@oleary-labs/signet-sdk 0.1.0 → 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (17) hide show
  1. package/dist/generate-inputs.d.ts +26 -0
  2. package/dist/generate-inputs.d.ts.map +1 -0
  3. package/dist/generate-inputs.js +106 -0
  4. package/dist/generate-inputs.js.map +1 -0
  5. package/dist/partial-sha.d.ts +5 -0
  6. package/dist/partial-sha.d.ts.map +1 -0
  7. package/dist/partial-sha.js +89 -0
  8. package/dist/partial-sha.js.map +1 -0
  9. package/dist/proof.d.ts +30 -0
  10. package/dist/proof.d.ts.map +1 -0
  11. package/dist/proof.js +72 -0
  12. package/dist/proof.js.map +1 -0
  13. package/dist/witness.d.ts +51 -0
  14. package/dist/witness.d.ts.map +1 -0
  15. package/dist/witness.js +81 -0
  16. package/dist/witness.js.map +1 -0
  17. package/package.json +93 -27
package/dist/generate-inputs.d.ts ADDED
@@ -0,0 +1,26 @@
1
+ type GenerateInputsParams = {
2
+ jwt: string;
3
+ pubkey: JsonWebKey;
4
+ shaPrecomputeTillKeys?: string[];
5
+ maxSignedDataLength: number;
6
+ };
7
+ type JWTCircuitInputs = {
8
+ data?: {
9
+ storage: number[];
10
+ len: number;
11
+ };
12
+ base64_decode_offset: number;
13
+ pubkey_modulus_limbs: string[];
14
+ redc_params_limbs: string[];
15
+ signature_limbs: string[];
16
+ partial_data?: {
17
+ storage: number[];
18
+ len: number;
19
+ };
20
+ partial_hash?: number[];
21
+ full_data_length?: number;
22
+ };
23
+ export declare function generateInputs({ jwt, pubkey, shaPrecomputeTillKeys, maxSignedDataLength, }: GenerateInputsParams): Promise<JWTCircuitInputs>;
24
+ export declare function splitBigIntToChunks(bigInt: bigint, chunkSize: number, numChunks: number): bigint[];
25
+ export {};
26
+ //# sourceMappingURL=generate-inputs.d.ts.map
package/dist/generate-inputs.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"generate-inputs.d.ts","sourceRoot":"","sources":["../src/generate-inputs.ts"],"names":[],"mappings":"AAEA,KAAK,oBAAoB,GAAG;IAC1B,GAAG,EAAE,MAAM,CAAC;IACZ,MAAM,EAAE,UAAU,CAAC;IACnB,qBAAqB,CAAC,EAAE,MAAM,EAAE,CAAC;IACjC,mBAAmB,EAAE,MAAM,CAAC;CAC7B,CAAA;AAED,KAAK,gBAAgB,GAAG;IACtB,IAAI,CAAC,EAAE;QACL,OAAO,EAAE,MAAM,EAAE,CAAC;QAClB,GAAG,EAAE,MAAM,CAAC;KACb,CAAC;IACF,oBAAoB,EAAE,MAAM,CAAC;IAC7B,oBAAoB,EAAE,MAAM,EAAE,CAAC;IAC/B,iBAAiB,EAAE,MAAM,EAAE,CAAC;IAC5B,eAAe,EAAE,MAAM,EAAE,CAAC;IAC1B,YAAY,CAAC,EAAE;QACb,OAAO,EAAE,MAAM,EAAE,CAAC;QAClB,GAAG,EAAE,MAAM,CAAC;KACb,CAAC;IACF,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;IACxB,gBAAgB,CAAC,EAAE,MAAM,CAAC;CAC3B,CAAA;AAUD,wBAAsB,cAAc,CAAC,EACnC,GAAG,EACH,MAAM,EACN,qBAAqB,EACrB,mBAAmB,GACpB,EAAE,oBAAoB,6BAgGtB;AAUD,wBAAgB,mBAAmB,CACjC,MAAM,EAAE,MAAM,EACd,SAAS,EAAE,MAAM,EACjB,SAAS,EAAE,MAAM,YASlB"}
package/dist/generate-inputs.js ADDED
@@ -0,0 +1,106 @@
1
+ import { generatePartialSHA256 } from './partial-sha';
2
+ /*
3
+ * Generates circuit inputs required for the jwt lib
4
+ * @param {Object} params - The input parameters
5
+ * @param {string} params.jwt - The JWT token to process (string)
6
+ * @param {JsonWebKey} params.pubkey - The public key to verify the signature (JsonWebKey)
7
+ * @param {string[]} params.shaPrecomputeTillKeys - (optional) Key(s) in the payload until which SHA should be precomputed
8
+ * @param {number} params.maxSignedDataLength - Maximum length of signed data (with or without partial hash) allowed by the circuit
9
+ */
10
+ export async function generateInputs({ jwt, pubkey, shaPrecomputeTillKeys, maxSignedDataLength, // when using partial hash, this will be the length of data after partial hash
11
+ }) {
12
+ // Parse token
13
+ const [headerB64, payloadB64] = jwt.split(".");
14
+ // Extract signed data as byte array
15
+ const signedDataString = jwt.split(".").slice(0, 2).join("."); // $header.$payload
16
+ const signedData = new TextEncoder().encode(signedDataString);
17
+ // Extract signature as bigint
18
+ const signatureBase64Url = jwt.split(".")[2];
19
+ const signatureBase64 = signatureBase64Url
20
+ .replace(/-/g, "+")
21
+ .replace(/_/g, "/");
22
+ const signature = new Uint8Array(atob(signatureBase64)
23
+ .split("")
24
+ .map((c) => c.charCodeAt(0)));
25
+ const signatureBigInt = BigInt("0x" + Array.from(signature).map(b => b.toString(16).padStart(2, '0')).join(''));
26
+ // Extract pubkey modulus as bigint
27
+ const pubkeyBigInt = BigInt("0x" + atob(pubkey.n.replace(/-/g, "+").replace(/_/g, "/"))
28
+ .split("")
29
+ .map(c => c.charCodeAt(0).toString(16).padStart(2, "0"))
30
+ .join(""));
31
+ const redcParam = (1n << (2n * 2048n + 4n)) / pubkeyBigInt; // something needed by the noir big-num lib
32
+ const inputs = {
33
+ pubkey_modulus_limbs: splitBigIntToChunks(pubkeyBigInt, 120, 18).map(s => s.toString()),
34
+ redc_params_limbs: splitBigIntToChunks(redcParam, 120, 18).map(s => s.toString()),
35
+ signature_limbs: splitBigIntToChunks(signatureBigInt, 120, 18).map(s => s.toString()),
36
+ };
37
+ if (!shaPrecomputeTillKeys || shaPrecomputeTillKeys.length === 0) {
38
+ // No precompute selector - no need to precompute SHA256
39
+ if (signedData.length > maxSignedDataLength) {
40
+ throw new Error("Signed data length exceeds maxSignedDataLength");
41
+ }
42
+ const signedDataPadded = new Uint8Array(maxSignedDataLength);
43
+ signedDataPadded.set(signedData);
44
+ inputs.data = {
45
+ storage: Array.from(signedDataPadded),
46
+ len: signedData.length,
47
+ };
48
+ // entire payload is base64 decode-able when not using partial hash
49
+ // offset in signed data is the index of payload start
50
+ // this can be any multiple of 4 from payload start, if you want to skip some bytes from start
51
+ inputs.base64_decode_offset = headerB64.length + 1;
52
+ }
53
+ else {
54
+ // Precompute SHA256 of the signed data
55
+ // SHA256 is done in 64 byte chunks, so we can hash upto certain portion outside of circuit to save constraints
56
+ // Signed data is $headerB64.$payloadB64
57
+ // We need to find the index in B64 payload corresponding to min(hdIndex, nonceIndex) when decoded
58
+ // Then we find the 64 byte boundary before this index and precompute the SHA256 upto that
59
+ const payloadString = atob(payloadB64);
60
+ const indicesOfPrecomputeKeys = shaPrecomputeTillKeys.map((key) => payloadString.indexOf(`"${key}":`));
61
+ const smallerIndex = Math.min(...indicesOfPrecomputeKeys);
62
+ const smallerIndexInB64 = Math.floor((smallerIndex * 4) / 3); // 4 B64 chars = 3 bytes
63
+ const sliceStart = headerB64.length + smallerIndexInB64 + 1; // +1 for the '.'
