@reclaimprotocol/attestor-core 5.0.1-beta.1 → 5.0.1-beta.2

package/lib/providers/http/utils.d.ts

@@ -0,0 +1,77 @@
+import '#src/providers/http/patch-parse5-tree.ts';
+import RE2 from 're2';
+import type { ArraySlice, CompleteTLSPacket, ProviderParams, Transcript } from '#src/types/index.ts';
+import type { HttpRequest, HttpResponse } from '#src/utils/index.ts';
+export type JSONIndex = {
+    start: number;
+    end: number;
+};
+type HTTPProviderParams = ProviderParams<'http'>;
+/**
+ * Returns only first extracted element
+ * @param html
+ * @param xpathExpression
+ * @param contentsOnly
+ */
+export declare function extractHTMLElement(html: string, xpathExpression: string, contentsOnly: boolean): string;
+/**
+ * Returns all extracted elements
+ * @param html
+ * @param xpathExpression
+ * @param contentsOnly
+ */
+export declare function extractHTMLElements(html: string, xpathExpression: string, contentsOnly: boolean): string[];
+/**
+ * returns a single index of extracted element
+ * @param html
+ * @param xpathExpression
+ * @param contentsOnly
+ */
+export declare function extractHTMLElementIndex(html: string, xpathExpression: string, contentsOnly: boolean): {
+    start: number;
+    end: number;
+};
+/**
+ * Returns indexes of all extracted elements
+ * @param html
+ * @param xpathExpression
+ * @param contentsOnly indices of the start and end of the element's contents only,
+ * 	not the whole tag
+ */
+export declare function extractHTMLElementsIndexes(html: string, xpathExpression: string, contentsOnly: boolean): {
+    start: number;
+    end: number;
+}[];
+export declare function extractJSONValueIndex(json: string, jsonPath: string): {
+    start: number;
+    end: number;
+};
+export declare function extractJSONValueIndexes(json: string, jsonPath: string): {
+    start: number;
+    end: number;
+}[];
+export declare function buildHeaders(input: HTTPProviderParams['headers']): string[];
+/**
+ * Converts position in HTTP response body to an absolute position in TLS transcript considering chunked encoding
+ * @param pos
+ * @param bodyStartIdx
+ * @param chunks
+ */
+export declare function convertResponsePosToAbsolutePos(pos: number, bodyStartIdx: number, chunks?: ArraySlice[]): number;
+/**
+ * If this reveal spans the boundary of two chunks, we'll
+ *
+ */
+export declare function getRedactionsForChunkHeaders(from: number, to: number, chunks?: ArraySlice[]): ArraySlice[];
+export declare function parseHttpResponse(buff: Uint8Array): HttpResponse;
+export declare function makeRegex(str: string): RE2;
+/**
+ * Try to match strings that contain templates like {{param}}
+ * against redacted string that has *** instead of that param
+ */
+export declare function matchRedactedStrings(templateString: Uint8Array, redactedString?: Uint8Array): boolean;
+export declare function generateRequstAndResponseFromTranscript(transcript: Transcript<CompleteTLSPacket>, tlsVersion: string): {
+    req: HttpRequest;
+    res: HttpResponse;
+};
+export {};

