@ottochain/sdk 2.3.0 → 2.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/apps/contracts/index.js +15 -8
- package/dist/cjs/apps/contracts/state-machines/contract-agreement.js +35 -40
- package/dist/cjs/apps/contracts/state-machines/contract-escrow.js +80 -37
- package/dist/cjs/apps/contracts/state-machines/contract-universal.js +4 -4
- package/dist/cjs/apps/corporate/index.js +2 -2
- package/dist/cjs/apps/corporate/state-machines/corp-board.js +169 -59
- package/dist/cjs/apps/corporate/state-machines/corp-entity.js +245 -47
- package/dist/cjs/apps/corporate/state-machines/corp-securities.js +407 -99
- package/dist/cjs/apps/corporate/state-machines/corp-shareholders.js +151 -37
- package/dist/cjs/apps/governance/index.js +14 -14
- package/dist/cjs/apps/governance/state-machines/dao-multisig.js +58 -40
- package/dist/cjs/apps/governance/state-machines/dao-reputation.js +46 -40
- package/dist/cjs/apps/governance/state-machines/dao-single.js +28 -11
- package/dist/cjs/apps/governance/state-machines/dao-token.js +67 -41
- package/dist/cjs/apps/governance/state-machines/governance-simple.js +93 -61
- package/dist/cjs/apps/governance/state-machines/governance-universal.js +2 -2
- package/dist/cjs/apps/identity/constants.js +55 -14
- package/dist/cjs/apps/identity/index.js +27 -11
- package/dist/cjs/apps/identity/state-machines/identity-agent.js +3 -3
- package/dist/cjs/apps/identity/state-machines/identity-oracle.js +25 -22
- package/dist/cjs/apps/identity/state-machines/identity-registry.js +288 -0
- package/dist/cjs/apps/identity/state-machines/identity-universal.js +3 -3
- package/dist/cjs/apps/identity/state-machines/index.js +3 -1
- package/dist/cjs/apps/index.js +19 -8
- package/dist/cjs/apps/lending/assets.js +223 -0
- package/dist/cjs/apps/lending/credit-scoring.js +87 -0
- package/dist/cjs/apps/lending/eligibility.js +121 -0
- package/dist/cjs/apps/lending/index.js +91 -0
- package/dist/cjs/apps/lending/state-machines/index.js +9 -0
- package/dist/cjs/apps/lending/state-machines/lending-zk-loan.js +412 -0
- package/dist/cjs/apps/markets/index.js +21 -11
- package/dist/cjs/apps/markets/state-machines/market-auction.js +14 -13
- package/dist/cjs/apps/markets/state-machines/market-crowdfund.js +29 -24
- package/dist/cjs/apps/markets/state-machines/market-group-buy.js +24 -26
- package/dist/cjs/apps/markets/state-machines/market-prediction.js +80 -53
- package/dist/cjs/apps/markets/state-machines/market-universal.js +5 -5
- package/dist/cjs/apps/oracles/index.js +2 -2
- package/dist/cjs/errors.js +3 -3
- package/dist/cjs/generated/google/protobuf/struct.js +4 -4
- package/dist/cjs/generated/index.js +11 -7
- package/dist/cjs/generated/openapi.js +6 -0
- package/dist/cjs/generated/ottochain/apps/contracts/v1/contract.js +50 -50
- package/dist/cjs/generated/ottochain/apps/corporate/v1/corporate.js +19 -20
- package/dist/cjs/generated/ottochain/apps/governance/v1/governance.js +13 -13
- package/dist/cjs/generated/ottochain/apps/identity/v1/attestation.js +4 -4
- package/dist/cjs/generated/ottochain/apps/identity/v1/identity.js +124 -130
- package/dist/cjs/generated/ottochain/apps/markets/v1/market.js +107 -107
- package/dist/cjs/generated/ottochain/v1/common.js +4 -4
- package/dist/cjs/generated/ottochain/v1/fiber.js +4 -4
- package/dist/cjs/index.js +41 -7
- package/dist/cjs/openapi.js +2 -0
- package/dist/cjs/ottochain/drop-nulls.js +1 -2
- package/dist/cjs/ottochain/genesis-manifest.js +11 -11
- package/dist/cjs/ottochain/index.js +23 -13
- package/dist/cjs/ottochain/metagraph-client.js +65 -8
- package/dist/cjs/ottochain/snapshot.js +11 -12
- package/dist/cjs/ottochain/transaction.js +57 -14
- package/dist/cjs/ottochain/types.js +16 -2
- package/dist/cjs/privacy/index.js +14 -0
- package/dist/cjs/privacy/sealed-bid.js +210 -0
- package/dist/cjs/privacy/shield-app.js +131 -0
- package/dist/cjs/schema/effects.js +40 -0
- package/dist/cjs/schema/fiber-app.js +19 -13
- package/dist/cjs/schema/guard-lint.js +352 -0
- package/dist/cjs/schema/guards.js +246 -0
- package/dist/cjs/signing.js +80 -0
- package/dist/cjs/types.js +2 -3
- package/dist/cjs/validation.js +8 -8
- package/dist/cjs/verify.js +9 -4
- package/dist/cjs/zk/commit.js +53 -0
- package/dist/cjs/zk/guard.js +107 -0
- package/dist/cjs/zk/index.js +48 -0
- package/dist/cjs/zk/preimage.js +37 -0
- package/dist/cjs/zk/prover.js +87 -0
- package/dist/cjs/zk/registry.js +62 -0
- package/dist/cjs/zk/types.js +28 -0
- package/dist/cjs/zk/witness.js +19 -0
- package/dist/esm/apps/contracts/index.js +7 -3
- package/dist/esm/apps/contracts/state-machines/contract-agreement.js +35 -40
- package/dist/esm/apps/contracts/state-machines/contract-escrow.js +80 -37
- package/dist/esm/apps/contracts/state-machines/contract-universal.js +4 -4
- package/dist/esm/apps/corporate/state-machines/corp-board.js +169 -59
- package/dist/esm/apps/corporate/state-machines/corp-entity.js +245 -47
- package/dist/esm/apps/corporate/state-machines/corp-securities.js +407 -99
- package/dist/esm/apps/corporate/state-machines/corp-shareholders.js +151 -37
- package/dist/esm/apps/governance/state-machines/dao-multisig.js +58 -40
- package/dist/esm/apps/governance/state-machines/dao-reputation.js +46 -40
- package/dist/esm/apps/governance/state-machines/dao-single.js +28 -11
- package/dist/esm/apps/governance/state-machines/dao-token.js +67 -41
- package/dist/esm/apps/governance/state-machines/governance-simple.js +93 -61
- package/dist/esm/apps/governance/state-machines/governance-universal.js +2 -2
- package/dist/esm/apps/identity/constants.js +51 -12
- package/dist/esm/apps/identity/index.js +12 -7
- package/dist/esm/apps/identity/state-machines/identity-agent.js +3 -3
- package/dist/esm/apps/identity/state-machines/identity-oracle.js +25 -22
- package/dist/esm/apps/identity/state-machines/identity-registry.js +285 -0
- package/dist/esm/apps/identity/state-machines/identity-universal.js +3 -3
- package/dist/esm/apps/identity/state-machines/index.js +1 -0
- package/dist/esm/apps/index.js +1 -0
- package/dist/esm/apps/lending/assets.js +207 -0
- package/dist/esm/apps/lending/credit-scoring.js +81 -0
- package/dist/esm/apps/lending/eligibility.js +115 -0
- package/dist/esm/apps/lending/index.js +69 -0
- package/dist/esm/apps/lending/state-machines/index.js +5 -0