64
+ // Precompute the SHA256 hash
65
+ const { partialHash, remainingData } = await generatePartialSHA256(signedData, sliceStart);
66
+ // Pad to the max length configured in the circuit
67
+ if (remainingData.length > maxSignedDataLength) {
68
+ throw new Error("remainingData after partial hash exceeds maxSignedDataLength");
69
+ }
70
+ const remainingDataPadded = new Uint8Array(maxSignedDataLength);
71
+ remainingDataPadded.set(remainingData);
72
+ inputs.partial_data = {
73
+ storage: Array.from(remainingDataPadded),
74
+ len: remainingData.length,
75
+ };
76
+ inputs.partial_hash = Array.from(partialHash);
77
+ inputs.full_data_length = signedData.length;
78
+ // when using partial hash, the data after the partial hash might not be a valid base64
79
+ // we need to find an offset (1, 2, or 3) such that the remaining payload is base64 decode-able
80
+ // this is the number that should be added to the "payload chunk that was included in SHA precompute"
81
+ // to make it a multiple of 4
82
+ // in other words, if you trim offset number of bytes from the remaining payload, it will be base64 decode-able
83
+ const shaCutoffIndex = signedData.length - remainingData.length;
84
+ const payloadBytesInShaPrecompute = shaCutoffIndex - (headerB64.length + 1);
85
+ const offsetToMakeIt4x = 4 - (payloadBytesInShaPrecompute % 4);
86
+ inputs.base64_decode_offset = offsetToMakeIt4x;
87
+ }
88
+ return inputs;
89
+ }
90
+ /*
91
+ * Splits a BigInt into fixed-size chunks
92
+ * @param {bigint} bigInt - The BigInt to split
93
+ * @param {number} chunkSize - Size of each chunk in bits
94
+ * @param {number} numChunks - Number of chunks to split into
95
+ * @returns {bigint[]} Array of BigInt chunks
96
+ */
97
+ export function splitBigIntToChunks(bigInt, chunkSize, numChunks) {
98
+ const chunks = [];
99
+ const mask = (1n << BigInt(chunkSize)) - 1n;
100
+ for (let i = 0; i < numChunks; i++) {
101
+ const chunk = (bigInt / (1n << (BigInt(i) * BigInt(chunkSize)))) & mask;
102
+ chunks.push(chunk);
103
+ }
104
+ return chunks;
105
+ }
106
+ //# sourceMappingURL=generate-inputs.js.map
package/dist/generate-inputs.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"generate-inputs.js","sourceRoot":"","sources":["../src/generate-inputs.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,qBAAqB,EAAE,MAAM,eAAe,CAAC;AA0BtD;;;;;;;EAOE;AACF,MAAM,CAAC,KAAK,UAAU,cAAc,CAAC,EACnC,GAAG,EACH,MAAM,EACN,qBAAqB,EACrB,mBAAmB,EAAE,8EAA8E;EAC9E;IACrB,cAAc;IACd,MAAM,CAAC,SAAS,EAAE,UAAU,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAE/C,oCAAoC;IACpC,MAAM,gBAAgB,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,mBAAmB;IAClF,MAAM,UAAU,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,gBAAgB,CAAe,CAAC;IAE5E,8BAA8B;IAC9B,MAAM,kBAAkB,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IAC7C,MAAM,eAAe,GAAG,kBAAkB;SACvC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC;SAClB,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;IAEtB,MAAM,SAAS,GAAG,IAAI,UAAU,CAC9B,IAAI,CAAC,eAAe,CAAC;SAClB,KAAK,CAAC,EAAE,CAAC;SACT,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAC/B,CAAC;IAEF,MAAM,eAAe,GAAG,MAAM,CAAC,IAAI,GAAG,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC;IAEhH,mCAAmC;IACnC,MAAM,YAAY,GAAG,MAAM,CAAC,IAAI,GAAG,IAAI,CAAC,MAAM,CAAC,CAAE,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;SACrF,KAAK,CAAC,EAAE,CAAC;SACT,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;SACvD,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC;IACb,MAAM,SAAS,GAAG,CAAC,EAAE,IAAI,CAAC,EAAE,GAAG,KAAK,GAAG,EAAE,CAAC,CAAC,GAAG,YAAY,CAAC,CAAC,4CAA4C;IAExG,MAAM,MAAM,GAA8B;QACxC,oBAAoB,EAAE,mBAAmB,CAAC,YAAY,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC;QACvF,iBAAiB,EAAE,mBAAmB,CAAC,SAAS,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC;QACjF,eAAe,EAAE,mBAAmB,CAAC,eAAe,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC;KACtF,CAAC;IAEF,IAAI,CAAC,qBAAqB,IAAI,qBAAqB,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACjE,wDAAwD;QACxD,IAAI,UAAU,CAAC,MAAM,GAAG,mBAAmB,EAAE,CAAC;YAC5C,MAAM,IAAI,KAAK,CAAC,gDAAgD,CAAC,CAAC;QACpE,CAAC;QACD,MAAM,gBAAgB,GAAG,IAAI,UAAU,CAAC,mBAAmB,CAAC,CAAC;QAC7D,gBAAgB,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;QACjC,MAAM,CAAC,IAAI,GAAG;YACZ,OAAO,EAAE,KAAK,CAAC,IAAI,CAAC,gBAAgB,CAAC;YACrC,GAAG,EAAE,UAAU,CAAC,MAAM;SACvB,CAAA;QACD,mEAAmE;QACnE,sDAAsD;QACtD,8FAA8F;QAC9F,MAAM,CAAC,oBAAoB,GAAG,SAAS,CAAC,MAAM,GAAG,CAAC,CAAC;IACrD,CAAC;SAAM,CAAC;QACN,uCAAuC;QACvC,+GAA+G;QAC/G,wCAAwC;QACxC,kGAAkG;QAClG,0FAA0F;QAC1F,MAAM,aAAa,GAAG,IAAI,CAAC,UAAU,CAAC,CAAC;QACvC,MAAM,uBAAuB,GAAG,qBAAqB,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAChE,aAAa,CAAC,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC,CACnC,CAAC;QACF,MAAM,YAAY,GAAG,IAAI,CAAC,GAAG,CAAC,GAAG,uBAAuB,CAAC,CAAC;QAC1D,MAAM,iBAAiB,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,YAAY,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,wBAAwB;QAEtF,MAAM,UAAU,GAAG,SAAS,CAAC,MAAM,GAAG,iBAAiB,GAAG,CAAC,CAAC,CAAC,iBAAiB;QAE9E,6BAA6B;QAC7B,MAAM,EAAE,WAAW,EAAE,aAAa,EAAE,GAClC,MAAM,qBAAqB,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC;QAEtD,kDAAkD;QAClD,IAAI,aAAa,CAAC,MAAM,GAAG,mBAAmB,EAAE,CAAC;YAC/C,MAAM,IAAI,KAAK,CAAC,8DAA8D,CAAC,CAAC;QAClF,CAAC;QAED,MAAM,mBAAmB,GAAG,IAAI,UAAU,CAAC,mBAAmB,CAAC,CAAC;QAChE,mBAAmB,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;QAEvC,MAAM,CAAC,YAAY,GAAG;YACpB,OAAO,EAAE,KAAK,CAAC,IAAI,CAAC,mBAAmB,CAAC;YACxC,GAAG,EAAE,aAAa,CAAC,MAAM;SAC1B,CAAC;QACF,MAAM,CAAC,YAAY,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QAC9C,MAAM,CAAC,gBAAgB,GAAG,UAAU,CAAC,MAAM,CAAC;QAE5C,uFAAuF;QACvF,+FAA+F;QAC/F,qGAAqG;QACrG,6BAA6B;QAC7B,+GAA+G;QAC/G,MAAM,cAAc,GAAG,UAAU,CAAC,MAAM,GAAG,aAAa,CAAC,MAAM,CAAC;QAChE,MAAM,2BAA2B,GAAG,cAAc,GAAG,CAAC,SAAS,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;QAC5E,MAAM,gBAAgB,GAAG,CAAC,GAAG,CAAC,2BAA2B,GAAG,CAAC,CAAC,CAAC;QAC/D,MAAM,CAAC,oBAAoB,GAAG,gBAAgB,CAAC;IACjD,CAAC;IAED,OAAO,MAA0B,CAAC;AACpC,CAAC;AAGD;;;;;;EAME;AACF,MAAM,UAAU,mBAAmB,CACjC,MAAc,EACd,SAAiB,EACjB,SAAiB;IAEjB,MAAM,MAAM,GAAG,EAAE,CAAC;IAClB,MAAM,IAAI,GAAG,CAAC,EAAE,IAAI,MAAM,CAAC,SAAS,CAAC,CAAC,GAAG,EAAE,CAAC;IAC5C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,SAAS,EAAE,CAAC,EAAE,EAAE,CAAC;QACnC,MAAM,KAAK,GAAG,CAAC,MAAM,GAAG,CAAC,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC;QACxE,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACrB,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC"}
package/dist/partial-sha.d.ts ADDED
@@ -0,0 +1,5 @@
1
+ export declare function generatePartialSHA256(data: Uint8Array, hashUntilIndex: number): Promise<{
2
+ partialHash: Uint32Array<ArrayBuffer>;
3
+ remainingData: Uint8Array<ArrayBuffer>;
4
+ }>;
5
+ //# sourceMappingURL=partial-sha.d.ts.map
package/dist/partial-sha.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"partial-sha.d.ts","sourceRoot":"","sources":["../src/partial-sha.ts"],"names":[],"mappings":"AACA,wBAAsB,qBAAqB,CAAC,IAAI,EAAE,UAAU,EAAE,cAAc,EAAE,MAAM;;;GA4BnF"}
package/dist/partial-sha.js ADDED
@@ -0,0 +1,89 @@
1
+ // Returns the intermediate SHA256 hash of the data
2
+ export async function generatePartialSHA256(data, hashUntilIndex) {
3
+ if (typeof data === 'string') {
4
+ const encoder = new TextEncoder();
5
+ data = encoder.encode(data); // Convert string to Uint8Array
6
+ }
7
+ const blockSize = 64; // 512 bits
8
+ const blockIndex = Math.floor(hashUntilIndex / blockSize);
9
+ const H = new Uint32Array([
10
+ 0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a,
11
+ 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19
12
+ ]);
13
+ for (let i = 0; i < blockIndex; i++) {
14
+ if (i * blockSize >= data.length) {
15
+ throw new Error('Block index out of range.');
16
+ }
17
+ const block = new Uint8Array(blockSize);
18
+ block.set(data.slice(i * blockSize, (i + 1) * blockSize));
19
+ sha256Block(H, block);
20
+ }
21
+ // Get the intermediate digest (this is **not** the final hash)
22
+ return {
23
+ partialHash: H,
24
+ remainingData: data.slice(blockIndex * blockSize)
25
+ };
26
+ }
27
+ /**
28
+ * SHA-256 constants (first 32 bits of fractional parts of cube roots of primes)
29
+ */
30
+ const K = [
31
+ 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
32
+ 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
33
+ 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
34
+ 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
35
+ 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
36
+ 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
37
+ 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
38
+ 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
39
+ ];
40
+ /**
41
+ * Rotate right function (SHA-256 bitwise operations)
42
+ */
43
+ function rotr(n, x) {
44
+ return (x >>> n) | (x << (32 - n));
45
+ }
46
+ /**
47
+ * SHA-256 Compression Function (Processes 64-byte blocks)
48
+ */
49
+ function sha256Block(H, block) {
50
+ let w = new Uint32Array(64);
51
+ let a = H[0], b = H[1], c = H[2], d = H[3];
52
+ let e = H[4], f = H[5], g = H[6], h = H[7];
53
+ // Convert block into 32-bit words
54
+ for (let i = 0; i < 16; i++) {
55
+ w[i] = (block[i * 4] << 24) | (block[i * 4 + 1] << 16) | (block[i * 4 + 2] << 8) | block[i * 4 + 3];
56
+ }
57
+ for (let i = 16; i < 64; i++) {
58
+ const s0 = rotr(7, w[i - 15]) ^ rotr(18, w[i - 15]) ^ (w[i - 15] >>> 3);
59
+ const s1 = rotr(17, w[i - 2]) ^ rotr(19, w[i - 2]) ^ (w[i - 2] >>> 10);
60
+ w[i] = (w[i - 16] + s0 + w[i - 7] + s1) >>> 0;
61
+ }
62
+ // Main compression loop
63
+ for (let i = 0; i < 64; i++) {
64
+ const S1 = rotr(6, e) ^ rotr(11, e) ^ rotr(25, e);
65
+ const ch = (e & f) ^ (~e & g);
66
+ const temp1 = (h + S1 + ch + K[i] + w[i]) >>> 0;
67
+ const S0 = rotr(2, a) ^ rotr(13, a) ^ rotr(22, a);
68
+ const maj = (a & b) ^ (a & c) ^ (b & c);
69
+ const temp2 = (S0 + maj) >>> 0;
70
+ h = g;
71
+ g = f;
72
+ f = e;
73
+ e = (d + temp1) >>> 0;
74
+ d = c;
75
+ c = b;
76
+ b = a;
77
+ a = (temp1 + temp2) >>> 0;
78
+ }
79
+ // Update intermediate hash values
80
+ H[0] = (H[0] + a) >>> 0;
81
+ H[1] = (H[1] + b) >>> 0;
82
+ H[2] = (H[2] + c) >>> 0;
83
+ H[3] = (H[3] + d) >>> 0;
84
+ H[4] = (H[4] + e) >>> 0;
85
+ H[5] = (H[5] + f) >>> 0;
86
+ H[6] = (H[6] + g) >>> 0;
87
+ H[7] = (H[7] + h) >>> 0;
88
+ }
89
+ //# sourceMappingURL=partial-sha.js.map
