@oma3/omatrust 0.1.0-alpha.1 → 0.1.0-alpha.11
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +21 -7
- package/dist/identity/index.cjs +544 -1
- package/dist/identity/index.cjs.map +1 -1
- package/dist/identity/index.d.cts +2 -1
- package/dist/identity/index.d.ts +2 -1
- package/dist/identity/index.js +528 -2
- package/dist/identity/index.js.map +1 -1
- package/dist/index-BOvk-7Ku.d.cts +235 -0
- package/dist/index-C2w5EvFH.d.ts +329 -0
- package/dist/index-QueRiudB.d.cts +329 -0
- package/dist/index-R78TpAhN.d.ts +235 -0
- package/dist/index.cjs +2020 -145
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.cts +4 -2
- package/dist/index.d.ts +4 -2
- package/dist/index.js +2021 -146
- package/dist/index.js.map +1 -1
- package/dist/reputation/index.browser.cjs +3010 -0
- package/dist/reputation/index.browser.cjs.map +1 -0
- package/dist/reputation/index.browser.d.cts +14 -0
- package/dist/reputation/index.browser.d.ts +14 -0
- package/dist/reputation/index.browser.js +2946 -0
- package/dist/reputation/index.browser.js.map +1 -0
- package/dist/reputation/index.cjs +1884 -123
- package/dist/reputation/index.cjs.map +1 -1
- package/dist/reputation/index.d.cts +3 -1
- package/dist/reputation/index.d.ts +3 -1
- package/dist/reputation/index.js +1861 -123
- package/dist/reputation/index.js.map +1 -1
- package/dist/subject-ownership-B7cFlm8c.d.cts +664 -0
- package/dist/subject-ownership-B7cFlm8c.d.ts +664 -0
- package/dist/types-dpYxRq8N.d.cts +281 -0
- package/dist/types-dpYxRq8N.d.ts +281 -0
- package/dist/widgets/index.cjs +238 -0
- package/dist/widgets/index.cjs.map +1 -0
- package/dist/widgets/index.d.cts +158 -0
- package/dist/widgets/index.d.ts +158 -0
- package/dist/widgets/index.js +226 -0
- package/dist/widgets/index.js.map +1 -0
- package/package.json +35 -7
- package/dist/index-ChbJxwOA.d.cts +0 -415
- package/dist/index-ChbJxwOA.d.ts +0 -415
- package/dist/index-QZDExA4I.d.cts +0 -90
- package/dist/index-QZDExA4I.d.ts +0 -90
|
@@ -0,0 +1,664 @@
|
|
|
1
|
+
type Hex = `0x${string}`;
|
|
2
|
+
type Did = string;
|
|
3
|
+
type ProofType = "pop-jws" | "pop-eip712" | "x402-receipt" | "evidence-pointer" | "tx-encoded-value" | "tx-interaction" | "x402-offer";
|
|
4
|
+
type ProofPurpose = "shared-control" | "commercial-tx";
|
|
5
|
+
type SchemaField = {
|
|
6
|
+
name: string;
|
|
7
|
+
type: string;
|
|
8
|
+
value?: unknown;
|
|
9
|
+
};
|
|
10
|
+
type AttestationValidationError = {
|
|
11
|
+
schemaFieldName: string;
|
|
12
|
+
expectedType: string;
|
|
13
|
+
providedType: string;
|
|
14
|
+
providedValue: unknown;
|
|
15
|
+
};
|
|
16
|
+
type AttestationQueryResult = {
|
|
17
|
+
uid: Hex;
|
|
18
|
+
schema: Hex;
|
|
19
|
+
attester: Hex;
|
|
20
|
+
recipient: Hex;
|
|
21
|
+
txHash?: Hex;
|
|
22
|
+
revocable: boolean;
|
|
23
|
+
revocationTime: bigint;
|
|
24
|
+
expirationTime: bigint;
|
|
25
|
+
time: bigint;
|
|
26
|
+
refUID: Hex;
|
|
27
|
+
data: Record<string, unknown>;
|
|
28
|
+
raw?: Hex;
|
|
29
|
+
};
|
|
30
|
+
type ProofWrapper = {
|
|
31
|
+
proofType: ProofType;
|
|
32
|
+
proofObject: unknown;
|
|
33
|
+
proofPurpose?: ProofPurpose;
|
|
34
|
+
version?: number;
|
|
35
|
+
issuedAt?: number;
|
|
36
|
+
expiresAt?: number;
|
|
37
|
+
};
|
|
38
|
+
type TxEncodedValueProof = ProofWrapper & {
|
|
39
|
+
proofType: "tx-encoded-value";
|
|
40
|
+
proofPurpose: ProofPurpose;
|
|
41
|
+
proofObject: {
|
|
42
|
+
chainId: string;
|
|
43
|
+
txHash: Hex;
|
|
44
|
+
};
|
|
45
|
+
};
|
|
46
|
+
type TxInteractionProof = ProofWrapper & {
|
|
47
|
+
proofType: "tx-interaction";
|
|
48
|
+
proofPurpose: "commercial-tx";
|
|
49
|
+
proofObject: {
|
|
50
|
+
chainId: string;
|
|
51
|
+
txHash: Hex;
|
|
52
|
+
};
|
|
53
|
+
};
|
|
54
|
+
type PopEip712Proof = ProofWrapper & {
|
|
55
|
+
proofType: "pop-eip712";
|
|
56
|
+
proofObject: {
|
|
57
|
+
domain: {
|
|
58
|
+
name: string;
|
|
59
|
+
version: string;
|
|
60
|
+
chainId: number;
|
|
61
|
+
verifyingContract?: Hex;
|
|
62
|
+
};
|
|
63
|
+
message: {
|
|
64
|
+
signer: string;
|
|
65
|
+
authorizedEntity: string;
|
|
66
|
+
signingPurpose: string;
