@opendatalabs/vana-sdk 0.1.0-alpha.eebb656 → 0.1.0-alpha.ef15099

package/dist/utils/grantValidation.d.ts

@@ -1,7 +1,23 @@
+/**
+ * Provides comprehensive validation for permission grant files.
+ *
+ * @remarks
+ * This module implements multi-layer validation for grant files including
+ * JSON schema validation, business rule checking, expiration verification,
+ * and access control validation. It provides both throwing and non-throwing
+ * modes for flexible error handling.
+ *
+ * @category Permissions
+ * @module utils/grantValidation
+ */
 import type { Address } from "viem";
 import type { GrantFile } from "../types/permissions";
 /**
- * Base error class for grant validation failures
+ * Indicates a general grant validation failure.
+ *
+ * @remarks
+ * Base class for all grant validation errors. Provides structured
+ * error details for debugging and recovery.
  *
  * @category Permissions
  */
@@ -10,7 +26,11 @@ export declare class GrantValidationError extends Error {
     constructor(message: string, details?: Record<string, unknown> | undefined);
 }
 /**
- * Error thrown when a grant has expired
+ * Indicates that a grant has expired and is no longer valid.
+ *
+ * @remarks
+ * Thrown when attempting to use a grant past its expiration timestamp.
+ * Includes both the expiration time and current time for debugging.
  *
  * @category Permissions
  */
@@ -20,7 +40,11 @@ export declare class GrantExpiredError extends GrantValidationError {
     constructor(message: string, expires: number, currentTime: number);
 }
 /**
- * Error thrown when grantee doesn't match requesting address
+ * Indicates that the requesting address doesn't match the grant's grantee.
+ *
+ * @remarks
+ * Thrown when a user attempts to use a grant that was issued to a
+ * different address. This prevents unauthorized use of permissions.
  *
  * @category Permissions
  */
@@ -30,7 +54,11 @@ export declare class GranteeMismatchError extends GrantValidationError {
     constructor(message: string, grantee: Address, requestingAddress: Address);
 }
 /**
- * Error thrown when operation is not allowed by grant
+ * Indicates that the requested operation is not allowed by the grant.
+ *
+ * @remarks
+ * Thrown when attempting an operation that differs from what the
+ * grant authorizes. Includes both granted and requested operations.
  *
  * @category Permissions
  */
@@ -40,7 +68,11 @@ export declare class OperationNotAllowedError extends GrantValidationError {
     constructor(message: string, grantedOperation: string, requestedOperation: string);
 }
 /**
- * Error thrown when grant file structure is invalid
+ * Indicates that the grant file structure violates the JSON schema.
+ *
+ * @remarks
+ * Thrown when a grant file doesn't conform to the expected schema.
+ * Includes detailed schema validation errors and the invalid data.
  *
  * @category Permissions
  */
@@ -50,7 +82,11 @@ export declare class GrantSchemaError extends GrantValidationError {
     constructor(message: string, schemaErrors: unknown[], invalidData: unknown);
 }
 /**
- * Options for grant validation
+ * Configures grant validation behavior and scope.
+ *
+ * @remarks
+ * Controls which validations to perform and how to handle errors.
+ * Allows selective validation of specific aspects of a grant.
  *
  * @category Permissions
  */
@@ -67,7 +103,11 @@ export interface GrantValidationOptions {
     throwOnError?: boolean;
 }
 /**
- * Detailed validation result
+ * Represents the detailed result of grant validation.
+ *
+ * @remarks
+ * Provides comprehensive validation results including all errors
+ * encountered during validation. Used in non-throwing mode.
  *
  * @category Permissions
  */
@@ -125,23 +165,62 @@ export declare function validateGrant(data: unknown, options?: Omit<GrantValidat
     throwOnError?: true;
 })): GrantFile;
 /**
- * Validates that a grant file allows access for a specific grantee
+ * Validates that a grant allows access for the requesting address.
+ *
+ * @param grantFile - The grant file to validate.
+ *   Obtain from permission operations or server responses.
+ * @param requestingAddress - The address requesting access.
+ *   Typically the current wallet address.
  *
- * @param grantFile - The grant file to validate access for
- * @param requestingAddress - The address requesting access to check against the grantee
+ * @throws {GranteeMismatchError} If addresses don't match.
+ *   Ensure using the correct wallet that received the grant.
+ *
+ * @example
+ * ```typescript
+ * validateGranteeAccess(grantFile, walletAddress);
+ * // Throws if walletAddress doesn't match grantFile.grantee
+ * ```
+ *
+ * @category Permissions
  */
 export declare function validateGranteeAccess(grantFile: GrantFile, requestingAddress: Address): void;
 /**
- * Validates that a grant has not expired (if expiry is set)
+ * Validates that a grant has not expired.
+ *
+ * @param grantFile - The grant file to check.
+ *   Must include expiry timestamp if time-limited.
+ * @param currentTime - Optional time override for testing.
+ *   Unix timestamp in seconds. Defaults to current time.
+ *
+ * @throws {GrantExpiredError} If grant has expired.
+ *   Request a new grant from the data owner.
+ *
+ * @example
+ * ```typescript
+ * validateGrantExpiry(grantFile);
+ * // Throws if current time > grantFile.expires
+ * ```
  *
- * @param grantFile - The grant file to check expiration for
- * @param currentTime - Optional override for current time (Unix timestamp)
+ * @category Permissions
  */
 export declare function validateGrantExpiry(grantFile: GrantFile, currentTime?: number): void;
 /**
- * Validates that a grant allows a specific operation
+ * Validates that a grant authorizes the requested operation.
+ *
+ * @param grantFile - The grant file to check.
+ *   Contains the authorized operation.
+ * @param requestedOperation - The operation to validate.
+ *   Must match the grant's operation exactly.
+ *
+ * @throws {OperationNotAllowedError} If operations don't match.
+ *   Request a grant for the specific operation needed.
+ *
+ * @example
+ * ```typescript
+ * validateOperationAccess(grantFile, 'llm_inference');
+ * // Throws if grantFile.operation !== 'llm_inference'
+ * ```
  *
- * @param grantFile - The grant file to validate operation access for
- * @param requestedOperation - The operation being requested to validate against the grant
+ * @category Permissions
  */
 export declare function validateOperationAccess(grantFile: GrantFile, requestedOperation: string): void;

