@pafi-dev/core 0.7.1 → 0.7.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (43) hide show
  1. package/dist/abi/index.cjs +1 -0
  2. package/dist/abi/index.cjs.map +1 -1
  3. package/dist/abi/index.js +1 -0
  4. package/dist/auth/index.cjs +5 -2
  5. package/dist/auth/index.cjs.map +1 -1
  6. package/dist/auth/index.d.cts +10 -1
  7. package/dist/auth/index.d.ts +10 -1
  8. package/dist/auth/index.js +4 -1
  9. package/dist/{chunk-RZDG6SRR.cjs → chunk-5254AG3Z.cjs} +36 -5
  10. package/dist/chunk-5254AG3Z.cjs.map +1 -0
  11. package/dist/{chunk-QGXJLLKF.js → chunk-6UX2IFA2.js} +34 -3
  12. package/dist/chunk-6UX2IFA2.js.map +1 -0
  13. package/dist/chunk-DGUM43GV.js +11 -0
  14. package/dist/chunk-DGUM43GV.js.map +1 -0
  15. package/dist/chunk-JEQ2X3Z6.cjs +11 -0
  16. package/dist/chunk-JEQ2X3Z6.cjs.map +1 -0
  17. package/dist/{chunk-3QDZFDEL.cjs → chunk-M5ULOZ3A.cjs} +3 -3
  18. package/dist/chunk-M5ULOZ3A.cjs.map +1 -0
  19. package/dist/{chunk-UOKI5GG6.js → chunk-WJSIB5GF.js} +2 -2
  20. package/dist/chunk-WJSIB5GF.js.map +1 -0
  21. package/dist/contract/index.cjs +1 -0
  22. package/dist/contract/index.cjs.map +1 -1
  23. package/dist/contract/index.d.cts +1 -1
  24. package/dist/contract/index.d.ts +1 -1
  25. package/dist/contract/index.js +1 -0
  26. package/dist/eip712/index.cjs +3 -2
  27. package/dist/eip712/index.cjs.map +1 -1
  28. package/dist/eip712/index.d.cts +10 -5
  29. package/dist/eip712/index.d.ts +10 -5
  30. package/dist/eip712/index.js +2 -1
  31. package/dist/index.cjs +56 -19
  32. package/dist/index.cjs.map +1 -1
  33. package/dist/index.d.cts +88 -18
  34. package/dist/index.d.ts +88 -18
  35. package/dist/index.js +43 -6
  36. package/dist/index.js.map +1 -1
  37. package/dist/{types-JyuXUM8C.d.cts → types-BAkmxgVo.d.cts} +10 -0
  38. package/dist/{types-JyuXUM8C.d.ts → types-BAkmxgVo.d.ts} +10 -0
  39. package/package.json +1 -1
  40. package/dist/chunk-3QDZFDEL.cjs.map +0 -1
  41. package/dist/chunk-QGXJLLKF.js.map +0 -1
  42. package/dist/chunk-RZDG6SRR.cjs.map +0 -1
  43. package/dist/chunk-UOKI5GG6.js.map +0 -1
@@ -10,6 +10,7 @@ var _chunkQ6WCDZXIcjs = require('../chunk-Q6WCDZXI.cjs');
10
10
 
11
11
 
12
12
  var _chunkLRHY7GORcjs = require('../chunk-LRHY7GOR.cjs');
13
+ require('../chunk-JEQ2X3Z6.cjs');
13
14
 
14
15
 
15
16
 
@@ -1 +1 @@
1
- {"version":3,"sources":["/Users/phitran/Pacific-Finance/pafi-backend/pafi-sdk/packages/core/dist/abi/index.cjs"],"names":[],"mappings":"AAAA;AACE;AACA;AACA;AACA;AACA;AACF,yDAA8B;AAC9B;AACE;AACA;AACA;AACF,yDAA8B;AAC9B;AACE;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACF,ydAAC","file":"/Users/phitran/Pacific-Finance/pafi-backend/pafi-sdk/packages/core/dist/abi/index.cjs"}
1
+ {"version":3,"sources":["/Users/phitran/Pacific-Finance/pafi-backend/pafi-sdk/packages/core/dist/abi/index.cjs"],"names":[],"mappings":"AAAA;AACE;AACA;AACA;AACA;AACA;AACF,yDAA8B;AAC9B;AACE;AACA;AACA;AACF,yDAA8B;AAC9B,iCAA8B;AAC9B;AACE;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACF,ydAAC","file":"/Users/phitran/Pacific-Finance/pafi-backend/pafi-sdk/packages/core/dist/abi/index.cjs"}
package/dist/abi/index.js CHANGED
@@ -10,6 +10,7 @@ import {
10
10
  mintingOracleAbi,
11
11
  pointTokenAbi
12
12
  } from "../chunk-5JZOJIBT.js";
13
+ import "../chunk-DGUM43GV.js";
13
14
  export {
14
15
  erc20Abi,
15
16
  issuerRegistryAbi,
@@ -10,8 +10,9 @@
10
10
 
11
11
 
12
12
 
13
- var _chunkRZDG6SRRcjs = require('../chunk-RZDG6SRR.cjs');
14
13
 
14
+ var _chunk5254AG3Zcjs = require('../chunk-5254AG3Z.cjs');
15
+ require('../chunk-JEQ2X3Z6.cjs');
15
16
 
16
17
 
17
18
 
@@ -23,5 +24,7 @@ var _chunkRZDG6SRRcjs = require('../chunk-RZDG6SRR.cjs');
23
24
 
24
25
 
25
26
 
26
- exports.SPONSOR_AUTH_DOMAIN_NAME = _chunkRZDG6SRRcjs.SPONSOR_AUTH_DOMAIN_NAME; exports.SPONSOR_AUTH_TYPES = _chunkRZDG6SRRcjs.SPONSOR_AUTH_TYPES; exports.buildAndSignSponsorAuth = _chunkRZDG6SRRcjs.buildAndSignSponsorAuth; exports.buildSponsorAuthDomain = _chunkRZDG6SRRcjs.buildSponsorAuthDomain; exports.buildSponsorAuthTypedData = _chunkRZDG6SRRcjs.buildSponsorAuthTypedData; exports.computeCallDataHash = _chunkRZDG6SRRcjs.computeCallDataHash; exports.createLoginMessage = _chunkRZDG6SRRcjs.createLoginMessage; exports.parseLoginMessage = _chunkRZDG6SRRcjs.parseLoginMessage; exports.signSponsorAuth = _chunkRZDG6SRRcjs.signSponsorAuth; exports.verifyLoginMessage = _chunkRZDG6SRRcjs.verifyLoginMessage; exports.verifySponsorAuth = _chunkRZDG6SRRcjs.verifySponsorAuth;
27
+
28
+
29
+ exports.SPONSOR_AUTH_DOMAIN_NAME = _chunk5254AG3Zcjs.SPONSOR_AUTH_DOMAIN_NAME; exports.SPONSOR_AUTH_TYPES = _chunk5254AG3Zcjs.SPONSOR_AUTH_TYPES; exports.buildAndSignSponsorAuth = _chunk5254AG3Zcjs.buildAndSignSponsorAuth; exports.buildSponsorAuthDomain = _chunk5254AG3Zcjs.buildSponsorAuthDomain; exports.buildSponsorAuthTypedData = _chunk5254AG3Zcjs.buildSponsorAuthTypedData; exports.computeCallDataHash = _chunk5254AG3Zcjs.computeCallDataHash; exports.createLoginMessage = _chunk5254AG3Zcjs.createLoginMessage; exports.generateSponsorAuthNonce = _chunk5254AG3Zcjs.generateSponsorAuthNonce; exports.parseLoginMessage = _chunk5254AG3Zcjs.parseLoginMessage; exports.signSponsorAuth = _chunk5254AG3Zcjs.signSponsorAuth; exports.verifyLoginMessage = _chunk5254AG3Zcjs.verifyLoginMessage; exports.verifySponsorAuth = _chunk5254AG3Zcjs.verifySponsorAuth;
27
30
  //# sourceMappingURL=index.cjs.map
@@ -1 +1 @@
1
- {"version":3,"sources":["/Users/phitran/Pacific-Finance/pafi-backend/pafi-sdk/packages/core/dist/auth/index.cjs"],"names":[],"mappings":"AAAA;AACE;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACF,yDAA8B;AAC9B;AACE;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACF,owBAAC","file":"/Users/phitran/Pacific-Finance/pafi-backend/pafi-sdk/packages/core/dist/auth/index.cjs"}
1
+ {"version":3,"sources":["/Users/phitran/Pacific-Finance/pafi-backend/pafi-sdk/packages/core/dist/auth/index.cjs"],"names":[],"mappings":"AAAA;AACE;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACF,yDAA8B;AAC9B,iCAA8B;AAC9B;AACE;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACF,m1BAAC","file":"/Users/phitran/Pacific-Finance/pafi-backend/pafi-sdk/packages/core/dist/auth/index.cjs"}
@@ -57,6 +57,15 @@ declare function parseLoginMessage(message: string): LoginMessageParams;
57
57
  */
58
58
  declare function verifyLoginMessage(message: string, signature: Hex): Promise<VerifyLoginResult>;
59
59
 
60
+ /**
61
+ * Generate a high-entropy nonce for SponsorAuth. v0.7.1 — replaced
62
+ * `Date.now() * 1_000_000 + Math.floor(Math.random() * 1_000_000)` with
63
+ * 64 bits from CSPRNG (`crypto.randomBytes` Node, `crypto.getRandomValues`
64
+ * browser). Birthday collisions go from ~1180 ops to >2^32 ops at the same
65
+ * timestamp — sponsor-relayer's single-use nonce gate stays clean even at
66
+ * scale. See SDK_CORE_TRADING_AUDIT.md H5.
67
+ */
68
+ declare function generateSponsorAuthNonce(): bigint;
60
69
  declare const SPONSOR_AUTH_DOMAIN_NAME = "PafiSponsorAuth";
61
70
  declare const SPONSOR_AUTH_TYPES: {
62
71
  readonly SponsorAuth: readonly [{
@@ -205,4 +214,4 @@ interface BuildSponsorAuthParams {
205
214
  declare function buildAndSignSponsorAuth(params: BuildSponsorAuthParams): Promise<BuiltSponsorAuth>;
206
215
  declare function verifySponsorAuth(payload: SponsorAuthPayload, signature: Hex, expectedSigner: Address): Promise<SponsorAuthVerifyResult>;
207
216
 
208
- export { type BuildSponsorAuthParams, type BuiltSponsorAuth, type LoginMessageParams, SPONSOR_AUTH_DOMAIN_NAME, SPONSOR_AUTH_TYPES, type SponsorAuthPayload, type SponsorAuthVerifyResult, type VerifyLoginResult, buildAndSignSponsorAuth, buildSponsorAuthDomain, buildSponsorAuthTypedData, computeCallDataHash, createLoginMessage, parseLoginMessage, signSponsorAuth, verifyLoginMessage, verifySponsorAuth };
217
+ export { type BuildSponsorAuthParams, type BuiltSponsorAuth, type LoginMessageParams, SPONSOR_AUTH_DOMAIN_NAME, SPONSOR_AUTH_TYPES, type SponsorAuthPayload, type SponsorAuthVerifyResult, type VerifyLoginResult, buildAndSignSponsorAuth, buildSponsorAuthDomain, buildSponsorAuthTypedData, computeCallDataHash, createLoginMessage, generateSponsorAuthNonce, parseLoginMessage, signSponsorAuth, verifyLoginMessage, verifySponsorAuth };
@@ -57,6 +57,15 @@ declare function parseLoginMessage(message: string): LoginMessageParams;
57
57
  */
58
58
  declare function verifyLoginMessage(message: string, signature: Hex): Promise<VerifyLoginResult>;
59
59
 
60
+ /**
61
+ * Generate a high-entropy nonce for SponsorAuth. v0.7.1 — replaced
62
+ * `Date.now() * 1_000_000 + Math.floor(Math.random() * 1_000_000)` with
63
+ * 64 bits from CSPRNG (`crypto.randomBytes` Node, `crypto.getRandomValues`
64
+ * browser). Birthday collisions go from ~1180 ops to >2^32 ops at the same
65
+ * timestamp — sponsor-relayer's single-use nonce gate stays clean even at
66
+ * scale. See SDK_CORE_TRADING_AUDIT.md H5.
67
+ */
68
+ declare function generateSponsorAuthNonce(): bigint;
60
69
  declare const SPONSOR_AUTH_DOMAIN_NAME = "PafiSponsorAuth";
61
70
  declare const SPONSOR_AUTH_TYPES: {
62
71
  readonly SponsorAuth: readonly [{
@@ -205,4 +214,4 @@ interface BuildSponsorAuthParams {
205
214
  declare function buildAndSignSponsorAuth(params: BuildSponsorAuthParams): Promise<BuiltSponsorAuth>;
206
215
  declare function verifySponsorAuth(payload: SponsorAuthPayload, signature: Hex, expectedSigner: Address): Promise<SponsorAuthVerifyResult>;
207
216
 
208
- export { type BuildSponsorAuthParams, type BuiltSponsorAuth, type LoginMessageParams, SPONSOR_AUTH_DOMAIN_NAME, SPONSOR_AUTH_TYPES, type SponsorAuthPayload, type SponsorAuthVerifyResult, type VerifyLoginResult, buildAndSignSponsorAuth, buildSponsorAuthDomain, buildSponsorAuthTypedData, computeCallDataHash, createLoginMessage, parseLoginMessage, signSponsorAuth, verifyLoginMessage, verifySponsorAuth };
217
+ export { type BuildSponsorAuthParams, type BuiltSponsorAuth, type LoginMessageParams, SPONSOR_AUTH_DOMAIN_NAME, SPONSOR_AUTH_TYPES, type SponsorAuthPayload, type SponsorAuthVerifyResult, type VerifyLoginResult, buildAndSignSponsorAuth, buildSponsorAuthDomain, buildSponsorAuthTypedData, computeCallDataHash, createLoginMessage, generateSponsorAuthNonce, parseLoginMessage, signSponsorAuth, verifyLoginMessage, verifySponsorAuth };
@@ -6,11 +6,13 @@ import {
6
6
  buildSponsorAuthTypedData,
7
7
  computeCallDataHash,
8
8
  createLoginMessage,
9
+ generateSponsorAuthNonce,
9
10
  parseLoginMessage,
10
11
  signSponsorAuth,
11
12
  verifyLoginMessage,
12
13
  verifySponsorAuth
13
- } from "../chunk-QGXJLLKF.js";
14
+ } from "../chunk-6UX2IFA2.js";
15
+ import "../chunk-DGUM43GV.js";
14
16
  export {
15
17
  SPONSOR_AUTH_DOMAIN_NAME,
16
18
  SPONSOR_AUTH_TYPES,
@@ -19,6 +21,7 @@ export {
19
21
  buildSponsorAuthTypedData,
20
22
  computeCallDataHash,
21
23
  createLoginMessage,
24
+ generateSponsorAuthNonce,
22
25
  parseLoginMessage,
23
26
  signSponsorAuth,
24
27
  verifyLoginMessage,
@@ -1,4 +1,8 @@
1
- "use strict";Object.defineProperty(exports, "__esModule", {value: true}); function _nullishCoalesce(lhs, rhsFn) { if (lhs != null) { return lhs; } else { return rhsFn(); } }// src/auth/loginMessage.ts
1
+ "use strict";Object.defineProperty(exports, "__esModule", {value: true}); function _nullishCoalesce(lhs, rhsFn) { if (lhs != null) { return lhs; } else { return rhsFn(); } } function _optionalChain(ops) { let lastAccessLHS = undefined; let value = ops[0]; let i = 1; while (i < ops.length) { const op = ops[i]; const fn = ops[i + 1]; i += 2; if ((op === 'optionalAccess' || op === 'optionalCall') && value == null) { return undefined; } if (op === 'access' || op === 'optionalAccess') { lastAccessLHS = value; value = fn(value); } else if (op === 'call' || op === 'optionalCall') { value = fn((...args) => value.call(lastAccessLHS, ...args)); lastAccessLHS = undefined; } } return value; }
2
+
3
+ var _chunkJEQ2X3Z6cjs = require('./chunk-JEQ2X3Z6.cjs');
4
+
5
+ // src/auth/loginMessage.ts
2
6
  var _viem = require('viem');
3
7
  var DEFAULT_VERSION = "1";
4
8
  var DEFAULT_STATEMENT = "Sign in with Ethereum to PAFI.";
@@ -157,6 +161,32 @@ function optionalDate(fields, key) {
157
161
 
