@ottochain/sdk 0.2.0

package/dist/cjs/metakit/hash.js

@@ -0,0 +1,84 @@
+"use strict";
+/**
+ * Hashing Utilities
+ *
+ * SHA-256 and SHA-512 hashing for the Constellation signature protocol.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.hashData = exports.computeDigest = exports.hashBytes = exports.hash = void 0;
+const js_sha256_1 = require("js-sha256");
+const js_sha512_1 = require("js-sha512");
+const binary_js_1 = require("./binary.js");
+/**
+ * Compute SHA-256 hash of canonical JSON data
+ *
+ * @param data - Any JSON-serializable object
+ * @returns Hash object with hex string and raw bytes
+ *
+ * @example
+ * ```typescript
+ * const hashResult = hash({ action: 'test' });
+ * console.log(hashResult.value); // 64-char hex string
+ * ```
+ */
+function hash(data) {
+    const bytes = (0, binary_js_1.toBytes)(data, false);
+    return hashBytes(bytes);
+}
+exports.hash = hash;
+/**
+ * Compute SHA-256 hash of raw bytes
+ *
+ * @param bytes - Input bytes
+ * @returns Hash object with hex string and raw bytes
+ */
+function hashBytes(bytes) {
+    const hashArray = js_sha256_1.sha256.array(bytes);
+    const hashUint8 = new Uint8Array(hashArray);
+    const hashHex = js_sha256_1.sha256.hex(bytes);
+    return {
+        value: hashHex,
+        bytes: hashUint8,
+    };
+}
+exports.hashBytes = hashBytes;
+/**
+ * Compute the full signing digest according to Constellation protocol
+ *
+ * Protocol:
+ * 1. Serialize data to binary (with optional DataUpdate prefix)
+ * 2. Compute SHA-256 hash
+ * 3. Convert hash to hex string
+ * 4. Treat hex string as UTF-8 bytes (NOT hex decode)
+ * 5. Compute SHA-512 of those bytes
+ * 6. Truncate to 32 bytes for secp256k1 signing
+ *
+ * @param data - Any JSON-serializable object
+ * @param isDataUpdate - Whether to apply DataUpdate encoding
+ * @returns 32-byte digest ready for ECDSA signing
+ */
+function computeDigest(data, isDataUpdate = false) {
+    // Step 1: Serialize to binary
+    const dataBytes = (0, binary_js_1.toBytes)(data, isDataUpdate);
+    // Step 2: SHA-256 hash
+    const sha256Hash = hashBytes(dataBytes);
+    // Step 3-4: Hex string as UTF-8 bytes (critical: NOT hex decode)
+    const hexAsUtf8 = new TextEncoder().encode(sha256Hash.value);
+    // Step 5: SHA-512
+    const sha512Hash = js_sha512_1.sha512.array(hexAsUtf8);
+    // Step 6: Truncate to 32 bytes
+    return new Uint8Array(sha512Hash.slice(0, 32));
+}
+exports.computeDigest = computeDigest;
+/**
+ * Compute SHA-256 hash of data with optional DataUpdate encoding
+ *
+ * @param data - Any JSON-serializable object
+ * @param isDataUpdate - Whether to apply DataUpdate encoding
+ * @returns Hash object
+ */
+function hashData(data, isDataUpdate = false) {
+    const bytes = (0, binary_js_1.toBytes)(data, isDataUpdate);
+    return hashBytes(bytes);
+}
+exports.hashData = hashData;

