@oxyhq/services 5.16.44 → 5.17.0

package/lib/commonjs/core/identity-session/index.js

@@ -1,80 +0,0 @@
-"use strict";
-
-Object.defineProperty(exports, "__esModule", {
-  value: true
-});
-var _exportNames = {
-  IdentitySessionCore: true,
-  IdentityManager: true,
-  SessionManager: true,
-  DeviceManager: true,
-  RefreshManager: true,
-  createIdentitySessionCore: true
-};
-Object.defineProperty(exports, "DeviceManager", {
-  enumerable: true,
-  get: function () {
-    return _DeviceManager.DeviceManager;
-  }
-});
-Object.defineProperty(exports, "IdentityManager", {
-  enumerable: true,
-  get: function () {
-    return _IdentityManager.IdentityManager;
-  }
-});
-Object.defineProperty(exports, "IdentitySessionCore", {
-  enumerable: true,
-  get: function () {
-    return _IdentitySessionCore.IdentitySessionCore;
-  }
-});
-Object.defineProperty(exports, "RefreshManager", {
-  enumerable: true,
-  get: function () {
-    return _RefreshManager.RefreshManager;
-  }
-});
-Object.defineProperty(exports, "SessionManager", {
-  enumerable: true,
-  get: function () {
-    return _SessionManager.SessionManager;
-  }
-});
-Object.defineProperty(exports, "createIdentitySessionCore", {
-  enumerable: true,
-  get: function () {
-    return _createIdentitySessionCore.createIdentitySessionCore;
-  }
-});
-var _IdentitySessionCore = require("./IdentitySessionCore");
-var _IdentityManager = require("./IdentityManager");
-var _SessionManager = require("./SessionManager");
-var _DeviceManager = require("./DeviceManager");
-var _RefreshManager = require("./RefreshManager");
-var _createIdentitySessionCore = require("./createIdentitySessionCore");
-var _types = require("./types");
-Object.keys(_types).forEach(function (key) {
-  if (key === "default" || key === "__esModule") return;
-  if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
-  if (key in exports && exports[key] === _types[key]) return;
-  Object.defineProperty(exports, key, {
-    enumerable: true,
-    get: function () {
-      return _types[key];
-    }
-  });
-});
-var _errors = require("./errors");
-Object.keys(_errors).forEach(function (key) {
-  if (key === "default" || key === "__esModule") return;
-  if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
-  if (key in exports && exports[key] === _errors[key]) return;
-  Object.defineProperty(exports, key, {
-    enumerable: true,
-    get: function () {
-      return _errors[key];
-    }
-  });
-});
-//# sourceMappingURL=index.js.map

package/lib/commonjs/core/identity-session/index.js.map

@@ -1 +0,0 @@
-{"version":3,"names":["_IdentitySessionCore","require","_IdentityManager","_SessionManager","_DeviceManager","_RefreshManager","_createIdentitySessionCore","_types","Object","keys","forEach","key","prototype","hasOwnProperty","call","_exportNames","exports","defineProperty","enumerable","get","_errors"],"sourceRoot":"../../../../src","sources":["core/identity-session/index.ts"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAMA,IAAAA,oBAAA,GAAAC,OAAA;AACA,IAAAC,gBAAA,GAAAD,OAAA;AACA,IAAAE,eAAA,GAAAF,OAAA;AACA,IAAAG,cAAA,GAAAH,OAAA;AACA,IAAAI,eAAA,GAAAJ,OAAA;AACA,IAAAK,0BAAA,GAAAL,OAAA;AACA,IAAAM,MAAA,GAAAN,OAAA;AAAAO,MAAA,CAAAC,IAAA,CAAAF,MAAA,EAAAG,OAAA,WAAAC,GAAA;EAAA,IAAAA,GAAA,kBAAAA,GAAA;EAAA,IAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAC,YAAA,EAAAJ,GAAA;EAAA,IAAAA,GAAA,IAAAK,OAAA,IAAAA,OAAA,CAAAL,GAAA,MAAAJ,MAAA,CAAAI,GAAA;EAAAH,MAAA,CAAAS,cAAA,CAAAD,OAAA,EAAAL,GAAA;IAAAO,UAAA;IAAAC,GAAA,WAAAA,CAAA;MAAA,OAAAZ,MAAA,CAAAI,GAAA;IAAA;EAAA;AAAA;AACA,IAAAS,OAAA,GAAAnB,OAAA;AAAAO,MAAA,CAAAC,IAAA,CAAAW,OAAA,EAAAV,OAAA,WAAAC,GAAA;EAAA,IAAAA,GAAA,kBAAAA,GAAA;EAAA,IAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAC,YAAA,EAAAJ,GAAA;EAAA,IAAAA,GAAA,IAAAK,OAAA,IAAAA,OAAA,CAAAL,GAAA,MAAAS,OAAA,CAAAT,GAAA;EAAAH,MAAA,CAAAS,cAAA,CAAAD,OAAA,EAAAL,GAAA;IAAAO,UAAA;IAAAC,GAAA,WAAAA,CAAA;MAAA,OAAAC,OAAA,CAAAT,GAAA;IAAA;EAAA;AAAA","ignoreList":[]}