158
162
  // src/auth/sponsorAuth.ts
159
163
 
164
+ function generateSponsorAuthNonce() {
165
+ const tsMs = BigInt(Date.now());
166
+ let randHigh;
167
+ let randLow;
168
+ const g = globalThis;
169
+ if (_optionalChain([g, 'access', _ => _.crypto, 'optionalAccess', _2 => _2.getRandomValues])) {
170
+ const buf = new Uint32Array(2);
171
+ g.crypto.getRandomValues(buf);
172
+ randHigh = buf[0];
173
+ randLow = buf[1];
174
+ } else {
175
+ const nodeCrypto = _chunkJEQ2X3Z6cjs.__require.call(void 0, "crypto");
176
+ const b = nodeCrypto.randomBytes(8);
177
+ randHigh = b.readUInt32BE(0);
178
+ randLow = b.readUInt32BE(4);
179
+ }
180
+ const rand = BigInt(randHigh) << 32n | BigInt(randLow);
181
+ return tsMs << 64n | rand;
182
+ }
183
+ function isValidHexSignature(sig) {
184
+ if (!sig.startsWith("0x")) return false;
185
+ const hex = sig.slice(2);
186
+ if (hex.length % 2 !== 0) return false;
187
+ if (hex.length < 130) return false;
188
+ return /^[0-9a-fA-F]+$/.test(hex);
189
+ }
160
190
  var SPONSOR_AUTH_DOMAIN_NAME = "PafiSponsorAuth";
161
191
  var SPONSOR_AUTH_TYPES = {
162
192
  SponsorAuth: [
@@ -211,7 +241,7 @@ async function signSponsorAuth(wallet, payload) {
211
241
  }
212
242
  async function buildAndSignSponsorAuth(params) {
213
243
  const expiresAt = Math.floor(Date.now() / 1e3) + (_nullishCoalesce(params.expiresInSeconds, () => ( 600)));
214
- const nonce = _nullishCoalesce(params.nonce, () => ( BigInt(Date.now()) * 1000000n + BigInt(Math.floor(Math.random() * 1e6))));
244
+ const nonce = _nullishCoalesce(params.nonce, () => ( generateSponsorAuthNonce()));
215
245
  const payload = {
216
246
  chainId: params.chainId,
217
247
  sender: params.userAddress,
@@ -238,7 +268,7 @@ async function verifySponsorAuth(payload, signature, expectedSigner) {
238
268
  if (payload.expiresAt < nowSec) {
239
269
  return { ok: false, reason: "EXPIRED" };
240
270
  }
241
- if (signature.length < 132) {
271
+ if (!isValidHexSignature(signature)) {
242
272
  return { ok: false, reason: "INVALID_SIGNATURE_FORMAT" };
243
273
  }
244
274
  let recovered;
@@ -272,5 +302,6 @@ async function verifySponsorAuth(payload, signature, expectedSigner) {
272
302
 
273
303
 
274
304
 
275
- exports.createLoginMessage = createLoginMessage; exports.parseLoginMessage = parseLoginMessage; exports.verifyLoginMessage = verifyLoginMessage; exports.SPONSOR_AUTH_DOMAIN_NAME = SPONSOR_AUTH_DOMAIN_NAME; exports.SPONSOR_AUTH_TYPES = SPONSOR_AUTH_TYPES; exports.buildSponsorAuthDomain = buildSponsorAuthDomain; exports.buildSponsorAuthTypedData = buildSponsorAuthTypedData; exports.computeCallDataHash = computeCallDataHash; exports.signSponsorAuth = signSponsorAuth; exports.buildAndSignSponsorAuth = buildAndSignSponsorAuth; exports.verifySponsorAuth = verifySponsorAuth;
276
- //# sourceMappingURL=chunk-RZDG6SRR.cjs.map
305
+
306
+ exports.createLoginMessage = createLoginMessage; exports.parseLoginMessage = parseLoginMessage; exports.verifyLoginMessage = verifyLoginMessage; exports.generateSponsorAuthNonce = generateSponsorAuthNonce; exports.SPONSOR_AUTH_DOMAIN_NAME = SPONSOR_AUTH_DOMAIN_NAME; exports.SPONSOR_AUTH_TYPES = SPONSOR_AUTH_TYPES; exports.buildSponsorAuthDomain = buildSponsorAuthDomain; exports.buildSponsorAuthTypedData = buildSponsorAuthTypedData; exports.computeCallDataHash = computeCallDataHash; exports.signSponsorAuth = signSponsorAuth; exports.buildAndSignSponsorAuth = buildAndSignSponsorAuth; exports.verifySponsorAuth = verifySponsorAuth;
307
+ //# sourceMappingURL=chunk-5254AG3Z.cjs.map
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["/Users/phitran/Pacific-Finance/pafi-backend/pafi-sdk/packages/core/dist/chunk-5254AG3Z.cjs","../src/auth/loginMessage.ts","../src/auth/sponsorAuth.ts"],"names":[],"mappings":"AAAA;AACE;AACF,wDAA6B;AAC7B;AACA;ACJA,4BAAiE;AAIjE,IAAM,gBAAA,EAAkB,GAAA;AACxB,IAAM,kBAAA,EAAoB,gCAAA;AASnB,SAAS,kBAAA,CAAmB,MAAA,EAAoC;AACrE,EAAA,MAAM;AAAA,IACJ,MAAA;AAAA,IACA,OAAA;AAAA,IACA,OAAA;AAAA,IACA,KAAA;AAAA,IACA,GAAA;AAAA,IACA,UAAA,EAAY,iBAAA;AAAA,IACZ,QAAA,EAAU,eAAA;AAAA,IACV,SAAA,kBAAW,IAAI,IAAA,CAAK,CAAA;AAAA,IACpB,cAAA;AAAA,IACA,SAAA;AAAA,IACA;AAAA,EACF,EAAA,EAAI,MAAA;AAEJ,EAAA,GAAA,CAAI,CAAC,MAAA,EAAQ,MAAM,IAAI,KAAA,CAAM,qCAAqC,CAAA;AAClE,EAAA,GAAA,CAAI,CAAC,KAAA,EAAO,MAAM,IAAI,KAAA,CAAM,oCAAoC,CAAA;AAChE,EAAA,GAAA,CAAI,CAAC,GAAA,EAAK,MAAM,IAAI,KAAA,CAAM,kCAAkC,CAAA;AAE5D,EAAA,MAAM,YAAA,EAAc,8BAAA,OAAkB,CAAA;AAEtC,EAAA,MAAM,MAAA,EAAkB,CAAC,CAAA;AACzB,EAAA,KAAA,CAAM,IAAA,CAAK,CAAA,EAAA;AACA,EAAA;AACA,EAAA;AACP,EAAA;AACI,IAAA;AACA,IAAA;AACR,EAAA;AACW,EAAA;AACA,EAAA;AACA,EAAA;AACA,EAAA;AACA,EAAA;AACP,EAAA;AACI,IAAA;AACR,EAAA;AACI,EAAA;AACI,IAAA;AACR,EAAA;AACI,EAAA;AACI,IAAA;AACR,EAAA;AAEO,EAAA;AACT;AAOgB;AACR,EAAA;AACI,EAAA;AACE,IAAA;AACZ,EAAA;AAEM,EAAA;AACA,EAAA;AACJ,IAAA;AACF,EAAA;AACK,EAAA;AACO,IAAA;AACZ,EAAA;AACM,EAAA;AAEA,EAAA;AACD,EAAA;AACO,IAAA;AACZ,EAAA;AACM,EAAA;AAGF,EAAA;AACM,EAAA;AACE,IAAA;AACZ,EAAA;AACA,EAAA;AAEI,EAAA;AAEA,EAAA;AACF,IAAA;AACA,IAAA;AACU,IAAA;AACF,MAAA;AACR,IAAA;AACA,IAAA;AACF,EAAA;AAEM,EAAA;AACC,EAAA;AACC,IAAA;AACF,IAAA;AACE,IAAA;AACF,IAAA;AACI,MAAA;AACR,IAAA;AACM,IAAA;AACA,IAAA;AACC,IAAA;AACT,EAAA;AAEY,EAAA;AACN,EAAA;AACA,EAAA;AACM,EAAA;AACA,IAAA;AACZ,EAAA;AACM,EAAA;AACA,EAAA;AACA,EAAA;AACA,EAAA;AACA,EAAA;AAEA,EAAA;AACJ,IAAA;AACA,IAAA;AACA,IAAA;AACA,IAAA;AACA,IAAA;AACA,IAAA;AACA,IAAA;AACF,EAAA;AACI,EAAA;AACA,EAAA;AACA,EAAA;AACA,EAAA;AACG,EAAA;AACT;AAQA;AAIQ,EAAA;AACA,EAAA;AACK,IAAA;AACT,IAAA;AACA,IAAA;AACD,EAAA;AACU,EAAA;AACA,IAAA;AACX,EAAA;AAEM,EAAA;AACG,EAAA;AACX;AAMM;AACJ,EAAA;AACA,EAAA;AACA,EAAA;AACA,EAAA;AACA,EAAA;AACA,EAAA;AACA,EAAA;AACA,EAAA;AACD;AAEQ;AACK,EAAA;AACA,EAAA;AACL,EAAA;AACT;AAES;AACD,EAAA;AACF,EAAA;AACQ,IAAA;AACZ,EAAA;AACO,EAAA;AACT;AAES;AAIK,EAAA;AACA,EAAA;AACD,EAAA;AACb;AD9Cc;AACA;AEjKL;AAWO;AAGR,EAAA;AAIF,EAAA;AACA,EAAA;AACM,EAAA;AAGJ,EAAA;AACE,IAAA;AACG,IAAA;AACT,IAAA;AACU,IAAA;AACL,EAAA;AAGC,IAAA;AAGI,IAAA;AACV,IAAA;AACU,IAAA;AACZ,EAAA;AAEM,EAAA;AAEE,EAAA;AACV;AASS;AACE,EAAA;AACG,EAAA;AAEJ,EAAA;AAGA,EAAA;AAED,EAAA;AACT;AAEa;AAEA;AACX,EAAA;AACU,IAAA;AACA,IAAA;AACA,IAAA;AACA,IAAA;AACA,IAAA;AACA,IAAA;AACA,IAAA;AACV,EAAA;AACF;AAkBgB;AACP,EAAA;AACC,IAAA;AACG,IAAA;AACT,IAAA;AACA,IAAA;AACF,EAAA;AACF;AAES;AACA,EAAA;AACI,IAAA;AACD,IAAA;AACR,IAAA;AACO,IAAA;AACP,IAAA;AACU,IAAA;AACA,IAAA;AACZ,EAAA;AACF;AAEgB;AACP,EAAA;AACG,IAAA;AACD,IAAA;AACP,IAAA;AACS,IAAA;AACX,EAAA;AACF;AAEgB;AACP,EAAA;AACT;AAEA;AAIU,EAAA;AAED,EAAA;AACI,IAAA;AACT,IAAA;AACA,IAAA;AACA,IAAA;AACA,IAAA;AACD,EAAA;AACH;AA4DA;AAGQ,EAAA;AAGA,EAAA;AAEA,EAAA;AACK,IAAA;AACD,IAAA;AACR,IAAA;AACA,IAAA;AACA,IAAA;AACU,IAAA;AACA,IAAA;AACZ,EAAA;AAEY,EAAA;AAEL,EAAA;AACL,IAAA;AACS,IAAA;AACD,IAAA;AACR,IAAA;AACO,IAAA;AACP,IAAA;AACU,IAAA;AACA,IAAA;AACZ,EAAA;AACF;AAEA;AAKQ,EAAA;AACM,EAAA;AACD,IAAA;AACX,EAAA;AASK,EAAA;AACM,IAAA;AACX,EAAA;AAEI,EAAA;AACA,EAAA;AACM,IAAA;AAER,IAAA;AACE,MAAA;AACA,MAAA;AACA,MAAA;AACA,MAAA;AACA,MAAA;AACD,IAAA;AACK,EAAA;AACG,IAAA;AACX,EAAA;AAEI,EAAA;AACO,IAAA;AACX,EAAA;AAES,EAAA;AACX;AFkBc;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA","file":"/Users/phitran/Pacific-Finance/pafi-backend/pafi-sdk/packages/core/dist/chunk-5254AG3Z.cjs","sourcesContent":[null,"import { getAddress, verifyMessage, recoverMessageAddress } from \"viem\";\nimport type { Address, Hex } from \"viem\";\nimport type { LoginMessageParams, VerifyLoginResult } from \"./types\";\n\nconst DEFAULT_VERSION = \"1\";\nconst DEFAULT_STATEMENT = \"Sign in with Ethereum to PAFI.\";\n\n/**\n * Build an EIP-4361 login message string.\n *\n * The output is a deterministic plain-text message that the wallet signs via\n * `personal_sign`. The same message can be parsed back with\n * {@link parseLoginMessage} and verified with {@link verifyLoginMessage}.\n */\nexport function createLoginMessage(params: LoginMessageParams): string {\n const {\n domain,\n address,\n chainId,\n nonce,\n uri,\n statement = DEFAULT_STATEMENT,\n version = DEFAULT_VERSION,\n issuedAt = new Date(),\n expirationTime,\n notBefore,\n requestId,\n } = params;\n\n if (!domain) throw new Error(\"createLoginMessage: domain required\");\n if (!nonce) throw new Error(\"createLoginMessage: nonce required\");\n if (!uri) throw new Error(\"createLoginMessage: uri required\");\n\n const checksummed = getAddress(address);\n\n const lines: string[] = [];\n lines.push(`${domain} wants you to sign in with your Ethereum account:`);\n lines.push(checksummed);\n lines.push(\"\");\n if (statement) {\n lines.push(statement);\n lines.push(\"\");\n }\n lines.push(`URI: ${uri}`);\n lines.push(`Version: ${version}`);\n lines.push(`Chain ID: ${chainId}`);\n lines.push(`Nonce: ${nonce}`);\n lines.push(`Issued At: ${issuedAt.toISOString()}`);\n if (expirationTime) {\n lines.push(`Expiration Time: ${expirationTime.toISOString()}`);\n }\n if (notBefore) {\n lines.push(`Not Before: ${notBefore.toISOString()}`);\n }\n if (requestId) {\n lines.push(`Request ID: ${requestId}`);\n }\n\n return lines.join(\"\\n\");\n}\n\n/**\n * Parse a login message string built by {@link createLoginMessage} back into\n * its structured fields. Throws if the message does not match the expected\n * EIP-4361 layout.\n */\nexport function parseLoginMessage(message: string): LoginMessageParams {\n const lines = message.split(\"\\n\");\n if (lines.length < 7) {\n throw new Error(\"parseLoginMessage: message too short\");\n }\n\n const headerLine = lines[0] ?? \"\";\n const headerMatch = headerLine.match(\n /^(?<domain>.+) wants you to sign in with your Ethereum account:$/,\n );\n if (!headerMatch || !headerMatch.groups) {\n throw new Error(\"parseLoginMessage: invalid header line\");\n }\n const domain = headerMatch.groups[\"domain\"]!;\n\n const addressLine = lines[1] ?? \"\";\n if (!/^0x[0-9a-fA-F]{40}$/.test(addressLine)) {\n throw new Error(\"parseLoginMessage: invalid address line\");\n }\n const address = getAddress(addressLine);\n\n // After address: blank line, optional statement + blank line, then key:value lines.\n let cursor = 2;\n if (lines[cursor] !== \"\") {\n throw new Error(\"parseLoginMessage: missing blank line after address\");\n }\n cursor++;\n\n let statement: string | undefined;\n // Statement is present if the next line is not a known key.\n if (cursor < lines.length && !looksLikeKeyValue(lines[cursor]!)) {\n statement = lines[cursor];\n cursor++;\n if (lines[cursor] !== \"\") {\n throw new Error(\"parseLoginMessage: missing blank line after statement\");\n }\n cursor++;\n }\n\n const fields = new Map<string, string>();\n for (; cursor < lines.length; cursor++) {\n const line = lines[cursor]!;\n if (line === \"\") continue;\n const idx = line.indexOf(\": \");\n if (idx === -1) {\n throw new Error(`parseLoginMessage: malformed field line: \"${line}\"`);\n }\n const key = line.slice(0, idx);\n const value = line.slice(idx + 2);\n fields.set(key, value);\n }\n\n const uri = requireField(fields, \"URI\");\n const version = requireField(fields, \"Version\");\n const chainId = Number(requireField(fields, \"Chain ID\"));\n if (!Number.isInteger(chainId)) {\n throw new Error(\"parseLoginMessage: Chain ID is not an integer\");\n }\n const nonce = requireField(fields, \"Nonce\");\n const issuedAt = new Date(requireField(fields, \"Issued At\"));\n const expirationTime = optionalDate(fields, \"Expiration Time\");\n const notBefore = optionalDate(fields, \"Not Before\");\n const requestId = fields.get(\"Request ID\");\n\n const result: LoginMessageParams = {\n domain,\n address,\n chainId,\n nonce,\n uri,\n version,\n issuedAt,\n };\n if (statement !