@opendatalabs/personal-server-ts-core 0.0.1-canary.0078f25

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (189) hide show
  1. package/dist/auth/web3-signed.d.ts +48 -0
  2. package/dist/auth/web3-signed.d.ts.map +1 -0
  3. package/dist/auth/web3-signed.js +110 -0
  4. package/dist/auth/web3-signed.js.map +1 -0
  5. package/dist/config/defaults.d.ts +12 -0
  6. package/dist/config/defaults.d.ts.map +1 -0
  7. package/dist/config/defaults.js +14 -0
  8. package/dist/config/defaults.js.map +1 -0
  9. package/dist/config/index.d.ts +4 -0
  10. package/dist/config/index.d.ts.map +1 -0
  11. package/dist/config/index.js +4 -0
  12. package/dist/config/index.js.map +1 -0
  13. package/dist/config/loader.d.ts +8 -0
  14. package/dist/config/loader.d.ts.map +1 -0
  15. package/dist/config/loader.js +38 -0
  16. package/dist/config/loader.js.map +1 -0
  17. package/dist/config/paths.d.ts +9 -0
  18. package/dist/config/paths.d.ts.map +1 -0
  19. package/dist/config/paths.js +22 -0
  20. package/dist/config/paths.js.map +1 -0
  21. package/dist/errors/catalog.d.ts +41 -0
  22. package/dist/errors/catalog.d.ts.map +1 -0
  23. package/dist/errors/catalog.js +79 -0
  24. package/dist/errors/catalog.js.map +1 -0
  25. package/dist/gateway/client.d.ts +98 -0
  26. package/dist/gateway/client.d.ts.map +1 -0
  27. package/dist/gateway/client.js +171 -0
  28. package/dist/gateway/client.js.map +1 -0
  29. package/dist/grants/eip712.d.ts +28 -0
  30. package/dist/grants/eip712.d.ts.map +1 -0
  31. package/dist/grants/eip712.js +30 -0
  32. package/dist/grants/eip712.js.map +1 -0
  33. package/dist/grants/index.d.ts +5 -0
  34. package/dist/grants/index.d.ts.map +1 -0
  35. package/dist/grants/index.js +3 -0
  36. package/dist/grants/index.js.map +1 -0
  37. package/dist/grants/types.d.ts +29 -0
  38. package/dist/grants/types.d.ts.map +1 -0
  39. package/dist/grants/types.js +6 -0
  40. package/dist/grants/types.js.map +1 -0
  41. package/dist/grants/verify.d.ts +24 -0
  42. package/dist/grants/verify.d.ts.map +1 -0
  43. package/dist/grants/verify.js +71 -0
  44. package/dist/grants/verify.js.map +1 -0
  45. package/dist/keys/derive.d.ts +18 -0
  46. package/dist/keys/derive.d.ts.map +1 -0
  47. package/dist/keys/derive.js +43 -0
  48. package/dist/keys/derive.js.map +1 -0
  49. package/dist/keys/index.d.ts +3 -0
  50. package/dist/keys/index.d.ts.map +1 -0
  51. package/dist/keys/index.js +3 -0
  52. package/dist/keys/index.js.map +1 -0
  53. package/dist/keys/server-account.d.ts +28 -0
  54. package/dist/keys/server-account.d.ts.map +1 -0
  55. package/dist/keys/server-account.js +48 -0
  56. package/dist/keys/server-account.js.map +1 -0
  57. package/dist/logger/index.d.ts +5 -0
  58. package/dist/logger/index.d.ts.map +1 -0
  59. package/dist/logger/index.js +9 -0
  60. package/dist/logger/index.js.map +1 -0
  61. package/dist/logging/access-log.d.ts +15 -0
  62. package/dist/logging/access-log.d.ts.map +1 -0
  63. package/dist/logging/access-log.js +25 -0
  64. package/dist/logging/access-log.js.map +1 -0
  65. package/dist/logging/access-reader.d.ts +19 -0
  66. package/dist/logging/access-reader.d.ts.map +1 -0
  67. package/dist/logging/access-reader.js +50 -0
  68. package/dist/logging/access-reader.js.map +1 -0
  69. package/dist/schemas/data-file.d.ts +20 -0
  70. package/dist/schemas/data-file.d.ts.map +1 -0
  71. package/dist/schemas/data-file.js +23 -0
  72. package/dist/schemas/data-file.js.map +1 -0
  73. package/dist/schemas/server-config.d.ts +116 -0
  74. package/dist/schemas/server-config.d.ts.map +1 -0
  75. package/dist/schemas/server-config.js +131 -0
  76. package/dist/schemas/server-config.js.map +1 -0
  77. package/dist/scopes/index.d.ts +3 -0
  78. package/dist/scopes/index.d.ts.map +1 -0
  79. package/dist/scopes/index.js +3 -0
  80. package/dist/scopes/index.js.map +1 -0
  81. package/dist/scopes/match.d.ts +13 -0
  82. package/dist/scopes/match.d.ts.map +1 -0
  83. package/dist/scopes/match.js +23 -0
  84. package/dist/scopes/match.js.map +1 -0
  85. package/dist/scopes/parse.d.ts +12 -0
  86. package/dist/scopes/parse.d.ts.map +1 -0
  87. package/dist/scopes/parse.js +29 -0
  88. package/dist/scopes/parse.js.map +1 -0
  89. package/dist/signing/eip712.d.ts +69 -0
  90. package/dist/signing/eip712.d.ts.map +1 -0
  91. package/dist/signing/eip712.js +68 -0
  92. package/dist/signing/eip712.js.map +1 -0
  93. package/dist/signing/index.d.ts +4 -0
  94. package/dist/signing/index.d.ts.map +1 -0
  95. package/dist/signing/index.js +4 -0
  96. package/dist/signing/index.js.map +1 -0
  97. package/dist/signing/request-signer.d.ts +12 -0
  98. package/dist/signing/request-signer.d.ts.map +1 -0
  99. package/dist/signing/request-signer.js +48 -0
  100. package/dist/signing/request-signer.js.map +1 -0
  101. package/dist/signing/signer.d.ts +14 -0
  102. package/dist/signing/signer.d.ts.map +1 -0
  103. package/dist/signing/signer.js +37 -0
  104. package/dist/signing/signer.js.map +1 -0
  105. package/dist/storage/adapters/index.d.ts +3 -0
  106. package/dist/storage/adapters/index.d.ts.map +1 -0
  107. package/dist/storage/adapters/index.js +2 -0
  108. package/dist/storage/adapters/index.js.map +1 -0
  109. package/dist/storage/adapters/interface.d.ts +47 -0
  110. package/dist/storage/adapters/interface.d.ts.map +1 -0
  111. package/dist/storage/adapters/interface.js +2 -0
  112. package/dist/storage/adapters/interface.js.map +1 -0
  113. package/dist/storage/adapters/vana.d.ts +32 -0
  114. package/dist/storage/adapters/vana.d.ts.map +1 -0
  115. package/dist/storage/adapters/vana.js +96 -0
  116. package/dist/storage/adapters/vana.js.map +1 -0
  117. package/dist/storage/encryption/decrypt.d.ts +10 -0
  118. package/dist/storage/encryption/decrypt.d.ts.map +1 -0
