npm - @reclaimprotocol/attestor-core - Versions diffs - 5.0.1-beta.2 → 5.0.1-beta.22 - Mend

@reclaimprotocol/attestor-core 5.0.1-beta.2 → 5.0.1-beta.22

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (145) hide show

package/browser/resources/attestor-browser.min.mjs +4512 -0
package/lib/avs/abis/avsDirectoryABI.js +338 -341
package/lib/avs/abis/delegationABI.js +1 -4
package/lib/avs/abis/registryABI.js +719 -722
package/lib/avs/client/create-claim-on-avs.js +129 -157
package/lib/avs/config.js +18 -24
package/lib/avs/contracts/ReclaimServiceManager.js +1 -0
package/lib/avs/contracts/common.js +1 -0
package/lib/avs/contracts/factories/ReclaimServiceManager__factory.js +1139 -1156
package/lib/avs/contracts/factories/index.js +4 -4
package/lib/avs/contracts/index.js +2 -6
package/lib/avs/types/index.js +1 -0
package/lib/avs/utils/contracts.js +30 -50
package/lib/avs/utils/register.js +75 -70
package/lib/avs/utils/tasks.js +38 -45
package/lib/client/create-claim.js +402 -431
package/lib/client/tunnels/make-rpc-tcp-tunnel.js +46 -48
package/lib/client/tunnels/make-rpc-tls-tunnel.js +125 -121
package/lib/client/utils/attestor-pool.js +23 -22
package/lib/client/utils/client-socket.js +86 -109
package/lib/client/utils/message-handler.js +79 -89
package/lib/config/index.js +40 -58
package/lib/external-rpc/benchmark.js +61 -74
package/lib/external-rpc/event-bus.js +12 -15
package/lib/external-rpc/handle-incoming-msg.js +216 -225
package/lib/external-rpc/jsc-polyfills/1.js +70 -68
package/lib/external-rpc/jsc-polyfills/2.js +17 -12
package/lib/external-rpc/jsc-polyfills/event.js +10 -15
package/lib/external-rpc/jsc-polyfills/index.js +2 -2
package/lib/external-rpc/jsc-polyfills/ws.js +77 -79
package/lib/external-rpc/setup-browser.js +28 -28
package/lib/external-rpc/setup-jsc.js +17 -17
package/lib/external-rpc/types.js +1 -0
package/lib/external-rpc/utils.js +89 -89
package/lib/external-rpc/zk.js +55 -50
package/lib/index.js +2 -6
package/lib/mechain/abis/governanceABI.js +457 -460
package/lib/mechain/abis/taskABI.js +502 -505
package/lib/mechain/client/create-claim-on-mechain.js +24 -29
package/lib/mechain/constants/index.js +3 -8
package/lib/mechain/types/index.js +1 -0
package/lib/proto/api.js +4200 -4087
package/lib/proto/tee-bundle.js +1261 -1241
package/lib/providers/http/index.js +616 -603
package/lib/providers/http/patch-parse5-tree.js +27 -29
package/lib/providers/http/utils.js +289 -248
package/lib/providers/index.js +3 -6
package/lib/server/create-server.js +89 -91
package/lib/server/handlers/claimTeeBundle.js +231 -211
package/lib/server/handlers/claimTunnel.js +66 -73
package/lib/server/handlers/completeClaimOnChain.js +20 -25
package/lib/server/handlers/createClaimOnChain.js +21 -27
package/lib/server/handlers/createTaskOnMechain.js +40 -50
package/lib/server/handlers/createTunnel.js +85 -90
package/lib/server/handlers/disconnectTunnel.js +4 -7
package/lib/server/handlers/fetchCertificateBytes.js +37 -53
package/lib/server/handlers/index.js +21 -24
package/lib/server/handlers/init.js +27 -28
package/lib/server/handlers/toprf.js +13 -16
package/lib/server/socket.js +97 -100
package/lib/server/tunnels/make-tcp-tunnel.js +161 -186
package/lib/server/utils/apm.js +32 -25
package/lib/server/utils/assert-valid-claim-request.js +305 -334
package/lib/server/utils/config-env.js +2 -2
package/lib/server/utils/dns.js +12 -18
package/lib/server/utils/gcp-attestation.js +233 -181
package/lib/server/utils/generics.d.ts +1 -1
package/lib/server/utils/generics.js +43 -37
package/lib/server/utils/iso.js +253 -256
package/lib/server/utils/keep-alive.js +36 -36
package/lib/server/utils/nitro-attestation.js +295 -220
package/lib/server/utils/oprf-raw.js +48 -55
package/lib/server/utils/process-handshake.js +200 -218
