@oxyhq/core 1.0.0

package/dist/cjs/crypto/polyfill.js

@@ -0,0 +1,64 @@
+"use strict";
+/**
+ * Crypto Polyfills
+ *
+ * Ensures Buffer and crypto.getRandomValues are available
+ * across all platforms (Node.js, Browser, React Native).
+ *
+ * - Browser/Node.js: Uses native crypto
+ * - React Native: Falls back to expo-crypto if native crypto unavailable
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.Buffer = void 0;
+const buffer_1 = require("buffer");
+Object.defineProperty(exports, "Buffer", { enumerable: true, get: function () { return buffer_1.Buffer; } });
+const getGlobalObject = () => {
+    if (typeof globalThis !== 'undefined')
+        return globalThis;
+    if (typeof global !== 'undefined')
+        return global;
+    if (typeof window !== 'undefined')
+        return window;
+    if (typeof self !== 'undefined')
+        return self;
+    return {};
+};
+const globalObject = getGlobalObject();
+// Make Buffer available globally for libraries that depend on it
+if (!globalObject.Buffer) {
+    globalObject.Buffer = buffer_1.Buffer;
+}
+// Cache for expo-crypto module (lazy loaded only in React Native)
+let expoCryptoModule = null;
+let expoCryptoLoadAttempted = false;
+function getRandomBytesSync(byteCount) {
+    if (!expoCryptoLoadAttempted) {
+        expoCryptoLoadAttempted = true;
+        try {
+            expoCryptoModule = require('expo-crypto');
+        }
+        catch {
+            // expo-crypto not available — expected in non-RN environments
+        }
+    }
+    if (expoCryptoModule) {
+        return expoCryptoModule.getRandomBytes(byteCount);
+    }
+    throw new Error('No crypto.getRandomValues implementation available. ' +
+        'In React Native, install expo-crypto.');
+}
+const cryptoPolyfill = {
+    getRandomValues(array) {
+        const bytes = getRandomBytesSync(array.byteLength);
+        const uint8View = new Uint8Array(array.buffer, array.byteOffset, array.byteLength);
+        uint8View.set(bytes);
+        return array;
+    },
+};
+// Only polyfill if crypto or crypto.getRandomValues is not available
+if (typeof globalObject.crypto === 'undefined') {
+    globalObject.crypto = cryptoPolyfill;
+}
+else if (typeof globalObject.crypto.getRandomValues !== 'function') {
+    globalObject.crypto.getRandomValues = cryptoPolyfill.getRandomValues;
+}

package/dist/cjs/crypto/recoveryPhrase.js

@@ -0,0 +1,169 @@
+"use strict";
+/**
+ * Recovery Phrase Service - BIP39 Mnemonic Generation
+ *
+ * Handles generation and restoration of recovery phrases (mnemonic seeds)
+ * for backing up and restoring user identities.
+ *
+ * Note: This module requires the polyfill to be loaded first (done via crypto/index.ts)
+ */
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.RecoveryPhraseService = void 0;
+const bip39 = __importStar(require("bip39"));
+const keyManager_1 = require("./keyManager");
+/**
+ * Convert Uint8Array or array-like to hexadecimal string
+ * Works in both Node.js and React Native without depending on Buffer
+ */
+function toHex(data) {
+    // Convert to array of numbers if needed
+    const bytes = data instanceof Uint8Array ? data : new Uint8Array(data);
+    return Array.from(bytes)
+        .map(b => b.toString(16).padStart(2, '0'))
+        .join('');
+}
+class RecoveryPhraseService {
+    /**
+     * Generate a new identity with a recovery phrase
+     * Returns the mnemonic phrase (should only be shown once to the user)
+     */
+    static async generateIdentityWithRecovery() {
+        // Generate 128-bit entropy for 12-word mnemonic
+        const mnemonic = bip39.generateMnemonic(128);
+        // Derive private key from mnemonic
+        // Using the seed directly as the private key (simplified approach)
+        const seed = await bip39.mnemonicToSeed(mnemonic);
+        // Use first 32 bytes of seed as private key
+        const seedSlice = seed.subarray ? seed.subarray(0, 32) : seed.slice(0, 32);