== undefined) result.statement = statement;\n if (expirationTime !== undefined) result.expirationTime = expirationTime;\n if (notBefore !== undefined) result.notBefore = notBefore;\n if (requestId !== undefined) result.requestId = requestId;\n return result;\n}\n\n/**\n * Verify that a login message was signed by the address embedded in the\n * message. Returns `{ valid, address }` where `address` is the recovered\n * signer (checksummed). Does NOT check expiration / not-before / nonce\n * consumption — those are the AuthService's responsibility.\n */\nexport async function verifyLoginMessage(\n message: string,\n signature: Hex,\n): Promise<VerifyLoginResult> {\n const parsed = parseLoginMessage(message);\n const valid = await verifyMessage({\n address: parsed.address,\n message,\n signature,\n });\n if (valid) {\n return { valid: true, address: parsed.address };\n }\n // Recover anyway so callers can log the mismatch.\n const recovered = await recoverMessageAddress({ message, signature });\n return { valid: false, address: getAddress(recovered) as Address };\n}\n\n// -------------------------------------------------------------------------\n// helpers\n// -------------------------------------------------------------------------\n\nconst KNOWN_KEYS = new Set([\n \"URI\",\n \"Version\",\n \"Chain ID\",\n \"Nonce\",\n \"Issued At\",\n \"Expiration Time\",\n \"Not Before\",\n \"Request ID\",\n]);\n\nfunction looksLikeKeyValue(line: string): boolean {\n const idx = line.indexOf(\": \");\n if (idx === -1) return false;\n return KNOWN_KEYS.has(line.slice(0, idx));\n}\n\nfunction requireField(fields: Map<string, string>, key: string): string {\n const value = fields.get(key);\n if (value === undefined) {\n throw new Error(`parseLoginMessage: missing required field \"${key}\"`);\n }\n return value;\n}\n\nfunction optionalDate(\n fields: Map<string, string>,\n key: string,\n): Date | undefined {\n const raw = fields.get(key);\n if (raw === undefined) return undefined;\n return new Date(raw);\n}\n","import { keccak256, recoverTypedDataAddress } from \"viem\";\nimport type { Address, Hex, WalletClient } from \"viem\";\n\n/**\n * Generate a high-entropy nonce for SponsorAuth. v0.7.1 — replaced\n * `Date.now() * 1_000_000 + Math.floor(Math.random() * 1_000_000)` with\n * 64 bits from CSPRNG (`crypto.randomBytes` Node, `crypto.getRandomValues`\n * browser). Birthday collisions go from ~1180 ops to >2^32 ops at the same\n * timestamp — sponsor-relayer's single-use nonce gate stays clean even at\n * scale. See SDK_CORE_TRADING_AUDIT.md H5.\n */\nexport function generateSponsorAuthNonce(): bigint {\n // Per-spec timestamp prefix (high 64 bits, ms precision) so server-side\n // freshness checks can derive an approx age from the nonce alone.\n const tsMs = BigInt(Date.now());\n\n // 64 bits of CSPRNG entropy in the low half. Try Web Crypto first (browser\n // + modern Node), fall back to node:crypto.\n let randHigh: number;\n let randLow: number;\n const g = globalThis as unknown as {\n crypto?: { getRandomValues?: (a: Uint32Array) => Uint32Array };\n };\n if (g.crypto?.getRandomValues) {\n const buf = new Uint32Array(2);\n g.crypto.getRandomValues(buf);\n randHigh = buf[0]!;\n randLow = buf[1]!;\n } else {\n // Node fallback — require lazily so browser bundlers can tree-shake.\n // eslint-disable-next-line @typescript-eslint/no-require-imports\n const nodeCrypto = require(\"node:crypto\") as {\n randomBytes: (n: number) => Buffer;\n };\n const b = nodeCrypto.randomBytes(8);\n randHigh = b.readUInt32BE(0);\n randLow = b.readUInt32BE(4);\n }\n\n const rand =\n (BigInt(randHigh) << 32n) | BigInt(randLow);\n return (tsMs << 64n) | rand;\n}\n\n/**\n * Validate hex-encoded signature shape: starts with `0x`, even length\n * AFTER the prefix, and 65 bytes (`0x` + 130 hex) minimum. Allows\n * larger sizes for EIP-1271 contract signatures.\n *\n * v0.7.1 — added per SDK_CORE_TRADING_AUDIT.md H7.\n */\nfunction isValidHexSignature(sig: string): boolean {\n if (!sig.startsWith(\"0x\")) return false;\n const hex = sig.slice(2);\n // Must be even length (each byte = 2 hex chars).\n if (hex.length % 2 !== 0) return false;\n // ECDSA = 65 bytes = 130 hex chars. EIP-1271 may be longer; reject\n // shorter lengths.\n if (hex.length < 130) return false;\n // Hex regex (0–9, a–f, A–F).\n return /^[0-9a-fA-F]+$/.test(hex);\n}\n\nexport const SPONSOR_AUTH_DOMAIN_NAME = \"PafiSponsorAuth\";\n\nexport const SPONSOR_AUTH_TYPES = {\n SponsorAuth: [\n { name: \"chainId\", type: \"uint256\" },\n { name: \"sender\", type: \"address\" },\n { name: \"callDataHash\", type: \"bytes32\" },\n { name: \"nonce\", type: \"uint256\" },\n { name: \"expiresAt\", type: \"uint256\" },\n { name: \"scenario\", type: \"string\" },\n { name: \"issuerId\", type: \"string\" },\n ],\n} as const;\n\nexport interface SponsorAuthPayload {\n chainId: number;\n sender: Address;\n callDataHash: Hex;\n nonce: bigint;\n expiresAt: number;\n scenario: string;\n issuerId: string;\n}\n\nexport interface SponsorAuthVerifyResult {\n ok: boolean;\n recoveredAddress?: Address;\n reason?: \"EXPIRED\" | \"INVALID_SIGNER\" | \"INVALID_SIGNATURE_FORMAT\";\n}\n\nexport function buildSponsorAuthDomain(chainId: number) {\n return {\n name: SPONSOR_AUTH_DOMAIN_NAME,\n version: \"1\",\n chainId,\n verifyingContract: \"0x0000000000000000000000000000000000000000\" as Address,\n };\n}\n\nfunction buildMessage(payload: SponsorAuthPayload) {\n return {\n chainId: BigInt(payload.chainId),\n sender: payload.sender,\n callDataHash: payload.callDataHash,\n nonce: payload.nonce,\n expiresAt: BigInt(payload.expiresAt),\n scenario: payload.scenario,\n issuerId: payload.issuerId,\n };\n}\n\nexport function buildSponsorAuthTypedData(payload: SponsorAuthPayload) {\n return {\n domain: buildSponsorAuthDomain(payload.chainId),\n types: SPONSOR_AUTH_TYPES,\n primaryType: \"SponsorAuth\" as const,\n message: buildMessage(payload),\n };\n}\n\nexport function computeCallDataHash(callData: Hex): Hex {\n return keccak256(callData);\n}\n\nexport async function signSponsorAuth(\n wallet: WalletClient,\n payload: SponsorAuthPayload,\n): Promise<Hex> {\n const { domain, types, primaryType, message } =\n buildSponsorAuthTypedData(payload);\n return wallet.signTypedData({\n account: wallet.account!,\n domain,\n types,\n primaryType,\n message,\n });\n}\n\nexport interface BuiltSponsorAuth {\n sig: Hex;\n chainId: number;\n sender: Address;\n callDataHash: Hex;\n /** Decimal-string for JSON transport (bigint not safely serializable). */\n nonce: string;\n expiresAt: number;\n scenario: string;\n issuerId: string;\n}\n\nexport interface BuildSponsorAuthParams {\n /** User EOA the sponsorship is for. */\n userAddress: Address;\n /** UserOp `callData` to bind the auth to (hashed via keccak256). */\n callData: Hex;\n /** Chain id the UserOp will execute on. */\n chainId: number;\n /** Scenario tag for audit / rate-limiter (`mint` / `burn` / `swap` / etc.). */\n scenario: string;\n /** Issuer id (matches `pafi_issuers` row in PAFI's sponsor-relayer). */\n issuerId: string;\n /** Issuer signer wallet (HSM/KMS-backed in production). */\n issuerSignerWallet: WalletClient;\n /** Validity window in seconds. Default 600 (10 min). */\n expiresInSeconds?: number;\n /**\n * Optional explicit nonce. When omitted, defaults to a unique\n * `Date.now() * 1e6 + random` — matches the gg56 reference impl.\n * Override for test fixtures or when chaining replay-protection.\n */\n nonce?: bigint;\n}\n\n/**\n * Build, sign, and serialize a `SponsorAuth` payload in one call.\n * Replaces the ~30 LoC private `buildSponsorAuth` helper that every\n * issuer would otherwise reimplement on each sponsored endpoint.\n *\n * Output is JSON-safe (`nonce` as decimal string) and matches the\n * shape sponsor-relayer's `/paymaster/sponsor` accepts as the\n * `sponsorAuth` field.\n *\n * Issuer typically calls this from each sponsored controller route:\n *\n * ```ts\n * const sponsorAuth = await buildAndSignSponsorAuth({\n * userAddress: user.userAddress,\n * callData: userOp.callData,\n * chainId,\n * scenario: 'mint',\n * issuerId: this.config.get('PAFI_ISSUER_ID'),\n * issuerSignerWallet: this.issuerSignerWallet,\n * });\n * return { ...response, sponsorAuth };\n * ```\n */\nexport async function buildAndSignSponsorAuth(\n params: BuildSponsorAuthParams,\n): Promise<BuiltSponsorAuth> {\n const expiresAt =\n Math.floor(Date.now() / 1000) + (params.expiresInSeconds ?? 600);\n\n const nonce = params.nonce ?? generateSponsorAuthNonce();\n\n const payload: SponsorAuthPayload = {\n chainId: params.chainId,\n sender: params.userAddress,\n callDataHash: computeCallDataHash(params.callData),\n nonce,\n expiresAt,\n scenario: params.scenario,\n issuerId: params.issuerId,\n };\n\n const sig = await signSponsorAuth(params.issuerSignerWallet, payload);\n\n return {\n sig,\n chainId: payload.chainId,\n sender: payload.sender,\n callDataHash: payload.callDataHash,\n nonce: payload.nonce.toString(),\n expiresAt: payload.expiresAt,\n scenario: payload.scenario,\n issuerId: payload.issuerId,\n };\n}\n\nexport async function verifySponsorAuth(\n payload: SponsorAuthPayload,\n signature: Hex,\n expectedSigner: Address,\n): Promise<SponsorAuthVerifyResult> {\n const nowSec = Math.floor(Date.now() / 1000);\n if (payload.expiresAt < nowSec) {\n return { ok: false, reason: \"EXPIRED\" };\n }\n\n // v0.7.1 — strict hex format check before deferring to viem. Previous\n // length-only `< 132` accepted arbitrary 132+ char strings even when\n // not valid hex; recoverTypedDataAddress would throw and the catch\n // collapsed both cases to INVALID_SIGNATURE_FORMAT. Verify hex shape\n // up front + accept ECDSA (65 byte = 132 hex char) AND EIP-1271\n // (variable-length, must still be valid hex). See\n // SDK_CORE_TRADING_AUDIT.md H7.\n if (!isValidHexSignature(signature)) {\n return { ok: false, reason: \"INVALID_SIGNATURE_FORMAT\" };\n }\n\n let recovered: Address;\n try {\n const { domain, types, primaryType, message } =\n buildSponsorAuthTypedData(payload);\n recovered = await recoverTypedDataAddress({\n domain,\n types,\n primaryType,\n message,\n signature,\n });\n } catch {\n return { ok: false, reason: \"INVALID_SIGNATURE_FORMAT\" };\n }\n\n if (recovered.toLowerCase() !== expectedSigner.toLowerCase()) {\n return { ok: false, reason: \"INVALID_SIGNER\", recoveredAddress: recovered };\n }\n\n return { ok: true, recoveredAddress: recovered };\n}\n"]}
@@ -1,3 +1,7 @@
1
+ import {
2
+ __require
3
+ } from "./chunk-DGUM43GV.js";
4
+
1
5
  // src/auth/loginMessage.ts
2
6
  import { getAddress, verifyMessage, recoverMessageAddress } from "viem";
3
7
  var DEFAULT_VERSION = "1";
@@ -157,6 +161,32 @@ function optionalDate(fields, key) {
157
161
 