|
|
67
|
+
creationTimestamp: number;
|
|
68
|
+
expirationTimestamp: number;
|
|
69
|
+
randomValue: Hex;
|
|
70
|
+
statement: string;
|
|
71
|
+
};
|
|
72
|
+
signature: Hex;
|
|
73
|
+
};
|
|
74
|
+
};
|
|
75
|
+
type PopJwsProof = ProofWrapper & {
|
|
76
|
+
proofType: "pop-jws";
|
|
77
|
+
proofObject: string;
|
|
78
|
+
};
|
|
79
|
+
type X402ReceiptProof = ProofWrapper & {
|
|
80
|
+
proofType: "x402-receipt";
|
|
81
|
+
proofPurpose: "commercial-tx";
|
|
82
|
+
proofObject: Record<string, unknown>;
|
|
83
|
+
};
|
|
84
|
+
type X402OfferProof = ProofWrapper & {
|
|
85
|
+
proofType: "x402-offer";
|
|
86
|
+
proofPurpose: "commercial-tx";
|
|
87
|
+
proofObject: Record<string, unknown>;
|
|
88
|
+
};
|
|
89
|
+
type EvidencePointerProof = ProofWrapper & {
|
|
90
|
+
proofType: "evidence-pointer";
|
|
91
|
+
proofPurpose: "shared-control";
|
|
92
|
+
proofObject: {
|
|
93
|
+
url: string;
|
|
94
|
+
};
|
|
95
|
+
};
|
|
96
|
+
type ChainConstants = {
|
|
97
|
+
base: bigint;
|
|
98
|
+
range: bigint;
|
|
99
|
+
decimals: number;
|
|
100
|
+
nativeSymbol: string;
|
|
101
|
+
};
|
|
102
|
+
type SubmitAttestationParams = {
|
|
103
|
+
signer: unknown;
|
|
104
|
+
chainId: number;
|
|
105
|
+
easContractAddress: Hex;
|
|
106
|
+
schemaUid: Hex;
|
|
107
|
+
schema: SchemaField[] | string;
|
|
108
|
+
data: Record<string, unknown>;
|
|
109
|
+
revocable?: boolean;
|
|
110
|
+
expirationTime?: bigint | number;
|
|
111
|
+
refUid?: Hex;
|
|
112
|
+
value?: bigint | number;
|
|
113
|
+
};
|
|
114
|
+
type SubmitAttestationResult = {
|
|
115
|
+
uid: Hex;
|
|
116
|
+
txHash: Hex;
|
|
117
|
+
receipt?: unknown;
|
|
118
|
+
};
|
|
119
|
+
type RevokeAttestationParams = {
|
|
120
|
+
signer: unknown;
|
|
121
|
+
easContractAddress: Hex;
|
|
122
|
+
schemaUid: Hex;
|
|
123
|
+
uid: Hex;
|
|
124
|
+
value?: bigint | number;
|
|
125
|
+
};
|
|
126
|
+
type RevokeAttestationResult = {
|
|
127
|
+
txHash: Hex;
|
|
128
|
+
receipt?: unknown;
|
|
129
|
+
};
|
|
130
|
+
type PrepareDelegatedAttestationParams = {
|
|
131
|
+
chainId: number;
|
|
132
|
+
easContractAddress: Hex;
|
|
133
|
+
schemaUid: Hex;
|
|
134
|
+
schema: SchemaField[] | string;
|
|
135
|
+
data: Record<string, unknown>;
|
|
136
|
+
attester: Hex;
|
|
137
|
+
nonce: bigint | number;
|
|
138
|
+
revocable?: boolean;
|
|
139
|
+
expirationTime?: bigint | number;
|
|
140
|
+
refUid?: Hex;
|
|
141
|
+
value?: bigint | number;
|
|
142
|
+
deadline?: bigint | number;
|
|
143
|
+
};
|
|
144
|
+
type PrepareDelegatedAttestationResult = {
|
|
145
|
+
delegatedRequest: Record<string, unknown>;
|
|
146
|
+
typedData: {
|
|
147
|
+
domain: Record<string, unknown>;
|
|
148
|
+
types: Record<string, unknown>;
|
|
149
|
+
message: Record<string, unknown>;
|
|
150
|
+
};
|
|
151
|
+
};
|
|
152
|
+
type BuildDelegatedTypedDataFromEncodedParams = {
|
|
153
|
+
chainId: number;
|
|
154
|
+
easContractAddress: Hex;
|
|
155
|
+
schemaUid: Hex;
|
|
156
|
+
encodedData: Hex;
|
|
157
|
+
recipient: Hex;
|
|
158
|
+
attester: Hex;
|
|
159
|
+
nonce: bigint | number;
|
|
160
|
+
revocable?: boolean;
|
|
161
|
+
expirationTime?: bigint | number;
|
|
162
|
+
refUid?: Hex;
|
|
163
|
+
value?: bigint | number;
|
|
164
|
+
deadline?: bigint | number;
|
|
165
|
+
};
|
|
166
|
+
type SubmitDelegatedAttestationParams = {
|
|
167
|
+
relayUrl: string;
|
|
168
|
+
prepared: PrepareDelegatedAttestationResult;
|
|
169
|
+
signature: Hex | string;
|
|
170
|
+
attester?: Hex;
|
|
171
|
+
};
|
|
172
|
+
type RelayMetadata = {
|
|
173
|
+
blockNumber?: number;
|
|
174
|
+
chain?: string;
|
|
175
|
+
success?: boolean;
|
|
176
|
+
[key: string]: unknown;
|
|
177
|
+
};
|
|
178
|
+
type RelayErrorDetails = {
|
|
179
|
+
httpStatus: number;
|
|
180
|
+
code?: string;
|
|
181
|
+
error?: string;
|
|
182
|
+
payload?: Record<string, unknown>;
|
|
183
|
+
};
|
|
184
|
+
type SubmitDelegatedAttestationResult = {
|
|
185
|
+
uid: Hex;
|
|
186
|
+
txHash?: Hex;
|
|
187
|
+
status: "submitted" | "confirmed";
|
|
188
|
+
relay?: RelayMetadata;
|
|
189
|
+
};
|
|
190
|
+
type GetAttestationParams = {