package/dist/partial-sha.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"partial-sha.js","sourceRoot":"","sources":["../src/partial-sha.ts"],"names":[],"mappings":"AAAA,mDAAmD;AACnD,MAAM,CAAC,KAAK,UAAU,qBAAqB,CAAC,IAAgB,EAAE,cAAsB;IAClF,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;QAC7B,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAC;QAClC,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,+BAA+B;IAC9D,CAAC;IAED,MAAM,SAAS,GAAG,EAAE,CAAC,CAAC,WAAW;IACjC,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,cAAc,GAAG,SAAS,CAAC,CAAC;IAC1D,MAAM,CAAC,GAAG,IAAI,WAAW,CAAC;QACxB,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;QAC9C,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;KAC/C,CAAC,CAAC;IAEH,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,UAAU,EAAE,CAAC,EAAE,EAAE,CAAC;QACpC,IAAI,CAAC,GAAG,SAAS,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;YACjC,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAC;QAC/C,CAAC;QAED,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,SAAS,CAAC,CAAC;QACxC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,GAAG,SAAS,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,SAAS,CAAC,CAAC,CAAC;QAC1D,WAAW,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;IACxB,CAAC;IAED,+DAA+D;IAC/D,OAAO;QACL,WAAW,EAAE,CAAC;QACd,aAAa,EAAE,IAAI,CAAC,KAAK,CAAC,UAAU,GAAG,SAAS,CAAC;KAClD,CAAA;AACH,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,GAAG;IACR,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;IAC9F,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;IAC9F,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;IAC9F,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;IAC9F,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;IAC9F,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;IAC9F,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;IAC9F,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;CAC/F,CAAC;AAEF;;EAEE;AACF,SAAS,IAAI,CAAC,CAAS,EAAE,CAAS;IAChC,OAAO,CAAC,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;AACrC,CAAC;AAED;;EAEE;AACF,SAAS,WAAW,CAAC,CAAc,EAAE,KAAiB;IACpD,IAAI,CAAC,GAAG,IAAI,WAAW,CAAC,EAAE,CAAC,CAAC;IAC5B,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IAC3C,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IAE3C,kCAAkC;IAClC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC;QAC5B,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,KAAK,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC;IACtG,CAAC;IACD,KAAK,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC;QAC7B,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC;QACxE,MAAM,EAAE,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC;QACvE,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,KAAK,CAAC,CAAC;IAChD,CAAC;IAED,wBAAwB;IACxB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC;QAC5B,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC;QAClD,MAAM,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QAC9B,MAAM,KAAK,GAAG,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC;QAChD,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC;QAClD,MAAM,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QACxC,MAAM,KAAK,GAAG,CAAC,EAAE,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC;QAE/B,CAAC,GAAG,CAAC,CAAC;QACN,CAAC,GAAG,CAAC,CAAC;QACN,CAAC,GAAG,CAAC,CAAC;QACN,CAAC,GAAG,CAAC,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC;QACtB,CAAC,GAAG,CAAC,CAAC;QACN,CAAC,GAAG,CAAC,CAAC;QACN,CAAC,GAAG,CAAC,CAAC;QACN,CAAC,GAAG,CAAC,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC;IAC5B,CAAC;IAED,kCAAkC;IAClC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC;IACxB,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC;IACxB,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC;IACxB,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC;IACxB,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC;IACxB,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC;IACxB,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC;IACxB,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC;AAC1B,CAAC"}
package/dist/proof.d.ts ADDED
@@ -0,0 +1,30 @@
1
+ /**
2
+ * Client-side ZK proof generation for JWT authentication.
3
+ *
4
+ * Runs entirely in the browser:
5
+ * 1. Parse JWT + fetch JWKS → build circuit witness
6
+ * 2. @noir-lang/noir_js → generate ACIR witness from compiled circuit
7
+ * 3. @aztec/bb.js → generate UltraHonk proof via WASM
8
+ *
9
+ * Expected time: ~2-7 seconds in a modern browser.
10
+ */
11
+ import type { IdTokenClaims } from "./types";
12
+ /** Proof generation result. */
13
+ export interface ProofResult {
14
+ proof: Uint8Array;
15
+ publicInputs: string[];
16
+ claims: IdTokenClaims;
17
+ }
18
+ /**
19
+ * Generate a ZK proof that a JWT is valid — entirely client-side.
20
+ *
21
+ * @param jwt — raw JWT string (header.payload.signature)
22
+ * @param sessionPubHex — 33-byte compressed secp256k1 session public key (hex)
23
+ * @returns proof bytes, public inputs, and decoded claims
24
+ */
25
+ export declare function generateJWTProof(jwt: string, sessionPubHex: string): Promise<ProofResult>;
26
+ /**
27
+ * Get the RSA modulus bytes for a JWT (for the node auth request).
