@reclaimprotocol/attestor-core 3.1.1 → 4.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/avs/contracts/index.js +18 -8
- package/lib/avs/utils/tasks.d.ts +1 -1
- package/lib/client/create-claim.d.ts +2 -2
- package/lib/client/create-claim.js +89 -33
- package/lib/client/utils/client-socket.d.ts +3 -1
- package/lib/client/utils/client-socket.js +25 -8
- package/lib/config/index.d.ts +4 -0
- package/lib/config/index.js +8 -3
- package/lib/index.js +18 -8
- package/lib/proto/api.d.ts +80 -2
- package/lib/proto/api.js +853 -101
- package/lib/providers/http/index.js +180 -109
- package/lib/providers/http/utils.d.ts +3 -6
- package/lib/providers/http/utils.js +13 -11
- package/lib/providers/index.js +1 -3
- package/lib/scripts/generate-receipt.js +6 -3
- package/lib/scripts/generate-toprf-keys.d.ts +1 -0
- package/lib/scripts/generate-toprf-keys.js +23 -0
- package/lib/server/create-server.js +14 -7
- package/lib/server/handlers/claimTunnel.js +33 -10
- package/lib/server/handlers/createTunnel.js +44 -8
- package/lib/server/handlers/disconnectTunnel.js +2 -2
- package/lib/server/handlers/index.js +4 -2
- package/lib/server/handlers/init.js +17 -2
- package/lib/server/handlers/toprf.d.ts +2 -0
- package/lib/server/handlers/toprf.js +21 -0
- package/lib/server/socket.d.ts +5 -3
- package/lib/server/socket.js +25 -5
- package/lib/server/tunnels/make-tcp-tunnel.js +10 -24
- package/lib/server/utils/apm.js +1 -1
- package/lib/server/utils/assert-valid-claim-request.d.ts +2 -2
- package/lib/server/utils/assert-valid-claim-request.js +17 -9
- package/lib/server/utils/dns.d.ts +1 -0
- package/lib/server/utils/dns.js +22 -0
- package/lib/server/utils/generics.d.ts +1 -1
- package/lib/tests/describe-with-server.d.ts +0 -2
- package/lib/tests/describe-with-server.js +1 -4
- package/lib/tests/mock-provider-server.d.ts +1 -1
- package/lib/tests/test.auth.d.ts +1 -0
- package/lib/tests/test.auth.js +75 -0
- package/lib/tests/test.bgp-listener.d.ts +1 -0
- package/lib/tests/test.bgp-listener.js +169 -0
- package/lib/tests/test.claim-creation.js +100 -7
- package/lib/tests/test.http-parser.d.ts +1 -1
- package/lib/tests/test.http-parser.js +7 -5
- package/lib/tests/test.http-provider-utils.js +155 -30
- package/lib/tests/test.http-provider.js +50 -7
- package/lib/tests/test.zk.js +54 -4
- package/lib/tests/utils.d.ts +6 -0
- package/lib/tests/utils.js +16 -1
- package/lib/types/bgp.d.ts +11 -0
- package/lib/types/bgp.js +3 -0
- package/lib/types/claims.d.ts +14 -5
- package/lib/types/client.d.ts +30 -3
- package/lib/types/general.d.ts +12 -0
- package/lib/types/handlers.d.ts +4 -4
- package/lib/types/index.d.ts +1 -0
- package/lib/types/index.js +2 -1
- package/lib/types/providers.d.ts +9 -9
- package/lib/types/providers.gen.d.ts +12 -152
- package/lib/types/providers.gen.js +2 -6
- package/lib/types/zk.d.ts +11 -2
- package/lib/utils/auth.d.ts +7 -0
- package/lib/utils/auth.js +64 -0
- package/lib/utils/b64-json.d.ts +2 -0
- package/lib/utils/b64-json.js +23 -0
- package/lib/utils/bgp-listener.d.ts +7 -0
- package/lib/utils/bgp-listener.js +126 -0
- package/lib/utils/claims.js +3 -3
- package/lib/utils/generics.d.ts +5 -5
- package/lib/utils/generics.js +3 -3
- package/lib/utils/index.d.ts +2 -0
- package/lib/utils/index.js +3 -1
- package/lib/utils/redactions.d.ts +19 -6
- package/lib/utils/redactions.js +41 -4
- package/lib/utils/socket-base.d.ts +3 -2
- package/lib/utils/socket-base.js +7 -2
- package/lib/utils/ws.d.ts +5 -5
- package/lib/utils/ws.js +27 -10
- package/lib/utils/zk.d.ts +12 -7
- package/lib/utils/zk.js +197 -42
- package/lib/window-rpc/setup-window-rpc.js +29 -8
- package/lib/window-rpc/types.d.ts +16 -21
- package/lib/window-rpc/utils.d.ts +2 -1
- package/lib/window-rpc/utils.js +27 -1
- package/lib/window-rpc/window-rpc-zk.d.ts +8 -3
- package/lib/window-rpc/window-rpc-zk.js +58 -45
- package/package.json +24 -22
package/lib/tests/test.zk.js
CHANGED
|
@@ -12,8 +12,8 @@ const ZK_ENGINES = [
|
|
|
12
12
|
'snarkjs'
|
|
13
13
|
];
|
|
14
14
|
jest.setTimeout(90000); // 90s
|
|
15
|
-
describe('
|
|
16
|
-
it('should correctly redact blocks', () => {
|
|
15
|
+
describe('Redaction Tests', () => {
|
|
16
|
+