|
|
191
|
+
uid: Hex;
|
|
192
|
+
provider: unknown;
|
|
193
|
+
easContractAddress: Hex;
|
|
194
|
+
schema?: SchemaField[] | string;
|
|
195
|
+
};
|
|
196
|
+
type ListAttestationsParams = {
|
|
197
|
+
subjectDid: Did;
|
|
198
|
+
provider: unknown;
|
|
199
|
+
easContractAddress: Hex;
|
|
200
|
+
schemas?: Hex[];
|
|
201
|
+
limit?: number;
|
|
202
|
+
fromBlock?: number;
|
|
203
|
+
toBlock?: number;
|
|
204
|
+
};
|
|
205
|
+
type GetAttestationsByAttesterParams = {
|
|
206
|
+
attester: Hex;
|
|
207
|
+
provider: unknown;
|
|
208
|
+
easContractAddress: Hex;
|
|
209
|
+
schemas?: Hex[];
|
|
210
|
+
limit?: number;
|
|
211
|
+
fromBlock?: number;
|
|
212
|
+
toBlock?: number;
|
|
213
|
+
};
|
|
214
|
+
type VerifyAttestationParams = {
|
|
215
|
+
attestation: AttestationQueryResult;
|
|
216
|
+
provider?: unknown;
|
|
217
|
+
checks?: ProofType[];
|
|
218
|
+
context?: Record<string, unknown>;
|
|
219
|
+
};
|
|
220
|
+
type VerifyAttestationResult = {
|
|
221
|
+
valid: boolean;
|
|
222
|
+
checks: Record<string, boolean>;
|
|
223
|
+
reasons: string[];
|
|
224
|
+
};
|
|
225
|
+
type CallControllerWitnessParams = {
|
|
226
|
+
gatewayUrl: string;
|
|
227
|
+
attestationUid: Hex;
|
|
228
|
+
chainId: number;
|
|
229
|
+
easContract: Hex;
|
|
230
|
+
schemaUid: Hex;
|
|
231
|
+
subject: Did;
|
|
232
|
+
controller: Did;
|
|
233
|
+
timeoutMs?: number;
|
|
234
|
+
};
|
|
235
|
+
type CallControllerWitnessResult = {
|
|
236
|
+
ok: boolean;
|
|
237
|
+
method: "dns-txt" | "did-json";
|
|
238
|
+
details?: unknown;
|
|
239
|
+
};
|
|
240
|
+
type VerifyProofParams = {
|
|
241
|
+
proof: ProofWrapper;
|
|
242
|
+
provider?: unknown;
|
|
243
|
+
expectedSubjectDid?: Did;
|
|
244
|
+
expectedControllerDid?: Did;
|
|
245
|
+
};
|
|
246
|
+
type VerifyProofResult = {
|
|
247
|
+
valid: boolean;
|
|
248
|
+
proofType: ProofType;
|
|
249
|
+
reason?: string;
|
|
250
|
+
};
|
|
251
|
+
type RequestControllerWitnessParams = {
|
|
252
|
+
/** Subject DID (e.g., did:web:example.com) */
|
|
253
|
+
subjectDid: Did;
|
|
254
|
+
/** Controller DID (e.g., did:pkh:eip155:66238:0xabc...) */
|
|
255
|
+
controllerDid: Did;
|
|
256
|
+
/** Override the default controller witness API URL. If omitted, uses the OMATrust production endpoint. */
|
|
257
|
+
gatewayUrl?: string;
|
|
258
|
+
/** Optional chain ID — defaults to the API's active chain if omitted */
|
|
259
|
+
chainId?: number;
|
|
260
|
+
/** Request timeout in milliseconds (default: 15000) */
|
|
261
|
+
timeoutMs?: number;
|
|
262
|
+
};
|
|
263
|
+
type RequestControllerWitnessResult = {
|
|
264
|
+
success: boolean;
|
|
265
|
+
uid: string | null;
|
|
266
|
+
txHash: string;
|
|
267
|
+
blockNumber: number;
|
|
268
|
+
observedAt: number;
|
|
269
|
+
method: string;
|
|
270
|
+
};
|
|
271
|
+
type W3CKeyPurpose = "authentication" | "assertionMethod" | "keyAgreement";
|
|
272
|
+
type GetControllerAuthorizationParams = {
|
|
273
|
+
/**
|
|
274
|
+
* Controller identifier. Can be:
|
|
275
|
+
* - An EVM wallet address (Hex) for did:pkh controllers
|
|
276
|
+
* - A did:pkh DID string
|
|
277
|
+
* - A did:jwk DID string
|
|
278
|
+
*/
|
|
279
|
+
controllerDid: string;
|
|
280
|
+
/** Subject DID the controller claims to control */
|
|
281
|
+
subjectDid: Did;
|
|
282
|
+
/** ethers v6 Provider for on-chain reads */
|
|
283
|
+
provider: unknown;
|
|
284
|
+
/** CAIP-2 chain identifier. Defaults to "eip155:6623" (OMAChain). */
|
|
285
|
+
chain?: string;
|
|
286
|
+
/** EAS contract address. If omitted, resolved from trust anchors. */
|
|
287
|
+
easContractAddress?: Hex;
|
|
288
|
+
/** How far back to scan for controller witnesses. Defaults to 0 (full history). */
|
|
289
|
+
fromBlock?: number;
|
|
290
|
+
/** DNS resolution function for did:web live check */
|
|
291
|
+
resolveTxt?: (host: string) => Promise<string[][]>;
|
|
292
|
+
/** DID document fetcher for did:web live check */
|
|
293
|
+
fetchDidDocument?: (domain: string) => Promise<Record<string, unknown>>;
|
|
294
|
+
/**
|
|
295
|
+
* W3C DID verification relationship purposes to require.