28
+ */
29
+ export declare function getJWTModulusBytes(jwt: string): Promise<Uint8Array>;
30
+ //# sourceMappingURL=proof.d.ts.map
package/dist/proof.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"proof.d.ts","sourceRoot":"","sources":["../src/proof.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AASH,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AAE7C,+BAA+B;AAC/B,MAAM,WAAW,WAAW;IAC1B,KAAK,EAAE,UAAU,CAAC;IAClB,YAAY,EAAE,MAAM,EAAE,CAAC;IACvB,MAAM,EAAE,aAAa,CAAC;CACvB;AAKD;;;;;;GAMG;AACH,wBAAsB,gBAAgB,CACpC,GAAG,EAAE,MAAM,EACX,aAAa,EAAE,MAAM,GACpB,OAAO,CAAC,WAAW,CAAC,CA2CtB;AAED;;GAEG;AACH,wBAAsB,kBAAkB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,CAAC,CAUzE"}
package/dist/proof.js ADDED
@@ -0,0 +1,72 @@
1
+ /**
2
+ * Client-side ZK proof generation for JWT authentication.
3
+ *
4
+ * Runs entirely in the browser:
5
+ * 1. Parse JWT + fetch JWKS → build circuit witness
6
+ * 2. @noir-lang/noir_js → generate ACIR witness from compiled circuit
7
+ * 3. @aztec/bb.js → generate UltraHonk proof via WASM
8
+ *
9
+ * Expected time: ~2-7 seconds in a modern browser.
10
+ */
11
+ import { Noir } from "@noir-lang/noir_js";
12
+ import { UltraHonkBackend } from "@aztec/bb.js";
13
+ import { jwt as jwtArtifacts, assertBbJsVersion } from "@oleary-labs/signet-circuits";
14
+ import { decodeIdToken } from "./oauth";
15
+ import { getJWKSKeyForKid, decodeModulusBytes } from "./jwks";
16
+ import { buildFullWitness } from "./witness";
17
+ import { hexToBytes } from "./session";
18
+ // Circuit artifact from @signet/circuits — embedded at build time.
19
+ const circuit = jwtArtifacts.circuit;
20
+ /**
21
+ * Generate a ZK proof that a JWT is valid — entirely client-side.
22
+ *
23
+ * @param jwt — raw JWT string (header.payload.signature)
24
+ * @param sessionPubHex — 33-byte compressed secp256k1 session public key (hex)
25
+ * @returns proof bytes, public inputs, and decoded claims
26
+ */
27
+ export async function generateJWTProof(jwt, sessionPubHex) {
28
+ // 1. Parse JWT and decode claims
29
+ const parts = jwt.split(".");
30
+ const headerB64 = parts[0];
31
+ const header = JSON.parse(atob(headerB64.replace(/-/g, "+").replace(/_/g, "/")));
32
+ const claims = decodeIdToken(jwt);
33
+ // 2. Fetch the RSA key from the issuer's JWKS
34
+ const jwksKey = await getJWKSKeyForKid(header.kid, claims.iss);
35
+ const jsonWebKey = {
36
+ kty: jwksKey.kty,
37
+ n: jwksKey.n,
38
+ e: jwksKey.e,
39
+ alg: jwksKey.alg,
40
+ };
41
+ // 3. Build full circuit witness
42
+ const sessionPubBytes = Array.from(hexToBytes(sessionPubHex));
43
+ const witness = await buildFullWitness(jwt, jsonWebKey, claims, sessionPubBytes);
44
+ // 4. Version check — fail fast if bb.js doesn't match the circuit artifacts.
45
+ await assertBbJsVersion();
46
+ // 5. Generate ACIR witness from compiled circuit
47
+ // eslint-disable-next-line @typescript-eslint/no-explicit-any
48
+ const noir = new Noir(circuit);
49
+ // eslint-disable-next-line @typescript-eslint/no-explicit-any
50
+ const { witness: acirWitness } = await noir.execute(witness);
51
+ // 6. Generate UltraHonk proof via bb.js WASM
52
+ // eslint-disable-next-line @typescript-eslint/no-explicit-any
53
+ const backend = new UltraHonkBackend(circuit.bytecode);
54
+ const proofData = await backend.generateProof(acirWitness);
55
+ await backend.destroy();
56
+ return {
57
+ proof: proofData.proof,
58
+ publicInputs: proofData.publicInputs,
59
+ claims,
60
+ };
61
+ }
62
+ /**
63
+ * Get the RSA modulus bytes for a JWT (for the node auth request).
64
+ */
65
+ export async function getJWTModulusBytes(jwt) {
66
+ const parts = jwt.split(".");
67
+ const header = JSON.parse(atob(parts[0].replace(/-/g, "+").replace(/_/g, "/")));
68
+ const claims = JSON.parse(atob(parts[1].replace(/-/g, "+").replace(/_/g, "/")));
69
+ const jwksKey = await getJWKSKeyForKid(header.kid, claims.iss);
70
+ return decodeModulusBytes(jwksKey.n);
71
+ }
72
+ //# sourceMappingURL=proof.js.map
package/dist/proof.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"proof.js","sourceRoot":"","sources":["../src/proof.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EAAE,IAAI,EAAE,MAAM,oBAAoB,CAAC;AAC1C,OAAO,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAC;AAChD,OAAO,EAAE,GAAG,IAAI,YAAY,EAAE,iBAAiB,EAAE,MAAM,8BAA8B,CAAC;AACtF,OAAO,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AACxC,OAAO,EAAE,gBAAgB,EAAE,kBAAkB,EAAE,MAAM,QAAQ,CAAC;AAC9D,OAAO,EAAE,gBAAgB,EAAE,MAAM,WAAW,CAAC;AAC7C,OAAO,EAAE,UAAU,EAAE,MAAM,WAAW,CAAC;AAUvC,mEAAmE;AACnE,MAAM,OAAO,GAAG,YAAY,CAAC,OAAO,CAAC;AAErC;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,gBAAgB,CACpC,GAAW,EACX,aAAqB;IAErB,iCAAiC;IACjC,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC7B,MAAM,SAAS,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;IAC3B,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CACvB,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,CACtD,CAAC;IACF,MAAM,MAAM,GAAG,aAAa,CAAC,GAAG,CAAC,CAAC;IAElC,8CAA8C;IAC9C,MAAM,OAAO,GAAG,MAAM,gBAAgB,CAAC,MAAM,CAAC,GAAG,EAAE,MAAM,CAAC,GAAG,CAAC,CAAC;IAC/D,MAAM,UAAU,GAAe;QAC7B,GAAG,EAAE,OAAO,CAAC,GAAG;QAChB,CAAC,EAAE,OAAO,CAAC,CAAC;QACZ,CAAC,EAAE,OAAO,CAAC,CAAC;QACZ,GAAG,EAAE,OAAO,CAAC,GAAG;KACjB,CAAC;IAEF,gCAAgC;IAChC,MAAM,eAAe,GAAG,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC,CAAC;IAC9D,MAAM,OAAO,GAAG,MAAM,gBAAgB,CAAC,GAAG,EAAE,UAAU,EAAE,MAAM,EAAE,eAAe,CAAC,CAAC;IAEjF,6EAA6E;IAC7E,MAAM,iBAAiB,EAAE,CAAC;IAE1B,iDAAiD;IACjD,8DAA8D;IAC9D,MAAM,IAAI,GAAG,IAAI,IAAI,CAAC,OAAc,CAAC,CAAC;IACtC,8DAA8D;IAC9D,MAAM,EAAE,OAAO,EAAE,WAAW,EAAE,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,OAAc,CAAC,CAAC;IAEpE,6CAA6C;IAC7C,8DAA8D;IAC9D,MAAM,OAAO,GAAG,IAAI,gBAAgB,CAAE,OAAe,CAAC,QAAQ,CAAC,CAAC;IAChE,MAAM,SAAS,GAAG,MAAM,OAAO,CAAC,aAAa,CAAC,WAAW,CAAC,CAAC;IAE3D,MAAM,OAAO,CAAC,OAAO,EAAE,CAAC;IAExB,OAAO;QACL,KAAK,EAAE,SAAS,CAAC,KAAK;QACtB,YAAY,EAAE,SAAS,CAAC,YAAY;QACpC,MAAM;KACP,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CAAC,GAAW;IAClD,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC7B,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CACvB,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,CACrD,CAAC;IACF,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CACvB,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,CACrD,CAAC;IACF,MAAM,OAAO,GAAG,MAAM,gBAAgB,CAAC,MAAM,CAAC,GAAG,EAAE,MAAM,CAAC,GAAG,CAAC,CAAC;IAC/D,OAAO,kBAAkB,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;AACvC,CAAC"}
package/dist/witness.d.ts ADDED
@@ -0,0 +1,51 @@
1
+ /**
2
+ * ZK proof witness construction for the jwt_auth noir circuit.