package/lib/server/utils/proxy-session.js +5 -5
package/lib/server/utils/tee-oprf-mpc-verification.js +82 -78
package/lib/server/utils/tee-oprf-verification.js +165 -142
package/lib/server/utils/tee-transcript-reconstruction.js +176 -129
package/lib/server/utils/tee-verification.js +397 -334
package/lib/server/utils/validation.js +30 -37
package/lib/types/bgp.js +1 -0
package/lib/types/claims.js +1 -0
package/lib/types/client.js +1 -0
package/lib/types/general.js +1 -0
package/lib/types/handlers.js +1 -0
package/lib/types/providers.d.ts +3 -2
package/lib/types/providers.gen.js +9 -15
package/lib/types/providers.js +1 -0
package/lib/types/rpc.js +1 -0
package/lib/types/signatures.d.ts +1 -2
package/lib/types/signatures.js +1 -0
package/lib/types/tunnel.js +1 -0
package/lib/types/zk.js +1 -0
package/lib/utils/auth.js +54 -66
package/lib/utils/b64-json.js +15 -15
package/lib/utils/bgp-listener.js +107 -111
package/lib/utils/claims.js +89 -80
package/lib/utils/env.js +13 -17
package/lib/utils/error.js +43 -47
package/lib/utils/generics.js +284 -235
package/lib/utils/http-parser.js +232 -187
package/lib/utils/logger.js +80 -71
package/lib/utils/prepare-packets.js +69 -67
package/lib/utils/redactions.js +163 -121
package/lib/utils/retries.js +22 -24
package/lib/utils/signatures/eth.js +29 -28
package/lib/utils/signatures/index.js +5 -10
package/lib/utils/socket-base.js +84 -88
package/lib/utils/tls.js +28 -28
package/lib/utils/ws.js +19 -19
package/lib/utils/zk.js +542 -582
package/package.json +12 -5
package/lib/external-rpc/global.d.js +0 -0
package/lib/scripts/build-browser.d.ts +0 -1
package/lib/scripts/build-jsc.d.ts +0 -1
package/lib/scripts/build-lib.d.ts +0 -1
package/lib/scripts/check-avs-registration.d.ts +0 -1
package/lib/scripts/check-avs-registration.js +0 -28
package/lib/scripts/fallbacks/crypto.d.ts +0 -1
package/lib/scripts/fallbacks/crypto.js +0 -4
package/lib/scripts/fallbacks/empty.d.ts +0 -3
package/lib/scripts/fallbacks/empty.js +0 -4
package/lib/scripts/fallbacks/re2.d.ts +0 -1
package/lib/scripts/fallbacks/re2.js +0 -7
package/lib/scripts/fallbacks/snarkjs.d.ts +0 -1
package/lib/scripts/fallbacks/snarkjs.js +0 -10
package/lib/scripts/fallbacks/stwo.d.ts +0 -6
package/lib/scripts/fallbacks/stwo.js +0 -159
package/lib/scripts/generate-provider-types.d.ts +0 -5
package/lib/scripts/generate-provider-types.js +0 -101
package/lib/scripts/generate-receipt.d.ts +0 -9
package/lib/scripts/generate-receipt.js +0 -101
package/lib/scripts/generate-toprf-keys.d.ts +0 -1
package/lib/scripts/generate-toprf-keys.js +0 -24
package/lib/scripts/jsc-cli-rpc.d.ts +0 -1
package/lib/scripts/jsc-cli-rpc.js +0 -35
package/lib/scripts/register-avs-operator.d.ts +0 -1
package/lib/scripts/register-avs-operator.js +0 -3
package/lib/scripts/start-server.d.ts +0 -1
package/lib/scripts/start-server.js +0 -11
package/lib/scripts/update-avs-metadata.d.ts +0 -1
package/lib/scripts/update-avs-metadata.js +0 -20
package/lib/scripts/utils.d.ts +0 -1
package/lib/scripts/utils.js +0 -10
package/lib/scripts/whitelist-operator.d.ts +0 -1
package/lib/scripts/whitelist-operator.js +0 -16

package/lib/utils/http-parser.js CHANGED Viewed

@@ -1,201 +1,246 @@
-import { asciiToUint8Array, concatenateUint8Arrays } from "@reclaimprotocol/tls";
-import { findIndexInUint8Array, uint8ArrayToStr } from "../utils/generics.js";
-import { REDACTION_CHAR_CODE } from "../utils/redactions.js";
-const HTTP_HEADER_LINE_END = asciiToUint8Array("\r\n");
-function makeHttpResponseParser() {
-  const res = {
-    statusCode: 0,
-    statusMessage: "",
-    headers: {},
-    body: new Uint8Array(),
-    complete: false,
-    headersComplete: false,
-    headerIndices: /* @__PURE__ */ new Map(),
-    headerEndIdx: 0
-  };
-  let remainingBodyBytes = 0;