158
162
  // src/auth/sponsorAuth.ts
159
163
  import { keccak256, recoverTypedDataAddress } from "viem";
164
+ function generateSponsorAuthNonce() {
165
+ const tsMs = BigInt(Date.now());
166
+ let randHigh;
167
+ let randLow;
168
+ const g = globalThis;
169
+ if (g.crypto?.getRandomValues) {
170
+ const buf = new Uint32Array(2);
171
+ g.crypto.getRandomValues(buf);
172
+ randHigh = buf[0];
173
+ randLow = buf[1];
174
+ } else {
175
+ const nodeCrypto = __require("crypto");
176
+ const b = nodeCrypto.randomBytes(8);
177
+ randHigh = b.readUInt32BE(0);
178
+ randLow = b.readUInt32BE(4);
179
+ }
180
+ const rand = BigInt(randHigh) << 32n | BigInt(randLow);
181
+ return tsMs << 64n | rand;
182
+ }
183
+ function isValidHexSignature(sig) {
184
+ if (!sig.startsWith("0x")) return false;
185
+ const hex = sig.slice(2);
186
+ if (hex.length % 2 !== 0) return false;
187
+ if (hex.length < 130) return false;
188
+ return /^[0-9a-fA-F]+$/.test(hex);
189
+ }
160
190
  var SPONSOR_AUTH_DOMAIN_NAME = "PafiSponsorAuth";
161
191
  var SPONSOR_AUTH_TYPES = {
162
192
  SponsorAuth: [
@@ -211,7 +241,7 @@ async function signSponsorAuth(wallet, payload) {
211
241
  }
212
242
  async function buildAndSignSponsorAuth(params) {
213
243
  const expiresAt = Math.floor(Date.now() / 1e3) + (params.expiresInSeconds ?? 600);
214
- const nonce = params.nonce ?? BigInt(Date.now()) * 1000000n + BigInt(Math.floor(Math.random() * 1e6));
244
+ const nonce = params.nonce ?? generateSponsorAuthNonce();
215
245
  const payload = {
216
246
  chainId: params.chainId,
217
247
  sender: params.userAddress,
@@ -238,7 +268,7 @@ async function verifySponsorAuth(payload, signature, expectedSigner) {
238
268
  if (payload.expiresAt < nowSec) {
239
269
  return { ok: false, reason: "EXPIRED" };
240
270
  }
241
- if (signature.length < 132) {
271
+ if (!isValidHexSignature(signature)) {
242
272
  return { ok: false, reason: "INVALID_SIGNATURE_FORMAT" };
243
273
  }
244
274
  let recovered;
@@ -264,6 +294,7 @@ export {
264
294
  createLoginMessage,
265
295
  parseLoginMessage,
266
296
  verifyLoginMessage,
297
+ generateSponsorAuthNonce,
267
298
  SPONSOR_AUTH_DOMAIN_NAME,
268
299
  SPONSOR_AUTH_TYPES,
269
300
  buildSponsorAuthDomain,
@@ -273,4 +304,4 @@ export {
273
304
  buildAndSignSponsorAuth,
274
305
  verifySponsorAuth
275
306
  };
276
- //# sourceMappingURL=chunk-QGXJLLKF.js.map
307
+ //# sourceMappingURL=chunk-6UX2IFA2.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../src/auth/loginMessage.ts","../src/auth/sponsorAuth.ts"],"sourcesContent":["import { getAddress, verifyMessage, recoverMessageAddress } from \"viem\";\nimport type { Address, Hex } from \"viem\";\nimport type { LoginMessageParams, VerifyLoginResult } from \"./types\";\n\nconst DEFAULT_VERSION = \"1\";\nconst DEFAULT_STATEMENT = \"Sign in with Ethereum to PAFI.\";\n\n/**\n * Build an EIP-4361 login message string.\n *\n * The output is a deterministic plain-text message that the wallet signs via\n * `personal_sign`. The same message can be parsed back with\n * {@link parseLoginMessage} and verified with {@link verifyLoginMessage}.\n */\nexport function createLoginMessage(params: LoginMessageParams): string {\n const {\n domain,\n address,\n chainId,\n nonce,\n uri,\n statement = DEFAULT_STATEMENT,\n version = DEFAULT_VERSION,\n issuedAt = new Date(),\n expirationTime,\n notBefore,\n requestId,\n } = params;\n\n if (!domain) throw new Error(\"createLoginMessage: domain required\");\n if (!nonce) throw new Error(\"createLoginMessage: nonce required\");\n if (!uri) throw new Error(\"createLoginMessage: uri required\");\n\n const checksummed = getAddress(address);\n\n const lines: string[] = [];\n lines.push(`${domain} wants you to sign in with your Ethereum account:`);\n lines.push(checksummed);\n lines.push(\"\");\n if (statement) {\n lines.push(statement);\n lines.push(\"\");\n }\n lines.push(`URI: ${uri}`);\n lines.push(`Version: ${version}`);\n lines.push(`Chain ID: ${chainId}`);\n lines.push(`Nonce: ${nonce}`);\n lines.push(`Issued At: ${issuedAt.toISOString()}`);\n if (expirationTime) {\n lines.push(`Expiration Time: ${expirationTime.toISOString()}`);\n }\n if (notBefore) {\n lines.push(`Not Before: ${notBefore.toISOString()}`);\n }\n if (requestId) {\n lines.push(`Request ID: ${requestId}`);\n }\n\n return lines.join(\"\\n\");\n}\n\n/**\n * Parse a login message string built by {@link createLoginMessage} back into\n * its structured fields. Throws if the message does not match the expected\n * EIP-4361 layout.\n */\nexport function parseLoginMessage(message: string): LoginMessageParams {\n const lines = message.split(\"\\n\");\n if (lines.length < 7) {\n throw new Error(\"parseLoginMessage: message too short\");\n }\n\n const headerLine = lines[0] ?? \"\";\n const headerMatch = headerLine.match(\n /^(?<domain>.+) wants you to sign in with your Ethereum account:$/,\n );\n if (!headerMatch || !headerMatch.groups) {\n throw new Error(\"parseLoginMessage: invalid header line\");\n }\n const domain = headerMatch.groups[\"domain\"]!;\n\n const addressLine = lines[1] ?? \"\";\n if (!/^0x[0-9a-fA-F]{40}$/.test(addressLine)) {\n throw new Error(\"parseLoginMessage: invalid address line\");\n }\n const address = getAddress(addressLine);\n\n // After address: blank line, optional statement + blank line, then key:value lines.\n let cursor = 2;\n if (lines[cursor] !== \"\") {\n throw new Error(\"parseLoginMessage: missing blank line after address\");\n }\n cursor++;\n\n let statement: string | undefined;\n // Statement is present if the next line is not a known key.\n if (cursor < lines.length && !looksLikeKeyValue(lines[cursor]!)) {\n statement = lines[cursor];\n cursor++;\n if (lines[cursor] !== \"\") {\n throw new Error(\"parseLoginMessage: missing blank line after statement\");\n }\n cursor++;\n }\n\n const fields = new Map<string, string>();\n for (; cursor < lines.length; cursor++) {\n const line = lines[cursor]!;\n if (line === \"\") continue;\n const idx = line.indexOf(\": \");\n if (idx === -1) {\n throw new Error(`parseLoginMessage: malformed field line: \"${line}\"`);\n }\n const key = line.slice(0, idx);\n const value = line.slice(idx + 2);\n fields.set(key, value);\n }\n\n const uri = requireField(fields, \"URI\");\n const version = requireField(fields, \"Version\");\n const chainId = Number(requireField(fields, \"Chain ID\"));\n if (!Number.isInteger(chainId)) {\n throw new Error(\"parseLoginMessage: Chain ID is not an integer\");\n }\n const nonce = requireField(fields, \"Nonce\");\n const issuedAt = new Date(requireField(fields, \"Issued At\"));\n const expirationTime = optionalDate(fields, \"Expiration Time\");\n const notBefore = optionalDate(fields, \"Not Before\");\n const requestId = fields.get(\"Request ID\");\n\n const result: LoginMessageParams = {\n domain,\n address,\n chainId,\n nonce,\n uri,\n version,\n issuedAt,\n };\n if (statement !== undefined) result.statement = statement;\n if (expirationTime !== undefined) result.expirationTime = expirationTime;\n if (notBefore !== undefined) result.notBefore = notBefore;\n if (requestId !== undefined) result.requestId = requestId;\n return result;\n}\n\n/**\n * Verify that a login message was signed by the address embedded in the\n * message. Returns `{ valid, address }` where `address` is the recovered\n * signer (checksummed). Does NOT check expiration / not-before / nonce\n * consumption — those are the AuthService's responsibility.\n */\nexport async function verifyLoginMessage(\n message: string,\n signature: Hex,\n): Promise<VerifyLoginResult> {\n const parsed = parseLoginMessage(message);\n const valid = await verifyMessage({\n address: parsed.address,\n message,\n signature,\n });\n if (valid) {\n return { valid: true, address: parsed.address };\n }\n // Recover anyway so callers can log the mismatch.\n const recovered = await recoverMessageAddress({ message, signature });\n return { valid: false, address: getAddress(recovered) as Address };\n}\n\n// -------------------------------------------------------------------------\n// helpers\n// -------------------------------------------------------------------------\n\nconst KNOWN_KEYS = new Set([\n \"URI\",\n \"Version\",\n \"Chain ID\",\n \"Nonce\",\n \"Issued At\",\n \"Expiration Time\",\n \"Not Before\",\n \"Request ID\",\n]);\n\nfunction looksLikeKeyValue(line: string): boolean {\n const idx = line.indexOf(\": \");\n if (idx === -1) return false;\n return KNOWN_KEYS.has(line.slice(0, idx));\n}\n\nfunction requireField(fields: Map<string, string>, key: string): string {\n const value = fields.get(key);\n if (value === undefined) {\n throw new Error(`parseLoginMessage: missing required field \"${key}\"`);\n }\n return value;\n}\n\nfunction optionalDate(\n fields: Map<string, string>,\n key: string,\n): Date | undefined {\n const raw = fields.get(key);\n if (raw === undefined) return undefined;\n return new Date(raw);\n}\n","import { keccak256, recoverTypedDataAddress } from \"viem\";\nimport type { Address, Hex, WalletClient } from \"viem\";\n\n/**\n * Generate a high-entropy nonce for SponsorAuth. v0.7.1 — replaced\n * `Date.now() * 1_000_000 + Math.floor(Math.random() * 1_000_000)` with\n * 64 bits from CSPRNG (`crypto.randomBytes` Node, `crypto.getRandomValues`\n * browser). Birthday collisions go from ~1180 ops to >2^32 ops at the same\n * timestamp — sponsor-relayer's single-use nonce gate stays clean even at\n * scale. See SDK_CORE_TRADING_AUDIT.md H5.\n */\nexport function generateSponsorAuthNonce(): bigint {\n // Per-spec timestamp prefix (high 64 bits, ms precision) so server-side\n // freshness checks can derive an approx age from the nonce alone.\n const tsMs = BigInt(Date.now());\n\n // 64 bits of CSPRNG entropy in the low half. Try Web Crypto first (browser\n // + modern Node), fall back to node:crypto.\n let randHigh: number;\n let randLow: number;\n const g = globalThis as unknown as {\n crypto?: { getRandomValues?: (a: Uint32Array) => Uint32Array };\n };\n if (g.crypto?.getRandomValues) {\n const buf = new Uint32Array(2);\n g.crypto.getRandomValues(buf);\n randHigh = buf[0]!;\n randLow = buf[1]!;\n } else {\n // Node fallback — require lazily so browser bundlers can tree-shake.\n // eslint-disable-next-line @typescript-eslint/no-require-imports\n const nodeCrypto = require(\"node:crypto\") as {\n randomBytes: (n: number) => Buffer;\n };\n const b = nodeCrypto.randomBytes(8);\n randHigh = b.readUInt32BE(0);\n randLow = b.readUInt32BE(4);\n }\n\n const rand =\n (BigInt(randHigh) << 32n) | BigInt(randLow);\n return (tsMs << 64n) | rand;\n}\n\n/**\n * Validate hex-encoded signature shape: starts with `0x`, even length\n * AFTER the prefix, and 65 bytes (`0x` + 130 hex) minimum. Allows\n * larger sizes for EIP-1271 contract signatures.\n *\n * v0.7.1 — added per SDK_CORE_TRADING_AUDIT.md H7.\n */\nfunction isValidHexSignature(sig: string): boolean {\n if (!sig.startsWith(\"0x\")) return false;\n const hex = sig.slice(2);\n // Must be even length (each byte = 2 hex chars).\n if (hex.length % 2 !== 0) return false;\n // ECDSA = 65 bytes = 130 hex chars. EIP-1271 may be longer; reject\n // shorter lengths.\n if (hex.length < 130) return false;\n // Hex regex (0–9, a–f, A–F).\n return /^[0-9a-fA-F]+$/.test(hex);\n}\n\nexport const SPONSOR_AUTH_DOMAIN_NAME = \"PafiSponsorAuth\";\n\nexport const SPONSOR_AUTH_TYPES = {\n SponsorAuth: [\n { name: \"chainId\", type: \"uint256\" },\n { name: \"sender\", type: \"address\" },\n { name: \"callDataHash\", type: \"bytes32\" },\n { name: \"nonce\", type: \"uint256\" },\n { name: \"expiresAt\", type: \"uint256\" },\n { name: \"scenario\", type: \"string\" },\n { name: \"issuerId\", type: \"string\" },\n ],\n} as const;\n\nexport interface SponsorAuthPayload {\n chainId: number;\n sender: Address;\n callDataHash: Hex;\n nonce: bigint;\n expiresAt: number;\n scenario: string;\n issuerId: string;\n}\n\nexport interface SponsorAuthVerifyResult {\n ok: boolean;\n recoveredAddress?: Address;\n reason?: \"EXPIRED\" | \"INVALID_SIGNER\" | \"INVALID_SIGNATURE_FORMAT\";\n}\n\nexport function buildSponsorAuthDomain(chainId: number) {\n return {\n name: SPONSOR_AUTH_DOMAIN_NAME,\n version: \"1\",\n chainId,\n verifyingContract: \"0x0000000000000000000000000000000000000000\" as Address,\n };\n}\n\nfunction buildMessage(payload: SponsorAuthPayload) {\n return {\n chainId: BigInt(payload.chainId),\n sender: payload.sender,\n callDataHash: payload.callDataHash,\n nonce: payload.nonce,\n expiresAt: BigInt(payload.expiresAt),\n scenario: payload.scenario,\n issuerId: payload.issuerId,\n };\n}\n\nexport function buildSponsorAuthTypedData(payload: SponsorAuthPayload) {\n return {\n domain: buildSponsorAuthDomain(payload.chainId),\n types: SPONSOR_AUTH_TYPES,\n primaryType: \"SponsorAuth\" as const,\n message: buildMessage(payload),\n };\n}\n\nexport function computeCallDataHash(callData: Hex): Hex {\n return keccak256(callData);\n}\n\nexport async function signSponsorAuth(\n wallet: WalletClient,\n payload: SponsorAuthPayload,\n): Promise<Hex> {\n const { domain, types, primaryType, message } =\n buildSponsorAuthTypedData(payload);\n return wallet.signTypedData({\n account: wallet.account!,\n domain,\n types,\n primaryType,\n message,\n });\n}\n\nexport interface BuiltSponsorAuth {\n sig: Hex;\n chainId: number;\n sender: Address;\n callDataHash: Hex;\n /** Decimal-string for JSON transport (bigint not safely serializable). */\n nonce: string;\n expiresAt: number;\n scenario: string;\n issuerId: string;\n}\n\nexport interface BuildSponsorAuthParams {\n /** User EOA the sponsorship is for. */\n userAddress: Address;\n /** UserOp `callData` to bind the auth to (hashed via keccak256). */\n callData: Hex;\n /** Chain id the UserOp will execute on. */\n chainId: number;\n /** Scenario tag for audit / rate-limiter (`mint` / `burn` / `swap` / etc.). */\n scenario: string;\n /** Issuer id (matches `pafi_issuers` row in PAFI's sponsor-relayer). */\n issuerId: string;\n /** Issuer signer wallet (HSM/KMS-backed in production). */\n issuerSignerWallet: WalletClient;\n /** Validity window in seconds. Default 600 (10 min). */\n expiresInSeconds?: number;\n /**\n * Optional explicit nonce. When omitted, defaults to a unique\n * `Date.now() * 1e6 + random` — matches the gg56 reference impl.