@opendatalabs/vana-sdk 3.0.1-canary.b068ac6 → 3.1.0

package/dist/crypto/ecies/node.cjs

@@ -31,7 +31,7 @@ __export(node_exports, {
   NodeECIESUint8Provider: () => NodeECIESUint8Provider
 });
 module.exports = __toCommonJS(node_exports);
-var import_node_crypto = require("node:crypto");
+var import_crypto = require("crypto");
 var import_secp256k1 = __toESM(require("secp256k1"), 1);
 var import_base = require("./base");
 var import_viem = require("viem");
@@ -47,7 +47,7 @@ class NodeECIESUint8Provider extends import_base.BaseECIESUint8 {
     return x;
   };
   generateRandomBytes(length) {
-    return new Uint8Array((0, import_node_crypto.randomBytes)(length));
+    return new Uint8Array((0, import_crypto.randomBytes)(length));
   }
   verifyPrivateKey(privateKey) {
     return secp256k1.privateKeyVerify(Buffer.from(privateKey)) === true;
@@ -91,16 +91,16 @@ class NodeECIESUint8Provider extends import_base.BaseECIESUint8 {
   }
   sha512(data) {
     return new Uint8Array(
-      (0, import_node_crypto.createHash)("sha512").update(Buffer.from(data)).digest()
+      (0, import_crypto.createHash)("sha512").update(Buffer.from(data)).digest()
     );
   }
   hmacSha256(key, data) {
     return new Uint8Array(
-      (0, import_node_crypto.createHmac)("sha256", Buffer.from(key)).update(Buffer.from(data)).digest()
+      (0, import_crypto.createHmac)("sha256", Buffer.from(key)).update(Buffer.from(data)).digest()
     );
   }
   async aesEncrypt(key, iv, plaintext) {
-    const cipher = (0, import_node_crypto.createCipheriv)(
+    const cipher = (0, import_crypto.createCipheriv)(
       "aes-256-cbc",
       Buffer.from(key),
       Buffer.from(iv)
@@ -112,7 +112,7 @@ class NodeECIESUint8Provider extends import_base.BaseECIESUint8 {
     return new Uint8Array(encrypted);
   }
   async aesDecrypt(key, iv, ciphertext) {
-    const decipher = (0, import_node_crypto.createDecipheriv)(
+    const decipher = (0, import_crypto.createDecipheriv)(
       "aes-256-cbc",
       Buffer.from(key),
       Buffer.from(iv)

package/dist/crypto/ecies/node.cjs.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../src/crypto/ecies/node.ts"],"sourcesContent":["/**\n * Node.js implementation of ECIES using native secp256k1 for performance\n *\n * @remarks\n * Uses native secp256k1 bindings for all elliptic curve operations.\n * Uses Node.js crypto module for hashing and AES operations.\n * Provides Uint8Array-only interface with no Buffer exposure.\n */\n\nimport {\n  randomBytes,\n  createHash,\n  createHmac,\n  createCipheriv,\n  createDecipheriv,\n} from \"node:crypto\";\nimport secp256k1Import from \"secp256k1\";\nimport { BaseECIESUint8 } from \"./base\";\nimport { toHex } from \"viem\";\n\n// Type definition for secp256k1 module\ninterface Secp256k1Module {\n  privateKeyVerify(privateKey: Buffer): boolean;\n  publicKeyCreate(privateKey: Buffer, compressed: boolean): Buffer;\n  publicKeyVerify(publicKey: Buffer): boolean;\n  publicKeyConvert(publicKey: Buffer, compressed: boolean): Buffer;\n  ecdh(\n    publicKey: Buffer,\n    privateKey: Buffer,\n    options: {\n      hashfn: (x: Uint8Array, y: Uint8Array, output?: Uint8Array) => Uint8Array;\n    },\n    output: Buffer,\n  ): Buffer;\n}\n\n// Use the imported secp256k1 module\nconst secp256k1 = secp256k1Import as unknown as Secp256k1Module;\n\n/**\n * Node.js-specific ECIES provider using native secp256k1\n *\n * @remarks\n * This implementation:\n * - Uses native secp256k1 for all EC operations (optimal performance)\n * - Uses Node.js crypto for SHA-512, HMAC, and AES operations\n * - Internally works with Uint8Array\n * - Only uses Buffer at crypto API boundaries\n */\nexport class NodeECIESUint8Provider extends BaseECIESUint8 {\n  // Identity hash function for ECDH - returns raw X coordinate\n  // CRITICAL: Must handle (x, y, output) signature correctly\n  private readonly identityHashFn = (\n    x: Uint8Array,\n    _y: Uint8Array,\n    output?: Uint8Array,\n  ): Uint8Array => {\n    // Copy x into output buffer if provided (prevents allocations)\n    if (output && output.length >= 32) {\n      output.set(x);\n      return output;\n    }\n    return x;\n  };\n  protected generateRandomBytes(length: number): Uint8Array {\n    return new Uint8Array(randomBytes(length));\n  }\n\n  protected verifyPrivateKey(privateKey: Uint8Array): boolean {\n    // Native secp256k1 returns true for valid, false for invalid\n    return secp256k1.privateKeyVerify(Buffer.from(privateKey)) === true;\n  }\n\n  protected createPublicKey(\n    privateKey: Uint8Array,\n    compressed: boolean,\n  ): Uint8Array | null {\n    try {\n      return new Uint8Array(\n        secp256k1.publicKeyCreate(Buffer.from(privateKey), compressed),\n      );\n    } catch {\n      return null;\n    }\n  }\n\n  protected validatePublicKey(publicKey: Uint8Array): boolean {\n    // Native secp256k1 returns true for valid, false for invalid\n    return secp256k1.publicKeyVerify(Buffer.from(publicKey)) === true;\n  }\n\n  protected decompressPublicKey(publicKey: Uint8Array): Uint8Array | null {\n    try {\n      // Convert to uncompressed format (65 bytes)\n      return new Uint8Array(\n        secp256k1.publicKeyConvert(Buffer.from(publicKey), false),\n      );\n    } catch {\n      return null;\n    }\n  }\n\n  protected performECDH(\n    publicKey: Uint8Array,\n    privateKey: Uint8Array,\n  ): Uint8Array {\n    try {\n      // Use pre-allocated buffer for output (32 bytes)\n      const output = Buffer.alloc(32);\n\n      // CRITICAL: Use identity hash to get raw X coordinate\n      // Default would apply SHA256 and break compatibility\n      secp256k1.ecdh(\n        Buffer.from(publicKey),\n        Buffer.from(privateKey),\n        { hashfn: this.identityHashFn },\n        output,\n      );\n\n      return new Uint8Array(output);\n    } catch (error) {\n      throw new Error(\n        `ECDH failed: ${error instanceof Error ? error.message : \"Unknown error\"}`,\n      );\n    }\n  }\n\n  protected sha512(data: Uint8Array): Uint8Array {\n    // Use Node.js crypto for native performance\n    return new Uint8Array(\n      createHash(\"sha512\").update(Buffer.from(data)).digest(),\n    );\n  }\n\n  protected hmacSha256(key: Uint8Array, data: Uint8Array): Uint8Array {\n    // Use Node.js crypto for native performance\n    return new Uint8Array(\n      createHmac(\"sha256\", Buffer.from(key)).update(Buffer.from(data)).digest(),\n    );\n  }\n\n  protected async aesEncrypt(\n    key: Uint8Array,\n    iv: Uint8Array,\n    plaintext: Uint8Array,\n  ): Promise<Uint8Array> {\n    const cipher = createCipheriv(\n      \"aes-256-cbc\",\n      Buffer.from(key),\n      Buffer.from(iv),\n    );\n    const encrypted = Buffer.concat([\n      cipher.update(Buffer.from(plaintext)),\n      cipher.final(),\n    ]);\n    return new Uint8Array(encrypted);\n  }\n\n  protected async aesDecrypt(\n    key: Uint8Array,\n    iv: Uint8Array,\n    ciphertext: Uint8Array,\n  ): Promise<Uint8Array> {\n    const decipher = createDecipheriv(\n      \"aes-256-cbc\",\n      Buffer.from(key),\n      Buffer.from(iv),\n    );\n    const decrypted = Buffer.concat([\n      decipher.update(Buffer.from(ciphertext)),\n      decipher.final(),\n    ]);\n    return new Uint8Array(decrypted);\n  }\n\n  // No Buffer compatibility methods - Uint8Array only public API\n\n  /**\n   * Normalizes a public key to uncompressed format (65 bytes with 0x04 prefix).\n   * Handles compressed (33 bytes) and uncompressed (65 bytes) formats only.\n   *\n   * @remarks\n   * Strict policy: Does not accept 64-byte raw coordinates to avoid masking\n   * malformed data. Callers must provide properly formatted keys.\n   *\n   * @param publicKey - The public key to normalize (33 or 65 bytes)\n   * @returns The normalized uncompressed public key (65 bytes)\n   * @throws {Error} When public key format is invalid or decompression fails\n   */\n  normalizeToUncompressed(publicKey: Uint8Array): Uint8Array {\n    const len = publicKey.length;\n\n    // Already uncompressed\n    if (len === 65 && publicKey[0] === 0x04) {\n      return publicKey;\n    }\n\n    // Compressed - decompress using secp256k1\n    if (len === 33 && (publicKey[0] === 0x02 || publicKey[0] === 0x03)) {\n      const decompressed = this.decompressPublicKey(publicKey);\n      if (!decompressed) {\n        throw new Error(\n          `Failed to decompress public key with prefix ${toHex(publicKey[0])}`,\n        );\n      }\n      return decompressed;\n    }\n\n    // Reject raw coordinates (64 bytes) - require proper formatting\n    if (len === 64) {\n      throw new Error(\n        \"Raw public key coordinates (64 bytes) are not accepted. \" +\n          \"Please provide a properly formatted compressed (33 bytes) or uncompressed (65 bytes) public key.\",\n      );\n    }\n\n    throw new Error(\n      `Invalid public key format: expected compressed (33 bytes) or uncompressed (65 bytes), got ${len} bytes`,\n    );\n  }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AASA,yBAMO;AACP,uBAA4B;AAC5B,kBAA+B;AAC/B,kBAAsB;AAmBtB,MAAM,YAAY,iBAAAA;AAYX,MAAM,+BAA+B,2BAAe;AAAA;AAAA;AAAA,EAGxC,iBAAiB,CAChC,GACA,IACA,WACe;AAEf,QAAI,UAAU,OAAO,UAAU,IAAI;AACjC,aAAO,IAAI,CAAC;AACZ,aAAO;AAAA,IACT;AACA,WAAO;AAAA,EACT;AAAA,EACU,oBAAoB,QAA4B;AACxD,WAAO,IAAI,eAAW,gCAAY,MAAM,CAAC;AAAA,EAC3C;AAAA,EAEU,iBAAiB,YAAiC;AAE1D,WAAO,UAAU,iBAAiB,OAAO,KAAK,UAAU,CAAC,MAAM;AAAA,EACjE;AAAA,EAEU,gBACR,YACA,YACmB;AACnB,QAAI;AACF,aAAO,IAAI;AAAA,QACT,UAAU,gBAAgB,OAAO,KAAK,UAAU,GAAG,UAAU;AAAA,MAC/D;AAAA,IACF,QAAQ;AACN,aAAO;AAAA,IACT;AAAA,EACF;AAAA,EAEU,kBAAkB,WAAgC;AAE1D,WAAO,UAAU,gBAAgB,OAAO,KAAK,SAAS,CAAC,MAAM;AAAA,EAC/D;AAAA,EAEU,oBAAoB,WAA0C;AACtE,QAAI;AAEF,aAAO,IAAI;AAAA,QACT,UAAU,iBAAiB,OAAO,KAAK,SAAS,GAAG,KAAK;AAAA,MAC1D;AAAA,IACF,QAAQ;AACN,aAAO;AAAA,IACT;AAAA,EACF;AAAA,EAEU,YACR,WACA,YACY;AACZ,QAAI;AAEF,YAAM,SAAS,OAAO,MAAM,EAAE;AAI9B,gBAAU;AAAA,QACR,OAAO,KAAK,SAAS;AAAA,QACrB,OAAO,KAAK,UAAU;AAAA,QACtB,EAAE,QAAQ,KAAK,eAAe;AAAA,QAC9B;AAAA,MACF;AAEA,aAAO,IAAI,WAAW,MAAM;AAAA,IAC9B,SAAS,OAAO;AACd,YAAM,IAAI;AAAA,QACR,gBAAgB,iBAAiB,QAAQ,MAAM,UAAU,eAAe;AAAA,MAC1E;AAAA,IACF;AAAA,EACF;AAAA,EAEU,OAAO,MAA8B;AAE7C,WAAO,IAAI;AAAA,UACT,+BAAW,QAAQ,EAAE,OAAO,OAAO,KAAK,IAAI,CAAC,EAAE,OAAO;AAAA,IACxD;AAAA,EACF;AAAA,EAEU,WAAW,KAAiB,MAA8B;AAElE,WAAO,IAAI;AAAA,UACT,+BAAW,UAAU,OAAO,KAAK,GAAG,CAAC,EAAE,OAAO,OAAO,KAAK,IAAI,CAAC,EAAE,OAAO;AAAA,IAC1E;AAAA,EACF;AAAA,EAEA,MAAgB,WACd,KACA,IACA,WACqB;AACrB,UAAM,aAAS;AAAA,MACb;AAAA,MACA,OAAO,KAAK,GAAG;AAAA,MACf,OAAO,KAAK,EAAE;AAAA,IAChB;AACA,UAAM,YAAY,OAAO,OAAO;AAAA,MAC9B,OAAO,OAAO,OAAO,KAAK,SAAS,CAAC;AAAA,MACpC,OAAO,MAAM;AAAA,IACf,CAAC;AACD,WAAO,IAAI,WAAW,SAAS;AAAA,EACjC;AAAA,EAEA,MAAgB,WACd,KACA,IACA,YACqB;AACrB,UAAM,eAAW;AAAA,MACf;AAAA,MACA,OAAO,KAAK,GAAG;AAAA,MACf,OAAO,KAAK,EAAE;AAAA,IAChB;AACA,UAAM,YAAY,OAAO,OAAO;AAAA,MAC9B,SAAS,OAAO,OAAO,KAAK,UAAU,CAAC;AAAA,MACvC,SAAS,MAAM;AAAA,IACjB,CAAC;AACD,WAAO,IAAI,WAAW,SAAS;AAAA,EACjC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAgBA,wBAAwB,WAAmC;AACzD,UAAM,MAAM,UAAU;AAGtB,QAAI,QAAQ,MAAM,UAAU,CAAC,MAAM,GAAM;AACvC,aAAO;AAAA,IACT;AAGA,QAAI,QAAQ,OAAO,UAAU,CAAC,MAAM,KAAQ,UAAU,CAAC,MAAM,IAAO;AAClE,YAAM,eAAe,KAAK,oBAAoB,SAAS;AACvD,UAAI,CAAC,cAAc;AACjB,cAAM,IAAI;AAAA,UACR,mDAA+C,mBAAM,UAAU,CAAC,CAAC,CAAC;AAAA,QACpE;AAAA,MACF;AACA,aAAO;AAAA,IACT;AAGA,QAAI,QAAQ,IAAI;AACd,YAAM,IAAI;AAAA,QACR;AAAA,MAEF;AAAA,IACF;AAEA,UAAM,IAAI;AAAA,MACR,6FAA6F,GAAG;AAAA,IAClG;AAAA,EACF;AACF;","names":["secp256k1Import"]}