package/dist/cjs/metakit/index.js

@@ -0,0 +1,74 @@
+"use strict";
+/**
+ * Metakit SDK
+ *
+ * Reusable signing, encoding, and network operations for Constellation metagraphs.
+ * This module is framework-level functionality, independent of any specific metagraph domain.
+ *
+ * @packageDocumentation
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.NetworkError = exports.HttpClient = exports.DataL1Client = exports.CurrencyL1Client = exports.unitsToToken = exports.tokenToUnits = exports.isValidDagAddress = exports.getTransactionReference = exports.hashCurrencyTransaction = exports.encodeCurrencyTransaction = exports.verifyCurrencyTransaction = exports.signCurrencyTransaction = exports.createCurrencyTransactionBatch = exports.createCurrencyTransaction = exports.TOKEN_DECIMALS = exports.isValidPublicKey = exports.isValidPrivateKey = exports.getAddress = exports.getPublicKeyId = exports.getPublicKeyHex = exports.keyPairFromPrivateKey = exports.generateKeyPair = exports.batchSign = exports.addSignature = exports.createSignedObject = exports.verifySignature = exports.verifyHash = exports.verify = exports.signHash = exports.signDataUpdate = exports.sign = exports.decodeDataUpdate = exports.computeDigest = exports.hashData = exports.hashBytes = exports.hash = exports.encodeDataUpdate = exports.toBytes = exports.canonicalize = exports.CONSTELLATION_PREFIX = exports.ALGORITHM = void 0;
+var types_js_1 = require("./types.js");
+Object.defineProperty(exports, "ALGORITHM", { enumerable: true, get: function () { return types_js_1.ALGORITHM; } });
+Object.defineProperty(exports, "CONSTELLATION_PREFIX", { enumerable: true, get: function () { return types_js_1.CONSTELLATION_PREFIX; } });
+// Canonicalization
+var canonicalize_js_1 = require("./canonicalize.js");
+Object.defineProperty(exports, "canonicalize", { enumerable: true, get: function () { return canonicalize_js_1.canonicalize; } });
+// Binary encoding
+var binary_js_1 = require("./binary.js");
+Object.defineProperty(exports, "toBytes", { enumerable: true, get: function () { return binary_js_1.toBytes; } });
+Object.defineProperty(exports, "encodeDataUpdate", { enumerable: true, get: function () { return binary_js_1.encodeDataUpdate; } });
+// Hashing
+var hash_js_1 = require("./hash.js");
+Object.defineProperty(exports, "hash", { enumerable: true, get: function () { return hash_js_1.hash; } });
+Object.defineProperty(exports, "hashBytes", { enumerable: true, get: function () { return hash_js_1.hashBytes; } });
+Object.defineProperty(exports, "hashData", { enumerable: true, get: function () { return hash_js_1.hashData; } });
+Object.defineProperty(exports, "computeDigest", { enumerable: true, get: function () { return hash_js_1.computeDigest; } });
+// Codec utilities
+var codec_js_1 = require("./codec.js");
+Object.defineProperty(exports, "decodeDataUpdate", { enumerable: true, get: function () { return codec_js_1.decodeDataUpdate; } });
+// Signing
+var sign_js_1 = require("./sign.js");
+Object.defineProperty(exports, "sign", { enumerable: true, get: function () { return sign_js_1.sign; } });
+Object.defineProperty(exports, "signDataUpdate", { enumerable: true, get: function () { return sign_js_1.signDataUpdate; } });
+Object.defineProperty(exports, "signHash", { enumerable: true, get: function () { return sign_js_1.signHash; } });
+// Verification
+var verify_js_1 = require("./verify.js");
+Object.defineProperty(exports, "verify", { enumerable: true, get: function () { return verify_js_1.verify; } });
+Object.defineProperty(exports, "verifyHash", { enumerable: true, get: function () { return verify_js_1.verifyHash; } });
+Object.defineProperty(exports, "verifySignature", { enumerable: true, get: function () { return verify_js_1.verifySignature; } });
+// High-level API
+var signed_object_js_1 = require("./signed-object.js");
