@originals/sdk 1.4.3 → 1.4.5

package/dist/crypto/Multikey.js

@@ -0,0 +1,149 @@
+import { base58 } from '@scure/base';
+// Multicodec headers (varints) for supported key types
+export const MULTICODEC_ED25519_PUB_HEADER = new Uint8Array([0xed, 0x01]);
+export const MULTICODEC_ED25519_PRIV_HEADER = new Uint8Array([0x80, 0x26]);
+export const MULTICODEC_SECP256K1_PUB_HEADER = new Uint8Array([0xe7, 0x01]);
+export const MULTICODEC_SECP256K1_PRIV_HEADER = new Uint8Array([0x13, 0x01]);
+export const MULTICODEC_BLS12381_G2_PUB_HEADER = new Uint8Array([0xeb, 0x01]);
+export const MULTICODEC_BLS12381_G2_PRIV_HEADER = new Uint8Array([0x82, 0x26]);
+export const MULTICODEC_P256_PUB_HEADER = new Uint8Array([0x80, 0x24]);
+export const MULTICODEC_P256_PRIV_HEADER = new Uint8Array([0x81, 0x26]);
+function concatBytes(a, b) {
+    const out = new Uint8Array(a.length + b.length);
+    out.set(a, 0);
+    out.set(b, a.length);
+    return out;
+}
+/**
+ * Validates that a key string uses proper multikey format.
+ * @param key - The multibase-encoded key string to validate
+ * @param expectedType - The expected key type (e.g., 'Ed25519', 'Secp256k1')
+ * @param isPrivate - Whether this is a private key (true) or public key (false)
+ * @throws Error with descriptive message if validation fails
+ */
+export function validateMultikeyFormat(key, expectedType, isPrivate) {
+    // Validate multibase prefix
+    if (!key || typeof key !== 'string') {
+        throw new Error('Invalid multibase key format. Key must be a non-empty string.');
+    }
+    if (key[0] !== 'z') {
+        throw new Error('Invalid multibase key format. Keys must use z-base58btc encoding (prefix "z").');
+    }
+    // Attempt to decode and validate multicodec header
+    try {
+        const mc = base58.decode(key.slice(1));
+        if (mc.length < 2) {
+            throw new Error('Invalid multibase key format. Keys must use multicodec headers.');
+        }
+        // Validate header matches expected type
+        const header = mc.slice(0, 2);
+        const expectedHeaders = isPrivate
+            ? {
+                Ed25519: MULTICODEC_ED25519_PRIV_HEADER,
+                Secp256k1: MULTICODEC_SECP256K1_PRIV_HEADER,
+                Bls12381G2: MULTICODEC_BLS12381_G2_PRIV_HEADER,
+                P256: MULTICODEC_P256_PRIV_HEADER
+            }
+            : {
+                Ed25519: MULTICODEC_ED25519_PUB_HEADER,
+                Secp256k1: MULTICODEC_SECP256K1_PUB_HEADER,
+                Bls12381G2: MULTICODEC_BLS12381_G2_PUB_HEADER,
+                P256: MULTICODEC_P256_PUB_HEADER
+            };
+        const expectedHeader = expectedHeaders[expectedType];
+        if (header[0] !== expectedHeader[0] || header[1] !== expectedHeader[1]) {
+            throw new Error(`Invalid multibase key format. Expected ${expectedType} ${isPrivate ? 'private' : 'public'} key with multicodec header [0x${expectedHeader[0].toString(16)}, 0x${expectedHeader[1].toString(16)}], but found [0x${header[0].toString(16)}, 0x${header[1].toString(16)}].`);
+        }
+        // Validate key length (basic sanity check)
+        const keyBytes = mc.slice(2);
+        const expectedLengths = {
+            Ed25519: { private: 32, public: 32 },
+            Secp256k1: { private: 32, public: 33 },
+            P256: { private: 32, public: 33 },
+            Bls12381G2: { private: 32, public: 96 }
+        };
+        const expectedLength = isPrivate
+            ? expectedLengths[expectedType].private
+            : expectedLengths[expectedType].public;
+        if (keyBytes.length !== expectedLength) {
+            throw new Error(`Invalid multibase key format. Expected ${expectedType} ${isPrivate ? 'private' : 'public'} key to be ${expectedLength} bytes, but found ${keyBytes.length} bytes.`);
