@reclaimprotocol/attestor-core 5.0.1-beta.2 → 5.0.1-beta.21

package/lib/avs/contracts/factories/index.js

@@ -1,4 +0,0 @@
-import { ReclaimServiceManager__factory } from "./ReclaimServiceManager__factory.js";
-export {
-  ReclaimServiceManager__factory
-};

package/lib/avs/contracts/index.js

@@ -1,6 +0,0 @@
-import * as factories from "./factories/index.js";
-import { ReclaimServiceManager__factory } from "./factories/ReclaimServiceManager__factory.js";
-export {
-  ReclaimServiceManager__factory,
-  factories
-};

package/lib/avs/utils/contracts.js

@@ -1,53 +0,0 @@
-import { Contract, JsonRpcProvider, Wallet } from "ethers";
-import { avsDirectoryABI } from "../../avs/abis/avsDirectoryABI.js";
-import { delegationABI } from "../../avs/abis/delegationABI.js";
-import { registryABI } from "../../avs/abis/registryABI.js";
-import { CHAIN_CONFIGS, PRIVATE_KEY, SELECTED_CHAIN_ID } from "../../avs/config.js";
-import { ReclaimServiceManager__factory } from "../../avs/contracts/index.js";
-const configs = {};
-function getContracts(chainId = SELECTED_CHAIN_ID) {
-  const config = CHAIN_CONFIGS[chainId];
-  if (!config) {
-    throw new Error(`No config found for chain ID: ${chainId}`);
-  }
-  configs[chainId] ||= initialiseContracts(config);
-  return configs[chainId];
-}
-function initialiseContracts({
-  rpcUrl,
-  stakeRegistryAddress,
-  avsDirectoryAddress,
-  contractAddress,
-  delegationManagerAddress
-}, privateKey = PRIVATE_KEY) {
-  const provider = new JsonRpcProvider(rpcUrl);
-  const wallet = privateKey ? new Wallet(privateKey, provider) : void 0;
-  return {
-    provider,
-    wallet,
-    delegationManager: new Contract(
-      delegationManagerAddress,
-      delegationABI,
-      wallet || provider
-    ),
-    // eslint-disable-next-line camelcase
-    contract: ReclaimServiceManager__factory.connect(
-      contractAddress,
-      wallet || provider
-    ),
-    registryContract: new Contract(
-      stakeRegistryAddress,
-      registryABI,
-      wallet || provider
-    ),
-    avsDirectory: new Contract(
-      avsDirectoryAddress,
-      avsDirectoryABI,
-      wallet || provider
-    )
-  };
-}
-export {
-  getContracts,
-  initialiseContracts
-};

