@oleary-labs/signet-sdk 0.1.0

package/dist/bundler.js

@@ -0,0 +1,160 @@
+/**
+ * Bundler RPC client for ERC-4337 UserOperations.
+ *
+ * Framework-agnostic — all config is passed in, no env imports.
+ * Handles serialization between the packed UserOp format (used
+ * internally and for hashing) and the unpacked v0.7 RPC format
+ * expected by signet-min-bundler.
+ */
+import { concat } from "viem";
+// ---------------------------------------------------------------------------
+// Bundler RPC
+// ---------------------------------------------------------------------------
+export async function sendUserOp(bundlerUrl, entryPointAddress, userOp) {
+    const json = await bundlerRpc(bundlerUrl, "eth_sendUserOperation", [
+        serializeUserOp(userOp),
+        entryPointAddress,
+    ]);
+    return { userOpHash: json.result };
+}
+export async function getUserOpReceipt(bundlerUrl, userOpHash) {
+    const json = await bundlerRpc(bundlerUrl, "eth_getUserOperationReceipt", [
+        userOpHash,
+    ]);
+    if (!json.result)
+        return null;
+    return {
+        userOpHash: json.result.userOpHash,
+        transactionHash: json.result.transactionHash,
+        success: json.result.success,
+    };
+}
+export async function estimateUserOpGas(bundlerUrl, entryPointAddress, userOp) {
+    const json = await bundlerRpc(bundlerUrl, "eth_estimateUserOperationGas", [
+        serializeUserOp(userOp),
+        entryPointAddress,
+    ]);
+    return json.result;
+}
+// ---------------------------------------------------------------------------
+// ERC-7677 Paymaster
+// ---------------------------------------------------------------------------
+/**
+ * Call pm_getPaymasterStubData.
+ *
+ * Returns paymaster fields with a correctly-sized but zeroed signature,
+ * suitable for gas estimation. Call this BEFORE eth_estimateUserOperationGas
+ * so the estimate accounts for the paymaster's verification overhead.
+ */
+export async function getPaymasterStubData(bundlerUrl, entryPointAddress, chainId, userOp, context) {
+    return paymasterCall(bundlerUrl, entryPointAddress, chainId, "pm_getPaymasterStubData", userOp, context);
+}
+/**
+ * Call pm_getPaymasterData.
+ *
+ * Returns a real paymaster signature. The bundler first checks the
+ * paymaster contract's shouldSponsor() policy via eth_call; if sponsorship
+ * is rejected, this throws.
+ *
+ * IMPORTANT: call AFTER gas estimation, because the paymaster signs over
+ * the gas fields. Changing gas after this call invalidates the signature.
+ */
+export async function getPaymasterData(bundlerUrl, entryPointAddress, chainId, userOp, context) {
+    return paymasterCall(bundlerUrl, entryPointAddress, chainId, "pm_getPaymasterData", userOp, context);
+}
+/**
+ * Pack an ERC-7677 sponsorship response into the on-chain paymasterAndData
+ * layout expected by EntryPoint v0.7:
+ *
+ *   [paymaster:20][verifGasLimit:16][postOpGasLimit:16][paymasterData:rest]
+ *
+ * The paymaster's getHash function reads paymasterAndData[20:52] as the
+ * packed (verifGasLimit || postOpGasLimit) uint128 pair — so the returned
+ * layout must match exactly or the paymaster signature will not verify
+ * on-chain (AA34 signature error).
+ *
+ * NOTE on the bundler's wire format: signet-min-bundler's FromRPC
+ * concatenates the JSON `paymaster` + `paymasterData` fields directly
+ * into paymasterAndData. It does NOT re-insert gas-limit bytes. So when
+ * serializing for eth_sendUserOperation, the `paymasterData` on the wire
+ * already includes the packed gas limits.
+ */
+export function applyPaymasterSponsorship(userOp, s) {
+    const verifGas = BigInt(s.paymasterVerificationGasLimit);
+    const postOpGas = BigInt(s.paymasterPostOpGasLimit);
+    const packedGas = (`0x${verifGas.toString(16).padStart(32, "0")}${postOpGas.toString(16).padStart(32, "0")}`);
+    return {
+        ...userOp,
+        paymasterAndData: concat([s.paymaster, packedGas, s.paymasterData]),
+    };
+}
+// ---------------------------------------------------------------------------
+// Internal
+// ---------------------------------------------------------------------------
+async function paymasterCall(bundlerUrl, entryPointAddress, chainId, method, userOp, context) {
+    const json = await bundlerRpc(bundlerUrl, method, [
+        serializeUserOp(userOp),
+        entryPointAddress,
+        `0x${chainId.toString(16)}`,
+        context ?? {},
+    ]);
+    return {
+        paymaster: json.result.paymaster,
+        paymasterData: json.result.paymasterData,
+        paymasterVerificationGasLimit: json.result.paymasterVerificationGasLimit,
+        paymasterPostOpGasLimit: json.result.paymasterPostOpGasLimit,
+    };
+}
+// eslint-disable-next-line @typescript-eslint/no-explicit-any
+async function bundlerRpc(bundlerUrl, method, params) {
+    const res = await fetch(bundlerUrl, {
+        method: "POST",
+        headers: { "Content-Type": "application/json" },
+        body: JSON.stringify({ jsonrpc: "2.0", id: 1, method, params }),
+    });
+    const json = await res.json();
+    if (json.error) {
+        throw new Error(`${method} failed: ${json.error.message}`);
+    }
+    return json;
+}
+/**
+ * Serialize a PackedUserOperation to the unpacked v0.7 RPC format
+ * expected by signet-min-bundler.
+ *
+ * Paymaster handling: the bundler's FromRPC builds paymasterAndData by
+ * concatenating `paymaster` + `paymasterData` with no re-insertion of gas
+ * limits, so we send `paymasterData` as bytes 20..end of our stored
+ * paymasterAndData (which already includes the packed gas limits written
+ * by applyPaymasterSponsorship).
+ */
+function serializeUserOp(userOp) {
+    const gasLimitsHex = userOp.accountGasLimits.slice(2).padStart(64, "0");
+    const verificationGasLimit = `0x${BigInt("0x" + gasLimitsHex.slice(0, 32)).toString(16)}`;
+    const callGasLimit = `0x${BigInt("0x" + gasLimitsHex.slice(32, 64)).toString(16)}`;
+    const gasFeesHex = userOp.gasFees.slice(2).padStart(64, "0");
+    const maxPriorityFeePerGas = `0x${BigInt("0x" + gasFeesHex.slice(0, 32)).toString(16)}`;
+    const maxFeePerGas = `0x${BigInt("0x" + gasFeesHex.slice(32, 64)).toString(16)}`;
+    const initCodeHex = userOp.initCode.slice(2);
+    const factory = initCodeHex.length >= 40 ? `0x${initCodeHex.slice(0, 40)}` : "";
+    const factoryData = initCodeHex.length > 40 ? `0x${initCodeHex.slice(40)}` : "";
+    const pmHex = userOp.paymasterAndData.slice(2);
+    const paymaster = pmHex.length >= 40 ? `0x${pmHex.slice(0, 40)}` : "";
+    const paymasterData = pmHex.length > 40 ? `0x${pmHex.slice(40)}` : "";
+    return {
+        sender: userOp.sender,
+        nonce: `0x${userOp.nonce.toString(16)}`,
+        factory,
+        factoryData,
+        callData: userOp.callData,
+        callGasLimit,
+        verificationGasLimit,
+        preVerificationGas: `0x${userOp.preVerificationGas.toString(16)}`,
+        maxFeePerGas,
+        maxPriorityFeePerGas,
+        paymaster,
+        paymasterData,
+        signature: userOp.signature,
+    };
+}
+//# sourceMappingURL=bundler.js.map

