@originals/sdk 1.1.0

package/src/crypto/Signer.ts

@@ -0,0 +1,254 @@
+// Initialize noble crypto libraries first (idempotent - safe to import multiple times)
+import './noble-init.js';
+
+export abstract class Signer {
+  abstract sign(data: Buffer, privateKeyMultibase: string): Promise<Buffer>;
+  abstract verify(data: Buffer, signature: Buffer, publicKeyMultibase: string): Promise<boolean>;
+}
+
+import { bls12_381 as bls } from '@noble/curves/bls12-381';
+import { p256 } from '@noble/curves/p256';
+import { sha256 } from '@noble/hashes/sha2.js';
+import * as secp256k1 from '@noble/secp256k1';
+import * as ed25519 from '@noble/ed25519';
+import { multikey } from './Multikey';
+
+export class ES256KSigner extends Signer {
+  async sign(data: Buffer, privateKeyMultibase: string): Promise<Buffer> {
+    if (!privateKeyMultibase || privateKeyMultibase[0] !== 'z') {
+      throw new Error('Invalid multibase key format. Keys must use multicodec headers.');
+    }
+    
+    let decoded;
+    try {
+      decoded = multikey.decodePrivateKey(privateKeyMultibase);
+    } catch (error) {
+      throw new Error(
+        `Invalid multibase key format. Keys must use multicodec headers. ${
+          error instanceof Error ? error.message : String(error)
+        }`
+      );
+    }
+    
+    if (decoded.type !== 'Secp256k1') {
+      throw new Error('Invalid key type for ES256K');
+    }
+    
+    const privateKey = decoded.key;
+    const hash = sha256(data);
+    const sigAny: any = await (secp256k1 as any).signAsync(hash, privateKey);
+    const sigBytes: Uint8Array = sigAny instanceof Uint8Array
+      ? sigAny
+      : typeof sigAny?.toCompactRawBytes === 'function'
+        ? sigAny.toCompactRawBytes()
+        : typeof sigAny?.toRawBytes === 'function'
+          ? sigAny.toRawBytes()
+          : new Uint8Array(sigAny);
+    return Buffer.from(sigBytes);
+  }
+
+  async verify(data: Buffer, signature: Buffer, publicKeyMultibase: string): Promise<boolean> {
+    if (!publicKeyMultibase || publicKeyMultibase[0] !== 'z') {
+      throw new Error('Invalid multibase key format. Keys must use multicodec headers.');
+    }
+    
+    let decoded;
+    try {
+      decoded = multikey.decodePublicKey(publicKeyMultibase);
+    } catch (error) {
+      throw new Error(
+        `Invalid multibase key format. Keys must use multicodec headers. ${
+          error instanceof Error ? error.message : String(error)
+        }`
+      );
+    }
+    
+    if (decoded.type !== 'Secp256k1') {
+      throw new Error('Invalid key type for ES256K');
+    }
+    
+    const publicKey = decoded.key;
+    const hash = sha256(data);
+    try {
+      return secp256k1.verify(signature, hash, publicKey);
+    } catch {
+      return false;
+    }
+  }
+}
+
+export class Ed25519Signer extends Signer {
+  async sign(data: Buffer, privateKeyMultibase: string): Promise<Buffer> {
+    if (!privateKeyMultibase || privateKeyMultibase[0] !== 'z') {
+      throw new Error('Invalid multibase key format. Keys must use multicodec headers.');
+    }
+    
+    let decoded;
+    try {
+      decoded = multikey.decodePrivateKey(privateKeyMultibase);
+    } catch (error) {
+      throw new Error(
+        `Invalid multibase key format. Keys must use multicodec headers. ${
+          error instanceof Error ? error.message : String(error)
+        }`
+      );
+    }
+    
+    if (decoded.type !== 'Ed25519') {
+      throw new Error('Invalid key type for Ed25519');
+    }
+    
+    const privateKey = decoded.key;
+    const signature = await (ed25519 as any).signAsync(data, privateKey);
+    return Buffer.from(signature);
+  }
+
+  async verify(data: Buffer, signature: Buffer, publicKeyMultibase: string): Promise<boolean> {
+    if (!publicKeyMultibase || publicKeyMultibase[0] !== 'z') {
+      throw new Error('Invalid multibase key format. Keys must use multicodec headers.');
+    }
+    
+    let decoded;
+    try {
+      decoded = multikey.decodePublicKey(publicKeyMultibase);
+    } catch (error) {
+      throw new Error(
+        `Invalid multibase key format. Keys must use multicodec headers. ${
+          error instanceof Error ? error.message : String(error)
+        }`
+      );