package/lib/avs/utils/register.js

@@ -1,74 +0,0 @@
-import { hexlify, randomBytes, SigningKey } from "ethers";
-import { RECLAIM_PUBLIC_URL, SELECTED_CHAIN_ID } from "../../avs/config.js";
-import { getContracts } from "../../avs/utils/contracts.js";
-import { logger as LOGGER } from "../../utils/index.js";
-async function registerOperator({
-  logger = LOGGER,
-  chainId = SELECTED_CHAIN_ID,
-  wallet = getContracts(chainId).wallet,
-  reclaimRpcUrl = RECLAIM_PUBLIC_URL
-} = {}) {
-  const contracts = getContracts(chainId);
-  const delegationManager = contracts.delegationManager.connect(wallet);
-  const avsDirectory = contracts.avsDirectory.connect(wallet);
-  const contract = contracts.contract.connect(wallet);
-  const registryContract = contracts.registryContract.connect(wallet);
-  const addr = wallet.address;
-  try {
-    const tx1 = await delegationManager.registerAsOperator({
-      earningsReceiver: addr,
-      delegationApprover: "0x0000000000000000000000000000000000000000",
-      stakerOptOutWindowBlocks: 0
-    }, "");
-    await tx1.wait();
-    logger.info("operator registered on DM successfully");
-  } catch (err) {
-    if (!err.message.includes("operator has already registered")) {
-      throw err;
-    }
-    logger.info("Operator already registered on EL");
-  }
-  const salt = hexlify(randomBytes(32));
-  const expiry = Math.floor(Date.now() / 1e3) + 3600;
-  const operatorSignature = {
-    expiry,
-    salt,
-    signature: ""
-  };
-  const contractAddress = await contract.getAddress();
-  const digestHash = await avsDirectory.calculateOperatorAVSRegistrationDigestHash(
-    addr,
-    contractAddress,
-    salt,
-    expiry
-  );
-  const signingKey = new SigningKey(
-    wallet.privateKey
-  );
-  const signature = signingKey.sign(digestHash);
-  operatorSignature.signature = signature.serialized;
-  logger.info("operator signature generated successfully");
-  if (!await registryContract.operatorRegistered(addr)) {
-    const tx2 = await registryContract.registerOperatorWithSignature(addr, operatorSignature);
-    await tx2.wait();
-    logger.info("operator registered on AVS successfully");
-  } else {
-    logger.info("Operator already registered on AVS");
-  }
-  const existingMetadata = await contract.getMetadataForOperator(addr).catch((err) => {
-    if (err.message.includes("Operator not found")) {
-      return void 0;
-    }
-    throw err;
-  });
-  const metadata = { addr, url: reclaimRpcUrl };
-  if (existingMetadata?.addr === metadata.addr && existingMetadata?.url === metadata.url) {
-    logger.info("operator metadata already up to date");
-    return;
-  }
-  await contract.updateOperatorMetadata(metadata);
-  logger.info({ metadata }, "operator metadata updated successfully");
-}
-export {
-  registerOperator
-};

package/lib/avs/utils/tasks.js

@@ -1,48 +0,0 @@
-import { EventLog, getBytes } from "ethers";
-import { getContracts } from "../../avs/utils/contracts.js";
-async function createNewClaimRequestOnChain({
-  request,
-  payer,
-  chainId,
-  ...rest
-}) {
-  const contracts = getContracts(chainId);
-  const contract = contracts.contract.connect(payer);
-  const ownerAddress = typeof rest.owner === "string" ? rest.owner : rest.owner.address;
-  const fullRequest = {
-    ...request,
-    owner: ownerAddress
-  };
-  const signature = await getSignature();
-  const task = await contract.createNewTask(fullRequest, signature || "0x00");
-  const rslt = await task.wait();
-  const logs = rslt?.logs ?? [];
-  const eventLogs = logs.filter((log) => log instanceof EventLog);
-  const ev = eventLogs[0];
-  const arg = ev?.args;
-  return { task: arg, tx: rslt };
-  function getSignature() {
-    if (ownerAddress.toLowerCase() === payer.address.toLowerCase()) {
-      return;
-    }
-    if ("requestSignature" in rest) {
-      return rest.requestSignature;
-    }
-    if (typeof rest.owner !== "object") {
-      throw new Error(
-        "Owner wallet must be provided or requestSignature must be provided"
-      );
-    }
-    return signClaimRequest(fullRequest, rest.owner, chainId);
-  }
-}
-async function signClaimRequest(request, owner, chainId) {
-  const contract = getContracts(chainId).contract;
-  const encoded = await contract.encodeClaimRequest(request);
-  const strSig = await owner.signMessage(getBytes(encoded));
-  return getBytes(strSig);
-}
-export {
-  createNewClaimRequestOnChain,
-  signClaimRequest
-};