+Object.defineProperty(exports, "createSignedObject", { enumerable: true, get: function () { return signed_object_js_1.createSignedObject; } });
+Object.defineProperty(exports, "addSignature", { enumerable: true, get: function () { return signed_object_js_1.addSignature; } });
+Object.defineProperty(exports, "batchSign", { enumerable: true, get: function () { return signed_object_js_1.batchSign; } });
+// Wallet utilities
+var wallet_js_1 = require("./wallet.js");
+Object.defineProperty(exports, "generateKeyPair", { enumerable: true, get: function () { return wallet_js_1.generateKeyPair; } });
+Object.defineProperty(exports, "keyPairFromPrivateKey", { enumerable: true, get: function () { return wallet_js_1.keyPairFromPrivateKey; } });
+Object.defineProperty(exports, "getPublicKeyHex", { enumerable: true, get: function () { return wallet_js_1.getPublicKeyHex; } });
+Object.defineProperty(exports, "getPublicKeyId", { enumerable: true, get: function () { return wallet_js_1.getPublicKeyId; } });
+Object.defineProperty(exports, "getAddress", { enumerable: true, get: function () { return wallet_js_1.getAddress; } });
+Object.defineProperty(exports, "isValidPrivateKey", { enumerable: true, get: function () { return wallet_js_1.isValidPrivateKey; } });
+Object.defineProperty(exports, "isValidPublicKey", { enumerable: true, get: function () { return wallet_js_1.isValidPublicKey; } });
+var currency_types_js_1 = require("./currency-types.js");
+Object.defineProperty(exports, "TOKEN_DECIMALS", { enumerable: true, get: function () { return currency_types_js_1.TOKEN_DECIMALS; } });
+// Currency transaction operations
+var currency_transaction_js_1 = require("./currency-transaction.js");
+Object.defineProperty(exports, "createCurrencyTransaction", { enumerable: true, get: function () { return currency_transaction_js_1.createCurrencyTransaction; } });
+Object.defineProperty(exports, "createCurrencyTransactionBatch", { enumerable: true, get: function () { return currency_transaction_js_1.createCurrencyTransactionBatch; } });
+Object.defineProperty(exports, "signCurrencyTransaction", { enumerable: true, get: function () { return currency_transaction_js_1.signCurrencyTransaction; } });
+Object.defineProperty(exports, "verifyCurrencyTransaction", { enumerable: true, get: function () { return currency_transaction_js_1.verifyCurrencyTransaction; } });
+Object.defineProperty(exports, "encodeCurrencyTransaction", { enumerable: true, get: function () { return currency_transaction_js_1.encodeCurrencyTransaction; } });
+Object.defineProperty(exports, "hashCurrencyTransaction", { enumerable: true, get: function () { return currency_transaction_js_1.hashCurrencyTransaction; } });
+Object.defineProperty(exports, "getTransactionReference", { enumerable: true, get: function () { return currency_transaction_js_1.getTransactionReference; } });
+Object.defineProperty(exports, "isValidDagAddress", { enumerable: true, get: function () { return currency_transaction_js_1.isValidDagAddress; } });
+Object.defineProperty(exports, "tokenToUnits", { enumerable: true, get: function () { return currency_transaction_js_1.tokenToUnits; } });
+Object.defineProperty(exports, "unitsToToken", { enumerable: true, get: function () { return currency_transaction_js_1.unitsToToken; } });
+// Network operations
+var index_js_1 = require("./network/index.js");
+Object.defineProperty(exports, "CurrencyL1Client", { enumerable: true, get: function () { return index_js_1.CurrencyL1Client; } });
+Object.defineProperty(exports, "DataL1Client", { enumerable: true, get: function () { return index_js_1.DataL1Client; } });
+Object.defineProperty(exports, "HttpClient", { enumerable: true, get: function () { return index_js_1.HttpClient; } });
+Object.defineProperty(exports, "NetworkError", { enumerable: true, get: function () { return index_js_1.NetworkError; } });