package/dist/utils/grantValidation.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../src/utils/grantValidation.ts"],"sourcesContent":["import type { Address } from \"viem\";\nimport { getAddress } from \"viem\";\nimport Ajv, { type ValidateFunction } from \"ajv\";\nimport addFormats from \"ajv-formats\";\nimport type { GrantFile } from \"../types/permissions\";\nimport grantFileSchema from \"../schemas/grantFile.schema.json\";\n\n/**\n * Base error class for grant validation failures\n *\n * @category Permissions\n */\nexport class GrantValidationError extends Error {\n  constructor(\n    message: string,\n    public details?: Record<string, unknown>,\n  ) {\n    super(message);\n    this.name = \"GrantValidationError\";\n  }\n}\n\n/**\n * Error thrown when a grant has expired\n *\n * @category Permissions\n */\nexport class GrantExpiredError extends GrantValidationError {\n  constructor(\n    message: string,\n    public expires: number,\n    public currentTime: number,\n  ) {\n    super(message, { expires, currentTime });\n    this.name = \"GrantExpiredError\";\n  }\n}\n\n/**\n * Error thrown when grantee doesn't match requesting address\n *\n * @category Permissions\n */\nexport class GranteeMismatchError extends GrantValidationError {\n  constructor(\n    message: string,\n    public grantee: Address,\n    public requestingAddress: Address,\n  ) {\n    super(message, { grantee, requestingAddress });\n    this.name = \"GranteeMismatchError\";\n  }\n}\n\n/**\n * Error thrown when operation is not allowed by grant\n *\n * @category Permissions\n */\nexport class OperationNotAllowedError extends GrantValidationError {\n  constructor(\n    message: string,\n    public grantedOperation: string,\n    public requestedOperation: string,\n  ) {\n    super(message, { grantedOperation, requestedOperation });\n    this.name = \"OperationNotAllowedError\";\n  }\n}\n\n/**\n * Error thrown when grant file structure is invalid\n *\n * @category Permissions\n */\nexport class GrantSchemaError extends GrantValidationError {\n  constructor(\n    message: string,\n    public schemaErrors: unknown[],\n    public invalidData: unknown,\n  ) {\n    super(message, { errors: schemaErrors, data: invalidData });\n    this.name = \"GrantSchemaError\";\n  }\n}\n\n/**\n * Ajv instance for grant file validation with draft 2020-12 support\n */\nconst ajv = new Ajv({\n  strict: true,\n  removeAdditional: false,\n  useDefaults: false,\n  coerceTypes: false,\n});\n\n// Add format validators (email, date, etc.)\naddFormats(ajv);\n\n/**\n * Compiled grant file schema validator\n */\nconst validateGrantFileSchema: ValidateFunction = ajv.compile(grantFileSchema);\n\n/**\n * Options for grant validation\n *\n * @category Permissions\n */\nexport interface GrantValidationOptions {\n  /** Enable JSON schema validation (default: true) */\n  schema?: boolean;\n  /** Grantee address to validate access for */\n  grantee?: Address;\n  /** Operation to validate permission for */\n  operation?: string;\n  /** Override current time for expiry checking (Unix timestamp) */\n  currentTime?: number;\n  /** Return detailed results instead of throwing (default: false) */\n  throwOnError?: boolean;\n}\n\n/**\n * Detailed validation result\n *\n * @category Permissions\n */\nexport interface GrantValidationResult {\n  /** Whether validation passed */\n  valid: boolean;\n  /** Validation errors encountered */\n  errors: Array<{\n    type: \"schema\" | \"business\";\n    field?: string;\n    message: string;\n    error?: Error;\n  }>;\n  /** The validated grant file (if validation passed) */\n  grant?: GrantFile;\n}\n\n/**\n * Validates a grant file with comprehensive schema and business rule checking.\n *\n * This function provides flexible validation with TypeScript overloads:\n * - When `throwOnError` is false (or `{ throwOnError: false }`), returns a detailed validation result\n * - When `throwOnError` is true (default), throws specific errors or returns the validated grant\n *\n * @param data - The grant file data to validate (unknown type for safety)\n * @param options - Validation options including grantee, operation, files, etc.\n * @returns Either a GrantFile (when throwing) or GrantValidationResult (when not throwing)\n * @throws {GrantSchemaError} When the grant file structure is invalid\n * @throws {GrantExpiredError} When the grant has expired\n * @throws {GranteeMismatchError} When the grantee doesn't match the requesting address\n * @throws {OperationNotAllowedError} When the requested operation is not allowed\n * @example\n * ```typescript\n * // Throwing mode (default) - returns GrantFile or throws\n * const grant = validateGrant(data, {\n *   grantee: '0x123...',\n *   operation: 'llm_inference',\n * });\n *\n * // Non-throwing mode - returns validation result\n * const result = validateGrant(data, {\n *   grantee: '0x123...',\n *   throwOnError: false\n * });\n * if (result.valid) {\n *   console.log('Grant is valid:', result.grant);\n * } else {\n *   console.log('Validation errors:', result.errors);\n * }\n * ```\n */\n\nexport function validateGrant(\n  data: unknown,\n  options: GrantValidationOptions & { throwOnError: false },\n): GrantValidationResult;\n\nexport function validateGrant(\n  data: unknown,\n  options?:\n    | Omit<GrantValidationOptions, \"throwOnError\">\n    | (GrantValidationOptions & { throwOnError?: true }),\n): GrantFile;\n\n/**\n * Implementation function for grant validation with flexible return types\n *\n * @param data - The grant file data to validate\n * @param options - Validation configuration options\n * @returns Either a GrantFile or GrantValidationResult depending on throwOnError setting\n */\nexport function validateGrant(\n  data: unknown,\n  options: GrantValidationOptions = {},\n): GrantFile | GrantValidationResult {\n  const {\n    schema = true,\n    grantee,\n    operation,\n    currentTime,\n    throwOnError = true,\n  } = options;\n\n  const errors: GrantValidationResult[\"errors\"] = [];\n  let grant: GrantFile | undefined;\n\n  // 1. Schema Validation\n  if (schema) {\n    try {\n      if (validateGrantFileSchema(data)) {\n        grant = data as GrantFile;\n      } else {\n        throw new GrantValidationError(\"Invalid grant file schema\");\n      }\n    } catch (error) {\n      if (error instanceof GrantValidationError) {\n        const schemaError = new GrantSchemaError(\n          error.message,\n          Array.isArray(error.details?.errors) ? error.details.errors : [],\n          data,\n        );\n        errors.push({\n          type: \"schema\",\n          message: error.message,\n          error: schemaError,\n        });\n      } else {\n        errors.push({\n          type: \"schema\",\n          message: `Schema validation failed: ${error instanceof Error ? error.message : \"Unknown error\"}`,\n          error: error instanceof Error ? error : new Error(\"Unknown error\"),\n        });\n      }\n    }\n  } else {\n    // Minimal type assertion if schema validation is skipped\n    grant = data as GrantFile;\n  }\n\n  // 2. Business Logic Validation (only if we have a valid grant)\n  if (grant) {\n    // Check grantee access\n    if (grantee) {\n      try {\n        validateGranteeAccess(grant, grantee);\n      } catch (error) {\n        const field = extractFieldFromBusinessError(error);\n        errors.push({\n          type: \"business\",\n          field,\n          message:\n            error instanceof Error\n              ? error.message\n              : \"Unknown business rule error\",\n          error: error instanceof Error ? error : new Error(\"Unknown error\"),\n        });\n      }\n    }\n\n    // Check expiration\n    try {\n      validateGrantExpiry(grant, currentTime);\n    } catch (error) {\n      const field = extractFieldFromBusinessError(error);\n      errors.push({\n        type: \"business\",\n        field,\n        message:\n          error instanceof Error\n            ? error.message\n            : \"Unknown business rule error\",\n        error: error instanceof Error ? error : new Error(\"Unknown error\"),\n      });\n    }\n\n    // Check operation access\n    if (operation) {\n      try {\n        validateOperationAccess(grant, operation);\n      } catch (error) {\n        const field = extractFieldFromBusinessError(error);\n        errors.push({\n          type: \"business\",\n          field,\n          message:\n            error instanceof Error\n              ? error.message\n              : \"Unknown business rule error\",\n          error: error instanceof Error ? error : new Error(\"Unknown error\"),\n        });\n      }\n    }\n  }\n\n  // 3. Return Results\n  if (errors.length > 0) {\n    if (throwOnError) {\n      // Throw the most specific error we have\n      const firstError = errors[0];\n      if (firstError.error) {\n        throw firstError.error;\n      } else {\n        const combinedMessage = errors.map((e) => e.message).join(\"; \");\n        throw new GrantValidationError(\n          `Grant validation failed: ${combinedMessage}`,\n          { errors, data },\n        );\n      }\n    }\n\n    return { valid: false, errors, grant };\n  }\n\n  if (throwOnError) {\n    return grant as GrantFile;\n  } else {\n    return { valid: true, errors: [], grant: grant as GrantFile };\n  }\n}\n\n/**\n * Helper function to extract field name from business validation errors\n *\n * @param error - The validation error to extract field information from\n * @returns The field name associated with the error, or undefined if not applicable\n */\nfunction extractFieldFromBusinessError(error: unknown): string | undefined {\n  if (error instanceof GrantExpiredError) return \"expires\";\n  if (error instanceof GranteeMismatchError) return \"grantee\";\n  if (error instanceof OperationNotAllowedError) return \"operation\";\n  return undefined;\n}\n\n/**\n * Validates that a grant file allows access for a specific grantee\n *\n * @param grantFile - The grant file to validate access for\n * @param requestingAddress - The address requesting access to check against the grantee\n */\nexport function validateGranteeAccess(\n  grantFile: GrantFile,\n  requestingAddress: Address,\n): void {\n  const normalizedGrantee = getAddress(grantFile.grantee);\n  const normalizedRequesting = getAddress(requestingAddress);\n\n  if (normalizedGrantee !== normalizedRequesting) {\n    throw new GranteeMismatchError(\n      \"Permission denied: requesting address does not match grantee\",\n      grantFile.grantee,\n      requestingAddress,\n    );\n  }\n}\n\n/**\n * Validates that a grant has not expired (if expiry is set)\n *\n * @param grantFile - The grant file to check expiration for\n * @param currentTime - Optional override for current time (Unix timestamp)\n */\nexport function validateGrantExpiry(\n  grantFile: GrantFile,\n  currentTime?: number,\n): void {\n  if (grantFile.expires) {\n    const now =\n      currentTime !== undefined ? currentTime : Math.floor(Date.now() / 1000); // Current Unix timestamp\n\n    if (now > grantFile.expires) {\n      throw new GrantExpiredError(\n        \"Permission denied: grant has expired\",\n        grantFile.expires,\n        now,\n      );\n    }\n  }\n}\n\n/**\n * Validates that a grant allows a specific operation\n *\n * @param grantFile - The grant file to validate operation access for\n * @param requestedOperation - The operation being requested to validate against the grant\n */\nexport function validateOperationAccess(\n  grantFile: GrantFile,\n  requestedOperation: string,\n): void {\n  if (grantFile.operation !== requestedOperation) {\n    throw new OperationNotAllowedError(\n      \"Permission denied: operation not allowed by grant\",\n      grantFile.operation,\n      requestedOperation,\n    );\n  }\n}\n"],"mappings":"AACA,SAAS,kBAAkB;AAC3B,OAAO,SAAoC;AAC3C,OAAO,gBAAgB;AAEvB,OAAO,qBAAqB;AAOrB,MAAM,6BAA6B,MAAM;AAAA,EAC9C,YACE,SACO,SACP;AACA,UAAM,OAAO;AAFN;AAGP,SAAK,OAAO;AAAA,EACd;AACF;AAOO,MAAM,0BAA0B,qBAAqB;AAAA,EAC1D,YACE,SACO,SACA,aACP;AACA,UAAM,SAAS,EAAE,SAAS,YAAY,CAAC;AAHhC;AACA;AAGP,SAAK,OAAO;AAAA,EACd;AACF;AAOO,MAAM,6BAA6B,qBAAqB;AAAA,EAC7D,YACE,SACO,SACA,mBACP;AACA,UAAM,SAAS,EAAE,SAAS,kBAAkB,CAAC;AAHtC;AACA;AAGP,SAAK,OAAO;AAAA,EACd;AACF;AAOO,MAAM,iCAAiC,qBAAqB;AAAA,EACjE,YACE,SACO,kBACA,oBACP;AACA,UAAM,SAAS,EAAE,kBAAkB,mBAAmB,CAAC;AAHhD;AACA;AAGP,SAAK,OAAO;AAAA,EACd;AACF;AAOO,MAAM,yBAAyB,qBAAqB;AAAA,EACzD,YACE,SACO,cACA,aACP;AACA,UAAM,SAAS,EAAE,QAAQ,cAAc,MAAM,YAAY,CAAC;AAHnD;AACA;AAGP,SAAK,OAAO;AAAA,EACd;AACF;AAKA,MAAM,MAAM,IAAI,IAAI;AAAA,EAClB,QAAQ;AAAA,EACR,kBAAkB;AAAA,EAClB,aAAa;AAAA,EACb,aAAa;AACf,CAAC;AAGD,WAAW,GAAG;AAKd,MAAM,0BAA4C,IAAI,QAAQ,eAAe;AA6FtE,SAAS,cACd,MACA,UAAkC,CAAC,GACA;AACnC,QAAM;AAAA,IACJ,SAAS;AAAA,IACT;AAAA,IACA;AAAA,IACA;AAAA,IACA,eAAe;AAAA,EACjB,IAAI;AAEJ,QAAM,SAA0C,CAAC;AACjD,MAAI;AAGJ,MAAI,QAAQ;AACV,QAAI;AACF,UAAI,wBAAwB,IAAI,GAAG;AACjC,gBAAQ;AAAA,MACV,OAAO;AACL,cAAM,IAAI,qBAAqB,2BAA2B;AAAA,MAC5D;AAAA,IACF,SAAS,OAAO;AACd,UAAI,iBAAiB,sBAAsB;AACzC,cAAM,cAAc,IAAI;AAAA,UACtB,MAAM;AAAA,UACN,MAAM,QAAQ,MAAM,SAAS,MAAM,IAAI,MAAM,QAAQ,SAAS,CAAC;AAAA,UAC/D;AAAA,QACF;AACA,eAAO,KAAK;AAAA,UACV,MAAM;AAAA,UACN,SAAS,MAAM;AAAA,UACf,OAAO;AAAA,QACT,CAAC;AAAA,MACH,OAAO;AACL,eAAO,KAAK;AAAA,UACV,MAAM;AAAA,UACN,SAAS,6BAA6B,iBAAiB,QAAQ,MAAM,UAAU,eAAe;AAAA,UAC9F,OAAO,iBAAiB,QAAQ,QAAQ,IAAI,MAAM,eAAe;AAAA,QACnE,CAAC;AAAA,MACH;AAAA,IACF;AAAA,EACF,OAAO;AAEL,YAAQ;AAAA,EACV;AAGA,MAAI,OAAO;AAET,QAAI,SAAS;AACX,UAAI;AACF,8BAAsB,OAAO,OAAO;AAAA,MACtC,SAAS,OAAO;AACd,cAAM,QAAQ,8BAA8B,KAAK;AACjD,eAAO,KAAK;AAAA,UACV,MAAM;AAAA,UACN;AAAA,UACA,SACE,iBAAiB,QACb,MAAM,UACN;AAAA,UACN,OAAO,iBAAiB,QAAQ,QAAQ,IAAI,MAAM,eAAe;AAAA,QACnE,CAAC;AAAA,MACH;AAAA,IACF;AAGA,QAAI;AACF,0BAAoB,OAAO,WAAW;AAAA,IACxC,SAAS,OAAO;AACd,YAAM,QAAQ,8BAA8B,KAAK;AACjD,aAAO,KAAK;AAAA,QACV,MAAM;AAAA,QACN;AAAA,QACA,SACE,iBAAiB,QACb,MAAM,UACN;AAAA,QACN,OAAO,iBAAiB,QAAQ,QAAQ,IAAI,MAAM,eAAe;AAAA,MACnE,CAAC;AAAA,IACH;AAGA,QAAI,WAAW;AACb,UAAI;AACF,gCAAwB,OAAO,SAAS;AAAA,MAC1C,SAAS,OAAO;AACd,cAAM,QAAQ,8BAA8B,KAAK;AACjD,eAAO,KAAK;AAAA,UACV,MAAM;AAAA,UACN;AAAA,UACA,SACE,iBAAiB,QACb,MAAM,UACN;AAAA,UACN,OAAO,iBAAiB,QAAQ,QAAQ,IAAI,MAAM,eAAe;AAAA,QACnE,CAAC;AAAA,MACH;AAAA,IACF;AAAA,EACF;AAGA,MAAI,OAAO,SAAS,GAAG;AACrB,QAAI,cAAc;AAEhB,YAAM,aAAa,OAAO,CAAC;AAC3B,UAAI,WAAW,OAAO;AACpB,cAAM,WAAW;AAAA,MACnB,OAAO;AACL,cAAM,kBAAkB,OAAO,IAAI,CAAC,MAAM,EAAE,OAAO,EAAE,KAAK,IAAI;AAC9D,cAAM,IAAI;AAAA,UACR,4BAA4B,eAAe;AAAA,UAC3C,EAAE,QAAQ,KAAK;AAAA,QACjB;AAAA,MACF;AAAA,IACF;AAEA,WAAO,EAAE,OAAO,OAAO,QAAQ,MAAM;AAAA,EACvC;AAEA,MAAI,cAAc;AAChB,WAAO;AAAA,EACT,OAAO;AACL,WAAO,EAAE,OAAO,MAAM,QAAQ,CAAC,GAAG,MAA0B;AAAA,EAC9D;AACF;AAQA,SAAS,8BAA8B,OAAoC;AACzE,MAAI,iBAAiB,kBAAmB,QAAO;AAC/C,MAAI,iBAAiB,qBAAsB,QAAO;AAClD,MAAI,iBAAiB,yBAA0B,QAAO;AACtD,SAAO;AACT;AAQO,SAAS,sBACd,WACA,mBACM;AACN,QAAM,oBAAoB,WAAW,UAAU,OAAO;AACtD,QAAM,uBAAuB,WAAW,iBAAiB;AAEzD,MAAI,sBAAsB,sBAAsB;AAC9C,UAAM,IAAI;AAAA,MACR;AAAA,MACA,UAAU;AAAA,MACV;AAAA,IACF;AAAA,EACF;AACF;AAQO,SAAS,oBACd,WACA,aACM;AACN,MAAI,UAAU,SAAS;AACrB,UAAM,MACJ,gBAAgB,SAAY,cAAc,KAAK,MAAM,KAAK,IAAI,IAAI,GAAI;AAExE,QAAI,MAAM,UAAU,SAAS;AAC3B,YAAM,IAAI;AAAA,QACR;AAAA,QACA,UAAU;AAAA,QACV;AAAA,MACF;AAAA,IACF;AAAA,EACF;AACF;AAQO,SAAS,wBACd,WACA,oBACM;AACN,MAAI,UAAU,cAAc,oBAAoB;AAC9C,UAAM,IAAI;AAAA,MACR;AAAA,MACA,UAAU;AAAA,MACV;AAAA,IACF;AAAA,EACF;AACF;","names":[]}