\n * Override for test fixtures or when chaining replay-protection.\n */\n nonce?: bigint;\n}\n\n/**\n * Build, sign, and serialize a `SponsorAuth` payload in one call.\n * Replaces the ~30 LoC private `buildSponsorAuth` helper that every\n * issuer would otherwise reimplement on each sponsored endpoint.\n *\n * Output is JSON-safe (`nonce` as decimal string) and matches the\n * shape sponsor-relayer's `/paymaster/sponsor` accepts as the\n * `sponsorAuth` field.\n *\n * Issuer typically calls this from each sponsored controller route:\n *\n * ```ts\n * const sponsorAuth = await buildAndSignSponsorAuth({\n * userAddress: user.userAddress,\n * callData: userOp.callData,\n * chainId,\n * scenario: 'mint',\n * issuerId: this.config.get('PAFI_ISSUER_ID'),\n * issuerSignerWallet: this.issuerSignerWallet,\n * });\n * return { ...response, sponsorAuth };\n * ```\n */\nexport async function buildAndSignSponsorAuth(\n params: BuildSponsorAuthParams,\n): Promise<BuiltSponsorAuth> {\n const expiresAt =\n Math.floor(Date.now() / 1000) + (params.expiresInSeconds ?? 600);\n\n const nonce = params.nonce ?? generateSponsorAuthNonce();\n\n const payload: SponsorAuthPayload = {\n chainId: params.chainId,\n sender: params.userAddress,\n callDataHash: computeCallDataHash(params.callData),\n nonce,\n expiresAt,\n scenario: params.scenario,\n issuerId: params.issuerId,\n };\n\n const sig = await signSponsorAuth(params.issuerSignerWallet, payload);\n\n return {\n sig,\n chainId: payload.chainId,\n sender: payload.sender,\n callDataHash: payload.callDataHash,\n nonce: payload.nonce.toString(),\n expiresAt: payload.expiresAt,\n scenario: payload.scenario,\n issuerId: payload.issuerId,\n };\n}\n\nexport async function verifySponsorAuth(\n payload: SponsorAuthPayload,\n signature: Hex,\n expectedSigner: Address,\n): Promise<SponsorAuthVerifyResult> {\n const nowSec = Math.floor(Date.now() / 1000);\n if (payload.expiresAt < nowSec) {\n return { ok: false, reason: \"EXPIRED\" };\n }\n\n // v0.7.1 — strict hex format check before deferring to viem. Previous\n // length-only `< 132` accepted arbitrary 132+ char strings even when\n // not valid hex; recoverTypedDataAddress would throw and the catch\n // collapsed both cases to INVALID_SIGNATURE_FORMAT. Verify hex shape\n // up front + accept ECDSA (65 byte = 132 hex char) AND EIP-1271\n // (variable-length, must still be valid hex). See\n // SDK_CORE_TRADING_AUDIT.md H7.\n if (!isValidHexSignature(signature)) {\n return { ok: false, reason: \"INVALID_SIGNATURE_FORMAT\" };\n }\n\n let recovered: Address;\n try {\n const { domain, types, primaryType, message } =\n buildSponsorAuthTypedData(payload);\n recovered = await recoverTypedDataAddress({\n domain,\n types,\n primaryType,\n message,\n signature,\n });\n } catch {\n return { ok: false, reason: \"INVALID_SIGNATURE_FORMAT\" };\n }\n\n if (recovered.toLowerCase() !== expectedSigner.toLowerCase()) {\n return { ok: false, reason: \"INVALID_SIGNER\", recoveredAddress: recovered };\n }\n\n return { ok: true, recoveredAddress: recovered };\n}\n"],"mappings":";;;;;AAAA,SAAS,YAAY,eAAe,6BAA6B;AAIjE,IAAM,kBAAkB;AACxB,IAAM,oBAAoB;AASnB,SAAS,mBAAmB,QAAoC;AACrE,QAAM;AAAA,IACJ;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA,YAAY;AAAA,IACZ,UAAU;AAAA,IACV,WAAW,oBAAI,KAAK;AAAA,IACpB;AAAA,IACA;AAAA,IACA;AAAA,EACF,IAAI;AAEJ,MAAI,CAAC,OAAQ,OAAM,IAAI,MAAM,qCAAqC;AAClE,MAAI,CAAC,MAAO,OAAM,IAAI,MAAM,oCAAoC;AAChE,MAAI,CAAC,IAAK,OAAM,IAAI,MAAM,kCAAkC;AAE5D,QAAM,cAAc,WAAW,OAAO;AAEtC,QAAM,QAAkB,CAAC;AACzB,QAAM,KAAK,GAAG,MAAM,mDAAmD;AACvE,QAAM,KAAK,WAAW;AACtB,QAAM,KAAK,EAAE;AACb,MAAI,WAAW;AACb,UAAM,KAAK,SAAS;AACpB,UAAM,KAAK,EAAE;AAAA,EACf;AACA,QAAM,KAAK,QAAQ,GAAG,EAAE;AACxB,QAAM,KAAK,YAAY,OAAO,EAAE;AAChC,QAAM,KAAK,aAAa,OAAO,EAAE;AACjC,QAAM,KAAK,UAAU,KAAK,EAAE;AAC5B,QAAM,KAAK,cAAc,SAAS,YAAY,CAAC,EAAE;AACjD,MAAI,gBAAgB;AAClB,UAAM,KAAK,oBAAoB,eAAe,YAAY,CAAC,EAAE;AAAA,EAC/D;AACA,MAAI,WAAW;AACb,UAAM,KAAK,eAAe,UAAU,YAAY,CAAC,EAAE;AAAA,EACrD;AACA,MAAI,WAAW;AACb,UAAM,KAAK,eAAe,SAAS,EAAE;AAAA,EACvC;AAEA,SAAO,MAAM,KAAK,IAAI;AACxB;AAOO,SAAS,kBAAkB,SAAqC;AACrE,QAAM,QAAQ,QAAQ,MAAM,IAAI;AAChC,MAAI,MAAM,SAAS,GAAG;AACpB,UAAM,IAAI,MAAM,sCAAsC;AAAA,EACxD;AAEA,QAAM,aAAa,MAAM,CAAC,KAAK;AAC/B,QAAM,cAAc,WAAW;AAAA,IAC7B;AAAA,EACF;AACA,MAAI,CAAC,eAAe,CAAC,YAAY,QAAQ;AACvC,UAAM,IAAI,MAAM,wCAAwC;AAAA,EAC1D;AACA,QAAM,SAAS,YAAY,OAAO,QAAQ;AAE1C,QAAM,cAAc,MAAM,CAAC,KAAK;AAChC,MAAI,CAAC,sBAAsB,KAAK,WAAW,GAAG;AAC5C,UAAM,IAAI,MAAM,yCAAyC;AAAA,EAC3D;AACA,QAAM,UAAU,WAAW,WAAW;AAGtC,MAAI,SAAS;AACb,MAAI,MAAM,MAAM,MAAM,IAAI;AACxB,UAAM,IAAI,MAAM,qDAAqD;AAAA,EACvE;AACA;AAEA,MAAI;AAEJ,MAAI,SAAS,MAAM,UAAU,CAAC,kBAAkB,MAAM,MAAM,CAAE,GAAG;AAC/D,gBAAY,MAAM,MAAM;AACxB;AACA,QAAI,MAAM,MAAM,MAAM,IAAI;AACxB,YAAM,IAAI,MAAM,uDAAuD;AAAA,IACzE;AACA;AAAA,EACF;AAEA,QAAM,SAAS,oBAAI,IAAoB;AACvC,SAAO,SAAS,MAAM,QAAQ,UAAU;AACtC,UAAM,OAAO,MAAM,MAAM;AACzB,QAAI,SAAS,GAAI;AACjB,UAAM,MAAM,KAAK,QAAQ,IAAI;AAC7B,QAAI,QAAQ,IAAI;AACd,YAAM,IAAI,MAAM,6CAA6C,IAAI,GAAG;AAAA,IACtE;AACA,UAAM,MAAM,KAAK,MAAM,GAAG,GAAG;AAC7B,UAAM,QAAQ,KAAK,MAAM,MAAM,CAAC;AAChC,WAAO,IAAI,KAAK,KAAK;AAAA,EACvB;AAEA,QAAM,MAAM,aAAa,QAAQ,KAAK;AACtC,QAAM,UAAU,aAAa,QAAQ,SAAS;AAC9C,QAAM,UAAU,OAAO,aAAa,QAAQ,UAAU,CAAC;AACvD,MAAI,CAAC,OAAO,UAAU,OAAO,GAAG;AAC9B,UAAM,IAAI,MAAM,+CAA+C;AAAA,EACjE;AACA,QAAM,QAAQ,aAAa,QAAQ,OAAO;AAC1C,QAAM,WAAW,IAAI,KAAK,aAAa,QAAQ,WAAW,CAAC;AAC3D,QAAM,iBAAiB,aAAa,QAAQ,iBAAiB;AAC7D,QAAM,YAAY,aAAa,QAAQ,YAAY;AACnD,QAAM,YAAY,OAAO,IAAI,YAAY;AAEzC,QAAM,SAA6B;AAAA,IACjC;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF;AACA,MAAI,cAAc,OAAW,QAAO,YAAY;AAChD,MAAI,mBAAmB,OAAW,QAAO,iBAAiB;AAC1D,MAAI,cAAc,OAAW,QAAO,YAAY;AAChD,MAAI,cAAc,OAAW,QAAO,YAAY;AAChD,SAAO;AACT;AAQA,eAAsB,mBACpB,SACA,WAC4B;AAC5B,QAAM,SAAS,kBAAkB,OAAO;AACxC,QAAM,QAAQ,MAAM,cAAc;AAAA,IAChC,SAAS,OAAO;AAAA,IAChB;AAAA,IACA;AAAA,EACF,CAAC;AACD,MAAI,OAAO;AACT,WAAO,EAAE,OAAO,MAAM,SAAS,OAAO,QAAQ;AAAA,EAChD;AAEA,QAAM,YAAY,MAAM,sBAAsB,EAAE,SAAS,UAAU,CAAC;AACpE,SAAO,EAAE,OAAO,OAAO,SAAS,WAAW,SAAS,EAAa;AACnE;AAMA,IAAM,aAAa,oBAAI,IAAI;AAAA,EACzB;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF,CAAC;AAED,SAAS,kBAAkB,MAAuB;AAChD,QAAM,MAAM,KAAK,QAAQ,IAAI;AAC7B,MAAI,QAAQ,GAAI,QAAO;AACvB,SAAO,WAAW,IAAI,KAAK,MAAM,GAAG,GAAG,CAAC;AAC1C;AAEA,SAAS,aAAa,QAA6B,KAAqB;AACtE,QAAM,QAAQ,OAAO,IAAI,GAAG;AAC5B,MAAI,UAAU,QAAW;AACvB,UAAM,IAAI,MAAM,8CAA8C,GAAG,GAAG;AAAA,EACtE;AACA,SAAO;AACT;AAEA,SAAS,aACP,QACA,KACkB;AAClB,QAAM,MAAM,OAAO,IAAI,GAAG;AAC1B,MAAI,QAAQ,OAAW,QAAO;AAC9B,SAAO,IAAI,KAAK,GAAG;AACrB;;;AC9MA,SAAS,WAAW,+BAA+B;AAW5C,SAAS,2BAAmC;AAGjD,QAAM,OAAO,OAAO,KAAK,IAAI,CAAC;AAI9B,MAAI;AACJ,MAAI;AACJ,QAAM,IAAI;AAGV,MAAI,EAAE,QAAQ,iBAAiB;AAC7B,UAAM,MAAM,IAAI,YAAY,CAAC;AAC7B,MAAE,OAAO,gBAAgB,GAAG;AAC5B,eAAW,IAAI,CAAC;AAChB,cAAU,IAAI,CAAC;AAAA,EACjB,OAAO;AAGL,UAAM,aAAa,UAAQ,QAAa;AAGxC,UAAM,IAAI,WAAW,YAAY,CAAC;AAClC,eAAW,EAAE,aAAa,CAAC;AAC3B,cAAU,EAAE,aAAa,CAAC;AAAA,EAC5B;AAEA,QAAM,OACH,OAAO,QAAQ,KAAK,MAAO,OAAO,OAAO;AAC5C,SAAQ,QAAQ,MAAO;AACzB;AASA,SAAS,oBAAoB,KAAsB;AACjD,MAAI,CAAC,IAAI,WAAW,IAAI,EAAG,QAAO;AAClC,QAAM,MAAM,IAAI,MAAM,CAAC;AAEvB,MAAI,IAAI,SAAS,MAAM,EAAG,QAAO;AAGjC,MAAI,IAAI,SAAS,IAAK,QAAO;AAE7B,SAAO,iBAAiB,KAAK,GAAG;AAClC;AAEO,IAAM,2BAA2B;AAEjC,IAAM,qBAAqB;AAAA,EAChC,aAAa;AAAA,IACX,EAAE,MAAM,WAAW,MAAM,UAAU;AAAA,IACnC,EAAE,MAAM,UAAU,MAAM,UAAU;AAAA,IAClC,EAAE,MAAM,gBAAgB,MAAM,UAAU;AAAA,IACxC,EAAE,MAAM,SAAS,MAAM,UAAU;AAAA,IACjC,EAAE,MAAM,aAAa,MAAM,UAAU;AAAA,IACrC,EAAE,MAAM,YAAY,MAAM,SAAS;AAAA,IACnC,EAAE,MAAM,YAAY,MAAM,SAAS;AAAA,EACrC;AACF;AAkBO,SAAS,uBAAuB,SAAiB;AACtD,SAAO;AAAA,IACL,MAAM;AAAA,IACN,SAAS;AAAA,IACT;AAAA,IACA,mBAAmB;AAAA,EACrB;AACF;AAEA,SAAS,aAAa,SAA6B;AACjD,SAAO;AAAA,IACL,SAAS,OAAO,QAAQ,OAAO;AAAA,IAC/B,QAAQ,QAAQ;AAAA,IAChB,cAAc,QAAQ;AAAA,IACtB,OAAO,QAAQ;AAAA,IACf,WAAW,OAAO,QAAQ,SAAS;AAAA,IACnC,UAAU,QAAQ;AAAA,IAClB,UAAU,QAAQ;AAAA,EACpB;AACF;AAEO,SAAS,0BAA0B,SAA6B;AACrE,SAAO;AAAA,IACL,QAAQ,uBAAuB,QAAQ,OAAO;AAAA,IAC9C,OAAO;AAAA,IACP,aAAa;AAAA,IACb,SAAS,aAAa,OAAO;AAAA,EAC/B;AACF;AAEO,SAAS,oBAAoB,UAAoB;AACtD,SAAO,UAAU,QAAQ;AAC3B;AAEA,eAAsB,gBACpB,QACA,SACc;AACd,QAAM,EAAE,QAAQ,OAAO,aAAa,QAAQ,IAC1C,0BAA0B,OAAO;AACnC,SAAO,OAAO,cAAc;AAAA,IAC1B,SAAS,OAAO;AAAA,IAChB;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF,CAAC;AACH;AA4DA,eAAsB,wBACpB,QAC2B;AAC3B,QAAM,YACJ,KAAK,MAAM,KAAK,IAAI,IAAI,GAAI,KAAK,OAAO,oBAAoB;AAE9D,QAAM,QAAQ,OAAO,SAAS,yBAAyB;AAEvD,QAAM,UAA8B;AAAA,IAClC,SAAS,OAAO;AAAA,IAChB,QAAQ,OAAO;AAAA,IACf,cAAc,oBAAoB,OAAO,QAAQ;AAAA,IACjD;AAAA,IACA;AAAA,IACA,UAAU,OAAO;AAAA,IACjB,UAAU,OAAO;AAAA,EACnB;AAEA,QAAM,MAAM,MAAM,gBAAgB,OAAO,oBAAoB,OAAO;AAEpE,SAAO;AAAA,IACL;AAAA,IACA,SAAS,QAAQ;AAAA,IACjB,QAAQ,QAAQ;AAAA,IAChB,cAAc,QAAQ;AAAA,IACtB,OAAO,QAAQ,MAAM,SAAS;AAAA,IAC9B,WAAW,QAAQ;AAAA,IACnB,UAAU,QAAQ;AAAA,IAClB,UAAU,QAAQ;AAAA,EACpB;AACF;AAEA,eAAsB,kBACpB,SACA,WACA,gBACkC;AAClC,QAAM,SAAS,KAAK,MAAM,KAAK,IAAI,IAAI,GAAI;AAC3C,MAAI,QAAQ,YAAY,QAAQ;AAC9B,WAAO,EAAE,IAAI,OAAO,QAAQ,UAAU;AAAA,EACxC;AASA,MAAI,CAAC,oBAAoB,SAAS,GAAG;AACnC,WAAO,EAAE,IAAI,OAAO,QAAQ,2BAA2B;AAAA,EACzD;AAEA,MAAI;AACJ,MAAI;AACF,UAAM,EAAE,QAAQ,OAAO,aAAa,QAAQ,IAC1C,0BAA0B,OAAO;AACnC,gBAAY,MAAM,wBAAwB;AAAA,MACxC;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,IACF,CAAC;AAAA,EACH,QAAQ;AACN,WAAO,EAAE,IAAI,OAAO,QAAQ,2BAA2B;AAAA,EACzD;AAEA,MAAI,UAAU,YAAY,MAAM,eAAe,YAAY,GAAG;AAC5D,WAAO,EAAE,IAAI,OAAO,QAAQ,kBAAkB,kBAAkB,UAAU;AAAA,EAC5E;AAEA,SAAO,EAAE,IAAI,MAAM,kBAAkB,UAAU;AACjD;","names":[]}
@@ -0,0 +1,11 @@
1
+ var __require = /* @__PURE__ */ ((x) => typeof require !== "undefined" ? require : typeof Proxy !== "undefined" ? new Proxy(x, {
2
+ get: (a, b) => (typeof require !== "undefined" ? require : a)[b]
3
+ }) : x)(function(x) {
4
+ if (typeof require !== "undefined") return require.apply(this, arguments);
5
+ throw Error('Dynamic require of "' + x + '" is not supported');
6
+ });
7
+
8
+ export {
9
+ __require
10
+ };
11
+ //# sourceMappingURL=chunk-DGUM43GV.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"sources":[],"sourcesContent":[],"mappings":"","names":[]}
@@ -0,0 +1,11 @@
1
+ "use strict";Object.defineProperty(exports, "__esModule", {value: true});var __require = /* @__PURE__ */ ((x) => typeof require !== "undefined" ? require : typeof Proxy !== "undefined" ? new Proxy(x, {
2
+ get: (a, b) => (typeof require !== "undefined" ? require : a)[b]
3
+ }) : x)(function(x) {
4
+ if (typeof require !== "undefined") return require.apply(this, arguments);
5
+ throw Error('Dynamic require of "' + x + '" is not supported');
6
+ });
7
+
8
+
9
+
10
+ exports.__require = __require;
11
+ //# sourceMappingURL=chunk-JEQ2X3Z6.cjs.map
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["/Users/phitran/Pacific-Finance/pafi-backend/pafi-sdk/packages/core/dist/chunk-JEQ2X3Z6.cjs"],"names":[],"mappings":"AAAA,6EAAI,UAAU,kBAAkB,CAAC,CAAC,CAAC,EAAE,GAAG,OAAO,QAAQ,IAAI,YAAY,EAAE,QAAQ,EAAE,OAAO,MAAM,IAAI,YAAY,EAAE,IAAI,KAAK,CAAC,CAAC,EAAE;AAC/H,EAAE,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,OAAO,QAAQ,IAAI,YAAY,EAAE,QAAQ,EAAE,CAAC,CAAC,CAAC,CAAC;AACjE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE;AACpB,EAAE,GAAG,CAAC,OAAO,QAAQ,IAAI,WAAW,EAAE,OAAO,OAAO,CAAC,KAAK,CAAC,IAAI,EAAE,SAAS,CAAC;AAC3E,EAAE,MAAM,KAAK,CAAC,uBAAuB,EAAE,EAAE,EAAE,oBAAoB,CAAC;AAChE,CAAC,CAAC;AACF;AACA;AACE;AACF,8BAAC","file":"/Users/phitran/Pacific-Finance/pafi-backend/pafi-sdk/packages/core/dist/chunk-JEQ2X3Z6.cjs"}
@@ -1,8 +1,8 @@
1
- "use strict";Object.defineProperty(exports, "__esModule", {value: true});// src/eip712/domain.ts
1
+ "use strict";Object.defineProperty(exports, "__esModule", {value: true}); function _nullishCoalesce(lhs, rhsFn) { if (lhs != null) { return lhs; } else { return rhsFn(); } }// src/eip712/domain.ts
2
2
  function buildDomain(config) {
3
3
  return {
4
4
  name: config.name,
5
- version: "1",
5
+ version: _nullishCoalesce(config.version, () => ( "1")),
6
6
  chainId: config.chainId,
7
7
  verifyingContract: config.verifyingContract
8
8
  };
@@ -220,4 +220,4 @@ async function verifyReceiverConsent(domain, message, signature, expectedReceive
220
220
 