  119. package/dist/storage/encryption/decrypt.js +19 -0
  120. package/dist/storage/encryption/decrypt.js.map +1 -0
  121. package/dist/storage/encryption/encrypt.d.ts +10 -0
  122. package/dist/storage/encryption/encrypt.d.ts.map +1 -0
  123. package/dist/storage/encryption/encrypt.js +19 -0
  124. package/dist/storage/encryption/encrypt.js.map +1 -0
  125. package/dist/storage/encryption/index.d.ts +3 -0
  126. package/dist/storage/encryption/index.d.ts.map +1 -0
  127. package/dist/storage/encryption/index.js +3 -0
  128. package/dist/storage/encryption/index.js.map +1 -0
  129. package/dist/storage/hierarchy/index.d.ts +4 -0
  130. package/dist/storage/hierarchy/index.d.ts.map +1 -0
  131. package/dist/storage/hierarchy/index.js +3 -0
  132. package/dist/storage/hierarchy/index.js.map +1 -0
  133. package/dist/storage/hierarchy/manager.d.ts +23 -0
  134. package/dist/storage/hierarchy/manager.d.ts.map +1 -0
  135. package/dist/storage/hierarchy/manager.js +60 -0
  136. package/dist/storage/hierarchy/manager.js.map +1 -0
  137. package/dist/storage/hierarchy/paths.d.ts +11 -0
  138. package/dist/storage/hierarchy/paths.d.ts.map +1 -0
  139. package/dist/storage/hierarchy/paths.js +36 -0
  140. package/dist/storage/hierarchy/paths.js.map +1 -0
  141. package/dist/storage/index/index.d.ts +4 -0
  142. package/dist/storage/index/index.d.ts.map +1 -0
  143. package/dist/storage/index/index.js +3 -0
  144. package/dist/storage/index/index.js.map +1 -0
  145. package/dist/storage/index/manager.d.ts +37 -0
  146. package/dist/storage/index/manager.d.ts.map +1 -0
  147. package/dist/storage/index/manager.js +132 -0
  148. package/dist/storage/index/manager.js.map +1 -0
  149. package/dist/storage/index/schema.d.ts +4 -0
  150. package/dist/storage/index/schema.d.ts.map +1 -0
  151. package/dist/storage/index/schema.js +27 -0
  152. package/dist/storage/index/schema.js.map +1 -0
  153. package/dist/storage/index/types.d.ts +20 -0
  154. package/dist/storage/index/types.d.ts.map +1 -0
  155. package/dist/storage/index/types.js +2 -0
  156. package/dist/storage/index/types.js.map +1 -0
  157. package/dist/sync/cursor.d.ts +12 -0
  158. package/dist/sync/cursor.d.ts.map +1 -0
  159. package/dist/sync/cursor.js +19 -0
  160. package/dist/sync/cursor.js.map +1 -0
  161. package/dist/sync/engine/sync-manager.d.ts +25 -0
  162. package/dist/sync/engine/sync-manager.d.ts.map +1 -0
  163. package/dist/sync/engine/sync-manager.js +136 -0
  164. package/dist/sync/engine/sync-manager.js.map +1 -0
  165. package/dist/sync/index.d.ts +4 -0
  166. package/dist/sync/index.d.ts.map +1 -0
  167. package/dist/sync/index.js +3 -0
  168. package/dist/sync/index.js.map +1 -0
  169. package/dist/sync/types.d.ts +40 -0
  170. package/dist/sync/types.d.ts.map +1 -0
  171. package/dist/sync/types.js +2 -0
  172. package/dist/sync/types.js.map +1 -0
  173. package/dist/sync/workers/download.d.ts +41 -0
  174. package/dist/sync/workers/download.d.ts.map +1 -0
  175. package/dist/sync/workers/download.js +90 -0
  176. package/dist/sync/workers/download.js.map +1 -0
  177. package/dist/sync/workers/upload.d.ts +43 -0
  178. package/dist/sync/workers/upload.d.ts.map +1 -0
  179. package/dist/sync/workers/upload.js +75 -0
  180. package/dist/sync/workers/upload.js.map +1 -0
  181. package/dist/test-utils/index.d.ts +2 -0
  182. package/dist/test-utils/index.d.ts.map +1 -0
  183. package/dist/test-utils/index.js +2 -0
  184. package/dist/test-utils/index.js.map +1 -0
  185. package/dist/test-utils/wallet.d.ts +40 -0
  186. package/dist/test-utils/wallet.d.ts.map +1 -0
  187. package/dist/test-utils/wallet.js +74 -0
  188. package/dist/test-utils/wallet.js.map +1 -0
  189. package/package.json +115 -0
package/dist/gateway/client.js ADDED
@@ -0,0 +1,171 @@
1
+ /**
2
+ * Gateway client for communicating with the Vana Gateway API.
3
+ * Provides builder registration checks and grant lookups.
4
+ *
5
+ * All Gateway GET endpoints return responses wrapped in:
6
+ * { data: T, proof: GatewayProof }
7
+ * This client unwraps the envelope and returns just the data.
8
+ */
9
+ export function createGatewayClient(baseUrl) {
10
+ const base = baseUrl.replace(/\/+$/, "");
11
+ async function unwrapEnvelope(res) {
12
+ const envelope = (await res.json());
13
+ return envelope.data;
14
+ }
15
+ return {
16
+ async isRegisteredBuilder(address) {
17
+ const builder = await this.getBuilder(address);
18
+ // Gateway returns 200 with builder data if registered, 404 if not.
19
+ // Existence IS registration — no separate `registered` field.
20
+ return builder !== null;
21
+ },
22
+ async getBuilder(address) {
23
+ const res = await fetch(`${base}/v1/builders/${address}`);
24
+ if (res.status === 404)
25
+ return null;
26
+ if (!res.ok) {
27
+ throw new Error(`Gateway error: ${res.status} ${res.statusText}`);
28
+ }
29
+ return unwrapEnvelope(res);
30
+ },
31
+ async getGrant(grantId) {
32
+ const res = await fetch(`${base}/v1/grants/${grantId}`);
33
+ if (res.status === 404)
34
+ return null;
35
+ if (!res.ok) {
36
+ throw new Error(`Gateway error: ${res.status} ${res.statusText}`);
37
+ }
38
+ return unwrapEnvelope(res);
39
+ },
40
+ async listGrantsByUser(userAddress) {
41
+ const res = await fetch(`${base}/v1/grants?user=${userAddress}`);
42
+ if (res.status === 404)
43
+ return [];
44
+ if (!res.ok) {
45
+ throw new Error(`Gateway error: ${res.status} ${res.statusText}`);
46
+ }
47
+ return unwrapEnvelope(res);
48
+ },
49
+ async getSchemaForScope(scope) {
50
+ const res = await fetch(`${base}/v1/schemas?scope=${scope}`);
51
+ if (res.status === 404)
52
+ return null;
53
+ if (!res.ok) {
54
+ throw new Error(`Gateway error: ${res.status} ${res.statusText}`);
55
+ }
56