it('should correctly redact blocks', async () => {
|
|
17
17
|
const vectors = [
|
|
18
18
|
{
|
|
19
19
|
input: [
|
|
@@ -65,7 +65,9 @@ describe('ZK Tests', () => {
|
|
|
65
65
|
}
|
|
66
66
|
];
|
|
67
67
|
for (const { input, output, redactions } of vectors) {
|
|
68
|
-
const realOutput = (0, utils_1.getBlocksToReveal)(input.map(i => ({ plaintext: Buffer.from(i) })), () => redactions)
|
|
68
|
+
const realOutput = await (0, utils_1.getBlocksToReveal)(input.map(i => ({ plaintext: Buffer.from(i) })), () => redactions, () => {
|
|
69
|
+
throw new Error('should not call this');
|
|
70
|
+
});
|
|
69
71
|
if (realOutput === 'all') {
|
|
70
72
|
fail('should not return "all"');
|
|
71
73
|
continue;
|
|
@@ -76,6 +78,54 @@ describe('ZK Tests', () => {
|
|
|
76
78
|
}
|
|
77
79
|
}
|
|
78
80
|
});
|
|
81
|
+
it('should correctly hash blocks', async () => {
|
|
82
|
+
const nullifer = (0, tls_1.strToUint8Array)('abcdefg');
|
|
83
|
+
const base64Nullifier = Buffer.from(nullifer).toString('base64');
|
|
84
|
+
const vectors = [
|
|
85
|
+
{
|
|
86
|
+
input: [
|
|
87
|
+
'hell',
|
|
88
|
+
'o world'
|
|
89
|
+
],
|
|
90
|
+
output: [
|
|
91
|
+
'h' + base64Nullifier.slice(0, 3),
|
|
92
|
+
base64Nullifier.slice(3, 4) + ' world'
|
|
93
|
+
],
|
|
94
|
+
redactions: [
|
|
95
|
+
{ fromIndex: 1, toIndex: 5, hash: 'oprf' }
|
|
96
|
+
]
|
|
97
|
+
},
|
|
98
|
+
{
|
|
99
|
+
input: [
|
|
100
|
+
'hell',
|
|
101
|
+
'o world'
|
|
102
|
+
],
|
|
103
|
+
output: [
|
|
104
|
+
base64Nullifier.slice(0, 4),
|
|
105
|
+
base64Nullifier.slice(4, 5) + ' world'
|
|
106
|
+
],
|
|
107
|
+
redactions: [
|
|
108
|
+
{ fromIndex: 0, toIndex: 5, hash: 'oprf' }
|
|
109
|
+
]
|
|
110
|
+
},
|
|
111
|
+
];
|
|
112
|
+
for (const { input, output, redactions } of vectors) {
|
|
113
|
+
const realOutput = await (0, utils_1.getBlocksToReveal)(input.map(i => ({ plaintext: Buffer.from(i) })), () => redactions, async () => ({
|
|
114
|
+
dataLocation: undefined,
|
|
115
|
+
nullifier: nullifer,
|
|
116
|
+
responses: [],
|
|
117
|
+
mask: (0, tls_1.strToUint8Array)('mask'),
|
|
118
|
+
plaintext: (0, tls_1.strToUint8Array)('abcdefg')
|
|
119
|
+
}));
|
|
120
|
+
if (realOutput === 'all') {
|
|
121
|
+
fail('should not return "all"');
|
|
122
|
+
}
|
|
123
|
+
expect(realOutput).toHaveLength(output.length);
|
|
124
|
+
for (const [i, element] of output.entries()) {
|
|
125
|
+
expect((0, utils_1.uint8ArrayToStr)(realOutput[i].redactedPlaintext)).toEqual(element);
|
|
126
|
+
}
|
|
127
|
+
}
|
|
128
|
+
});
|
|
79
129
|
});
|
|
80
130
|
describe.each(ZK_CIPHER_SUITES)('[%s] should generate ZK proof for some ciphertext', (cipherSuite) => {
|
|
81
131
|
describe.each(ZK_ENGINES)('[%s]', (zkEngine) => {
|
|
@@ -166,4 +216,4 @@ describe.each(ZK_CIPHER_SUITES)('[%s] should generate ZK proof for some cipherte
|
|
|
166
216
|
});
|
|
167
217
|
});
|
|
168
218
|
});
|
|
169
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
219
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidGVzdC56ay5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uL3NyYy90ZXN0cy90ZXN0LnprLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7O0FBQUEsOENBQTZIO0FBSTdILHFDQU9rQjtBQUVsQixNQUFNLGdCQUFnQixHQUFrQjtJQUN2Qyw4QkFBOEI7SUFDOUIsd0JBQXdCO0lBQ3hCLHlDQUF5QztDQUN6QyxDQUFBO0FBRUQsTUFBTSxVQUFVLEdBQWU7SUFDOUIsT0FBTztJQUNQLFNBQVM7Q0FDVCxDQUFBO0FBUUQsSUFBSSxDQUFDLFVBQVUsQ0FBQyxLQUFNLENBQUMsQ0FBQSxDQUFDLE1BQU07QUFFOUIsUUFBUSxDQUFDLGlCQUFpQixFQUFFLEdBQUcsRUFBRTtJQUVoQyxFQUFFLENBQUMsZ0NBQWdDLEVBQUUsS0FBSyxJQUFHLEVBQUU7UUFDOUMsTUFBTSxPQUFPLEdBQTBCO1lBQ3RDO2dCQUNDLEtBQUssRUFBRTtvQkFDTixNQUFNO29CQUNOLFNBQVM7aUJBQ1Q7Z0JBQ0QsTUFBTSxFQUFFO29CQUNQLE1BQU07b0JBQ04sU0FBUztpQkFDVDtnQkFDRCxVQUFVLEVBQUU7b0JBQ1gsRUFBRSxTQUFTLEVBQUUsQ0FBQyxFQUFFLE9BQU8sRUFBRSxDQUFDLEVBQUU7aUJBQzVCO2FBQ0Q7WUFDRDtnQkFDQyxLQUFLLEVBQUU7b0JBQ04sTUFBTTtvQkFDTixTQUFTO2lCQUNUO2dCQUNELE1BQU0sRUFBRTtvQkFDUCw0QkFBNEI7b0JBQzVCLG9DQUFvQztvQkFDcEMsU0FBUztpQkFDVDtnQkFDRCxVQUFVLEVBQUU7b0JBQ1gsRUFBRSxTQUFTLEVBQUUsQ0FBQyxFQUFFLE9BQU8sRUFBRSxDQUFDLEVBQUU7aUJBQzVCO2FBQ0Q7WUFDRDtnQkFDQyxLQUFLLEVBQUU7b0JBQ04sT0FBTztvQkFDUCxLQUFLO29CQUNMLElBQUk7b0JBQ0osS0FBSztvQkFDTCxJQUFJO2lCQUNKO2dCQUNELE1BQU0sRUFBRTtvQkFDUCxPQUFPO29CQUNQLElBQUk7b0JBQ0osS0FBSztvQkFDTCxJQUFJO2lCQUNKO2dCQUNELFVBQVUsRUFBRTtvQkFDWCxFQUFFLFNBQVMsRUFBRSxDQUFDLEVBQUUsT0FBTyxFQUFFLENBQUMsRUFBRTtvQkFDNUIsRUFBRSxTQUFTLEVBQUUsQ0FBQyxFQUFFLE9BQU8sRUFBRSxDQUFDLEVBQUU7b0JBQzVCLEVBQUUsU0FBUyxFQUFFLENBQUMsRUFBRSxPQUFPLEVBQUUsRUFBRSxFQUFFO29CQUM3QixFQUFFLFNBQVMsRUFBRSxFQUFFLEVBQUUsT0FBTyxFQUFFLEVBQUUsRUFBRTtpQkFDOUI7YUFDRDtTQUNELENBQUE7UUFFRCxLQUFJLE1BQU0sRUFBRSxLQUFLLEVBQUUsTUFBTSxFQUFFLFVBQVUsRUFBRSxJQUFJLE9BQU8sRUFBRSxDQUFDO1lBQ3BELE1BQU0sVUFBVSxHQUFHLE1BQU0sSUFBQSx5QkFBaUIsRUFDekMsS0FBSyxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUMsRUFBRSxDQUFDLENBQUMsRUFBRSxTQUFTLEVBQUUsTUFBTSxDQUFDLElBQUksQ0FBQyxDQUFDLENBQUMsRUFBRSxDQUFDLENBQUMsRUFDL0MsR0FBRyxFQUFFLENBQUMsVUFBVSxFQUNoQixHQUFHLEVBQUU7Z0JBQ0osTUFBTSxJQUFJLEtBQUssQ0FBQyxzQkFBc0IsQ0FBQyxDQUFBO1lBQ3hDLENBQUMsQ0FDRCxDQUFBO1lBQ0QsSUFBRyxVQUFVLEtBQUssS0FBSyxFQUFFLENBQUM7Z0JBQ3pCLElBQUksQ0FBQyx5QkFBeUIsQ0FBQyxDQUFBO2dCQUMvQixTQUFRO1lBQ1QsQ0FBQztZQUVELE1BQU0sQ0FBQyxVQUFVLENBQUMsQ0FBQyxZQUFZLENBQUMsTUFBTSxDQUFDLE1BQU0sQ0FBQyxDQUFBO1lBQzlDLEtBQUksTUFBTSxDQUFDLENBQUMsRUFBRSxPQUFPLENBQUMsSUFBSSxNQUFNLENBQUMsT0FBTyxFQUFFLEVBQUUsQ0FBQztnQkFDNUMsTUFBTSxDQUNMLElBQUEsdUJBQWUsRUFBQyxVQUFVLENBQUMsQ0FBQyxDQUFDLENBQUMsaUJBQWlCLENBQUMsQ0FDaEQsQ0FBQyxPQUFPLENBQUMsT0FBTyxDQUFDLENBQUE7WUFDbkIsQ0FBQztRQUNGLENBQUM7SUFDRixDQUFDLENBQUMsQ0FBQTtJQUVGLEVBQUUsQ0FBQyw4QkFBOEIsRUFBRSxLQUFLLElBQUcsRUFBRTtRQUM1QyxNQUFNLFFBQVEsR0FBRyxJQUFBLHFCQUFlLEVBQUMsU0FBUyxDQUFDLENBQUE7UUFDM0MsTUFBTSxlQUFlLEdBQUcsTUFBTSxDQUFDLElBQUksQ0FBQyxRQUFRLENBQUMsQ0FBQyxRQUFRLENBQUMsUUFBUSxDQUFDLENBQUE7UUFDaEUsTUFBTSxPQUFPLEdBQTBCO1lBQ3RDO2dCQUNDLEtBQUssRUFBRTtvQkFDTixNQUFNO29CQUNOLFNBQVM7aUJBQ1Q7Z0JBQ0QsTUFBTSxFQUFFO29CQUNQLEdBQUcsR0FBRyxlQUFlLENBQUMsS0FBSyxDQUFDLENBQUMsRUFBRSxDQUFDLENBQUM7b0JBQ2pDLGVBQWUsQ0FBQyxLQUFLLENBQUMsQ0FBQyxFQUFFLENBQUMsQ0FBQyxHQUFHLFFBQVE7aUJBQ3RDO2dCQUNELFVBQVUsRUFBRTtvQkFDWCxFQUFFLFNBQVMsRUFBRSxDQUFDLEVBQUUsT0FBTyxFQUFFLENBQUMsRUFBRSxJQUFJLEVBQUUsTUFBTSxFQUFFO2lCQUMxQzthQUNEO1lBQ0Q7Z0JBQ0MsS0FBSyxFQUFFO29CQUNOLE1BQU07b0JBQ04sU0FBUztpQkFDVDtnQkFDRCxNQUFNLEVBQUU7b0JBQ1AsZUFBZSxDQUFDLEtBQUssQ0FBQyxDQUFDLEVBQUUsQ0FBQyxDQUFDO29CQUMzQixlQUFlLENBQUMsS0FBSyxDQUFDLENBQUMsRUFBRSxDQUFDLENBQUMsR0FBRyxRQUFRO2lCQUN0QztnQkFDRCxVQUFVLEVBQUU7b0JBQ1gsRUFBRSxTQUFTLEVBQUUsQ0FBQyxFQUFFLE9BQU8sRUFBRSxDQUFDLEVBQUUsSUFBSSxFQUFFLE1BQU0sRUFBRTtpQkFDMUM7YUFDRDtTQUNELENBQUE7UUFFRCxLQUFJLE1BQU0sRUFBRSxLQUFLLEVBQUUsTUFBTSxFQUFFLFVBQVUsRUFBRSxJQUFJLE9BQU8sRUFBRSxDQUFDO1lBQ3BELE1BQU0sVUFBVSxHQUFHLE1BQU0sSUFBQSx5QkFBaUIsRUFDekMsS0FBSyxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUMsRUFBRSxDQUFDLENBQUMsRUFBRSxTQUFTLEVBQUUsTUFBTSxDQUFDLElBQUksQ0FBQyxDQUFDLENBQUMsRUFBRSxDQUFDLENBQUMsRUFDL0MsR0FBRyxFQUFFLENBQUMsVUFBVSxFQUNoQixLQUFLLElBQUcsRUFBRSxDQUFDLENBQUM7Z0JBQ1gsWUFBWSxFQUFFLFNBQVM7Z0JBQ3ZCLFNBQVMsRUFBRSxRQUFRO2dCQUNuQixTQUFTLEVBQUUsRUFBRTtnQkFDYixJQUFJLEVBQUUsSUFBQSxxQkFBZSxFQUFDLE1BQU0sQ0FBQztnQkFDN0IsU0FBUyxFQUFFLElBQUEscUJBQWUsRUFBQyxTQUFTLENBQUM7YUFDckMsQ0FBQyxDQUNGLENBQUE7WUFDRCxJQUFHLFVBQVUsS0FBSyxLQUFLLEVBQUUsQ0FBQztnQkFDekIsSUFBSSxDQUFDLHlCQUF5QixDQUFDLENBQUE7WUFDaEMsQ0FBQztZQUVELE1BQU0sQ0FBQyxVQUFVLENBQUMsQ0FBQyxZQUFZLENBQUMsTUFBTSxDQUFDLE1BQU0sQ0FBQyxDQUFBO1lBQzlDLEtBQUksTUFBTSxDQUFDLENBQUMsRUFBRSxPQUFPLENBQUMsSUFBSSxNQUFNLENBQUMsT0FBTyxFQUFFLEVBQUUsQ0FBQztnQkFDNUMsTUFBTSxDQUNMLElBQUEsdUJBQWUsRUFBQyxVQUFVLENBQUMsQ0FBQyxDQUFDLENBQUMsaUJBQWlCLENBQUMsQ0FDaEQsQ0FBQyxPQUFPLENBQUMsT0FBTyxDQUFDLENBQUE7WUFDbkIsQ0FBQztRQUNGLENBQUM7SUFDRixDQUFDLENBQUMsQ0FBQTtBQUNILENBQUMsQ0FBQyxDQUFBO0FBRUYsUUFBUSxDQUFDLElBQUksQ0FBQyxnQkFBZ0IsQ0FBQyxDQUFDLG1EQUFtRCxFQUFFLENBQUMsV0FBVyxFQUFFLEVBQUU7SUFDcEcsUUFBUSxDQUFDLElBQUksQ0FBQyxVQUFVLENBQUMsQ0FBQyxNQUFNLEVBQUUsQ0FBQyxRQUFRLEVBQUUsRUFBRTtRQUM5QyxFQUFFLENBQUMsUUFBUSxHQUFHLEdBQUcsR0FBRyxXQUFXLEVBQUUsS0FBSyxJQUFHLEVBQUU7WUFDMUMsTUFBTSxHQUFHLEdBQUcsV0FBVyxDQUFDLFFBQVEsQ0FBQyxVQUFVLENBQUM7Z0JBQzNDLENBQUMsQ0FBQyxtQkFBbUI7Z0JBQ3JCLENBQUMsQ0FBQyxDQUNELFdBQVcsQ0FBQyxRQUFRLENBQUMsYUFBYSxDQUFDO29CQUNsQyxDQUFDLENBQUMsYUFBYTtvQkFDZixDQUFDLENBQUMsYUFBYSxDQUNoQixDQUFBO1lBQ0YsTUFBTSxTQUFTLEdBQUcsR0FBRyxLQUFLLGFBQWEsQ0FBQyxDQUFDLENBQUMsRUFBRSxDQUFDLENBQUMsQ0FBQyxFQUFFLENBQUE7WUFDakQsTUFBTSxHQUFHLEdBQUcsTUFBTSxDQUFDLEtBQUssQ0FBQyxTQUFTLEVBQUUsQ0FBQyxDQUFDLENBQUE7WUFDdEMsR0FBRyxDQUFDLENBQUMsQ0FBQyxHQUFHLENBQUMsQ0FBQTtZQUNWLEdBQUcsQ0FBQyxDQUFDLENBQUMsR0FBRyxDQUFDLENBQUE7WUFDVixNQUFNLEVBQ0wsUUFBUSxFQUFFLGFBQWEsR0FDdkIsR0FBRyxnQ0FBMEIsQ0FBQyxXQUFXLENBQUMsQ0FBQTtZQUMzQyxNQUFNLE9BQU8sR0FBRyxNQUFNLENBQUMsS0FBSyxDQUFDLGFBQWEsRUFBRSxDQUFDLENBQUMsQ0FBQTtZQUM5QyxPQUFPLENBQUMsQ0FBQyxDQUFDLEdBQUcsQ0FBQyxDQUFBO1lBQ2QsT0FBTyxDQUFDLENBQUMsQ0FBQyxHQUFHLENBQUMsQ0FBQTtZQUVkLE1BQU0sTUFBTSxHQUFHLE1BQU0sWUFBTSxDQUFDLFNBQVMsQ0FBQyxHQUFHLEVBQUUsR0FBRyxDQUFDLENBQUE7WUFDL0MsTUFBTSxPQUFPLEdBQUc7Z0JBQ2Y7b0JBQ0MsU0FBUyxFQUFFLCtEQUErRDtvQkFDMUUsVUFBVSxFQUFFO3dCQUNYLEVBQUUsU0FBUyxFQUFFLEVBQUUsRUFBRSxPQUFPLEVBQUUsRUFBRSxFQUFFO3FCQUM5QjtpQkFDRDtnQkFDRDtvQkFDQyxTQUFTLEVBQUU7Ozs7OzttQkFNRztvQkFDZCxVQUFVLEVBQUU7d0JBQ1gsRUFBRSxTQUFTLEVBQUUsQ0FBQyxFQUFFLE9BQU8sRUFBRSxFQUFFLEVBQUU7cUJBQzdCO2lCQUNEO2FBQ0QsQ0FBQTtZQUVELE1BQU0sY0FBYyxHQUFHLE1BQU0sSUFBQSw0QkFBb0IsRUFBQztnQkFDakQsTUFBTSxFQUFOLGNBQU07Z0JBQ04sV0FBVztnQkFDWCxRQUFRLEVBQUUsUUFBUTthQUNsQixDQUFDLENBQUE7WUFDRixLQUFJLE1BQU0sRUFBRSxTQUFTLEVBQUUsVUFBVSxFQUFFLElBQUksT0FBTyxFQUFFLENBQUM7Z0JBQ2hELE1BQU0sWUFBWSxHQUFHLE1BQU0sQ0FBQyxJQUFJLENBQUMsU0FBUyxDQUFDLENBQUE7Z0JBQzNDLE1BQU0saUJBQWlCLEdBQUcsSUFBQSxvQkFBWSxFQUFDLFlBQVksRUFBRSxVQUFVLENBQUMsQ0FBQTtnQkFDaEUsMkNBQTJDO2dCQUMzQyxNQUFNLENBQUMsaUJBQWlCLENBQUMsQ0FBQyxHQUFHLENBQUMsT0FBTyxDQUFDLFlBQVksQ0FBQyxDQUFBO2dCQUVuRCxNQUFNLEVBQUUsVUFBVSxFQUFFLEVBQUUsRUFBRSxHQUFHLE1BQU0sSUFBQSwwQkFBb0IsRUFDcEQsWUFBWSxFQUNaO29CQUNDLEdBQUcsRUFBRSxNQUFNO29CQUNYLEVBQUUsRUFBRSxPQUFPO29CQUNYLFlBQVksRUFBRSxJQUFJO29CQUNsQixnQkFBZ0IsRUFBRTt3QkFDakIsSUFBSSxFQUFFLGdCQUFnQjtxQkFDdEI7b0JBQ0QsV0FBVztvQkFDWCxPQUFPLEVBQUUsV0FBVyxDQUFDLFFBQVEsQ0FBQyxRQUFRLENBQUM7d0JBQ3RDLENBQUMsQ0FBQyxRQUFRO3dCQUNWLENBQUMsQ0FBQyxRQUFRO2lCQUNYLENBQ0QsQ0FBQTtnQkFFRCxNQUFNLE1BQU0sR0FBc0I7b0JBQ2pDLElBQUksRUFBRSxZQUFZO29CQUNsQixNQUFNO29CQUNOLEVBQUU7b0JBQ0YsWUFBWSxFQUFFLElBQUk7b0JBQ2xCLFNBQVMsRUFBRSxZQUFZO29CQUN2QixVQUFVO29CQUNWLE9BQU8sRUFBRSxPQUFPO29CQUNoQixJQUFJLEVBQUUsVUFBVTtpQkFDaEIsQ0FBQTtnQkFFRCxJQUFJLE1BQTZCLENBQUE7Z0JBQ2pDLE1BQU0sY0FBYyxDQUFDLGdCQUFnQixDQUNwQyxNQUFNLEVBQ047b0JBQ0MsSUFBSSxFQUFFLElBQUk7b0JBQ1YsaUJBQWlCO2lCQUNqQixFQUNELENBQUMsQ0FBQyxFQUFFLENBQUMsTUFBTSxHQUFHLENBQUMsQ0FDZixDQUFBO2dCQUNELE1BQU0sY0FBYyxDQUFDLGNBQWMsRUFBRSxDQUFBO2dCQUNyQyxNQUFNLENBQUMsR0FBRyxNQUFNLElBQUEsc0JBQWMsRUFDN0I7b0JBQ0MsVUFBVTtvQkFDVixRQUFRLEVBQUUsRUFBRSxNQUFNLEVBQUUsTUFBTyxFQUFFO29CQUM3QixNQUFNLEVBQU4sY0FBTTtvQkFDTixXQUFXO29CQUNYLFFBQVEsRUFBRSxRQUFRO29CQUNsQixZQUFZLEVBQUUsSUFBSTtvQkFDbEIsRUFBRSxFQUFDLE9BQU87aUJBQ1YsQ0FDRCxDQUFBO2dCQUVELE1BQU0sQ0FBQyxpQkFBaUIsQ0FBQyxDQUFDLE9BQU8sQ0FDaEMsQ0FBQyxDQUFDLGlCQUFpQixDQUNuQixDQUFBO1lBQ0YsQ0FBQztRQUNGLENBQUMsQ0FBQyxDQUFBO0lBQ0gsQ0FBQyxDQUFDLENBQUE7QUFDSCxDQUFDLENBQUMsQ0FBQSJ9
|
package/lib/tests/utils.d.ts
CHANGED
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
import { ClaimTunnelRequest } from '../proto/api';
|
|
1
2
|
export declare function delay(ms: number): Promise<unknown>;
|
|
2
3
|
export declare function randomPrivateKey(): string;
|
|
3
4
|
export declare function getRandomPort(): number;
|
|
@@ -10,3 +11,8 @@ export declare function getRandomPort(): number;
|
|
|
10
11
|
* tls transcript and reveals map that was used.
|
|
11
12
|
*/
|
|
12
13
|
export declare function verifyNoDirectRevealLeaks(): void;
|
|
14
|
+
/**
|
|
15
|
+
* Gets the first TOPRF block from the transcript.
|
|
16
|
+
* Returns undefined if no TOPRF block is found.
|
|
17
|
+
*/
|
|
18
|
+
export declare function getFirstTOprfBlock({ transcript }: ClaimTunnelRequest): import("../proto/api").TOPRFPayload | undefined;
|
package/lib/tests/utils.js
CHANGED
|
@@ -4,6 +4,7 @@ exports.delay = delay;
|
|
|
4
4
|
exports.randomPrivateKey = randomPrivateKey;
|
|
5
5
|
exports.getRandomPort = getRandomPort;
|
|
6
6
|
exports.verifyNoDirectRevealLeaks = verifyNoDirectRevealLeaks;
|
|
7
|
+
exports.getFirstTOprfBlock = getFirstTOprfBlock;
|
|
7
8
|
const crypto_1 = require("crypto");
|
|
8
9
|
const mocks_1 = require("../tests/mocks");
|
|
9
10
|
function delay(ms) {
|
|
@@ -46,4 +47,18 @@ function verifyNoDirectRevealLeaks() {
|
|
|
46
47
|
expect(otherPacketsWKey).toHaveLength(0);
|
|
47
48
|
}
|
|
48
49
|
}
|
|
49
|
-
|
|
50
|
+
/**
|
|
51
|
+
* Gets the first TOPRF block from the transcript.