+{"version":3,"sources":["../../../src/crypto/ecies/node.ts"],"sourcesContent":["/**\n * Node.js implementation of ECIES using native secp256k1 for performance\n *\n * @remarks\n * Uses native secp256k1 bindings for all elliptic curve operations.\n * Uses Node.js crypto module for hashing and AES operations.\n * Provides Uint8Array-only interface with no Buffer exposure.\n */\n\nimport {\n  randomBytes,\n  createHash,\n  createHmac,\n  createCipheriv,\n  createDecipheriv,\n} from \"crypto\";\nimport secp256k1Import from \"secp256k1\";\nimport { BaseECIESUint8 } from \"./base\";\nimport { toHex } from \"viem\";\n\n// Type definition for secp256k1 module\ninterface Secp256k1Module {\n  privateKeyVerify(privateKey: Buffer): boolean;\n  publicKeyCreate(privateKey: Buffer, compressed: boolean): Buffer;\n  publicKeyVerify(publicKey: Buffer): boolean;\n  publicKeyConvert(publicKey: Buffer, compressed: boolean): Buffer;\n  ecdh(\n    publicKey: Buffer,\n    privateKey: Buffer,\n    options: {\n      hashfn: (x: Uint8Array, y: Uint8Array, output?: Uint8Array) => Uint8Array;\n    },\n    output: Buffer,\n  ): Buffer;\n}\n\n// Use the imported secp256k1 module\nconst secp256k1 = secp256k1Import as unknown as Secp256k1Module;\n\n/**\n * Node.js-specific ECIES provider using native secp256k1\n *\n * @remarks\n * This implementation:\n * - Uses native secp256k1 for all EC operations (optimal performance)\n * - Uses Node.js crypto for SHA-512, HMAC, and AES operations\n * - Internally works with Uint8Array\n * - Only uses Buffer at crypto API boundaries\n */\nexport class NodeECIESUint8Provider extends BaseECIESUint8 {\n  // Identity hash function for ECDH - returns raw X coordinate\n  // CRITICAL: Must handle (x, y, output) signature correctly\n  private readonly identityHashFn = (\n    x: Uint8Array,\n    _y: Uint8Array,\n    output?: Uint8Array,\n  ): Uint8Array => {\n    // Copy x into output buffer if provided (prevents allocations)\n    if (output && output.length >= 32) {\n      output.set(x);\n      return output;\n    }\n    return x;\n  };\n  protected generateRandomBytes(length: number): Uint8Array {\n    return new Uint8Array(randomBytes(length));\n  }\n\n  protected verifyPrivateKey(privateKey: Uint8Array): boolean {\n    // Native secp256k1 returns true for valid, false for invalid\n    return secp256k1.privateKeyVerify(Buffer.from(privateKey)) === true;\n  }\n\n  protected createPublicKey(\n    privateKey: Uint8Array,\n    compressed: boolean,\n  ): Uint8Array | null {\n    try {\n      return new Uint8Array(\n        secp256k1.publicKeyCreate(Buffer.from(privateKey), compressed),\n      );\n    } catch {\n      return null;\n    }\n  }\n\n  protected validatePublicKey(publicKey: Uint8Array): boolean {\n    // Native secp256k1 returns true for valid, false for invalid\n    return secp256k1.publicKeyVerify(Buffer.from(publicKey)) === true;\n  }\n\n  protected decompressPublicKey(publicKey: Uint8Array): Uint8Array | null {\n    try {\n      // Convert to uncompressed format (65 bytes)\n      return new Uint8Array(\n        secp256k1.publicKeyConvert(Buffer.from(publicKey), false),\n      );\n    } catch {\n      return null;\n    }\n  }\n\n  protected performECDH(\n    publicKey: Uint8Array,\n    privateKey: Uint8Array,\n  ): Uint8Array {\n    try {\n      // Use pre-allocated buffer for output (32 bytes)\n      const output = Buffer.alloc(32);\n\n      // CRITICAL: Use identity hash to get raw X coordinate\n      // Default would apply SHA256 and break compatibility\n      secp256k1.ecdh(\n        Buffer.from(publicKey),\n        Buffer.from(privateKey),\n        { hashfn: this.identityHashFn },\n        output,\n      );\n\n      return new Uint8Array(output);\n    } catch (error) {\n      throw new Error(\n        `ECDH failed: ${error instanceof Error ? error.message : \"Unknown error\"}`,\n      );\n    }\n  }\n\n  protected sha512(data: Uint8Array): Uint8Array {\n    // Use Node.js crypto for native performance\n    return new Uint8Array(\n      createHash(\"sha512\").update(Buffer.from(data)).digest(),\n    );\n  }\n\n  protected hmacSha256(key: Uint8Array, data: Uint8Array): Uint8Array {\n    // Use Node.js crypto for native performance\n    return new Uint8Array(\n      createHmac(\"sha256\", Buffer.from(key)).update(Buffer.from(data)).digest(),\n    );\n  }\n\n  protected async aesEncrypt(\n    key: Uint8Array,\n    iv: Uint8Array,\n    plaintext: Uint8Array,\n  ): Promise<Uint8Array> {\n    const cipher = createCipheriv(\n      \"aes-256-cbc\",\n      Buffer.from(key),\n      Buffer.from(iv),\n    );\n    const encrypted = Buffer.concat([\n      cipher.update(Buffer.from(plaintext)),\n      cipher.final(),\n    ]);\n    return new Uint8Array(encrypted);\n  }\n\n  protected async aesDecrypt(\n    key: Uint8Array,\n    iv: Uint8Array,\n    ciphertext: Uint8Array,\n  ): Promise<Uint8Array> {\n    const decipher = createDecipheriv(\n      \"aes-256-cbc\",\n      Buffer.from(key),\n      Buffer.from(iv),\n    );\n    const decrypted = Buffer.concat([\n      decipher.update(Buffer.from(ciphertext)),\n      decipher.final(),\n    ]);\n    return new Uint8Array(decrypted);\n  }\n\n  // No Buffer compatibility methods - Uint8Array only public API\n\n  /**\n   * Normalizes a public key to uncompressed format (65 bytes with 0x04 prefix).\n   * Handles compressed (33 bytes) and uncompressed (65 bytes) formats only.\n   *\n   * @remarks\n   * Strict policy: Does not accept 64-byte raw coordinates to avoid masking\n   * malformed data. Callers must provide properly formatted keys.\n   *\n   * @param publicKey - The public key to normalize (33 or 65 bytes)\n   * @returns The normalized uncompressed public key (65 bytes)\n   * @throws {Error} When public key format is invalid or decompression fails\n   */\n  normalizeToUncompressed(publicKey: Uint8Array): Uint8Array {\n    const len = publicKey.length;\n\n    // Already uncompressed\n    if (len === 65 && publicKey[0] === 0x04) {\n      return publicKey;\n    }\n\n    // Compressed - decompress using secp256k1\n    if (len === 33 && (publicKey[0] === 0x02 || publicKey[0] === 0x03)) {\n      const decompressed = this.decompressPublicKey(publicKey);\n      if (!decompressed) {\n        throw new Error(\n          `Failed to decompress public key with prefix ${toHex(publicKey[0])}`,\n        );\n      }\n      return decompressed;\n    }\n\n    // Reject raw coordinates (64 bytes) - require proper formatting\n    if (len === 64) {\n      throw new Error(\n        \"Raw public key coordinates (64 bytes) are not accepted. \" +\n          \"Please provide a properly formatted compressed (33 bytes) or uncompressed (65 bytes) public key.