@phantom/indexed-db-stamper 0.1.1 → 0.1.3

package/README.md

@@ -22,24 +22,27 @@ npm install @phantom/indexed-db-stamper
 ### Basic Usage
 
 ```typescript
-import { IndexedDbStamper } from '@phantom/indexed-db-stamper';
+import { IndexedDbStamper } from "@phantom/indexed-db-stamper";
 
 // Create stamper instance
 const stamper = new IndexedDbStamper({
-  dbName: 'my-app-keys',      // optional, defaults to 'phantom-indexed-db-stamper'
-  storeName: 'crypto-keys',   // optional, defaults to 'crypto-keys'
-  keyName: 'signing-key'      // optional, defaults to 'signing-key'
+  dbName: "my-app-keys", // optional, defaults to 'phantom-indexed-db-stamper'
+  storeName: "crypto-keys", // optional, defaults to 'crypto-keys'
+  keyName: "signing-key", // optional, defaults to 'signing-key',
+  type: "PKI", // optional, defaults to 'PKI', accepts 'PKI' or 'OIDC'
+  idToken?: undefined, // required for OIDC type, optional for PKI
+  salt?: undefined, // required for OIDC type, optional for PKI
 });
 
 // Initialize and generate/load keys
 const keyInfo = await stamper.init();
-console.log('Key ID:', keyInfo.keyId);
-console.log('Public Key:', keyInfo.publicKey);
+console.log("Key ID:", keyInfo.keyId);
+console.log("Public Key:", keyInfo.publicKey);
 
 // Create X-Phantom-Stamp header value for API requests
-const requestData = Buffer.from(JSON.stringify({ action: 'transfer', amount: 100 }), 'utf8');
+const requestData = Buffer.from(JSON.stringify({ action: "transfer", amount: 100 }), "utf8");
 const stamp = await stamper.stamp({ data: requestData });
-console.log('X-Phantom-Stamp:', stamp);
+console.log("X-Phantom-Stamp:", stamp);
 ```
 
 ### Advanced Usage
@@ -47,7 +50,7 @@ console.log('X-Phantom-Stamp:', stamp);
 ```typescript
 // Check if already initialized
 if (stamper.getKeyInfo()) {
-  console.log('Stamper already has keys');
+  console.log("Stamper already has keys");
 } else {
   await stamper.init();
 }
@@ -56,20 +59,20 @@ if (stamper.getKeyInfo()) {
 const newKeyInfo = await stamper.resetKeyPair();
 
 // Stamp different data types with PKI (default)
-const stringData = Buffer.from('string data', 'utf8');
+const stringData = Buffer.from("string data", "utf8");
 const binaryData = Buffer.from([1, 2, 3]);
-const jsonData = Buffer.from(JSON.stringify({ key: 'value' }), 'utf8');
+const jsonData = Buffer.from(JSON.stringify({ key: "value" }), "utf8");
 
 await stamper.stamp({ data: stringData });
-await stamper.stamp({ data: binaryData, type: 'PKI' }); // explicit PKI type
+await stamper.stamp({ data: binaryData }); // explicit PKI type
 await stamper.stamp({ data: jsonData });
 
 // OIDC type stamping (requires idToken and salt)
-const oidcStamp = await stamper.stamp({ 
-  data: requestData, 
-  type: 'OIDC', 
-  idToken: 'your-id-token',
-  salt: 'your-salt-value'
+const oidcStamp = await stamper.stamp({
+  data: requestData,
+  type: "OIDC",
+  idToken: "your-id-token",
+  salt: "your-salt-value",
 });
 
 // Clear all stored keys
@@ -85,27 +88,33 @@ new IndexedDbStamper(config?: IndexedDbStamperConfig)
 ```
 
 **Config Options:**
+
 - `dbName?: string` - IndexedDB database name (default: 'phantom-indexed-db-stamper')
-- `storeName?: string` - Object store name (default: 'crypto-keys')  
+- `storeName?: string` - Object store name (default: 'crypto-keys')
 - `keyName?: string` - Key identifier prefix (default: 'signing-key')
 
 ### Methods
 
 #### `init(): Promise<StamperKeyInfo>`
+
 Initialize the stamper and generate/load cryptographic keys.
 
 **Returns:** `StamperKeyInfo` with `keyId` and `publicKey`
 
 #### `getKeyInfo(): StamperKeyInfo | null`
+
 Get current key information without async operation.
 
-#### `resetKeyPair(): Promise<StamperKeyInfo>`  
+#### `resetKeyPair(): Promise<StamperKeyInfo>`
+
 Generate and store a new key pair, replacing any existing keys.
 
 #### `stamp(params: { data: Buffer; type?: 'PKI'; idToken?: never; salt?: never; } | { data: Buffer; type: 'OIDC'; idToken: string; salt: string; }): Promise<string>`
+
 Create X-Phantom-Stamp header value using the stored private key.
 
