return serializePermissionAccount(sessionKeyAccount, sessionPrivateKey);
+}
+export async function getSessionKey(serializedSessionKey, publicClient) {
+    const sessionKeyAccount = await deserializePermissionAccount(publicClient, getEntryPoint(ENTRY_POINT_VERSION), KERNEL_V3_1, serializedSessionKey);
+    return sessionKeyAccount;
+}
+/**
+ * Creates a delegated session key for an existing kernel account.
+ * The resulting serialized session key can be deserialized into a SmartAccount
+ * that shares the same address as the kernel account but enforces the given policies.
+ *
+ * @param kernelAccount The existing SmartAccount (kernel) to delegate from
+ * @param publicClient Viem PublicClient instance
+ * @param policies Array of policies to enforce for this session key
+ * @returns Serialized session key string
+ */
+export async function createDelegatedSessionKeyFromKernel(kernelAccount, publicClient, policies) {
+    // 1) Generate ephemeral session private key (used only for the permission plugin)
+    const sessionPrivateKey = generatePrivateKey();
+    const sessionAccount = privateKeyToAccount(sessionPrivateKey);
+    // 2) Wrap ephemeral key as ECDSA signer for permissions
+    const sessionKeySigner = await toECDSASigner({ signer: sessionAccount });
+    // 3) Create the permission validator plugin
+    const permissionValidator = await toPermissionValidator(publicClient, {
+        entryPoint: getEntryPoint(ENTRY_POINT_VERSION),
+        signer: sessionKeySigner,
+        policies,
+        kernelVersion: KERNEL_V3_1,
+    });
+    // 4) Extract the sudo validator from the existing kernel account
+    const kernelAccountTyped = kernelAccount;
+    const sudoValidator = kernelAccountTyped.kernelPluginManager.sudoValidator;
+    if (!sudoValidator) {
+        throw new Error('Kernel account does not have a sudo validator');
+    }
+    // 5) Create a new kernel account with both sudo (from original) and permission validator
+    const sessionKeyAccount = await createKernelAccount(publicClient, {
+        entryPoint: getEntryPoint(ENTRY_POINT_VERSION),
+        plugins: {
+            sudo: sudoValidator, // Use existing sudo validator
+            regular: permissionValidator,
+        },
+        kernelVersion: KERNEL_V3_1,
+    });
+    // 6) Serialize the session key account with the ephemeral private key
+    const serialized = await serializePermissionAccount(sessionKeyAccount, sessionPrivateKey);
+    return serialized;
+}
+export const WalletUtils = {
+    makeWallet,
+    makeWallets,
+    makeRandomWallet,
+    makeRandomWallets,
+};

package/dist/nevermined/utils/JwtUtils.d.ts

@@ -0,0 +1,27 @@
+import type { Eip712Data } from '@nvm-monorepo/commons';
+import { type JWSHeaderParameters, SignJWT } from 'jose';
+import { type Account } from 'viem';
+import { SmartAccount } from 'viem/account-abstraction';
+import { Instantiable, InstantiableConfig } from '../../Instantiable.abstract.js';
+import { SignatureUtils } from './SignatureUtils.js';
+export declare class EthSignJWT extends SignJWT {
+    protectedHeader: JWSHeaderParameters | undefined;
+    setProtectedHeader(protectedHeader: JWSHeaderParameters): this;
+    ethSign(signatureUtils: SignatureUtils, account: Account | SmartAccount, eip712Data?: Eip712Data): Promise<string>;
+    static signText(text: string | Uint8Array, account: Account): Promise<string | undefined>;
+    private base64url;
+    private concat;
+}
+export declare class JwtUtils extends Instantiable {
+    static CLIENT_ASSERTION_TYPE: string;
+    tokenCache: Map<string, string>;
+    signatureUtils: SignatureUtils;
+    constructor(config: InstantiableConfig);
+    generateCacheKey(...args: string[]): string;
+    accountToJwk(account: Account | SmartAccount): Promise<any>;
+    generateClientAssertion(account: Account | SmartAccount, message?: string): Promise<string>;
+    isTokenValid(token: string): boolean;
+    static createCompressedJwt(token: string): string;
+    static decompressJwt(compressedJwt: string): string;
+}
+//# sourceMappingURL=JwtUtils.d.ts.map