package/lib/commonjs/core/identity-session/types.js

@@ -1,2 +0,0 @@
-"use strict";
-//# sourceMappingURL=types.js.map

package/lib/commonjs/core/identity-session/types.js.map

@@ -1 +0,0 @@
-{"version":3,"names":[],"sourceRoot":"../../../../src","sources":["core/identity-session/types.ts"],"mappings":"","ignoreList":[]}

package/lib/commonjs/crypto/README.md

@@ -1,142 +0,0 @@
-# Oxy Crypto Module
-
-This module provides cryptographic operations for the Oxy ecosystem, supporting both React Native and Node.js environments.
-
-## Architecture
-
-The crypto module is organized into several layers:
-
-### Core Layer (`core.ts`)
-Platform-agnostic cryptographic functions that work everywhere:
-- Signature verification using elliptic curve cryptography
-- Public/private key validation
-- Message formatting (auth, registration, requests)
-- Utility functions (shortenPublicKey, derivePublicKey, etc.)
-
-### Platform-Specific Implementations
-
-#### React Native (`signatureService.ts`, `keyManager.ts`)
-- **KeyManager**: Manages ECDSA key pairs with secure storage via Expo SecureStore
-  - ⚠️ **For Oxy Accounts app only** - Not intended for third-party apps
-  - Handles key generation, import, backup, and secure retrieval
-  - Private keys never leave the device
-
-- **SignatureService**: Provides async signing and verification
-  - Uses `expo-crypto` for hashing in React Native
-  - Falls back to Node.js crypto when available
-  - Suitable for both React Native and Node.js environments
-
-#### Node.js (`node/signatureService.ts`)
-- Optimized synchronous signature operations for backend
-- Uses Node's `crypto` module directly for better performance
-- Exports same API as React Native version for consistency
-
-## Usage
-
-### In React Native / Accounts App
-
-```typescript
-import { KeyManager, SignatureService } from '@oxyhq/services/crypto';
-
-// Create identity (Accounts app only)
-const publicKey = await KeyManager.createIdentity();
-
-// Sign a challenge
-const signature = await SignatureService.sign(message);
-
-// Verify a signature
-const isValid = await SignatureService.verify(message, signature, publicKey);
-```
-
-### In Node.js Backend
-
-```typescript
-import { SignatureService } from '@oxyhq/services/node';
-
-// Generate challenge
-const challenge = SignatureService.generateChallenge();
-
-// Verify signature (synchronous)
-const isValid = SignatureService.verifyChallengeResponse(
-  publicKey,
-  challenge,
-  signature,
-  timestamp
-);
-```
-
-### In Third-Party Apps (Services SDK)
-
-Third-party apps should **not** use KeyManager directly. Instead, use the authentication flows provided by the OxyServices class:
-
-```typescript
-import { OxyServices } from '@oxyhq/services';
-
-const oxy = new OxyServices({ baseURL: 'https://api.oxy.so' });
-
-// Request authentication (shows QR code / deep link)
-// User approves in Oxy Accounts app
-// Returns session when approved
-const session = await oxy.requestAuth({ appId: 'my-app' });
-```
-
-## Security Considerations
-
-### Message Formats
-All signed messages follow specific formats to prevent replay attacks:
-
-- **Authentication**: `auth:{publicKey}:{challenge}:{timestamp}`
-- **Registration**: `oxy:register:{publicKey}:{timestamp}`
-- **API Requests**: `request:{publicKey}:{timestamp}:{canonicalData}`
-
-Timestamps must be within 5 minutes to be valid.
-
-### Key Storage
-- Private keys are stored in device secure storage (iOS Keychain, Android Keystore)
-- Never transmitted or exposed outside the device
-- Only the Oxy Accounts app has access to private keys
-
-### Backup Encryption
-⚠️ **Current Implementation**: The backup encryption currently uses a custom XOR scheme with key stretching. This is functional but not optimal.
-
-📋 **Planned Improvement**: Migrate to standard AES-256-GCM encryption for better security and interoperability.
-
-## Separation of Concerns
-
-### Oxy Accounts App
-- Owns and manages the user's private key
-- Handles identity creation, backup, and recovery
-- Signs authentication challenges
-- Uses `KeyManager` and `SignatureService`
-
-### Services SDK / Third-Party Apps
-- Does NOT generate or store private keys
-- Displays QR codes and deep links for authentication
-- Polls server for authentication status
-- Uses `OxyServices` class for API communication
-
-### API Backend
-- Generates challenges
-- Verifies signatures using public keys
-- Manages sessions and user data
-- Uses `SignatureService` from `@oxyhq/services/node`
-
-## Migration from Old Signature Service
-
-The API previously had a duplicate `signature.service.ts` file. This has been replaced with a re-export from `@oxyhq/services/node` to ensure consistency and eliminate duplication.
-
-If you're maintaining code that imports from the old location, it will continue to work as the file now re-exports from the shared module.
-
-## Testing
-
-When making changes to crypto code:
-1. Test in both React Native and Node.js environments
-2. Verify signatures created in one environment can be verified in another
-3. Check that timestamps are properly validated
-4. Ensure message formats match exactly between client and server
-
-## Further Reading
-
-- [Public Key Authentication Guide](../docs/PUBLIC_KEY_AUTHENTICATION.md)
-- [ECDSA on secp256k1](https://en.bitcoin.it/wiki/Secp256k1)
-- [Expo SecureStore Documentation](https://docs.expo.dev/versions/latest/sdk/securestore/)