\",\n      );\n    }\n\n    throw new Error(\n      `Invalid public key format: expected compressed (33 bytes) or uncompressed (65 bytes), got ${len} bytes`,\n    );\n  }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AASA,oBAMO;AACP,uBAA4B;AAC5B,kBAA+B;AAC/B,kBAAsB;AAmBtB,MAAM,YAAY,iBAAAA;AAYX,MAAM,+BAA+B,2BAAe;AAAA;AAAA;AAAA,EAGxC,iBAAiB,CAChC,GACA,IACA,WACe;AAEf,QAAI,UAAU,OAAO,UAAU,IAAI;AACjC,aAAO,IAAI,CAAC;AACZ,aAAO;AAAA,IACT;AACA,WAAO;AAAA,EACT;AAAA,EACU,oBAAoB,QAA4B;AACxD,WAAO,IAAI,eAAW,2BAAY,MAAM,CAAC;AAAA,EAC3C;AAAA,EAEU,iBAAiB,YAAiC;AAE1D,WAAO,UAAU,iBAAiB,OAAO,KAAK,UAAU,CAAC,MAAM;AAAA,EACjE;AAAA,EAEU,gBACR,YACA,YACmB;AACnB,QAAI;AACF,aAAO,IAAI;AAAA,QACT,UAAU,gBAAgB,OAAO,KAAK,UAAU,GAAG,UAAU;AAAA,MAC/D;AAAA,IACF,QAAQ;AACN,aAAO;AAAA,IACT;AAAA,EACF;AAAA,EAEU,kBAAkB,WAAgC;AAE1D,WAAO,UAAU,gBAAgB,OAAO,KAAK,SAAS,CAAC,MAAM;AAAA,EAC/D;AAAA,EAEU,oBAAoB,WAA0C;AACtE,QAAI;AAEF,aAAO,IAAI;AAAA,QACT,UAAU,iBAAiB,OAAO,KAAK,SAAS,GAAG,KAAK;AAAA,MAC1D;AAAA,IACF,QAAQ;AACN,aAAO;AAAA,IACT;AAAA,EACF;AAAA,EAEU,YACR,WACA,YACY;AACZ,QAAI;AAEF,YAAM,SAAS,OAAO,MAAM,EAAE;AAI9B,gBAAU;AAAA,QACR,OAAO,KAAK,SAAS;AAAA,QACrB,OAAO,KAAK,UAAU;AAAA,QACtB,EAAE,QAAQ,KAAK,eAAe;AAAA,QAC9B;AAAA,MACF;AAEA,aAAO,IAAI,WAAW,MAAM;AAAA,IAC9B,SAAS,OAAO;AACd,YAAM,IAAI;AAAA,QACR,gBAAgB,iBAAiB,QAAQ,MAAM,UAAU,eAAe;AAAA,MAC1E;AAAA,IACF;AAAA,EACF;AAAA,EAEU,OAAO,MAA8B;AAE7C,WAAO,IAAI;AAAA,UACT,0BAAW,QAAQ,EAAE,OAAO,OAAO,KAAK,IAAI,CAAC,EAAE,OAAO;AAAA,IACxD;AAAA,EACF;AAAA,EAEU,WAAW,KAAiB,MAA8B;AAElE,WAAO,IAAI;AAAA,UACT,0BAAW,UAAU,OAAO,KAAK,GAAG,CAAC,EAAE,OAAO,OAAO,KAAK,IAAI,CAAC,EAAE,OAAO;AAAA,IAC1E;AAAA,EACF;AAAA,EAEA,MAAgB,WACd,KACA,IACA,WACqB;AACrB,UAAM,aAAS;AAAA,MACb;AAAA,MACA,OAAO,KAAK,GAAG;AAAA,MACf,OAAO,KAAK,EAAE;AAAA,IAChB;AACA,UAAM,YAAY,OAAO,OAAO;AAAA,MAC9B,OAAO,OAAO,OAAO,KAAK,SAAS,CAAC;AAAA,MACpC,OAAO,MAAM;AAAA,IACf,CAAC;AACD,WAAO,IAAI,WAAW,SAAS;AAAA,EACjC;AAAA,EAEA,MAAgB,WACd,KACA,IACA,YACqB;AACrB,UAAM,eAAW;AAAA,MACf;AAAA,MACA,OAAO,KAAK,GAAG;AAAA,MACf,OAAO,KAAK,EAAE;AAAA,IAChB;AACA,UAAM,YAAY,OAAO,OAAO;AAAA,MAC9B,SAAS,OAAO,OAAO,KAAK,UAAU,CAAC;AAAA,MACvC,SAAS,MAAM;AAAA,IACjB,CAAC;AACD,WAAO,IAAI,WAAW,SAAS;AAAA,EACjC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAgBA,wBAAwB,WAAmC;AACzD,UAAM,MAAM,UAAU;AAGtB,QAAI,QAAQ,MAAM,UAAU,CAAC,MAAM,GAAM;AACvC,aAAO;AAAA,IACT;AAGA,QAAI,QAAQ,OAAO,UAAU,CAAC,MAAM,KAAQ,UAAU,CAAC,MAAM,IAAO;AAClE,YAAM,eAAe,KAAK,oBAAoB,SAAS;AACvD,UAAI,CAAC,cAAc;AACjB,cAAM,IAAI;AAAA,UACR,mDAA+C,mBAAM,UAAU,CAAC,CAAC,CAAC;AAAA,QACpE;AAAA,MACF;AACA,aAAO;AAAA,IACT;AAGA,QAAI,QAAQ,IAAI;AACd,YAAM,IAAI;AAAA,QACR;AAAA,MAEF;AAAA,IACF;AAEA,UAAM,IAAI;AAAA,MACR,6FAA6F,GAAG;AAAA,IAClG;AAAA,EACF;AACF;","names":["secp256k1Import"]}

package/dist/crypto/ecies/node.js

@@ -4,7 +4,7 @@ import {
   createHmac,
   createCipheriv,
   createDecipheriv
-} from "node:crypto";
+} from "crypto";
 import secp256k1Import from "secp256k1";
 import { BaseECIESUint8 } from "./base";
 import { toHex } from "viem";

package/dist/crypto/ecies/node.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../src/crypto/ecies/node.ts"],"sourcesContent":["/**\n * Node.js implementation of ECIES using native secp256k1 for performance\n *\n * @remarks\n * Uses native secp256k1 bindings for all elliptic curve operations.\n * Uses Node.js crypto module for hashing and AES operations.\n * Provides Uint8Array-only interface with no Buffer exposure.\n */\n\nimport {\n  randomBytes,\n  createHash,\n  createHmac,\n  createCipheriv,\n  createDecipheriv,\n} from \"node:crypto\";\nimport secp256k1Import from \"secp256k1\";\nimport { BaseECIESUint8 } from \"./base\";\nimport { toHex } from \"viem\";\n\n// Type definition for secp256k1 module\ninterface Secp256k1Module {\n  privateKeyVerify(privateKey: Buffer): boolean;\n  publicKeyCreate(privateKey: Buffer, compressed: boolean): Buffer;\n  publicKeyVerify(publicKey: Buffer): boolean;\n  publicKeyConvert(publicKey: Buffer, compressed: boolean): Buffer;\n  ecdh(\n    publicKey: Buffer,\n    privateKey: Buffer,\n    options: {\n      hashfn: (x: Uint8Array, y: Uint8Array, output?: Uint8Array) => Uint8Array;\n    },\n    output: Buffer,\n  ): Buffer;\n}\n\n// Use the imported secp256k1 module\nconst secp256k1 = secp256k1Import as unknown as Secp256k1Module;\n\n/**\n * Node.js-specific ECIES provider using native secp256k1\n *\n * @remarks\n * This implementation:\n * - Uses native secp256k1 for all EC operations (optimal performance)\n * - Uses Node.js crypto for SHA-512, HMAC, and AES operations\n * - Internally works with Uint8Array\n * - Only uses Buffer at crypto API boundaries\n */\nexport class NodeECIESUint8Provider extends BaseECIESUint8 {\n  // Identity hash function for ECDH - returns raw X coordinate\n  // CRITICAL: Must handle (x, y, output) signature correctly\n  private readonly identityHashFn = (\n    x: Uint8Array,\n    _y: Uint8Array,\n    output?: Uint8Array,\n  ): Uint8Array => {\n    // Copy x into output buffer if provided (prevents allocations)\n    if (output && output.length >= 32) {\n      output.set(x);\n      return output;\n    }\n    return x;\n  };\n  protected generateRandomBytes(length: number): Uint8Array {\n    return new Uint8Array(randomBytes(length));\n  }\n\n  protected verifyPrivateKey(privateKey: Uint8Array): boolean {\n    // Native secp256k1 returns true for valid, false for invalid\n    return secp256k1.privateKeyVerify(Buffer.from(privateKey)) === true;\n  }\n\n  protected createPublicKey(\n    privateKey: Uint8Array,\n    compressed: boolean,\n  ): Uint8Array | null {\n    try {\n      return new Uint8Array(\n        secp256k1.publicKeyCreate(Buffer.from(privateKey), compressed),\n      );\n    } catch {\n      return null;\n    }\n  }\n\n  protected validatePublicKey(publicKey: Uint8Array): boolean {\n    // Native secp256k1 returns true for valid, false for invalid\n    return secp256k1.publicKeyVerify(Buffer.from(publicKey)) === true;\n  }\n\n  protected decompressPublicKey(publicKey: Uint8Array): Uint8Array | null {\n    try {\n      // Convert to uncompressed format (65 bytes)\n      return new Uint8Array(\n        secp256k1.publicKeyConvert(Buffer.from(publicKey), false),\n      );\n    } catch {\n      return null;\n    }\n  }\n\n  protected performECDH(\n    publicKey: Uint8Array,\n    privateKey: Uint8Array,\n  ): Uint8Array {\n    try {\n      // Use pre-allocated buffer for output (32 bytes)\n      const output = Buffer.alloc(32);\n\n      // CRITICAL: Use identity hash to get raw X coordinate\n      // Default would apply SHA256 and break compatibility\n      secp256k1.ecdh(\n        Buffer.from(publicKey),\n        