npm - @nokinc-flur/sdk - Versions diffs - 2.2.0 → 2.3.0 - Mend

@nokinc-flur/sdk 2.2.0 → 2.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/dist/index.js CHANGED Viewed

@@ -2961,7 +2961,17 @@ var Base64Std3 = z13.string().regex(/^[A-Za-z0-9+/]+={0,2}$/);
 var ClaimNonce = z13.string().min(8).max(128).refine((value) => !value.includes("|"), {
   message: "nonce must not contain |"
 });
-var ACCOUNT_FUNDED_OAC_MAX_TTL_MS = 1e3 * 60 * 60 * 24 * 7;
+var ACCOUNT_FUNDED_OAC_MAX_TTL_MS = 1e3 * 60 * 60 * 24;
+var IssuerTrustKeySchema = z13.object({
+  issuerId: z13.string().min(1).max(128),
+  alg: z13.literal("p256"),
+  publicKeySpkiB64: Base64Std3.min(64).max(4096),
+  notBeforeMs: z13.number().int().nonnegative().optional(),
+  notAfterMs: z13.number().int().positive().optional()
+});
+var IssuerTrustBundleSchema = z13.object({
+  keys: z13.array(IssuerTrustKeySchema).min(1)
+});
 var CONSUMER_OFFLINE_CLAIM_SUBMIT_GRACE_MS = 1e3 * 60 * 60 * 24;
 var AttestationSecurityLevelSchema = z13.enum([
   "STRONGBOX",
@@ -3015,13 +3025,28 @@ var ConsumerOACSchema = z13.object({
   alg: z13.literal("p256"),
   /** P-256 SubjectPublicKeyInfo DER, base64. */
   devicePubkeySpkiB64: Base64Std3.min(64).max(4096),
-  perTxCapKobo: z13.number().int().positive(),
-  cumulativeCapKobo: z13.number().int().positive(),
+  /**
+   * Per-transaction / cumulative offline spend ceilings. Zero is valid and
+   * denotes an identity-only OAC: the credential proves who the holder is and
+   * binds their device key for offline-verifiable first contact, but carries
+   * no offline spend authority (every claim against it routes to REVIEW).
+   * Issued to zero-balance wallets so they can still be paid offline.
+   */
+  perTxCapKobo: z13.number().int().nonnegative(),
+  cumulativeCapKobo: z13.number().int().nonnegative(),
   currency: z13.string().length(3),
   validFromMs: z13.number().int().nonnegative(),
   validUntilMs: z13.number().int().nonnegative(),
   counterSeed: z13.number().int().nonnegative(),
-  issuedAtMs: z13.number().int().nonnegative()
+  issuedAtMs: z13.number().int().nonnegative(),
+  /**
+   * Issuer-attested identity folded into the OAC so a single signed
+   * credential serves both Tier B offline-verifiable identity and offline
+   * spend authority. Verified offline against a pinned issuer key; the
+   * backend remains authoritative at settlement.