|
|
296
|
+
* Key bindings are only considered valid if their keyPurpose includes all requested purposes.
|
|
297
|
+
* Defaults to ["authentication", "assertionMethod"].
|
|
298
|
+
*/
|
|
299
|
+
purpose?: W3CKeyPurpose[];
|
|
300
|
+
};
|
|
301
|
+
type ControllerWitnessEvidence = {
|
|
302
|
+
/** Attestation UID */
|
|
303
|
+
uid: Hex;
|
|
304
|
+
/** Timestamp when the controller witness was issued (unix seconds) */
|
|
305
|
+
issuedAt: bigint;
|
|
306
|
+
/** EAS-level attester address (typically the OMA3 server wallet) */
|
|
307
|
+
attester: string;
|
|
308
|
+
/** Verification method used by the witness service */
|
|
309
|
+
method?: "dns" | "did-document" | "manual" | "other";
|
|
310
|
+
};
|
|
311
|
+
type ControllerAuthorizationResult = {
|
|
312
|
+
/** Whether the controller has any authorization for this subject */
|
|
313
|
+
authorized: boolean;
|
|
314
|
+
/**
|
|
315
|
+
* Earliest timestamp of durable authorization evidence, usually the first
|
|
316
|
+
* Controller Witness. Null when authorization is only currently verified
|
|
317
|
+
* by live DNS/did.json.
|
|
318
|
+
*/
|
|
319
|
+
anchoredFrom: bigint | null;
|
|
320
|
+
/**
|
|
321
|
+
* End of the authorization window. Set when a relevant key binding revocation
|
|
322
|
+
* closes the window. Null if the window is still open.
|
|
323
|
+
*/
|
|
324
|
+
until: bigint | null;
|
|
325
|
+
/** Whether live DNS/did.json or contract ownership currently confirms control */
|
|
326
|
+
currentlyVerified: boolean;
|
|
327
|
+
/** Verification method for live check */
|
|
328
|
+
liveMethod: "dns" | "did-document" | "contract-ownership" | null;
|
|
329
|
+
/** Controller witness attestations found (oldest first) */
|
|
330
|
+
controllerWitnesses: ControllerWitnessEvidence[];
|
|
331
|
+
/** Key binding attestation UID if one exists */
|
|
332
|
+
keyBindingUid: Hex | null;
|
|
333
|
+
/**
|
|
334
|
+
* Whether the key binding's keyPurpose matched the requested purposes.
|
|
335
|
+
* - "matched": key binding exists and its purposes satisfy the request
|
|
336
|
+
* - "unknown": key binding exists but has no keyPurpose field
|
|
337
|
+
* - "mismatch": key binding exists but does not satisfy the requested purposes
|
|
338
|
+
* - "not-required": no key binding exists or no purpose filter was applied
|
|
339
|
+
*/
|
|
340
|
+
keyPurposeStatus: "matched" | "unknown" | "mismatch" | "not-required";
|
|
341
|
+
/**
|
|
342
|
+
* Whether the key binding includes a verified transfer proof.
|
|
343
|
+
* Only relevant for did:pkh subjects where the controller is authorized
|
|
344
|
+
* via a key binding backed by a deterministic native transfer.
|
|
345
|
+
*/
|
|
346
|
+
transferProofVerified?: boolean;
|
|
347
|
+
};
|
|
348
|
+
|
|
349
|
+
declare function submitAttestation(params: SubmitAttestationParams): Promise<SubmitAttestationResult>;
|
|
350
|
+
|
|
351
|
+
declare function revokeAttestation(params: RevokeAttestationParams): Promise<RevokeAttestationResult>;
|
|
352
|
+
|
|
353
|
+
declare function buildDelegatedAttestationTypedData(params: PrepareDelegatedAttestationParams): {
|
|
354
|
+
domain: Record<string, unknown>;
|
|
355
|
+
types: Record<string, unknown>;
|
|
356
|
+
message: Record<string, unknown>;
|
|
357
|
+
};
|
|
358
|
+
declare function buildDelegatedTypedDataFromEncoded(params: BuildDelegatedTypedDataFromEncodedParams): {
|
|
359
|
+
domain: Record<string, unknown>;
|
|
360
|
+
types: Record<string, unknown>;
|
|
361
|
+
message: Record<string, unknown>;
|
|
362
|
+
};
|
|
363
|
+
declare function splitSignature(signature: Hex | string): {
|
|
364
|
+
v: number;
|
|
365
|
+
r: Hex;
|
|
366
|
+
s: Hex;
|
|
367
|
+
};
|
|
368
|
+
declare function prepareDelegatedAttestation(params: PrepareDelegatedAttestationParams): Promise<PrepareDelegatedAttestationResult>;
|
|
369
|
+
declare function submitDelegatedAttestation(params: SubmitDelegatedAttestationParams): Promise<SubmitDelegatedAttestationResult>;
|
|
370
|
+
|
|
371
|
+
declare function getAttestation(params: GetAttestationParams): Promise<AttestationQueryResult>;
|
|
372
|
+
declare function getAttestationsForDid(params: ListAttestationsParams): Promise<AttestationQueryResult[]>;
|
|
373
|
+
declare function getAttestationsByAttester(params: GetAttestationsByAttesterParams): Promise<AttestationQueryResult[]>;
|
|
374
|
+
declare function listAttestations(params: ListAttestationsParams): Promise<AttestationQueryResult[]>;
|
|
375
|
+
type GetLatestAttestationsParams = {
|
|
376
|
+
provider: unknown;
|
|
377
|
+
easContractAddress: Hex;
|
|
378
|
+
schemas?: Hex[];
|
|
379
|
+
limit?: number;
|
|
380
|
+
fromBlock?: number;