3
+ *
4
+ * Uses generateInputs from noir-jwt for the core RSA/JWT witness,
5
+ * then adds the claim assertions and session_pub binding that our
6
+ * circuit requires.
7
+ */
8
+ import type { IdTokenClaims } from "./types";
9
+ /** Full witness for the jwt_auth circuit (Prover.toml format). */
10
+ export interface FullCircuitWitness {
11
+ data: {
12
+ storage: number[];
13
+ len: number;
14
+ };
15
+ base64_decode_offset: number;
16
+ pubkey_modulus_limbs: string[];
17
+ redc_params_limbs: string[];
18
+ signature_limbs: string[];
19
+ expected_iss: {
20
+ storage: number[];
21
+ len: number;
22
+ };
23
+ expected_sub: {
24
+ storage: number[];
25
+ len: number;
26
+ };
27
+ expected_exp: number;
28
+ expected_aud: {
29
+ storage: number[];
30
+ len: number;
31
+ };
32
+ expected_azp: {
33
+ storage: number[];
34
+ len: number;
35
+ };
36
+ _session_pub: number[];
37
+ }
38
+ /**
39
+ * Build full circuit witness from a JWT, JWKS key, and session public key.
40
+ *
41
+ * @param jwt — raw JWT string
42
+ * @param jwksKey — the RSA public key from Google JWKS (as JsonWebKey)
43
+ * @param claims — decoded JWT claims
44
+ * @param sessionPubBytes — 33-byte compressed secp256k1 session public key
45
+ */
46
+ export declare function buildFullWitness(jwt: string, jwksKey: JsonWebKey, claims: IdTokenClaims, sessionPubBytes: number[]): Promise<FullCircuitWitness>;
47
+ /**
48
+ * Serialize a FullCircuitWitness to Prover.toml format for nargo.
49
+ */
50
+ export declare function witnessToProverToml(w: FullCircuitWitness): string;
51
+ //# sourceMappingURL=witness.d.ts.map
package/dist/witness.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"witness.d.ts","sourceRoot":"","sources":["../src/witness.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAGH,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AAE7C,kEAAkE;AAClE,MAAM,WAAW,kBAAkB;IAEjC,IAAI,EAAE;QAAE,OAAO,EAAE,MAAM,EAAE,CAAC;QAAC,GAAG,EAAE,MAAM,CAAA;KAAE,CAAC;IACzC,oBAAoB,EAAE,MAAM,CAAC;IAC7B,oBAAoB,EAAE,MAAM,EAAE,CAAC;IAC/B,iBAAiB,EAAE,MAAM,EAAE,CAAC;IAC5B,eAAe,EAAE,MAAM,EAAE,CAAC;IAG1B,YAAY,EAAE;QAAE,OAAO,EAAE,MAAM,EAAE,CAAC;QAAC,GAAG,EAAE,MAAM,CAAA;KAAE,CAAC;IACjD,YAAY,EAAE;QAAE,OAAO,EAAE,MAAM,EAAE,CAAC;QAAC,GAAG,EAAE,MAAM,CAAA;KAAE,CAAC;IACjD,YAAY,EAAE,MAAM,CAAC;IACrB,YAAY,EAAE;QAAE,OAAO,EAAE,MAAM,EAAE,CAAC;QAAC,GAAG,EAAE,MAAM,CAAA;KAAE,CAAC;IACjD,YAAY,EAAE;QAAE,OAAO,EAAE,MAAM,EAAE,CAAC;QAAC,GAAG,EAAE,MAAM,CAAA;KAAE,CAAC;IAGjD,YAAY,EAAE,MAAM,EAAE,CAAC;CACxB;AAED;;;;;;;GAOG;AACH,wBAAsB,gBAAgB,CACpC,GAAG,EAAE,MAAM,EACX,OAAO,EAAE,UAAU,EACnB,MAAM,EAAE,aAAa,EACrB,eAAe,EAAE,MAAM,EAAE,GACxB,OAAO,CAAC,kBAAkB,CAAC,CA8B7B;AAED;;GAEG;AACH,wBAAgB,mBAAmB,CAAC,CAAC,EAAE,kBAAkB,GAAG,MAAM,CA8BjE"}
package/dist/witness.js ADDED
@@ -0,0 +1,81 @@
1
+ /**
2
+ * ZK proof witness construction for the jwt_auth noir circuit.
3
+ *
4
+ * Uses generateInputs from noir-jwt for the core RSA/JWT witness,
5
+ * then adds the claim assertions and session_pub binding that our
6
+ * circuit requires.
7
+ */
8
+ import { generateInputs } from "./generate-inputs";
9
+ /**
10
+ * Build full circuit witness from a JWT, JWKS key, and session public key.
