@novasamatech/host-papp 0.7.5 → 0.7.7

package/dist/identity/impl.js

@@ -57,7 +57,7 @@ function createCachedIdentityRequester(storage, getKey) {
             if (emptyIdentities.length === 0) {
                 return okAsync(existing);
             }
-            return request(accounts)
+            return request(emptyIdentities)
                 .andThen(writeCache)
                 .map(fetched => ({
                 ...existing,

package/dist/sso/auth/attestationService.js

@@ -159,18 +159,20 @@ function createPeopleSigner(verifier) {
         publicKey: baseSigner.publicKey,
         signBytes: baseSigner.signBytes,
         signTx: async (callData, signedExtensions, metadata, atBlockNumber, hasher) => {
-            // Add People chain custom signed extensions
+            // polkadot-api auto-derives all signed extensions whose default state is encodable as
+            // a zero byte (Option::None, struct(Option<_>) = None, etc.). The People runtime's
+            // `pallet_verify_signature::VerifySignature` ({ Disabled, Signed }) extension uses
+            // identifier "VerifyMultiSignature" but has no built-in handler in polkadot-api, so it
+            // must be supplied manually. Value 0x00 = `Disabled` (passthrough — the standard
+            // extrinsic signature authenticates the call). Variant tag order was flipped in
+            // polkadot-sdk#11897 specifically so generic signers can encode the passthrough state
+            // as a single zero byte.
             const extensionsWithCustom = {
                 ...signedExtensions,
                 VerifyMultiSignature: {
                     identifier: 'VerifyMultiSignature',
-                    value: new Uint8Array([1]), // 1u8 = Option::Some with empty data
-                    additionalSigned: new Uint8Array([]), // Empty additional data
-                },
-                AsPerson: {
-                    identifier: 'AsPerson',
-                    value: new Uint8Array([0]), // 0u8 = Option::None
-                    additionalSigned: new Uint8Array([]), // Empty additional data
+                    value: new Uint8Array([0]),
+                    additionalSigned: new Uint8Array([]),
                 },
             };
             return baseSigner.signTx(callData, extensionsWithCustom, metadata, atBlockNumber, hasher);

package/dist/sso/sessionManager/impl.js

@@ -5,6 +5,11 @@ import { createSsoStatementProver } from '../ssoSessionProver.js';
 import { createUserSession } from './userSession.js';
 export function createSsoSessionManager({ ssoSessionRepository, userSecretRepository, statementStore, storage, }) {
     const localSessions = createState({});
+    const sessionUnsubscribes = new Map();
+    const releaseSession = (id) => {
+        sessionUnsubscribes.get(id)?.();
+        sessionUnsubscribes.delete(id);
+    };
     const disconnect = (session) => {
         return ssoSessionRepository.filter(s => s.id !== session.id).map(() => undefined);
     };
@@ -13,12 +18,12 @@ export function createSsoSessionManager({ ssoSessionRepository, userSecretReposi
         const toRemove = new Set(Object.keys(activeSessions));
         const toAdd = new Set();
         for (const userSession of userSessions) {
+            toRemove.delete(userSession.id);
             if (userSession.id in activeSessions)
                 continue;
             const session = createSession(userSession, statementStore, storage, userSecretRepository);
-            toRemove.delete(userSession.id);
             toAdd.add(session);
-            session.subscribe(message => {
+            const unsubscribe = session.subscribe(message => {
                 switch (message.data.tag) {
                     case 'v1': {
                         switch (message.data.value.tag) {
@@ -29,8 +34,13 @@ export function createSsoSessionManager({ ssoSessionRepository, userSecretReposi
                 }
                 return okAsync(false);
             });
+            sessionUnsubscribes.set(session.id, unsubscribe);
         }
         if (toRemove.size > 0) {
+            for (const id of toRemove) {
+                releaseSession(id);
+                activeSessions[id]?.dispose();
+            }
             localSessions.write(prev => {
                 return Object.fromEntries(Object.entries(prev).filter(([id]) => !toRemove.has(id)));
             });
@@ -56,6 +66,7 @@ export function createSsoSessionManager({ ssoSessionRepository, userSecretReposi
         },
         dispose() {
             for (const session of Object.values(localSessions.read())) {
+                releaseSession(session.id);
                 session.dispose();
             }
         },