package/dist/nevermined/utils/JwtUtils.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"JwtUtils.d.ts","sourceRoot":"","sources":["../../../src/nevermined/utils/JwtUtils.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAA;AAEvD,OAAO,EAAE,KAAK,mBAAmB,EAAE,OAAO,EAAwB,MAAM,MAAM,CAAA;AAC9E,OAAO,EAAE,KAAK,OAAO,EAAmD,MAAM,MAAM,CAAA;AACpF,OAAO,EAAE,YAAY,EAAE,MAAM,0BAA0B,CAAA;AACvD,OAAO,EAAE,YAAY,EAAE,kBAAkB,EAAE,MAAM,gCAAgC,CAAA;AAGjF,OAAO,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAA;AAEpD,qBAAa,UAAW,SAAQ,OAAO;IACrC,eAAe,EAAE,mBAAmB,GAAG,SAAS,CAAA;IAEvC,kBAAkB,CAAC,eAAe,EAAE,mBAAmB;IAKnD,OAAO,CAClB,cAAc,EAAE,cAAc,EAC9B,OAAO,EAAE,OAAO,GAAG,YAAY,EAC/B,UAAU,CAAC,EAAE,UAAU,GACtB,OAAO,CAAC,MAAM,CAAC;WAoDE,QAAQ,CAC1B,IAAI,EAAE,MAAM,GAAG,UAAU,EACzB,OAAO,EAAE,OAAO,GACf,OAAO,CAAC,MAAM,GAAG,SAAS,CAAC;IAY9B,OAAO,CAAC,SAAS;IAKjB,OAAO,CAAC,MAAM;CAUf;AAED,qBAAa,QAAS,SAAQ,YAAY;IACxC,MAAM,CAAC,qBAAqB,SAA2D;IAGvF,UAAU,EAAE,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;IAC/B,cAAc,EAAE,cAAc,CAAA;gBAElB,MAAM,EAAE,kBAAkB;IAO/B,gBAAgB,CAAC,GAAG,IAAI,EAAE,MAAM,EAAE,GAAG,MAAM;IAIrC,YAAY,CAAC,OAAO,EAAE,OAAO,GAAG,YAAY,GAAG,OAAO,CAAC,GAAG,CAAC;IAqB3D,uBAAuB,CAAC,OAAO,EAAE,OAAO,GAAG,YAAY,EAAE,OAAO,CAAC,EAAE,MAAM;IA2B/E,YAAY,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO;IAc3C,MAAM,CAAC,mBAAmB,CAAC,KAAK,EAAE,MAAM;IAKxC,MAAM,CAAC,aAAa,CAAC,aAAa,EAAE,MAAM;CAK3C"}