+        }
+    }
+    catch (error) {
+        // Re-throw our own errors as-is
+        if (error instanceof Error && error.message.startsWith('Invalid multibase key format')) {
+            throw error;
+        }
+        // Base58 decode errors or other unexpected errors
+        throw new Error(`Invalid multibase key format. Keys must use multicodec headers. Decode error: ${error instanceof Error ? error.message : String(error)}`);
+    }
+}
+export const multikey = {
+    encodePublicKey: (publicKey, type) => {
+        const header = type === 'Ed25519'
+            ? MULTICODEC_ED25519_PUB_HEADER
+            : type === 'Secp256k1'
+                ? MULTICODEC_SECP256K1_PUB_HEADER
+                : type === 'Bls12381G2'
+                    ? MULTICODEC_BLS12381_G2_PUB_HEADER
+                    : MULTICODEC_P256_PUB_HEADER;
+        const mcBytes = concatBytes(header, publicKey);
+        return 'z' + base58.encode(mcBytes);
+    },
+    encodePrivateKey: (privateKey, type) => {
+        const header = type === 'Ed25519'
+            ? MULTICODEC_ED25519_PRIV_HEADER
+            : type === 'Secp256k1'
+                ? MULTICODEC_SECP256K1_PRIV_HEADER
+                : type === 'Bls12381G2'
+                    ? MULTICODEC_BLS12381_G2_PRIV_HEADER
+                    : MULTICODEC_P256_PRIV_HEADER;
+        const mcBytes = concatBytes(header, privateKey);
+        return 'z' + base58.encode(mcBytes);
+    },
+    encodeMultibase: (data) => {
+        return 'z' + base58.encode(data instanceof Buffer ? new Uint8Array(data) : data);
+    },
+    decodePublicKey: (publicKeyMultibase) => {
+        if (!publicKeyMultibase || publicKeyMultibase[0] !== 'z') {
+            throw new Error('Invalid Multibase encoding');
+        }
+        const mc = base58.decode(publicKeyMultibase.slice(1));
+        const header = mc.slice(0, 2);
+        const key = mc.slice(2);
+        if (header[0] === MULTICODEC_ED25519_PUB_HEADER[0] && header[1] === MULTICODEC_ED25519_PUB_HEADER[1]) {
+            return { key, type: 'Ed25519' };
+        }
+        if (header[0] === MULTICODEC_SECP256K1_PUB_HEADER[0] && header[1] === MULTICODEC_SECP256K1_PUB_HEADER[1]) {
+            return { key, type: 'Secp256k1' };
+        }
+        if (header[0] === MULTICODEC_BLS12381_G2_PUB_HEADER[0] && header[1] === MULTICODEC_BLS12381_G2_PUB_HEADER[1]) {
+            return { key, type: 'Bls12381G2' };
+        }
+        if (header[0] === MULTICODEC_P256_PUB_HEADER[0] && header[1] === MULTICODEC_P256_PUB_HEADER[1]) {
+            return { key, type: 'P256' };
+        }
+        throw new Error('Unsupported key type');
+    },
+    decodePrivateKey: (privateKeyMultibase) => {
+        if (!privateKeyMultibase || privateKeyMultibase[0] !== 'z') {
+            throw new Error('Invalid Multibase encoding');
+        }
+        const mc = base58.decode(privateKeyMultibase.slice(1));
+        const header = mc.slice(0, 2);
+        const key = mc.slice(2);
+        if (header[0] === MULTICODEC_ED25519_PRIV_HEADER[0] && header[1] === MULTICODEC_ED25519_PRIV_HEADER[1]) {
+            return { key, type: 'Ed25519' };
+        }
+        if (header[0] === MULTICODEC_SECP256K1_PRIV_HEADER[0] && header[1] === MULTICODEC_SECP256K1_PRIV_HEADER[1]) {
+            return { key, type: 'Secp256k1' };
+        }
+        if (header[0] === MULTICODEC_BLS12381_G2_PRIV_HEADER[0] && header[1] === MULTICODEC_BLS12381_G2_PRIV_HEADER[1]) {
+            return { key, type: 'Bls12381G2' };
+        }
+        if (header[0] === MULTICODEC_P256_PRIV_HEADER[0] && header[1] === MULTICODEC_P256_PRIV_HEADER[1]) {
+            return { key, type: 'P256' };
+        }
+        throw new Error('Unsupported key type');
+    }
+};