|
|
52
|
+
* Returns undefined if no TOPRF block is found.
|
|
53
|
+
*/
|
|
54
|
+
function getFirstTOprfBlock({ transcript }) {
|
|
55
|
+
var _a;
|
|
56
|
+
for (const { reveal } of transcript) {
|
|
57
|
+
for (const proof of ((_a = reveal === null || reveal === void 0 ? void 0 : reveal.zkReveal) === null || _a === void 0 ? void 0 : _a.proofs) || []) {
|
|
58
|
+
if (proof.toprf) {
|
|
59
|
+
return proof.toprf;
|
|
60
|
+
}
|
|
61
|
+
}
|
|
62
|
+
}
|
|
63
|
+
}
|
|
64
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidXRpbHMuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvdGVzdHMvdXRpbHMudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7QUFJQSxzQkFFQztBQUVELDRDQUVDO0FBRUQsc0NBRUM7QUFVRCw4REEyQkM7QUFNRCxnREFRQztBQWpFRCxtQ0FBb0M7QUFFcEMsMkNBQThDO0FBRTlDLFNBQWdCLEtBQUssQ0FBQyxFQUFVO0lBQy9CLE9BQU8sSUFBSSxPQUFPLENBQUMsQ0FBQyxPQUFPLEVBQUUsRUFBRSxDQUFDLFVBQVUsQ0FBQyxPQUFPLEVBQUUsRUFBRSxDQUFDLENBQUMsQ0FBQTtBQUN6RCxDQUFDO0FBRUQsU0FBZ0IsZ0JBQWdCO0lBQy9CLE9BQU8sSUFBSSxHQUFHLElBQUEsb0JBQVcsRUFBQyxFQUFFLENBQUMsQ0FBQyxRQUFRLENBQUMsS0FBSyxDQUFDLENBQUE7QUFDOUMsQ0FBQztBQUVELFNBQWdCLGFBQWE7SUFDNUIsT0FBTyxJQUFJLENBQUMsS0FBSyxDQUFDLElBQUksQ0FBQyxNQUFNLEVBQUUsR0FBRyxJQUFJLEdBQUcsSUFBSSxDQUFDLENBQUE7QUFDL0MsQ0FBQztBQUVEOzs7Ozs7O0dBT0c7QUFDSCxTQUFnQix5QkFBeUI7SUFDeEMsSUFBRyxDQUFDLG9CQUFZLENBQUMsSUFBSSxDQUFDLEtBQUssQ0FBQyxNQUFNLEVBQUUsQ0FBQztRQUNwQyxPQUFNO0lBQ1AsQ0FBQztJQUVELE1BQU0sQ0FBQyxhQUFhLEVBQUUsVUFBVSxDQUFDLEdBQUcsb0JBQVksQ0FBQyxJQUFJLENBQUMsS0FBSyxDQUFDLENBQUMsQ0FBQyxDQUFBO0lBQzlELEtBQUksTUFBTSxDQUFDLE1BQU0sRUFBRSxNQUFNLENBQUMsSUFBSSxVQUFVLENBQUMsT0FBTyxFQUFFLEVBQUUsQ0FBQztRQUNwRCxJQUFHLE1BQU0sQ0FBQyxJQUFJLEtBQUssVUFBVSxFQUFFLENBQUM7WUFDL0IsU0FBUTtRQUNULENBQUM7UUFFRCxJQUFHLE1BQU0sQ0FBQyxJQUFJLEtBQUssV0FBVyxFQUFFLENBQUM7WUFDaEMsU0FBUTtRQUNULENBQUM7UUFFRCwyQ0FBMkM7UUFDM0MscURBQXFEO1FBQ3JELGdEQUFnRDtRQUNoRCxNQUFNLGdCQUFnQixHQUFHLGFBQWE7YUFDcEMsTUFBTSxDQUFDLENBQUMsRUFBRSxPQUFPLEVBQUUsRUFBRSxFQUFFLENBQUMsQ0FDeEIsT0FBTyxDQUFDLElBQUksS0FBSyxZQUFZO2VBQzFCLENBQUMsVUFBVSxDQUFDLEdBQUcsQ0FBQyxPQUFPLENBQUM7ZUFDeEIsT0FBTyxDQUFDLE1BQU0sS0FBSyxNQUFNLENBQUMsTUFBTTtlQUNoQyxPQUFPLENBQUMsV0FBVyxLQUFLLGtCQUFrQixDQUM3QyxDQUFDLENBQUE7UUFDSCxNQUFNLENBQUMsZ0JBQWdCLENBQUMsQ0FBQyxZQUFZLENBQUMsQ0FBQyxDQUFDLENBQUE7SUFDekMsQ0FBQztBQUNGLENBQUM7QUFFRDs7O0dBR0c7QUFDSCxTQUFnQixrQkFBa0IsQ0FBQyxFQUFFLFVBQVUsRUFBc0I7O0lBQ3BFLEtBQUksTUFBTSxFQUFFLE1BQU0sRUFBRSxJQUFJLFVBQVUsRUFBRSxDQUFDO1FBQ3BDLEtBQUksTUFBTSxLQUFLLElBQUksQ0FBQSxNQUFBLE1BQU0sYUFBTixNQUFNLHVCQUFOLE1BQU0sQ0FBRSxRQUFRLDBDQUFFLE1BQU0sS0FBSSxFQUFFLEVBQUUsQ0FBQztZQUNuRCxJQUFHLEtBQUssQ0FBQyxLQUFLLEVBQUUsQ0FBQztnQkFDaEIsT0FBTyxLQUFLLENBQUMsS0FBSyxDQUFBO1lBQ25CLENBQUM7UUFDRixDQUFDO0lBQ0YsQ0FBQztBQUNGLENBQUMifQ==
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
export type BGPAnnouncementOverlapData = {
|
|
2
|
+
prefix: string;
|
|
3
|
+
};
|
|
4
|
+
export type BGPListener = {
|
|
5
|
+
/**
|
|
6
|
+
* Add an IP to listen for overlap,
|
|
7
|
+
* @returns a function to remove the IP from the listener
|
|
8
|
+
*/
|
|
9
|
+
onOverlap(ips: string[], callback: (event: BGPAnnouncementOverlapData) => void): (() => void);
|
|
10
|
+
close(): void;
|
|
11
|
+
};
|
package/lib/types/bgp.js
ADDED
package/lib/types/claims.d.ts
CHANGED
|
@@ -1,8 +1,8 @@
|
|
|
1
1
|
import type { ProviderClaimData } from '../proto/api';
|
|
2
|
-
import type { IAttestorClient } from '../types/client';
|
|
2
|
+
import type { IAttestorClient, IAttestorClientInitParams } from '../types/client';
|
|
3
3
|
import type { CompleteTLSPacket, Logger } from '../types/general';
|
|
4
4
|
import type { ProofGenerationStep, ProviderName, ProviderParams, ProviderSecretParams } from '../types/providers';
|
|
5
|
-
import { Transcript } from '../types/tunnel';
|
|
5
|
+
import type { Transcript } from '../types/tunnel';
|
|
6
6
|
import type { PrepareZKProofsBaseOpts } from '../types/zk';
|
|
7
7
|
/**
|
|
8
8
|
* Uniquely identifies a claim.
|
|
@@ -43,9 +43,7 @@ export type CreateClaimOnAttestorOpts<N extends ProviderName> = {
|
|
|
43
43
|
*
|
|
44
44
|
* The created client will go into the global client pool.