+        const privateKeyHex = toHex(seedSlice);
+        // Import the derived key pair
+        const publicKey = await keyManager_1.KeyManager.importKeyPair(privateKeyHex);
+        return {
+            phrase: mnemonic,
+            words: mnemonic.split(' '),
+            publicKey,
+        };
+    }
+    /**
+     * Generate a 24-word recovery phrase for higher security
+     */
+    static async generateIdentityWithRecovery24() {
+        // Generate 256-bit entropy for 24-word mnemonic
+        const mnemonic = bip39.generateMnemonic(256);
+        const seed = await bip39.mnemonicToSeed(mnemonic);
+        const seedSlice = seed.subarray ? seed.subarray(0, 32) : seed.slice(0, 32);
+        const privateKeyHex = toHex(seedSlice);
+        const publicKey = await keyManager_1.KeyManager.importKeyPair(privateKeyHex);
+        return {
+            phrase: mnemonic,
+            words: mnemonic.split(' '),
+            publicKey,
+        };
+    }
+    /**
+     * Restore an identity from a recovery phrase
+     */
+    static async restoreFromPhrase(phrase) {
+        // Normalize and validate the phrase
+        const normalizedPhrase = phrase.trim().toLowerCase();
+        if (!bip39.validateMnemonic(normalizedPhrase)) {
+            throw new Error('Invalid recovery phrase. Please check the words and try again.');
+        }
+        // Derive the same private key from the mnemonic
+        const seed = await bip39.mnemonicToSeed(normalizedPhrase);
+        const seedSlice = seed.subarray ? seed.subarray(0, 32) : seed.slice(0, 32);
+        const privateKeyHex = toHex(seedSlice);
+        // Import and store the key pair
+        const publicKey = await keyManager_1.KeyManager.importKeyPair(privateKeyHex);
+        return publicKey;
+    }
+    /**
+     * Validate a recovery phrase without importing it
+     */
+    static validatePhrase(phrase) {
+        const normalizedPhrase = phrase.trim().toLowerCase();
+        return bip39.validateMnemonic(normalizedPhrase);
+    }
+    /**
+     * Get the word list for autocomplete/validation
+     */
+    static getWordList() {
+        return bip39.wordlists.english;
+    }
+    /**
+     * Check if a word is valid in the BIP39 word list
+     */
+    static isValidWord(word) {
+        return bip39.wordlists.english.includes(word.toLowerCase());
+    }
+    /**
+     * Get suggestions for a partial word
+     */
+    static getSuggestions(partial, limit = 5) {
+        const lowerPartial = partial.toLowerCase();
+        return bip39.wordlists.english
+            .filter((word) => word.startsWith(lowerPartial))
+            .slice(0, limit);
+    }
+    /**
+     * Derive the public key from a phrase without storing
+     * Useful for verification before importing
+     */
+    static async derivePublicKeyFromPhrase(phrase) {
+        const normalizedPhrase = phrase.trim().toLowerCase();
+        if (!bip39.validateMnemonic(normalizedPhrase)) {
+            throw new Error('Invalid recovery phrase');
+        }
+        const seed = await bip39.mnemonicToSeed(normalizedPhrase);
+        const seedSlice = seed.subarray ? seed.subarray(0, 32) : seed.slice(0, 32);
+        const privateKeyHex = toHex(seedSlice);
+        return keyManager_1.KeyManager.derivePublicKey(privateKeyHex);
+    }
+    /**
+     * Convert a phrase to its word array
+     */
+    static phraseToWords(phrase) {
+        return phrase.trim().toLowerCase().split(/\s+/);
+    }
+    /**
+     * Convert a word array to a phrase string
+     */
+    static wordsToPhrase(words) {
+        return words.map(w => w.toLowerCase().trim()).join(' ');
+    }
+}
+exports.RecoveryPhraseService = RecoveryPhraseService;
+exports.default = RecoveryPhraseService;

package/dist/cjs/crypto/signatureService.js

@@ -0,0 +1,296 @@
+"use strict";
+/**
+ * Signature Service - ECDSA Digital Signatures
+ *
+ * Handles signing and verification of messages using ECDSA secp256k1.