package/dist/bundler.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"bundler.js","sourceRoot":"","sources":["../src/bundler.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAA0B,MAAM,EAAE,MAAM,MAAM,CAAC;AA8CtD,8EAA8E;AAC9E,cAAc;AACd,8EAA8E;AAE9E,MAAM,CAAC,KAAK,UAAU,UAAU,CAC9B,UAAkB,EAClB,iBAA0B,EAC1B,MAA2B;IAE3B,MAAM,IAAI,GAAG,MAAM,UAAU,CAAC,UAAU,EAAE,uBAAuB,EAAE;QACjE,eAAe,CAAC,MAAM,CAAC;QACvB,iBAAiB;KAClB,CAAC,CAAC;IACH,OAAO,EAAE,UAAU,EAAE,IAAI,CAAC,MAAM,EAAE,CAAC;AACrC,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,gBAAgB,CACpC,UAAkB,EAClB,UAAe;IAEf,MAAM,IAAI,GAAG,MAAM,UAAU,CAAC,UAAU,EAAE,6BAA6B,EAAE;QACvE,UAAU;KACX,CAAC,CAAC;IAEH,IAAI,CAAC,IAAI,CAAC,MAAM;QAAE,OAAO,IAAI,CAAC;IAE9B,OAAO;QACL,UAAU,EAAE,IAAI,CAAC,MAAM,CAAC,UAAU;QAClC,eAAe,EAAE,IAAI,CAAC,MAAM,CAAC,eAAe;QAC5C,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;KAC7B,CAAC;AACJ,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,iBAAiB,CACrC,UAAkB,EAClB,iBAA0B,EAC1B,MAA2B;IAE3B,MAAM,IAAI,GAAG,MAAM,UAAU,CAAC,UAAU,EAAE,8BAA8B,EAAE;QACxE,eAAe,CAAC,MAAM,CAAC;QACvB,iBAAiB;KAClB,CAAC,CAAC;IACH,OAAO,IAAI,CAAC,MAAM,CAAC;AACrB,CAAC;AAED,8EAA8E;AAC9E,qBAAqB;AACrB,8EAA8E;AAE9E;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,oBAAoB,CACxC,UAAkB,EAClB,iBAA0B,EAC1B,OAAe,EACf,MAA2B,EAC3B,OAA0B;IAE1B,OAAO,aAAa,CAAC,UAAU,EAAE,iBAAiB,EAAE,OAAO,EAAE,yBAAyB,EAAE,MAAM,EAAE,OAAO,CAAC,CAAC;AAC3G,CAAC;AAED;;;;;;;;;GASG;AACH,MAAM,CAAC,KAAK,UAAU,gBAAgB,CACpC,UAAkB,EAClB,iBAA0B,EAC1B,OAAe,EACf,MAA2B,EAC3B,OAA0B;IAE1B,OAAO,aAAa,CAAC,UAAU,EAAE,iBAAiB,EAAE,OAAO,EAAE,qBAAqB,EAAE,MAAM,EAAE,OAAO,CAAC,CAAC;AACvG,CAAC;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,MAAM,UAAU,yBAAyB,CACvC,MAA2B,EAC3B,CAAuB;IAEvB,MAAM,QAAQ,GAAG,MAAM,CAAC,CAAC,CAAC,6BAA6B,CAAC,CAAC;IACzD,MAAM,SAAS,GAAG,MAAM,CAAC,CAAC,CAAC,uBAAuB,CAAC,CAAC;IACpD,MAAM,SAAS,GAAG,CAAC,KAAK,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,EAAE,EAAE,GAAG,CAAC,GAAG,SAAS,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,CAAQ,CAAC;IACrH,OAAO;QACL,GAAG,MAAM;QACT,gBAAgB,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,SAAS,EAAE,SAAS,EAAE,CAAC,CAAC,aAAa,CAAC,CAAC;KACpE,CAAC;AACJ,CAAC;AAED,8EAA8E;AAC9E,WAAW;AACX,8EAA8E;AAE9E,KAAK,UAAU,aAAa,CAC1B,UAAkB,EAClB,iBAA0B,EAC1B,OAAe,EACf,MAAyD,EACzD,MAA2B,EAC3B,OAA0B;IAE1B,MAAM,IAAI,GAAG,MAAM,UAAU,CAAC,UAAU,EAAE,MAAM,EAAE;QAChD,eAAe,CAAC,MAAM,CAAC;QACvB,iBAAiB;QACjB,KAAK,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC,EAAE;QAC3B,OAAO,IAAI,EAAE;KACd,CAAC,CAAC;IAEH,OAAO;QACL,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,SAAoB;QAC3C,aAAa,EAAE,IAAI,CAAC,MAAM,CAAC,aAAoB;QAC/C,6BAA6B,EAAE,IAAI,CAAC,MAAM,CAAC,6BAAoC;QAC/E,uBAAuB,EAAE,IAAI,CAAC,MAAM,CAAC,uBAA8B;KACpE,CAAC;AACJ,CAAC;AAED,8DAA8D;AAC9D,KAAK,UAAU,UAAU,CAAC,UAAkB,EAAE,MAAc,EAAE,MAAa;IACzE,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,UAAU,EAAE;QAClC,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;QAC/C,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC;KAChE,CAAC,CAAC;IAEH,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC;IAC9B,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;QACf,MAAM,IAAI,KAAK,CAAC,GAAG,MAAM,YAAY,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;IAC7D,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;;;;;;GASG;AACH,SAAS,eAAe,CAAC,MAA2B;IAClD,MAAM,YAAY,GAAG,MAAM,CAAC,gBAAgB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC;IACxE,MAAM,oBAAoB,GAAG,KAAK,MAAM,CAAC,IAAI,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,EAAE,CAAC;IAC1F,MAAM,YAAY,GAAG,KAAK,MAAM,CAAC,IAAI,GAAG,YAAY,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,EAAE,CAAC;IAEnF,MAAM,UAAU,GAAI,MAAM,CAAC,OAAkB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC;IACzE,MAAM,oBAAoB,GAAG,KAAK,MAAM,CAAC,IAAI,GAAG,UAAU,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,EAAE,CAAC;IACxF,MAAM,YAAY,GAAG,KAAK,MAAM,CAAC,IAAI,GAAG,UAAU,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,EAAE,CAAC;IAEjF,MAAM,WAAW,GAAG,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAC7C,MAAM,OAAO,GAAG,WAAW,CAAC,MAAM,IAAI,EAAE,CAAC,CAAC,CAAC,KAAK,WAAW,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;IAChF,MAAM,WAAW,GAAG,WAAW,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC,CAAC,KAAK,WAAW,CAAC,KAAK,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;IAEhF,MAAM,KAAK,GAAG,MAAM,CAAC,gBAAgB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAC/C,MAAM,SAAS,GAAG,KAAK,CAAC,MAAM,IAAI,EAAE,CAAC,CAAC,CAAC,KAAK,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;IACtE,MAAM,aAAa,GAAG,KAAK,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC,CAAC,KAAK,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;IAEtE,OAAO;QACL,MAAM,EAAE,MAAM,CAAC,MAAM;QACrB,KAAK,EAAE,KAAK,MAAM,CAAC,KAAK,CAAC,QAAQ,CAAC,EAAE,CAAC,EAAE;QACvC,OAAO;QACP,WAAW;QACX,QAAQ,EAAE,MAAM,CAAC,QAAQ;QACzB,YAAY;QACZ,oBAAoB;QACpB,kBAAkB,EAAE,KAAK,MAAM,CAAC,kBAAkB,CAAC,QAAQ,CAAC,EAAE,CAAC,EAAE;QACjE,YAAY;QACZ,oBAAoB;QACpB,SAAS;QACT,aAAa;QACb,SAAS,EAAE,MAAM,CAAC,SAAS;KAC5B,CAAC;AACJ,CAAC"}