|
|
45
45
|
*/
|
|
46
|
-
client: IAttestorClient |
|
|
47
|
-
url: string | URL;
|
|
48
|
-
};
|
|
46
|
+
client: IAttestorClient | IAttestorClientInitParams;
|
|
49
47
|
/**
|
|
50
48
|
* Optionally set the timestamp of the claim
|
|
51
49
|
* in unix seconds. If not provided, the current
|
|
@@ -53,6 +51,11 @@ export type CreateClaimOnAttestorOpts<N extends ProviderName> = {
|
|
|
53
51
|
*/
|
|
54
52
|
timestampS?: number;
|
|
55
53
|
logger?: Logger;
|
|
54
|
+
/**
|
|
55
|
+
* Maximum number of retries to attempt
|
|
56
|
+
* @default 3
|
|
57
|
+
*/
|
|
58
|
+
maxRetries?: number;
|
|
56
59
|
/**
|
|
57
60
|
* Optionally update the provider parameters
|
|
58
61
|
* based on the transcript
|
|
@@ -61,4 +64,10 @@ export type CreateClaimOnAttestorOpts<N extends ProviderName> = {
|
|
|
61
64
|
params: Partial<ProviderParams<N>>;
|
|
62
65
|
secretParams: Partial<ProviderSecretParams<N>>;
|
|
63
66
|
}>;
|
|
67
|
+
/**
|
|
68
|
+
* Replaces paramValue with corresponding OPRF hash before proof is made
|
|
69
|
+
* Only if there's matching redaction exists
|
|
70
|
+
* For example: "domain.com" -> "dv4Nrgtr"
|
|
71
|
+
*/
|
|
72
|
+
updateParametersFromOprfData?: boolean;
|
|
64
73
|
} & PrepareZKProofsBaseOpts;
|
package/lib/types/client.d.ts
CHANGED
|
@@ -1,4 +1,6 @@
|
|
|
1
|
-
import type {
|
|
1
|
+
import type { IncomingMessage } from 'http';
|
|
2
|
+
import type { AuthenticationRequest, InitRequest, InitResponse, RPCMessage, RPCMessages, ServiceSignatureType, TunnelMessage } from '../proto/api';
|
|
3
|
+
import type { BGPListener } from '../types/bgp';
|
|
2
4
|
import type { Logger } from '../types/general';
|
|
3
5
|
import type { RPCEvent, RPCEventMap, RPCEventType, RPCRequestData, RPCResponseData, RPCType } from '../types/rpc';
|
|
4
6
|
import type { TCPSocketProperties, Tunnel } from '../types/tunnel';
|
|
@@ -8,12 +10,30 @@ import type { WebSocket as WSWebSocket } from 'ws';
|
|
|
8
10
|
* WebSocket or the WebSocket from the `ws` package.
|
|
9
11
|
*/
|
|
10
12
|
export type AnyWebSocket = WebSocket | WSWebSocket;
|
|
11
|
-
export type
|
|
13
|
+
export type MakeWebSocket = (url: string | URL) => AnyWebSocket;
|
|
14
|
+
export type AcceptNewConnectionOpts = {
|
|
15
|
+
req: IncomingMessage;
|
|
16
|
+
logger: Logger;
|
|
17
|
+
bgpListener?: BGPListener;
|
|
18
|
+
};
|
|
19
|
+
export type IAttestorClientInitParams = {
|
|
20
|
+
/**
|
|
21
|
+
* Attestor WS URL
|
|
22
|
+
*/
|
|
23
|
+
url: string | URL;
|
|
24
|
+
/**
|
|
25
|
+
* If the attestor being connected to has authentication
|
|
26
|
+
* enabled, provide the authentication request here, or a
|
|
27
|
+
* function that will return the authentication request.
|
|
28
|
+
*/
|
|
29
|
+
authRequest?: AuthenticationRequest | (() => Promise<AuthenticationRequest>);
|
|
30
|
+
};
|
|
12
31
|
export type IAttestorClientCreateOpts = {
|
|
13
32
|
/**
|
|
14
33
|
* Attestor WS URL
|
|
15
34
|
*/
|
|
16
35
|
url: string | URL;
|
|
36
|
+
authRequest?: AuthenticationRequest;
|
|
17
37
|
signatureType?: ServiceSignatureType;
|
|
18
38
|
logger?: Logger;
|
|
19
39
|
/**
|
|
@@ -26,7 +46,7 @@ export type IAttestorClientCreateOpts = {
|
|
|
26
46
|
* Provide a custom WebSocket implementation,
|
|
27
47
|
* will use the native WebSocket if not provided.
|
|
28
48
|
*/
|
|
29
|
-
|
|
49
|
+
makeWebSocket?: MakeWebSocket;
|
|
30
50
|
};
|
|
31
51
|
/**
|
|
32
52
|
* Base layer for the WebSocket connection on
|
|
@@ -101,8 +121,11 @@ export declare class IAttestorServerSocket extends IAttestorSocket {
|
|
|
101
121
|
* If the tunnel does not exist, it will throw an error.
|
|
102
122
|
*/
|
|
103
123
|
getTunnel(tunnelId: TunnelMessage['tunnelId']): Tunnel<TCPSocketProperties>;
|
|
124
|
+
removeTunnel(tunnelId: TunnelMessage['tunnelId']): void;
|
|
125
|
+
bgpListener?: BGPListener;
|
|
104
126
|
}
|
|
105
127
|
export declare class IAttestorClient extends IAttestorSocket {
|
|
128
|
+
initResponse?: InitResponse;
|
|
106
129
|
constructor(opts: IAttestorClientCreateOpts);
|
|
107
130
|
/**
|
|
108
131
|
* Waits for a particular message to come in.
