@opendatalabs/vana-sdk 3.0.0 → 3.0.1-pr.147.a4abdb1

package/dist/index.browser.js

@@ -29006,7 +29006,7 @@ async function buildWeb3SignedHeader(params) {
 }
 
 // src/storage/providers/vana-storage.ts
-var DEFAULT_ENDPOINT = "https://storage.vana.com";
+var DEFAULT_ENDPOINT = "https://storage.vana.org";
 var BLOB_PATH_PREFIX = "/v1/blobs";
 var DEFAULT_TOKEN_TTL_SECONDS = 300;
 var VanaStorage = class {
@@ -31548,6 +31548,30 @@ function base64urlDecode(input) {
   base64 += "=".repeat(padLength);
   return new TextDecoder().decode(fromBase64(base64));
 }
+function isFiniteNumber(value) {
+  return typeof value === "number" && Number.isFinite(value);
+}
+function parsePayload(value) {
+  if (value === null || typeof value !== "object" || Array.isArray(value)) {
+    throw new InvalidSignatureError({ reason: "Invalid payload shape" });
+  }
+  const payload = value;
+  if (typeof payload["aud"] !== "string" || typeof payload["method"] !== "string" || typeof payload["uri"] !== "string" || typeof payload["bodyHash"] !== "string" || !isFiniteNumber(payload["iat"]) || !isFiniteNumber(payload["exp"])) {
+    throw new InvalidSignatureError({ reason: "Invalid payload claims" });
+  }
+  if (payload["grantId"] !== void 0 && typeof payload["grantId"] !== "string") {
+    throw new InvalidSignatureError({ reason: "Invalid grantId claim" });
+  }
+  return {
+    aud: payload["aud"],
+    method: payload["method"],
+    uri: payload["uri"],
+    bodyHash: payload["bodyHash"],
+    iat: payload["iat"],
+    exp: payload["exp"],
+    grantId: payload["grantId"]
+  };
+}
 function parseWeb3SignedHeader(headerValue) {
   if (!headerValue) {
     throw new MissingAuthError();
@@ -31568,8 +31592,9 @@ function parseWeb3SignedHeader(headerValue) {
   let payload;
   try {
     const decoded = base64urlDecode(payloadBase64);
-    payload = JSON.parse(decoded);
-  } catch {
+    payload = parsePayload(JSON.parse(decoded));
+  } catch (err) {
+    if (err instanceof InvalidSignatureError) throw err;
     throw new InvalidSignatureError({ reason: "Invalid payload encoding" });
   }
   return {
@@ -31612,7 +31637,7 @@ async function verifyWeb3Signed(params) {
       actual: payload.uri
     });
   }
-  if (params.bodyBytes !== void 0 && params.bodyBytes.length > 0) {
+  if (params.bodyBytes !== void 0) {
     const expectedBodyHash = computeBodyHash(params.bodyBytes);
     if (payload.bodyHash !== expectedBodyHash) {
       throw new InvalidSignatureError({
@@ -31711,6 +31736,480 @@ var BUILDER_REGISTRATION_TYPES = {
   ]
 };
 
+// src/protocol/personal-server-registration.ts
+import {
+  isAddress
+} from "viem";
+var PERSONAL_SERVER_REGISTRATION_DEFAULT_CHAIN_ID = 1480;
+var PERSONAL_SERVER_REGISTRATION_DEFAULT_VERIFYING_CONTRACT = "0x1483B1F634DBA75AeaE60da7f01A679aabd5ee2c";
+function assertAddress(value, name) {
+  if (!isAddress(value)) {
+    throw new Error(`${name} must be a valid EVM address`);
+  }
+}
+function getAccountAddress(account) {
+  if (!account) {
+    return void 0;
+  }
+  return typeof account === "string" ? account : account.address;
+}
+function isPersonalServerRegistrationSigner(source) {
+  return "address" in source && typeof source.signTypedData === "function";
+}
+function createViemPersonalServerRegistrationSigner(source, options = {}) {
+  if (isPersonalServerRegistrationSigner(source)) {
+    return source;
+  }
+  const accountAddress = getAccountAddress(options.account) ?? getAccountAddress(source.account);
+  if (accountAddress) {
+    return {
+      address: accountAddress,
+      signTypedData: (typedData) => source.signTypedData({
+        ...typedData,
+        account: options.account ?? source.account ?? accountAddress