+    }
+    
+    if (decoded.type !== 'Ed25519') {
+      throw new Error('Invalid key type for Ed25519');
+    }
+    
+    const publicKey = decoded.key;
+    try {
+      return await (ed25519 as any).verifyAsync(signature, data, publicKey);
+    } catch {
+      return false;
+    }
+  }
+}
+
+export class ES256Signer extends Signer {
+  async sign(data: Buffer, privateKeyMultibase: string): Promise<Buffer> {
+    if (!privateKeyMultibase || privateKeyMultibase[0] !== 'z') {
+      throw new Error('Invalid multibase key format. Keys must use multicodec headers.');
+    }
+    
+    let decoded;
+    try {
+      decoded = multikey.decodePrivateKey(privateKeyMultibase);
+    } catch (error) {
+      throw new Error(
+        `Invalid multibase key format. Keys must use multicodec headers. ${
+          error instanceof Error ? error.message : String(error)
+        }`
+      );
+    }
+    
+    if (decoded.type !== 'P256') {
+      throw new Error('Invalid key type for ES256');
+    }
+    
+    const privateKey = decoded.key;
+    const hash = sha256(data);
+    const sigAny: any = p256.sign(hash, privateKey);
+    const sigBytes: Uint8Array = sigAny instanceof Uint8Array
+      ? sigAny
+      : typeof sigAny?.toCompactRawBytes === 'function'
+        ? sigAny.toCompactRawBytes()
+        : typeof sigAny?.toRawBytes === 'function'
+          ? sigAny.toRawBytes()
+          : new Uint8Array(sigAny);
+    return Buffer.from(sigBytes);
+  }
+
+  async verify(data: Buffer, signature: Buffer, publicKeyMultibase: string): Promise<boolean> {
+    if (!publicKeyMultibase || publicKeyMultibase[0] !== 'z') {
+      throw new Error('Invalid multibase key format. Keys must use multicodec headers.');
+    }
+    
+    let decoded;
+    try {
+      decoded = multikey.decodePublicKey(publicKeyMultibase);
+    } catch (error) {
+      throw new Error(
+        `Invalid multibase key format. Keys must use multicodec headers. ${
+          error instanceof Error ? error.message : String(error)
+        }`
+      );
+    }
+    
+    if (decoded.type !== 'P256') {
+      throw new Error('Invalid key type for ES256');
+    }
+    
+    const publicKey = decoded.key;
+    const hash = sha256(data);
+    try {
+      return p256.verify(signature, hash, publicKey);
+    } catch {
+      return false;
+    }
+  }
+}
+
+export class Bls12381G2Signer extends Signer {
+  async sign(data: Buffer, privateKeyMultibase: string): Promise<Buffer> {
+    if (!privateKeyMultibase || privateKeyMultibase[0] !== 'z') {
+      throw new Error('Invalid multibase key format. Keys must use multicodec headers.');
+    }
+    
+    let decoded;
+    try {
+      decoded = multikey.decodePrivateKey(privateKeyMultibase);
+    } catch (error) {
+      throw new Error(
+        `Invalid multibase key format. Keys must use multicodec headers. ${
+          error instanceof Error ? error.message : String(error)
+        }`
+      );
+    }
+    
+    if (decoded.type !== 'Bls12381G2') {
+      throw new Error('Invalid key type for Bls12381G2');
+    }
+    
+    const sk = decoded.key;
+    const sig = await bls.sign(data, sk);
+    return Buffer.from(sig);
+  }
+
+  async verify(data: Buffer, signature: Buffer, publicKeyMultibase: string): Promise<boolean> {
+    if (!publicKeyMultibase || publicKeyMultibase[0] !== 'z') {
+      throw new Error('Invalid multibase key format. Keys must use multicodec headers.');
+    }
+    
+    let decoded;
+    try {
+      decoded = multikey.decodePublicKey(publicKeyMultibase);
+    } catch (error) {
+      throw new Error(
+        `Invalid multibase key format. Keys must use multicodec headers. ${
+          error instanceof Error ? error.message : String(error)
+        }`
+      );
+    }
+    
+    if (decoded.type !== 'Bls12381G2') {
+      throw new Error('Invalid key type for Bls12381G2');
+    }
+    
+    const pk = decoded.key;
+    try {
+      return await bls.verify(signature, data, pk);
+    } catch {
+      return false;
+    }
+  }
+}
+
+

package/src/crypto/noble-init.ts

@@ -0,0 +1,121 @@
+/**
+ * Noble Crypto Library Initialization
+ * 
+ * @noble/ed25519 v2.x and @noble/secp256k1 require manual configuration of hash functions.