+{"version":3,"sources":["../../src/utils/grantValidation.ts"],"sourcesContent":["/**\n * Provides comprehensive validation for permission grant files.\n *\n * @remarks\n * This module implements multi-layer validation for grant files including\n * JSON schema validation, business rule checking, expiration verification,\n * and access control validation. It provides both throwing and non-throwing\n * modes for flexible error handling.\n *\n * @category Permissions\n * @module utils/grantValidation\n */\n\nimport type { Address } from \"viem\";\nimport { getAddress } from \"viem\";\nimport Ajv, { type ValidateFunction } from \"ajv\";\nimport addFormats from \"ajv-formats\";\nimport type { GrantFile } from \"../types/permissions\";\nimport grantFileSchema from \"../schemas/grantFile.schema.json\";\n\n/**\n * Indicates a general grant validation failure.\n *\n * @remarks\n * Base class for all grant validation errors. Provides structured\n * error details for debugging and recovery.\n *\n * @category Permissions\n */\nexport class GrantValidationError extends Error {\n  constructor(\n    message: string,\n    public details?: Record<string, unknown>,\n  ) {\n    super(message);\n    this.name = \"GrantValidationError\";\n  }\n}\n\n/**\n * Indicates that a grant has expired and is no longer valid.\n *\n * @remarks\n * Thrown when attempting to use a grant past its expiration timestamp.\n * Includes both the expiration time and current time for debugging.\n *\n * @category Permissions\n */\nexport class GrantExpiredError extends GrantValidationError {\n  constructor(\n    message: string,\n    public expires: number,\n    public currentTime: number,\n  ) {\n    super(message, { expires, currentTime });\n    this.name = \"GrantExpiredError\";\n  }\n}\n\n/**\n * Indicates that the requesting address doesn't match the grant's grantee.\n *\n * @remarks\n * Thrown when a user attempts to use a grant that was issued to a\n * different address. This prevents unauthorized use of permissions.\n *\n * @category Permissions\n */\nexport class GranteeMismatchError extends GrantValidationError {\n  constructor(\n    message: string,\n    public grantee: Address,\n    public requestingAddress: Address,\n  ) {\n    super(message, { grantee, requestingAddress });\n    this.name = \"GranteeMismatchError\";\n  }\n}\n\n/**\n * Indicates that the requested operation is not allowed by the grant.\n *\n * @remarks\n * Thrown when attempting an operation that differs from what the\n * grant authorizes. Includes both granted and requested operations.\n *\n * @category Permissions\n */\nexport class OperationNotAllowedError extends GrantValidationError {\n  constructor(\n    message: string,\n    public grantedOperation: string,\n    public requestedOperation: string,\n  ) {\n    super(message, { grantedOperation, requestedOperation });\n    this.name = \"OperationNotAllowedError\";\n  }\n}\n\n/**\n * Indicates that the grant file structure violates the JSON schema.\n *\n * @remarks\n * Thrown when a grant file doesn't conform to the expected schema.\n * Includes detailed schema validation errors and the invalid data.\n *\n * @category Permissions\n */\nexport class GrantSchemaError extends GrantValidationError {\n  constructor(\n    message: string,\n    public schemaErrors: unknown[],\n    public invalidData: unknown,\n  ) {\n    super(message, { errors: schemaErrors, data: invalidData });\n    this.name = \"GrantSchemaError\";\n  }\n}\n\n/**\n * Ajv instance configured for strict grant file validation.\n *\n * @internal\n */\nconst ajv = new Ajv({\n  strict: true,\n  removeAdditional: false,\n  useDefaults: false,\n  coerceTypes: false,\n});\n\n// Add format validators (email, date, etc.)\naddFormats(ajv);\n\n/**\n * Pre-compiled grant file schema validator for performance.\n *\n * @internal\n */\nconst validateGrantFileSchema: ValidateFunction = ajv.compile(grantFileSchema);\n\n/**\n * Configures grant validation behavior and scope.\n *\n * @remarks\n * Controls which validations to perform and how to handle errors.\n * Allows selective validation of specific aspects of a grant.\n *\n * @category Permissions\n */\nexport interface GrantValidationOptions {\n  /** Enable JSON schema validation (default: true) */\n  schema?: boolean;\n  /** Grantee address to validate access for */\n  grantee?: Address;\n  /** Operation to validate permission for */\n  operation?: string;\n  /** Override current time for expiry checking (Unix timestamp) */\n  currentTime?: number;\n  /** Return detailed results instead of throwing (default: false) */\n  throwOnError?: boolean;\n}\n\n/**\n * Represents the detailed result of grant validation.\n *\n * @remarks\n * Provides comprehensive validation results including all errors\n * encountered during validation. Used in non-throwing mode.\n *\n * @category Permissions\n */\nexport interface GrantValidationResult {\n  /** Whether validation passed */\n  valid: boolean;\n  /** Validation errors encountered */\n  errors: Array<{\n    type: \"schema\" | \"business\";\n    field?: string;\n    message: string;\n    error?: Error;\n  }>;\n  /** The validated grant file (if validation passed) */\n  grant?: GrantFile;\n}\n\n/**\n * Validates a grant file with comprehensive schema and business rule checking.\n *\n * This function provides flexible validation with TypeScript overloads:\n * - When `throwOnError` is false (or `{ throwOnError: false }`), returns a detailed validation result\n * - When `throwOnError` is true (default), throws specific errors or returns the validated grant\n *\n * @param data - The grant file data to validate (unknown type for safety)\n * @param options - Validation options including grantee, operation, files, etc.\n * @returns Either a GrantFile (when throwing) or GrantValidationResult (when not throwing)\n * @throws {GrantSchemaError} When the grant file structure is invalid\n * @throws {GrantExpiredError} When the grant has expired\n * @throws {GranteeMismatchError} When the grantee doesn't match the requesting address\n * @throws {OperationNotAllowedError} When the requested operation is not allowed\n * @example\n * ```typescript\n * // Throwing mode (default) - returns GrantFile or throws\n * const grant = validateGrant(data, {\n *   grantee: '0x123...',\n *   operation: 'llm_inference',\n * });\n *\n * // Non-throwing mode - returns validation result\n * const result = validateGrant(data, {\n *   grantee: '0x123...',\n *   throwOnError: false\n * });\n * if (result.valid) {\n *   console.log('Grant is valid:', result.grant);\n * } else {\n *   console.log('Validation errors:', result.errors);\n * }\n * ```\n */\n\nexport function validateGrant(\n  data: unknown,\n  options: GrantValidationOptions & { throwOnError: false },\n): GrantValidationResult;\n\nexport function validateGrant(\n  data: unknown,\n  options?:\n    | Omit<GrantValidationOptions, \"throwOnError\">\n    | (GrantValidationOptions & { throwOnError?: true }),\n): GrantFile;\n\n/** @internal */\nexport function validateGrant(\n  data: unknown,\n  options: GrantValidationOptions = {},\n): GrantFile | GrantValidationResult {\n  const {\n    schema = true,\n    grantee,\n    operation,\n    currentTime,\n    throwOnError = true,\n  } = options;\n\n  const errors: GrantValidationResult[\"errors\"] = [];\n  let grant: GrantFile | undefined;\n\n  // 1. Schema Validation\n  if (schema) {\n    try {\n      if (validateGrantFileSchema(data)) {\n        grant = data as GrantFile;\n      } else {\n        throw new GrantValidationError(\"Invalid grant file schema\");\n      }\n    } catch (error) {\n      if (error instanceof GrantValidationError) {\n        const schemaError = new GrantSchemaError(\n          error.message,\n          Array.isArray(error.details?.errors) ? error.details.errors : [],\n          data,\n        );\n        errors.push({\n          type: \"schema\",\n          message: error.message,\n          error: schemaError,\n        });\n      } else {\n        errors.push({\n          type: \"schema\",\n          message: `Schema validation failed: ${error instanceof Error ? error.message : \"Unknown error\"}`,\n          error: error instanceof Error ? error : new Error(\"Unknown error\"),\n        });\n      }\n    }\n  } else {\n    // Minimal type assertion if schema validation is skipped\n    grant = data as GrantFile;\n  }\n\n  // 2. Business Logic Validation (only if we have a valid grant)\n  if (grant) {\n    // Check grantee access\n    if (grantee) {\n      try {\n        validateGranteeAccess(grant, grantee);\n      } catch (error) {\n        const field = extractFieldFromBusinessError(error);\n        errors.push({\n          type: \"business\",\n          field,\n          message:\n            error instanceof Error\n              ? error.message\n              : \"Unknown business rule error\",\n          error: error instanceof Error ? error : new Error(\"Unknown error\"),\n        });\n      }\n    }\n\n    // Check expiration\n    try {\n      validateGrantExpiry(grant, currentTime);\n    } catch (error) {\n      const field = extractFieldFromBusinessError(error);\n      errors.push({\n        type: \"business\",\n        field,\n        message:\n          error instanceof Error\n            ? error.message\n            : \"Unknown business rule error\",\n        error: error instanceof Error ? error : new Error(\"Unknown error\"),\n      });\n    }\n\n    // Check operation access\n    if (operation) {\n      try {\n        validateOperationAccess(grant, operation);\n      } catch (error) {\n        const field = extractFieldFromBusinessError(error);\n        errors.push({\n          type: \"business\",\n          field,\n          message:\n            error instanceof Error\n              ? error.message\n              : \"Unknown business rule error\",\n          error: error instanceof Error ? error : new Error(\"Unknown error\"),\n        });\n      }\n    }\n  }\n\n  // 3. Return Results\n  if (errors.length > 0) {\n    if (throwOnError) {\n      // Throw the most specific error we have\n      const firstError = errors[0];\n      if (firstError.error) {\n        throw firstError.error;\n      } else {\n        const combinedMessage = errors.map((e) => e.message).join(\"; \");\n        throw new GrantValidationError(\n          `Grant validation failed: ${combinedMessage}`,\n          { errors, data },\n        );\n      }\n    }\n\n    return { valid: false, errors, grant };\n  }\n\n  if (throwOnError) {\n    return grant as GrantFile;\n  } else {\n    return { valid: true, errors: [], grant: grant as GrantFile };\n  }\n}\n\n/**\n * Extracts the field name from business validation errors for reporting.\n *\n * @param error - The validation error to analyze\n * @returns The field name associated with the error, or undefined\n *\n * @internal\n */\nfunction extractFieldFromBusinessError(error: unknown): string | undefined {\n  if (error instanceof GrantExpiredError) return \"expires\";\n  if (error instanceof GranteeMismatchError) return \"grantee\";\n  if (error instanceof OperationNotAllowedError) return \"operation\";\n  return undefined;\n}\n\n/**\n * Validates that a grant allows access for the requesting address.\n *\n * @param grantFile - The grant file to validate.\n *   Obtain from permission operations or server responses.\n * @param requestingAddress - The address requesting access.\n *   Typically the current wallet address.\n *\n * @throws {GranteeMismatchError} If addresses don't match.\n *   Ensure using the correct wallet that received the grant.\n *\n * @example\n * ```typescript\n * validateGranteeAccess(grantFile, walletAddress);\n * // Throws if walletAddress doesn't match grantFile.grantee\n * ```\n *\n * @category Permissions\n */\nexport function validateGranteeAccess(\n  grantFile: GrantFile,\n  requestingAddress: Address,\n): void {\n  const normalizedGrantee = getAddress(grantFile.grantee);\n  const normalizedRequesting = getAddress(requestingAddress);\n\n  if (normalizedGrantee !== normalizedRequesting) {\n    throw new GranteeMismatchError(\n      \"Permission denied: requesting address does not match grantee\",\n      grantFile.grantee,\n      requestingAddress,\n    );\n  }\n}\n\n/**\n * Validates that a grant has not expired.\n *\n * @param grantFile - The grant file to check.\n *   Must include expiry timestamp if time-limited.\n * @param currentTime - Optional time override for testing.\n *   Unix timestamp in seconds. Defaults to current time.\n *\n * @throws {GrantExpiredError} If grant has expired.\n *   Request a new grant from the data owner.\n *\n * @example\n * ```typescript\n * validateGrantExpiry(grantFile);\n * // Throws if current time > grantFile.expires\n * ```\n *\n * @category Permissions\n */\nexport function validateGrantExpiry(\n  grantFile: GrantFile,\n  currentTime?: number,\n): void {\n  if (grantFile.expires) {\n    const now =\n      currentTime !== undefined ? currentTime : Math.floor(Date.now() / 1000); // Current Unix timestamp\n\n    if (now > grantFile.expires) {\n      throw new GrantExpiredError(\n        \"Permission denied: grant has expired\",\n        grantFile.expires,\n        now,\n      );\n    }\n  }\n}\n\n/**\n * Validates that a grant authorizes the requested operation.\n *\n * @param grantFile - The grant file to check.\n *   Contains the authorized operation.\n * @param requestedOperation - The operation to validate.\n *   Must match the grant's operation exactly.\n *\n * @throws {OperationNotAllowedError} If operations don't match.\n *   Request a grant for the specific operation needed.\n *\n * @example\n * ```typescript\n * validateOperationAccess(grantFile, 'llm_inference');\n * // Throws if grantFile.operation !== 'llm_inference'\n * ```\n *\n * @category Permissions\n */\nexport function validateOperationAccess(\n  grantFile: GrantFile,\n  requestedOperation: string,\n): void {\n  if (grantFile.operation !== requestedOperation) {\n    throw new OperationNotAllowedError(\n      \"Permission denied: operation not allowed by grant\",\n      grantFile.operation,\n      requestedOperation,\n    );\n  }\n}\n"],"mappings":"AAcA,SAAS,kBAAkB;AAC3B,OAAO,SAAoC;AAC3C,OAAO,gBAAgB;AAEvB,OAAO,qBAAqB;AAWrB,MAAM,6BAA6B,MAAM;AAAA,EAC9C,YACE,SACO,SACP;AACA,UAAM,OAAO;AAFN;AAGP,SAAK,OAAO;AAAA,EACd;AACF;AAWO,MAAM,0BAA0B,qBAAqB;AAAA,EAC1D,YACE,SACO,SACA,aACP;AACA,UAAM,SAAS,EAAE,SAAS,YAAY,CAAC;AAHhC;AACA;AAGP,SAAK,OAAO;AAAA,EACd;AACF;AAWO,MAAM,6BAA6B,qBAAqB;AAAA,EAC7D,YACE,SACO,SACA,mBACP;AACA,UAAM,SAAS,EAAE,SAAS,kBAAkB,CAAC;AAHtC;AACA;AAGP,SAAK,OAAO;AAAA,EACd;AACF;AAWO,MAAM,iCAAiC,qBAAqB;AAAA,EACjE,YACE,SACO,kBACA,oBACP;AACA,UAAM,SAAS,EAAE,kBAAkB,mBAAmB,CAAC;AAHhD;AACA;AAGP,SAAK,OAAO;AAAA,EACd;AACF;AAWO,MAAM,yBAAyB,qBAAqB;AAAA,EACzD,YACE,SACO,cACA,aACP;AACA,UAAM,SAAS,EAAE,QAAQ,cAAc,MAAM,YAAY,CAAC;AAHnD;AACA;AAGP,SAAK,OAAO;AAAA,EACd;AACF;AAOA,MAAM,MAAM,IAAI,IAAI;AAAA,EAClB,QAAQ;AAAA,EACR,kBAAkB;AAAA,EAClB,aAAa;AAAA,EACb,aAAa;AACf,CAAC;AAGD,WAAW,GAAG;AAOd,MAAM,0BAA4C,IAAI,QAAQ,eAAe;AA+FtE,SAAS,cACd,MACA,UAAkC,CAAC,GACA;AACnC,QAAM;AAAA,IACJ,SAAS;AAAA,IACT;AAAA,IACA;AAAA,IACA;AAAA,IACA,eAAe;AAAA,EACjB,IAAI;AAEJ,QAAM,SAA0C,CAAC;AACjD,MAAI;AAGJ,MAAI,QAAQ;AACV,QAAI;AACF,UAAI,wBAAwB,IAAI,GAAG;AACjC,gBAAQ;AAAA,MACV,OAAO;AACL,cAAM,IAAI,qBAAqB,2BAA2B;AAAA,MAC5D;AAAA,IACF,SAAS,OAAO;AACd,UAAI,iBAAiB,sBAAsB;AACzC,cAAM,cAAc,IAAI;AAAA,UACtB,MAAM;AAAA,UACN,MAAM,QAAQ,MAAM,SAAS,MAAM,IAAI,MAAM,QAAQ,SAAS,CAAC;AAAA,UAC/D;AAAA,QACF;AACA,eAAO,KAAK;AAAA,UACV,MAAM;AAAA,UACN,SAAS,MAAM;AAAA,UACf,OAAO;AAAA,QACT,CAAC;AAAA,MACH,OAAO;AACL,eAAO,KAAK;AAAA,UACV,MAAM;AAAA,UACN,SAAS,6BAA6B,iBAAiB,QAAQ,MAAM,UAAU,eAAe;AAAA,UAC9F,OAAO,iBAAiB,QAAQ,QAAQ,IAAI,MAAM,eAAe;AAAA,QACnE,CAAC;AAAA,MACH;AAAA,IACF;AAAA,EACF,OAAO;AAEL,YAAQ;AAAA,EACV;AAGA,MAAI,OAAO;AAET,QAAI,SAAS;AACX,UAAI;AACF,8BAAsB,OAAO,OAAO;AAAA,MACtC,SAAS,OAAO;AACd,cAAM,QAAQ,8BAA8B,KAAK;AACjD,eAAO,KAAK;AAAA,UACV,MAAM;AAAA,UACN;AAAA,UACA,SACE,iBAAiB,QACb,MAAM,UACN;AAAA,UACN,OAAO,iBAAiB,QAAQ,QAAQ,IAAI,MAAM,eAAe;AAAA,QACnE,CAAC;AAAA,MACH;AAAA,IACF;AAGA,QAAI;AACF,0BAAoB,OAAO,WAAW;AAAA,IACxC,SAAS,OAAO;AACd,YAAM,QAAQ,8BAA8B,KAAK;AACjD,aAAO,KAAK;AAAA,QACV,MAAM;AAAA,QACN;AAAA,QACA,SACE,iBAAiB,QACb,MAAM,UACN;AAAA,QACN,OAAO,iBAAiB,QAAQ,QAAQ,IAAI,MAAM,eAAe;AAAA,MACnE,CAAC;AAAA,IACH;AAGA,QAAI,WAAW;AACb,UAAI;AACF,gCAAwB,OAAO,SAAS;AAAA,MAC1C,SAAS,OAAO;AACd,cAAM,QAAQ,8BAA8B,KAAK;AACjD,eAAO,KAAK;AAAA,UACV,MAAM;AAAA,UACN;AAAA,UACA,SACE,iBAAiB,QACb,MAAM,UACN;AAAA,UACN,OAAO,iBAAiB,QAAQ,QAAQ,IAAI,MAAM,eAAe;AAAA,QACnE,CAAC;AAAA,MACH;AAAA,IACF;AAAA,EACF;AAGA,MAAI,OAAO,SAAS,GAAG;AACrB,QAAI,cAAc;AAEhB,YAAM,aAAa,OAAO,CAAC;AAC3B,UAAI,WAAW,OAAO;AACpB,cAAM,WAAW;AAAA,MACnB,OAAO;AACL,cAAM,kBAAkB,OAAO,IAAI,CAAC,MAAM,EAAE,OAAO,EAAE,KAAK,IAAI;AAC9D,cAAM,IAAI;AAAA,UACR,4BAA4B,eAAe;AAAA,UAC3C,EAAE,QAAQ,KAAK;AAAA,QACjB;AAAA,MACF;AAAA,IACF;AAEA,WAAO,EAAE,OAAO,OAAO,QAAQ,MAAM;AAAA,EACvC;AAEA,MAAI,cAAc;AAChB,WAAO;AAAA,EACT,OAAO;AACL,WAAO,EAAE,OAAO,MAAM,QAAQ,CAAC,GAAG,MAA0B;AAAA,EAC9D;AACF;AAUA,SAAS,8BAA8B,OAAoC;AACzE,MAAI,iBAAiB,kBAAmB,QAAO;AAC/C,MAAI,iBAAiB,qBAAsB,QAAO;AAClD,MAAI,iBAAiB,yBAA0B,QAAO;AACtD,SAAO;AACT;AAqBO,SAAS,sBACd,WACA,mBACM;AACN,QAAM,oBAAoB,WAAW,UAAU,OAAO;AACtD,QAAM,uBAAuB,WAAW,iBAAiB;AAEzD,MAAI,sBAAsB,sBAAsB;AAC9C,UAAM,IAAI;AAAA,MACR;AAAA,MACA,UAAU;AAAA,MACV;AAAA,IACF;AAAA,EACF;AACF;AAqBO,SAAS,oBACd,WACA,aACM;AACN,MAAI,UAAU,SAAS;AACrB,UAAM,MACJ,gBAAgB,SAAY,cAAc,KAAK,MAAM,KAAK,IAAI,IAAI,GAAI;AAExE,QAAI,MAAM,UAAU,SAAS;AAC3B,YAAM,IAAI;AAAA,QACR;AAAA,QACA,UAAU;AAAA,QACV;AAAA,MACF;AAAA,IACF;AAAA,EACF;AACF;AAqBO,SAAS,wBACd,WACA,oBACM;AACN,MAAI,UAAU,cAAc,oBAAoB;AAC9C,UAAM,IAAI;AAAA,MACR;AAAA,MACA,UAAU;AAAA,MACV;AAAA,IACF;AAAA,EACF;AACF;","names":[]}