11
+ *
12
+ * @param jwt — raw JWT string
13
+ * @param jwksKey — the RSA public key from Google JWKS (as JsonWebKey)
14
+ * @param claims — decoded JWT claims
15
+ * @param sessionPubBytes — 33-byte compressed secp256k1 session public key
16
+ */
17
+ export async function buildFullWitness(jwt, jwksKey, claims, sessionPubBytes) {
18
+ // Generate core JWT/RSA inputs using noir-jwt library
19
+ const inputs = await generateInputs({
20
+ jwt,
21
+ pubkey: jwksKey,
22
+ maxSignedDataLength: 1024,
23
+ });
24
+ if (!inputs.data) {
25
+ throw new Error("Expected full data mode (no partial SHA)");
26
+ }
27
+ return {
28
+ // Core JWT/RSA witness
29
+ data: inputs.data,
30
+ base64_decode_offset: inputs.base64_decode_offset,
31
+ pubkey_modulus_limbs: inputs.pubkey_modulus_limbs,
32
+ redc_params_limbs: inputs.redc_params_limbs,
33
+ signature_limbs: inputs.signature_limbs,
34
+ // Claim assertions
35
+ expected_iss: toBoundedVec(claims.iss, 128),
36
+ expected_sub: toBoundedVec(claims.sub, 128),
37
+ expected_exp: claims.exp,
38
+ expected_aud: toBoundedVec(claims.aud, 128),
39
+ expected_azp: toBoundedVec(claims.azp, 128),
40
+ // Session binding
41
+ _session_pub: sessionPubBytes,
42
+ };
43
+ }
44
+ /**
45
+ * Serialize a FullCircuitWitness to Prover.toml format for nargo.
46
+ */
47
+ export function witnessToProverToml(w) {
48
+ const lines = [];
49
+ // Bare keys must come before [table] sections in TOML
50
+ lines.push(`base64_decode_offset = ${w.base64_decode_offset}`);
51
+ lines.push(`expected_exp = ${w.expected_exp}`);
52
+ lines.push(`redc_params_limbs = [${w.redc_params_limbs.map((l) => `"${l}"`).join(", ")}]`);
53
+ lines.push(`signature_limbs = [${w.signature_limbs.map((l) => `"${l}"`).join(", ")}]`);
54
+ lines.push(`pubkey_modulus_limbs = [${w.pubkey_modulus_limbs.map((l) => `"${l}"`).join(", ")}]`);
55
+ lines.push(`_session_pub = [${w._session_pub.join(", ")}]`);
56
+ lines.push("");
57
+ // BoundedVec tables
58
+ lines.push("[data]");
59
+ lines.push(`storage = [${w.data.storage.join(", ")}]`);
60
+ lines.push(`len = ${w.data.len}`);
61
+ lines.push("");
62
+ writeBoundedVecToml(lines, "expected_iss", w.expected_iss);
63
+ writeBoundedVecToml(lines, "expected_sub", w.expected_sub);
64
+ writeBoundedVecToml(lines, "expected_aud", w.expected_aud);
65
+ writeBoundedVecToml(lines, "expected_azp", w.expected_azp);
66
+ return lines.join("\n");
67
+ }
68
+ function toBoundedVec(value, maxLen) {
69
+ const storage = new Array(maxLen).fill(0);
70
+ for (let i = 0; i < value.length; i++) {
71
+ storage[i] = value.charCodeAt(i);
72
+ }
73
+ return { storage, len: value.length };
74
+ }
75
+ function writeBoundedVecToml(lines, name, vec) {
76
+ lines.push(`[${name}]`);
77
+ lines.push(`storage = [${vec.storage.join(", ")}]`);
78
+ lines.push(`len = ${vec.len}`);
79
+ lines.push("");
80
+ }
81
+ //# sourceMappingURL=witness.js.map
package/dist/witness.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"witness.js","sourceRoot":"","sources":["../src/witness.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AAuBnD;;;;;;;GAOG;AACH,MAAM,CAAC,KAAK,UAAU,gBAAgB,CACpC,GAAW,EACX,OAAmB,EACnB,MAAqB,EACrB,eAAyB;IAEzB,sDAAsD;IACtD,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC;QAClC,GAAG;QACH,MAAM,EAAE,OAAO;QACf,mBAAmB,EAAE,IAAI;KAC1B,CAAC,CAAC;IAEH,IAAI,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;QACjB,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC;IAC9D,CAAC;IAED,OAAO;QACL,uBAAuB;QACvB,IAAI,EAAE,MAAM,CAAC,IAAI;QACjB,oBAAoB,EAAE,MAAM,CAAC,oBAAoB;QACjD,oBAAoB,EAAE,MAAM,CAAC,oBAAoB;QACjD,iBAAiB,EAAE,MAAM,CAAC,iBAAiB;QAC3C,eAAe,EAAE,MAAM,CAAC,eAAe;QAEvC,mBAAmB;QACnB,YAAY,EAAE,YAAY,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,CAAC;QAC3C,YAAY,EAAE,YAAY,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,CAAC;QAC3C,YAAY,EAAE,MAAM,CAAC,GAAG;QACxB,YAAY,EAAE,YAAY,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,CAAC;QAC3C,YAAY,EAAE,YAAY,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,CAAC;QAE3C,kBAAkB;QAClB,YAAY,EAAE,eAAe;KAC9B,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,mBAAmB,CAAC,CAAqB;IACvD,MAAM,KAAK,GAAa,EAAE,CAAC;IAE3B,sDAAsD;IACtD,KAAK,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC,oBAAoB,EAAE,CAAC,CAAC;IAC/D,KAAK,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC,YAAY,EAAE,CAAC,CAAC;IAC/C,KAAK,CAAC,IAAI,CACR,wBAAwB,CAAC,CAAC,iBAAiB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAC/E,CAAC;IACF,KAAK,CAAC,IAAI,CACR,sBAAsB,CAAC,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAC3E,CAAC;IACF,KAAK,CAAC,IAAI,CACR,2BAA2B,CAAC,CAAC,oBAAoB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CACrF,CAAC;IACF,KAAK,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAC5D,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAEf,oBAAoB;IACpB,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IACrB,KAAK,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACvD,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;IAClC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAEf,mBAAmB,CAAC,KAAK,EAAE,cAAc,EAAE,CAAC,CAAC,YAAY,CAAC,CAAC;IAC3D,mBAAmB,CAAC,KAAK,EAAE,cAAc,EAAE,CAAC,CAAC,YAAY,CAAC,CAAC;IAC3D,mBAAmB,CAAC,KAAK,EAAE,cAAc,EAAE,CAAC,CAAC,YAAY,CAAC,CAAC;IAC3D,mBAAmB,CAAC,KAAK,EAAE,cAAc,EAAE,CAAC,CAAC,YAAY,CAAC,CAAC;IAE3D,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED,SAAS,YAAY,CACnB,KAAa,EACb,MAAc;IAEd,MAAM,OAAO,GAAG,IAAI,KAAK,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAC1C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,OAAO,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;IACnC,CAAC;IACD,OAAO,EAAE,OAAO,EAAE,GAAG,EAAE,KAAK,CAAC,MAAM,EAAE,CAAC;AACxC,CAAC;AAED,SAAS,mBAAmB,CAC1B,KAAe,EACf,IAAY,EACZ,GAAuC;IAEvC,KAAK,CAAC,IAAI,CAAC,IAAI,IAAI,GAAG,CAAC,CAAC;IACxB,KAAK,CAAC,IAAI,CAAC,cAAc,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACpD,KAAK,CAAC,IAAI,CAAC,SAAS,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC;IAC/B,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;AACjB,CAAC"}