-  let isChunked = false;
-  let remaining = new Uint8Array();
-  let currentByteIdx = 0;
-  return {
-    res,
-    /**
-           * Parse the next chunk of data
-           * @param data the data to parse
-           */
-    onChunk(data) {
-      remaining = concatenateUint8Arrays([remaining, data]);
-      if (!res.headersComplete) {
-        for (let line = getLine(); typeof line !== "undefined"; line = getLine()) {
-          if (!res.statusCode) {
-            const [, statusCode, statusMessage] = line.match(/HTTP\/\d\.\d (\d+) (.*)/) || [];
-            res.statusCode = Number(statusCode);
-            res.statusMessage = statusMessage;
-            res.statusLineEndIndex = currentByteIdx - HTTP_HEADER_LINE_END.length;
-          } else if (line === "") {
-            res.headersComplete = true;
-            res.headerEndIdx = currentByteIdx - 4;
-            if (res.headers["transfer-encoding"]?.includes("chunked")) {
-              isChunked = true;
-              res.chunks = [];
-              break;
-            } else if (res.headers["content-length"]) {
-              remainingBodyBytes = Number(res.headers["content-length"]);
-              break;
-            } else {
-              remainingBodyBytes = -1;
-              break;
+import { asciiToUint8Array, concatenateUint8Arrays } from '@reclaimprotocol/tls';
+import { findIndexInUint8Array, uint8ArrayToStr } from "./generics.js";
+import { REDACTION_CHAR_CODE } from "./redactions.js";
+const HTTP_HEADER_LINE_END = asciiToUint8Array('\r\n');
+/**
+ * parses http/1.1 responses
+ */
+export function makeHttpResponseParser() {
+    /** the HTTP response data */
+    const res = {
+        statusCode: 0,
+        statusMessage: '',
+        headers: {},
+        body: new Uint8Array(),
+        complete: false,
+        headersComplete: false,
+        headerIndices: new Map(),
+        headerEndIdx: 0
+    };
+    let remainingBodyBytes = 0;
+    let isChunked = false;
+    let remaining = new Uint8Array();
+    let currentByteIdx = 0;
+    return {
+        res,
+        /**
+         * Parse the next chunk of data
+         * @param data the data to parse
+         */
+        onChunk(data) {
+            // concatenate the remaining data from the last chunk
+            remaining = concatenateUint8Arrays([remaining, data]);
+            // if we don't have the headers yet, keep reading lines
+            // as each header is in a line
+            if (!res.headersComplete) {
+                for (let line = getLine(); typeof line !== 'undefined'; line = getLine()) {
+                    // first line is the HTTP version, status code & message
+                    if (!res.statusCode) {
+                        const [, statusCode, statusMessage] = line.match(/HTTP\/\d\.\d (\d+) (.*)/) || [];
+                        res.statusCode = Number(statusCode);
+                        res.statusMessage = statusMessage;
+                        res.statusLineEndIndex = currentByteIdx - HTTP_HEADER_LINE_END.length;
+                    }
+                    else if (line === '') { // empty line signifies end of headers
+                        res.headersComplete = true;
+                        res.headerEndIdx = currentByteIdx - 4;
+                        // if the response is chunked, we need to process the body differently
+                        if (res.headers['transfer-encoding']?.includes('chunked')) {
+                            isChunked = true;
+                            res.chunks = [];
+                            break;
+                            // if the response has a content-length, we know how many bytes to read
+                        }
+                        else if (res.headers['content-length']) {