package/dist/crypto/Signer.d.ts

@@ -0,0 +1,21 @@
+import './noble-init.js';
+export declare abstract class Signer {
+    abstract sign(data: Buffer, privateKeyMultibase: string): Promise<Buffer>;
+    abstract verify(data: Buffer, signature: Buffer, publicKeyMultibase: string): Promise<boolean>;
+}
+export declare class ES256KSigner extends Signer {
+    sign(data: Buffer, privateKeyMultibase: string): Promise<Buffer>;
+    verify(data: Buffer, signature: Buffer, publicKeyMultibase: string): Promise<boolean>;
+}
+export declare class Ed25519Signer extends Signer {
+    sign(data: Buffer, privateKeyMultibase: string): Promise<Buffer>;
+    verify(data: Buffer, signature: Buffer, publicKeyMultibase: string): Promise<boolean>;
+}
+export declare class ES256Signer extends Signer {
+    sign(data: Buffer, privateKeyMultibase: string): Promise<Buffer>;
+    verify(data: Buffer, signature: Buffer, publicKeyMultibase: string): Promise<boolean>;
+}
+export declare class Bls12381G2Signer extends Signer {
+    sign(data: Buffer, privateKeyMultibase: string): Promise<Buffer>;
+    verify(data: Buffer, signature: Buffer, publicKeyMultibase: string): Promise<boolean>;
+}