+ * Used for authenticating requests and proving identity ownership.
+ */
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.SignatureService = void 0;
+const elliptic_1 = require("elliptic");
+const keyManager_1 = require("./keyManager");
+// Lazy import for expo-crypto
+let ExpoCrypto = null;
+const ec = new elliptic_1.ec('secp256k1');
+/**
+ * Check if we're in a React Native environment
+ */
+function isReactNative() {
+    return typeof navigator !== 'undefined' && navigator.product === 'ReactNative';
+}
+/**
+ * Check if we're in a Node.js environment
+ */
+function isNodeJS() {
+    return typeof process !== 'undefined' && process.versions != null && process.versions.node != null;
+}
+/**
+ * Initialize expo-crypto module
+ */
+async function initExpoCrypto() {
+    if (!ExpoCrypto) {
+        ExpoCrypto = await Promise.resolve().then(() => __importStar(require('expo-crypto')));
+    }
+    return ExpoCrypto;
+}
+/**
+ * Compute SHA-256 hash of a string
+ */
+async function sha256(message) {
+    // In React Native, always use expo-crypto
+    if (isReactNative() || !isNodeJS()) {
+        const Crypto = await initExpoCrypto();
+        return Crypto.digestStringAsync(Crypto.CryptoDigestAlgorithm.SHA256, message);
+    }
+    // In Node.js, use Node's crypto module
+    // Use Function constructor to prevent Metro bundler from statically analyzing this require
+    // This ensures the require is only evaluated in Node.js runtime, not during Metro bundling
+    try {
+        // eslint-disable-next-line @typescript-eslint/no-implied-eval
+        const getCrypto = new Function('return require("crypto")');
+        const crypto = getCrypto();
+        return crypto.createHash('sha256').update(message).digest('hex');
+    }
+    catch (error) {
+        // Fallback to expo-crypto if Node crypto fails
+        const Crypto = await initExpoCrypto();
+        return Crypto.digestStringAsync(Crypto.CryptoDigestAlgorithm.SHA256, message);
+    }
+}
+class SignatureService {
+    /**
+     * Generate a random challenge string (for offline use)
+     * Uses expo-crypto in React Native, crypto.randomBytes in Node.js
+     */
+    static async generateChallenge() {
+        if (isReactNative() || !isNodeJS()) {
+            // Use expo-crypto for React Native (expo-random is deprecated)
+            const Crypto = await initExpoCrypto();
+            const randomBytes = await Crypto.getRandomBytesAsync(32);
+            return Array.from(randomBytes)
+                .map((b) => b.toString(16).padStart(2, '0'))
+                .join('');
+        }
+        // Node.js fallback
+        try {
+            // eslint-disable-next-line @typescript-eslint/no-implied-eval
+            const getCrypto = new Function('return require("crypto")');
+            const crypto = getCrypto();
+            return crypto.randomBytes(32).toString('hex');
+        }
+        catch (error) {
+            // Fallback to expo-crypto if Node crypto fails
+            const Crypto = await initExpoCrypto();
+            const randomBytes = await Crypto.getRandomBytesAsync(32);
+            return Array.from(randomBytes)
+                .map((b) => b.toString(16).padStart(2, '0'))
+                .join('');
+        }
+    }
+    /**
+     * Hash a message using SHA-256
+     */
+    static async hashMessage(message) {
+        return sha256(message);
+    }
+    /**
+     * Sign a message using the stored private key
+     * Returns the signature in DER format (hex encoded)
+     */
+    static async sign(message) {
+        const keyPair = await keyManager_1.KeyManager.getKeyPairObject();
+        if (!keyPair) {
+            throw new Error('No identity found. Please create or import an identity first.');
+        }
+        const messageHash = await sha256(message);
+        const signature = keyPair.sign(messageHash);
+        return signature.toDER('hex');
+    }
+    /**
+     * Sign a message with an explicit private key (without storing)
+     * Useful for one-time operations or testing
+     */
+    static async signWithKey(message, privateKey) {
+        const keyPair = ec.keyFromPrivate(privateKey);
+        const messageHash = await sha256(message);