+      })
+    };
+  }
+  throw new Error(
+    "Viem wallet client requires an account option or account property"
+  );
+}
+function personalServerRegistrationDomain(input = {}) {
+  if (input.config) {
+    return serverRegistrationDomain(input.config);
+  }
+  const verifyingContract = input.verifyingContract ?? PERSONAL_SERVER_REGISTRATION_DEFAULT_VERIFYING_CONTRACT;
+  assertAddress(verifyingContract, "verifyingContract");
+  return {
+    name: "Vana Data Portability",
+    version: "1",
+    chainId: input.chainId ?? PERSONAL_SERVER_REGISTRATION_DEFAULT_CHAIN_ID,
+    verifyingContract
+  };
+}
+function buildPersonalServerRegistrationTypedData(input) {
+  assertAddress(input.ownerAddress, "ownerAddress");
+  assertAddress(input.serverAddress, "serverAddress");
+  return {
+    domain: personalServerRegistrationDomain(input),
+    types: SERVER_REGISTRATION_TYPES,
+    primaryType: "ServerRegistration",
+    message: {
+      ownerAddress: input.ownerAddress,
+      serverAddress: input.serverAddress,
+      publicKey: input.serverPublicKey,
+      serverUrl: input.serverUrl
+    }
+  };
+}
+async function buildPersonalServerRegistrationSignature(input) {
+  const typedData = buildPersonalServerRegistrationTypedData({
+    ownerAddress: input.signer.address,
+    serverAddress: input.serverAddress,
+    serverPublicKey: input.serverPublicKey,
+    serverUrl: input.serverUrl,
+    config: input.config,
+    chainId: input.chainId,
+    verifyingContract: input.verifyingContract
+  });
+  const signature = await input.signer.signTypedData(typedData);
+  return {
+    signature,
+    signerAddress: input.signer.address,
+    typedData
+  };
+}
+var registerPersonalServerSignature = buildPersonalServerRegistrationSignature;
+
+// src/protocol/personal-server-lite-owner-binding.ts
+import {
+  isAddress as isAddress2
+} from "viem";
+var PERSONAL_SERVER_LITE_OWNER_BINDING_VERSION = "vana.account.v1";
+var PERSONAL_SERVER_LITE_OWNER_BINDING_PURPOSE = "ps-lite-owner";
+var PERSONAL_SERVER_LITE_OWNER_BINDING_PREFIX = `${PERSONAL_SERVER_LITE_OWNER_BINDING_VERSION}:${PERSONAL_SERVER_LITE_OWNER_BINDING_PURPOSE}:`;
+function assertAddress2(value, name) {
+  if (!isAddress2(value)) {
+    throw new Error(`${name} must be a valid EVM address`);
+  }
+}
+function getAccountAddress2(account) {
+  if (!account) {
+    return void 0;
+  }
+  return typeof account === "string" ? account : account.address;
+}
+function isPersonalServerLiteOwnerBindingSigner(source) {
+  return "address" in source && typeof source.signMessage === "function";
+}
+function buildPersonalServerLiteOwnerBindingMessage(ownerAddress) {
+  assertAddress2(ownerAddress, "ownerAddress");
+  return `${PERSONAL_SERVER_LITE_OWNER_BINDING_PREFIX}${ownerAddress.toLowerCase()}`;
+}
+function createViemPersonalServerLiteOwnerBindingSigner(source, options = {}) {
+  if (isPersonalServerLiteOwnerBindingSigner(source)) {
+    return source;
+  }
+  const accountAddress = getAccountAddress2(options.account) ?? getAccountAddress2(source.account);
+  if (accountAddress) {
+    return {
+      address: accountAddress,
+      signMessage: ({ message }) => source.signMessage({
+        account: options.account ?? source.account ?? accountAddress,
+        message
+      })
+    };
+  }
+  throw new Error(
+    "Viem wallet client requires an account option or account property"
+  );
+}
+async function buildPersonalServerLiteOwnerBindingSignature(input) {
+  const message = buildPersonalServerLiteOwnerBindingMessage(
+    input.signer.address
+  );
+  const signature = await input.signer.signMessage({ message });
+  return {
+    signature,
+    signerAddress: input.signer.address,