package/dist/cjs/metakit/network/client.js

@@ -0,0 +1,78 @@
+"use strict";
+/**
+ * Base HTTP client for network operations
+ *
+ * @packageDocumentation
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.HttpClient = void 0;
+const types_js_1 = require("./types.js");
+const DEFAULT_TIMEOUT = 30000;
+/**
+ * Simple HTTP client using native fetch
+ */
+class HttpClient {
+    constructor(baseUrl, timeout = DEFAULT_TIMEOUT) {
+        this.baseUrl = baseUrl.replace(/\/$/, '');
+        this.defaultTimeout = timeout;
+    }
+    /**
+     * Make a GET request
+     */
+    async get(path, options = {}) {
+        return this.request('GET', path, undefined, options);
+    }
+    /**
+     * Make a POST request
+     */
+    async post(path, body, options = {}) {
+        return this.request('POST', path, body, options);
+    }
+    async request(method, path, body, options = {}) {
+        const url = `${this.baseUrl}${path}`;
+        const timeout = options.timeout ?? this.defaultTimeout;
+        const controller = new AbortController();
+        const timeoutId = setTimeout(() => controller.abort(), timeout);
+        try {
+            const headers = {
+                'Content-Type': 'application/json',
+                Accept: 'application/json',
+                ...options.headers,
+            };
+            const response = await fetch(url, {
+                method,
+                headers,
+                body: body ? JSON.stringify(body) : undefined,
+                signal: controller.signal,
+            });
+            clearTimeout(timeoutId);
+            const text = await response.text();
+            if (!response.ok) {
+                throw new types_js_1.NetworkError(`HTTP ${response.status}: ${response.statusText}`, response.status, text);
+            }
+            if (!text) {
+                return undefined;
+            }
+            try {
+                return JSON.parse(text);
+            }
+            catch {
+                return text;
+            }
+        }
+        catch (error) {
+            clearTimeout(timeoutId);
+            if (error instanceof types_js_1.NetworkError) {
+                throw error;
+            }
+            if (error instanceof Error) {
+                if (error.name === 'AbortError') {
+                    throw new types_js_1.NetworkError(`Request timeout after ${timeout}ms`);
+                }
+                throw new types_js_1.NetworkError(error.message);
+            }
+            throw new types_js_1.NetworkError('Unknown network error');
+        }
+    }
+}
+exports.HttpClient = HttpClient;

package/dist/cjs/metakit/network/currency-l1-client.js

@@ -0,0 +1,101 @@
+"use strict";
+/**
+ * Currency L1 client for submitting and querying transactions
+ *
+ * @packageDocumentation
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.CurrencyL1Client = void 0;
+const client_js_1 = require("./client.js");
+const types_js_1 = require("./types.js");
+/**
+ * Client for interacting with Currency L1 nodes
+ *
+ * @example
+ * ```typescript
+ * const client = new CurrencyL1Client({ l1Url: 'http://localhost:9010' });
+ *
+ * // Get last reference for an address
+ * const lastRef = await client.getLastReference('DAG...');
+ *
+ * // Submit a transaction
+ * const result = await client.postTransaction(signedTx);
+ *
+ * // Check transaction status
+ * const pending = await client.getPendingTransaction(result.hash);
+ * ```
+ */
+class CurrencyL1Client {
+    /**
+     * Create a new CurrencyL1Client
+     *
+     * @param config - Network configuration with l1Url
+     * @throws Error if l1Url is not provided
+     */
+    constructor(config) {
+        if (!config.l1Url) {
+            throw new Error('l1Url is required for CurrencyL1Client');
+        }
+        this.client = new client_js_1.HttpClient(config.l1Url, config.timeout);
+    }
+    /**
+     * Get the last accepted transaction reference for an address
+     *
+     * This is needed to create a new transaction that chains from
+     * the address's most recent transaction.
+     *
+     * @param address - DAG address to query
+     * @param options - Request options
+     * @returns Transaction reference with hash and ordinal
+     */
+    async getLastReference(address, options) {
+        return this.client.get(`/transactions/last-reference/${address}`, options);
+    }
+    /**
+     * Submit a signed currency transaction to the L1 network
+     *
+     * @param transaction - Signed currency transaction
+     * @param options - Request options
+     * @returns Response containing the transaction hash
+     */
+    async postTransaction(transaction, options) {
+        return this.client.post('/transactions', transaction, options);
+    }
+    /**
+     * Get a pending transaction by hash
+     *
+     * Use this to poll for transaction status after submission.
+     * Returns null if the transaction is not found (already confirmed or invalid).
+     *
+     * @param hash - Transaction hash
+     * @param options - Request options
+     * @returns Pending transaction details or null if not found
+     */
+    async getPendingTransaction(hash, options) {
+        try {
+            return await this.client.get(`/transactions/${hash}`, options);
+        }
+        catch (error) {
+            if (error instanceof types_js_1.NetworkError && error.statusCode === 404) {
+                return null;
+            }
+            throw error;
+        }
+    }
+    /**
+     * Check the health/availability of the L1 node
+     *
+     * @param options - Request options
+     * @returns True if the node is healthy
+     */
+    async checkHealth(options) {
+        try {
+            await this.client.get('/cluster/info', options);
+            return true;
+        }
+        catch {
+            return false;
+        }
+    }
+}
+exports.CurrencyL1Client = CurrencyL1Client;