+ return unwrapEnvelope(res);
57
+ },
58
+ async getServer(address) {
59
+ const res = await fetch(`${base}/v1/servers/${address}`);
60
+ if (res.status === 404)
61
+ return null;
62
+ if (!res.ok) {
63
+ throw new Error(`Gateway error: ${res.status} ${res.statusText}`);
64
+ }
65
+ return unwrapEnvelope(res);
66
+ },
67
+ async getFile(fileId) {
68
+ const res = await fetch(`${base}/v1/files/${fileId}`);
69
+ if (res.status === 404)
70
+ return null;
71
+ if (!res.ok) {
72
+ throw new Error(`Gateway error: ${res.status} ${res.statusText}`);
73
+ }
74
+ return unwrapEnvelope(res);
75
+ },
76
+ async listFilesSince(owner, cursor) {
77
+ const params = new URLSearchParams({ owner });
78
+ if (cursor !== null) {
79
+ params.set("since", cursor);
80
+ }
81
+ const res = await fetch(`${base}/v1/files?${params.toString()}`);
82
+ if (!res.ok) {
83
+ throw new Error(`Gateway error: ${res.status} ${res.statusText}`);
84
+ }
85
+ return unwrapEnvelope(res);
86
+ },
87
+ async getSchema(schemaId) {
88
+ const res = await fetch(`${base}/v1/schemas/${schemaId}`);
89
+ if (res.status === 404)
90
+ return null;
91
+ if (!res.ok) {
92
+ throw new Error(`Gateway error: ${res.status} ${res.statusText}`);
93
+ }
94
+ return unwrapEnvelope(res);
95
+ },
96
+ async registerFile(params) {
97
+ const res = await fetch(`${base}/v1/files`, {
98
+ method: "POST",
99
+ headers: {
100
+ "Content-Type": "application/json",
101
+ Authorization: `Web3Signed ${params.signature}`,
102
+ },
103
+ body: JSON.stringify({
104
+ ownerAddress: params.ownerAddress,
105
+ url: params.url,
106
+ schemaId: params.schemaId,
107
+ }),
108
+ });
109
+ // 409 = already registered, treat as success (idempotent)
110
+ if (res.status === 409) {
111
+ const body = await res.json().catch(() => ({}));
112
+ return {
113
+ fileId: body.fileId,
114
+ };
115
+ }
116
+ if (!res.ok) {
117
+ throw new Error(`Gateway error: ${res.status} ${res.statusText}`);
118
+ }
119
+ const body = await res.json();
120
+ return {
121
+ fileId: body.fileId,
122
+ };
123
+ },
124
+ async createGrant(params) {
125
+ const res = await fetch(`${base}/v1/grants`, {
126
+ method: "POST",
127
+ headers: {
128
+ "Content-Type": "application/json",
129
+ Authorization: `Web3Signed ${params.signature}`,
130
+ },
131
+ body: JSON.stringify({
132
+ grantorAddress: params.grantorAddress,
133
+ granteeId: params.granteeId,
134
+ grant: params.grant,
135
+ fileIds: params.fileIds,
136
+ }),
137
+ });
138
+ if (res.status === 409) {
139
+ const body = await res.json().catch(() => ({}));
140
+ return {
141
+ grantId: body.grantId,
142
+ };
143
+ }
144
+ if (!res.ok) {
145
+ throw new Error(`Gateway error: ${res.status} ${res.statusText}`);
146
+ }
147
+ const body = await res.json();
148
+ return {
149
+ grantId: body.grantId,
150
+ };
151
+ },
152
+ async revokeGrant(params) {
153
+ const res = await fetch(`${base}/v1/grants/${params.grantId}`, {
154
+ method: "DELETE",
155
+ headers: {
156
+ "Content-Type": "application/json",
157
+ Authorization: `Web3Signed ${params.signature}`,
158
+ },
159
+ body: JSON.stringify({
160
+ grantorAddress: params.grantorAddress,
161
+ }),
162
+ });
163
+ if (res.status === 409)
164
+ return; // already revoked
165
+ if (!res.ok) {
166
+ throw new Error(`Gateway error: ${res.status} ${res.statusText}`);
167
+ }
168
+ },
169
+ };
170
+ }
171
+ //# sourceMappingURL=client.js.map
package/dist/gateway/client.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"client.js","sourceRoot":"","sources":["../../src/gateway/client.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAiGH,MAAM,UAAU,mBAAmB,CAAC,OAAe;IACjD,MAAM,IAAI,GAAG,OAAO,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;IAEzC,KAAK,UAAU,cAAc,CAAI,GAAa;QAC5C,MAAM,QAAQ,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAAuB,CAAC;QAC1D,OAAO,QAAQ,CAAC,IAAI,CAAC;IACvB,CAAC;IAED,OAAO;QACL,KAAK,CAAC,mBAAmB,CAAC,OAAe;YACvC,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;YAC/C,mEAAmE;YACnE,8DAA8D;YAC9D,OAAO,OAAO,KAAK,IAAI,CAAC;QAC1B,CAAC;QAED,KAAK,CAAC,UAAU,CAAC,OAAe;YAC9B,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,IAAI,gBAAgB,OAAO,EAAE,CAAC,CAAC;YAC1D,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG;gBAAE,OAAO,IAAI,CAAC;YACpC,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;gBACZ,MAAM,IAAI,KAAK,CAAC,kBAAkB,GAAG,CAAC,MAAM,IAAI,GAAG,CAAC,UAAU,EAAE,CAAC,CAAC;YACpE,CAAC;YACD,OAAO,cAAc,CAAU,GAAG,CAAC,CAAC;QACtC,CAAC;QAED,KAAK,CAAC,QAAQ,CAAC,OAAe;YAC5B,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,IAAI,cAAc,OAAO,EAAE,CAAC,CAAC;YACxD,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG;gBAAE,OAAO,IAAI,CAAC;YACpC,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;gBACZ,MAAM,IAAI,KAAK,CAAC,kBAAkB,GAAG,CAAC,MAAM,IAAI,GAAG,CAAC,UAAU,EAAE,CAAC,CAAC;YACpE,CAAC;YACD,OAAO,cAAc,CAAuB,GAAG,CAAC,CAAC;QACnD,CAAC;QAED,KAAK,CAAC,gBAAgB,CAAC,WAAmB;YACxC,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,IAAI,mBAAmB,WAAW,EAAE,CAAC,CAAC;YACjE,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG;gBAAE,OAAO,EAAE,CAAC;YAClC,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;gBACZ,MAAM,IAAI,KAAK,CAAC,kBAAkB,GAAG,CAAC,MAAM,IAAI,GAAG,CAAC,UAAU,EAAE,CAAC,CAAC;YACpE,CAAC;YACD,OAAO,cAAc,CAAkB,GAAG,CAAC,CAAC;QAC9C,CAAC;QAED,KAAK,CAAC,iBAAiB,CAAC,KAAa;YACnC,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,IAAI,qBAAqB,KAAK,EAAE,CAAC,CAAC;YAC7D,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG;gBAAE,OAAO,IAAI,CAAC;YACpC,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;gBACZ,MAAM,IAAI,KAAK,CAAC,kBAAkB,GAAG,CAAC,MAAM,IAAI,GAAG,CAAC,UAAU,EAAE,CAAC,CAAC;YACpE,CAAC;YACD,OAAO,cAAc,CAAS,GAAG,CAAC,CAAC;QACrC,CAAC;QAED,KAAK,CAAC,SAAS,CAAC,OAAe;YAC7B,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,IAAI,eAAe,OAAO,EAAE,CAAC,CAAC;YACzD,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG;gBAAE,OAAO,IAAI,CAAC;YACpC,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;gBACZ,MAAM,IAAI,KAAK,CAAC,kBAAkB,GAAG,CAAC,MAAM,IAAI,GAAG,CAAC,UAAU,EAAE,CAAC,CAAC;YACpE,CAAC;YACD,OAAO,cAAc,CAAa,GAAG,CAAC,CAAC;QACzC,CAAC;QAED,KAAK,CAAC,OAAO,CAAC,MAAc;YAC1B,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,IAAI,aAAa,MAAM,EAAE,CAAC,CAAC;YACtD,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG;gBAAE,OAAO,IAAI,CAAC;YACpC,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;gBACZ,MAAM,IAAI,KAAK,CAAC,kBAAkB,GAAG,CAAC,MAAM,IAAI,GAAG,CAAC,UAAU,EAAE,CAAC,CAAC;YACpE,CAAC;YACD,OAAO,cAAc,CAAa,GAAG,CAAC,CAAC;QACzC,CAAC;QAED,KAAK,CAAC,cAAc,CAClB,KAAa,EACb,MAAqB;YAErB,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC;YAC9C,IAAI,MAAM,KAAK,IAAI,EAAE,CAAC;gBACpB,MAAM,CAAC,GAAG,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;YAC9B,CAAC;YACD,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,IAAI,aAAa,MAAM,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC;YACjE,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;gBACZ,MAAM,IAAI,KAAK,CAAC,kBAAkB,GAAG,CAAC,MAAM,IAAI,GAAG,CAAC,UAAU,EAAE,CAAC,CAAC;YACpE,CAAC;YACD,OAAO,cAAc,CAAiB,GAAG,CAAC,CAAC;QAC7C,CAAC;QAED,KAAK,CAAC,SAAS,CAAC,QAAgB;YAC9B,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,IAAI,eAAe,QAAQ,EAAE,CAAC,CAAC;YAC1D,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG;gBAAE,OAAO,IAAI,CAAC;YACpC,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;gBACZ,MAAM,IAAI,KAAK,CAAC,kBAAkB,GAAG,CAAC,MAAM,IAAI,GAAG,CAAC,UAAU,EAAE,CAAC,CAAC;YACpE,CAAC;YACD,OAAO,cAAc,CAAS,GAAG,CAAC,CAAC;QACrC,CAAC;QAED,KAAK,CAAC,YAAY,CAChB,MAA0B;YAE1B,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,IAAI,WAAW,EAAE;gBAC1C,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE;oBACP,cAAc,EAAE,kBAAkB;oBAClC,aAAa,EAAE,cAAc,MAAM,CAAC,SAAS,EAAE;iBAChD;gBACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;oBACnB,YAAY,EAAE,MAAM,CAAC,YAAY;oBACjC,GAAG,EAAE,MAAM,CAAC,GAAG;oBACf,QAAQ,EAAE,MAAM,CAAC,QAAQ;iBAC1B,CAAC;aACH,CAAC,CAAC;YACH,0DAA0D;YAC1D,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;gBACvB,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;gBAChD,OAAO;oBACL,MAAM,EAAG,IAAgC,CAAC,MAE7B;iBACd,CAAC;YACJ,CAAC;YACD,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;gBACZ,MAAM,IAAI,KAAK,CAAC,kBAAkB,GAAG,CAAC,MAAM,IAAI,GAAG,CAAC,UAAU,EAAE,CAAC,CAAC;YACpE,CAAC;YACD,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC;YAC9B,OAAO;gBACL,MAAM,EAAG,IAAgC,CAAC,MAA4B;aACvE,CAAC;QACJ,CAAC;QAED,KAAK,CAAC,WAAW,CACf,MAAyB;YAEzB,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,IAAI,YAAY,EAAE;gBAC3C,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE;oBACP,cAAc,EAAE,kBAAkB;oBAClC,aAAa,EAAE,cAAc,MAAM,CAAC,SAAS,EAAE;iBAChD;gBACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;oBACnB,cAAc,EAAE,MAAM,CAAC,cAAc;oBACrC,SAAS,EAAE,MAAM,CAAC,SAAS;oBAC3B,KAAK,EAAE,MAAM,CAAC,KAAK;oBACnB,OAAO,EAAE,MAAM,CAAC,OAAO;iBACxB,CAAC;aACH,CAAC,CAAC;YACH,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;gBACvB,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;gBAChD,OAAO;oBACL,OAAO,EAAG,IAAgC,CAAC,OAE9B;iBACd,CAAC;YACJ,CAAC;YACD,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;gBACZ,MAAM,IAAI,KAAK,CAAC,kBAAkB,GAAG,CAAC,MAAM,IAAI,GAAG,CAAC,UAAU,EAAE,CAAC,CAAC;YACpE,CAAC;YACD,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC;YAC9B,OAAO;gBACL,OAAO,EAAG,IAAgC,CAAC,OAE9B;aACd,CAAC;QACJ,CAAC;QAED,KAAK,CAAC,WAAW,CAAC,MAAyB;YACzC,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,IAAI,cAAc,MAAM,CAAC,OAAO,EAAE,EAAE;gBAC7D,MAAM,EAAE,QAAQ;gBAChB,OAAO,EAAE;oBACP,cAAc,EAAE,kBAAkB;oBAClC,aAAa,EAAE,cAAc,MAAM,CAAC,SAAS,EAAE;iBAChD;gBACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;oBACnB,cAAc,EAAE,MAAM,CAAC,cAAc;iBACtC,CAAC;aACH,CAAC,CAAC;YACH,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG;gBAAE,OAAO,CAAC,kBAAkB;YAClD,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;gBACZ,MAAM,IAAI,KAAK,CAAC,kBAAkB,GAAG,CAAC,MAAM,IAAI,GAAG,CAAC,UAAU,EAAE,CAAC,CAAC;YACpE,CAAC;QACH,CAAC;KACF,CAAC;AACJ,CAAC"}
package/dist/grants/eip712.d.ts ADDED
@@ -0,0 +1,28 @@
1
+ /**
2
+ * EIP-712 domain and type definitions for grant signatures.
3
+ * See protocol spec §4.1.9 for typed data structure.
4
+ */
5
+ import type { TypedDataDomain } from "viem";
6
+ import type { GrantPayload } from "./types.js";
7
+ export declare const GRANT_DOMAIN: TypedDataDomain;
8
+ export declare const GRANT_TYPES: {
9
+ readonly Grant: readonly [{
10
+ readonly name: "user";
11
+ readonly type: "address";
12
+ }, {
13
+ readonly name: "builder";
14
+ readonly type: "address";
15
+ }, {
16
+ readonly name: "scopes";
17
+ readonly type: "string[]";
18
+ }, {
19
+ readonly name: "expiresAt";
20
+ readonly type: "uint256";
21
+ }, {
22
+ readonly name: "nonce";
23
+ readonly type: "uint256";
24
+ }];
25
+ };
26
+ /** Convert a GrantPayload to the message object expected by EIP-712 signTypedData. */
27
+ export declare function grantToEip712Message(payload: GrantPayload): Record<string, unknown>;
28
+ //# sourceMappingURL=eip712.d.ts.map
package/dist/grants/eip712.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"eip712.d.ts","sourceRoot":"","sources":["../../src/grants/eip712.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,MAAM,CAAC;AAE5C,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,YAAY,CAAC;AAE/C,eAAO,MAAM,YAAY,EAAE,eAMjB,CAAC;AAEX,eAAO,MAAM,WAAW;;;;;;;;;;;;;;;;;CAQd,CAAC;AAEX,sFAAsF;AACtF,wBAAgB,oBAAoB,CAClC,OAAO,EAAE,YAAY,GACpB,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAQzB"}
package/dist/grants/eip712.js ADDED
@@ -0,0 +1,30 @@
1
+ /**
2
+ * EIP-712 domain and type definitions for grant signatures.
3
+ * See protocol spec §4.1.9 for typed data structure.