package/dist/sso/sessionManager/scale/remoteMessage.d.ts

@@ -12,7 +12,7 @@ export declare const RemoteMessageCodec: import("scale-ts").Codec<{
             value: {
                 tag: "Payload";
                 value: {
-                    address: string;
+                    productAccountId: [string, number];
                     blockHash: `0x${string}`;
                     blockNumber: `0x${string}`;
                     era: `0x${string}`;
@@ -32,7 +32,7 @@ export declare const RemoteMessageCodec: import("scale-ts").Codec<{
             } | {
                 tag: "Raw";
                 value: {
-                    address: string;
+                    productAccountId: [string, number];
                     data: {
                         tag: "Bytes";
                         value: Uint8Array<ArrayBufferLike>;
@@ -66,6 +66,59 @@ export declare const RemoteMessageCodec: import("scale-ts").Codec<{
                     alias: Uint8Array<ArrayBufferLike>;
                 }, string>;
             };
+        } | {
+            tag: "ResourceAllocationRequest";
+            value: {
+                callingProductId: string;
+                resources: ({
+                    tag: "StatementStoreAllowance";
+                    value: undefined;
+                } | {
+                    tag: "BulletInAllowance";
+                    value: undefined;
+                } | {
+                    tag: "SmartContractAllowance";
+                    value: number;
+                } | {
+                    tag: "AutoSigning";
+                    value: undefined;
+                })[];
+                onExisting: "Ignore" | "Increase";
+            };
+        } | {
+            tag: "ResourceAllocationResponse";
+            value: {
+                respondingTo: string;
+                payload: import("scale-ts").ResultPayload<({
+                    tag: "Rejected";
+                    value: undefined;
+                } | {
+                    tag: "Allocated";
+                    value: {
+                        tag: "StatementStoreAllowance";
+                        value: {
+                            slotAccountKey: Uint8Array<ArrayBufferLike>;
+                        };
+                    } | {
+                        tag: "BulletInAllowance";
+                        value: {
+                            slotAccountKey: Uint8Array<ArrayBufferLike>;
+                        };
+                    } | {
+                        tag: "SmartContractAllowance";
+                        value: undefined;
+                    } | {
+                        tag: "AutoSigning";
+                        value: {
+                            productDerivationSecret: string;
+                            productRootPrivateKey: Uint8Array<ArrayBufferLike>;
+                        };
+                    };
+                } | {
+                    tag: "NotAvailable";
+                    value: undefined;
+                })[], string>;
+            };
         };
     };
 }>;

package/dist/sso/sessionManager/scale/remoteMessage.js

@@ -1,4 +1,5 @@
 import { Enum, Struct, _void, str } from 'scale-ts';
+import { ResourceAllocationRequestCodec, ResourceAllocationResponseCodec } from './resourceAllocation.js';
 import { RingVrfAliasRequestCodec, RingVrfAliasResponseCodec } from './ringVrf.js';
 import { SigningRequestCodec } from './signingRequest.js';
 import { SigningResponseCodec } from './signingResponse.js';
@@ -11,6 +12,8 @@ export const RemoteMessageCodec = Struct({
             SignResponse: SigningResponseCodec,
             RingVrfAliasRequest: RingVrfAliasRequestCodec,
             RingVrfAliasResponse: RingVrfAliasResponseCodec,
+            ResourceAllocationRequest: ResourceAllocationRequestCodec,
+            ResourceAllocationResponse: ResourceAllocationResponseCodec,
         }),
     }),
 });