- package/dist/esm/apps/lending/state-machines/lending-zk-loan.js +409 -0
- package/dist/esm/apps/markets/index.js +8 -4
- package/dist/esm/apps/markets/state-machines/market-auction.js +14 -13
- package/dist/esm/apps/markets/state-machines/market-crowdfund.js +29 -24
- package/dist/esm/apps/markets/state-machines/market-group-buy.js +24 -26
- package/dist/esm/apps/markets/state-machines/market-prediction.js +80 -53
- package/dist/esm/apps/markets/state-machines/market-universal.js +5 -5
- package/dist/esm/generated/index.js +9 -5
- package/dist/esm/generated/openapi.js +5 -0
- package/dist/esm/generated/ottochain/apps/contracts/v1/contract.js +46 -46
- package/dist/esm/generated/ottochain/apps/identity/v1/identity.js +114 -120
- package/dist/esm/generated/ottochain/apps/markets/v1/market.js +100 -100
- package/dist/esm/index.js +21 -2
- package/dist/esm/openapi.js +1 -0
- package/dist/esm/ottochain/genesis-manifest.js +9 -9
- package/dist/esm/ottochain/index.js +2 -3
- package/dist/esm/ottochain/metagraph-client.js +65 -8
- package/dist/esm/ottochain/snapshot.js +4 -4
- package/dist/esm/ottochain/transaction.js +43 -3
- package/dist/esm/ottochain/types.js +15 -1
- package/dist/esm/privacy/index.js +6 -0
- package/dist/esm/privacy/sealed-bid.js +206 -0
- package/dist/esm/privacy/shield-app.js +127 -0
- package/dist/esm/schema/effects.js +35 -0
- package/dist/esm/schema/fiber-app.js +13 -6
- package/dist/esm/schema/guard-lint.js +346 -0
- package/dist/esm/schema/guards.js +229 -0
- package/dist/esm/signing.js +74 -0
- package/dist/esm/verify.js +8 -2
- package/dist/esm/zk/commit.js +44 -0
- package/dist/esm/zk/guard.js +99 -0
- package/dist/esm/zk/index.js +19 -0
- package/dist/esm/zk/preimage.js +30 -0
- package/dist/esm/zk/prover.js +82 -0
- package/dist/esm/zk/registry.js +55 -0
- package/dist/esm/zk/types.js +25 -0
- package/dist/esm/zk/witness.js +15 -0
- package/dist/types/apps/contracts/index.d.ts +69 -209
- package/dist/types/apps/contracts/state-machines/contract-agreement.d.ts +20 -95
- package/dist/types/apps/contracts/state-machines/contract-escrow.d.ts +46 -112
- package/dist/types/apps/corporate/index.d.ts +1040 -304
- package/dist/types/apps/corporate/state-machines/corp-board.d.ts +188 -52
- package/dist/types/apps/corporate/state-machines/corp-entity.d.ts +267 -62
- package/dist/types/apps/corporate/state-machines/corp-securities.d.ts +355 -131
- package/dist/types/apps/corporate/state-machines/corp-shareholders.d.ts +225 -53
- package/dist/types/apps/governance/index.d.ts +296 -398
- package/dist/types/apps/governance/state-machines/dao-multisig.d.ts +77 -92
- package/dist/types/apps/governance/state-machines/dao-reputation.d.ts +42 -66
- package/dist/types/apps/governance/state-machines/dao-single.d.ts +25 -47
- package/dist/types/apps/governance/state-machines/dao-token.d.ts +60 -49
- package/dist/types/apps/governance/state-machines/governance-simple.d.ts +87 -117
- package/dist/types/apps/governance/state-machines/governance-universal.d.ts +2 -2
- package/dist/types/apps/identity/constants.d.ts +32 -4
- package/dist/types/apps/identity/index.d.ts +378 -94
- package/dist/types/apps/identity/state-machines/identity-oracle.d.ts +16 -87
- package/dist/types/apps/identity/state-machines/identity-registry.d.ts +379 -0
- package/dist/types/apps/identity/state-machines/index.d.ts +1 -0
- package/dist/types/apps/index.d.ts +1 -0
- package/dist/types/apps/lending/assets.d.ts +258 -0
- package/dist/types/apps/lending/credit-scoring.d.ts +80 -0
- package/dist/types/apps/lending/eligibility.d.ts +83 -0
- package/dist/types/apps/lending/index.d.ts +548 -0
- package/dist/types/apps/lending/state-machines/index.d.ts +5 -0
- package/dist/types/apps/lending/state-machines/lending-zk-loan.d.ts +528 -0
- package/dist/types/apps/markets/index.d.ts +108 -203
- package/dist/types/apps/markets/state-machines/market-auction.d.ts +13 -37
- package/dist/types/apps/markets/state-machines/market-crowdfund.d.ts +16 -34
- package/dist/types/apps/markets/state-machines/market-group-buy.d.ts +17 -43
- package/dist/types/apps/markets/state-machines/market-prediction.d.ts +51 -72
- package/dist/types/apps/markets/state-machines/market-universal.d.ts +5 -5
- package/dist/types/generated/index.d.ts +5 -5
- package/dist/types/generated/openapi.d.ts +1257 -0
- package/dist/types/generated/ottochain/apps/contracts/v1/contract.d.ts +5 -5
- package/dist/types/generated/ottochain/apps/identity/v1/identity.d.ts +12 -12
- package/dist/types/generated/ottochain/apps/markets/v1/market.d.ts +11 -11
- package/dist/types/index.d.ts +6 -2
- package/dist/types/openapi.d.ts +22 -0
- package/dist/types/ottochain/genesis-manifest.d.ts +5 -5
- package/dist/types/ottochain/index.d.ts +5 -6
- package/dist/types/ottochain/metagraph-client.d.ts +49 -7
- package/dist/types/ottochain/snapshot.d.ts +6 -6
- package/dist/types/ottochain/transaction.d.ts +33 -1
- package/dist/types/ottochain/types.d.ts +335 -30
- package/dist/types/privacy/index.d.ts +6 -0
- package/dist/types/privacy/sealed-bid.d.ts +348 -0
- package/dist/types/privacy/shield-app.d.ts +48 -0
- package/dist/types/schema/effects.d.ts +34 -0
- package/dist/types/schema/fiber-app.d.ts +1 -2
- package/dist/types/schema/guard-lint.d.ts +111 -0
- package/dist/types/schema/guards.d.ts +134 -0
- package/dist/types/signing.d.ts +45 -0
- package/dist/types/validation.d.ts +22 -217
- package/dist/types/verify.d.ts +4 -0
- package/dist/types/zk/commit.d.ts +28 -0
- package/dist/types/zk/guard.d.ts +46 -0
- package/dist/types/zk/index.d.ts +19 -0
- package/dist/types/zk/preimage.d.ts +10 -0
- package/dist/types/zk/prover.d.ts +34 -0
- package/dist/types/zk/registry.d.ts +34 -0
- package/dist/types/zk/types.d.ts +33 -0
- package/dist/types/zk/witness.d.ts +40 -0
- package/package.json +27 -13
- package/dist/cjs/ottochain/normalize.js +0 -186
- package/dist/esm/ottochain/normalize.js +0 -179
- package/dist/types/ottochain/normalize.d.ts +0 -79
|
@@ -0,0 +1,134 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Canonical authorization-guard builders — bind "who may act" to the CHAIN-VERIFIED signer of the op,
|
|
3
|
+
* never to an attacker-supplied payload field.
|
|
4
|
+
*
|
|
5
|
+
* The forgeable anti-pattern (security audit class F1): `{"===":[{"var":"event.agent"}, {"var":"state.party"}]}`.