package/lib/commonjs/crypto/core.js

@@ -1,147 +0,0 @@
-"use strict";
-
-Object.defineProperty(exports, "__esModule", {
-  value: true
-});
-exports.MAX_SIGNATURE_AGE_MS = exports.CHALLENGE_TTL_MS = void 0;
-exports.buildAuthMessage = buildAuthMessage;
-exports.buildRegistrationMessage = buildRegistrationMessage;
-exports.buildRequestMessage = buildRequestMessage;
-exports.derivePublicKey = derivePublicKey;
-exports.getEllipticCurve = getEllipticCurve;
-exports.isTimestampFresh = isTimestampFresh;
-exports.isValidPrivateKey = isValidPrivateKey;
-exports.isValidPublicKey = isValidPublicKey;
-exports.shortenPublicKey = shortenPublicKey;
-exports.verifySignatureCore = verifySignatureCore;
-var _elliptic = require("elliptic");
-/**
- * Core Cryptographic Functions - Platform Agnostic
- * 
- * This module contains the core signature verification logic
- * that is shared between all platforms (React Native, Node.js, Web).
- * Platform-specific implementations (hashing, random generation) are injected.
- */
-
-const ec = new _elliptic.ec('secp256k1');
-
-// Constants for signature validation
-const CHALLENGE_TTL_MS = exports.CHALLENGE_TTL_MS = 5 * 60 * 1000; // 5 minutes
-const MAX_SIGNATURE_AGE_MS = exports.MAX_SIGNATURE_AGE_MS = 5 * 60 * 1000; // 5 minutes
-
-/**
- * Core signature verification using elliptic curve
- * This is platform-agnostic and works everywhere
- */
-function verifySignatureCore(messageHash, signature, publicKey) {
-  try {
-    const key = ec.keyFromPublic(publicKey, 'hex');
-    return key.verify(messageHash, signature);
-  } catch {
-    return false;
-  }
-}
-
-/**
- * Validate that a string is a valid public key
- */
-function isValidPublicKey(publicKey) {
-  // Reject empty strings
-  if (!publicKey || publicKey.trim().length === 0) {
-    return false;
-  }
-  try {
-    ec.keyFromPublic(publicKey, 'hex');
-    return true;
-  } catch {
-    return false;
-  }
-}
-
-/**
- * Validate that a string is a valid private key
- */
-function isValidPrivateKey(privateKey) {
-  // Reject empty strings
-  if (!privateKey || privateKey.trim().length === 0) {
-    return false;
-  }
-
-  // Private keys must be 64 hex characters (32 bytes)
-  if (!/^[0-9a-fA-F]{64}$/.test(privateKey)) {
-    return false;
-  }
-  try {
-    const keyPair = ec.keyFromPrivate(privateKey);
-    // Verify it can derive a public key and the key is valid
-    keyPair.getPublic('hex');
-    // Check that the private key is not zero (which would be invalid)
-    const priv = keyPair.getPrivate();
-    if (!priv || priv.isZero()) {
-      return false;
-    }
-    return true;
-  } catch {
-    return false;
-  }
-}
-
-/**
- * Get a shortened display version of a public key
- * Format: first 8 chars...last 8 chars
- */
-function shortenPublicKey(publicKey) {
-  if (publicKey.length <= 20) return publicKey;
-  return `${publicKey.slice(0, 8)}...${publicKey.slice(-8)}`;
-}
-
-/**
- * Derive public key from a private key (without storing)
- */
-function derivePublicKey(privateKey) {
-  const keyPair = ec.keyFromPrivate(privateKey);
-  return keyPair.getPublic('hex');
-}
-
-/**
- * Check timestamp freshness
- */
-function isTimestampFresh(timestamp, maxAgeMs = MAX_SIGNATURE_AGE_MS) {
-  const now = Date.now();
-  return now - timestamp <= maxAgeMs;
-}
-
-/**
- * Build authentication challenge message
- * Format: auth:{publicKey}:{challenge}:{timestamp}
- */
-function buildAuthMessage(publicKey, challenge, timestamp) {
-  return `auth:${publicKey}:${challenge}:${timestamp}`;
-}
-
-/**
- * Build registration message
- * Format: oxy:register:{publicKey}:{timestamp}
- */
-function buildRegistrationMessage(publicKey, timestamp) {
-  return `oxy:register:${publicKey}:${timestamp}`;
-}
-
-/**
- * Build request signature message
- * Format: request:{publicKey}:{timestamp}:{canonicalString}
- */
-function buildRequestMessage(publicKey, timestamp, data) {
-  const sortedKeys = Object.keys(data).sort();
-  const canonicalParts = sortedKeys.map(key => `${key}:${JSON.stringify(data[key])}`);
-  const canonicalString = canonicalParts.join('|');
-  return `request:${publicKey}:${timestamp}:${canonicalString}`;
-}
-
-/**
- * Get the elliptic curve instance (for key generation)
- */
-function getEllipticCurve() {
-  return ec;
-}
-//# sourceMappingURL=core.js.map