package/dist/sso/sessionManager/scale/resourceAllocation.d.ts

@@ -0,0 +1,118 @@
+import type { CodecType } from 'scale-ts';
+export type ApAllocatableResource = CodecType<typeof ApAllocatableResourceCodec>;
+export declare const ApAllocatableResourceCodec: import("scale-ts").Codec<{
+    tag: "StatementStoreAllowance";
+    value: undefined;
+} | {
+    tag: "BulletInAllowance";
+    value: undefined;
+} | {
+    tag: "SmartContractAllowance";
+    value: number;
+} | {
+    tag: "AutoSigning";
+    value: undefined;
+}>;
+export type ApAllocatedResource = CodecType<typeof ApAllocatedResourceCodec>;
+export declare const ApAllocatedResourceCodec: import("scale-ts").Codec<{
+    tag: "StatementStoreAllowance";
+    value: {
+        slotAccountKey: Uint8Array<ArrayBufferLike>;
+    };
+} | {
+    tag: "BulletInAllowance";
+    value: {
+        slotAccountKey: Uint8Array<ArrayBufferLike>;
+    };
+} | {
+    tag: "SmartContractAllowance";
+    value: undefined;
+} | {
+    tag: "AutoSigning";
+    value: {
+        productDerivationSecret: string;
+        productRootPrivateKey: Uint8Array<ArrayBufferLike>;
+    };
+}>;
+export type ApAllocationOutcome = CodecType<typeof ApAllocationOutcomeCodec>;
+export declare const ApAllocationOutcomeCodec: import("scale-ts").Codec<{
+    tag: "Rejected";
+    value: undefined;
+} | {
+    tag: "Allocated";
+    value: {
+        tag: "StatementStoreAllowance";
+        value: {
+            slotAccountKey: Uint8Array<ArrayBufferLike>;
+        };
+    } | {
+        tag: "BulletInAllowance";
+        value: {
+            slotAccountKey: Uint8Array<ArrayBufferLike>;
+        };
+    } | {
+        tag: "SmartContractAllowance";
+        value: undefined;
+    } | {
+        tag: "AutoSigning";
+        value: {
+            productDerivationSecret: string;
+            productRootPrivateKey: Uint8Array<ArrayBufferLike>;
+        };
+    };
+} | {
+    tag: "NotAvailable";
+    value: undefined;
+}>;
+export declare const OnExistingAllowancePolicyCodec: import("scale-ts").Codec<"Ignore" | "Increase">;
+export type ResourceAllocationRequest = CodecType<typeof ResourceAllocationRequestCodec>;
+export declare const ResourceAllocationRequestCodec: import("scale-ts").Codec<{
+    callingProductId: string;
+    resources: ({
+        tag: "StatementStoreAllowance";
+        value: undefined;
+    } | {
+        tag: "BulletInAllowance";
+        value: undefined;
+    } | {
+        tag: "SmartContractAllowance";
+        value: number;
+    } | {
+        tag: "AutoSigning";
+        value: undefined;
+    })[];
+    onExisting: "Ignore" | "Increase";
+}>;
+export type ResourceAllocationResponse = CodecType<typeof ResourceAllocationResponseCodec>;
+export declare const ResourceAllocationResponseCodec: import("scale-ts").Codec<{
+    respondingTo: string;
+    payload: import("scale-ts").ResultPayload<({
+        tag: "Rejected";
+        value: undefined;
+    } | {
+        tag: "Allocated";
+        value: {
+            tag: "StatementStoreAllowance";
+            value: {
+                slotAccountKey: Uint8Array<ArrayBufferLike>;
+            };
+        } | {
+            tag: "BulletInAllowance";
+            value: {
+                slotAccountKey: Uint8Array<ArrayBufferLike>;
+            };
+        } | {
+            tag: "SmartContractAllowance";
+            value: undefined;
+        } | {
+            tag: "AutoSigning";
+            value: {
+                productDerivationSecret: string;
+                productRootPrivateKey: Uint8Array<ArrayBufferLike>;
+            };
+        };
+    } | {
+        tag: "NotAvailable";
+        value: undefined;
+    })[], string>;
+}>;