4
+ */
5
+ export const GRANT_DOMAIN = {
6
+ name: "Vana Data Portability",
7
+ version: "1",
8
+ chainId: 14800,
9
+ verifyingContract: "0x0000000000000000000000000000000000000000",
10
+ };
11
+ export const GRANT_TYPES = {
12
+ Grant: [
13
+ { name: "user", type: "address" },
14
+ { name: "builder", type: "address" },
15
+ { name: "scopes", type: "string[]" },
16
+ { name: "expiresAt", type: "uint256" },
17
+ { name: "nonce", type: "uint256" },
18
+ ],
19
+ };
20
+ /** Convert a GrantPayload to the message object expected by EIP-712 signTypedData. */
21
+ export function grantToEip712Message(payload) {
22
+ return {
23
+ user: payload.user,
24
+ builder: payload.builder,
25
+ scopes: payload.scopes,
26
+ expiresAt: payload.expiresAt,
27
+ nonce: payload.nonce,
28
+ };
29
+ }
30
+ //# sourceMappingURL=eip712.js.map
package/dist/grants/eip712.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"eip712.js","sourceRoot":"","sources":["../../src/grants/eip712.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAMH,MAAM,CAAC,MAAM,YAAY,GAAoB;IAC3C,IAAI,EAAE,uBAAuB;IAC7B,OAAO,EAAE,GAAG;IACZ,OAAO,EAAE,KAAK;IACd,iBAAiB,EACf,4CAA6D;CACvD,CAAC;AAEX,MAAM,CAAC,MAAM,WAAW,GAAG;IACzB,KAAK,EAAE;QACL,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE;QACjC,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE,SAAS,EAAE;QACpC,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,UAAU,EAAE;QACpC,EAAE,IAAI,EAAE,WAAW,EAAE,IAAI,EAAE,SAAS,EAAE;QACtC,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE;KACnC;CACO,CAAC;AAEX,sFAAsF;AACtF,MAAM,UAAU,oBAAoB,CAClC,OAAqB;IAErB,OAAO;QACL,IAAI,EAAE,OAAO,CAAC,IAAI;QAClB,OAAO,EAAE,OAAO,CAAC,OAAO;QACxB,MAAM,EAAE,OAAO,CAAC,MAAM;QACtB,SAAS,EAAE,OAAO,CAAC,SAAS;QAC5B,KAAK,EAAE,OAAO,CAAC,KAAK;KACrB,CAAC;AACJ,CAAC"}
package/dist/grants/index.d.ts ADDED
@@ -0,0 +1,5 @@
1
+ export type { GrantPayload, GrantWithSignature, GatewayGrantResponse, } from "./types.js";
2
+ export { GRANT_DOMAIN, GRANT_TYPES, grantToEip712Message } from "./eip712.js";
3
+ export type { GrantVerificationResult } from "./verify.js";
4
+ export { verifyGrantLocal } from "./verify.js";
5
+ //# sourceMappingURL=index.d.ts.map
package/dist/grants/index.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/grants/index.ts"],"names":[],"mappings":"AAAA,YAAY,EACV,YAAY,EACZ,kBAAkB,EAClB,oBAAoB,GACrB,MAAM,YAAY,CAAC;AACpB,OAAO,EAAE,YAAY,EAAE,WAAW,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAC;AAC9E,YAAY,EAAE,uBAAuB,EAAE,MAAM,aAAa,CAAC;AAC3D,OAAO,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC"}
package/dist/grants/index.js ADDED
@@ -0,0 +1,3 @@
1
+ export { GRANT_DOMAIN, GRANT_TYPES, grantToEip712Message } from "./eip712.js";
2
+ export { verifyGrantLocal } from "./verify.js";
3
+ //# sourceMappingURL=index.js.map
package/dist/grants/index.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/grants/index.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,YAAY,EAAE,WAAW,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAC;AAE9E,OAAO,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC"}
package/dist/grants/types.d.ts ADDED
@@ -0,0 +1,29 @@
1
+ /**
2
+ * Grant types for the Vana Data Portability Protocol.
3
+ * See protocol spec §5.3 for grant structure.
4
+ */
5
+ export interface GrantPayload {
6
+ user: `0x${string}`;
7
+ builder: `0x${string}`;
8
+ scopes: string[];
9
+ expiresAt: bigint;
10
+ nonce: bigint;
11
+ }
12
+ export interface GrantWithSignature {
13
+ grantId: string;
14
+ payload: GrantPayload;
15
+ signature: `0x${string}`;
16
+ }
17
+ /** Gateway response for GET /v1/grants/{grantId} (unwrapped from envelope) */
18
+ export interface GatewayGrantResponse {
19
+ id: string;
20
+ grantorAddress: string;
21
+ granteeId: string;
22
+ grant: string;
23
+ fileIds: string[];
24
+ status: "pending" | "confirmed";
25
+ addedAt: string;
26
+ revokedAt: string | null;
27
+ revocationSignature: string | null;
28
+ }
29
+ //# sourceMappingURL=types.d.ts.map
package/dist/grants/types.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/grants/types.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,MAAM,WAAW,YAAY;IAC3B,IAAI,EAAE,KAAK,MAAM,EAAE,CAAC;IACpB,OAAO,EAAE,KAAK,MAAM,EAAE,CAAC;IACvB,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,SAAS,EAAE,MAAM,CAAC;IAClB,KAAK,EAAE,MAAM,CAAC;CACf;AAED,MAAM,WAAW,kBAAkB;IACjC,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,EAAE,YAAY,CAAC;IACtB,SAAS,EAAE,KAAK,MAAM,EAAE,CAAC;CAC1B;AAED,8EAA8E;AAC9E,MAAM,WAAW,oBAAoB;IACnC,EAAE,EAAE,MAAM,CAAC;IACX,cAAc,EAAE,MAAM,CAAC;IACvB,SAAS,EAAE,MAAM,CAAC;IAClB,KAAK,EAAE,MAAM,CAAC;IACd,OAAO,EAAE,MAAM,EAAE,CAAC;IAClB,MAAM,EAAE,SAAS,GAAG,WAAW,CAAC;IAChC,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,mBAAmB,EAAE,MAAM,GAAG,IAAI,CAAC;CACpC"}
package/dist/grants/types.js ADDED
@@ -0,0 +1,6 @@
1
+ /**
2
+ * Grant types for the Vana Data Portability Protocol.
3
+ * See protocol spec §5.3 for grant structure.
4
+ */
5
+ export {};
6
+ //# sourceMappingURL=types.js.map
package/dist/grants/types.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/grants/types.ts"],"names":[],"mappings":"AAAA;;;GAGG"}
package/dist/grants/verify.d.ts ADDED
@@ -0,0 +1,24 @@
1
+ /**
2
+ * Local grant verification — EIP-712 signature recovery + expiry/scope/grantee checks.
3
+ * No network calls; operates entirely on the provided GrantWithSignature.
4
+ */
5
+ import type { GrantPayload, GrantWithSignature } from "./types.js";
6
+ export interface GrantVerificationResult {
7
+ valid: true;
8
+ grant: GrantPayload;
9
+ }
10
+ /**
11
+ * Local-only grant verification (no network):
12
+ * 1. Recover signer from EIP-712 signature, verify === expectedOwner
13
+ * 2. Check expiresAt (0 = no expiry, else > now)
14
+ * 3. Check requestedScope ⊆ grantedScopes
15
+ * 4. Check requestSigner === grant.builder
16
+ */
17
+ export declare function verifyGrantLocal(params: {
18
+ grant: GrantWithSignature;
19
+ expectedOwner: `0x${string}`;
20
+ requestSigner: `0x${string}`;
21
+ requestedScope: string;
22
+ now?: number;
23
+ }): Promise<GrantVerificationResult>;
24
+ //# sourceMappingURL=verify.d.ts.map
package/dist/grants/verify.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"verify.d.ts","sourceRoot":"","sources":["../../src/grants/verify.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAYH,OAAO,KAAK,EAAE,YAAY,EAAE,kBAAkB,EAAE,MAAM,YAAY,CAAC;AAEnE,MAAM,WAAW,uBAAuB;IACtC,KAAK,EAAE,IAAI,CAAC;IACZ,KAAK,EAAE,YAAY,CAAC;CACrB;AAED;;;;;;GAMG;AACH,wBAAsB,gBAAgB,CAAC,MAAM,EAAE;IAC7C,KAAK,EAAE,kBAAkB,CAAC;IAC1B,aAAa,EAAE,KAAK,MAAM,EAAE,CAAC;IAC7B,aAAa,EAAE,KAAK,MAAM,EAAE,CAAC;IAC7B,cAAc,EAAE,MAAM,CAAC;IACvB,GAAG,CAAC,EAAE,MAAM,CAAC;CACd,GAAG,OAAO,CAAC,uBAAuB,CAAC,CA2DnC"}
package/dist/grants/verify.js ADDED
@@ -0,0 +1,71 @@
1
+ /**
2
+ * Local grant verification — EIP-712 signature recovery + expiry/scope/grantee checks.