package/lib/providers/http/utils.js

@@ -0,0 +1,283 @@
+import "../../providers/http/patch-parse5-tree.js";
+import { concatenateUint8Arrays } from "@reclaimprotocol/tls";
+import {
+  ArrayExpression,
+  ExpressionStatement,
+  ObjectExpression,
+  parseScript,
+  Property,
+  Syntax
+} from "esprima-next";
+import { JSONPath } from "jsonpath-plus";
+import { parse } from "parse5";
+import { adapter as htmlAdapter } from "parse5-htmlparser2-tree-adapter";
+import RE2 from "re2";
+import xpath from "xpath";
+import { getHttpRequestDataFromTranscript, isApplicationData, makeHttpResponseParser, REDACTION_CHAR_CODE } from "../../utils/index.js";
+function extractHTMLElement(html, xpathExpression, contentsOnly) {
+  const { start, end } = extractHTMLElementIndex(html, xpathExpression, contentsOnly);
+  return html.slice(start, end);
+}
+function extractHTMLElements(html, xpathExpression, contentsOnly) {
+  const indexes = extractHTMLElementsIndexes(html, xpathExpression, contentsOnly);
+  const res = [];
+  for (const { start, end } of indexes) {
+    res.push(html.slice(start, end));
+  }
+  return res;
+}
+function extractHTMLElementIndex(html, xpathExpression, contentsOnly) {
+  return extractHTMLElementsIndexes(html, xpathExpression, contentsOnly)[0];
+}
+function extractHTMLElementsIndexes(html, xpathExpression, contentsOnly) {
+  return extractHTMLElementIndexesParse5(html, xpathExpression, contentsOnly);
+}
+function extractHTMLElementIndexesParse5(html, xpathExpression, contentsOnly) {
+  const domLight = parse(
+    html,
+    { treeAdapter: htmlAdapter, sourceCodeLocationInfo: true }
+  );
+  domLight["name"] = "root";
+  const parsedPath = xpath.parse(xpathExpression);
+  const nodes = parsedPath.select({
+    node: domLight,
+    allowAnyNamespaceForNoPrefix: true
+  });
+  if (!nodes.length) {
+    throw new Error(`Failed to find XPath: "${xpathExpression}"`);
+  }
+  return nodes.map((node) => getNodeRange(node, contentsOnly));
+}
+function getNodeRange(node, contentsOnly) {
+  if (!contentsOnly) {
+    return { start: node.startIndex, end: node.endIndex };
+  }
+  if (!("firstChild" in node) || !node.firstChild) {
+    throw new Error(`Node "${node["name"]}" has no children`);
+  }
+  return {
+    start: node.firstChild.startIndex,
+    end: node.lastChild.endIndex
+  };
+}
+function extractJSONValueIndex(json, jsonPath) {
+  return extractJSONValueIndexes(json, jsonPath)[0];
+}
+function extractJSONValueIndexes(json, jsonPath) {
+  const pointers = JSONPath({
+    path: jsonPath,
+    json: JSON.parse(json),
+    wrap: false,
+    resultType: "pointer",
+    eval: "safe",
+    // @ts-ignore
+    ignoreEvalErrors: true
+  });
+  if (!pointers) {
+    throw new Error("jsonPath not found");
+  }
+  const tree = parseScript("(" + json + ")", { range: true });
+  if (tree.body[0] instanceof ExpressionStatement && (tree.body[0].expression instanceof ObjectExpression || tree.body[0].expression instanceof ArrayExpression)) {
+    const traversePointers = Array.isArray(pointers) ? pointers : [pointers];
+    const res = [];
+    for (const pointer of traversePointers) {
+      const index = traverse(tree.body[0].expression, "", [pointer]);
+      if (index) {
+        res.push({
+          start: index.start - 1,
+          //account for '('
+          end: index.end - 1
+        });
+      }
+    }
+    return res;
+  }
+  throw new Error("jsonPath not found");
+}
+function traverse(o, path, pointers) {
+  if (o instanceof ObjectExpression) {
+    for (const p of o.properties) {
+      if (!(p instanceof Property)) {
+        continue;
+      }
+      const localPath = p.key.type === Syntax.Literal ? path + "/" + p.key.value : path;
+      if (pointers.includes(localPath) && "range" in p && Array.isArray(p.range)) {
+        return {
+          start: p.range[0],
+          end: p.range[1]
+        };
+      }
+      if (p.value instanceof ObjectExpression || p.value instanceof ArrayExpression) {
+        const res = traverse(p.value, localPath, pointers);
+        if (res) {
+          return res;
+        }
+      }
+    }
+  }
+  if (o instanceof ArrayExpression) {
+    for (let i = 0; i < o.elements.length; i++) {
+      const element = o.elements[i];
+      if (!element) {
+        continue;
+      }
+      const localPath = path + "/" + i;
+      if (pointers.includes(localPath) && "range" in element && Array.isArray(element.range)) {
+        return {