package/dist/sso/sessionManager/scale/resourceAllocation.js

@@ -0,0 +1,40 @@
+import { DerivationIndex, DotNsIdentifier } from '@novasamatech/host-api';
+import { Status } from '@novasamatech/scale';
+import { Bytes, Enum, Result, Struct, Vector, _void, str } from 'scale-ts';
+export const ApAllocatableResourceCodec = Enum({
+    StatementStoreAllowance: _void,
+    BulletInAllowance: _void,
+    SmartContractAllowance: DerivationIndex,
+    AutoSigning: _void,
+});
+export const ApAllocatedResourceCodec = Enum({
+    StatementStoreAllowance: Struct({
+        slotAccountKey: Bytes(),
+    }),
+    BulletInAllowance: Struct({
+        slotAccountKey: Bytes(),
+    }),
+    SmartContractAllowance: _void,
+    AutoSigning: Struct({
+        productDerivationSecret: str,
+        productRootPrivateKey: Bytes(),
+    }),
+});
+export const ApAllocationOutcomeCodec = Enum({
+    Allocated: ApAllocatedResourceCodec,
+    Rejected: _void,
+    NotAvailable: _void,
+});
+// Behavior when the requested resource already has an active allocation
+// for this (user, product) pair on the Account Holder side.
+export const OnExistingAllowancePolicyCodec = Status('Ignore', 'Increase');
+export const ResourceAllocationRequestCodec = Struct({
+    callingProductId: DotNsIdentifier,
+    resources: Vector(ApAllocatableResourceCodec),
+    onExisting: OnExistingAllowancePolicyCodec,
+});
+export const ResourceAllocationResponseCodec = Struct({
+    // referencing to RemoteMessage.messageId
+    respondingTo: str,
+    payload: Result(Vector(ApAllocationOutcomeCodec), str),
+});

package/dist/sso/sessionManager/scale/signingRequest.d.ts

@@ -1,7 +1,7 @@
 import type { CodecType } from 'scale-ts';
 export type SigningPayloadRequest = CodecType<typeof SigningPayloadRequestCodec>;
 export declare const SigningPayloadRequestCodec: import("scale-ts").Codec<{
-    address: string;
+    productAccountId: [string, number];
     blockHash: `0x${string}`;
     blockNumber: `0x${string}`;
     era: `0x${string}`;
@@ -20,7 +20,7 @@ export declare const SigningPayloadRequestCodec: import("scale-ts").Codec<{
 }>;
 export type SigningRawRequest = CodecType<typeof SigningRawRequestCodec>;
 export declare const SigningRawRequestCodec: import("scale-ts").Codec<{
-    address: string;
+    productAccountId: [string, number];
     data: {
         tag: "Bytes";
         value: Uint8Array<ArrayBufferLike>;
@@ -33,7 +33,7 @@ export type SigningRequest = CodecType<typeof SigningRequestCodec>;
 export declare const SigningRequestCodec: import("scale-ts").Codec<{
     tag: "Payload";
     value: {
-        address: string;
+        productAccountId: [string, number];
         blockHash: `0x${string}`;
         blockNumber: `0x${string}`;
         era: `0x${string}`;
@@ -53,7 +53,7 @@ export declare const SigningRequestCodec: import("scale-ts").Codec<{
 } | {
     tag: "Raw";
     value: {
-        address: string;
+        productAccountId: [string, number];
         data: {
             tag: "Bytes";
             value: Uint8Array<ArrayBufferLike>;