Buffer.from(privateKey),\n        { hashfn: this.identityHashFn },\n        output,\n      );\n\n      return new Uint8Array(output);\n    } catch (error) {\n      throw new Error(\n        `ECDH failed: ${error instanceof Error ? error.message : \"Unknown error\"}`,\n      );\n    }\n  }\n\n  protected sha512(data: Uint8Array): Uint8Array {\n    // Use Node.js crypto for native performance\n    return new Uint8Array(\n      createHash(\"sha512\").update(Buffer.from(data)).digest(),\n    );\n  }\n\n  protected hmacSha256(key: Uint8Array, data: Uint8Array): Uint8Array {\n    // Use Node.js crypto for native performance\n    return new Uint8Array(\n      createHmac(\"sha256\", Buffer.from(key)).update(Buffer.from(data)).digest(),\n    );\n  }\n\n  protected async aesEncrypt(\n    key: Uint8Array,\n    iv: Uint8Array,\n    plaintext: Uint8Array,\n  ): Promise<Uint8Array> {\n    const cipher = createCipheriv(\n      \"aes-256-cbc\",\n      Buffer.from(key),\n      Buffer.from(iv),\n    );\n    const encrypted = Buffer.concat([\n      cipher.update(Buffer.from(plaintext)),\n      cipher.final(),\n    ]);\n    return new Uint8Array(encrypted);\n  }\n\n  protected async aesDecrypt(\n    key: Uint8Array,\n    iv: Uint8Array,\n    ciphertext: Uint8Array,\n  ): Promise<Uint8Array> {\n    const decipher = createDecipheriv(\n      \"aes-256-cbc\",\n      Buffer.from(key),\n      Buffer.from(iv),\n    );\n    const decrypted = Buffer.concat([\n      decipher.update(Buffer.from(ciphertext)),\n      decipher.final(),\n    ]);\n    return new Uint8Array(decrypted);\n  }\n\n  // No Buffer compatibility methods - Uint8Array only public API\n\n  /**\n   * Normalizes a public key to uncompressed format (65 bytes with 0x04 prefix).\n   * Handles compressed (33 bytes) and uncompressed (65 bytes) formats only.\n   *\n   * @remarks\n   * Strict policy: Does not accept 64-byte raw coordinates to avoid masking\n   * malformed data. Callers must provide properly formatted keys.\n   *\n   * @param publicKey - The public key to normalize (33 or 65 bytes)\n   * @returns The normalized uncompressed public key (65 bytes)\n   * @throws {Error} When public key format is invalid or decompression fails\n   */\n  normalizeToUncompressed(publicKey: Uint8Array): Uint8Array {\n    const len = publicKey.length;\n\n    // Already uncompressed\n    if (len === 65 && publicKey[0] === 0x04) {\n      return publicKey;\n    }\n\n    // Compressed - decompress using secp256k1\n    if (len === 33 && (publicKey[0] === 0x02 || publicKey[0] === 0x03)) {\n      const decompressed = this.decompressPublicKey(publicKey);\n      if (!decompressed) {\n        throw new Error(\n          `Failed to decompress public key with prefix ${toHex(publicKey[0])}`,\n        );\n      }\n      return decompressed;\n    }\n\n    // Reject raw coordinates (64 bytes) - require proper formatting\n    if (len === 64) {\n      throw new Error(\n        \"Raw public key coordinates (64 bytes) are not accepted. \" +\n          \"Please provide a properly formatted compressed (33 bytes) or uncompressed (65 bytes) public key.\",\n      );\n    }\n\n    throw new Error(\n      `Invalid public key format: expected compressed (33 bytes) or uncompressed (65 bytes), got ${len} bytes`,\n    );\n  }\n}\n"],"mappings":"AASA;AAAA,EACE;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OACK;AACP,OAAO,qBAAqB;AAC5B,SAAS,sBAAsB;AAC/B,SAAS,aAAa;AAmBtB,MAAM,YAAY;AAYX,MAAM,+BAA+B,eAAe;AAAA;AAAA;AAAA,EAGxC,iBAAiB,CAChC,GACA,IACA,WACe;AAEf,QAAI,UAAU,OAAO,UAAU,IAAI;AACjC,aAAO,IAAI,CAAC;AACZ,aAAO;AAAA,IACT;AACA,WAAO;AAAA,EACT;AAAA,EACU,oBAAoB,QAA4B;AACxD,WAAO,IAAI,WAAW,YAAY,MAAM,CAAC;AAAA,EAC3C;AAAA,EAEU,iBAAiB,YAAiC;AAE1D,WAAO,UAAU,iBAAiB,OAAO,KAAK,UAAU,CAAC,MAAM;AAAA,EACjE;AAAA,EAEU,gBACR,YACA,YACmB;AACnB,QAAI;AACF,aAAO,IAAI;AAAA,QACT,UAAU,gBAAgB,OAAO,KAAK,UAAU,GAAG,UAAU;AAAA,MAC/D;AAAA,IACF,QAAQ;AACN,aAAO;AAAA,IACT;AAAA,EACF;AAAA,EAEU,kBAAkB,WAAgC;AAE1D,WAAO,UAAU,gBAAgB,OAAO,KAAK,SAAS,CAAC,MAAM;AAAA,EAC/D;AAAA,EAEU,oBAAoB,WAA0C;AACtE,QAAI;AAEF,aAAO,IAAI;AAAA,QACT,UAAU,iBAAiB,OAAO,KAAK,SAAS,GAAG,KAAK;AAAA,MAC1D;AAAA,IACF,QAAQ;AACN,aAAO;AAAA,IACT;AAAA,EACF;AAAA,EAEU,YACR,WACA,YACY;AACZ,QAAI;AAEF,YAAM,SAAS,OAAO,MAAM,EAAE;AAI9B,gBAAU;AAAA,QACR,OAAO,KAAK,SAAS;AAAA,QACrB,OAAO,KAAK,UAAU;AAAA,QACtB,EAAE,QAAQ,KAAK,eAAe;AAAA,QAC9B;AAAA,MACF;AAEA,aAAO,IAAI,WAAW,MAAM;AAAA,IAC9B,SAAS,OAAO;AACd,YAAM,IAAI;AAAA,QACR,gBAAgB,iBAAiB,QAAQ,MAAM,UAAU,eAAe;AAAA,MAC1E;AAAA,IACF;AAAA,EACF;AAAA,EAEU,OAAO,MAA8B;AAE7C,WAAO,IAAI;AAAA,MACT,WAAW,QAAQ,EAAE,OAAO,OAAO,KAAK,IAAI,CAAC,EAAE,OAAO;AAAA,IACxD;AAAA,EACF;AAAA,EAEU,WAAW,KAAiB,MAA8B;AAElE,WAAO,IAAI;AAAA,MACT,WAAW,UAAU,OAAO,KAAK,GAAG,CAAC,EAAE,OAAO,OAAO,KAAK,IAAI,CAAC,EAAE,OAAO;AAAA,IAC1E;AAAA,EACF;AAAA,EAEA,MAAgB,WACd,KACA,IACA,WACqB;AACrB,UAAM,SAAS;AAAA,MACb;AAAA,MACA,OAAO,KAAK,GAAG;AAAA,MACf,OAAO,KAAK,EAAE;AAAA,IAChB;AACA,UAAM,YAAY,OAAO,OAAO;AAAA,MAC9B,OAAO,OAAO,OAAO,KAAK,SAAS,CAAC;AAAA,MACpC,OAAO,MAAM;AAAA,IACf,CAAC;AACD,WAAO,IAAI,WAAW,SAAS;AAAA,EACjC;AAAA,EAEA,MAAgB,WACd,KACA,IACA,YACqB;AACrB,UAAM,WAAW;AAAA,MACf;AAAA,MACA,OAAO,KAAK,GAAG;AAAA,MACf,OAAO,KAAK,EAAE;AAAA,IAChB;AACA,UAAM,YAAY,OAAO,OAAO;AAAA,MAC9B,SAAS,OAAO,OAAO,KAAK,UAAU,CAAC;AAAA,MACvC,SAAS,MAAM;AAAA,IACjB,CAAC;AACD,WAAO,IAAI,WAAW,SAAS;AAAA,EACjC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAgBA,wBAAwB,WAAmC;AACzD,UAAM,MAAM,UAAU;AAGtB,QAAI,QAAQ,MAAM,UAAU,CAAC,MAAM,GAAM;AACvC,aAAO;AAAA,IACT;AAGA,QAAI,QAAQ,OAAO,UAAU,CAAC,MAAM,KAAQ,UAAU,CAAC,MAAM,IAAO;AAClE,YAAM,eAAe,KAAK,oBAAoB,SAAS;AACvD,UAAI,CAAC,cAAc;AACjB,cAAM,IAAI;AAAA,UACR,+CAA+C,MAAM,UAAU,CAAC,CAAC,CAAC;AAAA,QACpE;AAAA,MACF;AACA,aAAO;AAAA,IACT;AAGA,QAAI,QAAQ,IAAI;AACd,YAAM,IAAI;AAAA,QACR;AAAA,MAEF;AAAA,IACF;AAEA,UAAM,IAAI;AAAA,MACR,6FAA6F,GAAG;AAAA,IAClG;AAAA,EACF;AACF;","names":[]}