3
+ * No network calls; operates entirely on the provided GrantWithSignature.
4
+ */
5
+ import { verifyTypedData } from "viem";
6
+ import { InvalidSignatureError, GrantExpiredError, ScopeMismatchError, } from "../errors/catalog.js";
7
+ import { scopeCoveredByGrant } from "../scopes/match.js";
8
+ import { GRANT_DOMAIN, GRANT_TYPES } from "./eip712.js";
9
+ /**
10
+ * Local-only grant verification (no network):
11
+ * 1. Recover signer from EIP-712 signature, verify === expectedOwner
12
+ * 2. Check expiresAt (0 = no expiry, else > now)
13
+ * 3. Check requestedScope ⊆ grantedScopes
14
+ * 4. Check requestSigner === grant.builder
15
+ */
16
+ export async function verifyGrantLocal(params) {
17
+ const { grant, expectedOwner, requestSigner, requestedScope } = params;
18
+ const { payload, signature } = grant;
19
+ // 1. Verify EIP-712 signature was produced by expectedOwner
20
+ let valid;
21
+ try {
22
+ valid = await verifyTypedData({
23
+ address: expectedOwner,
24
+ domain: GRANT_DOMAIN,
25
+ types: GRANT_TYPES,
26
+ primaryType: "Grant",
27
+ message: {
28
+ user: payload.user,
29
+ builder: payload.builder,
30
+ scopes: payload.scopes,
31
+ expiresAt: payload.expiresAt,
32
+ nonce: payload.nonce,
33
+ },
34
+ signature,
35
+ });
36
+ }
37
+ catch {
38
+ throw new InvalidSignatureError({
39
+ reason: "EIP-712 signature verification failed",
40
+ });
41
+ }
42
+ if (!valid) {
43
+ throw new InvalidSignatureError({
44
+ reason: "Grant signature does not match expected owner",
45
+ });
46
+ }
47
+ // 2. Check expiry (0n = no expiry)
48
+ if (payload.expiresAt !== 0n) {
49
+ const now = params.now ?? Math.floor(Date.now() / 1000);
50
+ if (Number(payload.expiresAt) < now) {
51
+ throw new GrantExpiredError({ expiresAt: Number(payload.expiresAt) });
52
+ }
53
+ }
54
+ // 3. Check scope coverage
55
+ if (!scopeCoveredByGrant(requestedScope, payload.scopes)) {
56
+ throw new ScopeMismatchError({
57
+ requestedScope,
58
+ grantedScopes: payload.scopes,
59
+ });
60
+ }
61
+ // 4. Check request signer is the grant's builder
62
+ if (requestSigner.toLowerCase() !== payload.builder.toLowerCase()) {
63
+ throw new InvalidSignatureError({
64
+ reason: "Request signer is not the grant builder",
65
+ expected: payload.builder,
66
+ actual: requestSigner,
67
+ });
68
+ }
69
+ return { valid: true, grant: payload };
70
+ }
71
+ //# sourceMappingURL=verify.js.map
package/dist/grants/verify.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"verify.js","sourceRoot":"","sources":["../../src/grants/verify.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,eAAe,EAAE,MAAM,MAAM,CAAC;AAEvC,OAAO,EACL,qBAAqB,EACrB,iBAAiB,EACjB,kBAAkB,GACnB,MAAM,sBAAsB,CAAC;AAC9B,OAAO,EAAE,mBAAmB,EAAE,MAAM,oBAAoB,CAAC;AAEzD,OAAO,EAAE,YAAY,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAQxD;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,MAMtC;IACC,MAAM,EAAE,KAAK,EAAE,aAAa,EAAE,aAAa,EAAE,cAAc,EAAE,GAAG,MAAM,CAAC;IACvE,MAAM,EAAE,OAAO,EAAE,SAAS,EAAE,GAAG,KAAK,CAAC;IAErC,4DAA4D;IAC5D,IAAI,KAAc,CAAC;IACnB,IAAI,CAAC;QACH,KAAK,GAAG,MAAM,eAAe,CAAC;YAC5B,OAAO,EAAE,aAAa;YACtB,MAAM,EAAE,YAAY;YACpB,KAAK,EAAE,WAAW;YAClB,WAAW,EAAE,OAAgB;YAC7B,OAAO,EAAE;gBACP,IAAI,EAAE,OAAO,CAAC,IAAI;gBAClB,OAAO,EAAE,OAAO,CAAC,OAAO;gBACxB,MAAM,EAAE,OAAO,CAAC,MAAM;gBACtB,SAAS,EAAE,OAAO,CAAC,SAAS;gBAC5B,KAAK,EAAE,OAAO,CAAC,KAAK;aACrB;YACD,SAAS;SACV,CAAC,CAAC;IACL,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,IAAI,qBAAqB,CAAC;YAC9B,MAAM,EAAE,uCAAuC;SAChD,CAAC,CAAC;IACL,CAAC;IAED,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,MAAM,IAAI,qBAAqB,CAAC;YAC9B,MAAM,EAAE,+CAA+C;SACxD,CAAC,CAAC;IACL,CAAC;IAED,mCAAmC;IACnC,IAAI,OAAO,CAAC,SAAS,KAAK,EAAE,EAAE,CAAC;QAC7B,MAAM,GAAG,GAAG,MAAM,CAAC,GAAG,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;QACxD,IAAI,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,GAAG,GAAG,EAAE,CAAC;YACpC,MAAM,IAAI,iBAAiB,CAAC,EAAE,SAAS,EAAE,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC;QACxE,CAAC;IACH,CAAC;IAED,0BAA0B;IAC1B,IAAI,CAAC,mBAAmB,CAAC,cAAc,EAAE,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;QACzD,MAAM,IAAI,kBAAkB,CAAC;YAC3B,cAAc;YACd,aAAa,EAAE,OAAO,CAAC,MAAM;SAC9B,CAAC,CAAC;IACL,CAAC;IAED,iDAAiD;IACjD,IAAI,aAAa,CAAC,WAAW,EAAE,KAAK,OAAO,CAAC,OAAO,CAAC,WAAW,EAAE,EAAE,CAAC;QAClE,MAAM,IAAI,qBAAqB,CAAC;YAC9B,MAAM,EAAE,yCAAyC;YACjD,QAAQ,EAAE,OAAO,CAAC,OAAO;YACzB,MAAM,EAAE,aAAa;SACtB,CAAC,CAAC;IACL,CAAC;IAED,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC;AACzC,CAAC"}
package/dist/keys/derive.d.ts ADDED
@@ -0,0 +1,18 @@
1
+ /**
2
+ * Extracts master key material from EIP-191 signature over "vana-master-key-v1".
3
+ * The raw signature bytes ARE the master key material (spec §2.3).
4
+ * @param signature - 0x-prefixed hex string (65 bytes = 130 hex chars + 0x)
5
+ * @returns 65-byte Uint8Array
6
+ */
7
+ export declare function deriveMasterKey(signature: `0x${string}`): Uint8Array;
8
+ /**
9
+ * Recovers the server owner address from a master key signature.
10
+ * Uses EIP-191 recovery over the canonical message "vana-master-key-v1".
11
+ */
12
+ export declare function recoverServerOwner(masterKeySignature: `0x${string}`): Promise<`0x${string}`>;
13
+ /**
14
+ * Derives a scope-specific 32-byte key via HKDF-SHA256.
15
+ * salt = "vana", info = "scope:{scope}" (spec §2.3).