package/dist/utils/grants.cjs.map

@@ -1 +1 @@
-{"version":3,"sources":["../../src/utils/grants.ts"],"sourcesContent":["import type { Address } from \"viem\";\nimport type { GrantFile, GrantPermissionParams } from \"../types/permissions\";\nimport {\n  createGrantFile,\n  storeGrantFile,\n  retrieveGrantFile,\n} from \"./grantFiles\";\nimport { validateGrant, GrantValidationError } from \"./grantValidation\";\n\n/**\n * High-level utilities for working with grants in the Vana SDK\n */\n\n/**\n * Creates and validates a grant file from permission parameters\n *\n * @param params - The permission parameters to create and validate the grant from\n * @returns The validated grant file object\n */\nexport function createValidatedGrant(params: GrantPermissionParams): GrantFile {\n  const grantFile = createGrantFile(params);\n\n  // Validate the created grant file\n  try {\n    validateGrant(grantFile, {\n      schema: true,\n      grantee: params.grantee,\n      operation: params.operation,\n    });\n  } catch (error) {\n    throw new GrantValidationError(\n      `Created grant file failed validation: ${error instanceof Error ? error.message : \"Unknown error\"}`,\n      { grantFile, params },\n    );\n  }\n\n  return grantFile;\n}\n\n/**\n * Creates a grant file and stores it in IPFS\n *\n * @param params - The permission parameters to create the grant from\n * @param relayerUrl - The URL of the relayer service for IPFS storage\n * @returns Promise resolving to an object containing the grant file and its IPFS URL\n */\nexport async function createAndStoreGrant(\n  params: GrantPermissionParams,\n  relayerUrl: string,\n): Promise<{ grantFile: GrantFile; grantUrl: string }> {\n  const grantFile = createValidatedGrant(params);\n  const grantUrl = await storeGrantFile(grantFile, relayerUrl);\n\n  return { grantFile, grantUrl };\n}\n\n/**\n * Retrieves and validates a grant file from IPFS\n *\n * @param grantUrl - The IPFS URL of the grant file to retrieve\n * @param relayerUrl - Optional URL of the relayer service\n * @returns Promise resolving to the validated grant file\n */\nexport async function retrieveAndValidateGrant(\n  grantUrl: string,\n  relayerUrl?: string,\n): Promise<GrantFile> {\n  const grantFile = await retrieveGrantFile(grantUrl, relayerUrl);\n\n  // Additional validation can be added here if needed\n  return grantFile;\n}\n\n/**\n * Checks if a grant allows access for a specific request\n *\n * @param grantUrl - The IPFS URL of the grant file to check\n * @param requestingAddress - The address making the access request\n * @param operation - The operation being requested\n * @param _fileIds - Array of file IDs being accessed (currently unused but part of interface)\n * @param relayerUrl - Optional URL of the relayer service\n * @returns Promise resolving to access result with allowed status, reason, and grant file\n */\nexport async function checkGrantAccess(\n  grantUrl: string,\n  requestingAddress: Address,\n  operation: string,\n  _fileIds: number[],\n  relayerUrl?: string,\n): Promise<{ allowed: boolean; reason?: string; grantFile?: GrantFile }> {\n  try {\n    const grantFile = await retrieveAndValidateGrant(grantUrl, relayerUrl);\n\n    // Validate the grant for the request\n    validateGrant(grantFile, {\n      schema: true,\n      grantee: requestingAddress,\n      operation,\n    });\n\n    return { allowed: true, grantFile };\n  } catch (error) {\n    if (error instanceof GrantValidationError) {\n      return {\n        allowed: false,\n        reason: error.message,\n      };\n    }\n\n    return {\n      allowed: false,\n      reason: `Grant access check failed: ${error instanceof Error ? error.message : \"Unknown error\"}`,\n    };\n  }\n}\n\n/**\n * Utility to check if a grant has expired\n *\n * @param grantFile - The grant file to check for expiration\n * @returns True if the grant has expired, false otherwise\n */\nexport function isGrantExpired(grantFile: GrantFile): boolean {\n  if (!grantFile.expires) {\n    return false; // No expiration set\n  }\n\n  const now = Math.floor(Date.now() / 1000);\n  return now > grantFile.expires;\n}\n\n/**\n * Utility to get the time remaining before grant expires (in seconds)\n *\n * @param grantFile - The grant file to check time remaining for\n * @returns Number of seconds remaining, or null if no expiration is set\n */\nexport function getGrantTimeRemaining(grantFile: GrantFile): number | null {\n  if (!grantFile.expires) {\n    return null; // No expiration set\n  }\n\n  const now = Math.floor(Date.now() / 1000);\n  const remaining = grantFile.expires - now;\n  return Math.max(0, remaining);\n}\n\n/**\n * Creates a human-readable summary of a grant\n *\n * @param grantFile - The grant file to create a summary for\n * @returns A human-readable string describing the grant\n */\nexport function summarizeGrant(grantFile: GrantFile): string {\n  const expiration = grantFile.expires\n    ? new Date(grantFile.expires * 1000).toISOString()\n    : \"No expiration\";\n\n  return `Grant for ${grantFile.grantee} to perform \"${grantFile.operation}\" (expires: ${expiration})`;\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAEA,wBAIO;AACP,6BAAoD;AAY7C,SAAS,qBAAqB,QAA0C;AAC7E,QAAM,gBAAY,mCAAgB,MAAM;AAGxC,MAAI;AACF,8CAAc,WAAW;AAAA,MACvB,QAAQ;AAAA,MACR,SAAS,OAAO;AAAA,MAChB,WAAW,OAAO;AAAA,IACpB,CAAC;AAAA,EACH,SAAS,OAAO;AACd,UAAM,IAAI;AAAA,MACR,yCAAyC,iBAAiB,QAAQ,MAAM,UAAU,eAAe;AAAA,MACjG,EAAE,WAAW,OAAO;AAAA,IACtB;AAAA,EACF;AAEA,SAAO;AACT;AASA,eAAsB,oBACpB,QACA,YACqD;AACrD,QAAM,YAAY,qBAAqB,MAAM;AAC7C,QAAM,WAAW,UAAM,kCAAe,WAAW,UAAU;AAE3D,SAAO,EAAE,WAAW,SAAS;AAC/B;AASA,eAAsB,yBACpB,UACA,YACoB;AACpB,QAAM,YAAY,UAAM,qCAAkB,UAAU,UAAU;AAG9D,SAAO;AACT;AAYA,eAAsB,iBACpB,UACA,mBACA,WACA,UACA,YACuE;AACvE,MAAI;AACF,UAAM,YAAY,MAAM,yBAAyB,UAAU,UAAU;AAGrE,8CAAc,WAAW;AAAA,MACvB,QAAQ;AAAA,MACR,SAAS;AAAA,MACT;AAAA,IACF,CAAC;AAED,WAAO,EAAE,SAAS,MAAM,UAAU;AAAA,EACpC,SAAS,OAAO;AACd,QAAI,iBAAiB,6CAAsB;AACzC,aAAO;AAAA,QACL,SAAS;AAAA,QACT,QAAQ,MAAM;AAAA,MAChB;AAAA,IACF;AAEA,WAAO;AAAA,MACL,SAAS;AAAA,MACT,QAAQ,8BAA8B,iBAAiB,QAAQ,MAAM,UAAU,eAAe;AAAA,IAChG;AAAA,EACF;AACF;AAQO,SAAS,eAAe,WAA+B;AAC5D,MAAI,CAAC,UAAU,SAAS;AACtB,WAAO;AAAA,EACT;AAEA,QAAM,MAAM,KAAK,MAAM,KAAK,IAAI,IAAI,GAAI;AACxC,SAAO,MAAM,UAAU;AACzB;AAQO,SAAS,sBAAsB,WAAqC;AACzE,MAAI,CAAC,UAAU,SAAS;AACtB,WAAO;AAAA,EACT;AAEA,QAAM,MAAM,KAAK,MAAM,KAAK,IAAI,IAAI,GAAI;AACxC,QAAM,YAAY,UAAU,UAAU;AACtC,SAAO,KAAK,IAAI,GAAG,SAAS;AAC9B;AAQO,SAAS,eAAe,WAA8B;AAC3D,QAAM,aAAa,UAAU,UACzB,IAAI,KAAK,UAAU,UAAU,GAAI,EAAE,YAAY,IAC/C;AAEJ,SAAO,aAAa,UAAU,OAAO,gBAAgB,UAAU,SAAS,eAAe,UAAU;AACnG;","names":[]}
+{"version":3,"sources":["../../src/utils/grants.ts"],"sourcesContent":["/**\n * Provides high-level grant management utilities for the Vana permission system.\n *\n * @remarks\n * This module simplifies grant file creation, validation, storage, and retrieval.\n * Grants are the core mechanism for permission management in Vana, allowing users\n * to delegate specific operations to applications and services.\n *\n * @category Permissions\n * @module grants\n */\n\nimport type { Address } from \"viem\";\nimport type { GrantFile, GrantPermissionParams } from \"../types/permissions\";\nimport {\n  createGrantFile,\n  storeGrantFile,\n  retrieveGrantFile,\n} from \"./grantFiles\";\nimport { validateGrant, GrantValidationError } from \"./grantValidation\";\n\n/**\n * Creates and validates a grant file from permission parameters.\n *\n * @remarks\n * Combines grant creation with immediate validation to ensure only valid\n * grants are created. Validates schema compliance, grantee address, and\n * operation parameters before returning the grant file.\n *\n * @param params - The permission parameters to create and validate the grant from.\n *   Obtain from user input or application configuration.\n * @returns The validated grant file object ready for storage\n *\n * @throws {GrantValidationError} When grant parameters are invalid.\n *   Check error message for specific validation failures.\n *\n * @example\n * ```typescript\n * const grant = createValidatedGrant({\n *   grantee: '0x742d35Cc6634C0532925a3b844Bc9e7595f0b0Bb',\n *   operation: 'llm_inference',\n *   parameters: { model: 'gpt-4', maxTokens: 1000 },\n *   expiresAt: Date.now() + 86400000 // 24 hours\n * });\n * ```\n *\n * @category Permissions\n */\nexport function createValidatedGrant(params: GrantPermissionParams): GrantFile {\n  const grantFile = createGrantFile(params);\n\n  // Validate the created grant file\n  try {\n    validateGrant(grantFile, {\n      schema: true,\n      grantee: params.grantee,\n      operation: params.operation,\n    });\n  } catch (error) {\n    throw new GrantValidationError(\n      `Created grant file failed validation: ${error instanceof Error ? error.message : \"Unknown error\"}`,\n      { grantFile, params },\n    );\n  }\n\n  return grantFile;\n}\n\n/**\n * Creates a grant file and stores it in IPFS.\n *\n * @remarks\n * Combines grant creation, validation, and IPFS storage in a single operation.\n * The grant is stored immutably on IPFS and can be referenced by its URL in\n * on-chain permission records.\n *\n * @param params - The permission parameters to create the grant from.\n *   Obtain from user input or application configuration.\n * @param relayerUrl - The URL of the relayer service for IPFS storage.\n *   Obtain from SDK configuration or environment.\n * @returns Promise resolving to an object containing the grant file and its IPFS URL\n *\n * @throws {GrantValidationError} When grant parameters are invalid.\n *   Check error message for specific validation failures.\n * @throws {Error} When IPFS storage fails.\n *   Retry with exponential backoff or check relayer status.\n *\n * @example\n * ```typescript\n * const { grantFile, grantUrl } = await createAndStoreGrant(\n *   {\n *     grantee: applicationAddress,\n *     operation: 'data_processing',\n *     parameters: { dataTypes: ['medical', 'financial'] }\n *   },\n *   'https://relayer.vana.org'\n * );\n *\n * console.log('Grant stored at:', grantUrl);\n * ```\n *\n * @category Permissions\n */\nexport async function createAndStoreGrant(\n  params: GrantPermissionParams,\n  relayerUrl: string,\n): Promise<{ grantFile: GrantFile; grantUrl: string }> {\n  const grantFile = createValidatedGrant(params);\n  const grantUrl = await storeGrantFile(grantFile, relayerUrl);\n\n  return { grantFile, grantUrl };\n}\n\n/**\n * Retrieves and validates a grant file from IPFS.\n *\n * @remarks\n * Fetches a grant file from IPFS and performs basic validation to ensure\n * the retrieved data is a valid grant structure. Use this when you need to\n * verify or process existing grants.\n *\n * @param grantUrl - The IPFS URL of the grant file to retrieve.\n *   Obtain from on-chain permission records or grant events.\n * @param relayerUrl - Optional URL of the relayer service.\n *   If not provided, uses default IPFS gateways.\n * @returns Promise resolving to the validated grant file\n *\n * @throws {Error} When grant retrieval fails.\n *   Check network connectivity or IPFS gateway availability.\n * @throws {Error} When grant file is malformed.\n *   Verify the grant URL points to a valid grant file.\n *\n * @example\n * ```typescript\n * const grant = await retrieveAndValidateGrant(\n *   'ipfs://QmXxx...'\n * );\n *\n * console.log('Grant for:', grant.grantee);\n * console.log('Operation:', grant.operation);\n * ```\n *\n * @category Permissions\n */\nexport async function retrieveAndValidateGrant(\n  grantUrl: string,\n  relayerUrl?: string,\n): Promise<GrantFile> {\n  const grantFile = await retrieveGrantFile(grantUrl, relayerUrl);\n\n  // Additional validation can be added here if needed\n  return grantFile;\n}\n\n/**\n * Checks if a grant allows access for a specific request\n *\n * @param grantUrl - The IPFS URL of the grant file to check\n * @param requestingAddress - The address making the access request\n * @param operation - The operation being requested\n * @param _fileIds - Array of file IDs being accessed (currently unused but part of interface)\n * @param relayerUrl - Optional URL of the relayer service\n * @returns Promise resolving to access result with allowed status, reason, and grant file\n */\nexport async function checkGrantAccess(\n  grantUrl: string,\n  requestingAddress: Address,\n  operation: string,\n  _fileIds: number[],\n  relayerUrl?: string,\n): Promise<{ allowed: boolean; reason?: string; grantFile?: GrantFile }> {\n  try {\n    const grantFile = await retrieveAndValidateGrant(grantUrl, relayerUrl);\n\n    // Validate the grant for the request\n    validateGrant(grantFile, {\n      schema: true,\n      grantee: requestingAddress,\n      operation,\n    });\n\n    return { allowed: true, grantFile };\n  } catch (error) {\n    if (error instanceof GrantValidationError) {\n      return {\n        allowed: false,\n        reason: error.message,\n      };\n    }\n\n    return {\n      allowed: false,\n      reason: `Grant access check failed: ${error instanceof Error ? error.message : \"Unknown error\"}`,\n    };\n  }\n}\n\n/**\n * Utility to check if a grant has expired\n *\n * @param grantFile - The grant file to check for expiration\n * @returns True if the grant has expired, false otherwise\n */\nexport function isGrantExpired(grantFile: GrantFile): boolean {\n  if (!grantFile.expires) {\n    return false; // No expiration set\n  }\n\n  const now = Math.floor(Date.now() / 1000);\n  return now > grantFile.expires;\n}\n\n/**\n * Utility to get the time remaining before grant expires (in seconds)\n *\n * @param grantFile - The grant file to check time remaining for\n * @returns Number of seconds remaining, or null if no expiration is set\n */\nexport function getGrantTimeRemaining(grantFile: GrantFile): number | null {\n  if (!grantFile.expires) {\n    return null; // No expiration set\n  }\n\n  const now = Math.floor(Date.now() / 1000);\n  const remaining = grantFile.expires - now;\n  return Math.max(0, remaining);\n}\n\n/**\n * Creates a human-readable summary of a grant\n *\n * @param grantFile - The grant file to create a summary for\n * @returns A human-readable string describing the grant\n */\nexport function summarizeGrant(grantFile: GrantFile): string {\n  const expiration = grantFile.expires\n    ? new Date(grantFile.expires * 1000).toISOString()\n    : \"No expiration\";\n\n  return `Grant for ${grantFile.grantee} to perform \"${grantFile.operation}\" (expires: ${expiration})`;\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAcA,wBAIO;AACP,6BAAoD;AA6B7C,SAAS,qBAAqB,QAA0C;AAC7E,QAAM,gBAAY,mCAAgB,MAAM;AAGxC,MAAI;AACF,8CAAc,WAAW;AAAA,MACvB,QAAQ;AAAA,MACR,SAAS,OAAO;AAAA,MAChB,WAAW,OAAO;AAAA,IACpB,CAAC;AAAA,EACH,SAAS,OAAO;AACd,UAAM,IAAI;AAAA,MACR,yCAAyC,iBAAiB,QAAQ,MAAM,UAAU,eAAe;AAAA,MACjG,EAAE,WAAW,OAAO;AAAA,IACtB;AAAA,EACF;AAEA,SAAO;AACT;AAqCA,eAAsB,oBACpB,QACA,YACqD;AACrD,QAAM,YAAY,qBAAqB,MAAM;AAC7C,QAAM,WAAW,UAAM,kCAAe,WAAW,UAAU;AAE3D,SAAO,EAAE,WAAW,SAAS;AAC/B;AAiCA,eAAsB,yBACpB,UACA,YACoB;AACpB,QAAM,YAAY,UAAM,qCAAkB,UAAU,UAAU;AAG9D,SAAO;AACT;AAYA,eAAsB,iBACpB,UACA,mBACA,WACA,UACA,YACuE;AACvE,MAAI;AACF,UAAM,YAAY,MAAM,yBAAyB,UAAU,UAAU;AAGrE,8CAAc,WAAW;AAAA,MACvB,QAAQ;AAAA,MACR,SAAS;AAAA,MACT;AAAA,IACF,CAAC;AAED,WAAO,EAAE,SAAS,MAAM,UAAU;AAAA,EACpC,SAAS,OAAO;AACd,QAAI,iBAAiB,6CAAsB;AACzC,aAAO;AAAA,QACL,SAAS;AAAA,QACT,QAAQ,MAAM;AAAA,MAChB;AAAA,IACF;AAEA,WAAO;AAAA,MACL,SAAS;AAAA,MACT,QAAQ,8BAA8B,iBAAiB,QAAQ,MAAM,UAAU,eAAe;AAAA,IAChG;AAAA,EACF;AACF;AAQO,SAAS,eAAe,WAA+B;AAC5D,MAAI,CAAC,UAAU,SAAS;AACtB,WAAO;AAAA,EACT;AAEA,QAAM,MAAM,KAAK,MAAM,KAAK,IAAI,IAAI,GAAI;AACxC,SAAO,MAAM,UAAU;AACzB;AAQO,SAAS,sBAAsB,WAAqC;AACzE,MAAI,CAAC,UAAU,SAAS;AACtB,WAAO;AAAA,EACT;AAEA,QAAM,MAAM,KAAK,MAAM,KAAK,IAAI,IAAI,GAAI;AACxC,QAAM,YAAY,UAAU,UAAU;AACtC,SAAO,KAAK,IAAI,GAAG,SAAS;AAC9B;AAQO,SAAS,eAAe,WAA8B;AAC3D,QAAM,aAAa,UAAU,UACzB,IAAI,KAAK,UAAU,UAAU,GAAI,EAAE,YAAY,IAC/C;AAEJ,SAAO,aAAa,UAAU,OAAO,gBAAgB,UAAU,SAAS,eAAe,UAAU;AACnG;","names":[]}

package/dist/utils/grants.d.ts

@@ -1,32 +1,113 @@
-import type { Address } from "viem";
-import type { GrantFile, GrantPermissionParams } from "../types/permissions";
 /**
- * High-level utilities for working with grants in the Vana SDK
+ * Provides high-level grant management utilities for the Vana permission system.
+ *
+ * @remarks
+ * This module simplifies grant file creation, validation, storage, and retrieval.
+ * Grants are the core mechanism for permission management in Vana, allowing users
+ * to delegate specific operations to applications and services.
+ *
+ * @category Permissions
+ * @module grants
  */
+import type { Address } from "viem";
+import type { GrantFile, GrantPermissionParams } from "../types/permissions";
 /**
- * Creates and validates a grant file from permission parameters
+ * Creates and validates a grant file from permission parameters.
  *
- * @param params - The permission parameters to create and validate the grant from
- * @returns The validated grant file object
+ * @remarks
+ * Combines grant creation with immediate validation to ensure only valid
+ * grants are created. Validates schema compliance, grantee address, and
+ * operation parameters before returning the grant file.
+ *
+ * @param params - The permission parameters to create and validate the grant from.
+ *   Obtain from user input or application configuration.
+ * @returns The validated grant file object ready for storage
+ *
+ * @throws {GrantValidationError} When grant parameters are invalid.
+ *   Check error message for specific validation failures.
+ *
+ * @example
+ * ```typescript
+ * const grant = createValidatedGrant({
+ *   grantee: '0x742d35Cc6634C0532925a3b844Bc9e7595f0b0Bb',
+ *   operation: 'llm_inference',
+ *   parameters: { model: 'gpt-4', maxTokens: 1000 },
+ *   expiresAt: Date.now() + 86400000 // 24 hours
+ * });
+ * ```
+ *
+ * @category Permissions
  */
 export declare function createValidatedGrant(params: GrantPermissionParams): GrantFile;
 /**
- * Creates a grant file and stores it in IPFS
+ * Creates a grant file and stores it in IPFS.
+ *
+ * @remarks
+ * Combines grant creation, validation, and IPFS storage in a single operation.
+ * The grant is stored immutably on IPFS and can be referenced by its URL in
+ * on-chain permission records.
  *
- * @param params - The permission parameters to create the grant from
- * @param relayerUrl - The URL of the relayer service for IPFS storage
+ * @param params - The permission parameters to create the grant from.
+ *   Obtain from user input or application configuration.
+ * @param relayerUrl - The URL of the relayer service for IPFS storage.
+ *   Obtain from SDK configuration or environment.
  * @returns Promise resolving to an object containing the grant file and its IPFS URL
+ *
+ * @throws {GrantValidationError} When grant parameters are invalid.
+ *   Check error message for specific validation failures.
+ * @throws {Error} When IPFS storage fails.
+ *   Retry with exponential backoff or check relayer status.
+ *
+ * @example
+ * ```typescript
+ * const { grantFile, grantUrl } = await createAndStoreGrant(
+ *   {
+ *     grantee: applicationAddress,
+ *     operation: 'data_processing',
+ *     parameters: { dataTypes: ['medical', 'financial'] }
+ *   },
+ *   'https://relayer.vana.org'
+ * );
+ *
+ * console.log('Grant stored at:', grantUrl);
+ * ```
+ *
+ * @category Permissions
  */
 export declare function createAndStoreGrant(params: GrantPermissionParams, relayerUrl: string): Promise<{
     grantFile: GrantFile;
     grantUrl: string;
 }>;
 /**
- * Retrieves and validates a grant file from IPFS
+ * Retrieves and validates a grant file from IPFS.
  *
- * @param grantUrl - The IPFS URL of the grant file to retrieve
- * @param relayerUrl - Optional URL of the relayer service
+ * @remarks
+ * Fetches a grant file from IPFS and performs basic validation to ensure
+ * the retrieved data is a valid grant structure. Use this when you need to
+ * verify or process existing grants.
+ *
+ * @param grantUrl - The IPFS URL of the grant file to retrieve.
+ *   Obtain from on-chain permission records or grant events.
+ * @param relayerUrl - Optional URL of the relayer service.
+ *   If not provided, uses default IPFS gateways.
  * @returns Promise resolving to the validated grant file
+ *
+ * @throws {Error} When grant retrieval fails.
+ *   Check network connectivity or IPFS gateway availability.
+ * @throws {Error} When grant file is malformed.
+ *   Verify the grant URL points to a valid grant file.
+ *
+ * @example
+ * ```typescript
+ * const grant = await retrieveAndValidateGrant(
+ *   'ipfs://QmXxx...'
+ * );
+ *
+ * console.log('Grant for:', grant.grantee);
+ * console.log('Operation:', grant.operation);
+ * ```
+ *
+ * @category Permissions
  */
 export declare function retrieveAndValidateGrant(grantUrl: string, relayerUrl?: string): Promise<GrantFile>;
 /**