|
|
381
|
+
};
|
|
382
|
+
declare function getLatestAttestations(params: GetLatestAttestationsParams): Promise<AttestationQueryResult[]>;
|
|
383
|
+
declare function deduplicateReviews(attestations: AttestationQueryResult[]): AttestationQueryResult[];
|
|
384
|
+
declare function calculateAverageUserReviewRating(attestations: AttestationQueryResult[]): number;
|
|
385
|
+
declare function getMajorVersion(version: string): number;
|
|
386
|
+
|
|
387
|
+
declare function verifyProof(params: VerifyProofParams): Promise<VerifyProofResult>;
|
|
388
|
+
declare function verifyAttestation(params: VerifyAttestationParams): Promise<VerifyAttestationResult>;
|
|
389
|
+
|
|
390
|
+
declare function normalizeSchema(schema: SchemaField[] | string): SchemaField[];
|
|
391
|
+
declare function schemaToString(schema: SchemaField[] | string): string;
|
|
392
|
+
declare function encodeAttestationData(schema: SchemaField[] | string, data: Record<string, unknown>): Hex;
|
|
393
|
+
declare function validateAttestationData(schema: SchemaField[] | string, data: Record<string, unknown>): AttestationValidationError[];
|
|
394
|
+
declare function decodeAttestationData(schema: SchemaField[] | string, encodedData: Hex): Record<string, unknown>;
|
|
395
|
+
declare function extractExpirationTime(data: Record<string, unknown>): bigint | number | undefined;
|
|
396
|
+
|
|
397
|
+
declare function verifySchemaExists(schemaRegistry: unknown, schemaUid: Hex): Promise<boolean>;
|
|
398
|
+
declare function getSchemaDetails(schemaRegistry: unknown, schemaUid: Hex): Promise<{
|
|
399
|
+
uid: Hex;
|
|
400
|
+
schema: string;
|
|
401
|
+
resolver: Hex;
|
|
402
|
+
revocable: boolean;
|
|
403
|
+
}>;
|
|
404
|
+
declare function formatSchemaUid(schemaUid: string): Hex;
|
|
405
|
+
|
|
406
|
+
declare function callControllerWitness(params: CallControllerWitnessParams): Promise<CallControllerWitnessResult>;
|
|
407
|
+
|
|
408
|
+
/**
|
|
409
|
+
* Request a controller witness attestation from the OMATrust backend.
|
|
410
|
+
*
|
|
411
|
+
* This is the recommended function for requesting controller witnesses.
|
|
412
|
+
* It makes a single API call with the subject and controller DIDs.
|
|
413
|
+
* The backend handles evidence discovery, attestation submission, and
|
|
414
|
+
* write quota deduction.
|
|
415
|
+
*
|
|
416
|
+
* Requires an authenticated session (cookie-based for web clients).
|
|
417
|
+
* Future versions will support x402 and OAuth DCR 2.0 for agents.
|
|
418
|
+
*
|
|
419
|
+
* @deprecated callControllerWitness — use requestControllerWitness instead.
|
|
420
|
+
* callControllerWitness uses the legacy multi-call pattern and will be
|
|
421
|
+
* removed in a future SDK version.
|
|
422
|
+
*/
|
|
423
|
+
declare function requestControllerWitness(params: RequestControllerWitnessParams): Promise<RequestControllerWitnessResult>;
|
|
424
|
+
|
|
425
|
+
/**
|
|
426
|
+
* Contract Ownership — shared primitives for discovering contract owners
|
|
427
|
+
* and verifying transfer proofs.
|
|
428
|
+
*
|
|
429
|
+
* Used by:
|
|
430
|
+
* - subject-ownership.ts (full ownership verification flow)
|
|
431
|
+
* - attester-authorization.ts (authorization checks for did:pkh subjects)
|
|
432
|
+
*/
|
|
433
|
+
|
|
434
|
+
/**
|
|
435
|
+
* Minimal provider interface for contract ownership reads.
|
|
436
|
+
* Compatible with ethers v6 providers — consumers can pass their provider directly.
|
|
437
|
+
*/
|
|
438
|
+
interface ContractOwnershipProvider {
|
|
439
|
+
call(transaction: {
|
|
440
|
+
to: string;
|
|
441
|
+
data: string;
|
|
442
|
+
}): Promise<string>;
|
|
443
|
+
getCode(address: string): Promise<string>;
|
|
444
|
+
getStorage(address: string, slot: string): Promise<string>;
|
|
445
|
+
getTransaction(hash: string): Promise<{
|
|
446
|
+
from?: string | null;
|
|
447
|
+
to?: string | null;
|
|
448
|
+
value?: bigint | string | number | null;
|
|
449
|
+
blockNumber?: number | null;
|
|
450
|
+
} | null>;
|
|
451
|
+
}
|
|
452
|
+
declare const EIP1967_ADMIN_SLOT: "0xb53127684a568b3173ae13b9f8a6016e243e63b6e8ee1178d6a717850b5d6103";
|
|
453
|
+
declare const OWNERSHIP_PATTERNS: readonly [{
|
|
454
|
+
readonly method: "owner";
|
|
455
|
+
readonly signature: "function owner() view returns (address)";
|
|
456
|
+
}, {
|
|
457
|
+
readonly method: "admin";
|
|
458
|
+
readonly signature: "function admin() view returns (address)";
|
|
459
|
+
}, {
|
|
460
|
+
readonly method: "getOwner";
|
|
461
|
+
readonly signature: "function getOwner() view returns (address)";
|
|
462
|
+
}];
|
|
463
|
+
/**
|
|
464
|
+
* Read a single address-returning function from a contract.