+    message,
+    purpose: PERSONAL_SERVER_LITE_OWNER_BINDING_PURPOSE
+  };
+}
+var signPersonalServerLiteOwnerBinding = buildPersonalServerLiteOwnerBindingSignature;
+
+// src/account/personal-server-registration.ts
+import { isAddress as isAddress3 } from "viem";
+var ACCOUNT_PERSONAL_SERVER_REGISTRATION_INTENT = "personal_server.server_registration.v1";
+var AccountPersonalServerRegistrationError = class extends Error {
+  status;
+  code;
+  details;
+  constructor(input) {
+    super(input.message);
+    this.name = "AccountPersonalServerRegistrationError";
+    this.status = input.status;
+    this.code = input.code;
+    this.details = input.details;
+  }
+};
+var DEFAULT_ACCOUNT_PS_REGISTRATION_PATH = "/api/v1/intents/personal-server-registration/sign";
+function trimTrailingSlash(value) {
+  return value.replace(/\/+$/, "");
+}
+function assertAddress3(value, name) {
+  if (!isAddress3(value)) {
+    throw new Error(`${name} must be a valid EVM address`);
+  }
+}
+async function parseAccountResponse(response) {
+  const body = await response.json().catch(() => void 0);
+  if (!response.ok) {
+    throw new AccountPersonalServerRegistrationError({
+      status: response.status,
+      code: accountErrorCode(body),
+      message: accountErrorMessage(response.status, body),
+      details: body
+    });
+  }
+  return body;
+}
+function accountErrorMessage(status, body) {
+  const nestedMessage = nestedAccountErrorField(body, "message");
+  if (nestedMessage) {
+    return nestedMessage;
+  }
+  if (isRecord(body) && typeof body.message === "string") {
+    return body.message;
+  }
+  const code = accountErrorCode(body);
+  if (code) {
+    return `Account PS registration signing failed: ${code}`;
+  }
+  return `Account PS registration signing failed: ${status}`;
+}
+function accountErrorCode(body) {
+  const nestedCode = nestedAccountErrorField(body, "code");
+  if (nestedCode) {
+    return nestedCode;
+  }
+  if (isRecord(body)) {
+    if (typeof body.code === "string") {
+      return body.code;
+    }
+    if (typeof body.error === "string") {
+      return body.error;
+    }
+  }
+  return void 0;
+}
+function nestedAccountErrorField(body, field) {
+  if (!isRecord(body) || !isRecord(body.error)) {
+    return void 0;
+  }
+  const value = body.error[field];
+  return typeof value === "string" ? value : void 0;
+}
+function isRecord(value) {
+  return typeof value === "object" && value !== null;
+}
+function normalizeAccountResponse(response) {
+  return {
+    ...response,
+    status: response.status === "fallback_required" ? "confirmation_required" : response.status,
+    signerAddress: response.signerAddress ?? response.signer?.address,
+    typedData: response.typedData ?? response.typed_data
+  };
+}
+function buildSignedResult(response, request) {
+  assertAddress3(response.signerAddress, "signerAddress");
+  return {
+    signature: response.signature,
+    signerAddress: response.signerAddress,
+    typedData: response.typedData ?? buildPersonalServerRegistrationTypedData({
+      ownerAddress: response.signerAddress,
+      ...request
+    }),
+    intent: ACCOUNT_PERSONAL_SERVER_REGISTRATION_INTENT
+  };
+}
+async function signPersonalServerRegistrationWithAccount(config, request) {
+  assertAddress3(request.serverAddress, "serverAddress");
+  const fetchImpl = config.fetchImpl ?? globalThis.fetch.bind(globalThis);
+  const endpoint = new URL(
+    config.endpointPath ?? DEFAULT_ACCOUNT_PS_REGISTRATION_PATH,
+    `${trimTrailingSlash(config.accountOrigin)}/`
+  );
+  const response = await fetchImpl(endpoint, {
+    method: "POST",
+    headers: { "content-type": "application/json" },
+    credentials: "include",