package/dist/cjs/metakit/network/data-l1-client.js

@@ -0,0 +1,76 @@
+"use strict";
+/**
+ * Data L1 client for submitting data transactions to metagraphs
+ *
+ * @packageDocumentation
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.DataL1Client = void 0;
+const client_js_1 = require("./client.js");
+/**
+ * Client for interacting with Data L1 nodes (metagraphs)
+ *
+ * @example
+ * ```typescript
+ * const client = new DataL1Client({ dataL1Url: 'http://localhost:8080' });
+ *
+ * // Estimate fee for data submission
+ * const feeInfo = await client.estimateFee(signedData);
+ *
+ * // Submit data
+ * const result = await client.postData(signedData);
+ * ```
+ */
+class DataL1Client {
+    /**
+     * Create a new DataL1Client
+     *
+     * @param config - Network configuration with dataL1Url
+     * @throws Error if dataL1Url is not provided
+     */
+    constructor(config) {
+        if (!config.dataL1Url) {
+            throw new Error('dataL1Url is required for DataL1Client');
+        }
+        this.client = new client_js_1.HttpClient(config.dataL1Url, config.timeout);
+    }
+    /**
+     * Estimate the fee for submitting data
+     *
+     * Some metagraphs charge fees for data submissions.
+     * Call this before postData to know the required fee.
+     *
+     * @param data - Signed data object to estimate fee for
+     * @param options - Request options
+     * @returns Fee estimate with amount and destination address
+     */
+    async estimateFee(data, options) {
+        return this.client.post('/data/estimate-fee', data, options);
+    }
+    /**
+     * Submit signed data to the Data L1 node
+     *
+     * @param data - Signed data object to submit
+     * @param options - Request options
+     * @returns Response containing the data hash
+     */
+    async postData(data, options) {
+        return this.client.post('/data', data, options);
+    }
+    /**
+     * Check the health/availability of the Data L1 node
+     *
+     * @param options - Request options
+     * @returns True if the node is healthy
+     */
+    async checkHealth(options) {
+        try {
+            await this.client.get('/cluster/info', options);
+            return true;
+        }
+        catch {
+            return false;
+        }
+    }
+}
+exports.DataL1Client = DataL1Client;

package/dist/cjs/metakit/network/index.js

@@ -0,0 +1,16 @@
+"use strict";
+/**
+ * Network operations for L1 node interactions
+ *
+ * @packageDocumentation
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.NetworkError = exports.HttpClient = exports.DataL1Client = exports.CurrencyL1Client = void 0;
+var currency_l1_client_js_1 = require("./currency-l1-client.js");
+Object.defineProperty(exports, "CurrencyL1Client", { enumerable: true, get: function () { return currency_l1_client_js_1.CurrencyL1Client; } });
+var data_l1_client_js_1 = require("./data-l1-client.js");
+Object.defineProperty(exports, "DataL1Client", { enumerable: true, get: function () { return data_l1_client_js_1.DataL1Client; } });
+var client_js_1 = require("./client.js");
+Object.defineProperty(exports, "HttpClient", { enumerable: true, get: function () { return client_js_1.HttpClient; } });
+var types_js_1 = require("./types.js");
+Object.defineProperty(exports, "NetworkError", { enumerable: true, get: function () { return types_js_1.NetworkError; } });

package/dist/cjs/metakit/network/types.js

@@ -0,0 +1,20 @@
+"use strict";
+/**
+ * Network types for L1 client operations
+ *
+ * @packageDocumentation
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.NetworkError = void 0;
+/**
+ * Network error with status code and response details
+ */
+class NetworkError extends Error {
+    constructor(message, statusCode, responseBody) {
+        super(message);
+        this.name = 'NetworkError';
+        this.statusCode = statusCode;
+        this.responseBody = responseBody;
+    }
+}
+exports.NetworkError = NetworkError;