package/dist/delegate.d.ts

@@ -0,0 +1,57 @@
+/**
+ * Delegation token minting and delegation-based auth.
+ *
+ * Delegation tokens are JWTs signed by a parent FROST/ECDSA key that grant
+ * an agent long-lived access to a specific scoped sub-key without requiring
+ * the user's OAuth session.
+ *
+ * Flow:
+ * 1. User creates parent key + scoped sub-key via keygen
+ * 2. User calls requestDelegation() → gets a JWT signed by parent key
+ * 3. Agent calls authenticateWithDelegation() → establishes session
+ * 4. Agent signs with the scoped sub-key via the session
+ */
+import type { SessionKeypair, IdTokenClaims } from "./types";
+export interface DelegationResult {
+    token: string;
+    keyId: string;
+    parentKey: string;
+    expiresAt: number;
+}
+export interface DelegationAuthResult {
+    identity: string;
+    keyId: string;
+    expiresAt: number;
+}
+/**
+ * Request a delegation token for a scoped sub-key.
+ *
+ * Requires an active OAuth session. The node threshold-signs a JWT using
+ * the parent key, granting the token holder access to the sub-key.
+ *
+ * @param nodeUrl - Target group node URL
+ * @param proxyEndpoint - CORS proxy URL (e.g. "/api/node/proxy")
+ * @param groupId - Group contract address
+ * @param keyId - The sub-key to delegate access to
+ * @param parentKeyId - The parent key that signs the JWT
+ * @param curve - Key curve (e.g. "ecdsa_secp256k1")
+ * @param expiresIn - Token lifetime in seconds (e.g. 2592000 for 30 days)
+ * @param sessionKeypair - Active session keypair
+ * @param claims - OAuth claims for session auth
+ * @param identity - For auth key cert sessions
+ */
+export declare function requestDelegation(nodeUrl: string, proxyEndpoint: string, groupId: string, keySuffix: string, parentKeyId: string, curve: string, expiresIn: number, sessionKeypair: SessionKeypair, claims: IdTokenClaims, identity?: string): Promise<DelegationResult>;
+/**
+ * Authenticate with a node using a delegation token.
+ *
+ * The agent presents a JWT signed by the parent key. The node verifies
+ * the signature and creates a session scoped to the sub-key.
+ *
+ * @param nodeUrl - Target group node URL
+ * @param proxyEndpoint - CORS proxy URL
+ * @param groupId - Group contract address
+ * @param delegationToken - The JWT from requestDelegation()
+ * @param sessionKeypair - Fresh ephemeral session keypair for the agent
+ */
+export declare function authenticateWithDelegation(nodeUrl: string, proxyEndpoint: string, groupId: string, delegationToken: string, sessionKeypair: SessionKeypair): Promise<DelegationAuthResult>;
+//# sourceMappingURL=delegate.d.ts.map