package/package.json CHANGED
@@ -1,31 +1,91 @@
1
1
  {
2
2
  "name": "@oleary-labs/signet-sdk",
3
- "version": "0.1.0",
3
+ "version": "0.2.0",
4
4
  "description": "Signet DKMS SDK — threshold signing, key management, delegation, and x402 payments",
5
5
  "type": "module",
6
6
  "main": "./dist/index.js",
7
7
  "types": "./dist/index.d.ts",
8
8
  "exports": {
9
- ".": { "import": "./dist/index.js", "types": "./dist/index.d.ts" },
10
- "./session": { "import": "./dist/session.js", "types": "./dist/session.d.ts" },
11
- "./request": { "import": "./dist/request.js", "types": "./dist/request.d.ts" },
12
- "./keygen": { "import": "./dist/keygen.js", "types": "./dist/keygen.d.ts" },
13
- "./types": { "import": "./dist/types.js", "types": "./dist/types.d.ts" },
14
- "./jwks": { "import": "./dist/jwks.js", "types": "./dist/jwks.d.ts" },
15
- "./oauth": { "import": "./dist/oauth.js", "types": "./dist/oauth.d.ts" },
16
- "./bootstrap": { "import": "./dist/bootstrap.js", "types": "./dist/bootstrap.d.ts" },
17
- "./authkey-session": { "import": "./dist/authkey-session.js", "types": "./dist/authkey-session.d.ts" },
18
- "./proof": { "import": "./dist/proof.js", "types": "./dist/proof.d.ts" },
19
- "./server-prover": { "import": "./dist/server-prover.js", "types": "./dist/server-prover.d.ts" },
20
- "./witness": { "import": "./dist/witness.js", "types": "./dist/witness.d.ts" },
21
- "./jwt": { "import": "./dist/jwt.js", "types": "./dist/jwt.d.ts" },
22
- "./admin": { "import": "./dist/admin.js", "types": "./dist/admin.d.ts" },
23
- "./delegate": { "import": "./dist/delegate.js", "types": "./dist/delegate.d.ts" },
24
- "./scopedSign": { "import": "./dist/scopedSign.js", "types": "./dist/scopedSign.d.ts" },
25
- "./frostVerify": { "import": "./dist/frostVerify.js", "types": "./dist/frostVerify.d.ts" },
26
- "./x402": { "import": "./dist/x402.js", "types": "./dist/x402.d.ts" },
27
- "./userop": { "import": "./dist/userop.js", "types": "./dist/userop.d.ts" },
28
- "./bundler": { "import": "./dist/bundler.js", "types": "./dist/bundler.d.ts" }
9
+ ".": {
10
+ "import": "./dist/index.js",
11
+ "types": "./dist/index.d.ts"
12
+ },
13
+ "./session": {
14
+ "import": "./dist/session.js",
15
+ "types": "./dist/session.d.ts"
16
+ },
17
+ "./request": {
18
+ "import": "./dist/request.js",
19
+ "types": "./dist/request.d.ts"
20
+ },
21
+ "./keygen": {
22
+ "import": "./dist/keygen.js",
23
+ "types": "./dist/keygen.d.ts"
24
+ },
25
+ "./types": {
26
+ "import": "./dist/types.js",
27
+ "types": "./dist/types.d.ts"
28
+ },
29
+ "./jwks": {
30
+ "import": "./dist/jwks.js",
31
+ "types": "./dist/jwks.d.ts"
32
+ },
33
+ "./oauth": {
34
+ "import": "./dist/oauth.js",
35
+ "types": "./dist/oauth.d.ts"
36
+ },
37
+ "./bootstrap": {
38
+ "import": "./dist/bootstrap.js",
39
+ "types": "./dist/bootstrap.d.ts"
40
+ },
41
+ "./authkey-session": {
42
+ "import": "./dist/authkey-session.js",
43
+ "types": "./dist/authkey-session.d.ts"
44
+ },
45
+ "./proof": {
46
+ "import": "./dist/proof.js",
47
+ "types": "./dist/proof.d.ts"
48
+ },
49
+ "./server-prover": {
50
+ "import": "./dist/server-prover.js",
51
+ "types": "./dist/server-prover.d.ts"
52
+ },
53
+ "./witness": {
54
+ "import": "./dist/witness.js",
55
+ "types": "./dist/witness.d.ts"
56
+ },
57
+ "./jwt": {
58
+ "import": "./dist/jwt.js",
59
+ "types": "./dist/jwt.d.ts"
60
+ },
61
+ "./admin": {
62
+ "import": "./dist/admin.js",
63
+ "types": "./dist/admin.d.ts"
64
+ },
65
+ "./delegate": {
66
+ "import": "./dist/delegate.js",
67
+ "types": "./dist/delegate.d.ts"
68
+ },
69
+ "./scopedSign": {
70
+ "import": "./dist/scopedSign.js",
71
+ "types": "./dist/scopedSign.d.ts"
72
+ },
73
+ "./frostVerify": {
74
+ "import": "./dist/frostVerify.js",
75
+ "types": "./dist/frostVerify.d.ts"
76
+ },
77
+ "./x402": {
78
+ "import": "./dist/x402.js",
79
+ "types": "./dist/x402.d.ts"
80
+ },
81
+ "./userop": {
82
+ "import": "./dist/userop.js",
83
+ "types": "./dist/userop.d.ts"
84
+ },
85
+ "./bundler": {
86
+ "import": "./dist/bundler.js",
87
+ "types": "./dist/bundler.d.ts"
88
+ }
29
89
  },
30
90
  "files": [
31
91
  "dist",
@@ -38,14 +98,20 @@
38
98
  },
39
99
  "peerDependencies": {
40
100
  "viem": ">=2.0.0",
41
- "@noir-lang/noir_js": ">=1.0.0-beta.0",
42
- "@aztec/bb.js": ">=0.80.0",
43
- "@oleary-labs/signet-circuits": ">=0.1.0"
101
+ "@noir-lang/noir_js": "1.0.0-beta.11",
102
+ "@aztec/bb.js": "0.82.2",
103
+ "@oleary-labs/signet-circuits": "0.1.0"
44
104
  },
45
105
  "peerDependenciesMeta": {
46
- "@noir-lang/noir_js": { "optional": true },
47
- "@aztec/bb.js": { "optional": true },
48
- "@oleary-labs/signet-circuits": { "optional": true }
106
+ "@noir-lang/noir_js": {
107
+ "optional": true
108
+ },
109
+ "@aztec/bb.js": {
110
+ "optional": true
111
+ },
112
+ "@oleary-labs/signet-circuits": {
113
+ "optional": true
114
+ }
49
115
  },
50
116
  "dependencies": {
51
117
  "@noble/curves": "^1.9.0",