package/dist/cjs/metakit/sign.js

@@ -0,0 +1,120 @@
+"use strict";
+/**
+ * Signing Functions
+ *
+ * ECDSA signing using secp256k1 curve via dag4js.
+ * Implements the Constellation signature protocol.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.signHash = exports.signDataUpdate = exports.sign = void 0;
+const dag4_1 = require("@stardust-collective/dag4");
+const js_sha256_1 = require("js-sha256");
+const canonicalize_js_1 = require("./canonicalize.js");
+/**
+ * Sign data using the regular Constellation protocol (non-DataUpdate)
+ *
+ * Protocol:
+ * 1. Canonicalize JSON (RFC 8785)
+ * 2. SHA-256 hash the canonical JSON string
+ * 3. Sign using dag4.keyStore.sign
+ *
+ * @param data - Any JSON-serializable object
+ * @param privateKey - Private key in hex format
+ * @returns SignatureProof with public key ID and signature
+ *
+ * @example
+ * ```typescript
+ * const proof = await sign({ action: 'test' }, privateKeyHex);
+ * console.log(proof.id);        // public key (128 chars)
+ * console.log(proof.signature); // DER signature
+ * ```
+ */
+async function sign(data, privateKey) {
+    // Step 1: Canonicalize JSON (RFC 8785)
+    const canonicalJson = (0, canonicalize_js_1.canonicalize)(data);
+    // Step 2-3: UTF-8 encode and SHA-256 hash (sha256 handles UTF-8 encoding internally)
+    // Returns 64-character hex string
+    const hashHex = (0, js_sha256_1.sha256)(canonicalJson);
+    // Step 4-6: dag4.keyStore.sign internally:
+    //   4. Treats hashHex as UTF-8 bytes
+    //   5. SHA-512 hashes those bytes, truncates to 32 bytes
+    //   6. Signs with ECDSA secp256k1
+    const signature = await dag4_1.dag4.keyStore.sign(privateKey, hashHex);
+    // Get public key ID (without 04 prefix)
+    const publicKey = dag4_1.dag4.keyStore.getPublicKeyFromPrivate(privateKey, false);
+    const id = normalizePublicKeyId(publicKey);
+    return { id, signature };
+}
+exports.sign = sign;
+/**
+ * Sign data as a DataUpdate (with Constellation prefix)
+ *
+ * Protocol:
+ * 1. Canonicalize JSON (RFC 8785)
+ * 2. Base64 encode the canonical JSON
+ * 3. Sign using dag4.keyStore.dataSign (adds Constellation prefix internally)
+ *
+ * @param data - Any JSON-serializable object
+ * @param privateKey - Private key in hex format
+ * @returns SignatureProof
+ */
+async function signDataUpdate(data, privateKey) {
+    // Step 1: Canonicalize JSON
+    const canonicalJson = (0, canonicalize_js_1.canonicalize)(data);
+    // Step 2: Base64 encode for dataSign
+    const base64String = Buffer.from(canonicalJson, 'utf-8').toString('base64');
+    // Step 3: Sign using dag4's dataSign (handles Constellation prefix internally)
+    const signature = await dag4_1.dag4.keyStore.dataSign(privateKey, base64String);
+    // Get public key ID
+    const publicKey = dag4_1.dag4.keyStore.getPublicKeyFromPrivate(privateKey, false);
+    const id = normalizePublicKeyId(publicKey);
+    return { id, signature };
+}
+exports.signDataUpdate = signDataUpdate;
+/**
+ * Sign a pre-computed SHA-256 hash
+ *
+ * This is the low-level signing function. Use `sign()` or `signDataUpdate()`
+ * for most use cases.
+ *
+ * Protocol (performed by dag4.keyStore.sign):
+ * 1. Treat hashHex as UTF-8 bytes (64 ASCII characters = 64 bytes)
+ * 2. SHA-512 hash those bytes (produces 64 bytes)
+ * 3. Truncate to first 32 bytes (for secp256k1 curve order)
+ * 4. Sign with ECDSA secp256k1
+ * 5. Return DER-encoded signature
+ *
+ * @param hashHex - SHA-256 hash as 64-character hex string
+ * @param privateKey - Private key in hex format (64 characters)
+ * @returns DER-encoded signature in hex format
+ *
+ * @example
+ * ```typescript
+ * // Compute your own hash
+ * const hashHex = sha256(myData);
+ * const signature = await signHash(hashHex, privateKey);
+ * ```
+ */
+async function signHash(hashHex, privateKey) {
+    // dag4.keyStore.sign performs:
+    // 1. SHA-512 of hashHex (treating 64 hex chars as UTF-8 bytes)
+    // 2. Truncation to 32 bytes (handled internally by crypto library)
+    // 3. ECDSA signing with secp256k1
+    return dag4_1.dag4.keyStore.sign(privateKey, hashHex);
+}
+exports.signHash = signHash;
+/**
+ * Normalize public key to ID format (without 04 prefix, 128 chars)
+ */
+function normalizePublicKeyId(publicKey) {
+    // If 130 chars (with 04 prefix), remove prefix
+    if (publicKey.length === 130 && publicKey.startsWith('04')) {
+        return publicKey.substring(2);
+    }
+    // If 128 chars (without prefix), return as-is
+    if (publicKey.length === 128) {
+        return publicKey;
+    }
+    // Otherwise return as-is and let validation catch issues
+    return publicKey;
+}