package/dist/utils/grants.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../src/utils/grants.ts"],"sourcesContent":["import type { Address } from \"viem\";\nimport type { GrantFile, GrantPermissionParams } from \"../types/permissions\";\nimport {\n  createGrantFile,\n  storeGrantFile,\n  retrieveGrantFile,\n} from \"./grantFiles\";\nimport { validateGrant, GrantValidationError } from \"./grantValidation\";\n\n/**\n * High-level utilities for working with grants in the Vana SDK\n */\n\n/**\n * Creates and validates a grant file from permission parameters\n *\n * @param params - The permission parameters to create and validate the grant from\n * @returns The validated grant file object\n */\nexport function createValidatedGrant(params: GrantPermissionParams): GrantFile {\n  const grantFile = createGrantFile(params);\n\n  // Validate the created grant file\n  try {\n    validateGrant(grantFile, {\n      schema: true,\n      grantee: params.grantee,\n      operation: params.operation,\n    });\n  } catch (error) {\n    throw new GrantValidationError(\n      `Created grant file failed validation: ${error instanceof Error ? error.message : \"Unknown error\"}`,\n      { grantFile, params },\n    );\n  }\n\n  return grantFile;\n}\n\n/**\n * Creates a grant file and stores it in IPFS\n *\n * @param params - The permission parameters to create the grant from\n * @param relayerUrl - The URL of the relayer service for IPFS storage\n * @returns Promise resolving to an object containing the grant file and its IPFS URL\n */\nexport async function createAndStoreGrant(\n  params: GrantPermissionParams,\n  relayerUrl: string,\n): Promise<{ grantFile: GrantFile; grantUrl: string }> {\n  const grantFile = createValidatedGrant(params);\n  const grantUrl = await storeGrantFile(grantFile, relayerUrl);\n\n  return { grantFile, grantUrl };\n}\n\n/**\n * Retrieves and validates a grant file from IPFS\n *\n * @param grantUrl - The IPFS URL of the grant file to retrieve\n * @param relayerUrl - Optional URL of the relayer service\n * @returns Promise resolving to the validated grant file\n */\nexport async function retrieveAndValidateGrant(\n  grantUrl: string,\n  relayerUrl?: string,\n): Promise<GrantFile> {\n  const grantFile = await retrieveGrantFile(grantUrl, relayerUrl);\n\n  // Additional validation can be added here if needed\n  return grantFile;\n}\n\n/**\n * Checks if a grant allows access for a specific request\n *\n * @param grantUrl - The IPFS URL of the grant file to check\n * @param requestingAddress - The address making the access request\n * @param operation - The operation being requested\n * @param _fileIds - Array of file IDs being accessed (currently unused but part of interface)\n * @param relayerUrl - Optional URL of the relayer service\n * @returns Promise resolving to access result with allowed status, reason, and grant file\n */\nexport async function checkGrantAccess(\n  grantUrl: string,\n  requestingAddress: Address,\n  operation: string,\n  _fileIds: number[],\n  relayerUrl?: string,\n): Promise<{ allowed: boolean; reason?: string; grantFile?: GrantFile }> {\n  try {\n    const grantFile = await retrieveAndValidateGrant(grantUrl, relayerUrl);\n\n    // Validate the grant for the request\n    validateGrant(grantFile, {\n      schema: true,\n      grantee: requestingAddress,\n      operation,\n    });\n\n    return { allowed: true, grantFile };\n  } catch (error) {\n    if (error instanceof GrantValidationError) {\n      return {\n        allowed: false,\n        reason: error.message,\n      };\n    }\n\n    return {\n      allowed: false,\n      reason: `Grant access check failed: ${error instanceof Error ? error.message : \"Unknown error\"}`,\n    };\n  }\n}\n\n/**\n * Utility to check if a grant has expired\n *\n * @param grantFile - The grant file to check for expiration\n * @returns True if the grant has expired, false otherwise\n */\nexport function isGrantExpired(grantFile: GrantFile): boolean {\n  if (!grantFile.expires) {\n    return false; // No expiration set\n  }\n\n  const now = Math.floor(Date.now() / 1000);\n  return now > grantFile.expires;\n}\n\n/**\n * Utility to get the time remaining before grant expires (in seconds)\n *\n * @param grantFile - The grant file to check time remaining for\n * @returns Number of seconds remaining, or null if no expiration is set\n */\nexport function getGrantTimeRemaining(grantFile: GrantFile): number | null {\n  if (!grantFile.expires) {\n    return null; // No expiration set\n  }\n\n  const now = Math.floor(Date.now() / 1000);\n  const remaining = grantFile.expires - now;\n  return Math.max(0, remaining);\n}\n\n/**\n * Creates a human-readable summary of a grant\n *\n * @param grantFile - The grant file to create a summary for\n * @returns A human-readable string describing the grant\n */\nexport function summarizeGrant(grantFile: GrantFile): string {\n  const expiration = grantFile.expires\n    ? new Date(grantFile.expires * 1000).toISOString()\n    : \"No expiration\";\n\n  return `Grant for ${grantFile.grantee} to perform \"${grantFile.operation}\" (expires: ${expiration})`;\n}\n"],"mappings":"AAEA;AAAA,EACE;AAAA,EACA;AAAA,EACA;AAAA,OACK;AACP,SAAS,eAAe,4BAA4B;AAY7C,SAAS,qBAAqB,QAA0C;AAC7E,QAAM,YAAY,gBAAgB,MAAM;AAGxC,MAAI;AACF,kBAAc,WAAW;AAAA,MACvB,QAAQ;AAAA,MACR,SAAS,OAAO;AAAA,MAChB,WAAW,OAAO;AAAA,IACpB,CAAC;AAAA,EACH,SAAS,OAAO;AACd,UAAM,IAAI;AAAA,MACR,yCAAyC,iBAAiB,QAAQ,MAAM,UAAU,eAAe;AAAA,MACjG,EAAE,WAAW,OAAO;AAAA,IACtB;AAAA,EACF;AAEA,SAAO;AACT;AASA,eAAsB,oBACpB,QACA,YACqD;AACrD,QAAM,YAAY,qBAAqB,MAAM;AAC7C,QAAM,WAAW,MAAM,eAAe,WAAW,UAAU;AAE3D,SAAO,EAAE,WAAW,SAAS;AAC/B;AASA,eAAsB,yBACpB,UACA,YACoB;AACpB,QAAM,YAAY,MAAM,kBAAkB,UAAU,UAAU;AAG9D,SAAO;AACT;AAYA,eAAsB,iBACpB,UACA,mBACA,WACA,UACA,YACuE;AACvE,MAAI;AACF,UAAM,YAAY,MAAM,yBAAyB,UAAU,UAAU;AAGrE,kBAAc,WAAW;AAAA,MACvB,QAAQ;AAAA,MACR,SAAS;AAAA,MACT;AAAA,IACF,CAAC;AAED,WAAO,EAAE,SAAS,MAAM,UAAU;AAAA,EACpC,SAAS,OAAO;AACd,QAAI,iBAAiB,sBAAsB;AACzC,aAAO;AAAA,QACL,SAAS;AAAA,QACT,QAAQ,MAAM;AAAA,MAChB;AAAA,IACF;AAEA,WAAO;AAAA,MACL,SAAS;AAAA,MACT,QAAQ,8BAA8B,iBAAiB,QAAQ,MAAM,UAAU,eAAe;AAAA,IAChG;AAAA,EACF;AACF;AAQO,SAAS,eAAe,WAA+B;AAC5D,MAAI,CAAC,UAAU,SAAS;AACtB,WAAO;AAAA,EACT;AAEA,QAAM,MAAM,KAAK,MAAM,KAAK,IAAI,IAAI,GAAI;AACxC,SAAO,MAAM,UAAU;AACzB;AAQO,SAAS,sBAAsB,WAAqC;AACzE,MAAI,CAAC,UAAU,SAAS;AACtB,WAAO;AAAA,EACT;AAEA,QAAM,MAAM,KAAK,MAAM,KAAK,IAAI,IAAI,GAAI;AACxC,QAAM,YAAY,UAAU,UAAU;AACtC,SAAO,KAAK,IAAI,GAAG,SAAS;AAC9B;AAQO,SAAS,eAAe,WAA8B;AAC3D,QAAM,aAAa,UAAU,UACzB,IAAI,KAAK,UAAU,UAAU,GAAI,EAAE,YAAY,IAC/C;AAEJ,SAAO,aAAa,UAAU,OAAO,gBAAgB,UAAU,SAAS,eAAe,UAAU;AACnG;","names":[]}
+{"version":3,"sources":["../../src/utils/grants.ts"],"sourcesContent":["/**\n * Provides high-level grant management utilities for the Vana permission system.\n *\n * @remarks\n * This module simplifies grant file creation, validation, storage, and retrieval.\n * Grants are the core mechanism for permission management in Vana, allowing users\n * to delegate specific operations to applications and services.\n *\n * @category Permissions\n * @module grants\n */\n\nimport type { Address } from \"viem\";\nimport type { GrantFile, GrantPermissionParams } from \"../types/permissions\";\nimport {\n  createGrantFile,\n  storeGrantFile,\n  retrieveGrantFile,\n} from \"./grantFiles\";\nimport { validateGrant, GrantValidationError } from \"./grantValidation\";\n\n/**\n * Creates and validates a grant file from permission parameters.\n *\n * @remarks\n * Combines grant creation with immediate validation to ensure only valid\n * grants are created. Validates schema compliance, grantee address, and\n * operation parameters before returning the grant file.\n *\n * @param params - The permission parameters to create and validate the grant from.\n *   Obtain from user input or application configuration.\n * @returns The validated grant file object ready for storage\n *\n * @throws {GrantValidationError} When grant parameters are invalid.\n *   Check error message for specific validation failures.\n *\n * @example\n * ```typescript\n * const grant = createValidatedGrant({\n *   grantee: '0x742d35Cc6634C0532925a3b844Bc9e7595f0b0Bb',\n *   operation: 'llm_inference',\n *   parameters: { model: 'gpt-4', maxTokens: 1000 },\n *   expiresAt: Date.now() + 86400000 // 24 hours\n * });\n * ```\n *\n * @category Permissions\n */\nexport function createValidatedGrant(params: GrantPermissionParams): GrantFile {\n  const grantFile = createGrantFile(params);\n\n  // Validate the created grant file\n  try {\n    validateGrant(grantFile, {\n      schema: true,\n      grantee: params.grantee,\n      operation: params.operation,\n    });\n  } catch (error) {\n    throw new GrantValidationError(\n      `Created grant file failed validation: ${error instanceof Error ? error.message : \"Unknown error\"}`,\n      { grantFile, params },\n    );\n  }\n\n  return grantFile;\n}\n\n/**\n * Creates a grant file and stores it in IPFS.\n *\n * @remarks\n * Combines grant creation, validation, and IPFS storage in a single operation.\n * The grant is stored immutably on IPFS and can be referenced by its URL in\n * on-chain permission records.\n *\n * @param params - The permission parameters to create the grant from.\n *   Obtain from user input or application configuration.\n * @param relayerUrl - The URL of the relayer service for IPFS storage.\n *   Obtain from SDK configuration or environment.\n * @returns Promise resolving to an object containing the grant file and its IPFS URL\n *\n * @throws {GrantValidationError} When grant parameters are invalid.\n *   Check error message for specific validation failures.\n * @throws {Error} When IPFS storage fails.\n *   Retry with exponential backoff or check relayer status.\n *\n * @example\n * ```typescript\n * const { grantFile, grantUrl } = await createAndStoreGrant(\n *   {\n *     grantee: applicationAddress,\n *     operation: 'data_processing',\n *     parameters: { dataTypes: ['medical', 'financial'] }\n *   },\n *   'https://relayer.vana.org'\n * );\n *\n * console.log('Grant stored at:', grantUrl);\n * ```\n *\n * @category Permissions\n */\nexport async function createAndStoreGrant(\n  params: GrantPermissionParams,\n  relayerUrl: string,\n): Promise<{ grantFile: GrantFile; grantUrl: string }> {\n  const grantFile = createValidatedGrant(params);\n  const grantUrl = await storeGrantFile(grantFile, relayerUrl);\n\n  return { grantFile, grantUrl };\n}\n\n/**\n * Retrieves and validates a grant file from IPFS.\n *\n * @remarks\n * Fetches a grant file from IPFS and performs basic validation to ensure\n * the retrieved data is a valid grant structure. Use this when you need to\n * verify or process existing grants.\n *\n * @param grantUrl - The IPFS URL of the grant file to retrieve.\n *   Obtain from on-chain permission records or grant events.\n * @param relayerUrl - Optional URL of the relayer service.\n *   If not provided, uses default IPFS gateways.\n * @returns Promise resolving to the validated grant file\n *\n * @throws {Error} When grant retrieval fails.\n *   Check network connectivity or IPFS gateway availability.\n * @throws {Error} When grant file is malformed.\n *   Verify the grant URL points to a valid grant file.\n *\n * @example\n * ```typescript\n * const grant = await retrieveAndValidateGrant(\n *   'ipfs://QmXxx...'\n * );\n *\n * console.log('Grant for:', grant.grantee);\n * console.log('Operation:', grant.operation);\n * ```\n *\n * @category Permissions\n */\nexport async function retrieveAndValidateGrant(\n  grantUrl: string,\n  relayerUrl?: string,\n): Promise<GrantFile> {\n  const grantFile = await retrieveGrantFile(grantUrl, relayerUrl);\n\n  // Additional validation can be added here if needed\n  return grantFile;\n}\n\n/**\n * Checks if a grant allows access for a specific request\n *\n * @param grantUrl - The IPFS URL of the grant file to check\n * @param requestingAddress - The address making the access request\n * @param operation - The operation being requested\n * @param _fileIds - Array of file IDs being accessed (currently unused but part of interface)\n * @param relayerUrl - Optional URL of the relayer service\n * @returns Promise resolving to access result with allowed status, reason, and grant file\n */\nexport async function checkGrantAccess(\n  grantUrl: string,\n  requestingAddress: Address,\n  operation: string,\n  _fileIds: number[],\n  relayerUrl?: string,\n): Promise<{ allowed: boolean; reason?: string; grantFile?: GrantFile }> {\n  try {\n    const grantFile = await retrieveAndValidateGrant(grantUrl, relayerUrl);\n\n    // Validate the grant for the request\n    validateGrant(grantFile, {\n      schema: true,\n      grantee: requestingAddress,\n      operation,\n    });\n\n    return { allowed: true, grantFile };\n  } catch (error) {\n    if (error instanceof GrantValidationError) {\n      return {\n        allowed: false,\n        reason: error.message,\n      };\n    }\n\n    return {\n      allowed: false,\n      reason: `Grant access check failed: ${error instanceof Error ? error.message : \"Unknown error\"}`,\n    };\n  }\n}\n\n/**\n * Utility to check if a grant has expired\n *\n * @param grantFile - The grant file to check for expiration\n * @returns True if the grant has expired, false otherwise\n */\nexport function isGrantExpired(grantFile: GrantFile): boolean {\n  if (!grantFile.expires) {\n    return false; // No expiration set\n  }\n\n  const now = Math.floor(Date.now() / 1000);\n  return now > grantFile.expires;\n}\n\n/**\n * Utility to get the time remaining before grant expires (in seconds)\n *\n * @param grantFile - The grant file to check time remaining for\n * @returns Number of seconds remaining, or null if no expiration is set\n */\nexport function getGrantTimeRemaining(grantFile: GrantFile): number | null {\n  if (!grantFile.expires) {\n    return null; // No expiration set\n  }\n\n  const now = Math.floor(Date.now() / 1000);\n  const remaining = grantFile.expires - now;\n  return Math.max(0, remaining);\n}\n\n/**\n * Creates a human-readable summary of a grant\n *\n * @param grantFile - The grant file to create a summary for\n * @returns A human-readable string describing the grant\n */\nexport function summarizeGrant(grantFile: GrantFile): string {\n  const expiration = grantFile.expires\n    ? new Date(grantFile.expires * 1000).toISOString()\n    : \"No expiration\";\n\n  return `Grant for ${grantFile.grantee} to perform \"${grantFile.operation}\" (expires: ${expiration})`;\n}\n"],"mappings":"AAcA;AAAA,EACE;AAAA,EACA;AAAA,EACA;AAAA,OACK;AACP,SAAS,eAAe,4BAA4B;AA6B7C,SAAS,qBAAqB,QAA0C;AAC7E,QAAM,YAAY,gBAAgB,MAAM;AAGxC,MAAI;AACF,kBAAc,WAAW;AAAA,MACvB,QAAQ;AAAA,MACR,SAAS,OAAO;AAAA,MAChB,WAAW,OAAO;AAAA,IACpB,CAAC;AAAA,EACH,SAAS,OAAO;AACd,UAAM,IAAI;AAAA,MACR,yCAAyC,iBAAiB,QAAQ,MAAM,UAAU,eAAe;AAAA,MACjG,EAAE,WAAW,OAAO;AAAA,IACtB;AAAA,EACF;AAEA,SAAO;AACT;AAqCA,eAAsB,oBACpB,QACA,YACqD;AACrD,QAAM,YAAY,qBAAqB,MAAM;AAC7C,QAAM,WAAW,MAAM,eAAe,WAAW,UAAU;AAE3D,SAAO,EAAE,WAAW,SAAS;AAC/B;AAiCA,eAAsB,yBACpB,UACA,YACoB;AACpB,QAAM,YAAY,MAAM,kBAAkB,UAAU,UAAU;AAG9D,SAAO;AACT;AAYA,eAAsB,iBACpB,UACA,mBACA,WACA,UACA,YACuE;AACvE,MAAI;AACF,UAAM,YAAY,MAAM,yBAAyB,UAAU,UAAU;AAGrE,kBAAc,WAAW;AAAA,MACvB,QAAQ;AAAA,MACR,SAAS;AAAA,MACT;AAAA,IACF,CAAC;AAED,WAAO,EAAE,SAAS,MAAM,UAAU;AAAA,EACpC,SAAS,OAAO;AACd,QAAI,iBAAiB,sBAAsB;AACzC,aAAO;AAAA,QACL,SAAS;AAAA,QACT,QAAQ,MAAM;AAAA,MAChB;AAAA,IACF;AAEA,WAAO;AAAA,MACL,SAAS;AAAA,MACT,QAAQ,8BAA8B,iBAAiB,QAAQ,MAAM,UAAU,eAAe;AAAA,IAChG;AAAA,EACF;AACF;AAQO,SAAS,eAAe,WAA+B;AAC5D,MAAI,CAAC,UAAU,SAAS;AACtB,WAAO;AAAA,EACT;AAEA,QAAM,MAAM,KAAK,MAAM,KAAK,IAAI,IAAI,GAAI;AACxC,SAAO,MAAM,UAAU;AACzB;AAQO,SAAS,sBAAsB,WAAqC;AACzE,MAAI,CAAC,UAAU,SAAS;AACtB,WAAO;AAAA,EACT;AAEA,QAAM,MAAM,KAAK,MAAM,KAAK,IAAI,IAAI,GAAI;AACxC,QAAM,YAAY,UAAU,UAAU;AACtC,SAAO,KAAK,IAAI,GAAG,SAAS;AAC9B;AAQO,SAAS,eAAe,WAA8B;AAC3D,QAAM,aAAa,UAAU,UACzB,IAAI,KAAK,UAAU,UAAU,GAAI,EAAE,YAAY,IAC/C;AAEJ,SAAO,aAAa,UAAU,OAAO,gBAAgB,UAAU,SAAS,eAAe,UAAU;AACnG;","names":[]}