|
|
465
|
+
* Returns the checksummed address or null if the call fails or returns zero.
|
|
466
|
+
*/
|
|
467
|
+
declare function readOwnerFromContract(provider: ContractOwnershipProvider, contractAddress: string, signature: string, method: string): Promise<string | null>;
|
|
468
|
+
/**
|
|
469
|
+
* Discover the controlling wallet address of a contract.
|
|
470
|
+
*
|
|
471
|
+
* Tries, in order:
|
|
472
|
+
* 1. `owner()` — OpenZeppelin Ownable
|
|
473
|
+
* 2. `admin()` — common admin pattern
|
|
474
|
+
* 3. `getOwner()` — alternative naming
|
|
475
|
+
* 4. EIP-1967 admin storage slot
|
|
476
|
+
*
|
|
477
|
+
* Returns the checksummed owner address, or null if not discoverable.
|
|
478
|
+
*/
|
|
479
|
+
declare function discoverContractOwner(provider: ContractOwnershipProvider, contractAddress: string): Promise<string | null>;
|
|
480
|
+
/**
|
|
481
|
+
* Discover the controlling wallet and return it as a did:pkh DID.
|
|
482
|
+
* Convenience wrapper over discoverContractOwner for DID-based flows.
|
|
483
|
+
*/
|
|
484
|
+
declare function discoverControllingWalletDid(provider: ContractOwnershipProvider, contractAddress: string, chainId: number): Promise<Did | null>;
|
|
485
|
+
/**
|
|
486
|
+
* Verify a transfer proof transaction.
|
|
487
|
+
*
|
|
488
|
+
* Checks:
|
|
489
|
+
* - Transaction exists and has from/to
|
|
490
|
+
* - Recipient matches the expected attester address
|
|
491
|
+
* - Transfer amount matches the deterministic proof amount for the subject-attester pair
|
|
492
|
+
*
|
|
493
|
+
* Does NOT verify the sender is the current contract owner — that's a separate
|
|
494
|
+
* concern (the sender may have been the owner at the time of transfer but not now).
|
|
495
|
+
*/
|
|
496
|
+
declare function verifyTransferProof(provider: ContractOwnershipProvider, txHash: Hex, subjectDid: Did, attesterAddress: string, chainId: number): Promise<boolean>;
|
|
497
|
+
|
|
498
|
+
declare function getSupportedChainIds(): number[];
|
|
499
|
+
declare function isChainSupported(chainId: number): boolean;
|
|
500
|
+
declare function getChainConstants(chainId: number, purpose: ProofPurpose): ChainConstants;
|
|
501
|
+
declare function constructSeed(subjectDidHash: Hex, counterpartyDidHash: Hex, purpose: ProofPurpose): Uint8Array;
|
|
502
|
+
declare function hashSeed(seedBytes: Uint8Array, chainId: number): Hex;
|
|
503
|
+
declare function calculateTransferAmount(subject: string, counterparty: string, chainId: number, purpose: ProofPurpose): bigint;
|
|
504
|
+
declare function calculateTransferAmountFromAddresses(subjectAddress: string, counterpartyAddress: string, chainId: number, purpose: ProofPurpose): bigint;
|
|
505
|
+
declare function createTxEncodedValueProof(chainId: number, txHash: Hex, purpose: ProofPurpose): TxEncodedValueProof;
|
|
506
|
+
declare function formatTransferAmount(amount: bigint | number, chainId: number): string;
|
|
507
|
+
declare function getExplorerTxUrl(chainId: number, txHash: Hex): string;
|
|
508
|
+
declare function getExplorerAddressUrl(chainId: number, address: string): string;
|
|
509
|
+
|
|
510
|
+
declare function createTxInteractionProof(chainId: number, txHash: Hex): TxInteractionProof;
|
|
511
|
+
|
|
512
|
+
type CreatePopEip712ProofParams = {
|
|
513
|
+
signer: string;
|
|
514
|
+
authorizedEntity: string;
|
|
515
|
+
signingPurpose: ProofPurpose;
|
|
516
|
+
chainId: number;
|
|
517
|
+
creationTimestamp?: number;
|
|
518
|
+
expirationTimestamp?: number;
|
|
519
|
+
randomValue?: Hex;
|
|
520
|
+
statement?: string;
|
|
521
|
+
};
|
|
522
|
+
declare function createPopEip712Proof(params: CreatePopEip712ProofParams, signFn: (typedData: Record<string, unknown>) => Promise<Hex>): Promise<PopEip712Proof>;
|
|
523
|
+
|
|
524
|
+
type CreatePopJwsProofParams = {
|
|
525
|
+
issuer: Did;
|
|
526
|
+
audience: Did;
|
|
527
|
+
purpose: ProofPurpose;
|
|
528
|
+
issuedAt?: number;
|
|
529
|
+
expiresAt?: number;
|
|
530
|
+
nonce?: string;
|
|
531
|
+
};
|
|
532
|
+
declare function createPopJwsProof(params: CreatePopJwsProofParams, signFn: (payload: Record<string, unknown>, header: Record<string, unknown>) => Promise<string>): Promise<PopJwsProof>;
|
|
533
|
+
|
|
534
|
+
declare function createX402ReceiptProof(receipt: Record<string, unknown>): X402ReceiptProof;
|
|
535
|
+
declare function createX402OfferProof(offer: Record<string, unknown>): X402OfferProof;
|
|
536
|
+
|
|
537
|
+
declare function createEvidencePointerProof(url: string): EvidencePointerProof;
|
|
538
|
+
|
|
539
|
+
interface VerifyDnsTxtControllerDidOptions {
|
|
540
|
+
resolveTxt?: (host: string) => Promise<string[][]>;
|
|
541
|
+
recordPrefix?: string;
|
|
542
|
+
}
|
|
543
|
+
|
|
544
|
+
interface DnsTxtRecordResult {
|
|
545
|
+
version?: string;
|
|
546
|
+
/**
|
|
547
|
+
* @deprecated Use `controllers` instead. This field only returns the first
|
|
548
|
+
* controller value and will be removed in a future release.