+{"version":3,"sources":["../../../src/crypto/ecies/node.ts"],"sourcesContent":["/**\n * Node.js implementation of ECIES using native secp256k1 for performance\n *\n * @remarks\n * Uses native secp256k1 bindings for all elliptic curve operations.\n * Uses Node.js crypto module for hashing and AES operations.\n * Provides Uint8Array-only interface with no Buffer exposure.\n */\n\nimport {\n  randomBytes,\n  createHash,\n  createHmac,\n  createCipheriv,\n  createDecipheriv,\n} from \"crypto\";\nimport secp256k1Import from \"secp256k1\";\nimport { BaseECIESUint8 } from \"./base\";\nimport { toHex } from \"viem\";\n\n// Type definition for secp256k1 module\ninterface Secp256k1Module {\n  privateKeyVerify(privateKey: Buffer): boolean;\n  publicKeyCreate(privateKey: Buffer, compressed: boolean): Buffer;\n  publicKeyVerify(publicKey: Buffer): boolean;\n  publicKeyConvert(publicKey: Buffer, compressed: boolean): Buffer;\n  ecdh(\n    publicKey: Buffer,\n    privateKey: Buffer,\n    options: {\n      hashfn: (x: Uint8Array, y: Uint8Array, output?: Uint8Array) => Uint8Array;\n    },\n    output: Buffer,\n  ): Buffer;\n}\n\n// Use the imported secp256k1 module\nconst secp256k1 = secp256k1Import as unknown as Secp256k1Module;\n\n/**\n * Node.js-specific ECIES provider using native secp256k1\n *\n * @remarks\n * This implementation:\n * - Uses native secp256k1 for all EC operations (optimal performance)\n * - Uses Node.js crypto for SHA-512, HMAC, and AES operations\n * - Internally works with Uint8Array\n * - Only uses Buffer at crypto API boundaries\n */\nexport class NodeECIESUint8Provider extends BaseECIESUint8 {\n  // Identity hash function for ECDH - returns raw X coordinate\n  // CRITICAL: Must handle (x, y, output) signature correctly\n  private readonly identityHashFn = (\n    x: Uint8Array,\n    _y: Uint8Array,\n    output?: Uint8Array,\n  ): Uint8Array => {\n    // Copy x into output buffer if provided (prevents allocations)\n    if (output && output.length >= 32) {\n      output.set(x);\n      return output;\n    }\n    return x;\n  };\n  protected generateRandomBytes(length: number): Uint8Array {\n    return new Uint8Array(randomBytes(length));\n  }\n\n  protected verifyPrivateKey(privateKey: Uint8Array): boolean {\n    // Native secp256k1 returns true for valid, false for invalid\n    return secp256k1.privateKeyVerify(Buffer.from(privateKey)) === true;\n  }\n\n  protected createPublicKey(\n    privateKey: Uint8Array,\n    compressed: boolean,\n  ): Uint8Array | null {\n    try {\n      return new Uint8Array(\n        secp256k1.publicKeyCreate(Buffer.from(privateKey), compressed),\n      );\n    } catch {\n      return null;\n    }\n  }\n\n  protected validatePublicKey(publicKey: Uint8Array): boolean {\n    // Native secp256k1 returns true for valid, false for invalid\n    return secp256k1.publicKeyVerify(Buffer.from(publicKey)) === true;\n  }\n\n  protected decompressPublicKey(publicKey: Uint8Array): Uint8Array | null {\n    try {\n      // Convert to uncompressed format (65 bytes)\n      return new Uint8Array(\n        secp256k1.publicKeyConvert(Buffer.from(publicKey), false),\n      );\n    } catch {\n      return null;\n    }\n  }\n\n  protected performECDH(\n    publicKey: Uint8Array,\n    privateKey: Uint8Array,\n  ): Uint8Array {\n    try {\n      // Use pre-allocated buffer for output (32 bytes)\n      const output = Buffer.alloc(32);\n\n      // CRITICAL: Use identity hash to get raw X coordinate\n      // Default would apply SHA256 and break compatibility\n      secp256k1.ecdh(\n        Buffer.from(publicKey),\n        Buffer.from(privateKey),\n        { hashfn: this.identityHashFn },\n        output,\n      );\n\n      return new Uint8Array(output);\n    } catch (error) {\n      throw new Error(\n        `ECDH failed: ${error instanceof Error ? error.message : \"Unknown error\"}`,\n      );\n    }\n  }\n\n  protected sha512(data: Uint8Array): Uint8Array {\n    // Use Node.js crypto for native performance\n    return new Uint8Array(\n      createHash(\"sha512\").update(Buffer.from(data)).digest(),\n    );\n  }\n\n  protected hmacSha256(key: Uint8Array, data: Uint8Array): Uint8Array {\n    // Use Node.js crypto for native performance\n    return new Uint8Array(\n      createHmac(\"sha256\", Buffer.from(key)).update(Buffer.from(data)).digest(),\n    );\n  }\n\n  protected async aesEncrypt(\n    key: Uint8Array,\n    iv: Uint8Array,\n    plaintext: Uint8Array,\n  ): Promise<Uint8Array> {\n    const cipher = createCipheriv(\n      \"aes-256-cbc\",\n      Buffer.from(key),\n      Buffer.from(iv),\n    );\n    const encrypted = Buffer.concat([\n      cipher.update(Buffer.from(plaintext)),\n      cipher.final(),\n    ]);\n    return new Uint8Array(encrypted);\n  }\n\n  protected async aesDecrypt(\n    key: Uint8Array,\n    iv: Uint8Array,\n    ciphertext: Uint8Array,\n  ): Promise<Uint8Array> {\n    const decipher = createDecipheriv(\n      \"aes-256-cbc\",\n      Buffer.from(key),\n      Buffer.from(iv),\n    );\n    const decrypted = Buffer.concat([\n      decipher.update(Buffer.from(ciphertext)),\n      decipher.final(),\n    ]);\n    return new Uint8Array(decrypted);\n  }\n\n  // No Buffer compatibility methods - Uint8Array only public API\n\n  /**\n   * Normalizes a public key to uncompressed format (65 bytes with 0x04 prefix).\n   * Handles compressed (33 bytes) and uncompressed (65 bytes) formats only.\n   *\n   * @remarks\n   * Strict policy: Does not accept 64-byte raw coordinates to avoid masking\n   * malformed data. Callers must provide properly formatted keys.\n   *\n   * @param publicKey - The public key to normalize (33 or 65 bytes)\n   * @returns The normalized uncompressed public key (65 bytes)\n   * @throws {Error} When public key format is invalid or decompression fails\n   */\n  normalizeToUncompressed(publicKey: Uint8Array): Uint8Array {\n    const len = publicKey.length;\n\n    // Already uncompressed\n    if (len === 65 && publicKey[0] === 0x04) {\n      return publicKey;\n    }\n\n    // Compressed - decompress using secp256k1\n    if (len === 33 && (publicKey[0] === 0x02 || publicKey[0] === 0x03)) {\n      const decompressed = this.decompressPublicKey(publicKey);\n      if (!decompressed) {\n        throw new Error(\n          `Failed to decompress public key with prefix ${toHex(publicKey[0])}`,\n        );\n      }\n      return decompressed;\n    }\n\n    // Reject raw coordinates (64 bytes) - require proper formatting\n    if (len === 64) {\n      throw new Error(\n        \"Raw public key coordinates (64 bytes) are not accepted. \" +\n          \"Please provide a properly formatted compressed (33 bytes) or uncompressed (65 bytes) public key.