+          start: element.range[0],
+          end: element.range[1]
+        };
+      }
+      if (element instanceof ObjectExpression) {
+        const res = traverse(element, localPath, pointers);
+        if (res) {
+          return res;
+        }
+      }
+      if (element instanceof ArrayExpression) {
+        const res = traverse(element, localPath, pointers);
+        if (res) {
+          return res;
+        }
+      }
+    }
+  }
+  return null;
+}
+function buildHeaders(input) {
+  const headers = [];
+  for (const [key, value] of Object.entries(input || {})) {
+    headers.push(`${key}: ${value}`);
+  }
+  return headers;
+}
+function convertResponsePosToAbsolutePos(pos, bodyStartIdx, chunks) {
+  if (chunks?.length) {
+    let chunkBodyStart = 0;
+    for (const chunk of chunks) {
+      const chunkSize = chunk.toIndex - chunk.fromIndex;
+      if (pos >= chunkBodyStart && pos <= chunkBodyStart + chunkSize) {
+        return pos - chunkBodyStart + chunk.fromIndex;
+      }
+      chunkBodyStart += chunkSize;
+    }
+    throw new Error("position out of range");
+  }
+  return bodyStartIdx + pos;
+}
+function getRedactionsForChunkHeaders(from, to, chunks) {
+  const res = [];
+  if (!chunks?.length) {
+    return res;
+  }
+  for (let i = 1; i < chunks?.length; i++) {
+    const chunk = chunks[i];
+    if (chunk.fromIndex > from && chunk.fromIndex < to) {
+      res.push({
+        fromIndex: chunks[i - 1].toIndex,
+        toIndex: chunk.fromIndex
+      });
+    }
+  }
+  return res;
+}
+function parseHttpResponse(buff) {
+  const parser = makeHttpResponseParser();
+  parser.onChunk(buff);
+  parser.streamEnded();
+  return parser.res;
+}
+function makeRegex(str) {
+  return RE2(str, "sgiu");
+}
+const TEMPLATE_START_CHARCODE = "{".charCodeAt(0);
+const TEMPLATE_END_CHARCODE = "}".charCodeAt(0);
+function matchRedactedStrings(templateString, redactedString) {
+  if (templateString.length === 0 && redactedString?.length === 0) {
+    return true;
+  }
+  if (!redactedString) {
+    return false;
+  }
+  let ts = -1;
+  let rs = -1;
+  while (ts < templateString.length && rs < redactedString.length) {
+    let ct = getTChar();
+    let cr = getRChar();
+    if (ct !== cr) {
+      if (ct === TEMPLATE_START_CHARCODE && cr === REDACTION_CHAR_CODE) {
+        if (getTChar() !== TEMPLATE_START_CHARCODE) {
+          return false;
+        }
+        while ((ct = getTChar()) !== TEMPLATE_END_CHARCODE && ct !== -1) {
+        }
+        while ((ct = getTChar()) !== TEMPLATE_END_CHARCODE && ct !== -1) {
+        }
+        if (ct === -1) {
+          return false;
+        }
+        while ((cr = getRChar()) === REDACTION_CHAR_CODE && cr !== -1) {
+        }
+        if (cr === -1) {
+          return getTChar() === -1;
+        }
+        rs--;
+      } else {
+        return false;
+      }
+    }
+  }
+  function getTChar() {
+    ts++;
+    if (ts < templateString.length) {
+      return templateString[ts];
+    } else {
+      return -1;
+    }
+  }
+  function getRChar() {
+    if (!redactedString) {
+      return -1;
+    }
+    rs++;
+    if (rs < redactedString.length) {
+      return redactedString[rs];
+    } else {
+      return -1;
+    }
+  }
+  return ts === templateString.length && rs === redactedString.length;
+}
+function generateRequstAndResponseFromTranscript(transcript, tlsVersion) {
+  const allPackets = transcript;
+  const packets = [];
+  for (const b of allPackets) {
+    if (b.message.type !== "ciphertext" || !isApplicationData(b.message, tlsVersion)) {
+      continue;
+    }
+    const plaintext = tlsVersion === "TLS1_3" ? b.message.plaintext.slice(0, -1) : b.message.plaintext;
+    packets.push({
+      message: plaintext,
+      sender: b.sender
+    });
+  }
+  const req = getHttpRequestDataFromTranscript(packets);
+  const responsePackets = concatenateUint8Arrays(packets.filter((p) => p.sender === "server").map((p) => p.message).filter((b) => !b.every((b2) => b2 === REDACTION_CHAR_CODE)));
+  const res = parseHttpResponse(responsePackets);
+  return { req, res };
+}
+export {
+  buildHeaders,
+  convertResponsePosToAbsolutePos,
+  extractHTMLElement,
+  extractHTMLElementIndex,
+  extractHTMLElements,
+  extractHTMLElementsIndexes,
+  extractJSONValueIndex,
+  extractJSONValueIndexes,
+  generateRequstAndResponseFromTranscript,
+  getRedactionsForChunkHeaders,
+  makeRegex,
+  matchRedactedStrings,
+  parseHttpResponse
+};