package/dist/delegate.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"delegate.d.ts","sourceRoot":"","sources":["../src/delegate.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AAO7D,MAAM,WAAW,gBAAgB;IAC/B,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,MAAM,CAAC;IACd,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,oBAAoB;IACnC,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,MAAM,CAAC;IACd,SAAS,EAAE,MAAM,CAAC;CACnB;AAMD;;;;;;;;;;;;;;;;GAgBG;AACH,wBAAsB,iBAAiB,CACrC,OAAO,EAAE,MAAM,EACf,aAAa,EAAE,MAAM,EACrB,OAAO,EAAE,MAAM,EACf,SAAS,EAAE,MAAM,EACjB,WAAW,EAAE,MAAM,EACnB,KAAK,EAAE,MAAM,EACb,SAAS,EAAE,MAAM,EACjB,cAAc,EAAE,cAAc,EAC9B,MAAM,EAAE,aAAa,EACrB,QAAQ,CAAC,EAAE,MAAM,GAChB,OAAO,CAAC,gBAAgB,CAAC,CA8C3B;AAMD;;;;;;;;;;;GAWG;AACH,wBAAsB,0BAA0B,CAC9C,OAAO,EAAE,MAAM,EACf,aAAa,EAAE,MAAM,EACrB,OAAO,EAAE,MAAM,EACf,eAAe,EAAE,MAAM,EACvB,cAAc,EAAE,cAAc,GAC7B,OAAO,CAAC,oBAAoB,CAAC,CA0B/B"}

package/dist/delegate.js

@@ -0,0 +1,111 @@
+/**
+ * Delegation token minting and delegation-based auth.
+ *
+ * Delegation tokens are JWTs signed by a parent FROST/ECDSA key that grant
+ * an agent long-lived access to a specific scoped sub-key without requiring
+ * the user's OAuth session.
+ *
+ * Flow:
+ * 1. User creates parent key + scoped sub-key via keygen
+ * 2. User calls requestDelegation() → gets a JWT signed by parent key
+ * 3. Agent calls authenticateWithDelegation() → establishes session
+ * 4. Agent signs with the scoped sub-key via the session
+ */
+import { signKeygenRequest } from "./request";
+// ---------------------------------------------------------------------------
+// Mint delegation token (user path)
+// ---------------------------------------------------------------------------
+/**
+ * Request a delegation token for a scoped sub-key.
+ *
+ * Requires an active OAuth session. The node threshold-signs a JWT using
+ * the parent key, granting the token holder access to the sub-key.
+ *
+ * @param nodeUrl - Target group node URL
+ * @param proxyEndpoint - CORS proxy URL (e.g. "/api/node/proxy")
+ * @param groupId - Group contract address
+ * @param keyId - The sub-key to delegate access to
+ * @param parentKeyId - The parent key that signs the JWT
+ * @param curve - Key curve (e.g. "ecdsa_secp256k1")
+ * @param expiresIn - Token lifetime in seconds (e.g. 2592000 for 30 days)
+ * @param sessionKeypair - Active session keypair
+ * @param claims - OAuth claims for session auth
+ * @param identity - For auth key cert sessions
+ */
+export async function requestDelegation(nodeUrl, proxyEndpoint, groupId, keySuffix, parentKeyId, curve, expiresIn, sessionKeypair, claims, identity) {
+    // Build session-authenticated request.
+    // Try with suffix in the canonical hash — if the node resolves the key
+    // from session + suffix, the signature must cover the suffixed key ID.
+    const signReq = await signKeygenRequest(sessionKeypair, claims, groupId, keySuffix, identity);
+    const res = await fetch(proxyEndpoint, {
+        method: "POST",
+        headers: {
+            "Content-Type": "application/json",
+            "x-node-url": nodeUrl,
+            "x-node-path": "/v1/delegate",
+        },
+        body: JSON.stringify({
+            group_id: groupId.toLowerCase(),
+            key_suffix: keySuffix,
+            parent_key_id: parentKeyId,
+            curve,
+            expires_in: expiresIn,
+            session_pub: signReq.session_pub,
+            request_sig: signReq.request_sig,
+            nonce: signReq.nonce,
+            timestamp: signReq.timestamp,
+        }),
+    });
+    if (!res.ok) {
+        const body = await res.text();
+        throw new Error(`Delegation failed: ${res.status} — ${body}`);
+    }
+    const data = await res.json();
+    return {
+        token: data.token,
+        keyId: data.key_id,
+        parentKey: data.parent_key,
+        expiresAt: data.expires_at,
+    };
+}
+// ---------------------------------------------------------------------------
+// Authenticate with delegation token (agent path)
+// ---------------------------------------------------------------------------
+/**
+ * Authenticate with a node using a delegation token.
+ *
+ * The agent presents a JWT signed by the parent key. The node verifies
+ * the signature and creates a session scoped to the sub-key.
+ *
+ * @param nodeUrl - Target group node URL
+ * @param proxyEndpoint - CORS proxy URL
+ * @param groupId - Group contract address
+ * @param delegationToken - The JWT from requestDelegation()
+ * @param sessionKeypair - Fresh ephemeral session keypair for the agent
+ */
+export async function authenticateWithDelegation(nodeUrl, proxyEndpoint, groupId, delegationToken, sessionKeypair) {
+    const res = await fetch(proxyEndpoint, {
+        method: "POST",
+        headers: {
+            "Content-Type": "application/json",
+            "x-node-url": nodeUrl,
+            "x-node-path": "/v1/auth",
+        },
+        body: JSON.stringify({
+            group_id: groupId.toLowerCase(),
+            delegation_token: delegationToken,
+            session_pub: sessionKeypair.publicKeyHex,
+        }),
+    });
+    if (!res.ok) {
+        const body = await res.text();
+        throw new Error(`Delegation auth failed: ${res.status} — ${body}`);
+    }
+    const data = await res.json();
+    return {
+        identity: data.identity,
+        keyId: data.key_id,
+        expiresAt: data.expires_at,
+    };
+}
+//# sourceMappingURL=delegate.js.map