+                            remainingBodyBytes = Number(res.headers['content-length']);
+                            break;
+                        }
+                        else {
+                            remainingBodyBytes = -1;
+                            break;
+                            // otherwise,
+                            // no content-length, no chunked transfer encoding
+                            // means wait till the stream ends
+                            // https://stackoverflow.com/a/11376887
+                        }
+                    }
+                    else if (!res.complete) { // parse the header
+                        const [key, value] = line.split(': ');
+                        res.headers[key.toLowerCase()] = value;
+                        res.headerIndices[key.toLowerCase()] = {
+                            fromIndex: currentByteIdx - line.length - HTTP_HEADER_LINE_END.length,
+                            toIndex: currentByteIdx - HTTP_HEADER_LINE_END.length
+                        };
+                    }
+                    else {
+                        throw new Error('got more data after response was complete');
+                    }
+                }
             }
-          } else if (!res.complete) {
-            const [key, value] = line.split(": ");
-            res.headers[key.toLowerCase()] = value;
-            res.headerIndices[key.toLowerCase()] = {
-              fromIndex: currentByteIdx - line.length - HTTP_HEADER_LINE_END.length,
-              toIndex: currentByteIdx - HTTP_HEADER_LINE_END.length
-            };
-          } else {
-            throw new Error("got more data after response was complete");
-          }
-        }
-      }
-      if (res.headersComplete) {
-        if (remainingBodyBytes) {
-          readBody();
-          if (!remainingBodyBytes && !isChunked) {
-            res.complete = true;
-          }
-        }
-        if (res.headers["content-length"] === "0") {
-          res.complete = true;
-        }
-        if (isChunked) {
-          for (let line = getLine(); typeof line !== "undefined"; line = getLine()) {
-            if (line === "") {
-              continue;
+            if (res.headersComplete) {
+                if (remainingBodyBytes) {
+                    readBody();
+                    // if no more body bytes to read,
+                    // and the response was not chunked we're done
+                    if (!remainingBodyBytes && !isChunked) {
+                        res.complete = true;
+                    }
+                }
+                if (res.headers['content-length'] === '0') {
+                    res.complete = true;
+                }
+                if (isChunked) {
+                    for (let line = getLine(); typeof line !== 'undefined'; line = getLine()) {
+                        if (line === '') {
+                            continue;
+                        }
+                        const chunkSize = Number.parseInt(line, 16);
+                        // if chunk size is 0, we're done
+                        if (!chunkSize) {
+                            res.complete = true;
+                            continue;
+                        }
+                        res.chunks?.push({
+                            fromIndex: currentByteIdx,
+                            toIndex: currentByteIdx + chunkSize,
+                        });
+                        // otherwise read the chunk
+                        remainingBodyBytes = chunkSize;
+                        readBody();
+                        // if we read all the data we had,
+                        // but there's still data left,
+                        // break the loop and wait for the next chunk
+                        if (remainingBodyBytes) {