package/dist/crypto/Signer.js

@@ -0,0 +1,196 @@
+// Initialize noble crypto libraries first (idempotent - safe to import multiple times)
+import './noble-init.js';
+export class Signer {
+}
+import { bls12_381 as bls } from '@noble/curves/bls12-381';
+import { p256 } from '@noble/curves/p256';
+import { sha256 } from '@noble/hashes/sha2.js';
+import * as secp256k1 from '@noble/secp256k1';
+import * as ed25519 from '@noble/ed25519';
+import { multikey } from './Multikey';
+export class ES256KSigner extends Signer {
+    async sign(data, privateKeyMultibase) {
+        if (!privateKeyMultibase || privateKeyMultibase[0] !== 'z') {
+            throw new Error('Invalid multibase key format. Keys must use multicodec headers.');
+        }
+        let decoded;
+        try {
+            decoded = multikey.decodePrivateKey(privateKeyMultibase);
+        }
+        catch (error) {
+            throw new Error(`Invalid multibase key format. Keys must use multicodec headers. ${error instanceof Error ? error.message : String(error)}`);
+        }
+        if (decoded.type !== 'Secp256k1') {
+            throw new Error('Invalid key type for ES256K');
+        }
+        const privateKey = decoded.key;
+        const hash = sha256(data);
+        const sigAny = await secp256k1.signAsync(hash, privateKey);
+        const sigBytes = sigAny instanceof Uint8Array
+            ? sigAny
+            : typeof sigAny?.toCompactRawBytes === 'function'
+                ? sigAny.toCompactRawBytes()
+                : typeof sigAny?.toRawBytes === 'function'
+                    ? sigAny.toRawBytes()
+                    : new Uint8Array(sigAny);
+        return Buffer.from(sigBytes);
+    }
+    async verify(data, signature, publicKeyMultibase) {
+        if (!publicKeyMultibase || publicKeyMultibase[0] !== 'z') {
+            throw new Error('Invalid multibase key format. Keys must use multicodec headers.');
+        }
+        let decoded;
+        try {
+            decoded = multikey.decodePublicKey(publicKeyMultibase);
+        }
+        catch (error) {
+            throw new Error(`Invalid multibase key format. Keys must use multicodec headers. ${error instanceof Error ? error.message : String(error)}`);
+        }
+        if (decoded.type !== 'Secp256k1') {
+            throw new Error('Invalid key type for ES256K');
+        }
+        const publicKey = decoded.key;
+        const hash = sha256(data);
+        try {
+            return secp256k1.verify(signature, hash, publicKey);
+        }
+        catch {
+            return false;
+        }
+    }
+}
+export class Ed25519Signer extends Signer {
+    async sign(data, privateKeyMultibase) {
+        if (!privateKeyMultibase || privateKeyMultibase[0] !== 'z') {
+            throw new Error('Invalid multibase key format. Keys must use multicodec headers.');
+        }
+        let decoded;
+        try {
+            decoded = multikey.decodePrivateKey(privateKeyMultibase);
+        }
+        catch (error) {
+            throw new Error(`Invalid multibase key format. Keys must use multicodec headers. ${error instanceof Error ? error.message : String(error)}`);
+        }
+        if (decoded.type !== 'Ed25519') {
+            throw new Error('Invalid key type for Ed25519');
+        }
+        const privateKey = decoded.key;
+        const signature = await ed25519.signAsync(data, privateKey);
+        return Buffer.from(signature);
+    }
+    async verify(data, signature, publicKeyMultibase) {
+        if (!publicKeyMultibase || publicKeyMultibase[0] !== 'z') {
+            throw new Error('Invalid multibase key format. Keys must use multicodec headers.');
+        }
+        let decoded;
+        try {
+            decoded = multikey.decodePublicKey(publicKeyMultibase);
+        }
+        catch (error) {
+            throw new Error(`Invalid multibase key format. Keys must use multicodec headers. ${error instanceof Error ? error.message : String(error)}`);
+        }
+        if (decoded.type !== 'Ed25519') {