+ * This is by design - they don't bundle hash implementations to allow flexibility.
+ * 
+ * This module centralizes the initialization to ensure:
+ * 1. Libraries are configured before any crypto operations
+ * 2. Configuration is consistent across the SDK
+ * 3. Readonly property issues (Bun) are handled gracefully
+ * 
+ * This should be imported at the SDK entry point (index.ts) to ensure it runs first.
+ */
+
+import * as secp256k1 from '@noble/secp256k1';
+import * as ed25519 from '@noble/ed25519';
+import { sha256, sha512 } from '@noble/hashes/sha2.js';
+import { hmac } from '@noble/hashes/hmac.js';
+import { concatBytes } from '@noble/hashes/utils.js';
+
+// Implementation functions
+const sha512Impl = (...msgs: Uint8Array[]) => sha512(concatBytes(...msgs));
+const hmacSha256Impl = (key: Uint8Array, ...msgs: Uint8Array[]) =>
+  hmac(sha256, key, concatBytes(...msgs));
+
+/**
+ * Safely set a property on an object, handling readonly properties
+ */
+function safeSetProperty(
+  obj: any,
+  prop: string,
+  value: any,
+  options?: { writable?: boolean; configurable?: boolean }
+): boolean {
+  try {
+    obj[prop] = value;
+    return true;
+  } catch {
+    // Property might be readonly, try defineProperty
+    try {
+      Object.defineProperty(obj, prop, {
+        value,
+        writable: options?.writable ?? true,
+        configurable: options?.configurable ?? true,
+      });
+      return true;
+    } catch {
+      // If both fail, property might already be set or truly readonly
+      return false;
+    }
+  }
+}
+
+/**
+ * Initialize @noble/secp256k1 with hmacSha256Sync utility
+ */
+function initSecp256k1(): void {
+  const sAny: any = secp256k1 as any;
+  
+  if (!sAny?.utils) {
+    // Try to create utils object if it doesn't exist
+    try {
+      sAny.utils = {};
+    } catch {
+      // If we can't create it, try defineProperty
+      Object.defineProperty(sAny, 'utils', {
+        value: {},
+        writable: true,
+        configurable: true,
+      });
+    }
+  }
+  
+  // Set hmacSha256Sync if not already set
+  if (typeof sAny.utils.hmacSha256Sync !== 'function') {
+    safeSetProperty(sAny.utils, 'hmacSha256Sync', hmacSha256Impl);
+  }
+}
+
+/**
+ * Initialize @noble/ed25519 with sha512Sync utility
+ * Handles both etc.sha512Sync (v2.x) and utils.sha512Sync (backward compat)
+ */
+function initEd25519(): void {
+  const eAny: any = ed25519 as any;
+  
+  // Set etc.sha512Sync for @noble/ed25519 v2.x (required)
+  if (eAny?.etc && typeof eAny.etc.sha512Sync !== 'function') {
+    safeSetProperty(eAny.etc, 'sha512Sync', sha512Impl);
+  }
+  
+  // Set utils.sha512Sync for backward compatibility
+  if (!eAny?.utils) {
+    try {
+      eAny.utils = {};
+    } catch {
+      Object.defineProperty(eAny, 'utils', {
+        value: {},
+        writable: true,
+        configurable: true,
+      });
+    }
+  }
+  
+  if (typeof eAny.utils.sha512Sync !== 'function') {
+    safeSetProperty(eAny.utils, 'sha512Sync', sha512Impl);
+  }
+}
+
+/**
+ * Initialize all noble crypto libraries
+ * This should be called once at SDK startup
+ */
+export function initNobleCrypto(): void {
+  initSecp256k1();
+  initEd25519();
+}
+
+// Auto-initialize when this module is imported
+initNobleCrypto();
+

package/src/did/BtcoDidResolver.ts

@@ -0,0 +1,227 @@
+import type { DIDDocument } from '../types/did';
+
+export interface BtcoInscriptionData {
+  inscriptionId: string;
+  content: string;
+  metadata: any;
+  contentUrl?: string;
+  contentType?: string;
+  isValidDid?: boolean;
+  didDocument?: DIDDocument | null;
+  error?: string;
+}
+
+export interface BtcoDidResolutionResult {
+  didDocument: DIDDocument | null;