package/lib/commonjs/crypto/core.js.map

@@ -1 +0,0 @@
-{"version":3,"names":["_elliptic","require","ec","EC","CHALLENGE_TTL_MS","exports","MAX_SIGNATURE_AGE_MS","verifySignatureCore","messageHash","signature","publicKey","key","keyFromPublic","verify","isValidPublicKey","trim","length","isValidPrivateKey","privateKey","test","keyPair","keyFromPrivate","getPublic","priv","getPrivate","isZero","shortenPublicKey","slice","derivePublicKey","isTimestampFresh","timestamp","maxAgeMs","now","Date","buildAuthMessage","challenge","buildRegistrationMessage","buildRequestMessage","data","sortedKeys","Object","keys","sort","canonicalParts","map","JSON","stringify","canonicalString","join","getEllipticCurve"],"sourceRoot":"../../../src","sources":["crypto/core.ts"],"mappings":";;;;;;;;;;;;;;;;AAQA,IAAAA,SAAA,GAAAC,OAAA;AARA;AACA;AACA;AACA;AACA;AACA;AACA;;AAKA,MAAMC,EAAE,GAAG,IAAIC,YAAE,CAAC,WAAW,CAAC;;AAE9B;AACO,MAAMC,gBAAgB,GAAAC,OAAA,CAAAD,gBAAA,GAAG,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;AACxC,MAAME,oBAAoB,GAAAD,OAAA,CAAAC,oBAAA,GAAG,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;;AAEnD;AACA;AACA;AACA;AACO,SAASC,mBAAmBA,CACjCC,WAAmB,EACnBC,SAAiB,EACjBC,SAAiB,EACR;EACT,IAAI;IACF,MAAMC,GAAG,GAAGT,EAAE,CAACU,aAAa,CAACF,SAAS,EAAE,KAAK,CAAC;IAC9C,OAAOC,GAAG,CAACE,MAAM,CAACL,WAAW,EAAEC,SAAS,CAAC;EAC3C,CAAC,CAAC,MAAM;IACN,OAAO,KAAK;EACd;AACF;;AAEA;AACA;AACA;AACO,SAASK,gBAAgBA,CAACJ,SAAiB,EAAW;EAC3D;EACA,IAAI,CAACA,SAAS,IAAIA,SAAS,CAACK,IAAI,CAAC,CAAC,CAACC,MAAM,KAAK,CAAC,EAAE;IAC/C,OAAO,KAAK;EACd;EAEA,IAAI;IACFd,EAAE,CAACU,aAAa,CAACF,SAAS,EAAE,KAAK,CAAC;IAClC,OAAO,IAAI;EACb,CAAC,CAAC,MAAM;IACN,OAAO,KAAK;EACd;AACF;;AAEA;AACA;AACA;AACO,SAASO,iBAAiBA,CAACC,UAAkB,EAAW;EAC7D;EACA,IAAI,CAACA,UAAU,IAAIA,UAAU,CAACH,IAAI,CAAC,CAAC,CAACC,MAAM,KAAK,