package/dist/utils/ipfs.cjs

@@ -30,12 +30,10 @@ __export(ipfs_exports, {
 module.exports = __toCommonJS(ipfs_exports);
 const DEFAULT_IPFS_GATEWAY = "https://dweb.link/ipfs/";
 const IPFS_GATEWAYS = [
-  "https://dweb.link/ipfs/",
-  // Interplanetary Shipyard - highly reliable
   "https://ipfs.io/ipfs/",
   // IPFS Foundation - reliable
-  "https://cloudflare-ipfs.com/ipfs/",
-  // Cloudflare - good performance
+  "https://dweb.link/ipfs/",
+  // Interplanetary Shipyard - observed to be having issues
   "https://gateway.pinata.cloud/ipfs/",
   // Pinata - backup option (has rate limits)
   "https://ipfs.filebase.io/ipfs/"

package/dist/utils/ipfs.cjs.map

@@ -1 +1 @@
-{"version":3,"sources":["../../src/utils/ipfs.ts"],"sourcesContent":["/**\n * IPFS URL utilities for the Vana SDK\n *\n * Centralized functions for handling IPFS URLs, converting them to gateway URLs,\n * and extracting IPFS hashes from various URL formats.\n */\n\n/**\n * Default IPFS gateway URL\n */\nexport const DEFAULT_IPFS_GATEWAY = \"https://dweb.link/ipfs/\";\n\n/**\n * Alternative IPFS gateways for fallback - ordered by reliability and rate limits\n */\nexport const IPFS_GATEWAYS = [\n  \"https://dweb.link/ipfs/\", // Interplanetary Shipyard - highly reliable\n  \"https://ipfs.io/ipfs/\", // IPFS Foundation - reliable\n  \"https://cloudflare-ipfs.com/ipfs/\", // Cloudflare - good performance\n  \"https://gateway.pinata.cloud/ipfs/\", // Pinata - backup option (has rate limits)\n  \"https://ipfs.filebase.io/ipfs/\", // Filebase - emerging reliable option\n] as const;\n\n/**\n * Check if a URL is an IPFS URL (starts with ipfs://)\n *\n * @param url - The URL to check\n * @returns True if the URL is an IPFS URL\n */\nexport function isIpfsUrl(url: string): boolean {\n  return url.startsWith(\"ipfs://\");\n}\n\n/**\n * Convert an IPFS URL to an HTTP gateway URL\n *\n * @param url - The IPFS URL to convert (e.g., \"ipfs://QmHash...\")\n * @param gateway - Optional gateway URL (defaults to DEFAULT_IPFS_GATEWAY)\n * @returns The HTTP gateway URL or original URL if not an IPFS URL\n * @example\n * ```ts\n * convertIpfsUrl(\"ipfs://QmHash123\")\n * // Returns: \"https://ipfs.io/ipfs/QmHash123\"\n *\n * convertIpfsUrl(\"ipfs://QmHash123\", \"https://gateway.pinata.cloud/ipfs/\")\n * // Returns: \"https://gateway.pinata.cloud/ipfs/QmHash123\"\n * ```\n */\nexport function convertIpfsUrl(\n  url: string,\n  gateway: string = DEFAULT_IPFS_GATEWAY,\n): string {\n  if (isIpfsUrl(url)) {\n    const hash = url.replace(\"ipfs://\", \"\");\n    return `${gateway}${hash}`;\n  }\n  return url;\n}\n\n/**\n * Extract IPFS hash from various URL formats\n *\n * **Edge Cases:**\n * - Returns null for non-IPFS URLs or malformed hashes\n * - Handles both CIDv0 (starts with Qm) and CIDv1 formats\n * - Minimum 46 characters required for standalone hash detection\n * - Gateway paths with subdirectories are not supported\n *\n * @param url - The URL to extract hash from\n * @returns The IPFS hash or null if not found\n * @example\n * ```ts\n * extractIpfsHash(\"ipfs://QmHash123\") // Returns: \"QmHash123\"\n * extractIpfsHash(\"https://gateway.pinata.cloud/ipfs/QmHash123\") // Returns: \"QmHash123\"\n * extractIpfsHash(\"QmHash123456789012345678901234567890123456\") // Returns: \"QmHash123456789012345678901234567890123456\"\n * extractIpfsHash(\"https://example.com/file.json\") // Returns: null (not IPFS)\n * extractIpfsHash(\"ipfs://QmHash/subdirectory\") // Returns: null (subdirectories not supported)\n * ```\n */\nexport function extractIpfsHash(url: string): string | null {\n  // Handle various IPFS URL formats\n  const patterns = [\n    /ipfs\\/([a-zA-Z0-9]+)/, // https://gateway.pinata.cloud/ipfs/HASH\n    /^ipfs:\\/\\/([a-zA-Z0-9]+)$/, // ipfs://HASH\n    /^([a-zA-Z0-9]{46,})$/, // Just the hash (46+ chars for IPFS hashes)\n  ];\n\n  for (const pattern of patterns) {\n    const match = url.match(pattern);\n    if (match) {\n      return match[1];\n    }\n  }\n\n  return null;\n}\n\n/**\n * Get multiple gateway URLs for an IPFS hash (useful for fallback)\n *\n * @param hash - The IPFS hash\n * @returns Array of gateway URLs\n */\nexport function getGatewayUrls(hash: string): string[] {\n  return IPFS_GATEWAYS.map((gateway) => `${gateway}${hash}`);\n}\n\n/**\n * Convert an IPFS URL to multiple gateway URLs for fallback\n *\n * @param url - The IPFS URL\n * @returns Array of gateway URLs or original URL if not IPFS\n */\nexport function convertIpfsUrlWithFallbacks(url: string): string[] {\n  const hash = extractIpfsHash(url);\n  if (hash) {\n    return getGatewayUrls(hash);\n  }\n  return [url];\n}\n\n/**\n * Fetch content from IPFS with automatic gateway fallbacks\n *\n * **Edge Cases:**\n * - Non-IPFS URLs are fetched directly without fallback\n * - 10-second timeout per gateway attempt to prevent hanging\n * - Rate-limited gateways (429) are skipped immediately\n * - Exponential backoff between retries (1s, 2s, 3s, etc.)\n * - AbortSignal in options is merged with timeout signal\n *\n * @param url - The IPFS URL to fetch\n * @param options - Optional fetch options\n * @returns Promise resolving to Response object\n * @throws Error if all gateways fail\n */\nexport async function fetchWithFallbacks(\n  url: string,\n  options?: RequestInit,\n): Promise<Response> {\n  const hash = extractIpfsHash(url);\n  if (!hash) {\n    // Not an IPFS URL, fetch directly\n    return fetch(url, options);\n  }\n\n  const gatewayUrls = getGatewayUrls(hash);\n  let lastError: Error | null = null;\n\n  for (let i = 0; i < gatewayUrls.length; i++) {\n    const gatewayUrl = gatewayUrls[i];\n    try {\n      const response = await fetch(gatewayUrl, {\n        ...options,\n        // Add timeout to avoid hanging on slow gateways\n        signal: AbortSignal.timeout(10000), // 10 second timeout\n      });\n\n      // If response is ok, return it\n      if (response.ok) {\n        return response;\n      }\n\n      // If rate limited (429), try next gateway immediately\n      if (response.status === 429) {\n        lastError = new Error(`Gateway rate limited: ${gatewayUrl}`);\n        continue;\n      }\n\n      // For other HTTP errors, still try next gateway\n      lastError = new Error(`Gateway error ${response.status}: ${gatewayUrl}`);\n    } catch (error) {\n      lastError = error instanceof Error ? error : new Error(String(error));\n\n      // For rate limiting or timeout errors, continue to next gateway\n      if (\n        lastError.message.includes(\"429\") ||\n        lastError.name === \"TimeoutError\"\n      ) {\n        continue;\n      }\n    }\n\n    // Add delay between retries (except for last attempt)\n    if (i < gatewayUrls.length - 1) {\n      await new Promise((resolve) => setTimeout(resolve, 1000 * (i + 1))); // Exponential backoff\n    }\n  }\n\n  throw new Error(\n    `All IPFS gateways failed for hash ${hash}. Last error: ${lastError?.message}`,\n  );\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAUO,MAAM,uBAAuB;AAK7B,MAAM,gBAAgB;AAAA,EAC3B;AAAA;AAAA,EACA;AAAA;AAAA,EACA;AAAA;AAAA,EACA;AAAA;AAAA,EACA;AAAA;AACF;AAQO,SAAS,UAAU,KAAsB;AAC9C,SAAO,IAAI,WAAW,SAAS;AACjC;AAiBO,SAAS,eACd,KACA,UAAkB,sBACV;AACR,MAAI,UAAU,GAAG,GAAG;AAClB,UAAM,OAAO,IAAI,QAAQ,WAAW,EAAE;AACtC,WAAO,GAAG,OAAO,GAAG,IAAI;AAAA,EAC1B;AACA,SAAO;AACT;AAsBO,SAAS,gBAAgB,KAA4B;AAE1D,QAAM,WAAW;AAAA,IACf;AAAA;AAAA,IACA;AAAA;AAAA,IACA;AAAA;AAAA,EACF;AAEA,aAAW,WAAW,UAAU;AAC9B,UAAM,QAAQ,IAAI,MAAM,OAAO;AAC/B,QAAI,OAAO;AACT,aAAO,MAAM,CAAC;AAAA,IAChB;AAAA,EACF;AAEA,SAAO;AACT;AAQO,SAAS,eAAe,MAAwB;AACrD,SAAO,cAAc,IAAI,CAAC,YAAY,GAAG,OAAO,GAAG,IAAI,EAAE;AAC3D;AAQO,SAAS,4BAA4B,KAAuB;AACjE,QAAM,OAAO,gBAAgB,GAAG;AAChC,MAAI,MAAM;AACR,WAAO,eAAe,IAAI;AAAA,EAC5B;AACA,SAAO,CAAC,GAAG;AACb;AAiBA,eAAsB,mBACpB,KACA,SACmB;AACnB,QAAM,OAAO,gBAAgB,GAAG;AAChC,MAAI,CAAC,MAAM;AAET,WAAO,MAAM,KAAK,OAAO;AAAA,EAC3B;AAEA,QAAM,cAAc,eAAe,IAAI;AACvC,MAAI,YAA0B;AAE9B,WAAS,IAAI,GAAG,IAAI,YAAY,QAAQ,KAAK;AAC3C,UAAM,aAAa,YAAY,CAAC;AAChC,QAAI;AACF,YAAM,WAAW,MAAM,MAAM,YAAY;AAAA,QACvC,GAAG;AAAA;AAAA,QAEH,QAAQ,YAAY,QAAQ,GAAK;AAAA;AAAA,MACnC,CAAC;AAGD,UAAI,SAAS,IAAI;AACf,eAAO;AAAA,MACT;AAGA,UAAI,SAAS,WAAW,KAAK;AAC3B,oBAAY,IAAI,MAAM,yBAAyB,UAAU,EAAE;AAC3D;AAAA,MACF;AAGA,kBAAY,IAAI,MAAM,iBAAiB,SAAS,MAAM,KAAK,UAAU,EAAE;AAAA,IACzE,SAAS,OAAO;AACd,kBAAY,iBAAiB,QAAQ,QAAQ,IAAI,MAAM,OAAO,KAAK,CAAC;AAGpE,UACE,UAAU,QAAQ,SAAS,KAAK,KAChC,UAAU,SAAS,gBACnB;AACA;AAAA,MACF;AAAA,IACF;AAGA,QAAI,IAAI,YAAY,SAAS,GAAG;AAC9B,YAAM,IAAI,QAAQ,CAAC,YAAY,WAAW,SAAS,OAAQ,IAAI,EAAE,CAAC;AAAA,IACpE;AAAA,EACF;AAEA,QAAM,IAAI;AAAA,IACR,qCAAqC,IAAI,iBAAiB,WAAW,OAAO;AAAA,EAC9E;AACF;","names":[]}
+{"version":3,"sources":["../../src/utils/ipfs.ts"],"sourcesContent":["/**\n * IPFS URL utilities for the Vana SDK\n *\n * Centralized functions for handling IPFS URLs, converting them to gateway URLs,\n * and extracting IPFS hashes from various URL formats.\n */\n\n/**\n * Default IPFS gateway URL\n */\nexport const DEFAULT_IPFS_GATEWAY = \"https://dweb.link/ipfs/\";\n\n/**\n * Alternative IPFS gateways for fallback - ordered by reliability and rate limits\n */\nexport const IPFS_GATEWAYS = [\n  \"https://ipfs.io/ipfs/\", // IPFS Foundation - reliable\n  \"https://dweb.link/ipfs/\", // Interplanetary Shipyard - observed to be having issues\n  \"https://gateway.pinata.cloud/ipfs/\", // Pinata - backup option (has rate limits)\n  \"https://ipfs.filebase.io/ipfs/\", // Filebase - emerging reliable option\n] as const;\n\n/**\n * Check if a URL is an IPFS URL (starts with ipfs://)\n *\n * @param url - The URL to check\n * @returns True if the URL is an IPFS URL\n */\nexport function isIpfsUrl(url: string): boolean {\n  return url.startsWith(\"ipfs://\");\n}\n\n/**\n * Convert an IPFS URL to an HTTP gateway URL\n *\n * @param url - The IPFS URL to convert (e.g., \"ipfs://QmHash...\")\n * @param gateway - Optional gateway URL (defaults to DEFAULT_IPFS_GATEWAY)\n * @returns The HTTP gateway URL or original URL if not an IPFS URL\n * @example\n * ```ts\n * convertIpfsUrl(\"ipfs://QmHash123\")\n * // Returns: \"https://ipfs.io/ipfs/QmHash123\"\n *\n * convertIpfsUrl(\"ipfs://QmHash123\", \"https://gateway.pinata.cloud/ipfs/\")\n * // Returns: \"https://gateway.pinata.cloud/ipfs/QmHash123\"\n * ```\n */\nexport function convertIpfsUrl(\n  url: string,\n  gateway: string = DEFAULT_IPFS_GATEWAY,\n): string {\n  if (isIpfsUrl(url)) {\n    const hash = url.replace(\"ipfs://\", \"\");\n    return `${gateway}${hash}`;\n  }\n  return url;\n}\n\n/**\n * Extract IPFS hash from various URL formats\n *\n * **Edge Cases:**\n * - Returns null for non-IPFS URLs or malformed hashes\n * - Handles both CIDv0 (starts with Qm) and CIDv1 formats\n * - Minimum 46 characters required for standalone hash detection\n * - Gateway paths with subdirectories are not supported\n *\n * @param url - The URL to extract hash from\n * @returns The IPFS hash or null if not found\n * @example\n * ```ts\n * extractIpfsHash(\"ipfs://QmHash123\") // Returns: \"QmHash123\"\n * extractIpfsHash(\"https://gateway.pinata.cloud/ipfs/QmHash123\") // Returns: \"QmHash123\"\n * extractIpfsHash(\"QmHash123456789012345678901234567890123456\") // Returns: \"QmHash123456789012345678901234567890123456\"\n * extractIpfsHash(\"https://example.com/file.json\") // Returns: null (not IPFS)\n * extractIpfsHash(\"ipfs://QmHash/subdirectory\") // Returns: null (subdirectories not supported)\n * ```\n */\nexport function extractIpfsHash(url: string): string | null {\n  // Handle various IPFS URL formats\n  const patterns = [\n    /ipfs\\/([a-zA-Z0-9]+)/, // https://gateway.pinata.cloud/ipfs/HASH\n    /^ipfs:\\/\\/([a-zA-Z0-9]+)$/, // ipfs://HASH\n    /^([a-zA-Z0-9]{46,})$/, // Just the hash (46+ chars for IPFS hashes)\n  ];\n\n  for (const pattern of patterns) {\n    const match = url.match(pattern);\n    if (match) {\n      return match[1];\n    }\n  }\n\n  return null;\n}\n\n/**\n * Get multiple gateway URLs for an IPFS hash (useful for fallback)\n *\n * @param hash - The IPFS hash\n * @returns Array of gateway URLs\n */\nexport function getGatewayUrls(hash: string): string[] {\n  return IPFS_GATEWAYS.map((gateway) => `${gateway}${hash}`);\n}\n\n/**\n * Convert an IPFS URL to multiple gateway URLs for fallback\n *\n * @param url - The IPFS URL\n * @returns Array of gateway URLs or original URL if not IPFS\n */\nexport function convertIpfsUrlWithFallbacks(url: string): string[] {\n  const hash = extractIpfsHash(url);\n  if (hash) {\n    return getGatewayUrls(hash);\n  }\n  return [url];\n}\n\n/**\n * Fetch content from IPFS with automatic gateway fallbacks\n *\n * **Edge Cases:**\n * - Non-IPFS URLs are fetched directly without fallback\n * - 10-second timeout per gateway attempt to prevent hanging\n * - Rate-limited gateways (429) are skipped immediately\n * - Exponential backoff between retries (1s, 2s, 3s, etc.)\n * - AbortSignal in options is merged with timeout signal\n *\n * @param url - The IPFS URL to fetch\n * @param options - Optional fetch options\n * @returns Promise resolving to Response object\n * @throws Error if all gateways fail\n */\nexport async function fetchWithFallbacks(\n  url: string,\n  options?: RequestInit,\n): Promise<Response> {\n  const hash = extractIpfsHash(url);\n  if (!hash) {\n    // Not an IPFS URL, fetch directly\n    return fetch(url, options);\n  }\n\n  const gatewayUrls = getGatewayUrls(hash);\n  let lastError: Error | null = null;\n\n  for (let i = 0; i < gatewayUrls.length; i++) {\n    const gatewayUrl = gatewayUrls[i];\n    try {\n      const response = await fetch(gatewayUrl, {\n        ...options,\n        // Add timeout to avoid hanging on slow gateways\n        signal: AbortSignal.timeout(10000), // 10 second timeout\n      });\n\n      // If response is ok, return it\n      if (response.ok) {\n        return response;\n      }\n\n      // If rate limited (429), try next gateway immediately\n      if (response.status === 429) {\n        lastError = new Error(`Gateway rate limited: ${gatewayUrl}`);\n        continue;\n      }\n\n      // For other HTTP errors, still try next gateway\n      lastError = new Error(`Gateway error ${response.status}: ${gatewayUrl}`);\n    } catch (error) {\n      lastError = error instanceof Error ? error : new Error(String(error));\n\n      // For rate limiting or timeout errors, continue to next gateway\n      if (\n        lastError.message.includes(\"429\") ||\n        lastError.name === \"TimeoutError\"\n      ) {\n        continue;\n      }\n    }\n\n    // Add delay between retries (except for last attempt)\n    if (i < gatewayUrls.length - 1) {\n      await new Promise((resolve) => setTimeout(resolve, 1000 * (i + 1))); // Exponential backoff\n    }\n  }\n\n  throw new Error(\n    `All IPFS gateways failed for hash ${hash}. Last error: ${lastError?.message}`,\n  );\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAUO,MAAM,uBAAuB;AAK7B,MAAM,gBAAgB;AAAA,EAC3B;AAAA;AAAA,EACA;AAAA;AAAA,EACA;AAAA;AAAA,EACA;AAAA;AACF;AAQO,SAAS,UAAU,KAAsB;AAC9C,SAAO,IAAI,WAAW,SAAS;AACjC;AAiBO,SAAS,eACd,KACA,UAAkB,sBACV;AACR,MAAI,UAAU,GAAG,GAAG;AAClB,UAAM,OAAO,IAAI,QAAQ,WAAW,EAAE;AACtC,WAAO,GAAG,OAAO,GAAG,IAAI;AAAA,EAC1B;AACA,SAAO;AACT;AAsBO,SAAS,gBAAgB,KAA4B;AAE1D,QAAM,WAAW;AAAA,IACf;AAAA;AAAA,IACA;AAAA;AAAA,IACA;AAAA;AAAA,EACF;AAEA,aAAW,WAAW,UAAU;AAC9B,UAAM,QAAQ,IAAI,MAAM,OAAO;AAC/B,QAAI,OAAO;AACT,aAAO,MAAM,CAAC;AAAA,IAChB;AAAA,EACF;AAEA,SAAO;AACT;AAQO,SAAS,eAAe,MAAwB;AACrD,SAAO,cAAc,IAAI,CAAC,YAAY,GAAG,OAAO,GAAG,IAAI,EAAE;AAC3D;AAQO,SAAS,4BAA4B,KAAuB;AACjE,QAAM,OAAO,gBAAgB,GAAG;AAChC,MAAI,MAAM;AACR,WAAO,eAAe,IAAI;AAAA,EAC5B;AACA,SAAO,CAAC,GAAG;AACb;AAiBA,eAAsB,mBACpB,KACA,SACmB;AACnB,QAAM,OAAO,gBAAgB,GAAG;AAChC,MAAI,CAAC,MAAM;AAET,WAAO,MAAM,KAAK,OAAO;AAAA,EAC3B;AAEA,QAAM,cAAc,eAAe,IAAI;AACvC,MAAI,YAA0B;AAE9B,WAAS,IAAI,GAAG,IAAI,YAAY,QAAQ,KAAK;AAC3C,UAAM,aAAa,YAAY,CAAC;AAChC,QAAI;AACF,YAAM,WAAW,MAAM,MAAM,YAAY;AAAA,QACvC,GAAG;AAAA;AAAA,QAEH,QAAQ,YAAY,QAAQ,GAAK;AAAA;AAAA,MACnC,CAAC;AAGD,UAAI,SAAS,IAAI;AACf,eAAO;AAAA,MACT;AAGA,UAAI,SAAS,WAAW,KAAK;AAC3B,oBAAY,IAAI,MAAM,yBAAyB,UAAU,EAAE;AAC3D;AAAA,MACF;AAGA,kBAAY,IAAI,MAAM,iBAAiB,SAAS,MAAM,KAAK,UAAU,EAAE;AAAA,IACzE,SAAS,OAAO;AACd,kBAAY,iBAAiB,QAAQ,QAAQ,IAAI,MAAM,OAAO,KAAK,CAAC;AAGpE,UACE,UAAU,QAAQ,SAAS,KAAK,KAChC,UAAU,SAAS,gBACnB;AACA;AAAA,MACF;AAAA,IACF;AAGA,QAAI,IAAI,YAAY,SAAS,GAAG;AAC9B,YAAM,IAAI,QAAQ,CAAC,YAAY,WAAW,SAAS,OAAQ,IAAI,EAAE,CAAC;AAAA,IACpE;AAAA,EACF;AAEA,QAAM,IAAI;AAAA,IACR,qCAAqC,IAAI,iBAAiB,WAAW,OAAO;AAAA,EAC9E;AACF;","names":[]}