+        const signature = keyPair.sign(messageHash);
+        return signature.toDER('hex');
+    }
+    /**
+     * Verify a signature against a message and public key
+     */
+    static async verify(message, signature, publicKey) {
+        try {
+            const key = ec.keyFromPublic(publicKey, 'hex');
+            const messageHash = await sha256(message);
+            return key.verify(messageHash, signature);
+        }
+        catch {
+            return false;
+        }
+    }
+    /**
+     * Synchronous verification (for Node.js backend)
+     * Uses crypto module directly for hashing
+     * Note: This method should only be used in Node.js environments
+     */
+    static verifySync(message, signature, publicKey) {
+        try {
+            if (!isNodeJS()) {
+                // In React Native, use async verify instead
+                throw new Error('verifySync should only be used in Node.js. Use verify() in React Native.');
+            }
+            // Use Function constructor to prevent Metro bundler from statically analyzing this require
+            // eslint-disable-next-line @typescript-eslint/no-implied-eval
+            const getCrypto = new Function('return require("crypto")');
+            const crypto = getCrypto();
+            const key = ec.keyFromPublic(publicKey, 'hex');
+            const messageHash = crypto.createHash('sha256').update(message).digest('hex');
+            return key.verify(messageHash, signature);
+        }
+        catch {
+            return false;
+        }
+    }
+    /**
+     * Create a signed message object with metadata
+     */
+    static async createSignedMessage(message) {
+        const publicKey = await keyManager_1.KeyManager.getPublicKey();
+        if (!publicKey) {
+            throw new Error('No identity found. Please create or import an identity first.');
+        }
+        const timestamp = Date.now();
+        const messageWithTimestamp = `${message}:${timestamp}`;
+        const signature = await SignatureService.sign(messageWithTimestamp);
+        return {
+            message,
+            signature,
+            publicKey,
+            timestamp,
+        };
+    }
+    /**
+     * Verify a signed message object
+     * Checks both signature validity and timestamp freshness
+     */
+    static async verifySignedMessage(signedMessage, maxAgeMs = 5 * 60 * 1000 // 5 minutes default
+    ) {
+        const { message, signature, publicKey, timestamp } = signedMessage;
+        // Check timestamp freshness
+        const now = Date.now();
+        if (now - timestamp > maxAgeMs) {
+            return false;
+        }
+        // Verify signature
+        const messageWithTimestamp = `${message}:${timestamp}`;
+        return SignatureService.verify(messageWithTimestamp, signature, publicKey);
+    }
+    /**
+     * Create a signed authentication challenge response
+     * Used for challenge-response authentication
+     */
+    static async signChallenge(challenge) {
+        const publicKey = await keyManager_1.KeyManager.getPublicKey();
+        if (!publicKey) {
+            throw new Error('No identity found. Please create or import an identity first.');
+        }
+        const timestamp = Date.now();
+        const message = `auth:${publicKey}:${challenge}:${timestamp}`;
+        const signature = await SignatureService.sign(message);
+        return {
+            challenge: signature,
+            publicKey,
+            timestamp,
+        };
+    }
+    /**
+     * Verify a challenge response
+     */
+    static async verifyChallengeResponse(originalChallenge, response, maxAgeMs = 5 * 60 * 1000) {
+        const { challenge: signature, publicKey, timestamp } = response;
+        // Check timestamp freshness
+        const now = Date.now();
+        if (now - timestamp > maxAgeMs) {
+            return false;
+        }
+        const message = `auth:${publicKey}:${originalChallenge}:${timestamp}`;
+        return SignatureService.verify(message, signature, publicKey);
+    }
+    /**
+     * Create a registration signature
+     * Used when registering a new identity with the server
+     * Format matches server expectation: oxy:register:{publicKey}:{timestamp}
+     */