+            throw new Error('Invalid key type for Ed25519');
+        }
+        const publicKey = decoded.key;
+        try {
+            return await ed25519.verifyAsync(signature, data, publicKey);
+        }
+        catch {
+            return false;
+        }
+    }
+}
+export class ES256Signer extends Signer {
+    async sign(data, privateKeyMultibase) {
+        if (!privateKeyMultibase || privateKeyMultibase[0] !== 'z') {
+            throw new Error('Invalid multibase key format. Keys must use multicodec headers.');
+        }
+        let decoded;
+        try {
+            decoded = multikey.decodePrivateKey(privateKeyMultibase);
+        }
+        catch (error) {
+            throw new Error(`Invalid multibase key format. Keys must use multicodec headers. ${error instanceof Error ? error.message : String(error)}`);
+        }
+        if (decoded.type !== 'P256') {
+            throw new Error('Invalid key type for ES256');
+        }
+        const privateKey = decoded.key;
+        const hash = sha256(data);
+        const sigAny = p256.sign(hash, privateKey);
+        const sigBytes = sigAny instanceof Uint8Array
+            ? sigAny
+            : typeof sigAny?.toCompactRawBytes === 'function'
+                ? sigAny.toCompactRawBytes()
+                : typeof sigAny?.toRawBytes === 'function'
+                    ? sigAny.toRawBytes()
+                    : new Uint8Array(sigAny);
+        return Buffer.from(sigBytes);
+    }
+    async verify(data, signature, publicKeyMultibase) {
+        if (!publicKeyMultibase || publicKeyMultibase[0] !== 'z') {
+            throw new Error('Invalid multibase key format. Keys must use multicodec headers.');
+        }
+        let decoded;
+        try {
+            decoded = multikey.decodePublicKey(publicKeyMultibase);
+        }
+        catch (error) {
+            throw new Error(`Invalid multibase key format. Keys must use multicodec headers. ${error instanceof Error ? error.message : String(error)}`);
+        }
+        if (decoded.type !== 'P256') {
+            throw new Error('Invalid key type for ES256');
+        }
+        const publicKey = decoded.key;
+        const hash = sha256(data);
+        try {
+            return p256.verify(signature, hash, publicKey);
+        }
+        catch {
+            return false;
+        }
+    }
+}
+export class Bls12381G2Signer extends Signer {
+    async sign(data, privateKeyMultibase) {
+        if (!privateKeyMultibase || privateKeyMultibase[0] !== 'z') {
+            throw new Error('Invalid multibase key format. Keys must use multicodec headers.');
+        }
+        let decoded;
+        try {
+            decoded = multikey.decodePrivateKey(privateKeyMultibase);
+        }
+        catch (error) {
+            throw new Error(`Invalid multibase key format. Keys must use multicodec headers. ${error instanceof Error ? error.message : String(error)}`);
+        }
+        if (decoded.type !== 'Bls12381G2') {
+            throw new Error('Invalid key type for Bls12381G2');
+        }
+        const sk = decoded.key;
+        const sig = await bls.sign(data, sk);
+        return Buffer.from(sig);
+    }
+    async verify(data, signature, publicKeyMultibase) {
+        if (!publicKeyMultibase || publicKeyMultibase[0] !== 'z') {
+            throw new Error('Invalid multibase key format. Keys must use multicodec headers.');
+        }
+        let decoded;
+        try {
+            decoded = multikey.decodePublicKey(publicKeyMultibase);
+        }
+        catch (error) {
+            throw new Error(`Invalid multibase key format. Keys must use multicodec headers. ${error instanceof Error ? error.message : String(error)}`);
+        }
+        if (decoded.type !== 'Bls12381G2') {
+            throw new Error('Invalid key type for Bls12381G2');
+        }
+        const pk = decoded.key;
+        try {
+            return await bls.verify(signature, data, pk);
+        }
+        catch {
+            return false;
+        }
+    }
+}