221
221
 
222
222
  exports.mintRequestTypes = mintRequestTypes; exports.burnRequestTypes = burnRequestTypes; exports.receiverConsentTypes = receiverConsentTypes; exports.SUPPORTED_CHAINS = SUPPORTED_CHAINS; exports.V4_QUOTER_ADDRESSES = V4_QUOTER_ADDRESSES; exports.UNIVERSAL_ROUTER_ADDRESSES = UNIVERSAL_ROUTER_ADDRESSES; exports.COMMON_TOKENS = COMMON_TOKENS; exports.COMMON_POOLS = COMMON_POOLS; exports.POINT_TOKEN_POOLS = POINT_TOKEN_POOLS; exports.ENTRY_POINT_V07 = ENTRY_POINT_V07; exports.ENTRY_POINT_V08 = ENTRY_POINT_V08; exports.PERMIT2_ADDRESS = PERMIT2_ADDRESS; exports.buildDomain = buildDomain; exports.buildMintRequestTypedData = buildMintRequestTypedData; exports.signMintRequest = signMintRequest; exports.verifyMintRequest = verifyMintRequest; exports.buildBurnRequestTypedData = buildBurnRequestTypedData; exports.signBurnRequest = signBurnRequest; exports.verifyBurnRequest = verifyBurnRequest; exports.buildReceiverConsentTypedData = buildReceiverConsentTypedData; exports.signReceiverConsent = signReceiverConsent; exports.verifyReceiverConsent = verifyReceiverConsent;
223
- //# sourceMappingURL=chunk-3QDZFDEL.cjs.map
223
+ //# sourceMappingURL=chunk-M5ULOZ3A.cjs.map
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["/Users/phitran/Pacific-Finance/pafi-backend/pafi-sdk/packages/core/dist/chunk-M5ULOZ3A.cjs","../src/eip712/domain.ts","../src/eip712/mintRequest.ts","../src/constants.ts","../src/eip712/burnRequest.ts","../src/eip712/receiverConsent.ts"],"names":["parseSignature","recoverTypedDataAddress","getAddress"],"mappings":"AAAA;ACOO,SAAS,WAAA,CAAY,MAAA,EAAgC;AAC1D,EAAA,OAAO;AAAA,IACL,IAAA,EAAM,MAAA,CAAO,IAAA;AAAA,IACb,OAAA,mBAAS,MAAA,CAAO,OAAA,UAAW,KAAA;AAAA,IAC3B,OAAA,EAAS,MAAA,CAAO,OAAA;AAAA,IAChB,iBAAA,EAAmB,MAAA,CAAO;AAAA,EAC5B,CAAA;AACF;ADLA;AACA;AEVA,4BAAoE;AFYpE;AACA;AGNO,IAAM,iBAAA,EAAmB;AAAA,EAC9B,WAAA,EAAa;AAAA,IACX,EAAE,IAAA,EAAM,IAAA,EAAM,IAAA,EAAM,UAAU,CAAA;AAAA,IAC9B,EAAE,IAAA,EAAM,QAAA,EAAU,IAAA,EAAM,UAAU,CAAA;AAAA,IAClC,EAAE,IAAA,EAAM,OAAA,EAAS,IAAA,EAAM,UAAU,CAAA;AAAA,IACjC,EAAE,IAAA,EAAM,UAAA,EAAY,IAAA,EAAM,UAAU;AAAA,EACtC;AACF,CAAA;AAEO,IAAM,iBAAA,EAAmB;AAAA,EAC9B,WAAA,EAAa;AAAA,IACX,EAAE,IAAA,EAAM,MAAA,EAAQ,IAAA,EAAM,UAAU,CAAA;AAAA,IAChC,EAAE,IAAA,EAAM,QAAA,EAAU,IAAA,EAAM,UAAU,CAAA;AAAA,IAClC,EAAE,IAAA,EAAM,OAAA,EAAS,IAAA,EAAM,UAAU,CAAA;AAAA,IACjC,EAAE,IAAA,EAAM,UAAA,EAAY,IAAA,EAAM,UAAU;AAAA,EACtC;AACF,CAAA;AAEO,IAAM,qBAAA,EAAuB;AAAA,EAClC,eAAA,EAAiB;AAAA,IACf,EAAE,IAAA,EAAM,YAAA,EAAc,IAAA,EAAM,UAAU,CAAA;AAAA,IACtC,EAAE,IAAA,EAAM,kBAAA,EAAoB,IAAA,EAAM,UAAU,CAAA;AAAA,IAC5C,EAAE,IAAA,EAAM,QAAA,EAAU,IAAA,EAAM,UAAU,CAAA;AAAA,IAClC,EAAE,IAAA,EAAM,OAAA,EAAS,IAAA,EAAM,UAAU,CAAA;AAAA,IACjC,EAAE,IAAA,EAAM,UAAA,EAAY,IAAA,EAAM,UAAU,CAAA;AAAA,IACpC,EAAE,IAAA,EAAM,SAAA,EAAW,IAAA,EAAM,QAAQ;AAAA,EACnC;AACF,CAAA;AAMO,IAAM,iBAAA,EAAgD;AAAA,EAC3D,IAAA,EAAM,EAAE,IAAA,EAAM,OAAO;AACvB,CAAA;AAEO,IAAM,oBAAA,EAA+C;AAAA,EAC1D,IAAA,EAAM;AACR,CAAA;AAEO,IAAM,2BAAA,EAAsD;AAAA,EACjE,IAAA,EAAM;AACR,CAAA;AAEO,IAAM,cAAA,EAAyD;AAAA;AAAA,EAEpE,IAAA,EAAM;AAAA,IACJ,IAAA,EAAM,4CAAA;AAAA,IACN,IAAA,EAAM,4CAAA;AAAA,IACN,IAAA,EAAM;AAAA,EACR;AACF,CAAA;AAEO,IAAM,aAAA,EAA0C;AAAA;AAAA,EAErD,IAAA,EAAM;AAAA;AAAA,IAEJ;AAAA,MACE,SAAA,EAAW,4CAAA;AAAA,MACX,SAAA,EAAW,4CAAA;AAAA,MACX,GAAA,EAAK,GAAA;AAAA,MACL,WAAA,EAAa,EAAA;AAAA,MACb,KAAA,EAAO;AAAA,IACT,CAAA;AAAA;AAAA,IAEA;AAAA,MACE,SAAA,EAAW,4CAAA;AAAA,MACX,SAAA,EAAW,4CAAA;AAAA,MACX,GAAA,EAAK,GAAA;AAAA,MACL,WAAA,EAAa,EAAA;AAAA,MACb,KAAA,EAAO;AAAA,IACT;AAAA,EACF;AACF,CAAA;AAEO,IAAM,kBAAA,EAAgE;AAAA;AAE7E,CAAA;AAOO,IAAM,gBAAA,EAA2B,4CAAA;AAcjC,IAAM,gBAAA,EAA2B,4CAAA;AAGjC,IAAM,gBAAA,EAA2B,4CAAA;AHzBxC;AACA;AE1EO,SAAS,yBAAA,CACd,MAAA,EACA,OAAA,EACA;AACA,EAAA,OAAO;AAAA,IACL,MAAA,EAAQ,WAAA,CAAY,MAAM,CAAA;AAAA,IAC1B,KAAA,EAAO,gBAAA;AAAA,IACP,WAAA,EAAa,aAAA;AAAA,IACb;AAAA,EACF,CAAA;AACF;AAEA,MAAA,SAAsB,eAAA,CACpB,YAAA,EACA,MAAA,EACA,OAAA,EAC0B;AAC1B,EAAA,MAAM,WAAA,EAAa,MAAM,YAAA,CAAa,aAAA,CAAc;AAAA,IAClD,OAAA,EAAS,YAAA,CAAa,OAAA;AAAA,IACtB,MAAA,EAAQ,WAAA,CAAY,MAAM,CAAA;AAAA,IAC1B,KAAA,EAAO,gBAAA;AAAA,IACP,WAAA,EAAa,aAAA;AAAA,IACb;AAAA,EACF,CAAC,CAAA;AAED,EAAA,MAAM,EAAE,CAAA,EAAG,CAAA,EAAG,EAAE,EAAA,EAAI,kCAAA,UAAyB,CAAA;AAE7C,EAAA,OAAO;AAAA,IACL,CAAA,EAAG,MAAA,CAAO,CAAC,CAAA;AAAA,IACX,CAAA;AAAA,IACA,CAAA;AAAA,IACA;AAAA,EACF,CAAA;AACF;AAEA,MAAA,SAAsB,iBAAA,CACpB,MAAA,EACA,OAAA,EACA,SAAA,EACA,cAAA,EACgC;AAChC,EAAA,MAAM,iBAAA,EAAmB,MAAM,2CAAA;AAAwB,IACrD,MAAA,EAAQ,WAAA,CAAY,MAAM,CAAA;AAAA,IAC1B,KAAA,EAAO,gBAAA;AAAA,IACP,WAAA,EAAa,aAAA;AAAA,IACb,OAAA;AAAA,IACA;AAAA,EACF,CAAC,CAAA;AAED,EAAA,MAAM,QAAA,EAAU,8BAAA,gBAA2B,EAAA,IAAM,8BAAA,cAAyB,CAAA;AAE1E,EAAA,OAAO,EAAE,OAAA,EAAS,iBAAiB,CAAA;AACrC;AF0DA;AACA;AI1HA;AAyBO,SAAS,yBAAA,CACd,MAAA,EACA,OAAA,EACA;AACA,EAAA,OAAO;AAAA,IACL,MAAA,EAAQ,WAAA,CAAY,MAAM,CAAA;AAAA,IAC1B,KAAA,EAAO,gBAAA;AAAA,IACP,WAAA,EAAa,aAAA;AAAA,IACb;AAAA,EACF,CAAA;AACF;AAEA,MAAA,SAAsB,eAAA,CACpB,YAAA,EACA,MAAA,EACA,OAAA,EAC0B;AAC1B,EAAA,MAAM,WAAA,EAAa,MAAM,YAAA,CAAa,aAAA,CAAc;AAAA,IAClD,OAAA,EAAS,YAAA,CAAa,OAAA;AAAA,IACtB,MAAA,EAAQ,WAAA,CAAY,MAAM,CAAA;AAAA,IAC1B,KAAA,EAAO,gBAAA;AAAA,IACP,WAAA,EAAa,aAAA;AAAA,IACb;AAAA,EACF,CAAC,CAAA;AAED,EAAA,MAAM,EAAE,CAAA,EAAG,CAAA,EAAG,EAAE,EAAA,EAAIA,kCAAAA,UAAyB,CAAA;AAE7C,EAAA,OAAO;AAAA,IACL,CAAA,EAAG,MAAA,CAAO,CAAC,CAAA;AAAA,IACX,CAAA;AAAA,IACA,CAAA;AAAA,IACA;AAAA,EACF,CAAA;AACF;AAEA,MAAA,SAAsB,iBAAA,CACpB,MAAA,EACA,OAAA,EACA,SAAA,EACA,cAAA,EACgC;AAChC,EAAA,MAAM,iBAAA,EAAmB,MAAMC,2CAAAA;AAAwB,IACrD,MAAA,EAAQ,WAAA,CAAY,MAAM,CAAA;AAAA,IAC1B,KAAA,EAAO,gBAAA;AAAA,IACP,WAAA,EAAa,aAAA;AAAA,IACb,OAAA;AAAA,IACA;AAAA,EACF,CAAC,CAAA;AAED,EAAA,MAAM,QAAA,EAAUC,8BAAAA,gBAA2B,EAAA,IAAMA,8BAAAA,cAAyB,CAAA;AAE1E,EAAA,OAAO,EAAE,OAAA,EAAS,iBAAiB,CAAA;AACrC;AJkFA;AACA;AKhKA;AAWO,SAAS,6BAAA,CACd,MAAA,EACA,OAAA,EACA;AACA,EAAA,OAAO;AAAA,IACL,MAAA,EAAQ,WAAA,CAAY,MAAM,CAAA;AAAA,IAC1B,KAAA,EAAO,oBAAA;AAAA,IACP,WAAA,EAAa,iBAAA;AAAA,IACb;AAAA,EACF,CAAA;AACF;AAEA,MAAA,SAAsB,mBAAA,CACpB,YAAA,EACA,MAAA,EACA,OAAA,EAC0B;AAC1B,EAAA,MAAM,WAAA,EAAa,MAAM,YAAA,CAAa,aAAA,CAAc;AAAA,IAClD,OAAA,EAAS,YAAA,CAAa,OAAA;AAAA,IACtB,MAAA,EAAQ,WAAA,CAAY,MAAM,CAAA;AAAA,IAC1B,KAAA,EAAO,oBAAA;AAAA,IACP,WAAA,EAAa,iBAAA;AAAA,IACb;AAAA,EACF,CAAC,CAAA;AAED,EAAA,MAAM,EAAE,CAAA,EAAG,CAAA,EAAG,EAAE,EAAA,EAAIF,kCAAAA,UAAyB,CAAA;AAE7C,EAAA,OAAO;AAAA,IACL,CAAA,EAAG,MAAA,CAAO,CAAC,CAAA;AAAA,IACX,CAAA;AAAA,IACA,CAAA;AAAA,IACA;AAAA,EACF,CAAA;AACF;AAEA,MAAA,SAAsB,qBAAA,CACpB,MAAA,EACA,OAAA,EACA,SAAA,EACA,gBAAA,EACgC;AAChC,EAAA,MAAM,iBAAA,EAAmB,MAAMC,2CAAAA;AAAwB,IACrD,MAAA,EAAQ,WAAA,CAAY,MAAM,CAAA;AAAA,IAC1B,KAAA,EAAO,oBAAA;AAAA,IACP,WAAA,EAAa,iBAAA;AAAA,IACb,OAAA;AAAA,IACA;AAAA,EACF,CAAC,CAAA;AAED,EAAA,MAAM,QAAA,EAAUC,8BAAAA,gBAA2B,EAAA,IAAMA,8BAAAA,gBAA2B,CAAA;AAE5E,EAAA,OAAO,EAAE,OAAA,EAAS,iBAAiB,CAAA;AACrC;ALsIA;AACA;AACE;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACF,ijCAAC","file":"/Users/phitran/Pacific-Finance/pafi-backend/pafi-sdk/packages/core/dist/chunk-M5ULOZ3A.cjs","sourcesContent":[null,"import type { PointTokenDomainConfig } from \"../types\";\n\n/**\n * Build the EIP-712 domain struct from a PointToken config. Uses\n * `config.version` when supplied; defaults to `\"1\"` for back-compat.\n * v0.7.1 — see SDK_CORE_TRADING_AUDIT.md H8.\n */\nexport function buildDomain(config: PointTokenDomainConfig) {\n return {\n name: config.name,\n version: config.version ?? \"1\",\n chainId: config.chainId,\n verifyingContract: config.verifyingContract,\n };\n}\n","import { getAddress, parseSignature, recoverTypedDataAddress } from \"viem\";\nimport type { Address, Hex, WalletClient } from \"viem\";\nimport { mintRequestTypes } from \"../constants\";\nimport type { EIP712Signature, MintRequest, PointTokenDomainConfig, SignatureVerification } from \"../types\";\nimport { buildDomain } from \"./domain\";\n\n/**\n * Build the EIP-712 typed data object for a MintRequest.\n * Returns the standard `{ domain, types, primaryType, message }` structure\n * that any EIP-712 signer (viem, ethers, Privy, WalletConnect) can consume.\n */\nexport function buildMintRequestTypedData(\n domain: PointTokenDomainConfig,\n message: MintRequest,\n) {\n return {\n domain: buildDomain(domain),\n types: mintRequestTypes,\n primaryType: \"MintRequest\" as const,\n message,\n };\n}\n\nexport async function signMintRequest(\n walletClient: WalletClient,\n domain: PointTokenDomainConfig,\n message: MintRequest,\n): Promise<EIP712Signature> {\n const serialized = await walletClient.signTypedData({\n account: walletClient.account!,\n domain: buildDomain(domain),\n types: mintRequestTypes,\n primaryType: \"MintRequest\",\n message,\n });\n\n const { v, r, s } = parseSignature(serialized);\n\n return {\n v: Number(v),\n r,\n s,\n serialized,\n };\n}\n\nexport async function verifyMintRequest(\n domain: PointTokenDomainConfig,\n message: MintRequest,\n signature: Hex,\n expectedMinter: Address,\n): Promise<SignatureVerification> {\n const recoveredAddress = await recoverTypedDataAddress({\n domain: buildDomain(domain),\n types: mintRequestTypes,\n primaryType: \"MintRequest\",\n message,\n signature,\n });\n\n const isValid = getAddress(recoveredAddress) === getAddress(expectedMinter);\n\n return { isValid, recoveredAddress };\n}\n","import type { Address } from \"viem\";\nimport type { ChainConfig, PoolKey } from \"./types\";\n\n// -------------------------------------------------------------------------\n// EIP-712 type definitions for viem\n// -------------------------------------------------------------------------\n\nexport const mintRequestTypes = {\n MintRequest: [\n { name: \"to\", type: \"address\" },\n { name: \"amount\", type: \"uint256\" },\n { name: \"nonce\", type: \"uint256\" },\n { name: \"deadline\", type: \"uint256\" },\n ],\n} as const;\n\nexport const burnRequestTypes = {\n BurnRequest: [\n { name: \"from\", type: \"address\" },\n { name: \"amount\", type: \"uint256\" },\n { name: \"nonce\", type: \"uint256\" },\n { name: \"deadline\", type: \"uint256\" },\n ],\n} as const;\n\nexport const receiverConsentTypes = {\n ReceiverConsent: [\n { name: \"onBehalfOf\", type: \"address\" },\n { name: \"originalReceiver\", type: \"address\" },\n { name: \"amount\", type: \"uint256\" },\n { name: \"nonce\", type: \"uint256\" },\n { name: \"deadline\", type: \"uint256\" },\n { name: \"extData\", type: \"bytes\" },\n ],\n} as const;\n\n// -------------------------------------------------------------------------\n// Chain-indexed constants — add entries here as new chains are supported\n// -------------------------------------------------------------------------\n\nexport const SUPPORTED_CHAINS: Record<number, ChainConfig> = {\n 8453: { name: \"Base\" },\n};\n\nexport const V4_QUOTER_ADDRESSES: Record<number, Address> = {\n 8453: \"0x0d5e0f971ed27fbff6c2837bf31316121532048d\",\n};\n\nexport const UNIVERSAL_ROUTER_ADDRESSES: Record<number, Address> = {\n 8453: \"0x6ff5693b99212da76ad316178a184ab56d299b43\",\n};\n\nexport const COMMON_TOKENS: Record<number, Record<string, Address>> = {\n // Base\n 8453: {\n WETH: \"0x4200000000000000000000000000000000000006\",\n USDC: \"0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913\",\n USDT: \"0xfde4C96c8593536E31F229EA8f37b2ADa2699bb2\",\n },\n};\n\nexport const COMMON_POOLS: Record<number, PoolKey[]> = {\n // Base — existing Uniswap V4 pools\n 8453: [\n // WETH/USDC 0.3%\n {\n currency0: \"0x4200000000000000000000000000000000000006\",\n currency1: \"0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913\",\n fee: 3000,\n tickSpacing: 60,\n hooks: \"0x0000000000000000000000000000000000000000\",\n },\n // WETH/USDC 0.05%\n {\n currency0: \"0x4200000000000000000000000000000000000006\",\n currency1: \"0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913\",\n fee: 500,\n tickSpacing: 10,\n hooks: \"0x0000000000000000000000000000000000000000\",\n },\n ],\n};\n\nexport const POINT_TOKEN_POOLS: Record<number, Record<Address, PoolKey[]>> = {\n // chainId → pointTokenAddress → PoolKey[]\n};\n\n// -------------------------------------------------------------------------\n// Protocol constants — chain-agnostic (same address on every EVM chain)\n// -------------------------------------------------------------------------\n\n/** ERC-4337 v0.7 EntryPoint — deployed deterministically across all EVM chains. */\nexport const ENTRY_POINT_V07: Address = \"0x0000000071727De22E5E9d8BAf0edAc6f37da032\";\n\n/**\n * ERC-4337 v0.8 EntryPoint — used by Pimlico's `Simple7702Account` impl\n * (`0xe6Cae83BdE06E4c305530e199D7217f42808555B`) and by permissionless's\n * `to7702SimpleSmartAccount`. EIP-7702 delegated EOAs in PAFI's flow\n * point at this EntryPoint, NOT v0.7.\n *\n * Why this matters: account.validateUserOp does\n * `require(msg.sender == entryPoint(), \"account: not from EntryPoint\")`.\n * If the bundler/paymaster sim runs against a different EntryPoint than\n * what the account's `entryPoint()` returns, the require fails and you\n * see `AA23 reverted account: not from EntryPoint`.\n */\nexport const ENTRY_POINT_V08: Address = \"0x4337084d9e255ff0702461cf8895ce9e3b5ff108\";\n\n/** Permit2 — Uniswap's universal approval contract, same address on all EVM chains. */\nexport const PERMIT2_ADDRESS: Address = \"0x000000000022D473030F116dDEE9F6B43aC78BA3\";\n","import { getAddress, parseSignature, recoverTypedDataAddress } from \"viem\";\nimport type { Address, Hex, WalletClient } from \"viem\";\nimport { burnRequestTypes } from \"../constants\";\nimport type {\n BurnRequest,\n EIP712Signature,\n PointTokenDomainConfig,\n SignatureVerification,\n} from \"../types\";\nimport { buildDomain } from \"./domain\";\n\n/**\n * EIP-712 helpers for `BurnRequest` — consumed by the sig-gated burn\n * path on `PointToken`:\n *\n * burn(address from, uint256 amount, uint256 deadline, bytes burnerSig)\n *\n * Solidity type hash:\n * BurnRequest(address from,uint256 amount,uint256 nonce,uint256 deadline)\n *\n * Issuer backend signs with its burner signer (HSM/KMS). On-chain\n * `msg.sender` must equal `from`, and the recovered signer must be in\n * `burners[]`. Nonce comes from `burnRequestNonces[from]` and is\n * auto-incremented on success.\n */\nexport function buildBurnRequestTypedData(\n domain: PointTokenDomainConfig,\n message: BurnRequest,\n) {\n return {\n domain: buildDomain(domain),\n types: burnRequestTypes,\n primaryType: \"BurnRequest\" as const,\n message,\n };\n}\n\nexport async function signBurnRequest(\n walletClient: WalletClient,\n domain: PointTokenDomainConfig,\n message: BurnRequest,\n): Promise<EIP712Signature> {\n const serialized = await walletClient.signTypedData({\n account: walletClient.account!,\n domain: buildDomain(domain),\n types: burnRequestTypes,\n primaryType: \"BurnRequest\",\n message,\n });\n\n const { v, r, s } = parseSignature(serialized);\n\n return {\n v: Number(v),\n r,\n s,\n serialized,\n };\n}\n\nexport async function verifyBurnRequest(\n domain: PointTokenDomainConfig,\n message: BurnRequest,\n signature: Hex,\n expectedBurner: Address,\n): Promise<SignatureVerification> {\n const recoveredAddress = await recoverTypedDataAddress({\n domain: buildDomain(domain),\n types: burnRequestTypes,\n primaryType: \"BurnRequest\",\n message,\n signature,\n });\n\n const isValid = getAddress(recoveredAddress) === getAddress(expectedBurner);\n\n return { isValid, recoveredAddress };\n}\n","import { getAddress, parseSignature, recoverTypedDataAddress } from \"viem\";\nimport type { Address, Hex, WalletClient } from \"viem\";\nimport { receiverConsentTypes } from \"../constants\";\nimport type { EIP712Signature, PointTokenDomainConfig, ReceiverConsent, SignatureVerification } from \"../types\";\nimport { buildDomain } from \"./domain\";\n\n/**\n * Build the EIP-712 typed data object for a ReceiverConsent.\n * Returns the standard `{ domain, types, primaryType, message }` structure\n * that any EIP-712 signer (viem, ethers, Privy, WalletConnect) can consume.\n */\nexport function buildReceiverConsentTypedData(\n domain: PointTokenDomainConfig,\n message: ReceiverConsent,\n) {\n return {\n domain: buildDomain(domain),\n types: receiverConsentTypes,\n primaryType: \"ReceiverConsent\" as const,\n message,\n };\n}\n\nexport async function signReceiverConsent(\n walletClient: WalletClient,\n domain: PointTokenDomainConfig,\n message: ReceiverConsent,\n): Promise<EIP712Signature> {\n const serialized = await walletClient.signTypedData({\n account: walletClient.account!,\n domain: buildDomain(domain),\n types: receiverConsentTypes,\n primaryType: \"ReceiverConsent\",\n message,\n });\n\n const { v, r, s } = parseSignature(serialized);\n\n return {\n v: Number(v),\n r,\n s,\n serialized,\n };\n}\n\nexport async function verifyReceiverConsent(\n domain: PointTokenDomainConfig,\n message: ReceiverConsent,\n signature: Hex,\n expectedReceiver: Address,\n): Promise<SignatureVerification> {\n const recoveredAddress = await recoverTypedDataAddress({\n domain: buildDomain(domain),\n types: receiverConsentTypes,\n primaryType: \"ReceiverConsent\",\n message,\n signature,\n });\n\n const isValid = getAddress(recoveredAddress) === getAddress(expectedReceiver);\n\n return { isValid, recoveredAddress };\n}\n"]}