+    static async createRegistrationSignature() {
+        const publicKey = await keyManager_1.KeyManager.getPublicKey();
+        if (!publicKey) {
+            throw new Error('No identity found. Please create or import an identity first.');
+        }
+        const timestamp = Date.now();
+        const message = `oxy:register:${publicKey}:${timestamp}`;
+        const signature = await SignatureService.sign(message);
+        return {
+            signature,
+            publicKey,
+            timestamp,
+        };
+    }
+    /**
+     * Sign arbitrary data for API requests
+     * Creates a canonical string representation and signs it
+     */
+    static async signRequestData(data) {
+        const publicKey = await keyManager_1.KeyManager.getPublicKey();
+        if (!publicKey) {
+            throw new Error('No identity found. Please create or import an identity first.');
+        }
+        const timestamp = Date.now();
+        // Create canonical string representation
+        const sortedKeys = Object.keys(data).sort();
+        const canonicalParts = sortedKeys.map(key => `${key}:${JSON.stringify(data[key])}`);
+        const canonicalString = canonicalParts.join('|');
+        const message = `request:${publicKey}:${timestamp}:${canonicalString}`;
+        const signature = await SignatureService.sign(message);
+        return {
+            signature,
+            publicKey,
+            timestamp,
+        };
+    }
+}
+exports.SignatureService = SignatureService;
+exports.default = SignatureService;

package/dist/cjs/i18n/index.js

@@ -0,0 +1,73 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.translate = translate;
+exports.hasKey = hasKey;
+// Use JSON locale files (RN Metro supports static requires reliably)
+// eslint-disable-next-line @typescript-eslint/no-var-requires
+const enUS = require('./locales/en-US.json');
+// eslint-disable-next-line @typescript-eslint/no-var-requires
+const esES = require('./locales/es-ES.json');
+// eslint-disable-next-line @typescript-eslint/no-var-requires
+const caES = require('./locales/ca-ES.json');
+// eslint-disable-next-line @typescript-eslint/no-var-requires
+const frFR = require('./locales/fr-FR.json');
+// eslint-disable-next-line @typescript-eslint/no-var-requires
+const deDE = require('./locales/de-DE.json');
+// eslint-disable-next-line @typescript-eslint/no-var-requires
+const itIT = require('./locales/it-IT.json');
+// eslint-disable-next-line @typescript-eslint/no-var-requires
+const ptPT = require('./locales/pt-PT.json');
+// eslint-disable-next-line @typescript-eslint/no-var-requires
+const jaJP = require('./locales/ja-JP.json');
+// eslint-disable-next-line @typescript-eslint/no-var-requires
+const koKR = require('./locales/ko-KR.json');
+// eslint-disable-next-line @typescript-eslint/no-var-requires
+const zhCN = require('./locales/zh-CN.json');
+// eslint-disable-next-line @typescript-eslint/no-var-requires
+const arSA = require('./locales/ar-SA.json');
+const DICTS = {
+    'en': enUS,
+    'en-US': enUS,
+    'es': esES,
+    'es-ES': esES,
+    'ca': caES,
+    'ca-ES': caES,
+    'fr': frFR,
+    'fr-FR': frFR,
+    'de': deDE,
+    'de-DE': deDE,
+    'it': itIT,
+    'it-IT': itIT,
+    'pt': ptPT,
+    'pt-PT': ptPT,
+    'ja': jaJP,
+    'ja-JP': jaJP,
+    'ko': koKR,
+    'ko-KR': koKR,
+    'zh': zhCN,
+    'zh-CN': zhCN,
+    'ar': arSA,
+    'ar-SA': arSA,
+};
+const FALLBACK = 'en-US';
+function getNested(obj, path) {
+    return path.split('.').reduce((acc, key) => (acc && acc[key] != null ? acc[key] : undefined), obj);
+}
+function translate(locale, key, vars) {
+    const lang = locale && DICTS[locale] ? locale : FALLBACK;
+    const dict = DICTS[lang] || DICTS[FALLBACK];
+    let val = getNested(dict, key);
+    if (typeof val !== 'string')
+        return key; // fallback to key if missing
+    if (vars) {
+        Object.keys(vars).forEach(k => {
+            const token = `{{${k}}}`;
+            val = val.replaceAll(token, String(vars[k]));
+        });
+    }
+    return val;
+}
+function hasKey(locale, key) {
+    const lang = locale && DICTS[locale] ? locale : FALLBACK;
+    return getNested(DICTS[lang], key) != null || getNested(DICTS[FALLBACK], key) != null;
+}