package/dist/delegate.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"delegate.js","sourceRoot":"","sources":["../src/delegate.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAGH,OAAO,EAAE,iBAAiB,EAAE,MAAM,WAAW,CAAC;AAmB9C,8EAA8E;AAC9E,oCAAoC;AACpC,8EAA8E;AAE9E;;;;;;;;;;;;;;;;GAgBG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CACrC,OAAe,EACf,aAAqB,EACrB,OAAe,EACf,SAAiB,EACjB,WAAmB,EACnB,KAAa,EACb,SAAiB,EACjB,cAA8B,EAC9B,MAAqB,EACrB,QAAiB;IAEjB,uCAAuC;IACvC,uEAAuE;IACvE,uEAAuE;IACvE,MAAM,OAAO,GAAG,MAAM,iBAAiB,CACrC,cAAc,EACd,MAAM,EACN,OAAO,EACP,SAAS,EACT,QAAQ,CACT,CAAC;IAIF,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,aAAa,EAAE;QACrC,MAAM,EAAE,MAAM;QACd,OAAO,EAAE;YACP,cAAc,EAAE,kBAAkB;YAClC,YAAY,EAAE,OAAO;YACrB,aAAa,EAAE,cAAc;SAC9B;QACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;YACnB,QAAQ,EAAE,OAAO,CAAC,WAAW,EAAE;YAC/B,UAAU,EAAE,SAAS;YACrB,aAAa,EAAE,WAAW;YAC1B,KAAK;YACL,UAAU,EAAE,SAAS;YACrB,WAAW,EAAE,OAAO,CAAC,WAAW;YAChC,WAAW,EAAE,OAAO,CAAC,WAAW;YAChC,KAAK,EAAE,OAAO,CAAC,KAAK;YACpB,SAAS,EAAE,OAAO,CAAC,SAAS;SAC7B,CAAC;KACH,CAAC,CAAC;IAEH,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;QACZ,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC;QAC9B,MAAM,IAAI,KAAK,CAAC,sBAAsB,GAAG,CAAC,MAAM,MAAM,IAAI,EAAE,CAAC,CAAC;IAChE,CAAC;IAED,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC;IAC9B,OAAO;QACL,KAAK,EAAE,IAAI,CAAC,KAAK;QACjB,KAAK,EAAE,IAAI,CAAC,MAAM;QAClB,SAAS,EAAE,IAAI,CAAC,UAAU;QAC1B,SAAS,EAAE,IAAI,CAAC,UAAU;KAC3B,CAAC;AACJ,CAAC;AAED,8EAA8E;AAC9E,kDAAkD;AAClD,8EAA8E;AAE9E;;;;;;;;;;;GAWG;AACH,MAAM,CAAC,KAAK,UAAU,0BAA0B,CAC9C,OAAe,EACf,aAAqB,EACrB,OAAe,EACf,eAAuB,EACvB,cAA8B;IAE9B,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,aAAa,EAAE;QACrC,MAAM,EAAE,MAAM;QACd,OAAO,EAAE;YACP,cAAc,EAAE,kBAAkB;YAClC,YAAY,EAAE,OAAO;YACrB,aAAa,EAAE,UAAU;SAC1B;QACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;YACnB,QAAQ,EAAE,OAAO,CAAC,WAAW,EAAE;YAC/B,gBAAgB,EAAE,eAAe;YACjC,WAAW,EAAE,cAAc,CAAC,YAAY;SACzC,CAAC;KACH,CAAC,CAAC;IAEH,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;QACZ,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC;QAC9B,MAAM,IAAI,KAAK,CAAC,2BAA2B,GAAG,CAAC,MAAM,MAAM,IAAI,EAAE,CAAC,CAAC;IACrE,CAAC;IAED,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC;IAC9B,OAAO;QACL,QAAQ,EAAE,IAAI,CAAC,QAAQ;QACvB,KAAK,EAAE,IAAI,CAAC,MAAM;QAClB,SAAS,EAAE,IAAI,CAAC,UAAU;KAC3B,CAAC;AACJ,CAAC"}

package/dist/frostVerify.d.ts

@@ -0,0 +1,23 @@
+/**
+ * Client-side FROST Schnorr signature verification (RFC 9591 secp256k1-SHA256-v1).
+ *
+ * Verifies a 65-byte FROST threshold signature against a compressed group
+ * public key and message. Uses the same algorithm as FROSTVerifier.sol:
+ *
+ *   Verification equation: z·G = R + c·Y
+ *   Challenge: c = H2(R || Y || msg) via expand_message_xmd (RFC 9380)
+ *   DST: "FROST-secp256k1-SHA256-v1chal"
+ *
+ * Uses @noble/curves (already installed) for elliptic curve arithmetic
+ * and RFC 9380 hash-to-curve utilities.
+ */
+/**
+ * Verify a FROST Schnorr signature.
+ *
+ * @param message - The message bytes that were signed (typically 32 bytes)
+ * @param signature - 65-byte signature: R.x(32) || z(32) || v(1)
+ * @param groupPublicKey - 33-byte compressed secp256k1 group public key
+ * @returns true if the signature is valid
+ */
+export declare function verifyFrostSignature(message: Uint8Array, signature: Uint8Array, groupPublicKey: Uint8Array): boolean;
+//# sourceMappingURL=frostVerify.d.ts.map

package/dist/frostVerify.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"frostVerify.d.ts","sourceRoot":"","sources":["../src/frostVerify.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAUH;;;;;;;GAOG;AACH,wBAAgB,oBAAoB,CAClC,OAAO,EAAE,UAAU,EACnB,SAAS,EAAE,UAAU,EACrB,cAAc,EAAE,UAAU,GACzB,OAAO,CAoCT"}