package/lib/client/create-claim.js

@@ -1,461 +0,0 @@
-import { asciiToUint8Array } from "@reclaimprotocol/tls";
-import { makeRpcTlsTunnel } from "../client/tunnels/make-rpc-tls-tunnel.js";
-import { getAttestorClientFromPool } from "../client/utils/attestor-pool.js";
-import { DEFAULT_HTTPS_PORT, PROVIDER_CTX, TOPRF_DOMAIN_SEPARATOR } from "../config/index.js";
-import { ClaimTunnelRequest } from "../proto/api.js";
-import { providers } from "../providers/index.js";
-import {
-  AttestorError,
-  binaryHashToStr,
-  canonicalStringify,
-  generateTunnelId,
-  getBlocksToReveal,
-  getEngineProto,
-  getProviderValue,
-  isApplicationData,
-  logger as LOGGER,
-  makeDefaultOPRFOperator,
-  makeHttpResponseParser,
-  preparePacketsForReveal,
-  redactSlices,
-  uint8ArrayToStr,
-  unixTimestampSeconds
-} from "../utils/index.js";
-import { executeWithRetries } from "../utils/retries.js";
-import { SIGNATURES } from "../utils/signatures/index.js";
-import { getDefaultTlsOptions } from "../utils/tls.js";
-function createClaimOnAttestor({
-  logger: _logger,
-  maxRetries = 3,
-  ...opts
-}) {
-  const logger = _logger || ("logger" in opts.client ? opts.client.logger : LOGGER);
-  return executeWithRetries(
-    (attempt) => _createClaimOnAttestor({
-      ...opts,
-      logger: attempt ? logger.child({ attempt }) : logger
-    }),
-    { maxRetries, logger, shouldRetry }
-  );
-}
-function shouldRetry(err) {
-  if (err instanceof TypeError) {
-    return false;
-  }
-  if (err?.message?.includes("stream ended before")) {
-    return true;
-  }
-  return err instanceof AttestorError && err.code !== "ERROR_INVALID_CLAIM" && err.code !== "ERROR_BAD_REQUEST" && err.code !== "ERROR_AUTHENTICATION_FAILED" && err.code !== "ERROR_TOPRF_OUT_OF_BOUNDS";
-}
-async function _createClaimOnAttestor({
-  name,
-  params,
-  secretParams,
-  context,
-  onStep,
-  ownerPrivateKey,
-  client: clientInit,
-  logger = LOGGER,
-  timestampS,
-  updateProviderParams,
-  updateParametersFromOprfData = true,
-  ...zkOpts
-}) {
-  const provider = providers[name];
-  const hostPort = getProviderValue(params, provider.hostPort, secretParams);
-  const geoLocation = getProviderValue(params, provider.geoLocation, secretParams);
-  const proxySessionId = getProviderValue(params, provider.proxySessionId, secretParams);
-  const providerTlsOpts = getProviderValue(
-    params,
-    provider.additionalClientOptions
-  );
-  const tlsOpts = {
-    ...getDefaultTlsOptions(),
-    fetchCertificateBytes: fetchCertificateBytesFromAttestor,
-    ...providerTlsOpts
-  };
-  const { zkEngine = "snarkjs" } = zkOpts;
-  let redactionMode = getProviderValue(params, provider.writeRedactionMode);
-  const [host, port] = hostPort.split(":");
-  const resParser = makeHttpResponseParser();
-  let client;
-  let lastMsgRevealed = false;
-  const revealMap = /* @__PURE__ */ new Map();
-  onStep?.({ name: "connecting" });
-  let endedHttpRequest;
-  const createTunnelReq = {
-    host,
-    port: port ? +port : DEFAULT_HTTPS_PORT,
-    geoLocation,
-    proxySessionId,
-    id: generateTunnelId()
-  };
-  logger = logger.child({ tunnelId: createTunnelReq.id });
-  const authRequest = "authRequest" in clientInit ? typeof clientInit.authRequest === "function" ? await clientInit.authRequest() : clientInit.authRequest : void 0;
-  const tunnel = await makeRpcTlsTunnel({
-    tlsOpts,
-    connect: (connectMsgs) => {
-      let created = false;
-      if ("metadata" in clientInit) {
-        client = clientInit;
-      } else {
-        client = getAttestorClientFromPool(
-          clientInit.url,
-          () => {
-            created = true;
-            return {
-              authRequest,
-              initMessages: connectMsgs,