+   */
+  phoneE164: z13.string().regex(/^\+[1-9]\d{7,14}$/),
+  displayName: z13.string().min(1).max(64)
 });
 var SignedConsumerOACSchema = z13.object({
   oac: ConsumerOACSchema,
@@ -3189,6 +3214,12 @@ function createMeOfflineClient(opts) {
       `/v1/me/offline/settlements/${encodeURIComponent(idOrKey)}`,
       void 0,
       (raw) => ConsumerSettlementSchema.parse(raw)
+    ),
+    getIssuerKeys: () => call(
+      "GET",
+      "/v1/issuer/keys",
+      void 0,
+      (raw) => IssuerTrustBundleSchema.parse(raw)
     )
   };
 }
@@ -3549,13 +3580,101 @@ function base64UrlDecodeUtf8(input) {
   throw new Error("base64 decoder unavailable");
 }
+// src/me-offline/oac.ts
+var CONSUMER_OAC_DOMAIN = "flur:consumer-offline:v1:oac";
+function consumerOacSigningPayload(oac) {
+  return { domain: CONSUMER_OAC_DOMAIN, ...oac };
+}
+function verifyOacOffline(signed, trustedKeys, options = {}) {
+  const parsed = SignedConsumerOACSchema.safeParse(signed);
+  if (!parsed.success) return { ok: false, reason: "malformed" };
+  const oacParsed = ConsumerOACSchema.safeParse(parsed.data.oac);
+  if (!oacParsed.success) return { ok: false, reason: "malformed" };
+  const oac = oacParsed.data;
+  const nowMs = options.nowMs ?? Date.now();
+  const pinned = trustedKeys.filter(
+    (k) => k.issuerId === oac.issuerId && (k.notBeforeMs === void 0 || nowMs >= k.notBeforeMs) && (k.notAfterMs === void 0 || nowMs <= k.notAfterMs)
+  );
+  if (pinned.length === 0) return { ok: false, reason: "untrusted_issuer" };
+  const signingBytes = canonicalJSONBytes(consumerOacSigningPayload(oac));
+  const signatureOk = pinned.some(
+    (k) => verifyIssuerP256(signingBytes, parsed.data.issuerSig, k.publicKeySpkiB64)
+  );
+  if (!signatureOk) return { ok: false, reason: "signature_invalid" };
+  if (oac.validUntilMs - oac.validFromMs > ACCOUNT_FUNDED_OAC_MAX_TTL_MS) {
+    return { ok: false, reason: "window_too_long" };
+  }
+  if (nowMs < oac.validFromMs) return { ok: false, reason: "not_yet_valid" };
+  if (nowMs >= oac.validUntilMs) return { ok: false, reason: "expired" };
+  return {
+    ok: true,
+    oac,
+    identity: {
+      oacId: oac.oacId,
+      issuerId: oac.issuerId,
+      userId: oac.userId,
+      phoneE164: oac.phoneE164,
+      displayName: oac.displayName,
+      devicePubkeySpkiB64: oac.devicePubkeySpkiB64
+    }
+  };
+}
+var CONSUMER_OAC_QR_PREFIX = "FLUROAC1.";
+function isConsumerOacQR(value) {
+  return value.startsWith(CONSUMER_OAC_QR_PREFIX);
+}
+function encodeConsumerOacQR(signed) {
+  const parsed = SignedConsumerOACSchema.parse(signed);
+  return `${CONSUMER_OAC_QR_PREFIX}${base64UrlEncodeUtf82(JSON.stringify(parsed))}`;
+}
+function decodeUnverifiedConsumerOacQR(value) {
+  if (!value.startsWith(CONSUMER_OAC_QR_PREFIX)) {
+    throw new Error("not a Flur consumer OAC QR");
+  }
+  const encoded = value.slice(CONSUMER_OAC_QR_PREFIX.length);
+  let raw;
+  try {
+    raw = JSON.parse(base64UrlDecodeUtf82(encoded));
+  } catch {
+    throw new Error("consumer OAC QR is malformed");
+  }
+  return SignedConsumerOACSchema.parse(raw);
+}
+function base64UrlEncodeUtf82(input) {
+  const bytes = new TextEncoder().encode(input);
+  let binary = "";
+  for (const byte of bytes) binary += String.fromCharCode(byte);
+  const base64 = typeof btoa === "function" ? btoa(binary) : typeof Buffer !== "undefined" ? Buffer.from(bytes).toString("base64") : void 0;
+  if (!base64) throw new Error("base64 encoder unavailable");
+  return base64.replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/g, "");