package/dist/sso/sessionManager/scale/signingRequest.js

@@ -1,7 +1,8 @@
+import { ProductAccountId } from '@novasamatech/host-api';
 import { Enum, Hex, OptionBool } from '@novasamatech/scale';
 import { Bytes, Option, Struct, Vector, str, u32 } from 'scale-ts';
 export const SigningPayloadRequestCodec = Struct({
-    address: str,
+    productAccountId: ProductAccountId,
     blockHash: Hex(),
     blockNumber: Hex(),
     era: Hex(),
@@ -19,7 +20,7 @@ export const SigningPayloadRequestCodec = Struct({
     withSignedTransaction: OptionBool,
 });
 export const SigningRawRequestCodec = Struct({
-    address: str,
+    productAccountId: ProductAccountId,
     data: Enum({
         Bytes: Bytes(),
         Payload: str,

package/dist/sso/sessionManager/userSession.d.ts

@@ -6,6 +6,7 @@ import type { CodecType } from 'scale-ts';
 import type { Callback } from '../../types.js';
 import type { StoredUserSession } from '../userSessionRepository.js';
 import { RemoteMessageCodec } from './scale/remoteMessage.js';
+import type { ApAllocationOutcome, ResourceAllocationRequest } from './scale/resourceAllocation.js';
 import type { SigningPayloadRequest, SigningRawRequest } from './scale/signingRequest.js';
 import type { SigningPayloadResponseData } from './scale/signingResponse.js';
 export type UserSession = StoredUserSession & {
@@ -13,6 +14,7 @@ export type UserSession = StoredUserSession & {
     signPayload(payload: SigningPayloadRequest): ResultAsync<SigningPayloadResponseData, Error>;
     signRaw(payload: SigningRawRequest): ResultAsync<SigningPayloadResponseData, Error>;
     getRingVrfAlias(productAccountId: CodecType<typeof ProductAccountId>, productId: string): ResultAsync<CodecType<typeof ContextualAlias>, Error>;
+    requestResourceAllocation(request: ResourceAllocationRequest): ResultAsync<ApAllocationOutcome[], Error>;
     subscribe(callback: Callback<CodecType<typeof RemoteMessageCodec>, ResultAsync<boolean, Error>>): VoidFunction;
     dispose(): void;
 };