-              logger
-            };
-          }
-        );
-      }
-      if (!created) {
-        client.waitForInit().then(() => client.sendMessage(...connectMsgs)).catch((err) => {
-          logger.error(
-            { err },
-            "error in sending init msgs"
-          );
-        });
-      }
-      return client;
-    },
-    logger,
-    request: createTunnelReq,
-    onMessage(data) {
-      logger.debug({ bytes: data.length }, "recv data from server");
-      resParser.onChunk(data);
-      if (resParser.res.complete) {
-        logger?.debug("got complete HTTP response from server");
-        setTimeout(() => {
-          endedHttpRequest?.();
-        }, 100);
-      }
-    },
-    onClose(err) {
-      const level = err ? "error" : "debug";
-      logger?.[level]({ err }, "tls session ended");
-      endedHttpRequest?.(err);
-      try {
-        resParser.streamEnded();
-      } catch {
-      }
-    }
-  });
-  const {
-    version: tlsVersion,
-    cipherSuite
-  } = tunnel.tls.getMetadata();
-  if (tlsVersion === "TLS1_2" && redactionMode !== "zk") {
-    redactionMode = "zk";
-    logger.info("TLS1.2 detected, defaulting to zk redaction mode");
-  }
-  const {
-    redactions,
-    data: requestStr
-  } = provider.createRequest(
-    // @ts-ignore
-    secretParams,
-    params,
-    logger
-  );
-  const requestData = typeof requestStr === "string" ? asciiToUint8Array(requestStr) : requestStr;
-  logger.debug(
-    { redactions: redactions.length },
-    "generated request"
-  );
-  const waitForAllData = new Promise(
-    (resolve, reject) => {
-      endedHttpRequest = (err) => err ? reject(err) : resolve();
-    }
-  );
-  onStep?.({ name: "sending-request-data" });
-  try {
-    if (redactionMode === "zk") {
-      await writeRedactedZk();
-    } else {
-      await writeRedactedWithKeyUpdate();
-    }
-    logger.info("wrote request to server");
-  } catch (err) {
-    logger.error(
-      { err },
-      "session errored during write, waiting for stream end"
-    );
-  }
-  onStep?.({ name: "waiting-for-response" });
-  await waitForAllData;
-  await tunnel.close();
-  logger.info("session closed, processing response");
-  if (updateProviderParams) {
-    const { params: updatedParms, secretParams: updatedSecretParms } = await updateProviderParams(tunnel.transcript, tlsVersion ?? "TLS1_2");
-    params = { ...params, ...updatedParms };
-    secretParams = { ...secretParams, ...updatedSecretParms };
-  }
-  const signatureAlg = SIGNATURES[client.metadata.signatureType];
-  let serverIV;
-  let clientIV;
-  const [serverBlock] = getLastBlocks("server", 1);
-  if (serverBlock?.message.type === "ciphertext") {
-    serverIV = serverBlock.message.fixedIv;
-  }
-  const [clientBlock] = getLastBlocks("client", 1);
-  if (clientBlock?.message.type === "ciphertext") {
-    clientIV = clientBlock.message.fixedIv;
-  }
-  const transcript = await generateTranscript();
-  const claimTunnelReq = ClaimTunnelRequest.create({
-    request: createTunnelReq,
-    data: {
-      provider: name,
-      parameters: canonicalStringify(params),
-      context: canonicalStringify(context),
-      timestampS: timestampS ?? unixTimestampSeconds(),
-      owner: getAddress()
-    },
-    transcript,
-    zkEngine: getEngineProto(zkEngine),
-    fixedServerIV: serverIV,
-    fixedClientIV: clientIV
-  });
-  onStep?.({ name: "waiting-for-verification" });
-  const claimTunnelBytes = ClaimTunnelRequest.encode(claimTunnelReq).finish();
-  const requestSignature = await signatureAlg.sign(claimTunnelBytes, ownerPrivateKey);
-  claimTunnelReq.signatures = { requestSignature };
-  const result = await client.rpc("claimTunnel", claimTunnelReq);