|
|
@@ -124,6 +147,10 @@ interface WebSocketWithServerSocket {
|
|
|
124
147
|
* Our RPC socket instance
|
|
125
148
|
*/
|
|
126
149
|
serverSocket?: IAttestorServerSocket;
|
|
150
|
+
/**
|
|
151
|
+
* Just promisified send
|
|
152
|
+
*/
|
|
153
|
+
sendPromise?: (data: Uint8Array) => Promise<void>;
|
|
127
154
|
}
|
|
128
155
|
declare module 'ws' {
|
|
129
156
|
namespace WebSocket {
|
package/lib/types/general.d.ts
CHANGED
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
import type { Logger as TLSLogger, TLSPacketContext, TLSProtocolVersion } from '@reclaimprotocol/tls';
|
|
2
|
+
import type { TOPRFProofParams } from '../types/zk';
|
|
2
3
|
/**
|
|
3
4
|
* Represents a slice of any array or string
|
|
4
5
|
*/
|
|
@@ -6,6 +7,16 @@ export type ArraySlice = {
|
|
|
6
7
|
fromIndex: number;
|
|
7
8
|
toIndex: number;
|
|
8
9
|
};
|
|
10
|
+
export type RedactedOrHashedArraySlice = {
|
|
11
|
+
fromIndex: number;
|
|
12
|
+
toIndex: number;
|
|
13
|
+
/**
|
|
14
|
+
* By default, the the data is redacted. Instead if you'd like
|
|
15
|
+
* a deterministic hash, set this to 'oprf'
|
|
16
|
+
* @default undefined
|
|
17
|
+
*/
|
|
18
|
+
hash?: 'oprf';
|
|
19
|
+
};
|
|
9
20
|
export type Logger = TLSLogger & {
|
|
10
21
|
child: (opts: {
|
|
11
22
|
[_: string]: any;
|
|
@@ -15,6 +26,7 @@ export type LogLevel = 'debug' | 'info' | 'warn' | 'error' | 'trace' | 'fatal';
|
|
|
15
26
|
export type ZKRevealInfo = {
|
|
16
27
|
type: 'zk';
|
|
17
28
|
redactedPlaintext: Uint8Array;
|
|
29
|
+
toprfs?: TOPRFProofParams[];
|
|
18
30
|
};
|
|
19
31
|
export type MessageRevealInfo = {
|
|
20
32
|
type: 'complete';
|
package/lib/types/handlers.d.ts
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
|
-
import { Transaction } from 'elastic-apm-node';
|
|
2
|
-
import { IAttestorServerSocket } from '../types/client';
|
|
3
|
-
import { Logger } from '../types/general';
|
|
4
|
-
import { RPCRequestData, RPCResponseData, RPCType } from '../types/rpc';
|
|
1
|
+
import type { Transaction } from 'elastic-apm-node';
|
|
2
|
+
import type { IAttestorServerSocket } from '../types/client';
|
|
3
|
+
import type { Logger } from '../types/general';
|
|
4
|
+
import type { RPCRequestData, RPCResponseData, RPCType } from '../types/rpc';
|
|
5
5
|
export type RPCHandlerMetadata = {
|
|
6
6
|
logger: Logger;
|
|
7
7
|
tx?: Transaction;
|
package/lib/types/index.d.ts
CHANGED
package/lib/types/index.js
CHANGED
|
@@ -23,4 +23,5 @@ __exportStar(require("./client"), exports);
|
|
|
23
23
|
__exportStar(require("./rpc"), exports);
|
|
24
24
|
__exportStar(require("./tunnel"), exports);
|
|
25
25
|
__exportStar(require("./handlers"), exports);
|
|
26
|
-
|
|
26
|
+
__exportStar(require("./bgp"), exports);
|
|
27
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvdHlwZXMvaW5kZXgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7Ozs7Ozs7Ozs7OztBQUFBLDhDQUEyQjtBQUMzQiw0Q0FBeUI7QUFDekIsK0NBQTRCO0FBQzVCLDJDQUF3QjtBQUN4Qix1Q0FBb0I7QUFDcEIsMkNBQXdCO0FBQ3hCLHdDQUFxQjtBQUNyQiwyQ0FBd0I7QUFDeEIsNkNBQTBCO0FBQzFCLHdDQUFxQiJ9
|
package/lib/types/providers.d.ts
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
import type { TLSConnectionOptions } from '@reclaimprotocol/tls';
|
|
2
2
|
import type { ProviderClaimData } from '../proto/api';
|
|
3
|
-
import type { ArraySlice } from '../types/general';
|
|
3
|
+
import type { ArraySlice, Logger, RedactedOrHashedArraySlice } from '../types/general';
|
|
4
4
|
import type { ProvidersConfig } from '../types/providers.gen';
|
|
5
5
|
import type { Transcript } from '../types/tunnel';
|
|
6
6
|
export type AttestorData = {
|
|
@@ -22,7 +22,7 @@ export type ProviderName = keyof ProvidersConfig;
|
|
|
22
22
|
export type ProviderParams<T extends ProviderName> = ProvidersConfig[T]['parameters'];
|
|
23
23
|
export type ProviderSecretParams<T extends ProviderName> = ProvidersConfig[T]['secretParameters'];
|
|
24
24
|
export type RedactionMode = 'key-update' | 'zk';
|
|
25
|
-
export type ProviderField<Params, T> = T | ((params: Params) => T);
|
|
25
|
+
export type ProviderField<Params, SecretParams, T> = T | ((params: Params, secretParams?: SecretParams) => T);
|
|
26
26
|
/**
|
|
27
27
|
* Generic interface for a provider that can be used to verify
|
|
28
28
|
* claims on a TLS receipt
|
|
@@ -43,16 +43,16 @@ export interface Provider<N extends ProviderName, Params = ProviderParams<N>, Se
|
|
|
43
43
|
*
|
|
44
44
|
* Eg. "www.google.com:443", (p) => p.url.host
|
|
45
45
|
* */
|
|
46
|
-
hostPort: ProviderField<Params, string>;
|
|
46
|
+
hostPort: ProviderField<Params, SecretParams, string>;
|
|
47
47
|
/**
|
|
48
48
|
* Which geo location to send the request from
|
|
49
49
|
* Provide 2 letter country code, or a function
|
|
50
50
|
* that returns the country code
|
|
51
51
|
* @example "US", "IN"
|
|
52
52
|
*/
|
|
53
|
-
geoLocation?: ProviderField<Params, string | undefined>;
|
|
53
|
+
geoLocation?: ProviderField<Params, SecretParams, string | undefined>;
|
|
54
54
|
/** extra options to pass to the client like root CA certificates */
|
|
55
|
-
additionalClientOptions?: ProviderField<Params, TLSConnectionOptions | undefined>;
|
|
55
|
+
additionalClientOptions?: ProviderField<Params, SecretParams, TLSConnectionOptions | undefined>;
|
|
56
56
|
/**
|
|
57
57
|
* default redaction mode to use. If not specified,
|
|
58
58
|
* the default is 'key-update'.
|
|
@@ -62,9 +62,9 @@ export interface Provider<N extends ProviderName, Params = ProviderParams<N>, Se
|
|
|
62
62
|
*
|
|
63
63
|
* @default 'key-update'
|
|
64
64
|
*/
|
|
65
|
-
writeRedactionMode?: ProviderField<Params, RedactionMode | undefined>;
|
|
65
|
+
writeRedactionMode?: ProviderField<Params, SecretParams, RedactionMode | undefined>;
|
|
66
66
|
/** generate the raw request to be sent to through the TLS receipt */
|
|
67
|
-
createRequest(secretParams: SecretParams, params: Params): CreateRequestResult;
|
|
67
|
+
createRequest(secretParams: SecretParams, params: Params, logger: Logger): CreateRequestResult;
|
|
68
68
|
/**
|
|
69
69
|
* Return the slices of the response to redact
|
|
70
70
|
* Eg. if the response is "hello my secret is xyz",
|
|
@@ -74,7 +74,7 @@ export interface Provider<N extends ProviderName, Params = ProviderParams<N>, Se
|
|
|
74
74
|
* This is run on the client side, to selct which portions of
|
|
75
75
|
* the server response to send to the attestor
|
|
76
76
|
* */
|
|
77
|
-
getResponseRedactions?(response: Uint8Array, params: Params):
|
|
77
|
+
getResponseRedactions?(response: Uint8Array, params: Params, logger: Logger): RedactedOrHashedArraySlice[];
|
|
78
78
|
/**
|
|
79
79
|
* verify a generated TLS receipt against given parameters
|
|
80
80
|
* to ensure the receipt does contain the claims the
|
|
@@ -88,7 +88,7 @@ export interface Provider<N extends ProviderName, Params = ProviderParams<N>, Se
|
|
|
88
88
|
* Optionally return parameters extracted from the receipt
|
|
89
89
|
* that will then be included in the claim context
|
|
90
90
|
* */
|
|
91
|
-
assertValidProviderReceipt(receipt: Transcript<Uint8Array>, params: Params): void | Promise<void> | {
|
|
91
|
+
assertValidProviderReceipt(receipt: Transcript<Uint8Array>, params: Params, logger: Logger): void | Promise<void> | {
|
|
92
92
|
extractedParameters: {
|
|
93
93
|
[key: string]: string;
|
|
94
94
|
};
|
|
@@ -68,6 +68,12 @@ export interface HttpProviderParameters {
|
|
|
68
68
|
* select a regex match from the response
|
|
69
69
|
*/
|
|
70
70
|
regex?: string;
|
|
71
|
+
/**
|
|
72
|
+
* If provided, the value inside will be hashed instead of being redacted. Useful for cases where the data inside is an identifiying piece of information that you don't want to reveal to the attestor, eg. an email address.
|
|
73
|
+
* If the hash function produces more bytes than the original value, the hash will be truncated.