|
|
6
|
+
* The fiber engine injects `event` as the RAW transition payload (ContextProvider: `EVENT -> payload`),
|
|
7
|
+
* so `event.agent` is whatever the submitter wrote — a different party's address forges authorization.
|
|
8
|
+
* The chain ALSO injects `proofs` = `[{address, id, signature}]` where `address = id.toAddress` (the
|
|
9
|
+
* VERIFIED signer addresses). Authorization must bind to THAT. For ASSET ops (mint/burn/morphism) the
|
|
10
|
+
* context has no `event`/`proofs`; it injects `signers` (an array of verified address strings) instead.
|
|
11
|
+
*
|
|
12
|
+
* Use these so the safe pattern is consistent, greppable, and impossible to get subtly wrong.
|
|
13
|
+
*/
|
|
14
|
+
/** A JSON-Logic guard expression (plain JSON). */
|
|
15
|
+
export type GuardRule = Record<string, unknown>;
|
|
16
|
+
/**
|
|
17
|
+
* FIBER-transition authorization: the pinned `partyVar` (a `state` path holding an address, e.g.
|
|
18
|
+
* `"state.borrower"`) MUST be among the op's verified signers (`proofs[].address`). The replay-safe
|
|
19
|
+
* replacement for `{"===":[{"var":"event.agent"}, {"var":partyVar}]}`.
|
|
20
|
+
*/
|
|
21
|
+
export declare const signerIsParty: (partyVar: string) => GuardRule;
|
|
22
|
+
/** FIBER-transition authorization where ANY of the pinned parties signed (e.g. borrower OR lender). */
|
|
23
|
+
export declare const signerIsAnyParty: (partyVars: string[]) => GuardRule;
|
|
24
|
+
/**
|
|
25
|
+
* FIBER-transition authorization where the actor must be a MEMBER of a pinned set: at least one
|
|
26
|
+
* VERIFIED signer is in the `setVar` array (e.g. `"state.signers"`, `"state.members"`, `"state.oracles"`).
|
|
27
|
+
* The replay-safe replacement for `{"in":[{"var":"event.agent"}, {"var":setVar}]}`.
|
|
28
|
+
*/
|
|
29
|
+
export declare const signerInSet: (setVar: string) => GuardRule;
|
|
30
|
+
/**
|
|
31
|
+
* FIBER-transition ANTI-SELF guard: NO verified signer is the pinned party (e.g. a proposal author may
|
|
32
|
+
* not vote on their own proposal). The replay-safe replacement for `{"!==":[{"var":"event.agent"}, {"var":partyVar}]}`.
|
|
33
|
+
*/
|
|
34
|
+
export declare const signerIsNotParty: (partyVar: string) => GuardRule;
|
|
35
|
+
/**
|
|
36
|
+
* FIBER-transition authorization / dedup over a state MAP keyed by address: at least one VERIFIED signer
|
|
37
|
+
* is a key in `mapVar` (e.g. `"state.members"`, `"state.balances"`). The replay-safe replacement for the
|
|
38
|
+
* forgeable `{"getKey":[{"var":mapVar}, {"var":"event.agent"}]}` membership/presence check (note metakit
|
|
39
|
+
* has no `getKey`; use `get`/`has`). For a "no signer has acted yet" dedup, negate: `{"!":[signerHasEntry(...)]}`.
|
|
40
|
+
* For a per-actor VALUE threshold (e.g. balance >= N), build the `some` directly:
|
|
41
|
+
* `{"some":[{"map":[proofs,address]},{">=":[{"get":[mapVar,{"var":""}]}, N]}]}`.
|
|
42
|
+
*/
|
|
43
|
+
export declare const signerHasEntry: (mapVar: string) => GuardRule;
|
|
44
|
+
/**
|
|
45
|
+
* ASSET-op authorization (mintPolicy / burnPolicy / MorphismSpec.guard): the address at `addressVar`
|
|
46
|
+
* (e.g. `"holder.Wallet.address"`) MUST be among the op's verified `signers`. The asset context has no
|
|
47
|
+
* `event` or `proofs` — it injects `signers` directly.
|
|
48
|
+
*/
|
|
49
|
+
export declare const assetSignerIs: (addressVar: string) => GuardRule;
|
|
50
|
+
/**
|
|
51
|
+
* EFFECT-KEY BINDING: prove the event's claimed actor (`actorVar`, default `event.agent`) is a
|
|
52
|
+
* CHAIN-VERIFIED signer, so that field is SAFE to use as a dynamic map key / array element in the
|
|
53
|
+
* EFFECT (`{"set":[map,{"var":"event.agent"},v]}`, `{"cat":[arr,[{"var":"event.agent"}]]}`).
|
|
54
|
+
*
|
|
55
|
+
* This is the coupling clause for the map-write remediation: a guard may authorize via membership /
|
|
56
|
+
* balance / reputation, but if the EFFECT writes under `event.agent` WITHOUT this clause, an attacker
|
|
57
|
+
* sets `event.agent` to a victim's address and writes under the victim's key (security class S1).
|
|
58
|
+
* Pair it with the authorization check expressed on the SAME `actorVar` — together they prove the actor
|
|
59
|
+
* both signed and is authorized, and the effect can only write under that one verified key.
|
|
60
|
+
* Structurally identical to {@link signerIsParty}; named for intent + greppability at write sites.
|
|
61
|
+
*/
|
|
62
|
+
export declare const actorIsSigner: (actorVar?: string) => GuardRule;
|
|
63
|
+
/**
|
|
64
|
+
* EFFECT-KEY-BINDING membership: the event's claimed actor (`actorVar`, default `event.agent`) is BOTH
|
|
65
|
+
* a CHAIN-VERIFIED signer AND a member of the pinned set `setVar` (e.g. `"state.signers"`,
|
|
66
|
+
* `"state.members"`). Use when the EFFECT writes a map/array keyed by that actor and authorization is
|
|
67
|
+
* set-membership. It proves the EXACT actor whose key is written both signed and is authorized — closing
|
|
68
|
+
* the S1 forge AND the subtler gap {@link signerInSet} leaves open: `signerInSet` only proves SOME
|
|
69
|
+
* verified signer is a member, so an op co-signed by an authorized signer could still write a DIFFERENT
|
|
70
|
+
* verified-but-unauthorized address as the key (padding a signature/vote tally). `actorInSet` pins both
|
|
71
|
+
* to the same `actorVar`.
|
|
72
|
+
*/
|
|
73
|
+
export declare const actorInSet: (setVar: string, actorVar?: string) => GuardRule;
|
|
74
|
+
/**
|
|
75
|
+
* EFFECT-KEY-BINDING map membership: the claimed actor (`actorVar`, default `event.agent`) is BOTH a
|
|
76
|
+
* CHAIN-VERIFIED signer AND a key in the pinned state MAP `mapVar` (e.g. `"state.members"`,
|
|
77
|
+
* `"state.balances"`). The map analog of {@link actorInSet} — use it when the membership set is a dict
|
|
78
|
+
* keyed by address, where `in` does not apply and `has` checks key presence. Use when the EFFECT writes
|
|
79
|
+
* `mapVar` (or a per-actor tally) keyed by that actor: it proves the EXACT written key both signed and
|
|
80
|
+
* is an authorized member, closing the vote/signature-stuffing gap that bare {@link signerHasEntry}
|
|
81
|
+
* leaves open (which only proves SOME verified signer is a key, not that the written key is).