package/dist/utils/ipfs.d.ts

@@ -11,7 +11,7 @@ export declare const DEFAULT_IPFS_GATEWAY = "https://dweb.link/ipfs/";
 /**
  * Alternative IPFS gateways for fallback - ordered by reliability and rate limits
  */
-export declare const IPFS_GATEWAYS: readonly ["https://dweb.link/ipfs/", "https://ipfs.io/ipfs/", "https://cloudflare-ipfs.com/ipfs/", "https://gateway.pinata.cloud/ipfs/", "https://ipfs.filebase.io/ipfs/"];
+export declare const IPFS_GATEWAYS: readonly ["https://ipfs.io/ipfs/", "https://dweb.link/ipfs/", "https://gateway.pinata.cloud/ipfs/", "https://ipfs.filebase.io/ipfs/"];
 /**
  * Check if a URL is an IPFS URL (starts with ipfs://)
  *

package/dist/utils/ipfs.js

@@ -1,11 +1,9 @@
 const DEFAULT_IPFS_GATEWAY = "https://dweb.link/ipfs/";
 const IPFS_GATEWAYS = [
-  "https://dweb.link/ipfs/",
-  // Interplanetary Shipyard - highly reliable
   "https://ipfs.io/ipfs/",
   // IPFS Foundation - reliable
-  "https://cloudflare-ipfs.com/ipfs/",
-  // Cloudflare - good performance
+  "https://dweb.link/ipfs/",
+  // Interplanetary Shipyard - observed to be having issues
   "https://gateway.pinata.cloud/ipfs/",
   // Pinata - backup option (has rate limits)
   "https://ipfs.filebase.io/ipfs/"