CAAC,EAAE;IACjD,OAAO,KAAK;EACd;;EAEA;EACA,IAAI,CAAC,mBAAmB,CAACG,IAAI,CAACD,UAAU,CAAC,EAAE;IACzC,OAAO,KAAK;EACd;EAEA,IAAI;IACF,MAAME,OAAO,GAAGlB,EAAE,CAACmB,cAAc,CAACH,UAAU,CAAC;IAC7C;IACAE,OAAO,CAACE,SAAS,CAAC,KAAK,CAAC;IACxB;IACA,MAAMC,IAAI,GAAGH,OAAO,CAACI,UAAU,CAAC,CAAC;IACjC,IAAI,CAACD,IAAI,IAAIA,IAAI,CAACE,MAAM,CAAC,CAAC,EAAE;MAC1B,OAAO,KAAK;IACd;IACA,OAAO,IAAI;EACb,CAAC,CAAC,MAAM;IACN,OAAO,KAAK;EACd;AACF;;AAEA;AACA;AACA;AACA;AACO,SAASC,gBAAgBA,CAAChB,SAAiB,EAAU;EAC1D,IAAIA,SAAS,CAACM,MAAM,IAAI,EAAE,EAAE,OAAON,SAAS;EAC5C,OAAO,GAAGA,SAAS,CAACiB,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,MAAMjB,SAAS,CAACiB,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE;AAC5D;;AAEA;AACA;AACA;AACO,SAASC,eAAeA,CAACV,UAAkB,EAAU;EAC1D,MAAME,OAAO,GAAGlB,EAAE,CAACmB,cAAc,CAACH,UAAU,CAAC;EAC7C,OAAOE,OAAO,CAACE,SAAS,CAAC,KAAK,CAAC;AACjC;;AAEA;AACA;AACA;AACO,SAASO,gBAAgBA,CAACC,SAAiB,EAAEC,QAAgB,GAAGzB,oBAAoB,EAAW;EACpG,MAAM0B,GAAG,GAAGC,IAAI,CAACD,GAAG,CAAC,CAAC;EACtB,OAAQA,GAAG,GAAGF,SAAS,IAAKC,QAAQ;AACtC;;AAEA;AACA;AACA;AACA;AACO,SAASG,gBAAgBA,CAACxB,SAAiB,EAAEyB,SAAiB,EAAEL,SAAiB,EAAU;EAChG,OAAO,QAAQpB,SAAS,IAAIyB,SAAS,IAAIL,SAAS,EAAE;AACtD;;AAEA;AACA;AACA;AACA;AACO,SAASM,wBAAwBA,CAAC1B,SAAiB,EAAEoB,SAAiB,EAAU;EACrF,OAAO,gBAAgBpB,SAAS,IAAIoB,SAAS,EAAE;AACjD;;AAEA;AACA;AACA;AACA;AACO,SAASO,mBAAmBA,CACjC3B,SAAiB,EACjBoB,SAAiB,EACjBQ,IAA6B,EACrB;EACR,MAAMC,UAAU,GAAGC,MAAM,CAACC,IAAI,CAACH,IAAI,CAAC,CAACI,IAAI,CAAC,CAAC;EAC3C,MAAMC,cAAc,GAAGJ,UAAU,CAACK,GAAG,CAACjC,GAAG,IAAI,GAAGA,GAAG,IAAIkC,IAAI,CAACC,SAAS,CAACR,IAAI,CAAC3B,GAAG,CAAC,CAAC,EAAE,CAAC;EACnF,MAAMoC,eAAe,GAAGJ,cAAc,CAACK,IAAI,CAAC,GAAG,CAAC;EAChD,OAAO,WAAWtC,SAAS,IAAIoB,SAAS,IAAIiB,eAAe,EAAE;AAC/D;;AAEA;AACA;AACA;AACO,SAASE,gBAAgBA,CAAA,EAAW;EACzC,OAAO/C,EAAE;AACX","ignoreList":[]}