|
|
82
|
+
*/
|
|
83
|
+
export declare const actorHasEntry: (mapVar: string, actorVar?: string) => GuardRule;
|
|
84
|
+
/**
|
|
85
|
+
* IDENTITY-REGISTRY reputation gate: at least one VERIFIED signer has a reputation in the registry map
|
|
86
|
+
* at `repMapVar` (a declared-dependency read, e.g. `"machines.<registryDep>.state.reputations"`, shaped
|
|
87
|
+
* `{ <address>: int }`) that is `>=` the bar read from `thresholdVar` (a state path, e.g.
|
|
88
|
+
* `"state.voteThreshold"`). A missing entry reads as null → 0 numerically, so unregistered signers
|
|
89
|
+
* fail-closed for any positive bar. The replay-safe replacement for the forgeable
|
|
90
|
+
* `{">=":[{"var":"event.agentReputation"}, bar]}` (security class S1). See
|
|
91
|
+
* docs/design/app-hardening-identity-integration.md §3–§4.1.
|
|
92
|
+
*/
|
|
93
|
+
export declare const signerHasReputation: (repMapVar: string, thresholdVar: string) => GuardRule;
|
|
94
|
+
/**
|
|
95
|
+
* IDENTITY-REGISTRY role gate: at least one VERIFIED signer holds an active role attestation, i.e. is a
|
|
96
|
+
* key in the registry's flat per-role map at `roleMapVar` (a declared-dependency read, e.g.
|
|
97
|
+
* `"machines.<registryDep>.state.arbiters"` / `".slashers"` / `".issuers"` / `".boardMembers"`, each
|
|
98
|
+
* shaped `{ <address>: true }`). The replay-safe replacement for bare `event.judicialRuling` / role
|
|
99
|
+
* escapes and `{"==":[1,1]}` missing-auth (security class S2). Roles are FLAT per-role maps (not a
|
|
100
|
+
* nested `roles[addr][ROLE]`) because metakit `get`/`has` on a null inner map ERROR rather than
|
|
101
|
+
* returning null; a flat map keeps the read total + fail-closed. See app-hardening §4.2.
|
|
102
|
+
*/
|
|
103
|
+
export declare const signerHasRole: (roleMapVar: string) => GuardRule;
|
|
104
|
+
/**
|
|
105
|
+
* DYNAMIC identity-registry reputation gate — for when the registry instance is bound at RUNTIME via the
|
|
106
|
+
* fiber-engine `_addDependency` directive (#24) rather than hardcoded into the `machines.<uuid>` path.
|
|
107
|
+
* `registryIdVar` is a state/event path holding the registry fiber id (e.g. `"state.registryId"`); the
|
|
108
|
+
* read addresses `machines[<that id>].state.reputations[<signer>]` with dynamic `get`s. Guarded by a
|
|
109
|
+
* presence check so an UNBOUND registry yields a clean `false` (fail-closed) instead of an evaluation
|
|
110
|
+
* error. REQUIRES the registry dependency to have been added in a PRIOR transition (`_addDependency`),
|
|
111
|
+
* because the `machines` context is built before the effect runs (two-phase: bind, then read).
|
|
112
|
+
*/
|
|
113
|
+
export declare const signerHasReputationVia: (registryIdVar: string, thresholdVar: string) => GuardRule;
|
|
114
|
+
/**
|
|
115
|
+
* DYNAMIC identity-registry role gate — the runtime-bound (`_addDependency`, #24) counterpart of
|
|
116
|
+
* {@link signerHasRole}. `registryIdVar` is a state/event path holding the registry fiber id;
|
|
117
|
+
* `roleField` is the registry's flat per-role state map name (`"arbiters"` / `"slashers"` / `"issuers"` /
|
|
118
|
+
* `"boardMembers"` — see REGISTRY_ROLE_MAP). Reads `machines[<id>].state.<roleField>[<signer>]`, guarded
|
|
119
|
+
* by a presence check so an UNBOUND registry yields a clean `false`. Same two-phase requirement as
|
|
120
|
+
* {@link signerHasReputationVia}.
|
|
121
|
+
*/
|
|
122
|
+
export declare const signerHasRoleVia: (registryIdVar: string, roleField: string) => GuardRule;
|
|
123
|
+
/**
|
|
124
|
+
* CROSS-FIBER STATE GATE — assert a RUNTIME-bound dependency fiber is in a required lifecycle state. The
|
|
125
|
+
* replay-safe replacement for the dropped object-form dependency
|
|
126
|
+
* `{machine, instanceRef, requiredState}` (which the chain silently drops — `requiredState` gating never
|
|
127
|
+
* happens). `refVar` is a state/event path holding the dependency's fiber id; reads
|
|
128
|
+
* `machines[<refVar>].currentStateId == requiredState`, guarded by a presence check so an UNBOUND
|
|
129
|
+
* dependency yields a clean `false` (fail-closed). TWO-PHASE (#24): the dependency fiber must have been
|
|
130
|
+
* bound by an `_addDependency` in a PRIOR transition (the `machines` context is built before the effect),
|
|
131
|
+
* so a single gated transition is split into a bind step then this assert step. See
|
|
132
|
+
* docs/design/app-hardening-identity-integration.md §5–§6.
|
|
133
|
+
*/
|
|
134
|
+
export declare const depInState: (refVar: string, requiredState: string) => GuardRule;
|
|
@@ -0,0 +1,45 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* DataUpdate Signing Wrappers — dropNulls applied internally
|
|
3
|
+
*
|
|
4
|
+
* Metakit (>= 1.8) computes content hashes by recursively dropping
|
|
5
|
+
* null-valued OBJECT fields (array nulls are preserved) before RFC 8785
|
|
6
|
+
* canonicalization (`JsonBinaryCodec.dropNulls`). This makes
|
|
7
|
+
* `Option = None` indistinguishable from an absent field, so schema
|
|
8
|
+
* evolution never changes prior hashes.
|
|
9
|
+
*
|
|
10
|
+
* The upstream `@constellation-network/metagraph-sdk` signs over the
|
|
11
|
+
* payload as-is, so a payload containing explicit nulls would be signed
|
|
12
|
+
* over different bytes than the metagraph hashes — and the node rejects
|
|
13
|
+
* the signature (HTTP 400).
|
|
14
|
+
*
|
|
15
|
+
* These wrappers shadow the upstream dataUpdate signing surface and apply
|
|
16
|
+
* `dropNulls` internally, unconditionally. Standard-mode signing
|
|
17
|
+
* (currency transactions etc.) is passed through unchanged.
|
|
18
|
+
*/
|
|
19
|
+
import type { SignatureProof, Signed, SigningOptions } from '@constellation-network/metagraph-sdk';
|
|
20
|
+
/**
|
|
21
|
+
* Sign data as a DataUpdate, hashing over null-dropped canonical bytes.
|
|
22
|
+
*
|
|
23
|
+
* Applies `dropNulls` internally so that explicit-null and absent optional
|
|
24
|
+
* fields produce identical signatures, matching metakit's content-hash rule
|
|
25
|
+
* (drop null object fields, preserve array nulls, then RFC 8785).
|
|
26
|
+
*/
|
|
27
|
+
export declare function signDataUpdate<T>(data: T, privateKey: string): SignatureProof;
|
|
28
|
+
/**
|
|
29
|
+
* Create a signed object. In `dataUpdate` mode the signature is computed
|
|
30
|
+
* over the null-dropped canonical bytes (the returned `value` is the
|
|
31
|
+
* caller's original payload, untouched).