+  inscriptions?: BtcoInscriptionData[];
+  resolutionMetadata: {
+    contentType?: string;
+    error?: string;
+    message?: string;
+    inscriptionId?: string;
+    satNumber?: string;
+    network?: string;
+    totalInscriptions?: number;
+  };
+  didDocumentMetadata: {
+    created?: string;
+    updated?: string;
+    deactivated?: boolean;
+    inscriptionId?: string;
+    network?: string;
+  };
+}
+
+export interface ResourceProviderLike {
+  getSatInfo(satNumber: string): Promise<{ inscription_ids: string[] }>;
+  resolveInscription(inscriptionId: string): Promise<{ id: string; sat: number; content_type: string; content_url: string }>;
+  getMetadata(inscriptionId: string): Promise<any>;
+}
+
+export interface BtcoDidResolutionOptions {
+  provider?: ResourceProviderLike;
+  fetchFn?: (url: string) => Promise<Response>;
+  timeout?: number;
+}
+
+export class BtcoDidResolver {
+  private readonly options: BtcoDidResolutionOptions;
+
+  constructor(options: BtcoDidResolutionOptions = {}) {
+    this.options = options;
+  }
+
+  private parseBtcoDid(did: string): { satNumber: string; path?: string; network: string } | null {
+    const regex = /^did:btco(?::(reg|sig))?:([0-9]+)(?:\/(.+))?$/;
+    const match = did.match(regex);
+    if (!match) return null;
+    const [, networkSuffix, satNumber, path] = match;
+    const network = networkSuffix || 'mainnet';
+    return { satNumber, path, network };
+  }
+
+  private getDidPrefix(network: string): string {
+    switch (network) {
+      case 'reg':
+      case 'regtest':
+        return 'did:btco:reg';
+      case 'sig':
+      case 'signet':
+        return 'did:btco:sig';
+      default:
+        return 'did:btco';
+    }
+  }
+
+  async resolve(did: string, options: BtcoDidResolutionOptions = {}): Promise<BtcoDidResolutionResult> {
+    const parsed = this.parseBtcoDid(did);
+    if (!parsed) {
+      return this.createErrorResult('invalidDid', `Invalid BTCO DID format: ${did}`);
+    }
+
+    const { satNumber, network } = parsed;
+    const provider = options.provider || this.options.provider;
+    if (!provider) {
+      return this.createErrorResult('noProvider', 'No provider supplied');
+    }
+
+    let inscriptionIds: string[] = [];
+    try {
+      const satInfo = await provider.getSatInfo(satNumber);
+      inscriptionIds = satInfo?.inscription_ids || [];
+    } catch (e: any) {
+      return this.createErrorResult('notFound', `Failed to retrieve inscriptions for satoshi ${satNumber}: ${e?.message || String(e)}`);
+    }
+
+    if (inscriptionIds.length === 0) {
+      return this.createErrorResult('notFound', `No inscriptions found on satoshi ${satNumber}`);
+    }
+
+    const expectedDid = `${this.getDidPrefix(network)}:${satNumber}`;
+    const didPattern = new RegExp(`^(?:BTCO DID: )?(${expectedDid.replace(/[.*+?^${}()|[\]\\]/g, '\\$&')})`, 'i');
+
+    const inscriptionDataList: BtcoInscriptionData[] = [];
+
+    for (const inscriptionId of inscriptionIds) {
+      const inscriptionData: BtcoInscriptionData = {
+        inscriptionId,
+        content: '',
+        metadata: null
+      };
+
+      try {
+        const inscription = await provider.resolveInscription(inscriptionId);
+        if (!inscription) {
+          inscriptionData.error = `Inscription ${inscriptionId} not found`;
+          inscriptionDataList.push(inscriptionData);
+          continue;
+        }
+
+        inscriptionData.contentUrl = inscription.content_url;
+        inscriptionData.contentType = inscription.content_type;
+
+        try {
+          // Use configurable fetch function or default to global fetch
+          const fetchFn = options.fetchFn || this.options.fetchFn || fetch;