package/dist/sso/sessionManager/userSession.js

@@ -1,10 +1,9 @@
 import { ContextualAlias, ProductAccountId } from '@novasamatech/host-api';
-import { enumValue, toHex } from '@novasamatech/scale';
+import { enumValue } from '@novasamatech/scale';
 import { createSession } from '@novasamatech/statement-store';
 import { fieldListView } from '@novasamatech/storage-adapter';
 import { nanoid } from 'nanoid';
 import { ResultAsync, err, ok, okAsync } from 'neverthrow';
-import { AccountId } from 'polkadot-api';
 import { createAsyncTaskPool } from '../../helpers/createAsyncTaskPool.js';
 import { toError } from '../../helpers/utils.js';
 import { RemoteMessageCodec } from './scale/remoteMessage.js';
@@ -18,7 +17,6 @@ function withQueueTimeout(resultAsync, label) {
     return ResultAsync.fromPromise(Promise.race([resultAsync, timeoutPromise]), toError).andThen(r => r);
 }
 export function createUserSession({ userSession, statementStore, encryption, storage, prover, }) {
-    const accountId = AccountId();
     const requestQueue = createAsyncTaskPool({ poolSize: 1, retryCount: 0, retryDelay: 0 });
     const session = createSession({
         localAccount: userSession.localAccount,
@@ -33,16 +31,6 @@ export function createUserSession({ userSession, statementStore, encryption, sto
         from: JSON.parse,
         to: JSON.stringify,
     });
-    function toAccountId(address) {
-        // already an account id
-        if (address.startsWith('0x') && address.length === 64 + 2) {
-            return address;
-        }
-        return toHex(accountId.enc(address));
-    }
-    function toAddress(account) {
-        return accountId.dec(account);
-    }
     return {
         id: userSession.id,
         localAccount: userSession.localAccount,
@@ -52,10 +40,7 @@ export function createUserSession({ userSession, statementStore, encryption, sto
                 const messageId = nanoid();
                 const request = session.request(RemoteMessageCodec, {
                     messageId,
-                    data: enumValue('v1', enumValue('SignRequest', enumValue('Payload', {
-                        ...payload,
-                        address: toAddress(toAccountId(payload.address)),
-                    }))),
+                    data: enumValue('v1', enumValue('SignRequest', enumValue('Payload', payload))),
                 });
                 const responseFilter = (message) => {
                     if (message.data.tag === 'v1' &&
@@ -82,10 +67,7 @@ export function createUserSession({ userSession, statementStore, encryption, sto
                 const messageId = nanoid();
                 const request = session.request(RemoteMessageCodec, {
                     messageId,
-                    data: enumValue('v1', enumValue('SignRequest', enumValue('Raw', {
-                        ...payload,
-                        address: toAddress(toAccountId(payload.address)),
-                    }))),
+                    data: enumValue('v1', enumValue('SignRequest', enumValue('Raw', payload))),
                 });
                 const responseFilter = (message) => {
                     if (message.data.tag === 'v1' &&
@@ -137,9 +119,31 @@ export function createUserSession({ userSession, statementStore, encryption, sto
                     .andThen(result => (result.success ? ok(result.value) : err(new Error(result.value))));
             });
         },
+        requestResourceAllocation(request) {
+            return requestQueue.call(() => {
+                const messageId = nanoid();
+                const sendRequest = session.request(RemoteMessageCodec, {
+                    messageId,
+                    data: enumValue('v1', enumValue('ResourceAllocationRequest', request)),
+                });
+                const responseFilter = (message) => {
+                    if (message.data.tag === 'v1' &&
+                        message.data.value.tag === 'ResourceAllocationResponse' &&
+                        message.data.value.value.respondingTo === messageId) {
+                        return message.data.value.value.payload;
+                    }
+                };
+                const inner = sendRequest
+                    .andThen(() => session.waitForRequestMessage(RemoteMessageCodec, responseFilter))
+                    .andThen(result => (result.success ? ok(result.value) : err(new Error(result.value))));
+                return withQueueTimeout(inner, 'requestResourceAllocation');
+            });
+        },
         subscribe(callback) {
             return session.subscribe(RemoteMessageCodec, messages => {
-                processedMessages.read().andThen(processed => {
+                processedMessages
+                    .read()
+                    .andThen(processed => {
                     const results = messages.map(message => {
                         if (message.type === 'request' && message.payload.status === 'parsed') {
                             const payload = message.payload;
@@ -163,6 +167,9 @@ export function createUserSession({ userSession, statementStore, encryption, sto
                         }
                         return okAsync();
                     });
+                })
+                    .orTee(error => {
+                    console.error('Error while updating processed sso messages:', error);
                 });
             });
         },

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@novasamatech/host-papp",
   "type": "module",
-  "version": "0.7.5",
+  "version": "0.7.7",
   "description": "Polkadot app integration",
   "license": "Apache-2.0",
   "repository": {
@@ -29,10 +29,10 @@
     "@noble/ciphers": "2.2.0",
     "@noble/curves": "2.2.0",
     "@noble/hashes": "2.2.0",
-    "@novasamatech/host-api": "0.7.5",
-    "@novasamatech/scale": "0.7.5",
-    "@novasamatech/statement-store": "0.7.5",
-    "@novasamatech/storage-adapter": "0.7.5",
+    "@novasamatech/host-api": "0.7.7",
+    "@novasamatech/scale": "0.7.7",
+    "@novasamatech/statement-store": "0.7.7",
+    "@novasamatech/storage-adapter": "0.7.7",
     "@polkadot-labs/hdkd-helpers": "^0.0.30",
     "nanoevents": "9.1.0",
     "nanoid": "5.1.9",