|
|
32
|
+
*/
|
|
33
|
+
export declare function createSignedObject<T>(value: T, privateKey: string, options?: SigningOptions): Signed<T>;
|
|
34
|
+
/**
|
|
35
|
+
* Add an additional signature to an existing signed object. In
|
|
36
|
+
* `dataUpdate` mode the new signature is computed over the null-dropped
|
|
37
|
+
* canonical bytes of `signed.value`.
|
|
38
|
+
*/
|
|
39
|
+
export declare function addSignature<T>(signed: Signed<T>, privateKey: string, options?: SigningOptions): Signed<T>;
|
|
40
|
+
/**
|
|
41
|
+
* Create a signed object with multiple signatures at once. In
|
|
42
|
+
* `dataUpdate` mode all signatures are computed over the null-dropped
|
|
43
|
+
* canonical bytes (the returned `value` is the caller's original payload).
|
|
44
|
+
*/
|
|
45
|
+
export declare function batchSign<T>(value: T, privateKeys: string[], options?: SigningOptions): Signed<T>;
|
|
@@ -23,21 +23,10 @@ export declare const PublicKeySchema: z.ZodString;
|
|
|
23
23
|
* Schema for a KeyPair
|
|
24
24
|
*/
|
|
25
25
|
export declare const KeyPairSchema: z.ZodObject<{
|
|
26
|
-
/** Private key in hex format */
|
|
27
26
|
privateKey: z.ZodString;
|
|
28
|
-
/** Public key in hex format (uncompressed, with 04 prefix) */
|
|
29
27
|
publicKey: z.ZodString;
|
|
30
|
-
/** DAG address derived from the public key */
|
|
31
28
|
address: z.ZodString;
|
|
32
|
-
},
|
|
33
|
-
address: string;
|
|
34
|
-
publicKey: string;
|
|
35
|
-
privateKey: string;
|
|
36
|
-
}, {
|
|
37
|
-
address: string;
|
|
38
|
-
publicKey: string;
|
|
39
|
-
privateKey: string;
|
|
40
|
-
}>;
|
|
29
|
+
}, z.core.$strip>;
|
|
41
30
|
/**
|
|
42
31
|
* Type for a validated KeyPair
|
|
43
32
|
*/
|
|
@@ -46,17 +35,9 @@ export type ValidatedKeyPair = z.infer<typeof KeyPairSchema>;
|
|
|
46
35
|
* Schema for a SignatureProof
|
|
47
36
|
*/
|
|
48
37
|
export declare const SignatureProofSchema: z.ZodObject<{
|
|
49
|
-
/** Public key hex (uncompressed, without 04 prefix) - 128 characters */
|
|
50
38
|
id: z.ZodString;
|
|
51
|
-
/** DER-encoded ECDSA signature in hex format */
|
|
52
39
|
signature: z.ZodString;
|
|
53
|
-
},
|
|
54
|
-
id: string;
|
|
55
|
-
signature: string;
|
|
56
|
-
}, {
|
|
57
|
-
id: string;
|
|
58
|
-
signature: string;
|
|
59
|
-
}>;
|
|
40
|
+
}, z.core.$strip>;
|
|
60
41
|
/**
|
|
61
42
|
* Type for a validated SignatureProof
|
|
62
43
|
*/
|
|
@@ -67,87 +48,17 @@ export type ValidatedSignatureProof = z.infer<typeof SignatureProofSchema>;
|
|
|
67
48
|
export declare const SignedSchema: <T extends z.ZodTypeAny>(valueSchema: T) => z.ZodObject<{
|
|
68
49
|
value: T;
|
|
69
50
|
proofs: z.ZodArray<z.ZodObject<{
|
|
70
|
-
/** Public key hex (uncompressed, without 04 prefix) - 128 characters */
|
|
71
51
|
id: z.ZodString;
|
|
72
|
-
/** DER-encoded ECDSA signature in hex format */
|
|
73
52
|
signature: z.ZodString;
|
|
74
|
-
},
|
|
75
|
-
|
|
76
|
-
signature: string;
|
|
77
|
-
}, {
|
|
78
|
-
id: string;
|
|
79
|
-
signature: string;
|
|
80
|
-
}>, "many">;
|
|
81
|
-
}, "strip", z.ZodTypeAny, z.objectUtil.addQuestionMarks<z.baseObjectOutputType<{
|
|
82
|
-
value: T;
|
|
83
|
-
proofs: z.ZodArray<z.ZodObject<{
|
|
84
|
-
/** Public key hex (uncompressed, without 04 prefix) - 128 characters */
|
|
85
|
-
id: z.ZodString;
|
|
86
|
-
/** DER-encoded ECDSA signature in hex format */
|
|
87
|
-
signature: z.ZodString;
|
|
88
|
-
}, "strip", z.ZodTypeAny, {
|
|
89
|
-
id: string;
|
|
90
|
-
signature: string;
|
|
91
|
-
}, {
|
|
92
|
-
id: string;
|
|
93
|
-
signature: string;
|
|
94
|
-
}>, "many">;
|
|
95
|
-
}>, any> extends infer T_1 ? { [k in keyof T_1]: z.objectUtil.addQuestionMarks<z.baseObjectOutputType<{
|
|
96
|
-
value: T;
|
|
97
|
-
proofs: z.ZodArray<z.ZodObject<{
|
|
98
|
-
/** Public key hex (uncompressed, without 04 prefix) - 128 characters */
|
|
99
|
-
id: z.ZodString;
|
|
100
|
-
/** DER-encoded ECDSA signature in hex format */
|
|
101
|
-
signature: z.ZodString;
|
|
102
|
-
}, "strip", z.ZodTypeAny, {
|
|
103
|
-
id: string;
|
|
104
|
-
signature: string;
|
|
105
|
-
}, {
|
|
106
|
-
id: string;
|
|
107
|
-
signature: string;
|
|
108
|
-
}>, "many">;
|
|
109
|
-
}>, any>[k]; } : never, z.baseObjectInputType<{
|
|
110
|
-
value: T;
|
|
111
|
-
proofs: z.ZodArray<z.ZodObject<{
|
|
112
|
-
/** Public key hex (uncompressed, without 04 prefix) - 128 characters */
|
|
113
|
-
id: z.ZodString;
|
|
114
|
-
/** DER-encoded ECDSA signature in hex format */
|
|
115
|
-
signature: z.ZodString;
|
|
116
|
-
}, "strip", z.ZodTypeAny, {
|
|
117
|
-
id: string;
|
|
118
|
-
signature: string;
|
|
119
|
-
}, {
|
|
120
|
-
id: string;
|
|
121
|
-
signature: string;
|
|
122
|
-
}>, "many">;
|
|
123
|
-
}> extends infer T_2 ? { [k_1 in keyof T_2]: z.baseObjectInputType<{
|
|
124
|
-
value: T;
|
|
125
|
-
proofs: z.ZodArray<z.ZodObject<{
|
|
126
|
-
/** Public key hex (uncompressed, without 04 prefix) - 128 characters */
|
|
127
|
-
id: z.ZodString;
|
|
128
|
-
/** DER-encoded ECDSA signature in hex format */
|
|
129
|
-
signature: z.ZodString;
|
|
130
|
-
}, "strip", z.ZodTypeAny, {
|
|
131
|
-
id: string;
|
|
132
|
-
signature: string;
|
|
133
|
-
}, {
|
|
134
|
-
id: string;
|
|
135
|
-
signature: string;
|
|
136
|
-
}>, "many">;
|
|
137
|
-
}>[k_1]; } : never>;
|
|
53
|
+
}, z.core.$strip>>;
|
|
54
|
+
}, z.core.$strip>;
|
|
138
55
|
/**
|
|
139
56
|
* Schema for TransactionReference
|
|
140
57
|
*/
|
|
141
58
|
export declare const TransactionReferenceSchema: z.ZodObject<{
|
|
142
59
|
ordinal: z.ZodNumber;
|
|
143
60
|
hash: z.ZodString;
|
|
144
|
-
},
|
|
145
|
-
hash: string;
|
|
146
|
-
ordinal: number;
|
|
147
|
-
}, {
|
|
148
|
-
hash: string;
|
|
149
|
-
ordinal: number;
|
|
150
|
-
}>;
|
|
61
|
+
}, z.core.$strip>;
|
|