16
+ */
17
+ export declare function deriveScopeKey(masterKey: Uint8Array, scope: string): Uint8Array;
18
+ //# sourceMappingURL=derive.d.ts.map
package/dist/keys/derive.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"derive.d.ts","sourceRoot":"","sources":["../../src/keys/derive.ts"],"names":[],"mappings":"AAIA;;;;;GAKG;AACH,wBAAgB,eAAe,CAAC,SAAS,EAAE,KAAK,MAAM,EAAE,GAAG,UAAU,CAkBpE;AAED;;;GAGG;AACH,wBAAsB,kBAAkB,CACtC,kBAAkB,EAAE,KAAK,MAAM,EAAE,GAChC,OAAO,CAAC,KAAK,MAAM,EAAE,CAAC,CAKxB;AAED;;;GAGG;AACH,wBAAgB,cAAc,CAC5B,SAAS,EAAE,UAAU,EACrB,KAAK,EAAE,MAAM,GACZ,UAAU,CAIZ"}
package/dist/keys/derive.js ADDED
@@ -0,0 +1,43 @@
1
+ import { hkdf } from "@noble/hashes/hkdf.js";
2
+ import { sha256 } from "@noble/hashes/sha2.js";
3
+ import { recoverMessageAddress } from "viem";
4
+ /**
5
+ * Extracts master key material from EIP-191 signature over "vana-master-key-v1".
6
+ * The raw signature bytes ARE the master key material (spec §2.3).
7
+ * @param signature - 0x-prefixed hex string (65 bytes = 130 hex chars + 0x)
8
+ * @returns 65-byte Uint8Array
9
+ */
10
+ export function deriveMasterKey(signature) {
11
+ const hex = signature.slice(2);
12
+ if (hex.length !== 130) {
13
+ throw new Error(`Invalid signature length: expected 130 hex chars (65 bytes), got ${hex.length}`);
14
+ }
15
+ if (!/^[0-9a-fA-F]+$/.test(hex)) {
16
+ throw new Error("Invalid signature: contains non-hex characters");
17
+ }
18
+ const bytes = new Uint8Array(65);
19
+ for (let i = 0; i < 65; i++) {
20
+ bytes[i] = parseInt(hex.slice(i * 2, i * 2 + 2), 16);
21
+ }
22
+ return bytes;
23
+ }
24
+ /**
25
+ * Recovers the server owner address from a master key signature.
26
+ * Uses EIP-191 recovery over the canonical message "vana-master-key-v1".
27
+ */
28
+ export async function recoverServerOwner(masterKeySignature) {
29
+ return recoverMessageAddress({
30
+ message: "vana-master-key-v1",
31
+ signature: masterKeySignature,
32
+ });
33
+ }
34
+ /**
35
+ * Derives a scope-specific 32-byte key via HKDF-SHA256.
36
+ * salt = "vana", info = "scope:{scope}" (spec §2.3).
37
+ */
38
+ export function deriveScopeKey(masterKey, scope) {
39
+ const salt = new TextEncoder().encode("vana");
40
+ const info = new TextEncoder().encode(`scope:${scope}`);
41
+ return hkdf(sha256, masterKey, salt, info, 32);
42
+ }
43
+ //# sourceMappingURL=derive.js.map
package/dist/keys/derive.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"derive.js","sourceRoot":"","sources":["../../src/keys/derive.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,uBAAuB,CAAC;AAC7C,OAAO,EAAE,MAAM,EAAE,MAAM,uBAAuB,CAAC;AAC/C,OAAO,EAAE,qBAAqB,EAAE,MAAM,MAAM,CAAC;AAE7C;;;;;GAKG;AACH,MAAM,UAAU,eAAe,CAAC,SAAwB;IACtD,MAAM,GAAG,GAAG,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAE/B,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;QACvB,MAAM,IAAI,KAAK,CACb,oEAAoE,GAAG,CAAC,MAAM,EAAE,CACjF,CAAC;IACJ,CAAC;IAED,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;QAChC,MAAM,IAAI,KAAK,CAAC,gDAAgD,CAAC,CAAC;IACpE,CAAC;IAED,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;IACjC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC;QAC5B,KAAK,CAAC,CAAC,CAAC,GAAG,QAAQ,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IACvD,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CACtC,kBAAiC;IAEjC,OAAO,qBAAqB,CAAC;QAC3B,OAAO,EAAE,oBAAoB;QAC7B,SAAS,EAAE,kBAAkB;KAC9B,CAAC,CAAC;AACL,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,cAAc,CAC5B,SAAqB,EACrB,KAAa;IAEb,MAAM,IAAI,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IAC9C,MAAM,IAAI,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,SAAS,KAAK,EAAE,CAAC,CAAC;IACxD,OAAO,IAAI,CAAC,MAAM,EAAE,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,EAAE,CAAC,CAAC;AACjD,CAAC"}
package/dist/keys/index.d.ts ADDED
@@ -0,0 +1,3 @@
1
+ export { deriveMasterKey, deriveScopeKey, recoverServerOwner, } from "./derive.js";
2
+ export { loadOrCreateServerAccount, type ServerAccount, type SignTypedDataParams, } from "./server-account.js";
3
+ //# sourceMappingURL=index.d.ts.map
package/dist/keys/index.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/keys/index.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,eAAe,EACf,cAAc,EACd,kBAAkB,GACnB,MAAM,aAAa,CAAC;AAErB,OAAO,EACL,yBAAyB,EACzB,KAAK,aAAa,EAClB,KAAK,mBAAmB,GACzB,MAAM,qBAAqB,CAAC"}
package/dist/keys/index.js ADDED
@@ -0,0 +1,3 @@
1
+ export { deriveMasterKey, deriveScopeKey, recoverServerOwner, } from "./derive.js";
2
+ export { loadOrCreateServerAccount, } from "./server-account.js";
3
+ //# sourceMappingURL=index.js.map
package/dist/keys/index.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/keys/index.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,eAAe,EACf,cAAc,EACd,kBAAkB,GACnB,MAAM,aAAa,CAAC;AAErB,OAAO,EACL,yBAAyB,GAG1B,MAAM,qBAAqB,CAAC"}
package/dist/keys/server-account.d.ts ADDED
@@ -0,0 +1,28 @@
1
+ /**
2
+ * ServerAccount wraps a randomly generated private key for EIP-712 signing.
3
+ * The key is persisted to disk so the same address survives restarts.
4
+ */
5
+ import type { TypedDataDomain } from "viem";
6
+ export interface SignTypedDataParams {
7
+ domain: TypedDataDomain;
8
+ types: Record<string, Array<{
9
+ name: string;
10
+ type: string;
11
+ }>>;
12
+ primaryType: string;
13
+ message: Record<string, unknown>;
14
+ }
15
+ export interface ServerAccount {
16
+ address: `0x${string}`;
17
+ /** Uncompressed public key (65 bytes, 0x04 prefix). */
18
+ publicKey: `0x${string}`;
19
+ signTypedData(params: SignTypedDataParams): Promise<`0x${string}`>;
20
+ /** Sign a personal message (EIP-191). */
21
+ signMessage(message: string): Promise<`0x${string}`>;
22
+ }
23
+ /**
24
+ * Loads an existing server keypair from disk, or generates a new random one
25
+ * and persists it. Returns a ServerAccount suitable for EIP-712 signing.