 **Parameters:**
+
 - `params.data: Buffer` - Data to sign (typically JSON stringified request body)
 - `params.type?: 'PKI' | 'OIDC'` - Stamp type (defaults to 'PKI')
 - `params.idToken?: string` - Required for OIDC type
@@ -116,21 +125,26 @@ Create X-Phantom-Stamp header value using the stored private key.
 **Note:** The public key is stored internally in base58 format but converted to base64url when creating stamps for API compatibility.
 
 #### `clear(): Promise<void>`
+
 Remove all stored keys from IndexedDB.
 
 ## Security Features
 
 ### Non-Extractable Keys
+
 The stamper generates Ed25519 CryptoKey objects with `extractable: false`, meaning private keys cannot be exported, extracted, or accessed outside of Web Crypto API signing operations. This provides the strongest possible security in browser environments.
 
-### Cryptographic Isolation  
+### Cryptographic Isolation
+
 Keys are generated and stored entirely within the browser's secure cryptographic context:
+
 - Private keys never exist in JavaScript memory at any point
 - Signing operations happen within Web Crypto API secure boundaries
 - Secure elements used when available by the browser
 - Origin-based security isolation through IndexedDB
 
 ### Signature Format
+
 The stamper uses Ed25519 signatures in their native 64-byte format, providing efficient and secure signing operations.
 
 ## Error Handling
@@ -139,20 +153,20 @@ The stamper includes comprehensive error handling for:
 
 ```typescript
 // Environment validation
-if (typeof window === 'undefined') {
-  throw new Error('IndexedDbStamper requires a browser environment');
+if (typeof window === "undefined") {
+  throw new Error("IndexedDbStamper requires a browser environment");
 }
 
 // Initialization checks
 if (!stamper.getKeyInfo()) {
-  throw new Error('Stamper not initialized. Call init() first.');
+  throw new Error("Stamper not initialized. Call init() first.");
 }
 
 // Storage errors
 try {
   await stamper.init();
 } catch (error) {
-  console.error('Failed to initialize stamper:', error);
+  console.error("Failed to initialize stamper:", error);
 }
 ```
 
@@ -162,4 +176,4 @@ Requires IndexedDB and Web Crypto API support.
 
 ## License
 
-MIT
+MIT

package/dist/index.d.ts

@@ -5,6 +5,9 @@ type IndexedDbStamperConfig = {
     dbName?: string;
     storeName?: string;
     keyName?: string;
+    type?: "PKI" | "OIDC";
+    idToken?: string;
+    salt?: string;
 };
 /**
  * IndexedDB-based key manager that stores cryptographic keys securely in IndexedDB
@@ -25,6 +28,9 @@ declare class IndexedDbStamper implements StamperWithKeyManagement {
     private keyInfo;
     private cryptoKeyPair;
     algorithm: Algorithm;
+    type: "PKI" | "OIDC";
+    idToken?: string;
+    salt?: string;
     constructor(config?: IndexedDbStamperConfig);
     /**
      * Initialize the stamper by opening IndexedDB and retrieving or generating keys
@@ -45,12 +51,12 @@ declare class IndexedDbStamper implements StamperWithKeyManagement {
      */
     stamp(params: {
         data: Buffer;
-        type?: 'PKI';
+        type?: "PKI";
         idToken?: never;
         salt?: never;
     } | {
         data: Buffer;
-        type: 'OIDC';
+        type: "OIDC";
         idToken: string;
         salt: string;
     }): Promise<string>;