151
62
|
/**
|
|
152
63
|
* Schema for CurrencyTransactionValue
|
|
153
64
|
*/
|
|
@@ -156,17 +67,7 @@ export declare const CurrencyTransactionValueSchema: z.ZodObject<{
|
|
|
156
67
|
destination: z.ZodString;
|
|
157
68
|
amount: z.ZodNumber;
|
|
158
69
|
fee: z.ZodDefault<z.ZodNumber>;
|
|
159
|
-
},
|
|
160
|
-
amount: number;
|
|
161
|
-
destination: string;
|
|
162
|
-
source: string;
|
|
163
|
-
fee: number;
|
|
164
|
-
}, {
|
|
165
|
-
amount: number;
|
|
166
|
-
destination: string;
|
|
167
|
-
source: string;
|
|
168
|
-
fee?: number | undefined;
|
|
169
|
-
}>;
|
|
70
|
+
}, z.core.$strip>;
|
|
170
71
|
/**
|
|
171
72
|
* Schema for CurrencyTransaction
|
|
172
73
|
*/
|
|
@@ -176,50 +77,12 @@ export declare const CurrencyTransactionSchema: z.ZodObject<{
|
|
|
176
77
|
destination: z.ZodString;
|
|
177
78
|
amount: z.ZodNumber;
|
|
178
79
|
fee: z.ZodDefault<z.ZodNumber>;
|
|
179
|
-
},
|
|
180
|
-
amount: number;
|
|
181
|
-
destination: string;
|
|
182
|
-
source: string;
|
|
183
|
-
fee: number;
|
|
184
|
-
}, {
|
|
185
|
-
amount: number;
|
|
186
|
-
destination: string;
|
|
187
|
-
source: string;
|
|
188
|
-
fee?: number | undefined;
|
|
189
|
-
}>;
|
|
80
|
+
}, z.core.$strip>;
|
|
190
81
|
parent: z.ZodObject<{
|
|
191
82
|
ordinal: z.ZodNumber;
|
|
192
83
|
hash: z.ZodString;
|
|
193
|
-
},
|
|
194
|
-
|
|
195
|
-
ordinal: number;
|
|
196
|
-
}, {
|
|
197
|
-
hash: string;
|
|
198
|
-
ordinal: number;
|
|
199
|
-
}>;
|
|
200
|
-
}, "strip", z.ZodTypeAny, {
|
|
201
|
-
value: {
|
|
202
|
-
amount: number;
|
|
203
|
-
destination: string;
|
|
204
|
-
source: string;
|
|
205
|
-
fee: number;
|
|
206
|
-
};
|
|
207
|
-
parent: {
|
|
208
|
-
hash: string;
|
|
209
|
-
ordinal: number;
|
|
210
|
-
};
|
|
211
|
-
}, {
|
|
212
|
-
value: {
|
|
213
|
-
amount: number;
|
|
214
|
-
destination: string;
|
|
215
|
-
source: string;
|
|
216
|
-
fee?: number | undefined;
|
|
217
|
-
};
|
|
218
|
-
parent: {
|
|
219
|
-
hash: string;
|
|
220
|
-
ordinal: number;
|
|
221
|
-
};
|
|
222
|
-
}>;
|
|
84
|
+
}, z.core.$strip>;
|
|
85
|
+
}, z.core.$strip>;
|
|
223
86
|
/**
|
|
224
87
|
* Type for a validated CurrencyTransaction
|
|
225
88
|
*/
|
|
@@ -232,17 +95,7 @@ export declare const TransferParamsSchema: z.ZodObject<{
|
|
|
232
95
|
to: z.ZodString;
|
|
233
96
|
amount: z.ZodNumber;
|
|
234
97
|
fee: z.ZodDefault<z.ZodOptional<z.ZodNumber>>;
|
|
235
|
-
},
|
|
236
|
-
from: string;
|
|
237
|
-
to: string;
|
|
238
|
-
amount: number;
|
|
239
|
-
fee: number;
|
|
240
|
-
}, {
|
|
241
|
-
from: string;
|
|
242
|
-
to: string;
|
|
243
|
-
amount: number;
|
|
244
|
-
fee?: number | undefined;
|
|
245
|
-
}>;
|
|
98
|
+
}, z.core.$strip>;
|
|
246
99
|
/**
|
|
247
100
|
* Type for validated TransferParams
|
|
248
101
|
*/
|
|
@@ -251,21 +104,10 @@ export type ValidatedTransferParams = z.infer<typeof TransferParamsSchema>;
|
|
|
251
104
|
* Schema for AgentIdentity registration
|
|
252
105
|
*/
|
|
253
106
|
export declare const AgentIdentityRegistrationSchema: z.ZodObject<{
|
|
254
|
-
/** Public key in hex format */
|
|
255
107
|
publicKey: z.ZodString;
|
|
256
|
-
/** Display name for the agent */
|
|
257
108
|
displayName: z.ZodString;
|
|
258
|
-
/** Initial reputation (default: 10) */
|
|
259
109
|
reputation: z.ZodDefault<z.ZodOptional<z.ZodNumber>>;
|
|
260
|
-
},
|
|
261
|
-
reputation: number;
|
|
262
|
-
publicKey: string;
|
|
263
|
-
displayName: string;
|
|
264
|
-
}, {
|
|
265
|
-
publicKey: string;
|
|
266
|
-
displayName: string;
|
|
267
|
-
reputation?: number | undefined;
|
|
268
|
-
}>;
|
|
110
|
+
}, z.core.$strip>;
|
|
269
111
|
/**
|
|
270
112
|
* Type for validated AgentIdentity registration
|
|
271
113
|
*/
|
|
@@ -274,21 +116,17 @@ export type ValidatedAgentIdentityRegistration = z.infer<typeof AgentIdentityReg
|
|
|
274
116
|
* Schema for PlatformLink
|
|
275
117
|
*/
|
|
276
118
|
export declare const PlatformLinkSchema: z.ZodObject<{
|
|
277
|
-
platform: z.ZodEnum<
|
|
119
|
+
platform: z.ZodEnum<{
|
|
120
|
+
DISCORD: "DISCORD";
|
|
121
|
+
TELEGRAM: "TELEGRAM";
|
|
122
|
+
TWITTER: "TWITTER";
|
|
123
|
+
GITHUB: "GITHUB";
|
|
124
|
+
CUSTOM: "CUSTOM";
|
|
125
|
+
}>;
|
|
278
126
|
platformUserId: z.ZodString;
|
|
279
127
|
platformUsername: z.ZodString;
|
|
280
128
|
verified: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
|
|
281
|
-
},
|
|
282
|
-
platform: "DISCORD" | "TELEGRAM" | "TWITTER" | "GITHUB" | "CUSTOM";
|
|
283
|
-
platformUserId: string;
|
|
284
|
-
platformUsername: string;
|
|
285
|
-
verified: boolean;
|
|
286
|
-
}, {
|
|
287
|
-
platform: "DISCORD" | "TELEGRAM" | "TWITTER" | "GITHUB" | "CUSTOM";
|
|
288
|
-
platformUserId: string;
|
|
289
|
-
platformUsername: string;
|
|
290
|
-
verified?: boolean | undefined;
|
|
291
|
-
}>;
|
|
129
|
+
}, z.core.$strip>;
|
|
292
130
|
/**
|
|
293
131
|
* Type for validated PlatformLink
|
|
294
132
|
*/
|
|
@@ -301,25 +139,11 @@ export declare const ContractTermsSchema: z.ZodRecord<z.ZodString, z.ZodUnknown>
|
|
|
301
139
|
* Schema for ProposeContractRequest
|
|
302
140
|
*/
|
|
303
141
|
export declare const ProposeContractRequestSchema: z.ZodObject<{
|
|
304
|
-
/** Proposer's DAG address */
|
|
305
142
|
proposer: z.ZodString;
|
|
306
|
-
/** Counterparty's DAG address */
|
|
307
143
|
counterparty: z.ZodString;
|
|
308
|
-
/** Contract terms */
|
|
309
144
|
terms: z.ZodRecord<z.ZodString, z.ZodUnknown>;
|
|
310
|
-
/** Human-readable description */
|
|
311
145
|
description: z.ZodString;
|
|
312
|
-
},
|
|
313
|
-
description: string;
|
|
314
|
-
proposer: string;
|
|
315
|
-
terms: Record<string, unknown>;
|
|
316
|
-
counterparty: string;
|
|
317
|
-
}, {
|
|
318
|
-
description: string;
|
|
319
|
-
proposer: string;
|
|