package/dist/cjs/metakit/signed-object.js

@@ -0,0 +1,100 @@
+"use strict";
+/**
+ * High-Level Signed Object API
+ *
+ * Convenience functions for creating and managing signed objects.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.batchSign = exports.addSignature = exports.createSignedObject = void 0;
+const sign_js_1 = require("./sign.js");
+/**
+ * Create a signed object with a single signature
+ *
+ * @param value - Any JSON-serializable object
+ * @param privateKey - Private key in hex format
+ * @param options - Signing options
+ * @returns Signed object ready for submission
+ *
+ * @example
+ * ```typescript
+ * // Sign a regular data object
+ * const signed = await createSignedObject(myData, privateKey);
+ *
+ * // Sign as DataUpdate for L1 submission
+ * const signedUpdate = await createSignedObject(myData, privateKey, { isDataUpdate: true });
+ * ```
+ */
+async function createSignedObject(value, privateKey, options = {}) {
+    const { isDataUpdate = false } = options;
+    const proof = isDataUpdate
+        ? await (0, sign_js_1.signDataUpdate)(value, privateKey)
+        : await (0, sign_js_1.sign)(value, privateKey);
+    return {
+        value,
+        proofs: [proof],
+    };
+}
+exports.createSignedObject = createSignedObject;
+/**
+ * Add an additional signature to an existing signed object
+ *
+ * This allows building multi-signature objects where multiple parties
+ * need to sign the same data.
+ *
+ * @param signed - Existing signed object
+ * @param privateKey - Private key in hex format
+ * @param options - Signing options (must match original signing)
+ * @returns New signed object with additional proof
+ *
+ * @example
+ * ```typescript
+ * // First party signs
+ * let signed = await createSignedObject(data, party1Key);
+ *
+ * // Second party adds signature
+ * signed = await addSignature(signed, party2Key);
+ *
+ * // Now has 2 proofs
+ * console.log(signed.proofs.length); // 2
+ * ```
+ */
+async function addSignature(signed, privateKey, options = {}) {
+    const { isDataUpdate = false } = options;
+    const newProof = isDataUpdate
+        ? await (0, sign_js_1.signDataUpdate)(signed.value, privateKey)
+        : await (0, sign_js_1.sign)(signed.value, privateKey);
+    return {
+        value: signed.value,
+        proofs: [...signed.proofs, newProof],
+    };
+}
+exports.addSignature = addSignature;
+/**
+ * Create a signed object with multiple signatures at once
+ *
+ * Useful when you have access to multiple private keys and want
+ * to create a multi-sig object in one operation.
+ *
+ * @param value - Any JSON-serializable object
+ * @param privateKeys - Array of private keys in hex format
+ * @param options - Signing options
+ * @returns Signed object with multiple proofs
+ *
+ * @example
+ * ```typescript
+ * const signed = await batchSign(data, [key1, key2, key3]);
+ * console.log(signed.proofs.length); // 3
+ * ```
+ */
+async function batchSign(value, privateKeys, options = {}) {
+    if (privateKeys.length === 0) {
+        throw new Error('At least one private key is required');
+    }
+    const { isDataUpdate = false } = options;
+    const proofs = await Promise.all(privateKeys.map((key) => (isDataUpdate ? (0, sign_js_1.signDataUpdate)(value, key) : (0, sign_js_1.sign)(value, key))));
+    return {
+        value,
+        proofs,
+    };
+}
+exports.batchSign = batchSign;