package/dist/frostVerify.js

@@ -0,0 +1,69 @@
+/**
+ * Client-side FROST Schnorr signature verification (RFC 9591 secp256k1-SHA256-v1).
+ *
+ * Verifies a 65-byte FROST threshold signature against a compressed group
+ * public key and message. Uses the same algorithm as FROSTVerifier.sol:
+ *
+ *   Verification equation: z·G = R + c·Y
+ *   Challenge: c = H2(R || Y || msg) via expand_message_xmd (RFC 9380)
+ *   DST: "FROST-secp256k1-SHA256-v1chal"
+ *
+ * Uses @noble/curves (already installed) for elliptic curve arithmetic
+ * and RFC 9380 hash-to-curve utilities.
+ */
+import { secp256k1 } from "@noble/curves/secp256k1";
+import { expand_message_xmd } from "@noble/curves/abstract/hash-to-curve";
+import { sha256 } from "@noble/hashes/sha256";
+import { concatBytes } from "@noble/hashes/utils";
+const DST = new TextEncoder().encode("FROST-secp256k1-SHA256-v1chal");
+const N = secp256k1.CURVE.n;
+/**
+ * Verify a FROST Schnorr signature.
+ *
+ * @param message - The message bytes that were signed (typically 32 bytes)
+ * @param signature - 65-byte signature: R.x(32) || z(32) || v(1)
+ * @param groupPublicKey - 33-byte compressed secp256k1 group public key
+ * @returns true if the signature is valid
+ */
+export function verifyFrostSignature(message, signature, groupPublicKey) {
+    if (signature.length !== 65)
+        return false;
+    if (groupPublicKey.length !== 33)
+        return false;
+    const rx = signature.slice(0, 32);
+    const z = bytesToBigInt(signature.slice(32, 64));
+    const v = signature[64];
+    if (z === 0n || z >= N)
+        return false;
+    // Reconstruct compressed R from R.x + parity
+    const rCompressed = new Uint8Array(33);
+    rCompressed[0] = v === 0 ? 0x02 : 0x03;
+    rCompressed.set(rx, 1);
+    // Challenge: c = H2(R_compressed || groupPublicKey || message)
+    // Uses expand_message_xmd (RFC 9380) with SHA-256, output 48 bytes, reduced mod N
+    const input = concatBytes(rCompressed, groupPublicKey, message);
+    const uniform = expand_message_xmd(input, DST, 48, sha256);
+    const c = bytesToBigInt(uniform) % N;
+    if (c === 0n)
+        return false;
+    // Verify: z·G == R + c·Y
+    try {
+        const R = secp256k1.ProjectivePoint.fromHex(rCompressed);
+        const Y = secp256k1.ProjectivePoint.fromHex(groupPublicKey);
+        const G = secp256k1.ProjectivePoint.BASE;
+        const lhs = G.multiply(z);
+        const rhs = R.add(Y.multiply(c));
+        return lhs.equals(rhs);
+    }
+    catch {
+        return false;
+    }
+}
+function bytesToBigInt(bytes) {
+    let result = 0n;
+    for (const b of bytes) {
+        result = (result << 8n) | BigInt(b);
+    }
+    return result;
+}
+//# sourceMappingURL=frostVerify.js.map

package/dist/frostVerify.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"frostVerify.js","sourceRoot":"","sources":["../src/frostVerify.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAEH,OAAO,EAAE,SAAS,EAAE,MAAM,yBAAyB,CAAC;AACpD,OAAO,EAAE,kBAAkB,EAAE,MAAM,sCAAsC,CAAC;AAC1E,OAAO,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAC;AAC9C,OAAO,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAC;AAElD,MAAM,GAAG,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,+BAA+B,CAAC,CAAC;AACtE,MAAM,CAAC,GAAG,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC;AAE5B;;;;;;;GAOG;AACH,MAAM,UAAU,oBAAoB,CAClC,OAAmB,EACnB,SAAqB,EACrB,cAA0B;IAE1B,IAAI,SAAS,CAAC,MAAM,KAAK,EAAE;QAAE,OAAO,KAAK,CAAC;IAC1C,IAAI,cAAc,CAAC,MAAM,KAAK,EAAE;QAAE,OAAO,KAAK,CAAC;IAE/C,MAAM,EAAE,GAAG,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IAClC,MAAM,CAAC,GAAG,aAAa,CAAC,SAAS,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;IACjD,MAAM,CAAC,GAAG,SAAS,CAAC,EAAE,CAAC,CAAC;IAExB,IAAI,CAAC,KAAK,EAAE,IAAI,CAAC,IAAI,CAAC;QAAE,OAAO,KAAK,CAAC;IAErC,6CAA6C;IAC7C,MAAM,WAAW,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;IACvC,WAAW,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC;IACvC,WAAW,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC;IAEvB,+DAA+D;IAC/D,kFAAkF;IAClF,MAAM,KAAK,GAAG,WAAW,CAAC,WAAW,EAAE,cAAc,EAAE,OAAO,CAAC,CAAC;IAChE,MAAM,OAAO,GAAG,kBAAkB,CAAC,KAAK,EAAE,GAAG,EAAE,EAAE,EAAE,MAAM,CAAC,CAAC;IAC3D,MAAM,CAAC,GAAG,aAAa,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IAErC,IAAI,CAAC,KAAK,EAAE;QAAE,OAAO,KAAK,CAAC;IAE3B,yBAAyB;IACzB,IAAI,CAAC;QACH,MAAM,CAAC,GAAG,SAAS,CAAC,eAAe,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC;QACzD,MAAM,CAAC,GAAG,SAAS,CAAC,eAAe,CAAC,OAAO,CAAC,cAAc,CAAC,CAAC;QAC5D,MAAM,CAAC,GAAG,SAAS,CAAC,eAAe,CAAC,IAAI,CAAC;QAEzC,MAAM,GAAG,GAAG,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;QAC1B,MAAM,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;QAEjC,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;IACzB,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED,SAAS,aAAa,CAAC,KAAiB;IACtC,IAAI,MAAM,GAAG,EAAE,CAAC;IAChB,KAAK,MAAM,CAAC,IAAI,KAAK,EAAE,CAAC;QACtB,MAAM,GAAG,CAAC,MAAM,IAAI,EAAE,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;IACtC,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC"}