320
|
-
terms: Record<string, unknown>;
|
|
321
|
-
counterparty: string;
|
|
322
|
-
}>;
|
|
146
|
+
}, z.core.$strip>;
|
|
323
147
|
/**
|
|
324
148
|
* Type for validated ProposeContractRequest
|
|
325
149
|
*/
|
|
@@ -328,17 +152,9 @@ export type ValidatedProposeContractRequest = z.infer<typeof ProposeContractRequ
|
|
|
328
152
|
* Schema for AcceptContractRequest
|
|
329
153
|
*/
|
|
330
154
|
export declare const AcceptContractRequestSchema: z.ZodObject<{
|
|
331
|
-
/** Contract ID to accept */
|
|
332
155
|
contractId: z.ZodString;
|
|
333
|
-
/** Acceptor's DAG address */
|
|
334
156
|
acceptor: z.ZodString;
|
|
335
|
-
},
|
|
336
|
-
contractId: string;
|
|
337
|
-
acceptor: string;
|
|
338
|
-
}, {
|
|
339
|
-
contractId: string;
|
|
340
|
-
acceptor: string;
|
|
341
|
-
}>;
|
|
157
|
+
}, z.core.$strip>;
|
|
342
158
|
/**
|
|
343
159
|
* Type for validated AcceptContractRequest
|
|
344
160
|
*/
|
|
@@ -347,21 +163,10 @@ export type ValidatedAcceptContractRequest = z.infer<typeof AcceptContractReques
|
|
|
347
163
|
* Schema for CompleteContractRequest
|
|
348
164
|
*/
|
|
349
165
|
export declare const CompleteContractRequestSchema: z.ZodObject<{
|
|
350
|
-
/** Contract ID to complete */
|
|
351
166
|
contractId: z.ZodString;
|
|
352
|
-
/** Completer's DAG address */
|
|
353
167
|
completer: z.ZodString;
|
|
354
|
-
/** Proof of completion */
|
|
355
168
|
proof: z.ZodString;
|
|
356
|
-
},
|
|
357
|
-
contractId: string;
|
|
358
|
-
completer: string;
|
|
359
|
-
proof: string;
|
|
360
|
-
}, {
|
|
361
|
-
contractId: string;
|
|
362
|
-
completer: string;
|
|
363
|
-
proof: string;
|
|
364
|
-
}>;
|
|
169
|
+
}, z.core.$strip>;
|
|
365
170
|
/**
|
|
366
171
|
* Type for validated CompleteContractRequest
|
|
367
172
|
*/
|
package/dist/types/verify.d.ts
CHANGED
|
@@ -4,6 +4,10 @@
|
|
|
4
4
|
* The package embeds `mode: "standard"|"dataUpdate"` in signed objects and
|
|
5
5
|
* its verify() ignores the `isDataUpdate` parameter when `mode` is present.
|
|
6
6
|
* This wrapper strips `mode` so callers' explicit `isDataUpdate` always wins.
|
|
7
|
+
*
|
|
8
|
+
* In dataUpdate mode, verification happens over the null-dropped canonical
|
|
9
|
+
* bytes (drop null object fields, preserve array nulls, then RFC 8785) —
|
|
10
|
+
* mirroring the SDK's dataUpdate signers and metakit's content-hash rule.
|
|
7
11
|
*/
|
|
8
12
|
import type { Signed, VerificationResult } from '@constellation-network/metagraph-sdk';
|
|
9
13
|
export declare function verify<T>(signed: Signed<T>, isDataUpdate?: boolean): VerificationResult;
|
|
@@ -0,0 +1,28 @@
|
|
|
1
|
+
/** Lowercase `0x` 32-byte big-endian hex — the JLVM-opcode Fr encoding. */
|
|
2
|
+
export type FrHex = `0x${string}`;
|
|
3
|
+
/**
|
|
4
|
+
* BN254 (alt_bn128) scalar field modulus R. A public field constant (not a secret / not Poseidon
|
|
5
|
+
* itself); the `poseidon` opcode re-validates canonicity, so this only drives reduction + sampling.
|
|
6
|
+
*/
|
|
7
|
+
export declare const R = 21888242871839275222246405745257275088548364400416034343698204186575808495617n;
|
|
8
|
+
/** Reduce an arbitrary bigint into a canonical BN254 Fr element `[0, R)`. */
|
|
9
|
+
export declare const toFr: (x: bigint) => bigint;
|
|
10
|
+
/** Encode a field element as the lowercase `0x` 32-byte big-endian hex the crypto opcodes expect. */
|
|
11
|
+
export declare const frToHex: (x: bigint) => FrHex;
|
|
12
|
+
/** A fresh random salt as a canonical Fr (rejection-sampled to avoid modulo bias near R). */
|
|
13
|
+
export declare function randomSalt(): bigint;
|
|
14
|
+
/** `cm = Poseidon([...fields, salt])` via the VM's own opcode. Returns the `0x` 32-byte commitment. */
|
|
15
|
+
export declare function poseidonCommitN(fields: bigint[], saltFr: bigint): FrHex;
|
|
16
|
+
/** `cm = Poseidon([fieldFr, saltFr])` — the commitment for one value field (a bid, a score). */
|
|
17
|
+
export declare function poseidonCommit(fieldFr: bigint, saltFr: bigint): FrHex;
|
|
18
|
+
/** A client-held commitment + its opening. The opening is SECRET; only `cm` is published. */
|
|
19
|
+
export interface Commitment {
|
|
20
|
+
/** The 32-byte commitment published on-chain. */
|
|
21
|
+
cm: FrHex;
|
|
22
|
+
/** The committed field values (client-held). */
|
|
23
|
+
fields: bigint[];
|
|
24
|
+
/** The blinding salt (client-held). */
|
|
25
|
+
salt: bigint;
|
|
26
|
+
}
|
|
27
|
+
/** Commit `fields` under a fresh (or supplied) salt; returns the commitment + opening. */
|
|
28
|
+
export declare function openCommitment(fields: bigint[], salt?: bigint): Commitment;
|
|
@@ -0,0 +1,46 @@
|
|
|
1
|
+
import { type DecodedPublicValues, type Groth16Bundle } from './types';
|
|
2
|
+
/** Char offset of public-values word `w` (0=exprHash, 1=dataHash, 2=outputHash, 3=ok) in the `0x` string. */
|
|
3
|
+
export declare const wordOffset: (w: number) => number;
|
|
4
|
+
/** Options for {@link semiPrivateGuard} / {@link checkSemiPrivateBinding}. */
|
|
5
|
+
export interface SemiPrivateGuardOptions {
|
|
6
|
+
/** Require the rule to have evaluated to `true` (`outputHash == keccak256("true")`). Default true. */
|
|
7
|
+
requireTrue?: boolean;
|
|
8
|
+
}
|
|
9
|
+
/**
|
|
10
|
+
* Build the JLVM guard a `Governed` morphism / mint policy embeds. `vkey` is the zk-jlvm program
|
|
11
|
+
* verification key (a `bytes32` `0x`-hex literal); `logicHash` is the pinned rule's hash (from
|
|
12
|
+
* {@link ExprRegistry.logicHashOf}). Returns plain JSON — feed it into an ASSET policy's guard/mintPolicy
|
|
13
|
+
* (the asset combiner injects the reserved `witness`). In a fiber TRANSITION there is no `witness` key —
|
|
14
|
+
* the proof rides in the event payload, so read `event.witness.*` instead.