+                            break;
+                        }
+                    }
+                }
+            }
+        },
+        /**
+         * Call to prevent further parsing; indicating the end of the request
+         * Checks that the response is valid & complete, otherwise throws an error
+         */
+        streamEnded() {
+            if (!res.headersComplete) {
+                throw new Error('stream ended before headers were complete');
             }
-            const chunkSize = Number.parseInt(line, 16);
-            if (!chunkSize) {
-              res.complete = true;
-              continue;
+            if (remaining.length) {
+                throw new Error('stream ended before remaining data arrived');
             }
-            res.chunks?.push({
-              fromIndex: currentByteIdx,
-              toIndex: currentByteIdx + chunkSize
-            });
-            remainingBodyBytes = chunkSize;
-            readBody();
-            if (remainingBodyBytes) {
-              break;
+            if (remainingBodyBytes > 0) {
+                throw new Error('stream ended before all body bytes were received');
             }
-          }
+            res.complete = true;
         }
-      }
-    },
-    /**
-           * Call to prevent further parsing; indicating the end of the request
-           * Checks that the response is valid & complete, otherwise throws an error
-           */
-    streamEnded() {
-      if (!res.headersComplete) {
-        throw new Error("stream ended before headers were complete");
-      }
-      if (remaining.length) {
-        throw new Error("stream ended before remaining data arrived");
-      }
-      if (remainingBodyBytes > 0) {
-        throw new Error("stream ended before all body bytes were received");
-      }
-      res.complete = true;
-    }
-  };
-  function readBody() {
-    if (res.complete) {
-      throw new Error("got more data after response was complete");
+    };
+    function readBody() {
+        if (res.complete) {
+            throw new Error('got more data after response was complete');
+        }
+        if (!res.bodyStartIndex) {
+            res.bodyStartIndex = currentByteIdx;
+        }
+        let bytesToCopy;
+        if (remainingBodyBytes === -1) {
+            // all bytes are body bytes
+            bytesToCopy = remaining.length;
+        }
+        else {
+            // take the number of bytes we need to read, or the number of bytes remaining
+            // and append to the bytes of the body
+            bytesToCopy = Math.min(remainingBodyBytes, remaining.length);
+            remainingBodyBytes -= bytesToCopy;
+        }
+        res.body = concatenateUint8Arrays([
+            res.body,
+            remaining.slice(0, bytesToCopy)
+        ]);
+        remaining = remaining.slice(bytesToCopy);
+        currentByteIdx += bytesToCopy;
     }
-    if (!res.bodyStartIndex) {
-      res.bodyStartIndex = currentByteIdx;
+    function getLine() {
+        // find end of line, if it exists
+        // otherwise return undefined
+        const idx = findIndexInUint8Array(remaining, HTTP_HEADER_LINE_END);
+        if (idx === -1) {
+            return undefined;
+        }
+        const line = uint8ArrayToStr(remaining.slice(0, idx));
+        remaining = remaining.slice(idx + HTTP_HEADER_LINE_END.length);
+        currentByteIdx += idx + HTTP_HEADER_LINE_END.length;
+        return line;
     }
-    let bytesToCopy;
-    if (remainingBodyBytes === -1) {
-      bytesToCopy = remaining.length;
-    } else {
-      bytesToCopy = Math.min(remainingBodyBytes, remaining.length);
-      remainingBodyBytes -= bytesToCopy;
+}
+/**
+ * Read the HTTP request from a TLS receipt transcript.