-  logger.info({ success: !!result.claim }, "recv claim response");
-  return result;
-  async function fetchCertificateBytesFromAttestor(url) {
-    if (!client) {
-      throw new Error("attestor client not initialized");
-    }
-    const result2 = await client.rpc("fetchCertificateBytes", { url });
-    return result2.bytes;
-  }
-  async function writeRedactedWithKeyUpdate() {
-    let currentIndex = 0;
-    for (const section of redactions) {
-      const block2 = requestData.slice(currentIndex, section.fromIndex);
-      if (block2.length) {
-        await writeWithReveal(block2, true);
-      }
-      const redacted = requestData.slice(section.fromIndex, section.toIndex);
-      await writeWithReveal(redacted, false);
-      currentIndex = section.toIndex;
-    }
-    const lastBlockStart = redactions?.[redactions.length - 1]?.toIndex || 0;
-    const block = requestData.slice(lastBlockStart);
-    if (block.length) {
-      await writeWithReveal(block, true);
-    }
-  }
-  async function writeRedactedZk() {
-    let blocksWritten = tunnel.transcript.length;
-    await tunnel.tls.write(requestData);
-    blocksWritten = tunnel.transcript.length - blocksWritten;
-    setRevealOfLastSentBlocks(
-      {
-        type: "zk",
-        redactedPlaintext: redactSlices(requestData, redactions)
-      },
-      blocksWritten
-    );
-  }
-  async function writeWithReveal(data, reveal) {
-    if (reveal !== lastMsgRevealed) {
-      await tunnel.tls.updateTrafficKeys();
-    }
-    let blocksWritten = tunnel.transcript.length;
-    await tunnel.write(data);
-    blocksWritten = tunnel.transcript.length - blocksWritten;
-    setRevealOfLastSentBlocks(reveal ? { type: "complete" } : void 0, blocksWritten);
-    lastMsgRevealed = reveal;
-  }
-  function setRevealOfLastSentBlocks(reveal, nBlocks = 1) {
-    const lastBlocks = getLastBlocks("client", nBlocks);
-    if (!lastBlocks.length) {
-      return;
-    }
-    for (const block of lastBlocks) {
-      setRevealOfMessage(block.message, reveal);
-    }
-  }
-  function getLastBlocks(sender, nBlocks) {
-    const lastBlocks = [];
-    for (let i = tunnel.transcript.length - 1; i >= 0; i--) {
-      const block = tunnel.transcript[i];
-      if (block.sender === sender) {
-        lastBlocks.push(block);
-        if (lastBlocks.length === nBlocks) {
-          break;
-        }
-      }
-    }
-    return lastBlocks;
-  }
-  async function generateTranscript() {
-    await addServerSideReveals();
-    const startMs = Date.now();
-    const revealedMessages = await preparePacketsForReveal(
-      tunnel.transcript,
-      revealMap,
-      {
-        logger,
-        cipherSuite,
-        onZkProgress(done, total) {
-          const timeSinceStartMs = Date.now() - startMs;
-          const timePerBlockMs = timeSinceStartMs / done;
-          const timeLeftMs = timePerBlockMs * (total - done);
-          onStep?.({
-            name: "generating-zk-proofs",
-            proofsDone: done,
-            proofsTotal: total,
-            approxTimeLeftS: Math.round(timeLeftMs / 1e3)
-          });
-        },
-        ...zkOpts
-      }
-    );
-    return revealedMessages;
-  }
-  async function addServerSideReveals() {
-    const allPackets = tunnel.transcript;
-    let serverPacketsToReveal = "all";
-    const packets = [];
-    const serverBlocks = [];
-    for (const b of allPackets) {
-      if (b.message.type !== "ciphertext" || !isApplicationData(b.message, tlsVersion)) {
-        continue;
-      }
-      const plaintext = tlsVersion === "TLS1_3" ? b.message.plaintext.slice(0, -1) : b.message.plaintext;
-      packets.push({
-        message: plaintext,
-        sender: b.sender
-      });
-      if (b.sender === "server") {