+          const timeout = options.timeout || this.options.timeout || 10000; // 10 second default
+
+          // Create abort controller for timeout
+          const controller = new AbortController();
+          const timeoutId = setTimeout(() => controller.abort(), timeout);
+
+          try {
+            const response = await fetchFn(inscription.content_url);
+            clearTimeout(timeoutId);
+
+            if (!response.ok) {
+              throw new Error(`HTTP ${response.status}: ${response.statusText}`);
+            }
+            inscriptionData.content = await response.text();
+          } finally {
+            clearTimeout(timeoutId);
+          }
+        } catch (err: any) {
+          inscriptionData.error = `Failed to fetch content: ${err?.message || String(err)}`;
+          inscriptionDataList.push(inscriptionData);
+          continue;
+        }
+
+        try {
+          inscriptionData.metadata = await provider.getMetadata(inscriptionId);
+        } catch (err) {
+          inscriptionData.metadata = null;
+        }
+
+        inscriptionData.isValidDid = didPattern.test(inscriptionData.content);
+
+        if (inscriptionData.isValidDid && inscriptionData.metadata) {
+          const didDocument = inscriptionData.metadata as DIDDocument;
+          if (this.isValidDidDocument(didDocument) && didDocument.id === expectedDid) {
+            inscriptionData.didDocument = didDocument;
+          } else {
+            inscriptionData.error = 'Invalid DID document structure or mismatched ID';
+          }
+        }
+
+        if (inscriptionData.content.includes('🔥')) {
+          inscriptionData.didDocument = null;
+          if (!inscriptionData.error) {
+            inscriptionData.error = 'DID has been deactivated';
+          }
+        }
+      } catch (err: any) {
+        inscriptionData.error = `Failed to process inscription: ${err?.message || String(err)}`;
+      }
+
+      inscriptionDataList.push(inscriptionData);
+    }
+
+    let latestValidDidDocument: DIDDocument | null = null;
+    let latestInscriptionId: string | undefined;
+    for (let i = inscriptionDataList.length - 1; i >= 0; i--) {
+      const data = inscriptionDataList[i];
+      if (data.didDocument && !data.error) {
+        latestValidDidDocument = data.didDocument;
+        latestInscriptionId = data.inscriptionId;
+        break;
+      }
+    }
+
+    return {
+      didDocument: latestValidDidDocument,
+      inscriptions: inscriptionDataList,
+      resolutionMetadata: {
+        inscriptionId: latestInscriptionId,
+        satNumber,
+        network,
+        totalInscriptions: inscriptionDataList.length
+      },
+      didDocumentMetadata: {
+        inscriptionId: latestInscriptionId,
+        network
+      }
+    };
+  }
+
+  private isValidDidDocument(doc: any): doc is DIDDocument {
+    if (!doc || typeof doc !== 'object') return false;
+    if (!doc.id || typeof doc.id !== 'string') return false;
+    if (!doc['@context']) return false;
+    const contexts = Array.isArray(doc['@context']) ? doc['@context'] : [doc['@context']];
+    if (!contexts.includes('https://www.w3.org/ns/did/v1') && !contexts.includes('https://w3id.org/did/v1')) {
+      return false;
+    }
+    if (doc.verificationMethod && !Array.isArray(doc.verificationMethod)) return false;
+    if (doc.authentication && !Array.isArray(doc.authentication)) return false;
+    return true;
+  }
+
+  private createErrorResult(error: string, message: string): BtcoDidResolutionResult {
+    return {
+      didDocument: null,
+      resolutionMetadata: { error, message },
+      didDocumentMetadata: {}
+    };
+  }
+}
+