package/lib/commonjs/node/signatureService.js

@@ -1,107 +0,0 @@
-"use strict";
-
-Object.defineProperty(exports, "__esModule", {
-  value: true
-});
-exports.default = exports.SignatureService = void 0;
-var _crypto = _interopRequireDefault(require("crypto"));
-var _core = require("../crypto/core");
-function _interopRequireDefault(e) { return e && e.__esModule ? e : { default: e }; }
-/**
- * Node.js Signature Service
- * 
- * Provides synchronous signature operations for Node.js backend.
- * Uses Node's crypto module for hashing and the shared core for verification.
- */
-
-class SignatureService {
-  /**
-   * Generate a random challenge string
-   */
-  static generateChallenge() {
-    return _crypto.default.randomBytes(32).toString('hex');
-  }
-
-  /**
-   * Compute SHA-256 hash of a message (synchronous)
-   */
-  static hashMessage(message) {
-    return _crypto.default.createHash('sha256').update(message).digest('hex');
-  }
-
-  /**
-   * Verify an ECDSA signature (synchronous)
-   * 
-   * @param message - The original message that was signed
-   * @param signature - The signature in DER format (hex encoded)
-   * @param publicKey - The public key (hex encoded, uncompressed)
-   * @returns true if the signature is valid
-   */
-  static verifySignature(message, signature, publicKey) {
-    const messageHash = SignatureService.hashMessage(message);
-    return (0, _core.verifySignatureCore)(messageHash, signature, publicKey);
-  }
-
-  /**
-   * Verify an authentication challenge response
-   * 
-   * @param publicKey - The user's public key
-   * @param challenge - The original challenge string
-   * @param signature - The signature of the auth message
-   * @param timestamp - The timestamp when the signature was created
-   * @returns true if the challenge response is valid
-   */
-  static verifyChallengeResponse(publicKey, challenge, signature, timestamp) {
-    // Check timestamp is not too old
-    if (!(0, _core.isTimestampFresh)(timestamp, _core.CHALLENGE_TTL_MS)) {
-      return false;
-    }
-
-    // Build the message and verify signature
-    const message = (0, _core.buildAuthMessage)(publicKey, challenge, timestamp);
-    return SignatureService.verifySignature(message, signature, publicKey);
-  }
-
-  /**
-   * Verify a registration signature
-   * Signature format: oxy:register:{publicKey}:{timestamp}
-   */
-  static verifyRegistrationSignature(publicKey, signature, timestamp) {
-    // Check timestamp freshness
-    if (!(0, _core.isTimestampFresh)(timestamp, _core.MAX_SIGNATURE_AGE_MS)) {
-      return false;
-    }
-    const message = (0, _core.buildRegistrationMessage)(publicKey, timestamp);
-    return SignatureService.verifySignature(message, signature, publicKey);
-  }
-
-  /**
-   * Verify a signed request
-   * Used for authenticated API operations
-   */
-  static verifyRequestSignature(publicKey, data, signature, timestamp) {
-    // Check timestamp freshness
-    if (!(0, _core.isTimestampFresh)(timestamp, _core.MAX_SIGNATURE_AGE_MS)) {
-      return false;
-    }
-    const message = (0, _core.buildRequestMessage)(publicKey, timestamp, data);
-    return SignatureService.verifySignature(message, signature, publicKey);
-  }
-
-  /**
-   * Validate that a string is a valid public key
-   */
-  static isValidPublicKey(publicKey) {
-    return (0, _core.isValidPublicKey)(publicKey);
-  }
-
-  /**
-   * Get a shortened display version of a public key
-   */
-  static shortenPublicKey(publicKey) {
-    return (0, _core.shortenPublicKey)(publicKey);
-  }
-}
-exports.SignatureService = SignatureService;
-var _default = exports.default = SignatureService;
-//# sourceMappingURL=signatureService.js.map