+}
+function base64UrlDecodeUtf82(input) {
+  const base64 = input.replace(/-/g, "+").replace(/_/g, "/");
+  const padded = base64.padEnd(
+    base64.length + (4 - base64.length % 4) % 4,
+    "="
+  );
+  if (typeof atob === "function") {
+    const binary = atob(padded);
+    const bytes = new Uint8Array(binary.length);
+    for (let index = 0; index < binary.length; index++) {
+      bytes[index] = binary.charCodeAt(index);
+    }
+    return new TextDecoder().decode(bytes);
+  }
+  if (typeof Buffer !== "undefined") {
+    return Buffer.from(padded, "base64").toString("utf8");
+  }
+  throw new Error("base64 decoder unavailable");
+}
 // src/me-offline/sms.ts
 import { p256 as p2563 } from "@noble/curves/nist";
 var OFFLINE_CLAIM_SMS_PREFIX = "FLURC1.";
 var CLAIM_TOKEN_RE = /(?:^|\s)(FLURC1\.[A-Za-z0-9_-]+={0,2})(?:\s|$)/;
 function encodeOfflineClaimSmsMessage(claim) {
   const parsed = ConsumerPaymentClaimSchema.parse(claim);
-  return `${OFFLINE_CLAIM_SMS_PREFIX}${base64UrlEncodeUtf82(
+  return `${OFFLINE_CLAIM_SMS_PREFIX}${base64UrlEncodeUtf83(
     JSON.stringify(parsed)
   )}`;
 }
@@ -3565,7 +3684,7 @@ function decodeOfflineClaimSmsMessage(message) {
   const encoded = token.slice(OFFLINE_CLAIM_SMS_PREFIX.length);
   let raw;
   try {
-    raw = JSON.parse(base64UrlDecodeUtf82(encoded));
+    raw = JSON.parse(base64UrlDecodeUtf83(encoded));
   } catch {
     throw new Error("offline claim QR token is malformed");
   }
@@ -3791,10 +3910,10 @@ function bytesToBase64Url(bytes) {
   }
   return base64.replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/g, "");
 }
-function base64UrlEncodeUtf82(input) {
+function base64UrlEncodeUtf83(input) {
   return bytesToBase64Url(utf8(input));
 }
-function base64UrlDecodeUtf82(input) {
+function base64UrlDecodeUtf83(input) {
   return new TextDecoder().decode(base64UrlToBytes(input));
 }
 function base64UrlToBytes(input) {
@@ -4691,6 +4810,8 @@ export {
   CLAIM_DOMAIN_V2,
   COLLECTION_INTENT_STATUSES,
   COLLECTION_PAYMENT_STATUSES,
+  CONSUMER_OAC_DOMAIN,
+  CONSUMER_OAC_QR_PREFIX,
   CONSUMER_OFFLINE_CLAIM_SUBMIT_GRACE_MS,
   CONSUMER_PAYMENT_REQUEST_DOMAIN,
   CONSUMER_SETTLEMENT_DOMAIN,
@@ -4729,6 +4850,8 @@ export {
   IdentityArtifactSchema,
   IngestFundingResultSchema,
   IssueAccountOacInputSchema,
+  IssuerTrustBundleSchema,
+  IssuerTrustKeySchema,
   LedgerJournalEntryArtifactSchema,
   ListPayoutDestinationsResultSchema,
   MEMBERSHIP_ROLES,
@@ -4832,6 +4955,7 @@ export {
   computeConsumerClaimEncounterId,
   computeEncounterId,
   constantTimeEqual,
+  consumerOacSigningPayload,
   consumerPaymentRequestSigningBytes,
   consumerPaymentRequestSigningPayload,
   consumerSettlementSigningPayload,
@@ -4864,11 +4988,13 @@ export {
   decodeOfflineSmsSettleToken,
   decodePayCardArtifact,
   decodePaymentRequestQR,
+  decodeUnverifiedConsumerOacQR,
   decodeUnverifiedConsumerSettlementReceiptQR,
   derToRawP256Signature,
   encodeArtifactUri,
   encodeAuthorizationQR,
   encodeBase45,
+  encodeConsumerOacQR,
   encodeConsumerSettlementReceiptQR,
   encodeNQR,
   encodeOfflineClaimSmsMessage,
@@ -4881,6 +5007,7 @@ export {
   generateStaticQR,
   init,
   inspectPayCardFreshness,
+  isConsumerOacQR,
   isConsumerPaymentRequestExpired,
   isHardenedArtifactType,
   isKnownArtifactType,
@@ -4911,6 +5038,7 @@ export {
   verifyConsumerSettlement,
   verifyConsumerSettlementReceiptQR,
   verifyOAC,
+  verifyOacOffline,
   verifyOfflineSmsSettleToken,
   verifyPass,
   verifyPayCardArtifact,