package/dist/nevermined/utils/JwtUtils.js

@@ -0,0 +1,161 @@
+import { deflateSync, inflateSync } from 'fflate';
+import { SignJWT, decodeJwt, importJWK } from 'jose';
+import { hexToBytes, toHex } from 'viem';
+import { Instantiable } from '../../Instantiable.abstract.js';
+import { urlSafeBase64Decode, urlSafeBase64Encode } from '../../utils/helpers.js';
+import { getChecksumAddress } from './BlockchainViemUtils.js';
+import { SignatureUtils } from './SignatureUtils.js';
+export class EthSignJWT extends SignJWT {
+    protectedHeader;
+    setProtectedHeader(protectedHeader) {
+        this.protectedHeader = protectedHeader;
+        return this;
+    }
+    async ethSign(signatureUtils, account, eip712Data) {
+        const encoder = new TextEncoder();
+        const decoder = new TextDecoder();
+        let payload = this._payload;
+        if (eip712Data) {
+            payload = {
+                ...payload,
+                eip712Data,
+            };
+        }
+        const encodedPayload = encoder.encode(this.base64url(JSON.stringify(payload)));
+        const encodedHeader = encoder.encode(this.base64url(JSON.stringify(this.protectedHeader)));
+        const data = this.concat(encodedHeader, encoder.encode('.'), encodedPayload);
+        // EIP-712 signature
+        let sign;
+        if (eip712Data) {
+            const domain = {
+                name: 'Nevermined',
+                version: '1',
+                chainId: eip712Data.chainId,
+            };
+            const types = {
+                Nevermined: [
+                    { name: 'from', type: 'address' },
+                    { name: 'message', type: 'string' },
+                    { name: 'token', type: 'string' },
+                ],
+            };
+            const value = {
+                from: account.address,
+                message: eip712Data.message,
+                token: decoder.decode(data),
+            };
+            sign = await signatureUtils.signTypedData(domain, types, value, account);
+        }
+        else {
+            sign = await signatureUtils.signText(decoder.decode(data), account);
+        }
+        const input = hexToBytes(sign);
+        const signed = this.base64url(input);
+        const grantToken = `${decoder.decode(encodedHeader)}.${decoder.decode(encodedPayload)}.${signed}`;
+        return grantToken;
+    }
+    static async signText(text, account) {
+        try {
+            const message = typeof text === 'string' ? text : toHex(text);
+            return account.signMessage({
+                message: message,
+            });
+        }
+        catch (e) {
+            console.error('Error signing message:', e);
+            return undefined;
+        }
+    }
+    base64url(input) {
+        const buffer = typeof input === 'string' ? Buffer.from(input, 'utf-8') : Buffer.from(input);
+        return buffer.toString('base64').replace(/=/g, '').replace(/\+/g, '-').replace(/\//g, '_');
+    }
+    concat(...buffers) {
+        const size = buffers.reduce((acc, { length }) => acc + length, 0);
+        const buf = new Uint8Array(size);
+        let i = 0;
+        buffers.forEach((buffer) => {
+            buf.set(buffer, i);
+            i += buffer.length;
+        });
+        return buf;
+    }
+}
+export class JwtUtils extends Instantiable {
+    static CLIENT_ASSERTION_TYPE = 'urn:ietf:params:oauth:client-assertion-type:jwt-bearer';
+    // BASE_AUD = '/api/v1/node/services'
+    tokenCache;
+    signatureUtils;
+    constructor(config) {
+        super();
+        this.setInstanceConfig(config);
+        this.tokenCache = new Map();
+        this.signatureUtils = new SignatureUtils(config);
+    }
+    generateCacheKey(...args) {
+        return args.join();
+    }
+    async accountToJwk(account) {
+        const address = account.address.toLowerCase();
+        // Currently only works with HDWalletProvider
+        // eslint-disable-next-line
+        // @ts-ignore
+        const publicKey = this.web3.currentProvider.wallets[address].getPublicKey();
+        // eslint-disable-next-line
+        // @ts-ignore
+        const privateKey = this.web3.currentProvider.wallets[address].getPrivateKey();
+        return importJWK({
+            alg: 'ES256K',
+            crv: 'secp256k1',
+            kty: 'EC',
+            d: privateKey.toString('base64'),
+            x: publicKey.slice(0, 32).toString('base64'),
+            y: publicKey.slice(32, 64).toString('base64'),
+        });
+    }
+    async generateClientAssertion(account, message) {
+        let eip712Data;
+        if (message) {
+            eip712Data = {
+                message,
+                chainId: await this.publicClient.getChainId(),
+            };
+        }
+        const address = getChecksumAddress(account.address);
+        // Not need it, but stay commented. If we need to bring back roles to update endpoints based on wallet with roles.
+        // const isAdmin = await this.nevermined.contracts.accessManager.hasRole(
+        //   NVM_INFRA_ADMIN_ROLE,
+        //   address as Address,
+        // )
+        return new EthSignJWT({
+            iss: address,
+            // roles: isAdmin[0] ? ['admin'] : [],
+            roles: [],
+        })
+            .setProtectedHeader({ alg: 'ES256K' })
+            .setIssuedAt()
+            .setExpirationTime('1h')
+            .ethSign(this.signatureUtils, account, eip712Data);
+    }
+    isTokenValid(token) {
+        const decodedToken = decodeJwt(token);
+        if (!decodedToken) {
+            return false;
+        }
+        const expiry = decodedToken.exp;
+        if (expiry) {
+            const now = new Date();
+            return now.getTime() < Number(expiry) * 1000;
+        }
+        return false;
+    }
+    static createCompressedJwt(token) {
+        const compressed = deflateSync(new TextEncoder().encode(token));
+        return urlSafeBase64Encode(compressed);
+    }
+    static decompressJwt(compressedJwt) {
+        const decoded = urlSafeBase64Decode(compressedJwt);
+        const decompressed = inflateSync(decoded);
+        return new TextDecoder().decode(decompressed);
+    }
+}