package/lib/commonjs/node/signatureService.js.map

@@ -1 +0,0 @@
-{"version":3,"names":["_crypto","_interopRequireDefault","require","_core","e","__esModule","default","SignatureService","generateChallenge","crypto","randomBytes","toString","hashMessage","message","createHash","update","digest","verifySignature","signature","publicKey","messageHash","verifySignatureCore","verifyChallengeResponse","challenge","timestamp","isTimestampFresh","CHALLENGE_TTL_MS","buildAuthMessage","verifyRegistrationSignature","MAX_SIGNATURE_AGE_MS","buildRegistrationMessage","verifyRequestSignature","data","buildRequestMessage","isValidPublicKey","shortenPublicKey","exports","_default"],"sourceRoot":"../../../src","sources":["node/signatureService.ts"],"mappings":";;;;;;AAOA,IAAAA,OAAA,GAAAC,sBAAA,CAAAC,OAAA;AACA,IAAAC,KAAA,GAAAD,OAAA;AAUwB,SAAAD,uBAAAG,CAAA,WAAAA,CAAA,IAAAA,CAAA,CAAAC,UAAA,GAAAD,CAAA,KAAAE,OAAA,EAAAF,CAAA;AAlBxB;AACA;AACA;AACA;AACA;AACA;;AAeO,MAAMG,gBAAgB,CAAC;EAC5B;AACF;AACA;EACE,OAAOC,iBAAiBA,CAAA,EAAW;IACjC,OAAOC,eAAM,CAACC,WAAW,CAAC,EAAE,CAAC,CAACC,QAAQ,CAAC,KAAK,CAAC;EAC/C;;EAEA;AACF;AACA;EACE,OAAOC,WAAWA,CAACC,OAAe,EAAU;IAC1C,OAAOJ,eAAM,CAACK,UAAU,CAAC,QAAQ,CAAC,CAACC,MAAM,CAACF,OAAO,CAAC,CAACG,MAAM,CAAC,KAAK,CAAC;EAClE;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;EACE,OAAOC,eAAeA,CAACJ,OAAe,EAAEK,SAAiB,EAAEC,SAAiB,EAAW;IACrF,MAAMC,WAAW,GAAGb,gBAAgB,CAACK,WAAW,CAACC,OAAO,CAAC;IACzD,OAAO,IAAAQ,yBAAmB,EAACD,WAAW,EAAEF,SAAS,EAAEC,SAAS,CAAC;EAC/D;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,OAAOG,uBAAuBA,CAC5BH,SAAiB,EACjBI,SAAiB,EACjBL,SAAiB,EACjBM,SAAiB,EACR;IACT;IACA,IAAI,CAAC,IAAAC,sBAAgB,EAACD,SAAS,EAAEE,sBAAgB,CAAC,EAAE;MAClD,OAAO,KAAK;IACd;;IAEA;IACA,MAAMb,OAAO,GAAG,IAAAc,sBAAgB,EAACR,SAAS,EAAEI,SAAS,EAAEC,SAAS,CAAC;IACjE,OAAOjB,gBAAgB,CAACU,eAAe,CAACJ,OAAO,EAAEK,SAAS,EAAEC,SAAS,CAAC;EACxE;;EAEA;AACF;AACA;AACA;EACE,OAAOS,2BAA2BA,CAChCT,SAAiB,EACjBD,SAAiB,EACjBM,SAAiB,EACR;IACT;IACA,IAAI,CAAC,IAAAC,sBAAgB,EAACD,SAAS,EAAEK,0BAAoB,CAAC,EAAE;MACtD,OAAO,KAAK;IACd;IAEA,MAAMhB,OAAO,GAAG,IAAAiB,8BAAwB,EAACX,SAAS,EAAEK,SAAS,CAAC;IAC9D,OAAOjB,gBAAgB,CAACU,eAAe,CAACJ,OAAO,EAAEK,SAAS,EAAEC,SAAS,CAAC;EACxE;;EAEA;AACF;AACA;AACA;EACE,OAAOY,sBAAsBA,CAC3BZ,SAAiB,EACjBa,IAA6B,EAC7Bd,SAAiB,EACjBM,SAAiB,EACR;IACT;IACA,IAAI,CAAC,IAAAC,sBAAgB,EAACD,SAAS,EAAEK,0BAAoB,CAAC,EAAE;MACtD,OAAO,KAAK;IACd;IAEA,MAAMhB,OAAO,GAAG,IAAAoB,yBAAmB,EAACd,SAAS,EAAEK,SAAS,EAAEQ,IAAI,CAAC;IAC/D,OAAOzB,gBAAgB,CAACU,eAAe,CAACJ,OAAO,EAAEK,SAAS,EAAEC,SAAS,CAAC;EACxE;;EAEA;AACF;AACA;EACE,OAAOe,gBAAgBA,CAACf,SAAiB,EAAW;IAClD,OAAO,IAAAe,sBAAgB,EAACf,SAAS,CAAC;EACpC;;EAEA;AACF;AACA;EACE,OAAOgB,gBAAgBA,CAAChB,SAAiB,EAAU;IACjD,OAAO,IAAAgB,sBAAgB,EAAChB,SAAS,CAAC;EACpC;AACF;AAACiB,OAAA,CAAA7B,gBAAA,GAAAA,gBAAA;AAAA,IAAA8B,QAAA,GAAAD,OAAA,CAAA9B,OAAA,GAEcC,gBAAgB","ignoreList":[]}