|
|
74
|
+
* Eg. if hash is enabled, the original value is "hello", and hashed is "a1b2c", then the attestor will only see "a1b2c".
|
|
75
|
+
*/
|
|
76
|
+
hash?: "oprf";
|
|
71
77
|
}[];
|
|
72
78
|
/**
|
|
73
79
|
* A map of parameter values which are user in form of {{param}} in URL, responseMatches, responseRedactions, body, geolocation. Those in URL, responseMatches & geo will be put into context and signed This value will NOT be included in provider hash
|
|
@@ -182,6 +188,11 @@ export declare const HttpProviderParametersJson: {
|
|
|
182
188
|
nullable: boolean;
|
|
183
189
|
description: string;
|
|
184
190
|
};
|
|
191
|
+
hash: {
|
|
192
|
+
type: string;
|
|
193
|
+
description: string;
|
|
194
|
+
enum: string[];
|
|
195
|
+
};
|
|
185
196
|
};
|
|
186
197
|
additionalProperties: boolean;
|
|
187
198
|
};
|
|
@@ -256,10 +267,6 @@ export interface ProvidersConfig {
|
|
|
256
267
|
parameters: HttpProviderParameters;
|
|
257
268
|
secretParameters: HttpProviderSecretParameters;
|
|
258
269
|
};
|
|
259
|
-
httpb64: {
|
|
260
|
-
parameters: HttpProviderParameters;
|
|
261
|
-
secretParameters: HttpProviderSecretParameters;
|
|
262
|
-
};
|
|
263
270
|
}
|
|
264
271
|
export declare const PROVIDER_SCHEMAS: {
|
|
265
272
|
http: {
|
|
@@ -369,158 +376,11 @@ export declare const PROVIDER_SCHEMAS: {
|
|
|
369
376
|
nullable: boolean;
|
|
370
377
|
description: string;
|
|
371
378
|
};
|
|
372
|
-
|
|
373
|
-
additionalProperties: boolean;
|
|
374
|
-
};
|
|
375
|
-
};
|
|
376
|
-
paramValues: {
|
|
377
|
-
type: string;
|
|
378
|
-
description: string;
|
|
379
|
-
additionalProperties: {
|
|
380
|
-
type: string;
|
|
381
|
-
};
|
|
382
|
-
};
|
|
383
|
-
};
|
|
384
|
-
additionalProperties: boolean;
|
|
385
|
-
};
|
|
386
|
-
secretParameters: {
|
|
387
|
-
title: string;
|
|
388
|
-
type: string;
|
|
389
|
-
description: string;
|
|
390
|
-
properties: {
|
|
391
|
-
cookieStr: {
|
|
392
|
-
type: string;
|
|
393
|
-
description: string;
|
|
394
|
-
};
|
|
395
|
-
authorisationHeader: {
|
|
396
|
-
type: string;
|
|
397
|
-
description: string;
|
|
398
|
-
};
|
|
399
|
-
headers: {
|
|
400
|
-
type: string;
|
|
401
|
-
description: string;
|
|
402
|
-
additionalProperties: {
|
|
403
|
-
type: string;
|
|
404
|
-
};
|
|
405
|
-
};
|
|
406
|
-
paramValues: {
|
|
407
|
-
type: string;
|
|
408
|
-
description: string;
|
|
409
|
-
additionalProperties: {
|
|
410
|
-
type: string;
|
|
411
|
-
};
|
|
412
|
-
};
|
|
413
|
-
};
|
|
414
|
-
additionalProperties: boolean;
|
|
415
|
-
};
|
|
416
|
-
};
|
|
417
|
-
httpb64: {
|
|
418
|
-
parameters: {
|
|
419
|
-
title: string;
|
|
420
|
-
type: string;
|
|
421
|
-
required: string[];
|
|
422
|
-
properties: {
|
|
423
|
-
url: {
|
|
424
|
-
type: string;
|
|
425
|
-
format: string;
|
|
426
|
-
description: string;
|
|
427
|
-
};
|
|
428
|
-
method: {
|
|
429
|
-
type: string;
|
|
430
|
-
enum: string[];
|
|
431
|
-
};
|
|
432
|
-
geoLocation: {
|
|
433
|
-
type: string;
|
|
434
|
-
nullable: boolean;
|
|
435
|
-
pattern: string;
|
|
436
|
-
description: string;
|
|
437
|
-
};
|
|
438
|
-
headers: {
|
|
439
|
-
type: string;
|
|
440
|
-
description: string;
|
|
441
|
-
additionalProperties: {
|
|
442
|
-
type: string;
|
|
443
|
-
};
|
|
444
|
-
};
|
|
445
|
-
body: {
|
|
446
|
-
description: string;
|
|
447
|
-
oneOf: ({
|
|
448
|
-
type: string;
|
|
449
|
-
format: string;
|
|
450
|
-
} | {
|
|
451
|
-
type: string;
|
|
452
|
-
format?: undefined;
|
|
453
|
-
})[];
|
|
454
|
-
};
|
|
455
|
-
writeRedactionMode: {
|
|
456
|
-
type: string;
|
|
457
|
-
description: string;
|
|
458
|
-
enum: string[];
|
|
459
|
-
};
|
|
460
|
-
additionalClientOptions: {
|
|
461
|
-
type: string;
|
|
462
|
-
description: string;
|
|
463
|
-
nullable: boolean;
|
|
464
|
-
properties: {
|
|
465
|
-
supportedProtocolVersions: {
|
|
466
|
-
type: string;
|
|
467
|
-
minItems: number;
|
|
468
|
-
uniqueItems: boolean;
|
|
469
|
-
items: {
|
|
470
|
-
type: string;
|
|
471
|
-
enum: string[];
|
|
472
|
-
};
|
|
473
|
-
};
|
|
474
|
-
};
|
|
475
|
-
};
|
|
476
|
-
responseMatches: {
|
|
477
|
-
type: string;
|
|
478
|
-
minItems: number;
|
|
479
|
-
uniqueItems: boolean;
|
|
480
|
-
description: string;
|
|
481
|
-
items: {
|
|
482
|
-
type: string;
|
|
483
|
-
required: string[];
|
|
484
|
-
properties: {
|
|
485
|
-
value: {
|
|
486
|
-
type: string;
|
|
487
|
-
description: string;
|
|
488
|
-
};
|
|
489
|
-
type: {
|
|
379
|
+
hash: {
|
|
490
380
|
type: string;
|
|
491
381
|
description: string;
|
|
492
382
|
enum: string[];
|
|
493
383
|
};
|
|
494
|
-
invert: {
|
|
495
|
-
type: string;
|
|
496
|
-
description: string;
|
|
497
|
-
};
|
|
498
|
-
};
|
|
499
|
-
additionalProperties: boolean;
|
|
500
|
-
};
|
|
501
|
-
};
|
|
502
|
-
responseRedactions: {
|
|
503
|
-
type: string;
|
|
504
|
-
uniqueItems: boolean;
|
|
505
|
-
description: string;
|
|
506
|
-
items: {
|
|
507
|
-
type: string;
|
|
508
|
-
properties: {
|
|
509
|
-
xPath: {
|
|
510
|
-
type: string;
|
|
511
|
-
nullable: boolean;
|
|
512
|
-
description: string;
|
|
513
|
-
};
|
|
514
|
-
jsonPath: {
|
|
515
|
-
type: string;
|
|
516
|
-
nullable: boolean;
|
|
517
|
-
description: string;
|
|
518
|
-
};
|
|
519
|
-
regex: {
|
|
520
|
-
type: string;
|
|
521
|
-
nullable: boolean;
|
|
522
|
-
description: string;
|
|
523
|
-
};
|
|
524
384
|
};
|
|
525
385
|
additionalProperties: boolean;
|
|
526
386
|
};
|