package/dist/index.d.ts

@@ -0,0 +1,32 @@
+/**
+ * Signet DKMS SDK
+ *
+ * Framework-agnostic library for Signet protocol interactions.
+ *
+ * This barrel export includes only the core modules that have no heavy
+ * dependencies. For ZK proof generation (client-side), import directly:
+ *
+ *   import { generateJWTProof } from "@oleary-labs/signet-sdk/proof"
+ *   import { buildFullWitness } from "@oleary-labs/signet-sdk/witness"
+ *
+ * These require @noir-lang/noir_js, @aztec/bb.js, and
+ * @oleary-labs/signet-circuits as peer dependencies.
+ */
+export * from "./types";
+export * from "./session";
+export * from "./request";
+export * from "./keygen";
+export * from "./oauth";
+export * from "./jwt";
+export * from "./jwks";
+export * from "./bootstrap";
+export * from "./authkey-session";
+export * from "./server-prover";
+export * from "./admin";
+export * from "./delegate";
+export * from "./scopedSign";
+export * from "./frostVerify";
+export * from "./x402";
+export * from "./userop";
+export * from "./bundler";
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAGH,cAAc,SAAS,CAAC;AACxB,cAAc,WAAW,CAAC;AAC1B,cAAc,WAAW,CAAC;AAC1B,cAAc,UAAU,CAAC;AAGzB,cAAc,SAAS,CAAC;AACxB,cAAc,OAAO,CAAC;AACtB,cAAc,QAAQ,CAAC;AACvB,cAAc,aAAa,CAAC;AAC5B,cAAc,mBAAmB,CAAC;AAClC,cAAc,iBAAiB,CAAC;AAGhC,cAAc,SAAS,CAAC;AAGxB,cAAc,YAAY,CAAC;AAC3B,cAAc,cAAc,CAAC;AAC7B,cAAc,eAAe,CAAC;AAG9B,cAAc,QAAQ,CAAC;AAGvB,cAAc,UAAU,CAAC;AACzB,cAAc,WAAW,CAAC"}

package/dist/index.js

@@ -0,0 +1,38 @@
+/**
+ * Signet DKMS SDK
+ *
+ * Framework-agnostic library for Signet protocol interactions.
+ *
+ * This barrel export includes only the core modules that have no heavy
+ * dependencies. For ZK proof generation (client-side), import directly:
+ *
+ *   import { generateJWTProof } from "@oleary-labs/signet-sdk/proof"
+ *   import { buildFullWitness } from "@oleary-labs/signet-sdk/witness"
+ *
+ * These require @noir-lang/noir_js, @aztec/bb.js, and
+ * @oleary-labs/signet-circuits as peer dependencies.
+ */
+// Core
+export * from "./types";
+export * from "./session";
+export * from "./request";
+export * from "./keygen";
+// Auth (lightweight — no WASM)
+export * from "./oauth";
+export * from "./jwt";
+export * from "./jwks";
+export * from "./bootstrap";
+export * from "./authkey-session";
+export * from "./server-prover";
+// Admin
+export * from "./admin";
+// Signing + Delegation
+export * from "./delegate";
+export * from "./scopedSign";
+export * from "./frostVerify";
+// x402
+export * from "./x402";
+// ERC-4337
+export * from "./userop";
+export * from "./bundler";
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAEH,OAAO;AACP,cAAc,SAAS,CAAC;AACxB,cAAc,WAAW,CAAC;AAC1B,cAAc,WAAW,CAAC;AAC1B,cAAc,UAAU,CAAC;AAEzB,+BAA+B;AAC/B,cAAc,SAAS,CAAC;AACxB,cAAc,OAAO,CAAC;AACtB,cAAc,QAAQ,CAAC;AACvB,cAAc,aAAa,CAAC;AAC5B,cAAc,mBAAmB,CAAC;AAClC,cAAc,iBAAiB,CAAC;AAEhC,QAAQ;AACR,cAAc,SAAS,CAAC;AAExB,uBAAuB;AACvB,cAAc,YAAY,CAAC;AAC3B,cAAc,cAAc,CAAC;AAC7B,cAAc,eAAe,CAAC;AAE9B,OAAO;AACP,cAAc,QAAQ,CAAC;AAEvB,WAAW;AACX,cAAc,UAAU,CAAC;AACzB,cAAc,WAAW,CAAC"}

package/dist/jwks.d.ts

@@ -0,0 +1,28 @@
+/**
+ * JWKS (JSON Web Key Set) fetcher.
+ *
+ * Fetches RSA public keys from any OIDC-compliant issuer and extracts
+ * the modulus needed for the ZK proof witness. Supports Google, Clerk,
+ * and any issuer with a standard JWKS endpoint.
+ */
+import type { JWKSKey } from "./types";
+/**
+ * Fetch JWKS keys for an issuer.
+ */
+export declare function fetchJWKS(issuer?: string): Promise<JWKSKey[]>;
+/** @deprecated Use fetchJWKS() instead */
+export declare const fetchGoogleJWKS: () => Promise<JWKSKey[]>;
+/**
+ * Find the RSA key matching a JWT's kid.
+ * If issuer is provided, fetches from that issuer's JWKS endpoint.
+ */
+export declare function getJWKSKeyForKid(kid: string, issuer?: string): Promise<JWKSKey>;
+/**
+ * Decode a base64url-encoded JWKS modulus to a BigInt.
+ */
+export declare function decodeModulus(base64url: string): bigint;
+/**
+ * Decode a base64url-encoded JWKS modulus to raw bytes.
+ */
+export declare function decodeModulusBytes(base64url: string): Uint8Array;
+//# sourceMappingURL=jwks.d.ts.map

package/dist/jwks.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"jwks.d.ts","sourceRoot":"","sources":["../src/jwks.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAqBvC;;GAEG;AACH,wBAAsB,SAAS,CAAC,MAAM,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,EAAE,CAAC,CAgBnE;AAED,0CAA0C;AAC1C,eAAO,MAAM,eAAe,0BAAiD,CAAC;AAE9E;;;GAGG;AACH,wBAAsB,gBAAgB,CAAC,GAAG,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAUrF;AAED;;GAEG;AACH,wBAAgB,aAAa,CAAC,SAAS,EAAE,MAAM,GAAG,MAAM,CAOvD;AAED;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,SAAS,EAAE,MAAM,GAAG,UAAU,CAOhE"}