package/lib/providers/index.d.ts

@@ -0,0 +1,4 @@
+import type { Provider, ProviderName } from '#src/types/index.ts';
+export declare const providers: {
+    [T in ProviderName]: Provider<T>;
+};

package/lib/providers/index.js

@@ -0,0 +1,7 @@
+import http from "../providers/http/index.js";
+const providers = {
+  http
+};
+export {
+  providers
+};

package/lib/scripts/build-browser.d.ts

@@ -0,0 +1 @@
+export {};

package/lib/scripts/build-jsc.d.ts

@@ -0,0 +1 @@
+export {};

package/lib/scripts/build-lib.d.ts

@@ -0,0 +1 @@
+export {};

package/lib/scripts/check-avs-registration.d.ts

@@ -0,0 +1 @@
+import 'src/server/utils/config-env';

package/lib/scripts/check-avs-registration.js

@@ -0,0 +1,28 @@
+import "src/server/utils/config-env";
+import { getContracts } from "../avs/utils/contracts.js";
+async function main() {
+  const { wallet, contract } = getContracts();
+  const meta = await contract.taskCreationMetadata();
+  console.log(
+    "Metadata parameters:",
+    `maxTaskCreationDelayS: ${meta.maxTaskCreationDelayS}`,
+    `minSignaturesPerTask: ${meta.minSignaturesPerTask}`,
+    `maxTaskLifetimeS: ${meta.maxTaskLifetimeS}`
+  );
+  console.log(`Checking registration for operator ${wallet.address}`);
+  const operatorAddr = wallet.address;
+  const metadata = await contract.getMetadataForOperator(operatorAddr).catch((err) => {
+    if (err.message.includes("Operator not found")) {
+      return;
+    }
+    throw err;
+  });
+  if (!metadata) {
+    console.log("Operator not registered");
+    const isWhitelisted = await contract.isOperatorWhitelisted(operatorAddr);
+    console.log(`Is whitelisted: ${isWhitelisted}`);
+    return;
+  }
+  console.log("Operator registered, URL:", metadata.url);
+}
+void main();

package/lib/scripts/fallbacks/crypto.d.ts

@@ -0,0 +1 @@
+export declare const webcrypto: Crypto;