+    body: JSON.stringify({
+      intent: ACCOUNT_PERSONAL_SERVER_REGISTRATION_INTENT,
+      serverAddress: request.serverAddress,
+      serverPublicKey: request.serverPublicKey,
+      serverUrl: request.serverUrl,
+      config: request.config,
+      chainId: request.chainId,
+      verifyingContract: request.verifyingContract
+    })
+  });
+  const body = normalizeAccountResponse(await parseAccountResponse(response));
+  if (body.status === "signed") {
+    if (!body.signature || !body.signerAddress) {
+      throw new Error(
+        "Account signed response must include signature and signerAddress"
+      );
+    }
+    return {
+      status: "signed",
+      result: buildSignedResult(
+        {
+          signature: body.signature,
+          signerAddress: body.signerAddress,
+          typedData: body.typedData
+        },
+        request
+      )
+    };
+  }
+  if (body.status === "confirmation_required") {
+    if (!body.typedData) {
+      throw new Error(
+        "Account confirmation_required response must include typedData"
+      );
+    }
+    if (!config.fallbackSigner) {
+      return {
+        status: "confirmation_required",
+        typedData: body.typedData,
+        signerAddress: body.signerAddress
+      };
+    }
+    const signature = await config.fallbackSigner.signTypedData(body.typedData);
+    return {
+      status: "fallback_signed",
+      accountStatus: "confirmation_required",
+      result: {
+        signature,
+        signerAddress: config.fallbackSigner.address,
+        typedData: body.typedData,
+        intent: ACCOUNT_PERSONAL_SERVER_REGISTRATION_INTENT
+      }
+    };
+  }
+  throw new Error(
+    `Unsupported Account PS registration signing status: ${String(body.status)}`
+  );
+}
+
+// src/account/personal-server-lite-owner-binding.ts
+var AccountPersonalServerLiteOwnerBindingError = class extends Error {
+  code;
+  details;
+  constructor(input) {
+    super(input.message);
+    this.name = "AccountPersonalServerLiteOwnerBindingError";
+    this.code = input.code;
+    this.details = input.details;
+  }
+};
+async function signPersonalServerLiteOwnerBindingWithAccountClient(config) {
+  let address;
+  try {
+    address = await config.client.getAddress();
+  } catch (error) {
+    throw accountOwnerBindingError(error);
+  }
+  if (!address) {
+    throw new AccountPersonalServerLiteOwnerBindingError({
+      message: "Account did not return a wallet address",
+      code: "account_address_required"
+    });
+  }
+  const message = buildPersonalServerLiteOwnerBindingMessage(address);
+  let signature;
+  try {
+    signature = await config.client.signMessage({ message });
+  } catch (error) {
+    throw accountOwnerBindingError(error);
+  }
+  return {
+    signature,
+    signerAddress: address,
+    message,
+    purpose: PERSONAL_SERVER_LITE_OWNER_BINDING_PURPOSE
+  };
+}
+function accountOwnerBindingError(error) {
+  if (error instanceof AccountPersonalServerLiteOwnerBindingError) {
+    return error;
+  }
+  const rpcError = error;
+  const code = rpcError?.code;
+  const message = typeof rpcError?.message === "string" && rpcError.message.length > 0 ? rpcError.message : "Account PS Lite owner-binding signature failed";
+  return new AccountPersonalServerLiteOwnerBindingError({
+    message,
+    code,
+    details: error
+  });
+}
+
+// src/protocol/grants.ts
+import { verifyTypedData } from "viem";
+function isHexString(value) {
+  return typeof value === "string" && value.startsWith("0x");
+}
+function isDataPortabilityGatewayConfig(value) {
+  if (value === null || typeof value !== "object" || Array.isArray(value)) {
+    return false;
+  }
+  const config = value;