package/lib/commonjs/ui/hooks/auth/index.js

@@ -1,37 +0,0 @@
-"use strict";
-
-Object.defineProperty(exports, "__esModule", {
-  value: true
-});
-Object.defineProperty(exports, "USERNAME_DEBOUNCE_MS", {
-  enumerable: true,
-  get: function () {
-    return _useUsernameValidation.USERNAME_DEBOUNCE_MS;
-  }
-});
-Object.defineProperty(exports, "USERNAME_FORMAT_ERROR", {
-  enumerable: true,
-  get: function () {
-    return _useUsernameValidation.USERNAME_FORMAT_ERROR;
-  }
-});
-Object.defineProperty(exports, "USERNAME_MIN_LENGTH", {
-  enumerable: true,
-  get: function () {
-    return _useUsernameValidation.USERNAME_MIN_LENGTH;
-  }
-});
-Object.defineProperty(exports, "USERNAME_REGEX", {
-  enumerable: true,
-  get: function () {
-    return _useUsernameValidation.USERNAME_REGEX;
-  }
-});
-Object.defineProperty(exports, "useUsernameValidation", {
-  enumerable: true,
-  get: function () {
-    return _useUsernameValidation.useUsernameValidation;
-  }
-});
-var _useUsernameValidation = require("./useUsernameValidation");
-//# sourceMappingURL=index.js.map

package/lib/commonjs/ui/hooks/auth/index.js.map

@@ -1 +0,0 @@
-{"version":3,"names":["_useUsernameValidation","require"],"sourceRoot":"../../../../../src","sources":["ui/hooks/auth/index.ts"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAGA,IAAAA,sBAAA,GAAAC,OAAA","ignoreList":[]}