26
+ */
27
+ export declare function loadOrCreateServerAccount(keyPath: string): ServerAccount;
28
+ //# sourceMappingURL=server-account.d.ts.map
package/dist/keys/server-account.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"server-account.d.ts","sourceRoot":"","sources":["../../src/keys/server-account.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAKH,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,MAAM,CAAC;AAE5C,MAAM,WAAW,mBAAmB;IAClC,MAAM,EAAE,eAAe,CAAC;IACxB,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,KAAK,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC,CAAC;IAC7D,WAAW,EAAE,MAAM,CAAC;IACpB,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CAClC;AAED,MAAM,WAAW,aAAa;IAC5B,OAAO,EAAE,KAAK,MAAM,EAAE,CAAC;IACvB,uDAAuD;IACvD,SAAS,EAAE,KAAK,MAAM,EAAE,CAAC;IACzB,aAAa,CAAC,MAAM,EAAE,mBAAmB,GAAG,OAAO,CAAC,KAAK,MAAM,EAAE,CAAC,CAAC;IACnE,yCAAyC;IACzC,WAAW,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,KAAK,MAAM,EAAE,CAAC,CAAC;CACtD;AAQD;;;GAGG;AACH,wBAAgB,yBAAyB,CAAC,OAAO,EAAE,MAAM,GAAG,aAAa,CA2CxE"}
package/dist/keys/server-account.js ADDED
@@ -0,0 +1,48 @@
1
+ /**
2
+ * ServerAccount wraps a randomly generated private key for EIP-712 signing.
3
+ * The key is persisted to disk so the same address survives restarts.
4
+ */
5
+ import { readFileSync, writeFileSync, mkdirSync, existsSync } from "node:fs";
6
+ import { dirname } from "node:path";
7
+ import { generatePrivateKey, privateKeyToAccount } from "viem/accounts";
8
+ /**
9
+ * Loads an existing server keypair from disk, or generates a new random one
10
+ * and persists it. Returns a ServerAccount suitable for EIP-712 signing.
11
+ */
12
+ export function loadOrCreateServerAccount(keyPath) {
13
+ let privateKey;
14
+ if (existsSync(keyPath)) {
15
+ const raw = readFileSync(keyPath, "utf-8");
16
+ const data = JSON.parse(raw);
17
+ privateKey = data.privateKey;
18
+ }
19
+ else {
20
+ privateKey = generatePrivateKey();
21
+ const account = privateKeyToAccount(privateKey);
22
+ // Ensure parent directories exist
23
+ mkdirSync(dirname(keyPath), { recursive: true });
24
+ const data = {
25
+ address: account.address,
26
+ publicKey: account.publicKey,
27
+ privateKey,
28
+ };
29
+ writeFileSync(keyPath, JSON.stringify(data, null, 2), { mode: 0o600 });
30
+ }
31
+ const account = privateKeyToAccount(privateKey);
32
+ return {
33
+ address: account.address,
34
+ publicKey: account.publicKey,
35
+ async signTypedData(params) {
36
+ return account.signTypedData({
37
+ domain: params.domain,
38
+ types: params.types,
39
+ primaryType: params.primaryType,
40
+ message: params.message,
41
+ });
42
+ },
43
+ async signMessage(message) {
44
+ return account.signMessage({ message });
45
+ },
46
+ };
47
+ }
48
+ //# sourceMappingURL=server-account.js.map
package/dist/keys/server-account.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"server-account.js","sourceRoot":"","sources":["../../src/keys/server-account.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,YAAY,EAAE,aAAa,EAAE,SAAS,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AAC7E,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,EAAE,kBAAkB,EAAE,mBAAmB,EAAE,MAAM,eAAe,CAAC;AAyBxE;;;GAGG;AACH,MAAM,UAAU,yBAAyB,CAAC,OAAe;IACvD,IAAI,UAAyB,CAAC;IAE9B,IAAI,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;QACxB,MAAM,GAAG,GAAG,YAAY,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;QAC3C,MAAM,IAAI,GAAgB,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAC1C,UAAU,GAAG,IAAI,CAAC,UAA2B,CAAC;IAChD,CAAC;SAAM,CAAC;QACN,UAAU,GAAG,kBAAkB,EAAE,CAAC;QAClC,MAAM,OAAO,GAAG,mBAAmB,CAAC,UAAU,CAAC,CAAC;QAEhD,kCAAkC;QAClC,SAAS,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAEjD,MAAM,IAAI,GAAgB;YACxB,OAAO,EAAE,OAAO,CAAC,OAAO;YACxB,SAAS,EAAE,OAAO,CAAC,SAAS;YAC5B,UAAU;SACX,CAAC;QACF,aAAa,CAAC,OAAO,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;IACzE,CAAC;IAED,MAAM,OAAO,GAAG,mBAAmB,CAAC,UAAU,CAAC,CAAC;IAEhD,OAAO;QACL,OAAO,EAAE,OAAO,CAAC,OAAO;QACxB,SAAS,EAAE,OAAO,CAAC,SAAS;QAC5B,KAAK,CAAC,aAAa,CAAC,MAA2B;YAC7C,OAAO,OAAO,CAAC,aAAa,CAAC;gBAC3B,MAAM,EAAE,MAAM,CAAC,MAED;gBACd,KAAK,EAAE,MAAM,CAAC,KAED;gBACb,WAAW,EAAE,MAAM,CAAC,WAAW;gBAC/B,OAAO,EAAE,MAAM,CAAC,OAAO;aACxB,CAAC,CAAC;QACL,CAAC;QACD,KAAK,CAAC,WAAW,CAAC,OAAe;YAC/B,OAAO,OAAO,CAAC,WAAW,CAAC,EAAE,OAAO,EAAE,CAAC,CAAC;QAC1C,CAAC;KACF,CAAC;AACJ,CAAC"}
package/dist/logger/index.d.ts ADDED
@@ -0,0 +1,5 @@
1
+ import { type Logger } from "pino";
2
+ import type { LoggingConfig } from "../schemas/server-config.js";
3
+ export type { Logger } from "pino";
4
+ export declare function createLogger(config: LoggingConfig): Logger;
5
+ //# sourceMappingURL=index.d.ts.map
package/dist/logger/index.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/logger/index.ts"],"names":[],"mappings":"AAAA,OAAa,EAAE,KAAK,MAAM,EAAE,MAAM,MAAM,CAAC;AACzC,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,6BAA6B,CAAC;AAEjE,YAAY,EAAE,MAAM,EAAE,MAAM,MAAM,CAAC;AAEnC,wBAAgB,YAAY,CAAC,MAAM,EAAE,aAAa,GAAG,MAAM,CAO1D"}
package/dist/logger/index.js ADDED
@@ -0,0 +1,9 @@
1
+ import pino from "pino";
2
+ export function createLogger(config) {
3
+ const usePretty = config.pretty || process.env.NODE_ENV !== "production";
4
+ return pino({
5
+ level: config.level,
6
+ ...(usePretty ? { transport: { target: "pino-pretty" } } : {}),
7
+ });
8
+ }
9
+ //# sourceMappingURL=index.js.map
package/dist/logger/index.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/logger/index.ts"],"names":[],"mappings":"AAAA,OAAO,IAAqB,MAAM,MAAM,CAAC;AAKzC,MAAM,UAAU,YAAY,CAAC,MAAqB;IAChD,MAAM,SAAS,GAAG,MAAM,CAAC,MAAM,IAAI,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,YAAY,CAAC;IAEzE,OAAO,IAAI,CAAC;QACV,KAAK,EAAE,MAAM,CAAC,KAAK;QACnB,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,SAAS,EAAE,EAAE,MAAM,EAAE,aAAa,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;KAC/D,CAAC,CAAC;AACL,CAAC"}
package/dist/logging/access-log.d.ts ADDED
@@ -0,0 +1,15 @@
1
+ export interface AccessLogEntry {
2
+ logId: string;
3
+ grantId: string;
4
+ builder: string;
5
+ action: "read";
6
+ scope: string;
7
+ timestamp: string;
8
+ ipAddress: string;
9
+ userAgent: string;
10
+ }
11
+ export interface AccessLogWriter {
12
+ write(entry: AccessLogEntry): Promise<void>;
13
+ }
14
+ export declare function createAccessLogWriter(logsDir: string): AccessLogWriter;
15
+ //# sourceMappingURL=access-log.d.ts.map