\",\n      );\n    }\n\n    throw new Error(\n      `Invalid public key format: expected compressed (33 bytes) or uncompressed (65 bytes), got ${len} bytes`,\n    );\n  }\n}\n"],"mappings":"AASA;AAAA,EACE;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OACK;AACP,OAAO,qBAAqB;AAC5B,SAAS,sBAAsB;AAC/B,SAAS,aAAa;AAmBtB,MAAM,YAAY;AAYX,MAAM,+BAA+B,eAAe;AAAA;AAAA;AAAA,EAGxC,iBAAiB,CAChC,GACA,IACA,WACe;AAEf,QAAI,UAAU,OAAO,UAAU,IAAI;AACjC,aAAO,IAAI,CAAC;AACZ,aAAO;AAAA,IACT;AACA,WAAO;AAAA,EACT;AAAA,EACU,oBAAoB,QAA4B;AACxD,WAAO,IAAI,WAAW,YAAY,MAAM,CAAC;AAAA,EAC3C;AAAA,EAEU,iBAAiB,YAAiC;AAE1D,WAAO,UAAU,iBAAiB,OAAO,KAAK,UAAU,CAAC,MAAM;AAAA,EACjE;AAAA,EAEU,gBACR,YACA,YACmB;AACnB,QAAI;AACF,aAAO,IAAI;AAAA,QACT,UAAU,gBAAgB,OAAO,KAAK,UAAU,GAAG,UAAU;AAAA,MAC/D;AAAA,IACF,QAAQ;AACN,aAAO;AAAA,IACT;AAAA,EACF;AAAA,EAEU,kBAAkB,WAAgC;AAE1D,WAAO,UAAU,gBAAgB,OAAO,KAAK,SAAS,CAAC,MAAM;AAAA,EAC/D;AAAA,EAEU,oBAAoB,WAA0C;AACtE,QAAI;AAEF,aAAO,IAAI;AAAA,QACT,UAAU,iBAAiB,OAAO,KAAK,SAAS,GAAG,KAAK;AAAA,MAC1D;AAAA,IACF,QAAQ;AACN,aAAO;AAAA,IACT;AAAA,EACF;AAAA,EAEU,YACR,WACA,YACY;AACZ,QAAI;AAEF,YAAM,SAAS,OAAO,MAAM,EAAE;AAI9B,gBAAU;AAAA,QACR,OAAO,KAAK,SAAS;AAAA,QACrB,OAAO,KAAK,UAAU;AAAA,QACtB,EAAE,QAAQ,KAAK,eAAe;AAAA,QAC9B;AAAA,MACF;AAEA,aAAO,IAAI,WAAW,MAAM;AAAA,IAC9B,SAAS,OAAO;AACd,YAAM,IAAI;AAAA,QACR,gBAAgB,iBAAiB,QAAQ,MAAM,UAAU,eAAe;AAAA,MAC1E;AAAA,IACF;AAAA,EACF;AAAA,EAEU,OAAO,MAA8B;AAE7C,WAAO,IAAI;AAAA,MACT,WAAW,QAAQ,EAAE,OAAO,OAAO,KAAK,IAAI,CAAC,EAAE,OAAO;AAAA,IACxD;AAAA,EACF;AAAA,EAEU,WAAW,KAAiB,MAA8B;AAElE,WAAO,IAAI;AAAA,MACT,WAAW,UAAU,OAAO,KAAK,GAAG,CAAC,EAAE,OAAO,OAAO,KAAK,IAAI,CAAC,EAAE,OAAO;AAAA,IAC1E;AAAA,EACF;AAAA,EAEA,MAAgB,WACd,KACA,IACA,WACqB;AACrB,UAAM,SAAS;AAAA,MACb;AAAA,MACA,OAAO,KAAK,GAAG;AAAA,MACf,OAAO,KAAK,EAAE;AAAA,IAChB;AACA,UAAM,YAAY,OAAO,OAAO;AAAA,MAC9B,OAAO,OAAO,OAAO,KAAK,SAAS,CAAC;AAAA,MACpC,OAAO,MAAM;AAAA,IACf,CAAC;AACD,WAAO,IAAI,WAAW,SAAS;AAAA,EACjC;AAAA,EAEA,MAAgB,WACd,KACA,IACA,YACqB;AACrB,UAAM,WAAW;AAAA,MACf;AAAA,MACA,OAAO,KAAK,GAAG;AAAA,MACf,OAAO,KAAK,EAAE;AAAA,IAChB;AACA,UAAM,YAAY,OAAO,OAAO;AAAA,MAC9B,SAAS,OAAO,OAAO,KAAK,UAAU,CAAC;AAAA,MACvC,SAAS,MAAM;AAAA,IACjB,CAAC;AACD,WAAO,IAAI,WAAW,SAAS;AAAA,EACjC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAgBA,wBAAwB,WAAmC;AACzD,UAAM,MAAM,UAAU;AAGtB,QAAI,QAAQ,MAAM,UAAU,CAAC,MAAM,GAAM;AACvC,aAAO;AAAA,IACT;AAGA,QAAI,QAAQ,OAAO,UAAU,CAAC,MAAM,KAAQ,UAAU,CAAC,MAAM,IAAO;AAClE,YAAM,eAAe,KAAK,oBAAoB,SAAS;AACvD,UAAI,CAAC,cAAc;AACjB,cAAM,IAAI;AAAA,UACR,+CAA+C,MAAM,UAAU,CAAC,CAAC,CAAC;AAAA,QACpE;AAAA,MACF;AACA,aAAO;AAAA,IACT;AAGA,QAAI,QAAQ,IAAI;AACd,YAAM,IAAI;AAAA,QACR;AAAA,MAEF;AAAA,IACF;AAEA,UAAM,IAAI;AAAA,MACR,6FAA6F,GAAG;AAAA,IAClG;AAAA,EACF;AACF;","names":[]}

package/dist/index.browser.d.ts

@@ -28,6 +28,7 @@ export type { ECIESProvider, ECIESEncrypted, ECIESOptions, } from "./crypto/ecie
 export { createBrowserPlatformAdapter, createPlatformAdapterSafe, } from "./platform/browser-only";
 export { generatePkceVerifier, computePkceChallenge, verifyPkceChallenge, assertValidPkceVerifier, PKCE_VERIFIER_PATTERN, PKCE_CHALLENGE_PATTERN, } from "./auth/pkce";
 export { InMemoryTokenStore, type TokenStore, type TokenRecord, } from "./auth/token-store";
+export { OAuthClient, type OAuthClientConfig, type AuthorizationUrlResult, } from "./auth/oauth-client";
 export { detectPlatform, isPlatformSupported, getPlatformCapabilities, } from "./platform/utils";
 export { deriveMasterKey, deriveScopeKey, recoverServerOwner, MASTER_KEY_MESSAGE, } from "./crypto/keys/derive";
 export { encryptWithPassword, decryptWithPassword, } from "./crypto/envelope/openpgp";

package/dist/index.browser.js

@@ -29006,7 +29006,7 @@ async function buildWeb3SignedHeader(params) {
 }
 
 // src/storage/providers/vana-storage.ts
-var DEFAULT_ENDPOINT = "https://storage.vana.com";
+var DEFAULT_ENDPOINT = "https://storage.vana.org";
 var BLOB_PATH_PREFIX = "/v1/blobs";
 var DEFAULT_TOKEN_TTL_SECONDS = 300;
 var VanaStorage = class {
@@ -31432,6 +31432,228 @@ var InMemoryTokenStore = class {
   }
 };
 
+// src/auth/oauth-client.ts
+var VERIFIER_TTL_SECONDS = 600;
+var RESERVED_AUTHORIZE_PARAMS = /* @__PURE__ */ new Set([
+  "response_type",
+  "client_id",
+  "redirect_uri",
+  "scope",
+  "state",
+  "code_challenge",
+  "code_challenge_method"
+]);
+var OAuthClient = class {
+  #config;
+  constructor(config) {
+    const fetchImpl = config.fetchImpl ?? globalThis.fetch;
+    if (typeof fetchImpl !== "function") {
+      throw new TypeError(
+        "OAuthClient requires a global `fetch` or an explicit `fetchImpl`"
+      );
+    }
+    this.#config = {
+      authorizationEndpoint: config.authorizationEndpoint,
+      tokenEndpoint: config.tokenEndpoint,
+      clientId: config.clientId,
+      redirectUri: config.redirectUri,
+      scope: config.scope,
+      tokenStore: config.tokenStore ?? new InMemoryTokenStore(),
+      fetchImpl,
+      generateState: config.generateState ?? defaultGenerateState
+    };
+  }
+  /** Build the authorize URL and persist the PKCE verifier keyed by `state`. */
+  async buildAuthorizationUrl(opts = {}) {
+    const state = opts.state ?? this.#config.generateState();
+    const scope = opts.scope ?? this.#config.scope;
+    const verifier = generatePkceVerifier();
+    const challenge = await computePkceChallenge(verifier);
+    await this.#config.tokenStore.set(this.#verifierKey(state), {
+      token: verifier,
+      expiresAt: Math.floor(Date.now() / 1e3) + VERIFIER_TTL_SECONDS
+    });
+    const params = new URLSearchParams();
+    params.set("response_type", "code");
+    params.set("client_id", this.#config.clientId);
+    params.set("redirect_uri", this.#config.redirectUri);
+    if (scope !== void 0 && scope.length > 0) {
+      params.set("scope", scope);
+    }
+    params.set("state", state);
+    params.set("code_challenge", challenge);
+    params.set("code_challenge_method", "S256");
+    if (opts.extraParams !== void 0) {
+      for (const k of Object.keys(opts.extraParams)) {
+        if (RESERVED_AUTHORIZE_PARAMS.has(k)) {
+          throw new Error(