package/dist/index.js

@@ -37,18 +37,24 @@ var import_base64url = require("@phantom/base64url");
 var import_bs58 = __toESM(require("bs58"));
 var import_sdk_types = require("@phantom/sdk-types");
 var IndexedDbStamper = class {
-  // Use Ed25519 for maximum security and performance
+  // Optional for PKI, required for OIDC
   constructor(config = {}) {
     this.db = null;
     this.keyInfo = null;
     this.cryptoKeyPair = null;
     this.algorithm = import_sdk_types.Algorithm.ed25519;
+    // Use Ed25519 for maximum security and performance
+    // The type of stamper, can be changed at any time 
+    this.type = "PKI";
     if (typeof window === "undefined" || !window.indexedDB) {
       throw new Error("IndexedDbStamper requires a browser environment with IndexedDB support");
     }
     this.dbName = config.dbName || "phantom-indexed-db-stamper";
     this.storeName = config.storeName || "crypto-keys";
     this.keyName = config.keyName || "signing-key";
+    this.type = config.type || "PKI";
+    this.idToken = config.idToken;
+    this.salt = config.salt;
   }
   /**
    * Initialize the stamper by opening IndexedDB and retrieving or generating keys
@@ -85,7 +91,7 @@ var IndexedDbStamper = class {
    * @returns Complete X-Phantom-Stamp header value
    */
   async stamp(params) {
-    const { data, type = "PKI" } = params;
+    const { data } = params;
     if (!this.keyInfo || !this.cryptoKeyPair) {
       throw new Error("Stamper not initialized. Call init() first.");
     }
@@ -99,7 +105,10 @@ var IndexedDbStamper = class {
       dataBytes
     );
     const signatureBase64url = (0, import_base64url.base64urlEncode)(new Uint8Array(signature));
-    const stampData = type === "PKI" ? {
+    const stampType = params.type || this.type;
+    const idToken = params.type === "OIDC" ? params.idToken : this.idToken;
+    const salt = params.type === "OIDC" ? params.salt : this.salt;
+    const stampData = stampType === "PKI" ? {
       // Decode base58 public key to bytes, then encode as base64url (consistent with ApiKeyStamper)
       publicKey: (0, import_base64url.base64urlEncode)(import_bs58.default.decode(this.keyInfo.publicKey)),
       signature: signatureBase64url,
@@ -107,9 +116,9 @@ var IndexedDbStamper = class {
       algorithm: this.algorithm
     } : {
       kind: "OIDC",
-      idToken: params.idToken,
+      idToken,
       publicKey: (0, import_base64url.base64urlEncode)(import_bs58.default.decode(this.keyInfo.publicKey)),
-      salt: params.salt,
+      salt,
       algorithm: this.algorithm,
       signature: signatureBase64url
     };

package/dist/index.mjs

@@ -3,18 +3,24 @@ import { base64urlEncode } from "@phantom/base64url";
 import bs58 from "bs58";
 import { Algorithm } from "@phantom/sdk-types";
 var IndexedDbStamper = class {
-  // Use Ed25519 for maximum security and performance
+  // Optional for PKI, required for OIDC
   constructor(config = {}) {
     this.db = null;
     this.keyInfo = null;
     this.cryptoKeyPair = null;
     this.algorithm = Algorithm.ed25519;
+    // Use Ed25519 for maximum security and performance
+    // The type of stamper, can be changed at any time 
+    this.type = "PKI";
     if (typeof window === "undefined" || !window.indexedDB) {
       throw new Error("IndexedDbStamper requires a browser environment with IndexedDB support");
     }
     this.dbName = config.dbName || "phantom-indexed-db-stamper";
     this.storeName = config.storeName || "crypto-keys";
     this.keyName = config.keyName || "signing-key";
+    this.type = config.type || "PKI";
+    this.idToken = config.idToken;
+    this.salt = config.salt;
   }
   /**
    * Initialize the stamper by opening IndexedDB and retrieving or generating keys
@@ -51,7 +57,7 @@ var IndexedDbStamper = class {
    * @returns Complete X-Phantom-Stamp header value
    */
   async stamp(params) {
-    const { data, type = "PKI" } = params;
+    const { data } = params;
     if (!this.keyInfo || !this.cryptoKeyPair) {
       throw new Error("Stamper not initialized. Call init() first.");
     }
@@ -65,7 +71,10 @@ var IndexedDbStamper = class {
       dataBytes
     );
     const signatureBase64url = base64urlEncode(new Uint8Array(signature));
-    const stampData = type === "PKI" ? {
+    const stampType = params.type || this.type;
+    const idToken = params.type === "OIDC" ? params.idToken : this.idToken;
+    const salt = params.type === "OIDC" ? params.salt : this.salt;
+    const stampData = stampType === "PKI" ? {
       // Decode base58 public key to bytes, then encode as base64url (consistent with ApiKeyStamper)
       publicKey: base64urlEncode(bs58.decode(this.keyInfo.publicKey)),
       signature: signatureBase64url,
@@ -73,9 +82,9 @@ var IndexedDbStamper = class {
       algorithm: this.algorithm
     } : {
       kind: "OIDC",
-      idToken: params.idToken,
+      idToken,
       publicKey: base64urlEncode(bs58.decode(this.keyInfo.publicKey)),
-      salt: params.salt,
+      salt,
       algorithm: this.algorithm,
       signature: signatureBase64url
     };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@phantom/indexed-db-stamper",
-  "version": "0.1.1",
+  "version": "0.1.3",
   "description": "IndexedDB stamper for Phantom Wallet SDK with non-extractable key storage",
   "main": "dist/index.js",
   "module": "dist/index.mjs",
@@ -40,9 +40,9 @@
   },
   "dependencies": {
     "@phantom/base64url": "^0.1.0",
-    "@phantom/crypto": "^0.1.1",
-    "@phantom/embedded-provider-core": "^0.1.2",
-    "@phantom/sdk-types": "^0.1.1",
+    "@phantom/crypto": "^0.1.2",
+    "@phantom/embedded-provider-core": "^0.1.4",
+    "@phantom/sdk-types": "^0.1.3",
     "bs58": "^6.0.0",
     "buffer": "^6.0.3"
   },