|
|
549
|
+
*/
|
|
550
|
+
controller?: Did;
|
|
551
|
+
/**
|
|
552
|
+
* All controller DIDs found in the record.
|
|
553
|
+
* A DNS TXT record may contain multiple controller= entries.
|
|
554
|
+
*/
|
|
555
|
+
controllers: Did[];
|
|
556
|
+
}
|
|
557
|
+
declare function parseDnsTxtRecord(record: string): DnsTxtRecordResult;
|
|
558
|
+
declare function buildDnsTxtRecord(controllerDid: Did): string;
|
|
559
|
+
|
|
560
|
+
/**
|
|
561
|
+
* DID Document Fetching — shared utility
|
|
562
|
+
*
|
|
563
|
+
* Fetches did:web DID documents from the well-known endpoint.
|
|
564
|
+
* Used by identity/resolve-key and reputation/proof/did-json.
|
|
565
|
+
*/
|
|
566
|
+
/**
|
|
567
|
+
* Fetch a DID document for a did:web domain.
|
|
568
|
+
*
|
|
569
|
+
* Resolves `https://<domain>/.well-known/did.json` and returns the parsed JSON.
|
|
570
|
+
*
|
|
571
|
+
* @param domain - The domain to fetch the DID document from
|
|
572
|
+
* @returns The parsed DID document
|
|
573
|
+
* @throws OmaTrustError with code NETWORK_ERROR if fetch fails
|
|
574
|
+
*/
|
|
575
|
+
declare function fetchDidDocument(domain: string): Promise<Record<string, unknown>>;
|
|
576
|
+
|
|
577
|
+
interface VerifyDidJsonControllerDidOptions {
|
|
578
|
+
fetchDidDocument?: (domain: string) => Promise<Record<string, unknown>>;
|
|
579
|
+
}
|
|
580
|
+
/**
|
|
581
|
+
* Extract EVM addresses from a DID document's verification methods.
|
|
582
|
+
* Looks at blockchainAccountId and publicKeyHex fields.
|
|
583
|
+
*/
|
|
584
|
+
declare function extractEvmAddressesFromDidDocument(didDocument: Record<string, unknown>): string[];
|
|
585
|
+
/**
|
|
586
|
+
* Extract public JWKs from a DID document's verification methods.
|
|
587
|
+
*/
|
|
588
|
+
declare function extractJwksFromDidDocument(didDocument: Record<string, unknown>): Array<Record<string, unknown>>;
|
|
589
|
+
/**
|
|
590
|
+
* Verify that a controller DID is present in a DID document.
|
|
591
|
+
*
|
|
592
|
+
* Matching strategies:
|
|
593
|
+
* - did:pkh (EVM): extract address and compare against blockchainAccountId / publicKeyHex
|
|
594
|
+
* in verification methods. Chain ID is ignored (same address across all EVM chains).
|
|
595
|
+
* - did:jwk: decode the JWK from the DID and compare against publicKeyJwk fields
|
|
596
|
+
* in verification methods.
|
|
597
|
+
*/
|
|
598
|
+
declare function verifyDidDocumentControllerDid(didDocument: Record<string, unknown>, expectedControllerDid: Did): {
|
|
599
|
+
valid: boolean;
|
|
600
|
+
reason?: string;
|
|
601
|
+
};
|
|
602
|
+
declare function verifyDidJsonControllerDid(domain: string, expectedControllerDid: Did, options?: VerifyDidJsonControllerDidOptions): Promise<{
|
|
603
|
+
valid: boolean;
|
|
604
|
+
reason?: string;
|
|
605
|
+
}>;
|
|
606
|
+
|
|
607
|
+
declare function buildEip712Domain(name: string, version: string, chainId: number, verifyingContract: Hex): {
|
|
608
|
+
name: string;
|
|
609
|
+
version: string;
|
|
610
|
+
chainId: number;
|
|
611
|
+
verifyingContract: Hex;
|
|
612
|
+
};
|
|
613
|
+
declare function getOmaTrustProofEip712Types(): {
|
|
614
|
+
primaryType: string;
|
|
615
|
+
types: Record<string, Array<{
|
|
616
|
+
name: string;
|
|
617
|
+
type: string;
|
|
618
|
+
}>>;
|
|
619
|
+
};
|
|
620
|
+
declare function verifyEip712Signature(typedData: {
|
|
621
|
+
domain: Record<string, unknown>;
|
|
622
|
+
types: Record<string, unknown>;
|
|
623
|
+
message: Record<string, unknown>;
|
|
624
|
+
}, signature: Hex | string): {
|
|
625
|
+
valid: boolean;
|
|
626
|
+
signer?: string;
|
|
627
|
+
};
|
|
628
|
+
|
|
629
|
+
type SubjectOwnershipVerificationMethod = "dns" | "did-document" | "wallet" | "contract" | "minting-wallet" | "transfer";
|
|
630
|
+
interface SubjectOwnershipVerificationResult {
|
|
631
|
+
valid: boolean;
|
|
632
|
+
method?: SubjectOwnershipVerificationMethod;
|
|
633
|
+
reason?: string;
|
|
634
|
+
details?: string;
|
|
635
|
+
subjectDid: Did;
|
|
636
|
+
connectedWalletDid: Did;
|
|
637
|
+
controllingWalletDid?: Did;
|
|
638
|
+
}
|
|
639
|
+
interface EvmOwnershipProvider extends ContractOwnershipProvider {
|
|
640
|
+
getTransactionReceipt(hash: string): Promise<{
|
|
641
|
+
blockNumber: number;
|
|
642
|
+
} | null>;
|
|
643
|
+
getBlockNumber(): Promise<number>;
|
|
644
|
+
getBlock(blockNumber: number): Promise<{
|
|
645
|
+
timestamp: number;
|
|
646
|
+
} | null>;
|
|
647
|
+
}
|
|
648
|
+
interface VerifyDidWebOwnershipParams extends VerifyDnsTxtControllerDidOptions {
|
|
649
|
+
subjectDid: Did;
|
|
650
|
+
connectedWalletDid: Did;
|
|
651
|
+