package/lib/scripts/fallbacks/crypto.js

@@ -0,0 +1,4 @@
+const webcrypto = globalThis.crypto;
+export {
+  webcrypto
+};

package/lib/scripts/fallbacks/empty.d.ts

@@ -0,0 +1,3 @@
+declare const _default: {};
+export default _default;
+export {};

package/lib/scripts/fallbacks/empty.js

@@ -0,0 +1,4 @@
+var empty_default = {};
+export {
+  empty_default as default
+};

package/lib/scripts/fallbacks/re2.d.ts

@@ -0,0 +1 @@
+export default function regularRegex(pattern: string, flags?: string): RegExp;

package/lib/scripts/fallbacks/re2.js

@@ -0,0 +1,7 @@
+function regularRegex(pattern, flags) {
+  flags = flags?.replace("u", "");
+  return new RegExp(pattern, flags);
+}
+export {
+  regularRegex as default
+};

package/lib/scripts/fallbacks/snarkjs.d.ts

@@ -0,0 +1 @@
+export declare const wtns: any, groth16: any, zkey: any;

package/lib/scripts/fallbacks/snarkjs.js

@@ -0,0 +1,10 @@
+const {
+  wtns,
+  groth16,
+  zkey
+} = window["snarkjs"] || {};
+export {
+  groth16,
+  wtns,
+  zkey
+};

package/lib/scripts/fallbacks/stwo.d.ts

@@ -0,0 +1,6 @@
+/**
+ * Browser fallback for stwo - loads from window.s2circuits
+ * The s2circuits.js script must be loaded before this runs
+ */
+import type { MakeZKOperatorOpts, ZKOperator } from '@reclaimprotocol/zk-symmetric-crypto';
+export declare function makeStwoZkOperator({ algorithm, fetcher, }: MakeZKOperatorOpts<object>): ZKOperator;