@@ -2,7 +2,7 @@
2
2
  function buildDomain(config) {
3
3
  return {
4
4
  name: config.name,
5
- version: "1",
5
+ version: config.version ?? "1",
6
6
  chainId: config.chainId,
7
7
  verifyingContract: config.verifyingContract
8
8
  };
@@ -220,4 +220,4 @@ export {
220
220
  signReceiverConsent,
221
221
  verifyReceiverConsent
222
222
  };
223
- //# sourceMappingURL=chunk-UOKI5GG6.js.map
223
+ //# sourceMappingURL=chunk-WJSIB5GF.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../src/eip712/domain.ts","../src/eip712/mintRequest.ts","../src/constants.ts","../src/eip712/burnRequest.ts","../src/eip712/receiverConsent.ts"],"sourcesContent":["import type { PointTokenDomainConfig } from \"../types\";\n\n/**\n * Build the EIP-712 domain struct from a PointToken config. Uses\n * `config.version` when supplied; defaults to `\"1\"` for back-compat.\n * v0.7.1 — see SDK_CORE_TRADING_AUDIT.md H8.\n */\nexport function buildDomain(config: PointTokenDomainConfig) {\n return {\n name: config.name,\n version: config.version ?? \"1\",\n chainId: config.chainId,\n verifyingContract: config.verifyingContract,\n };\n}\n","import { getAddress, parseSignature, recoverTypedDataAddress } from \"viem\";\nimport type { Address, Hex, WalletClient } from \"viem\";\nimport { mintRequestTypes } from \"../constants\";\nimport type { EIP712Signature, MintRequest, PointTokenDomainConfig, SignatureVerification } from \"../types\";\nimport { buildDomain } from \"./domain\";\n\n/**\n * Build the EIP-712 typed data object for a MintRequest.\n * Returns the standard `{ domain, types, primaryType, message }` structure\n * that any EIP-712 signer (viem, ethers, Privy, WalletConnect) can consume.\n */\nexport function buildMintRequestTypedData(\n domain: PointTokenDomainConfig,\n message: MintRequest,\n) {\n return {\n domain: buildDomain(domain),\n types: mintRequestTypes,\n primaryType: \"MintRequest\" as const,\n message,\n };\n}\n\nexport async function signMintRequest(\n walletClient: WalletClient,\n domain: PointTokenDomainConfig,\n message: MintRequest,\n): Promise<EIP712Signature> {\n const serialized = await walletClient.signTypedData({\n account: walletClient.account!,\n domain: buildDomain(domain),\n types: mintRequestTypes,\n primaryType: \"MintRequest\",\n message,\n });\n\n const { v, r, s } = parseSignature(serialized);\n\n return {\n v: Number(v),\n r,\n s,\n serialized,\n };\n}\n\nexport async function verifyMintRequest(\n domain: PointTokenDomainConfig,\n message: MintRequest,\n signature: Hex,\n expectedMinter: Address,\n): Promise<SignatureVerification> {\n const recoveredAddress = await recoverTypedDataAddress({\n domain: buildDomain(domain),\n types: mintRequestTypes,\n primaryType: \"MintRequest\",\n message,\n signature,\n });\n\n const isValid = getAddress(recoveredAddress) === getAddress(expectedMinter);\n\n return { isValid, recoveredAddress };\n}\n","import type { Address } from \"viem\";\nimport type { ChainConfig, PoolKey } from \"./types\";\n\n// -------------------------------------------------------------------------\n// EIP-712 type definitions for viem\n// -------------------------------------------------------------------------\n\nexport const mintRequestTypes = {\n MintRequest: [\n { name: \"to\", type: \"address\" },\n { name: \"amount\", type: \"uint256\" },\n { name: \"nonce\", type: \"uint256\" },\n { name: \"deadline\", type: \"uint256\" },\n ],\n} as const;\n\nexport const burnRequestTypes = {\n BurnRequest: [\n { name: \"from\", type: \"address\" },\n { name: \"amount\", type: \"uint256\" },\n { name: \"nonce\", type: \"uint256\" },\n { name: \"deadline\", type: \"uint256\" },\n ],\n} as const;\n\nexport const receiverConsentTypes = {\n ReceiverConsent: [\n { name: \"onBehalfOf\", type: \"address\" },\n { name: \"originalReceiver\", type: \"address\" },\n { name: \"amount\", type: \"uint256\" },\n { name: \"nonce\", type: \"uint256\" },\n { name: \"deadline\", type: \"uint256\" },\n { name: \"extData\", type: \"bytes\" },\n ],\n} as const;\n\n// -------------------------------------------------------------------------\n// Chain-indexed constants — add entries here as new chains are supported\n// -------------------------------------------------------------------------\n\nexport const SUPPORTED_CHAINS: Record<number, ChainConfig> = {\n 8453: { name: \"Base\" },\n};\n\nexport const V4_QUOTER_ADDRESSES: Record<number, Address> = {\n 8453: \"0x0d5e0f971ed27fbff6c2837bf31316121532048d\",\n};\n\nexport const UNIVERSAL_ROUTER_ADDRESSES: Record<number, Address> = {\n 8453: \"0x6ff5693b99212da76ad316178a184ab56d299b43\",\n};\n\nexport const COMMON_TOKENS: Record<number, Record<string, Address>> = {\n // Base\n 8453: {\n WETH: \"0x4200000000000000000000000000000000000006\",\n USDC: \"0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913\",\n USDT: \"0xfde4C96c8593536E31F229EA8f37b2ADa2699bb2\",\n },\n};\n\nexport const COMMON_POOLS: Record<number, PoolKey[]> = {\n // Base — existing Uniswap V4 pools\n 8453: [\n // WETH/USDC 0.3%\n {\n currency0: \"0x4200000000000000000000000000000000000006\",\n currency1: \"0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913\",\n fee: 3000,\n tickSpacing: 60,\n hooks: \"0x0000000000000000000000000000000000000000\",\n },\n // WETH/USDC 0.05%\n {\n currency0: \"0x4200000000000000000000000000000000000006\",\n currency1: \"0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913\",\n fee: 500,\n tickSpacing: 10,\n hooks: \"0x0000000000000000000000000000000000000000\",\n },\n ],\n};\n\nexport const POINT_TOKEN_POOLS: Record<number, Record<Address, PoolKey[]>> = {\n // chainId → pointTokenAddress → PoolKey[]\n};\n\n// -------------------------------------------------------------------------\n// Protocol constants — chain-agnostic (same address on every EVM chain)\n// -------------------------------------------------------------------------\n\n/** ERC-4337 v0.7 EntryPoint — deployed deterministically across all EVM chains. */\nexport const ENTRY_POINT_V07: Address = \"0x0000000071727De22E5E9d8BAf0edAc6f37da032\";\n\n/**\n * ERC-4337 v0.8 EntryPoint — used by Pimlico's `Simple7702Account` impl\n * (`0xe6Cae83BdE06E4c305530e199D7217f42808555B`) and by permissionless's\n * `to7702SimpleSmartAccount`. EIP-7702 delegated EOAs in PAFI's flow\n * point at this EntryPoint, NOT v0.7.\n *\n * Why this matters: account.validateUserOp does\n * `require(msg.sender == entryPoint(), \"account: not from EntryPoint\")`.\n * If the bundler/paymaster sim runs against a different EntryPoint than\n * what the account's `entryPoint()` returns, the require fails and you\n * see `AA23 reverted account: not from EntryPoint`.\n */\nexport const ENTRY_POINT_V08: Address = \"0x4337084d9e255ff0702461cf8895ce9e3b5ff108\";\n\n/** Permit2 — Uniswap's universal approval contract, same address on all EVM chains. */\nexport const PERMIT2_ADDRESS: Address = \"0x000000000022D473030F116dDEE9F6B43aC78BA3\";\n","import { getAddress, parseSignature, recoverTypedDataAddress } from \"viem\";\nimport type { Address, Hex, WalletClient } from \"viem\";\nimport { burnRequestTypes } from \"../constants\";\nimport type {\n BurnRequest,\n EIP712Signature,\n PointTokenDomainConfig,\n SignatureVerification,\n} from \"../types\";\nimport { buildDomain } from \"./domain\";\n\n/**\n * EIP-712 helpers for `BurnRequest` — consumed by the sig-gated burn\n * path on `PointToken`:\n *\n * burn(address from, uint256 amount, uint256 deadline, bytes burnerSig)\n *\n * Solidity type hash:\n * BurnRequest(address from,uint256 amount,uint256 nonce,uint256 deadline)\n *\n * Issuer backend signs with its burner signer (HSM/KMS). On-chain\n * `msg.sender` must equal `from`, and the recovered signer must be in\n * `burners[]`. Nonce comes from `burnRequestNonces[from]` and is\n * auto-incremented on success.\n */\nexport function buildBurnRequestTypedData(\n domain: PointTokenDomainConfig,\n message: BurnRequest,\n) {\n return {\n domain: buildDomain(domain),\n types: burnRequestTypes,\n primaryType: \"BurnRequest\" as const,\n message,\n };\n}\n\nexport async function signBurnRequest(\n walletClient: WalletClient,\n domain: PointTokenDomainConfig,\n message: BurnRequest,\n): Promise<EIP712Signature> {\n const serialized = await walletClient.signTypedData({\n account: walletClient.account!,\n domain: buildDomain(domain),\n types: burnRequestTypes,\n primaryType: \"BurnRequest\",\n message,\n });\n\n const { v, r, s } = parseSignature(serialized);\n\n return {\n v: Number(v),\n r,\n s,\n serialized,\n };\n}\n\nexport async function verifyBurnRequest(\n domain: PointTokenDomainConfig,\n message: BurnRequest,\n signature: Hex,\n expectedBurner: Address,\n): Promise<SignatureVerification> {\n const recoveredAddress = await recoverTypedDataAddress({\n domain: buildDomain(domain),\n types: burnRequestTypes,\n primaryType: \"BurnRequest\",\n message,\n signature,\n });\n\n const isValid = getAddress(recoveredAddress) === getAddress(expectedBurner);\n\n return { isValid, recoveredAddress };\n}\n","import { getAddress, parseSignature, recoverTypedDataAddress } from \"viem\";\nimport type { Address, Hex, WalletClient } from \"viem\";\nimport { receiverConsentTypes } from \"../constants\";\nimport type { EIP712Signature, PointTokenDomainConfig, ReceiverConsent, SignatureVerification } from \"../types\";\nimport { buildDomain } from \"./domain\";\n\n/**\n * Build the EIP-712 typed data object for a ReceiverConsent.\n * Returns the standard `{ domain, types, primaryType, message }` structure\n * that any EIP-712 signer (viem, ethers, Privy, WalletConnect) can consume.\n */\nexport function buildReceiverConsentTypedData(\n domain: PointTokenDomainConfig,\n message: ReceiverConsent,\n) {\n return {\n domain: buildDomain(domain),\n types: receiverConsentTypes,\n primaryType: \"ReceiverConsent\" as const,\n message,\n };\n}\n\nexport async function signReceiverConsent(\n walletClient: WalletClient,\n domain: PointTokenDomainConfig,\n message: ReceiverConsent,\n): Promise<EIP712Signature> {\n const serialized = await walletClient.signTypedData({\n account: walletClient.account!,\n domain: buildDomain(domain),\n types: receiverConsentTypes,\n primaryType: \"ReceiverConsent\",\n message,\n });\n\n const { v, r, s } = parseSignature(serialized);\n\n return {\n v: Number(v),\n r,\n s,\n serialized,\n };\n}\n\nexport async function verifyReceiverConsent(\n domain: PointTokenDomainConfig,\n message: ReceiverConsent,\n signature: Hex,\n expectedReceiver: Address,\n): Promise<SignatureVerification> {\n const recoveredAddress = await recoverTypedDataAddress({\n domain: buildDomain(domain),\n types: receiverConsentTypes,\n primaryType: \"ReceiverConsent\",\n message,\n signature,\n });\n\n const isValid = getAddress(recoveredAddress) === getAddress(expectedReceiver);\n\n return { isValid, recoveredAddress };\n}\n"],"mappings":";AAOO,SAAS,YAAY,QAAgC;AAC1D,SAAO;AAAA,IACL,MAAM,OAAO;AAAA,IACb,SAAS,OAAO,WAAW;AAAA,IAC3B,SAAS,OAAO;AAAA,IAChB,mBAAmB,OAAO;AAAA,EAC5B;AACF;;;ACdA,SAAS,YAAY,gBAAgB,+BAA+B;;;ACO7D,IAAM,mBAAmB;AAAA,EAC9B,aAAa;AAAA,IACX,EAAE,MAAM,MAAM,MAAM,UAAU;AAAA,IAC9B,EAAE,MAAM,UAAU,MAAM,UAAU;AAAA,IAClC,EAAE,MAAM,SAAS,MAAM,UAAU;AAAA,IACjC,EAAE,MAAM,YAAY,MAAM,UAAU;AAAA,EACtC;AACF;AAEO,IAAM,mBAAmB;AAAA,EAC9B,aAAa;AAAA,IACX,EAAE,MAAM,QAAQ,MAAM,UAAU;AAAA,IAChC,EAAE,MAAM,UAAU,MAAM,UAAU;AAAA,IAClC,EAAE,MAAM,SAAS,MAAM,UAAU;AAAA,IACjC,EAAE,MAAM,YAAY,MAAM,UAAU;AAAA,EACtC;AACF;AAEO,IAAM,uBAAuB;AAAA,EAClC,iBAAiB;AAAA,IACf,EAAE,MAAM,cAAc,MAAM,UAAU;AAAA,IACtC,EAAE,MAAM,oBAAoB,MAAM,UAAU;AAAA,IAC5C,EAAE,MAAM,UAAU,MAAM,UAAU;AAAA,IAClC,EAAE,MAAM,SAAS,MAAM,UAAU;AAAA,IACjC,EAAE,MAAM,YAAY,MAAM,UAAU;AAAA,IACpC,EAAE,MAAM,WAAW,MAAM,QAAQ;AAAA,EACnC;AACF;AAMO,IAAM,mBAAgD;AAAA,EAC3D,MAAM,EAAE,MAAM,OAAO;AACvB;AAEO,IAAM,sBAA+C;AAAA,EAC1D,MAAM;AACR;AAEO,IAAM,6BAAsD;AAAA,EACjE,MAAM;AACR;AAEO,IAAM,gBAAyD;AAAA;AAAA,EAEpE,MAAM;AAAA,IACJ,MAAM;AAAA,IACN,MAAM;AAAA,IACN,MAAM;AAAA,EACR;AACF;AAEO,IAAM,eAA0C;AAAA;AAAA,EAErD,MAAM;AAAA;AAAA,IAEJ;AAAA,MACE,WAAW;AAAA,MACX,WAAW;AAAA,MACX,KAAK;AAAA,MACL,aAAa;AAAA,MACb,OAAO;AAAA,IACT;AAAA;AAAA,IAEA;AAAA,MACE,WAAW;AAAA,MACX,WAAW;AAAA,MACX,KAAK;AAAA,MACL,aAAa;AAAA,MACb,OAAO;AAAA,IACT;AAAA,EACF;AACF;AAEO,IAAM,oBAAgE;AAAA;AAE7E;AAOO,IAAM,kBAA2B;AAcjC,IAAM,kBAA2B;AAGjC,IAAM,kBAA2B;;;ADlGjC,SAAS,0BACd,QACA,SACA;AACA,SAAO;AAAA,IACL,QAAQ,YAAY,MAAM;AAAA,IAC1B,OAAO;AAAA,IACP,aAAa;AAAA,IACb;AAAA,EACF;AACF;AAEA,eAAsB,gBACpB,cACA,QACA,SAC0B;AAC1B,QAAM,aAAa,MAAM,aAAa,cAAc;AAAA,IAClD,SAAS,aAAa;AAAA,IACtB,QAAQ,YAAY,MAAM;AAAA,IAC1B,OAAO;AAAA,IACP,aAAa;AAAA,IACb;AAAA,EACF,CAAC;AAED,QAAM,EAAE,GAAG,GAAG,EAAE,IAAI,eAAe,UAAU;AAE7C,SAAO;AAAA,IACL,GAAG,OAAO,CAAC;AAAA,IACX;AAAA,IACA;AAAA,IACA;AAAA,EACF;AACF;AAEA,eAAsB,kBACpB,QACA,SACA,WACA,gBACgC;AAChC,QAAM,mBAAmB,MAAM,wBAAwB;AAAA,IACrD,QAAQ,YAAY,MAAM;AAAA,IAC1B,OAAO;AAAA,IACP,aAAa;AAAA,IACb;AAAA,IACA;AAAA,EACF,CAAC;AAED,QAAM,UAAU,WAAW,gBAAgB,MAAM,WAAW,cAAc;AAE1E,SAAO,EAAE,SAAS,iBAAiB;AACrC;;;AE/DA,SAAS,cAAAA,aAAY,kBAAAC,iBAAgB,2BAAAC,gCAA+B;AAyB7D,SAAS,0BACd,QACA,SACA;AACA,SAAO;AAAA,IACL,QAAQ,YAAY,MAAM;AAAA,IAC1B,OAAO;AAAA,IACP,aAAa;AAAA,IACb;AAAA,EACF;AACF;AAEA,eAAsB,gBACpB,cACA,QACA,SAC0B;AAC1B,QAAM,aAAa,MAAM,aAAa,cAAc;AAAA,IAClD,SAAS,aAAa;AAAA,IACtB,QAAQ,YAAY,MAAM;AAAA,IAC1B,OAAO;AAAA,IACP,aAAa;AAAA,IACb;AAAA,EACF,CAAC;AAED,QAAM,EAAE,GAAG,GAAG,EAAE,IAAIC,gBAAe,UAAU;AAE7C,SAAO;AAAA,IACL,GAAG,OAAO,CAAC;AAAA,IACX;AAAA,IACA;AAAA,IACA;AAAA,EACF;AACF;AAEA,eAAsB,kBACpB,QACA,SACA,WACA,gBACgC;AAChC,QAAM,mBAAmB,MAAMC,yBAAwB;AAAA,IACrD,QAAQ,YAAY,MAAM;AAAA,IAC1B,OAAO;AAAA,IACP,aAAa;AAAA,IACb;AAAA,IACA;AAAA,EACF,CAAC;AAED,QAAM,UAAUC,YAAW,gBAAgB,MAAMA,YAAW,cAAc;AAE1E,SAAO,EAAE,SAAS,iBAAiB;AACrC;;;AC7EA,SAAS,cAAAC,aAAY,kBAAAC,iBAAgB,2BAAAC,gCAA+B;AAW7D,SAAS,8BACd,QACA,SACA;AACA,SAAO;AAAA,IACL,QAAQ,YAAY,MAAM;AAAA,IAC1B,OAAO;AAAA,IACP,aAAa;AAAA,IACb;AAAA,EACF;AACF;AAEA,eAAsB,oBACpB,cACA,QACA,SAC0B;AAC1B,QAAM,aAAa,MAAM,aAAa,cAAc;AAAA,IAClD,SAAS,aAAa;AAAA,IACtB,QAAQ,YAAY,MAAM;AAAA,IAC1B,OAAO;AAAA,IACP,aAAa;AAAA,IACb;AAAA,EACF,CAAC;AAED,QAAM,EAAE,GAAG,GAAG,EAAE,IAAIC,gBAAe,UAAU;AAE7C,SAAO;AAAA,IACL,GAAG,OAAO,CAAC;AAAA,IACX;AAAA,IACA;AAAA,IACA;AAAA,EACF;AACF;AAEA,eAAsB,sBACpB,QACA,SACA,WACA,kBACgC;AAChC,QAAM,mBAAmB,MAAMC,yBAAwB;AAAA,IACrD,QAAQ,YAAY,MAAM;AAAA,IAC1B,OAAO;AAAA,IACP,aAAa;AAAA,IACb;AAAA,IACA;AAAA,EACF,CAAC;AAED,QAAM,UAAUC,YAAW,gBAAgB,MAAMA,YAAW,gBAAgB;AAE5E,SAAO,EAAE,SAAS,iBAAiB;AACrC;","names":["getAddress","parseSignature","recoverTypedDataAddress","parseSignature","recoverTypedDataAddress","getAddress","getAddress","parseSignature","recoverTypedDataAddress","parseSignature","recoverTypedDataAddress","getAddress"]}
@@ -13,6 +13,7 @@
13
13
 