fetchDidDocument?: (domain: string) => Promise<Record<string, unknown>>;
|
|
652
|
+
}
|
|
653
|
+
interface VerifyDidPkhOwnershipParams {
|
|
654
|
+
subjectDid: Did;
|
|
655
|
+
connectedWalletDid: Did;
|
|
656
|
+
provider: EvmOwnershipProvider;
|
|
657
|
+
txHash?: Hex | string;
|
|
658
|
+
}
|
|
659
|
+
type VerifySubjectOwnershipParams = VerifyDidWebOwnershipParams | (VerifyDidPkhOwnershipParams & VerifyDnsTxtControllerDidOptions);
|
|
660
|
+
declare function verifyDidWebOwnership(params: VerifyDidWebOwnershipParams): Promise<SubjectOwnershipVerificationResult>;
|
|
661
|
+
declare function verifyDidPkhOwnership(params: VerifyDidPkhOwnershipParams): Promise<SubjectOwnershipVerificationResult>;
|
|
662
|
+
declare function verifySubjectOwnership(params: VerifySubjectOwnershipParams): Promise<SubjectOwnershipVerificationResult>;
|
|
663
|
+
|
|
664
|
+
export { buildDelegatedAttestationTypedData as $, type AttestationQueryResult as A, type BuildDelegatedTypedDataFromEncodedParams as B, type CallControllerWitnessParams as C, type Did as D, type EvidencePointerProof as E, type SubmitAttestationResult as F, type GetAttestationParams as G, type Hex as H, type SubmitDelegatedAttestationParams as I, type SubmitDelegatedAttestationResult as J, type TxInteractionProof as K, type ListAttestationsParams as L, type VerifyAttestationResult as M, type VerifyDidJsonControllerDidOptions as N, type VerifyDidPkhOwnershipParams as O, type PopEip712Proof as P, type VerifyDidWebOwnershipParams as Q, type RelayErrorDetails as R, type SchemaField as S, type TxEncodedValueProof as T, type VerifyProofParams as U, type VerifyAttestationParams as V, type VerifyProofResult as W, type VerifySubjectOwnershipParams as X, type W3CKeyPurpose as Y, type X402OfferProof as Z, type X402ReceiptProof as _, type AttestationValidationError as a, readOwnerFromContract as a$, buildDelegatedTypedDataFromEncoded as a0, buildDnsTxtRecord as a1, buildEip712Domain as a2, calculateAverageUserReviewRating as a3, calculateTransferAmount as a4, calculateTransferAmountFromAddresses as a5, callControllerWitness as a6, constructSeed as a7, createEvidencePointerProof as a8, createPopEip712Proof as a9, isChainSupported as aA, listAttestations as aB, normalizeSchema as aC, parseDnsTxtRecord as aD, prepareDelegatedAttestation as aE, requestControllerWitness as aF, revokeAttestation as aG, schemaToString as aH, splitSignature as aI, submitAttestation as aJ, submitDelegatedAttestation as aK, validateAttestationData as aL, verifyAttestation as aM, verifyDidDocumentControllerDid as aN, verifyDidJsonControllerDid as aO, verifyDidPkhOwnership as aP, verifyDidWebOwnership as aQ, verifyEip712Signature as aR, verifyProof as aS, verifySchemaExists as aT, verifySubjectOwnership as aU, type VerifyDnsTxtControllerDidOptions as aV, type ContractOwnershipProvider as aW, EIP1967_ADMIN_SLOT as aX, OWNERSHIP_PATTERNS as aY, discoverContractOwner as aZ, discoverControllingWalletDid as a_, createPopJwsProof as aa, createTxEncodedValueProof as ab, createTxInteractionProof as ac, createX402OfferProof as ad, createX402ReceiptProof as ae, decodeAttestationData as af, deduplicateReviews as ag, encodeAttestationData as ah, extractEvmAddressesFromDidDocument as ai, extractExpirationTime as aj, extractJwksFromDidDocument as ak, fetchDidDocument as al, formatSchemaUid as am, formatTransferAmount as an, getAttestation as ao, getAttestationsByAttester as ap, getAttestationsForDid as aq, getChainConstants as ar, getExplorerAddressUrl as as, getExplorerTxUrl as at, getLatestAttestations as au, getMajorVersion as av, getOmaTrustProofEip712Types as aw, getSchemaDetails as ax, getSupportedChainIds as ay, hashSeed as az, type CallControllerWitnessResult as b, verifyTransferProof as b0, type ChainConstants as c, type ControllerAuthorizationResult as d, type ControllerWitnessEvidence as e, type CreatePopEip712ProofParams as f, type CreatePopJwsProofParams as g, type DnsTxtRecordResult as h, type EvmOwnershipProvider as i, type GetAttestationsByAttesterParams as j, type GetControllerAuthorizationParams as k, type GetLatestAttestationsParams as l, type PopJwsProof as m, type PrepareDelegatedAttestationParams as n, type PrepareDelegatedAttestationResult as o, type ProofPurpose as p, type ProofType as q, type ProofWrapper as r, type RelayMetadata as s, type RequestControllerWitnessParams as t, type RequestControllerWitnessResult as u, type RevokeAttestationParams as v, type RevokeAttestationResult as w, type SubjectOwnershipVerificationMethod as x, type SubjectOwnershipVerificationResult as y, type SubmitAttestationParams as z };
|