package/dist/crypto/noble-init.d.ts

@@ -0,0 +1,18 @@
+/**
+ * Noble Crypto Library Initialization
+ *
+ * @noble/ed25519 v2.x and @noble/secp256k1 require manual configuration of hash functions.
+ * This is by design - they don't bundle hash implementations to allow flexibility.
+ *
+ * This module centralizes the initialization to ensure:
+ * 1. Libraries are configured before any crypto operations
+ * 2. Configuration is consistent across the SDK
+ * 3. Readonly property issues (Bun) are handled gracefully
+ *
+ * This should be imported at the SDK entry point (index.ts) to ensure it runs first.
+ */
+/**
+ * Initialize all noble crypto libraries
+ * This should be called once at SDK startup
+ */
+export declare function initNobleCrypto(): void;

package/dist/crypto/noble-init.js

@@ -0,0 +1,106 @@
+/**
+ * Noble Crypto Library Initialization
+ *
+ * @noble/ed25519 v2.x and @noble/secp256k1 require manual configuration of hash functions.
+ * This is by design - they don't bundle hash implementations to allow flexibility.
+ *
+ * This module centralizes the initialization to ensure:
+ * 1. Libraries are configured before any crypto operations
+ * 2. Configuration is consistent across the SDK
+ * 3. Readonly property issues (Bun) are handled gracefully
+ *
+ * This should be imported at the SDK entry point (index.ts) to ensure it runs first.
+ */
+import * as secp256k1 from '@noble/secp256k1';
+import * as ed25519 from '@noble/ed25519';
+import { sha256, sha512 } from '@noble/hashes/sha2.js';
+import { hmac } from '@noble/hashes/hmac.js';
+import { concatBytes } from '@noble/hashes/utils.js';
+// Implementation functions
+const sha512Impl = (...msgs) => sha512(concatBytes(...msgs));
+const hmacSha256Impl = (key, ...msgs) => hmac(sha256, key, concatBytes(...msgs));
+/**
+ * Safely set a property on an object, handling readonly properties
+ */
+function safeSetProperty(obj, prop, value, options) {
+    try {
+        obj[prop] = value;
+        return true;
+    }
+    catch {
+        // Property might be readonly, try defineProperty
+        try {
+            Object.defineProperty(obj, prop, {
+                value,
+                writable: options?.writable ?? true,
+                configurable: options?.configurable ?? true,
+            });
+            return true;
+        }
+        catch {
+            // If both fail, property might already be set or truly readonly
+            return false;
+        }
+    }
+}
+/**
+ * Initialize @noble/secp256k1 with hmacSha256Sync utility
+ */
+function initSecp256k1() {
+    const sAny = secp256k1;
+    if (!sAny?.utils) {
+        // Try to create utils object if it doesn't exist
+        try {
+            sAny.utils = {};
+        }
+        catch {
+            // If we can't create it, try defineProperty
+            Object.defineProperty(sAny, 'utils', {
+                value: {},
+                writable: true,
+                configurable: true,
+            });
+        }
+    }
+    // Set hmacSha256Sync if not already set
+    if (typeof sAny.utils.hmacSha256Sync !== 'function') {
+        safeSetProperty(sAny.utils, 'hmacSha256Sync', hmacSha256Impl);
+    }
+}
+/**
+ * Initialize @noble/ed25519 with sha512Sync utility
+ * Handles both etc.sha512Sync (v2.x) and utils.sha512Sync (backward compat)
+ */
+function initEd25519() {
+    const eAny = ed25519;
+    // Set etc.sha512Sync for @noble/ed25519 v2.x (required)
+    if (eAny?.etc && typeof eAny.etc.sha512Sync !== 'function') {
+        safeSetProperty(eAny.etc, 'sha512Sync', sha512Impl);
+    }
+    // Set utils.sha512Sync for backward compatibility
+    if (!eAny?.utils) {
+        try {
+            eAny.utils = {};
+        }
+        catch {
+            Object.defineProperty(eAny, 'utils', {
+                value: {},
+                writable: true,
+                configurable: true,
+            });
+        }
+    }
+    if (typeof eAny.utils.sha512Sync !== 'function') {
+        safeSetProperty(eAny.utils, 'sha512Sync', sha512Impl);
+    }
+}
+/**
+ * Initialize all noble crypto libraries
+ * This should be called once at SDK startup
+ */
+export function initNobleCrypto() {
+    initSecp256k1();
+    initEd25519();
+}
+// Auto-initialize when this module is imported
+initNobleCrypto();

package/dist/did/BtcoDidResolver.d.ts

@@ -0,0 +1,57 @@
+import type { DIDDocument } from '../types/did';
+export interface BtcoInscriptionData {
+    inscriptionId: string;
+    content: string;
+    metadata: any;
+    contentUrl?: string;
+    contentType?: string;
+    isValidDid?: boolean;
+    didDocument?: DIDDocument | null;
+    error?: string;
+}
+export interface BtcoDidResolutionResult {
+    didDocument: DIDDocument | null;
+    inscriptions?: BtcoInscriptionData[];
+    resolutionMetadata: {
+        contentType?: string;
+        error?: string;
+        message?: string;
+        inscriptionId?: string;
+        satNumber?: string;
+        network?: string;
+        totalInscriptions?: number;
+    };
+    didDocumentMetadata: {
+        created?: string;
+        updated?: string;
+        deactivated?: boolean;
+        inscriptionId?: string;
+        network?: string;
+    };
+}
+export interface ResourceProviderLike {
+    getSatInfo(satNumber: string): Promise<{
+        inscription_ids: string[];
+    }>;
+    resolveInscription(inscriptionId: string): Promise<{
+        id: string;
+        sat: number;
+        content_type: string;
+        content_url: string;
+    }>;
+    getMetadata(inscriptionId: string): Promise<any>;
+}
+export interface BtcoDidResolutionOptions {
+    provider?: ResourceProviderLike;
+    fetchFn?: (url: string) => Promise<Response>;
+    timeout?: number;
+}
+export declare class BtcoDidResolver {
+    private readonly options;
+    constructor(options?: BtcoDidResolutionOptions);
+    private parseBtcoDid;
+    private getDidPrefix;
+    resolve(did: string, options?: BtcoDidResolutionOptions): Promise<BtcoDidResolutionResult>;
+    private isValidDidDocument;
+    private createErrorResult;
+}