14
14
  var _chunkCLPRSQT2cjs = require('../chunk-CLPRSQT2.cjs');
15
15
  require('../chunk-LRHY7GOR.cjs');
16
+ require('../chunk-JEQ2X3Z6.cjs');
16
17
 
17
18
 
18
19
 
@@ -1 +1 @@
1
- {"version":3,"sources":["/Users/phitran/Pacific-Finance/pafi-backend/pafi-sdk/packages/core/dist/contract/index.cjs"],"names":[],"mappings":"AAAA;AACE;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACF,yDAA8B;AAC9B,iCAA8B;AAC9B;AACE;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACF,2wBAAC","file":"/Users/phitran/Pacific-Finance/pafi-backend/pafi-sdk/packages/core/dist/contract/index.cjs"}
1
+ {"version":3,"sources":["/Users/phitran/Pacific-Finance/pafi-backend/pafi-sdk/packages/core/dist/contract/index.cjs"],"names":[],"mappings":"AAAA;AACE;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACF,yDAA8B;AAC9B,iCAA8B;AAC9B,iCAA8B;AAC9B;AACE;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACF,2wBAAC","file":"/Users/phitran/Pacific-Finance/pafi-backend/pafi-sdk/packages/core/dist/contract/index.cjs"}
@@ -1,5 +1,5 @@
1
1
  import { PublicClient, Address } from 'viem';
2
- import { I as Issuer } from '../types-JyuXUM8C.cjs';
2
+ import { I as Issuer } from '../types-BAkmxgVo.cjs';
3
3
 
4
4
  declare function getMintRequestNonce(client: PublicClient, pointToken: Address, receiver: Address): Promise<bigint>;
5
5
  /**
@@ -1,5 +1,5 @@
1
1
  import { PublicClient, Address } from 'viem';
2
- import { I as Issuer } from '../types-JyuXUM8C.js';
2
+ import { I as Issuer } from '../types-BAkmxgVo.js';
3
3
 
4
4
  declare function getMintRequestNonce(client: PublicClient, pointToken: Address, receiver: Address): Promise<bigint>;
5
5
  /**
@@ -13,6 +13,7 @@ import {
13
13
  verifyMintCap
14
14
  } from "../chunk-YDLMVWDH.js";
15
15
  import "../chunk-5JZOJIBT.js";
16
+ import "../chunk-DGUM43GV.js";
16
17
  export {
17
18
  getBurnRequestNonce,
18
19
  getIssuer2 as getIssuer,
@@ -9,7 +9,8 @@
9
9
 
10
10
 
11
11
 
12
- var _chunk3QDZFDELcjs = require('../chunk-3QDZFDEL.cjs');
12
+ var _chunkM5ULOZ3Acjs = require('../chunk-M5ULOZ3A.cjs');
13
+ require('../chunk-JEQ2X3Z6.cjs');
13
14
 
14
15
 
15
16
 
@@ -21,5 +22,5 @@ var _chunk3QDZFDELcjs = require('../chunk-3QDZFDEL.cjs');
21
22
 
22
23
 
23
24
 
24
- exports.buildBurnRequestTypedData = _chunk3QDZFDELcjs.buildBurnRequestTypedData; exports.buildDomain = _chunk3QDZFDELcjs.buildDomain; exports.buildMintRequestTypedData = _chunk3QDZFDELcjs.buildMintRequestTypedData; exports.buildReceiverConsentTypedData = _chunk3QDZFDELcjs.buildReceiverConsentTypedData; exports.signBurnRequest = _chunk3QDZFDELcjs.signBurnRequest; exports.signMintRequest = _chunk3QDZFDELcjs.signMintRequest; exports.signReceiverConsent = _chunk3QDZFDELcjs.signReceiverConsent; exports.verifyBurnRequest = _chunk3QDZFDELcjs.verifyBurnRequest; exports.verifyMintRequest = _chunk3QDZFDELcjs.verifyMintRequest; exports.verifyReceiverConsent = _chunk3QDZFDELcjs.verifyReceiverConsent;
25
+ exports.buildBurnRequestTypedData = _chunkM5ULOZ3Acjs.buildBurnRequestTypedData; exports.buildDomain = _chunkM5ULOZ3Acjs.buildDomain; exports.buildMintRequestTypedData = _chunkM5ULOZ3Acjs.buildMintRequestTypedData; exports.buildReceiverConsentTypedData = _chunkM5ULOZ3Acjs.buildReceiverConsentTypedData; exports.signBurnRequest = _chunkM5ULOZ3Acjs.signBurnRequest; exports.signMintRequest = _chunkM5ULOZ3Acjs.signMintRequest; exports.signReceiverConsent = _chunkM5ULOZ3Acjs.signReceiverConsent; exports.verifyBurnRequest = _chunkM5ULOZ3Acjs.verifyBurnRequest; exports.verifyMintRequest = _chunkM5ULOZ3Acjs.verifyMintRequest; exports.verifyReceiverConsent = _chunkM5ULOZ3Acjs.verifyReceiverConsent;
25
26
  //# sourceMappingURL=index.cjs.map
@@ -1 +1 @@
1
- {"version":3,"sources":["/Users/phitran/Pacific-Finance/pafi-backend/pafi-sdk/packages/core/dist/eip712/index.cjs"],"names":[],"mappings":"AAAA;AACE;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACF,yDAA8B;AAC9B;AACE;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACF,yrBAAC","file":"/Users/phitran/Pacific-Finance/pafi-backend/pafi-sdk/packages/core/dist/eip712/index.cjs"}
1
+ {"version":3,"sources":["/Users/phitran/Pacific-Finance/pafi-backend/pafi-sdk/packages/core/dist/eip712/index.cjs"],"names":[],"mappings":"AAAA;AACE;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACF,yDAA8B;AAC9B,iCAA8B;AAC9B;AACE;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACF,yrBAAC","file":"/Users/phitran/Pacific-Finance/pafi-backend/pafi-sdk/packages/core/dist/eip712/index.cjs"}