+  const contracts = config["contracts"];
+  if (typeof config["chainId"] !== "number" || !Number.isInteger(config["chainId"]) || config["chainId"] <= 0 || contracts === null || typeof contracts !== "object" || Array.isArray(contracts)) {
+    return false;
+  }
+  const c = contracts;
+  return isHexString(c["dataRegistry"]) && isHexString(c["dataPortabilityPermissions"]) && isHexString(c["dataPortabilityServer"]) && isHexString(c["dataPortabilityGrantees"]);
+}
+function parseGrantRegistrationPayload(grant) {
+  let parsed;
+  try {
+    parsed = JSON.parse(grant);
+  } catch {
+    return null;
+  }
+  if (parsed === null || typeof parsed !== "object" || Array.isArray(parsed)) {
+    return null;
+  }
+  const value = parsed;
+  if (!Array.isArray(value["scopes"]) || value["scopes"].length === 0) {
+    return null;
+  }
+  if (!value["scopes"].every((scope) => typeof scope === "string")) {
+    return null;
+  }
+  if (typeof value["expiresAt"] !== "number" || !Number.isFinite(value["expiresAt"])) {
+    return null;
+  }
+  if (value["user"] !== void 0 && !isHexString(value["user"])) {
+    return null;
+  }
+  if (value["builder"] !== void 0 && !isHexString(value["builder"])) {
+    return null;
+  }
+  if (value["nonce"] !== void 0 && (typeof value["nonce"] !== "number" || !Number.isFinite(value["nonce"]))) {
+    return null;
+  }
+  return {
+    user: value["user"],
+    builder: value["builder"],
+    scopes: value["scopes"],
+    expiresAt: value["expiresAt"],
+    nonce: value["nonce"]
+  };
+}
+function parseFileIds(fileIds) {
+  try {
+    const values = (fileIds ?? []).map((fileId) => BigInt(fileId));
+    return {
+      values,
+      display: values.map((fileId) => fileId.toString())
+    };
+  } catch {
+    return null;
+  }
+}
+async function verifyGrantRegistration(input) {
+  const payload = parseGrantRegistrationPayload(input.grant);
+  if (!payload) {
+    return {
+      valid: false,
+      error: "Grant must be JSON with scopes and expiresAt"
+    };
+  }
+  const fileIds = parseFileIds(input.fileIds);
+  if (!fileIds) {
+    return { valid: false, error: "fileIds must contain integer values" };
+  }
+  let valid;
+  try {
+    valid = await verifyTypedData({
+      address: input.grantorAddress,
+      domain: grantRegistrationDomain(input.gatewayConfig),
+      types: GRANT_REGISTRATION_TYPES,
+      primaryType: "GrantRegistration",
+      message: {
+        grantorAddress: input.grantorAddress,
+        granteeId: input.granteeId,
+        grant: input.grant,
+        fileIds: fileIds.values
+      },
+      signature: input.signature
+    });
+  } catch {
+    return { valid: false, error: "EIP-712 signature verification failed" };
+  }
+  if (!valid) {
+    return { valid: false, error: "Grant signature does not match grantor" };
+  }
+  const nowSeconds = input.nowSeconds ?? Math.floor(Date.now() / 1e3);
+  if (payload.expiresAt > 0 && payload.expiresAt < nowSeconds) {
+    return { valid: false, error: "Grant has expired" };
+  }
+  if (payload.user !== void 0 && payload.user.toLowerCase() !== input.grantorAddress.toLowerCase()) {
+    return { valid: false, error: "Grant user does not match grantorAddress" };
+  }
+  return {
+    valid: true,
+    grantorAddress: input.grantorAddress,
+    granteeId: input.granteeId,
+    grant: input.grant,
+    payload,
+    fileIds: fileIds.display
+  };
+}
+
 // src/protocol/scopes.ts
 import { z } from "zod";
 var SEGMENT_RE = /^[a-z0-9][a-z0-9_]*$/;
@@ -31991,34 +32490,62 @@ var PSError = class extends Error {
   code;
 };
 var KNOWN_CODES = /* @__PURE__ */ new Set([
+  "missing_auth",
+  "invalid_signature",
+  "unregistered_builder",
+  "not_owner",