package/dist/jwks.js

@@ -0,0 +1,81 @@
+/**
+ * JWKS (JSON Web Key Set) fetcher.
+ *
+ * Fetches RSA public keys from any OIDC-compliant issuer and extracts
+ * the modulus needed for the ZK proof witness. Supports Google, Clerk,
+ * and any issuer with a standard JWKS endpoint.
+ */
+const GOOGLE_JWKS_URI = "https://www.googleapis.com/oauth2/v3/certs";
+// Cache per issuer URI
+const cache = new Map();
+const CACHE_TTL = 3600_000; // 1 hour
+/**
+ * Derive the JWKS URI from a JWT issuer.
+ * Google uses a non-standard path; all other OIDC issuers use /.well-known/jwks.json.
+ */
+function jwksUriForIssuer(issuer) {
+    if (issuer === "https://accounts.google.com") {
+        return GOOGLE_JWKS_URI;
+    }
+    // Standard OIDC convention
+    const base = issuer.endsWith("/") ? issuer.slice(0, -1) : issuer;
+    return `${base}/.well-known/jwks.json`;
+}
+/**
+ * Fetch JWKS keys for an issuer.
+ */
+export async function fetchJWKS(issuer) {
+    const uri = jwksUriForIssuer(issuer ?? "https://accounts.google.com");
+    const cached = cache.get(uri);
+    if (cached && Date.now() < cached.expiry) {
+        return cached.keys;
+    }
+    const res = await fetch(uri);
+    if (!res.ok) {
+        throw new Error(`Failed to fetch JWKS from ${uri}: ${res.status}`);
+    }
+    const data = await res.json();
+    const keys = data.keys;
+    cache.set(uri, { keys, expiry: Date.now() + CACHE_TTL });
+    return keys;
+}
+/** @deprecated Use fetchJWKS() instead */
+export const fetchGoogleJWKS = () => fetchJWKS("https://accounts.google.com");
+/**
+ * Find the RSA key matching a JWT's kid.
+ * If issuer is provided, fetches from that issuer's JWKS endpoint.
+ */
+export async function getJWKSKeyForKid(kid, issuer) {
+    const keys = await fetchJWKS(issuer);
+    const key = keys.find((k) => k.kid === kid);
+    if (!key) {
+        throw new Error(`No JWKS key found for kid: ${kid}`);
+    }
+    if (key.kty !== "RSA") {
+        throw new Error(`Expected RSA key, got ${key.kty}`);
+    }
+    return key;
+}
+/**
+ * Decode a base64url-encoded JWKS modulus to a BigInt.
+ */
+export function decodeModulus(base64url) {
+    const binary = atob(base64url.replace(/-/g, "+").replace(/_/g, "/"));
+    let hex = "";
+    for (let i = 0; i < binary.length; i++) {
+        hex += binary.charCodeAt(i).toString(16).padStart(2, "0");
+    }
+    return BigInt("0x" + hex);
+}
+/**
+ * Decode a base64url-encoded JWKS modulus to raw bytes.
+ */
+export function decodeModulusBytes(base64url) {
+    const binary = atob(base64url.replace(/-/g, "+").replace(/_/g, "/"));
+    const bytes = new Uint8Array(binary.length);
+    for (let i = 0; i < binary.length; i++) {
+        bytes[i] = binary.charCodeAt(i);
+    }
+    return bytes;
+}
+//# sourceMappingURL=jwks.js.map

package/dist/jwks.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"jwks.js","sourceRoot":"","sources":["../src/jwks.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAIH,MAAM,eAAe,GAAG,4CAA4C,CAAC;AAErE,uBAAuB;AACvB,MAAM,KAAK,GAAG,IAAI,GAAG,EAA+C,CAAC;AACrE,MAAM,SAAS,GAAG,QAAQ,CAAC,CAAC,SAAS;AAErC;;;GAGG;AACH,SAAS,gBAAgB,CAAC,MAAc;IACtC,IAAI,MAAM,KAAK,6BAA6B,EAAE,CAAC;QAC7C,OAAO,eAAe,CAAC;IACzB,CAAC;IACD,2BAA2B;IAC3B,MAAM,IAAI,GAAG,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;IACjE,OAAO,GAAG,IAAI,wBAAwB,CAAC;AACzC,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,SAAS,CAAC,MAAe;IAC7C,MAAM,GAAG,GAAG,gBAAgB,CAAC,MAAM,IAAI,6BAA6B,CAAC,CAAC;IACtE,MAAM,MAAM,GAAG,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IAC9B,IAAI,MAAM,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,MAAM,CAAC,MAAM,EAAE,CAAC;QACzC,OAAO,MAAM,CAAC,IAAI,CAAC;IACrB,CAAC;IAED,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,CAAC;IAC7B,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;QACZ,MAAM,IAAI,KAAK,CAAC,6BAA6B,GAAG,KAAK,GAAG,CAAC,MAAM,EAAE,CAAC,CAAC;IACrE,CAAC;IAED,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC;IAC9B,MAAM,IAAI,GAAG,IAAI,CAAC,IAAiB,CAAC;IACpC,KAAK,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,EAAE,CAAC,CAAC;IACzD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,0CAA0C;AAC1C,MAAM,CAAC,MAAM,eAAe,GAAG,GAAG,EAAE,CAAC,SAAS,CAAC,6BAA6B,CAAC,CAAC;AAE9E;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,GAAW,EAAE,MAAe;IACjE,MAAM,IAAI,GAAG,MAAM,SAAS,CAAC,MAAM,CAAC,CAAC;IACrC,MAAM,GAAG,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,KAAK,GAAG,CAAC,CAAC;IAC5C,IAAI,CAAC,GAAG,EAAE,CAAC;QACT,MAAM,IAAI,KAAK,CAAC,8BAA8B,GAAG,EAAE,CAAC,CAAC;IACvD,CAAC;IACD,IAAI,GAAG,CAAC,GAAG,KAAK,KAAK,EAAE,CAAC;QACtB,MAAM,IAAI,KAAK,CAAC,yBAAyB,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC;IACtD,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,aAAa,CAAC,SAAiB;IAC7C,MAAM,MAAM,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,CAAC;IACrE,IAAI,GAAG,GAAG,EAAE,CAAC;IACb,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACvC,GAAG,IAAI,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;IAC5D,CAAC;IACD,OAAO,MAAM,CAAC,IAAI,GAAG,GAAG,CAAC,CAAC;AAC5B,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,kBAAkB,CAAC,SAAiB;IAClD,MAAM,MAAM,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,CAAC;IACrE,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IAC5C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACvC,KAAK,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;IAClC,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC"}