-        serverBlocks.push({
-          plaintext,
-          message: b.message
-        });
-      }
-    }
-    if (provider.getResponseRedactions) {
-      serverPacketsToReveal = await getBlocksToReveal(
-        serverBlocks,
-        (total) => provider.getResponseRedactions({
-          response: total,
-          params,
-          logger,
-          ctx: PROVIDER_CTX
-        }),
-        performOprf
-      );
-    }
-    const revealedPackets = packets.filter((p) => p.sender === "client");
-    if (serverPacketsToReveal === "all") {
-      for (const { message, sender } of allPackets) {
-        if (sender === "server") {
-          setRevealOfMessage(message, { type: "complete" });
-        }
-      }
-      revealedPackets.push(...packets.filter((p) => p.sender === "server"));
-    } else {
-      for (const {
-        block,
-        redactedPlaintext,
-        overshotToprfFromPrevBlock,
-        toprfs,
-        oprfRawMarkers
-      } of serverPacketsToReveal) {
-        setRevealOfMessage(block.message, {
-          type: "zk",
-          redactedPlaintext,
-          toprfs,
-          oprfRawMarkers,
-          overshotToprfFromPrevBlock
-        });
-        revealedPackets.push(
-          { sender: "server", message: redactedPlaintext }
-        );
-        if (updateParametersFromOprfData && toprfs) {
-          let strParams = canonicalStringify(params);
-          for (const toprf of toprfs) {
-            const ogText = uint8ArrayToStr(toprf.plaintext);
-            const hashedText = binaryHashToStr(
-              toprf.nullifier,
-              toprf.dataLocation.length
-            );
-            strParams = strParams.replaceAll(ogText, hashedText);
-          }
-          params = JSON.parse(strParams);
-        }
-      }
-    }
-    await provider.assertValidProviderReceipt({
-      receipt: revealedPackets,
-      params: {
-        ...params,
-        // provide secret params for proper
-        // request body validation
-        secretParams
-      },
-      logger,
-      ctx: PROVIDER_CTX
-    });
-    for (const p of allPackets) {
-      if (p.message.type !== "ciphertext") {
-        continue;
-      }
-      if (isApplicationData(p.message, tlsVersion)) {
-        break;
-      }
-      setRevealOfMessage(p.message, { type: "complete" });
-    }
-  }
-  async function performOprf(plaintext) {
-    logger.info({ length: plaintext.length }, "generating OPRF...");
-    const oprfOperator = zkOpts.oprfOperators?.["chacha20"] || makeDefaultOPRFOperator(
-      "chacha20",
-      zkEngine,
-      logger
-    );
-    const reqData = await oprfOperator.generateOPRFRequestData(
-      plaintext,
-      TOPRF_DOMAIN_SEPARATOR,
-      logger
-    );
-    const res = await client.rpc("toprf", {
-      maskedData: reqData.maskedData,
-      engine: getEngineProto(zkEngine)
-    });
-    const nullifier = await oprfOperator.finaliseOPRF(
-      client.initResponse.toprfPublicKey,
-      reqData,
-      [res]
-    );
-    const data = {
-      nullifier,
-      responses: [res],
-      mask: reqData.mask,
-      dataLocation: void 0,
-      plaintext
-    };
-    return data;
-  }
-  function setRevealOfMessage(message, reveal) {
-    if (reveal) {
-      revealMap.set(message, reveal);
-      return;
-    }
-    revealMap.delete(message);
-  }
-  function getAddress() {
-    const { getAddress: getAddress2, getPublicKey } = signatureAlg;
-    const pubKey = getPublicKey(ownerPrivateKey);
-    return getAddress2(pubKey);
-  }
-}
-export {
-  createClaimOnAttestor
-};

package/lib/client/index.js

@@ -1,3 +0,0 @@
-export * from "./create-claim.js";
-export * from "./utils/attestor-pool.js";
-export * from "./utils/client-socket.js";