+            `extraParams may not override the reserved OAuth/PKCE parameter "${k}"`
+          );
+        }
+      }
+      for (const [k, v] of Object.entries(opts.extraParams)) {
+        params.set(k, v);
+      }
+    }
+    const sep = this.#config.authorizationEndpoint.includes("?") ? "&" : "?";
+    const url = `${this.#config.authorizationEndpoint}${sep}${params.toString()}`;
+    return { url, state };
+  }
+  /**
+   * Handle the redirect-callback URL. Validates `state`, retrieves the saved
+   * verifier, exchanges the authorization code + verifier for tokens, and
+   * persists them. Returns the access {@link TokenRecord}.
+   */
+  async handleCallback(callbackUrl) {
+    const parsed = new URL(callbackUrl);
+    const params = parsed.searchParams;
+    const errorCode = params.get("error");
+    if (errorCode !== null) {
+      throw new Error(
+        formatOAuthError({
+          error: errorCode,
+          error_description: params.get("error_description") ?? void 0
+        })
+      );
+    }
+    const code = params.get("code");
+    const state = params.get("state");
+    if (code === null || state === null) {
+      throw new Error("OAuth callback is missing `code` or `state`");
+    }
+    const verifierRecord = await this.#config.tokenStore.get(
+      this.#verifierKey(state)
+    );
+    if (verifierRecord === null) {
+      throw new Error(
+        "OAuth callback state does not match any in-flight verifier (possible CSRF or expired flow)"
+      );
+    }
+    const body = new URLSearchParams();
+    body.set("grant_type", "authorization_code");
+    body.set("code", code);
+    body.set("redirect_uri", this.#config.redirectUri);
+    body.set("client_id", this.#config.clientId);
+    body.set("code_verifier", verifierRecord.token);
+    let tokens;
+    try {
+      tokens = await this.#tokenRequest(body);
+    } finally {
+      await this.#config.tokenStore.delete(this.#verifierKey(state));
+    }
+    return this.#persistTokens(tokens);
+  }
+  /**
+   * Exchange a stored refresh token for a fresh access token. Throws if no
+   * refresh token is available.
+   */
+  async refresh() {
+    const refreshRecord = await this.#config.tokenStore.get(this.#refreshKey());
+    if (refreshRecord === null) {
+      throw new Error("OAuth refresh failed: no refresh token stored");
+    }
+    const body = new URLSearchParams();
+    body.set("grant_type", "refresh_token");
+    body.set("refresh_token", refreshRecord.token);
+    body.set("client_id", this.#config.clientId);
+    const tokens = await this.#tokenRequest(body);
+    return this.#persistTokens(tokens, refreshRecord.token);
+  }
+  /**
+   * Get the current access token if valid (refreshing first if expired and a
+   * refresh token is available). Returns `null` when no usable token exists.
+   */
+  async getAccessToken() {
+    const stored = await this.#config.tokenStore.get(this.#accessKey());
+    if (stored !== null) return stored.token;
+    const refresh = await this.#config.tokenStore.get(this.#refreshKey());
+    if (refresh === null) return null;
+    try {
+      const refreshed = await this.refresh();
+      return refreshed.token;
+    } catch {
+      return null;
+    }
+  }
+  /** Forget tokens (logout). Does NOT call any remote revocation endpoint. */
+  async signOut() {
+    await this.#config.tokenStore.delete(this.#accessKey());
+    await this.#config.tokenStore.delete(this.#refreshKey());
+  }
+  #accessKey() {
+    return `oauth:tokens:${this.#config.clientId}`;
+  }
+  #refreshKey() {
+    return `oauth:refresh:${this.#config.clientId}`;
+  }
+  #verifierKey(state) {
+    return `oauth:verifier:${state}`;
+  }
+  async #tokenRequest(body) {
+    const response = await this.#config.fetchImpl(this.#config.tokenEndpoint, {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/x-www-form-urlencoded",
+        Accept: "application/json"
+      },
+      body: body.toString()
+    });
+    const text = await response.text();
+    const parsed = parseJsonBody(text);
+    if (!response.ok) {
+      throw new Error(formatOAuthError(parsed ?? {}, response.status));
+    }
+    if (parsed === null || typeof parsed !== "object" || typeof parsed.access_token !== "string") {
+      throw new Error(
+        "OAuth token endpoint returned a response without an `access_token` string"
+      );
+    }
+    return parsed;
+  }
+  async #persistTokens(tokens, previousRefreshToken) {
+    const record = { token: tokens.access_token };
+    if (typeof tokens.expires_in === "number" && tokens.expires_in > 0) {
+      record.expiresAt = Math.floor(Date.now() / 1e3) + tokens.expires_in;
+    }
+    await this.#config.tokenStore.set(this.#accessKey(), record);
+    const newRefresh = tokens.refresh_token ?? previousRefreshToken;
+    if (newRefresh !== void 0) {
+      await this.#config.tokenStore.set(this.#refreshKey(), {
+        token: newRefresh
+      });
+    }
+    return record;
+  }
+};
+function defaultGenerateState() {
+  const bytes = new Uint8Array(24);
+  crypto.getRandomValues(bytes);
+  let binary = "";
+  for (let i = 0; i < bytes.length; i++) {
+    binary += String.fromCharCode(bytes[i]);
+  }
+  return btoa(binary).replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
+}
+function parseJsonBody(text) {
+  if (text.length === 0) return null;
+  try {
+    return JSON.parse(text);
+  } catch {
+    return null;
+  }
+}
+function formatOAuthError(body, status) {
+  const parts = ["OAuth token request failed"];
+  if (status !== void 0) parts.push(`(HTTP ${String(status)})`);
+  if (body.error !== void 0 && body.error.length > 0) {
+    parts.push(`: ${body.error}`);
+    if (body.error_description !== void 0 && body.error_description.length > 0) {
+      parts.push(`- ${body.error_description}`);
+    }
+  }
+  return parts.join(" ").replace(" : ", ": ").replace(" - ", " - ");
+}
+
 // src/platform/utils.ts
 function detectPlatform() {
   if (typeof process !== "undefined" && process.versions && process.versions.node) {
@@ -32209,6 +32431,7 @@ export {
   MissingAuthError,
   NetworkError,
   NonceError,
+  OAuthClient,
   PKCE_CHALLENGE_PATTERN,
   PKCE_VERIFIER_PATTERN,
   PSError,