package/lib/scripts/fallbacks/stwo.js

@@ -0,0 +1,159 @@
+const Base64 = {
+  fromUint8Array(arr) {
+    let binary = "";
+    for (const element of arr) {
+      binary += String.fromCharCode(element);
+    }
+    return btoa(binary);
+  },
+  toUint8Array(str) {
+    const binary = atob(str);
+    const arr = new Uint8Array(binary.length);
+    for (let i = 0; i < binary.length; i++) {
+      arr[i] = binary.charCodeAt(i);
+    }
+    return arr;
+  }
+};
+function getS2Circuits() {
+  const s2 = window["s2circuits"];
+  if (!s2) {
+    throw new Error("s2circuits not loaded. Make sure s2circuits.js is loaded before using stwo.");
+  }
+  return s2;
+}
+function assertU32Counter(counter) {
+  if (!Number.isInteger(counter) || counter < 0 || counter > 4294967295) {
+    throw new RangeError("counter must be a uint32 integer (0 to 4294967295)");
+  }
+}
+let wasmInitialized = false;
+let initPromise;
+async function ensureWasmInitialized(fetcher, logger) {
+  if (wasmInitialized) {
+    return;
+  }
+  if (initPromise) {
+    return initPromise;
+  }
+  initPromise = (async () => {
+    try {
+      const s2 = getS2Circuits();
+      const wasmBytes = await fetcher.fetch("stwo", "s2circuits_bg.wasm", logger);
+      s2.initSync({ module: wasmBytes });
+      wasmInitialized = true;
+    } catch (err) {
+      initPromise = void 0;
+      throw err;
+    }
+  })();
+  return initPromise;
+}
+function serializeWitness(algorithm, input) {
+  if (!input.noncesAndCounters?.length) {
+    throw new Error("noncesAndCounters must be a non-empty array");
+  }
+  const { noncesAndCounters: [{ nonce, counter }] } = input;
+  assertU32Counter(counter);
+  const data = {
+    algorithm,
+    key: Base64.fromUint8Array(input.key),
+    nonce: Base64.fromUint8Array(nonce),
+    counter,
+    plaintext: Base64.fromUint8Array(input.out),
+    // out = decrypted plaintext
+    ciphertext: Base64.fromUint8Array(input.in)
+    // in = encrypted ciphertext
+  };
+  return new TextEncoder().encode(JSON.stringify(data));
+}
+function deserializeWitness(witness) {
+  const json = new TextDecoder().decode(witness);
+  return JSON.parse(json);
+}
+function makeStwoZkOperator({
+  algorithm,
+  fetcher
+}) {
+  return {
+    generateWitness(input) {
+      return serializeWitness(algorithm, input);
+    },
+    async groth16Prove(witness, logger) {
+      await ensureWasmInitialized(fetcher, logger);
+      const s2 = getS2Circuits();
+      const data = deserializeWitness(witness);
+      const key = Base64.toUint8Array(data.key);
+      const nonce = Base64.toUint8Array(data.nonce);
+      const plaintext = Base64.toUint8Array(data.plaintext);
+      const ciphertext = Base64.toUint8Array(data.ciphertext);
+      let resultJson;
+      switch (data.algorithm) {
+        case "chacha20":
+          resultJson = s2.generate_chacha20_proof(key, nonce, data.counter, plaintext, ciphertext);
+          break;
+        case "aes-128-ctr":
+          resultJson = s2.generate_aes128_ctr_proof(key, nonce, data.counter, plaintext, ciphertext);
+          break;
+        case "aes-256-ctr":
+          resultJson = s2.generate_aes256_ctr_proof(key, nonce, data.counter, plaintext, ciphertext);
+          break;
+        default:
+          throw new Error(`Unsupported algorithm: ${data.algorithm}`);
+      }
+      const result = JSON.parse(resultJson);
+      if (result.error) {
+        throw new Error(`Stwo proof generation failed: ${result.error}`);
+      }
+      if (!result.proof) {
+        throw new Error("Stwo proof generation failed: no proof returned");
+      }
+      return { proof: result.proof };
+    },
+    async groth16Verify(publicSignals, proof, logger) {
+      await ensureWasmInitialized(fetcher, logger);
+      const s2 = getS2Circuits();
+      const expectedNonce = publicSignals.noncesAndCounters[0]?.nonce;
+      const expectedCounter = publicSignals.noncesAndCounters[0]?.counter;
+      const expectedCiphertext = publicSignals.in;
+      const expectedPlaintext = publicSignals.out;
+      if (!expectedNonce || expectedCounter === void 0) {
+        logger?.warn("Invalid publicSignals: missing nonce or counter");
+        return false;
+      }
+      assertU32Counter(expectedCounter);
+      const proofStr = typeof proof === "string" ? proof : new TextDecoder().decode(proof);
+      let resultJson;
+      if (algorithm === "chacha20") {
+        resultJson = s2.verify_chacha20_proof(
+          proofStr,
+          expectedNonce,
+          expectedCounter,
+          expectedPlaintext,
+          expectedCiphertext
+        );
+      } else {
+        resultJson = s2.verify_aes_ctr_proof(
+          proofStr,
+          expectedNonce,
+          expectedCounter,
+          expectedPlaintext,
+          expectedCiphertext
+        );
+      }
+      const result = JSON.parse(resultJson);
+      if (result.error) {
+        logger?.warn({ error: result.error }, "Stwo STARK verification failed");
+        return false;
+      }
+      return result.valid === true;
+    },
+    release() {
+      wasmInitialized = false;
+      initPromise = void 0;
+    }
+  };
+}
+export {
+  makeStwoZkOperator
+};

package/lib/scripts/generate-provider-types.d.ts

@@ -0,0 +1,5 @@
+export declare function generateTsFromYamlSchema(name: string, type: 'parameters' | 'secret-parameters'): Promise<{
+    ts: string;
+    schemaTitle: any;
+    jsonTitle: string;
+}>;