package/dist/nevermined/utils/SignatureUtils.d.ts

@@ -0,0 +1,14 @@
+import { Account, type Hash } from 'viem';
+import { Instantiable, InstantiableConfig } from '../../Instantiable.abstract.js';
+import type { TypedDataDomain, TypedDataTypes } from '@nvm-monorepo/commons';
+import { SmartAccount } from 'viem/account-abstraction';
+export declare class SignatureUtils extends Instantiable {
+    constructor(config: InstantiableConfig);
+    signText(text: string | Uint8Array, account: Account | SmartAccount): Promise<Hash>;
+    signTypedData(domain: TypedDataDomain, types: TypedDataTypes, value: Record<string, any>, account: Account | SmartAccount): Promise<Hash>;
+    signTransaction(tx: `0x${string}`, account: Account | SmartAccount): Promise<string>;
+    verifyIsSigner(text: string, signature: string, signerAddress: string): Promise<boolean>;
+    static recoverSignerAddress(message: string, signature: string): Promise<string>;
+    static hash(seed: string): string;
+}
+//# sourceMappingURL=SignatureUtils.d.ts.map

package/dist/nevermined/utils/SignatureUtils.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"SignatureUtils.d.ts","sourceRoot":"","sources":["../../../src/nevermined/utils/SignatureUtils.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,KAAK,IAAI,EAAmD,MAAM,MAAM,CAAA;AAC1F,OAAO,EAAE,YAAY,EAAE,kBAAkB,EAAE,MAAM,gCAAgC,CAAA;AAEjF,OAAO,KAAK,EAAE,eAAe,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAA;AAC5E,OAAO,EAAE,YAAY,EAAE,MAAM,0BAA0B,CAAA;AAGvD,qBAAa,cAAe,SAAQ,YAAY;gBAClC,MAAM,EAAE,kBAAkB;IAKzB,QAAQ,CAAC,IAAI,EAAE,MAAM,GAAG,UAAU,EAAE,OAAO,EAAE,OAAO,GAAG,YAAY,GAAG,OAAO,CAAC,IAAI,CAAC;IAqBnF,aAAa,CACxB,MAAM,EAAE,eAAe,EACvB,KAAK,EAAE,cAAc,EACrB,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,EAC1B,OAAO,EAAE,OAAO,GAAG,YAAY,GAC9B,OAAO,CAAC,IAAI,CAAC;IA6BH,eAAe,CAC1B,EAAE,EAAE,KAAK,MAAM,EAAE,EACjB,OAAO,EAAE,OAAO,GAAG,YAAY,GAC9B,OAAO,CAAC,MAAM,CAAC;IAmBL,cAAc,CACzB,IAAI,EAAE,MAAM,EACZ,SAAS,EAAE,MAAM,EACjB,aAAa,EAAE,MAAM,GACpB,OAAO,CAAC,OAAO,CAAC;WAQN,oBAAoB,CAAC,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAOtF,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM;CAGlC"}