+  "expired_token",
   "grant_invalid",
+  "grant_required",
+  "grant_expired",
   "grant_revoked",
+  "scope_mismatch",
   "fee_required",
-  "ps_unavailable"
+  "ps_unavailable",
+  "server_not_configured",
+  "content_too_large"
 ]);
-async function parsePSError(response) {
-  if (response.ok) {
+function isRecord2(value) {
+  return value !== null && typeof value === "object" && !Array.isArray(value);
+}
+function normalizeCode(value) {
+  if (typeof value !== "string") {
     return null;
   }
-  let body;
-  try {
-    body = await response.json();
-  } catch {
+  const code = value.toLowerCase();
+  return KNOWN_CODES.has(code) ? code : null;
+}
+function extractPSErrorBody(body) {
+  if (!isRecord2(body)) {
     return null;
   }
-  if (typeof body !== "object" || body === null) {
+  const nested = isRecord2(body.error) ? body.error : null;
+  const code = normalizeCode(
+    nested?.errorCode ?? nested?.code ?? body.errorCode ?? body.code
+  );
+  const message = nested?.message ?? body.message;
+  if (!code || typeof message !== "string") {
     return null;
   }
-  const { code, message } = body;
-  if (typeof code !== "string" || typeof message !== "string") {
+  return { code, message };
+}
+async function parsePSError(response) {
+  if (response.ok) {
     return null;
   }
-  if (!KNOWN_CODES.has(code)) {
+  let body;
+  try {
+    body = await response.json();
+  } catch {
     return null;
   }
-  return new PSError(code, message);
+  const errorBody = extractPSErrorBody(body);
+  return errorBody ? new PSError(errorBody.code, errorBody.message) : null;
 }
 export {
+  ACCOUNT_PERSONAL_SERVER_REGISTRATION_INTENT,
+  AccountPersonalServerLiteOwnerBindingError,
+  AccountPersonalServerRegistrationError,
   BUILDER_REGISTRATION_TYPES,
   BlockchainError,
   BrowserECIESUint8Provider as BrowserECIESProvider,
@@ -32044,6 +32571,11 @@ export {
   MissingAuthError,
   NetworkError,
   NonceError,
+  PERSONAL_SERVER_LITE_OWNER_BINDING_PREFIX,
+  PERSONAL_SERVER_LITE_OWNER_BINDING_PURPOSE,
+  PERSONAL_SERVER_LITE_OWNER_BINDING_VERSION,
+  PERSONAL_SERVER_REGISTRATION_DEFAULT_CHAIN_ID,
+  PERSONAL_SERVER_REGISTRATION_DEFAULT_VERIFYING_CONTRACT,
   PKCE_CHALLENGE_PATTERN,
   PKCE_VERIFIER_PATTERN,
   PSError,
@@ -32065,6 +32597,10 @@ export {
   VanaError,
   VanaStorage,
   assertValidPkceVerifier,
+  buildPersonalServerLiteOwnerBindingMessage,
+  buildPersonalServerLiteOwnerBindingSignature,
+  buildPersonalServerRegistrationSignature,
+  buildPersonalServerRegistrationTypedData,
   buildWeb3SignedHeader,
   builderRegistrationDomain,
   chains,
@@ -32077,6 +32613,8 @@ export {
   createGatewayClient,
   createPlatformAdapterSafe,
   createVanaStorageProvider,
+  createViemPersonalServerLiteOwnerBindingSigner,
+  createViemPersonalServerRegistrationSigner,
   decryptWithPassword,
   deriveMasterKey,
   deriveScopeKey,
@@ -32095,22 +32633,30 @@ export {
   getServiceEndpoints,
   grantRegistrationDomain,
   grantRevocationDomain,
+  isDataPortabilityGatewayConfig,
   isECIESEncrypted,
   isPlatformSupported,
   mainnetServices,
   moksha,
   mokshaServices,
   mokshaTestnet2 as mokshaTestnet,
+  parseGrantRegistrationPayload,
   parsePSError,
   parseScope,
   parseWeb3SignedHeader,
+  personalServerRegistrationDomain,
   recoverServerOwner,
+  registerPersonalServerSignature,
   scopeCoveredByGrant,
   scopeMatchesPattern,
   scopeToPathSegments,
   serializeECIES,
   serverRegistrationDomain,
+  signPersonalServerLiteOwnerBinding,
+  signPersonalServerLiteOwnerBindingWithAccountClient,
+  signPersonalServerRegistrationWithAccount,
   vanaMainnet2 as vanaMainnet,
+  verifyGrantRegistration,
   verifyPkceChallenge,
   verifyWeb3Signed
 };