package/dist/utils/ipfs.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../src/utils/ipfs.ts"],"sourcesContent":["/**\n * IPFS URL utilities for the Vana SDK\n *\n * Centralized functions for handling IPFS URLs, converting them to gateway URLs,\n * and extracting IPFS hashes from various URL formats.\n */\n\n/**\n * Default IPFS gateway URL\n */\nexport const DEFAULT_IPFS_GATEWAY = \"https://dweb.link/ipfs/\";\n\n/**\n * Alternative IPFS gateways for fallback - ordered by reliability and rate limits\n */\nexport const IPFS_GATEWAYS = [\n  \"https://dweb.link/ipfs/\", // Interplanetary Shipyard - highly reliable\n  \"https://ipfs.io/ipfs/\", // IPFS Foundation - reliable\n  \"https://cloudflare-ipfs.com/ipfs/\", // Cloudflare - good performance\n  \"https://gateway.pinata.cloud/ipfs/\", // Pinata - backup option (has rate limits)\n  \"https://ipfs.filebase.io/ipfs/\", // Filebase - emerging reliable option\n] as const;\n\n/**\n * Check if a URL is an IPFS URL (starts with ipfs://)\n *\n * @param url - The URL to check\n * @returns True if the URL is an IPFS URL\n */\nexport function isIpfsUrl(url: string): boolean {\n  return url.startsWith(\"ipfs://\");\n}\n\n/**\n * Convert an IPFS URL to an HTTP gateway URL\n *\n * @param url - The IPFS URL to convert (e.g., \"ipfs://QmHash...\")\n * @param gateway - Optional gateway URL (defaults to DEFAULT_IPFS_GATEWAY)\n * @returns The HTTP gateway URL or original URL if not an IPFS URL\n * @example\n * ```ts\n * convertIpfsUrl(\"ipfs://QmHash123\")\n * // Returns: \"https://ipfs.io/ipfs/QmHash123\"\n *\n * convertIpfsUrl(\"ipfs://QmHash123\", \"https://gateway.pinata.cloud/ipfs/\")\n * // Returns: \"https://gateway.pinata.cloud/ipfs/QmHash123\"\n * ```\n */\nexport function convertIpfsUrl(\n  url: string,\n  gateway: string = DEFAULT_IPFS_GATEWAY,\n): string {\n  if (isIpfsUrl(url)) {\n    const hash = url.replace(\"ipfs://\", \"\");\n    return `${gateway}${hash}`;\n  }\n  return url;\n}\n\n/**\n * Extract IPFS hash from various URL formats\n *\n * **Edge Cases:**\n * - Returns null for non-IPFS URLs or malformed hashes\n * - Handles both CIDv0 (starts with Qm) and CIDv1 formats\n * - Minimum 46 characters required for standalone hash detection\n * - Gateway paths with subdirectories are not supported\n *\n * @param url - The URL to extract hash from\n * @returns The IPFS hash or null if not found\n * @example\n * ```ts\n * extractIpfsHash(\"ipfs://QmHash123\") // Returns: \"QmHash123\"\n * extractIpfsHash(\"https://gateway.pinata.cloud/ipfs/QmHash123\") // Returns: \"QmHash123\"\n * extractIpfsHash(\"QmHash123456789012345678901234567890123456\") // Returns: \"QmHash123456789012345678901234567890123456\"\n * extractIpfsHash(\"https://example.com/file.json\") // Returns: null (not IPFS)\n * extractIpfsHash(\"ipfs://QmHash/subdirectory\") // Returns: null (subdirectories not supported)\n * ```\n */\nexport function extractIpfsHash(url: string): string | null {\n  // Handle various IPFS URL formats\n  const patterns = [\n    /ipfs\\/([a-zA-Z0-9]+)/, // https://gateway.pinata.cloud/ipfs/HASH\n    /^ipfs:\\/\\/([a-zA-Z0-9]+)$/, // ipfs://HASH\n    /^([a-zA-Z0-9]{46,})$/, // Just the hash (46+ chars for IPFS hashes)\n  ];\n\n  for (const pattern of patterns) {\n    const match = url.match(pattern);\n    if (match) {\n      return match[1];\n    }\n  }\n\n  return null;\n}\n\n/**\n * Get multiple gateway URLs for an IPFS hash (useful for fallback)\n *\n * @param hash - The IPFS hash\n * @returns Array of gateway URLs\n */\nexport function getGatewayUrls(hash: string): string[] {\n  return IPFS_GATEWAYS.map((gateway) => `${gateway}${hash}`);\n}\n\n/**\n * Convert an IPFS URL to multiple gateway URLs for fallback\n *\n * @param url - The IPFS URL\n * @returns Array of gateway URLs or original URL if not IPFS\n */\nexport function convertIpfsUrlWithFallbacks(url: string): string[] {\n  const hash = extractIpfsHash(url);\n  if (hash) {\n    return getGatewayUrls(hash);\n  }\n  return [url];\n}\n\n/**\n * Fetch content from IPFS with automatic gateway fallbacks\n *\n * **Edge Cases:**\n * - Non-IPFS URLs are fetched directly without fallback\n * - 10-second timeout per gateway attempt to prevent hanging\n * - Rate-limited gateways (429) are skipped immediately\n * - Exponential backoff between retries (1s, 2s, 3s, etc.)\n * - AbortSignal in options is merged with timeout signal\n *\n * @param url - The IPFS URL to fetch\n * @param options - Optional fetch options\n * @returns Promise resolving to Response object\n * @throws Error if all gateways fail\n */\nexport async function fetchWithFallbacks(\n  url: string,\n  options?: RequestInit,\n): Promise<Response> {\n  const hash = extractIpfsHash(url);\n  if (!hash) {\n    // Not an IPFS URL, fetch directly\n    return fetch(url, options);\n  }\n\n  const gatewayUrls = getGatewayUrls(hash);\n  let lastError: Error | null = null;\n\n  for (let i = 0; i < gatewayUrls.length; i++) {\n    const gatewayUrl = gatewayUrls[i];\n    try {\n      const response = await fetch(gatewayUrl, {\n        ...options,\n        // Add timeout to avoid hanging on slow gateways\n        signal: AbortSignal.timeout(10000), // 10 second timeout\n      });\n\n      // If response is ok, return it\n      if (response.ok) {\n        return response;\n      }\n\n      // If rate limited (429), try next gateway immediately\n      if (response.status === 429) {\n        lastError = new Error(`Gateway rate limited: ${gatewayUrl}`);\n        continue;\n      }\n\n      // For other HTTP errors, still try next gateway\n      lastError = new Error(`Gateway error ${response.status}: ${gatewayUrl}`);\n    } catch (error) {\n      lastError = error instanceof Error ? error : new Error(String(error));\n\n      // For rate limiting or timeout errors, continue to next gateway\n      if (\n        lastError.message.includes(\"429\") ||\n        lastError.name === \"TimeoutError\"\n      ) {\n        continue;\n      }\n    }\n\n    // Add delay between retries (except for last attempt)\n    if (i < gatewayUrls.length - 1) {\n      await new Promise((resolve) => setTimeout(resolve, 1000 * (i + 1))); // Exponential backoff\n    }\n  }\n\n  throw new Error(\n    `All IPFS gateways failed for hash ${hash}. Last error: ${lastError?.message}`,\n  );\n}\n"],"mappings":"AAUO,MAAM,uBAAuB;AAK7B,MAAM,gBAAgB;AAAA,EAC3B;AAAA;AAAA,EACA;AAAA;AAAA,EACA;AAAA;AAAA,EACA;AAAA;AAAA,EACA;AAAA;AACF;AAQO,SAAS,UAAU,KAAsB;AAC9C,SAAO,IAAI,WAAW,SAAS;AACjC;AAiBO,SAAS,eACd,KACA,UAAkB,sBACV;AACR,MAAI,UAAU,GAAG,GAAG;AAClB,UAAM,OAAO,IAAI,QAAQ,WAAW,EAAE;AACtC,WAAO,GAAG,OAAO,GAAG,IAAI;AAAA,EAC1B;AACA,SAAO;AACT;AAsBO,SAAS,gBAAgB,KAA4B;AAE1D,QAAM,WAAW;AAAA,IACf;AAAA;AAAA,IACA;AAAA;AAAA,IACA;AAAA;AAAA,EACF;AAEA,aAAW,WAAW,UAAU;AAC9B,UAAM,QAAQ,IAAI,MAAM,OAAO;AAC/B,QAAI,OAAO;AACT,aAAO,MAAM,CAAC;AAAA,IAChB;AAAA,EACF;AAEA,SAAO;AACT;AAQO,SAAS,eAAe,MAAwB;AACrD,SAAO,cAAc,IAAI,CAAC,YAAY,GAAG,OAAO,GAAG,IAAI,EAAE;AAC3D;AAQO,SAAS,4BAA4B,KAAuB;AACjE,QAAM,OAAO,gBAAgB,GAAG;AAChC,MAAI,MAAM;AACR,WAAO,eAAe,IAAI;AAAA,EAC5B;AACA,SAAO,CAAC,GAAG;AACb;AAiBA,eAAsB,mBACpB,KACA,SACmB;AACnB,QAAM,OAAO,gBAAgB,GAAG;AAChC,MAAI,CAAC,MAAM;AAET,WAAO,MAAM,KAAK,OAAO;AAAA,EAC3B;AAEA,QAAM,cAAc,eAAe,IAAI;AACvC,MAAI,YAA0B;AAE9B,WAAS,IAAI,GAAG,IAAI,YAAY,QAAQ,KAAK;AAC3C,UAAM,aAAa,YAAY,CAAC;AAChC,QAAI;AACF,YAAM,WAAW,MAAM,MAAM,YAAY;AAAA,QACvC,GAAG;AAAA;AAAA,QAEH,QAAQ,YAAY,QAAQ,GAAK;AAAA;AAAA,MACnC,CAAC;AAGD,UAAI,SAAS,IAAI;AACf,eAAO;AAAA,MACT;AAGA,UAAI,SAAS,WAAW,KAAK;AAC3B,oBAAY,IAAI,MAAM,yBAAyB,UAAU,EAAE;AAC3D;AAAA,MACF;AAGA,kBAAY,IAAI,MAAM,iBAAiB,SAAS,MAAM,KAAK,UAAU,EAAE;AAAA,IACzE,SAAS,OAAO;AACd,kBAAY,iBAAiB,QAAQ,QAAQ,IAAI,MAAM,OAAO,KAAK,CAAC;AAGpE,UACE,UAAU,QAAQ,SAAS,KAAK,KAChC,UAAU,SAAS,gBACnB;AACA;AAAA,MACF;AAAA,IACF;AAGA,QAAI,IAAI,YAAY,SAAS,GAAG;AAC9B,YAAM,IAAI,QAAQ,CAAC,YAAY,WAAW,SAAS,OAAQ,IAAI,EAAE,CAAC;AAAA,IACpE;AAAA,EACF;AAEA,QAAM,IAAI;AAAA,IACR,qCAAqC,IAAI,iBAAiB,WAAW,OAAO;AAAA,EAC9E;AACF;","names":[]}
+{"version":3,"sources":["../../src/utils/ipfs.ts"],"sourcesContent":["/**\n * IPFS URL utilities for the Vana SDK\n *\n * Centralized functions for handling IPFS URLs, converting them to gateway URLs,\n * and extracting IPFS hashes from various URL formats.\n */\n\n/**\n * Default IPFS gateway URL\n */\nexport const DEFAULT_IPFS_GATEWAY = \"https://dweb.link/ipfs/\";\n\n/**\n * Alternative IPFS gateways for fallback - ordered by reliability and rate limits\n */\nexport const IPFS_GATEWAYS = [\n  \"https://ipfs.io/ipfs/\", // IPFS Foundation - reliable\n  \"https://dweb.link/ipfs/\", // Interplanetary Shipyard - observed to be having issues\n  \"https://gateway.pinata.cloud/ipfs/\", // Pinata - backup option (has rate limits)\n  \"https://ipfs.filebase.io/ipfs/\", // Filebase - emerging reliable option\n] as const;\n\n/**\n * Check if a URL is an IPFS URL (starts with ipfs://)\n *\n * @param url - The URL to check\n * @returns True if the URL is an IPFS URL\n */\nexport function isIpfsUrl(url: string): boolean {\n  return url.startsWith(\"ipfs://\");\n}\n\n/**\n * Convert an IPFS URL to an HTTP gateway URL\n *\n * @param url - The IPFS URL to convert (e.g., \"ipfs://QmHash...\")\n * @param gateway - Optional gateway URL (defaults to DEFAULT_IPFS_GATEWAY)\n * @returns The HTTP gateway URL or original URL if not an IPFS URL\n * @example\n * ```ts\n * convertIpfsUrl(\"ipfs://QmHash123\")\n * // Returns: \"https://ipfs.io/ipfs/QmHash123\"\n *\n * convertIpfsUrl(\"ipfs://QmHash123\", \"https://gateway.pinata.cloud/ipfs/\")\n * // Returns: \"https://gateway.pinata.cloud/ipfs/QmHash123\"\n * ```\n */\nexport function convertIpfsUrl(\n  url: string,\n  gateway: string = DEFAULT_IPFS_GATEWAY,\n): string {\n  if (isIpfsUrl(url)) {\n    const hash = url.replace(\"ipfs://\", \"\");\n    return `${gateway}${hash}`;\n  }\n  return url;\n}\n\n/**\n * Extract IPFS hash from various URL formats\n *\n * **Edge Cases:**\n * - Returns null for non-IPFS URLs or malformed hashes\n * - Handles both CIDv0 (starts with Qm) and CIDv1 formats\n * - Minimum 46 characters required for standalone hash detection\n * - Gateway paths with subdirectories are not supported\n *\n * @param url - The URL to extract hash from\n * @returns The IPFS hash or null if not found\n * @example\n * ```ts\n * extractIpfsHash(\"ipfs://QmHash123\") // Returns: \"QmHash123\"\n * extractIpfsHash(\"https://gateway.pinata.cloud/ipfs/QmHash123\") // Returns: \"QmHash123\"\n * extractIpfsHash(\"QmHash123456789012345678901234567890123456\") // Returns: \"QmHash123456789012345678901234567890123456\"\n * extractIpfsHash(\"https://example.com/file.json\") // Returns: null (not IPFS)\n * extractIpfsHash(\"ipfs://QmHash/subdirectory\") // Returns: null (subdirectories not supported)\n * ```\n */\nexport function extractIpfsHash(url: string): string | null {\n  // Handle various IPFS URL formats\n  const patterns = [\n    /ipfs\\/([a-zA-Z0-9]+)/, // https://gateway.pinata.cloud/ipfs/HASH\n    /^ipfs:\\/\\/([a-zA-Z0-9]+)$/, // ipfs://HASH\n    /^([a-zA-Z0-9]{46,})$/, // Just the hash (46+ chars for IPFS hashes)\n  ];\n\n  for (const pattern of patterns) {\n    const match = url.match(pattern);\n    if (match) {\n      return match[1];\n    }\n  }\n\n  return null;\n}\n\n/**\n * Get multiple gateway URLs for an IPFS hash (useful for fallback)\n *\n * @param hash - The IPFS hash\n * @returns Array of gateway URLs\n */\nexport function getGatewayUrls(hash: string): string[] {\n  return IPFS_GATEWAYS.map((gateway) => `${gateway}${hash}`);\n}\n\n/**\n * Convert an IPFS URL to multiple gateway URLs for fallback\n *\n * @param url - The IPFS URL\n * @returns Array of gateway URLs or original URL if not IPFS\n */\nexport function convertIpfsUrlWithFallbacks(url: string): string[] {\n  const hash = extractIpfsHash(url);\n  if (hash) {\n    return getGatewayUrls(hash);\n  }\n  return [url];\n}\n\n/**\n * Fetch content from IPFS with automatic gateway fallbacks\n *\n * **Edge Cases:**\n * - Non-IPFS URLs are fetched directly without fallback\n * - 10-second timeout per gateway attempt to prevent hanging\n * - Rate-limited gateways (429) are skipped immediately\n * - Exponential backoff between retries (1s, 2s, 3s, etc.)\n * - AbortSignal in options is merged with timeout signal\n *\n * @param url - The IPFS URL to fetch\n * @param options - Optional fetch options\n * @returns Promise resolving to Response object\n * @throws Error if all gateways fail\n */\nexport async function fetchWithFallbacks(\n  url: string,\n  options?: RequestInit,\n): Promise<Response> {\n  const hash = extractIpfsHash(url);\n  if (!hash) {\n    // Not an IPFS URL, fetch directly\n    return fetch(url, options);\n  }\n\n  const gatewayUrls = getGatewayUrls(hash);\n  let lastError: Error | null = null;\n\n  for (let i = 0; i < gatewayUrls.length; i++) {\n    const gatewayUrl = gatewayUrls[i];\n    try {\n      const response = await fetch(gatewayUrl, {\n        ...options,\n        // Add timeout to avoid hanging on slow gateways\n        signal: AbortSignal.timeout(10000), // 10 second timeout\n      });\n\n      // If response is ok, return it\n      if (response.ok) {\n        return response;\n      }\n\n      // If rate limited (429), try next gateway immediately\n      if (response.status === 429) {\n        lastError = new Error(`Gateway rate limited: ${gatewayUrl}`);\n        continue;\n      }\n\n      // For other HTTP errors, still try next gateway\n      lastError = new Error(`Gateway error ${response.status}: ${gatewayUrl}`);\n    } catch (error) {\n      lastError = error instanceof Error ? error : new Error(String(error));\n\n      // For rate limiting or timeout errors, continue to next gateway\n      if (\n        lastError.message.includes(\"429\") ||\n        lastError.name === \"TimeoutError\"\n      ) {\n        continue;\n      }\n    }\n\n    // Add delay between retries (except for last attempt)\n    if (i < gatewayUrls.length - 1) {\n      await new Promise((resolve) => setTimeout(resolve, 1000 * (i + 1))); // Exponential backoff\n    }\n  }\n\n  throw new Error(\n    `All IPFS gateways failed for hash ${hash}. Last error: ${lastError?.message}`,\n  );\n}\n"],"mappings":"AAUO,MAAM,uBAAuB;AAK7B,MAAM,gBAAgB;AAAA,EAC3B;AAAA;AAAA,EACA;AAAA;AAAA,EACA;AAAA;AAAA,EACA;AAAA;AACF;AAQO,SAAS,UAAU,KAAsB;AAC9C,SAAO,IAAI,WAAW,SAAS;AACjC;AAiBO,SAAS,eACd,KACA,UAAkB,sBACV;AACR,MAAI,UAAU,GAAG,GAAG;AAClB,UAAM,OAAO,IAAI,QAAQ,WAAW,EAAE;AACtC,WAAO,GAAG,OAAO,GAAG,IAAI;AAAA,EAC1B;AACA,SAAO;AACT;AAsBO,SAAS,gBAAgB,KAA4B;AAE1D,QAAM,WAAW;AAAA,IACf;AAAA;AAAA,IACA;AAAA;AAAA,IACA;AAAA;AAAA,EACF;AAEA,aAAW,WAAW,UAAU;AAC9B,UAAM,QAAQ,IAAI,MAAM,OAAO;AAC/B,QAAI,OAAO;AACT,aAAO,MAAM,CAAC;AAAA,IAChB;AAAA,EACF;AAEA,SAAO;AACT;AAQO,SAAS,eAAe,MAAwB;AACrD,SAAO,cAAc,IAAI,CAAC,YAAY,GAAG,OAAO,GAAG,IAAI,EAAE;AAC3D;AAQO,SAAS,4BAA4B,KAAuB;AACjE,QAAM,OAAO,gBAAgB,GAAG;AAChC,MAAI,MAAM;AACR,WAAO,eAAe,IAAI;AAAA,EAC5B;AACA,SAAO,CAAC,GAAG;AACb;AAiBA,eAAsB,mBACpB,KACA,SACmB;AACnB,QAAM,OAAO,gBAAgB,GAAG;AAChC,MAAI,CAAC,MAAM;AAET,WAAO,MAAM,KAAK,OAAO;AAAA,EAC3B;AAEA,QAAM,cAAc,eAAe,IAAI;AACvC,MAAI,YAA0B;AAE9B,WAAS,IAAI,GAAG,IAAI,YAAY,QAAQ,KAAK;AAC3C,UAAM,aAAa,YAAY,CAAC;AAChC,QAAI;AACF,YAAM,WAAW,MAAM,MAAM,YAAY;AAAA,QACvC,GAAG;AAAA;AAAA,QAEH,QAAQ,YAAY,QAAQ,GAAK;AAAA;AAAA,MACnC,CAAC;AAGD,UAAI,SAAS,IAAI;AACf,eAAO;AAAA,MACT;AAGA,UAAI,SAAS,WAAW,KAAK;AAC3B,oBAAY,IAAI,MAAM,yBAAyB,UAAU,EAAE;AAC3D;AAAA,MACF;AAGA,kBAAY,IAAI,MAAM,iBAAiB,SAAS,MAAM,KAAK,UAAU,EAAE;AAAA,IACzE,SAAS,OAAO;AACd,kBAAY,iBAAiB,QAAQ,QAAQ,IAAI,MAAM,OAAO,KAAK,CAAC;AAGpE,UACE,UAAU,QAAQ,SAAS,KAAK,KAChC,UAAU,SAAS,gBACnB;AACA;AAAA,MACF;AAAA,IACF;AAGA,QAAI,IAAI,YAAY,SAAS,GAAG;AAC9B,YAAM,IAAI,QAAQ,CAAC,YAAY,WAAW,SAAS,OAAQ,IAAI,EAAE,CAAC;AAAA,IACpE;AAAA,EACF;AAEA,QAAM,IAAI;AAAA,IACR,qCAAqC,IAAI,iBAAiB,WAAW,OAAO;AAAA,EAC9E;AACF;","names":[]}

package/dist/utils/lazy-import.cjs.map

@@ -1 +1 @@
-{"version":3,"sources":["../../src/utils/lazy-import.ts"],"sourcesContent":["/**\n * Utility for lazy-loading modules to avoid Turbopack TDZ issues\n *\n * WARNING: This is a workaround for Turbopack's strict module initialization.\n * Dependencies that access globals during init must be dynamically imported.\n */\n\n/**\n * Creates a lazy import function that caches the promise (not the module)\n * to avoid race conditions on concurrent first calls\n *\n * @param importFn - Function that returns a dynamic import promise\n * @returns Function that returns the cached import promise\n *\n * @example\n * const getOpenPGP = lazyImport(() => import('openpgp'));\n * const openpgp = await getOpenPGP();\n */\nexport function lazyImport<T>(importFn: () => Promise<T>): () => Promise<T> {\n  let cached: Promise<T> | null = null;\n\n  return () => {\n    cached ??= importFn().catch((err) => {\n      // Clear cache on error so next attempt can retry\n      cached = null;\n      throw new Error(\"Failed to load module\", { cause: err });\n    });\n    return cached;\n  };\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAkBO,SAAS,WAAc,UAA8C;AAC1E,MAAI,SAA4B;AAEhC,SAAO,MAAM;AACX,eAAW,SAAS,EAAE,MAAM,CAAC,QAAQ;AAEnC,eAAS;AACT,YAAM,IAAI,MAAM,yBAAyB,EAAE,OAAO,IAAI,CAAC;AAAA,IACzD,CAAC;AACD,WAAO;AAAA,EACT;AACF;","names":[]}
+{"version":3,"sources":["../../src/utils/lazy-import.ts"],"sourcesContent":["/**\n * Provides lazy module loading to avoid Temporal Dead Zone issues.\n *\n * @remarks\n * This module implements a caching lazy import pattern to work around Turbopack's\n * strict module initialization. Dependencies that access globals during initialization\n * must be dynamically imported to prevent TDZ errors in Next.js environments.\n *\n * @see {@link https://github.com/vercel/next.js/issues/82632 | Turbopack TDZ Issue}\n *\n * @category Utilities\n * @module utils/lazy-import\n */\n\n/**\n * Creates a cached lazy import function for deferred module loading.\n *\n * @remarks\n * Caches the import promise (not the module) to prevent race conditions\n * during concurrent first calls. On import failure, clears the cache to\n * allow retry on next attempt.\n *\n * @typeParam T - The type of the module being imported\n *\n * @param importFn - Function that returns a dynamic import promise.\n *   Should be a dynamic import expression like `() => import('module')`.\n * @returns A function that returns the cached import promise\n *\n * @example\n * ```typescript\n * // Create lazy loader for heavy crypto library\n * const getOpenPGP = lazyImport(() => import('openpgp'));\n *\n * // Use when needed (first call triggers import)\n * const openpgp = await getOpenPGP();\n * const encrypted = await openpgp.encrypt(data);\n *\n * // Subsequent calls return cached promise\n * const openpgp2 = await getOpenPGP(); // Same instance\n * ```\n *\n * @category Utilities\n */\nexport function lazyImport<T>(importFn: () => Promise<T>): () => Promise<T> {\n  let cached: Promise<T> | null = null;\n\n  return () => {\n    cached ??= importFn().catch((err) => {\n      // Clear cache on error so next attempt can retry\n      cached = null;\n      throw new Error(\"Failed to load module\", { cause: err });\n    });\n    return cached;\n  };\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AA2CO,SAAS,WAAc,UAA8C;AAC1E,MAAI,SAA4B;AAEhC,SAAO,MAAM;AACX,eAAW,SAAS,EAAE,MAAM,CAAC,QAAQ;AAEnC,eAAS;AACT,YAAM,IAAI,MAAM,yBAAyB,EAAE,OAAO,IAAI,CAAC;AAAA,IACzD,CAAC;AACD,WAAO;AAAA,EACT;AACF;","names":[]}