|
|
15
|
+
*
|
|
16
|
+
* REPLAY (audit zk-guards): the proven public values commit only {exprHash, dataHash, outputHash, ok} —
|
|
17
|
+
* nothing situational (no fiber / asset / `$ordinal` / nonce). A valid `{publicValues, proof}` is therefore
|
|
18
|
+
* a reusable bearer token, replayable across any action pinning the same vkey + logicHash. Bind the action
|
|
19
|
+
* INSIDE the proven rule (pin a spender/asset/subject, as `reputationCreditRule` pins `subject`) and/or gate
|
|
20
|
+
* with a one-time nonce ledger until the public values carry action context.
|
|
21
|
+
*/
|
|
22
|
+
export declare function semiPrivateGuard(vkey: `0x${string}`, logicHash: `0x${string}`, opts?: SemiPrivateGuardOptions): Record<string, unknown>;
|
|
23
|
+
/** The outcome of {@link verifyGroth16Bundle} + binding checks: `ok`, with `reasons` when it is not. */
|
|
24
|
+
export interface BindingResult {
|
|
25
|
+
ok: boolean;
|
|
26
|
+
/** Empty when `ok`; otherwise one human-readable reason per failed check. */
|
|
27
|
+
reasons: string[];
|
|
28
|
+
decoded: DecodedPublicValues;
|
|
29
|
+
}
|
|
30
|
+
/**
|
|
31
|
+
* Locally run the SAME `groth16_verify` pairing the chain runs (the verifier opcode, not the prover).
|
|
32
|
+
* Returns `false` — never throws — on an invalid/garbage bundle, mirroring the guard's graceful deny.
|
|
33
|
+
*/
|
|
34
|
+
export declare function verifyGroth16Bundle(bundle: Groth16Bundle): boolean;
|
|
35
|
+
/**
|
|
36
|
+
* Check the binding words WITHOUT the pairing: `exprHash == expectedLogicHash`, `ok` set, and
|
|
37
|
+
* (when `requireTrue`) `outputHash == keccak256("true")`. Pair with {@link verifyGroth16Bundle} for
|
|
38
|
+
* the full client-side mirror of the on-chain guard (see {@link verifySemiPrivate}).
|
|
39
|
+
*/
|
|
40
|
+
export declare function checkSemiPrivateBinding(bundle: Groth16Bundle, expectedLogicHash: `0x${string}`, opts?: SemiPrivateGuardOptions): BindingResult;
|
|
41
|
+
/**
|
|
42
|
+
* The full client-side mirror of the on-chain guard: the proof verifies AND its words bind to the
|
|
43
|
+
* pinned rule (and, by default, to a `true` result). Run this before submitting to fail fast instead
|
|
44
|
+
* of paying for an on-chain rejection.
|
|
45
|
+
*/
|
|
46
|
+
export declare function verifySemiPrivate(bundle: Groth16Bundle, expectedLogicHash: `0x${string}`, opts?: SemiPrivateGuardOptions): BindingResult;
|
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* `@ottochain/sdk/zk` — the client-side semi-private tier.
|
|
3
|
+
*
|
|
4
|
+
* Public-by-default, private-by-opt-in: a holder proves (off-chain, via SP1 zk-jlvm) that some
|
|
5
|
+
* PRIVATE data satisfies a PUBLIC, pinned JLVM rule, and carries only `{publicValues, proof}` on a
|
|
6
|
+
* signed op. A policy's {@link semiPrivateGuard} re-verifies the proof and binds it to the pinned
|
|
7
|
+
* rule on-chain — the value stays hidden, the predicate stays legible.
|
|
8
|
+
*
|
|
9
|
+
* The ONE canonical invariant tying it together: the prover is fed `canonicalForSigning(expr)` /
|
|
10
|
+
* `canonicalForSigning(data)`, so a proof's `exprHash` word equals {@link exprHash}`(rule)` equals a
|
|
11
|
+
* policy's `logicHash` — see {@link proverPreimage} and docs/design/client-side-private-data.md §3.0.
|
|
12
|
+
*/
|
|
13
|
+
export { canonicalForSigning, proverPreimage, exprHash, dataHash, KECCAK_TRUE, } from './preimage';
|
|
14
|
+
export { type FrHex, R, toFr, frToHex, randomSalt, poseidonCommit, poseidonCommitN, type Commitment, openCommitment, } from './commit';
|
|
15
|
+
export { type DecodedPublicValues, type Groth16Bundle, decodeJlvmPublicValues, } from './types';
|
|
16
|
+
export { type Groth16WitnessMap, type Groth16Witness, groth16Witness, type PmtWitnessMap, pmtWitness, } from './witness';
|
|
17
|
+
export { type RegisteredRule, ExprRegistry, type Comparator, boundRule, atLeast, atMost, } from './registry';
|
|
18
|
+
export { type SemiPrivateGuardOptions, wordOffset, semiPrivateGuard, type BindingResult, verifyGroth16Bundle, checkSemiPrivateBinding, verifySemiPrivate, } from './guard';
|
|
19
|
+
export { type ZkProver, type Groth16ProveRequest, SubprocessProver, type SubprocessProverOptions, parseGroth16Stdout, } from './prover';
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
/** The single canonical string both the signer and the prover-feed share (JCS ∘ dropNullFields). */
|
|
2
|
+
export declare function canonicalForSigning(x: unknown): string;
|
|
3
|
+
/** keccak256 of the canonical bytes — the value the zk-jlvm guest commits as exprHash / dataHash. */
|
|
4
|
+
export declare function proverPreimage(x: unknown): `0x${string}`;
|
|
5
|
+
/** exprHash of a published JLVM rule (canonicalized + keccak'd). Equals the chain's `logicHash`. */
|
|
6
|
+
export declare const exprHash: (rule: unknown) => `0x${string}`;
|
|
7
|
+
/** dataHash of a private data context — kept private; only its hash is public. */
|
|
8
|
+
export declare const dataHash: (data: unknown) => `0x${string}`;
|
|
9
|
+
/** `keccak256(canonicalize(true))` — the `outputHash` a guard binds for a "rule returned true" proof. */
|
|
10
|
+
export declare const KECCAK_TRUE: `0x${string}`;
|