+ * @param receipt the transcript to read from or application messages if they were extracted beforehand
+ * @returns the parsed HTTP request
+ */
+export function getHttpRequestDataFromTranscript(receipt) {
+    const clientMsgs = receipt
+        .filter(s => s.sender === 'client');
+    // if the first message is redacted, we can't parse it
+    // as we don't know what the request was
+    if (clientMsgs[0].message[0] === REDACTION_CHAR_CODE) {
+        throw new Error('First client message request is redacted. Cannot parse');
     }
-    res.body = concatenateUint8Arrays([
-      res.body,
-      remaining.slice(0, bytesToCopy)
-    ]);
-    remaining = remaining.slice(bytesToCopy);
-    currentByteIdx += bytesToCopy;
-  }
-  function getLine() {
-    const idx = findIndexInUint8Array(remaining, HTTP_HEADER_LINE_END);
-    if (idx === -1) {
-      return void 0;
+    const request = {
+        method: '',
+        url: '',
+        protocol: '',
+        headers: {}
+    };
+    let requestBuffer = concatenateUint8Arrays(clientMsgs.map(m => m.message));
+    // keep reading lines until we get to the end of the headers
+    for (let line = getLine(); typeof line !== 'undefined'; line = getLine()) {
+        if (line === '') {
+            break;
+        }
+        if (!request.method) {
+            const [, method, url, protocol] = line.match(/(\w+) (.*) (.*)/) || [];
+            request.method = method.toLowerCase();
+            request.url = url;
+            request.protocol = protocol;
+        }
+        else {
+            let keyIdx = line.indexOf(':');
+            if (keyIdx === -1) {
+                keyIdx = line.length - 1;
+            }
+            const key = line.slice(0, keyIdx)
+                .toLowerCase()
+                .trim();
+            const value = line.slice(keyIdx + 1)
+                .trim();
+            const oldValue = request.headers[key];
+            if (typeof oldValue === 'string') {
+                request.headers[key] = [oldValue, value];
+            }
+            else if (Array.isArray(oldValue)) {
+                oldValue.push(value);
+            }
+            else {
+                request.headers[key] = value;
+            }
+        }
     }
-    const line = uint8ArrayToStr(remaining.slice(0, idx));
-    remaining = remaining.slice(idx + HTTP_HEADER_LINE_END.length);
-    currentByteIdx += idx + HTTP_HEADER_LINE_END.length;
-    return line;
-  }
-}
-function getHttpRequestDataFromTranscript(receipt) {
-  const clientMsgs = receipt.filter((s) => s.sender === "client");
-  if (clientMsgs[0].message[0] === REDACTION_CHAR_CODE) {
-    throw new Error("First client message request is redacted. Cannot parse");
-  }
-  const request = {
-    method: "",
-    url: "",
-    protocol: "",
-    headers: {}
-  };
-  let requestBuffer = concatenateUint8Arrays(clientMsgs.map((m) => m.message));
-  for (let line = getLine(); typeof line !== "undefined"; line = getLine()) {
-    if (line === "") {
-      break;
+    //the rest is request body
+    if (requestBuffer.length) {
+        request.body = requestBuffer;
     }
     if (!request.method) {
-      const [, method, url, protocol] = line.match(/(\w+) (.*) (.*)/) || [];
-      request.method = method.toLowerCase();
-      request.url = url;
-      request.protocol = protocol;
-    } else {
-      let keyIdx = line.indexOf(":");
-      if (keyIdx === -1) {
-        keyIdx = line.length - 1;
-      }
-      const key = line.slice(0, keyIdx).toLowerCase().trim();
-      const value = line.slice(keyIdx + 1).trim();
-      const oldValue = request.headers[key];
-      if (typeof oldValue === "string") {
-        request.headers[key] = [oldValue, value];
-      } else if (Array.isArray(oldValue)) {
-        oldValue.push(value);
-      } else {
-        request.headers[key] = value;
-      }
+        throw new Error('Client request is incomplete');
     }
-  }
-  if (requestBuffer.length) {
-    request.body = requestBuffer;
-  }
-  if (!request.method) {
-    throw new Error("Client request is incomplete");
-  }
-  return request;
-  function getLine() {
-    const idx = findIndexInUint8Array(requestBuffer, HTTP_HEADER_LINE_END);
-    if (idx === -1) {
-      return void 0;
+    return request;
+    function getLine() {
+        const idx = findIndexInUint8Array(requestBuffer, HTTP_HEADER_LINE_END);
+        if (idx === -1) {
+            return undefined;
+        }
+        const line = uint8ArrayToStr(requestBuffer.slice(0, idx));
+        requestBuffer = requestBuffer
+            .slice(idx + HTTP_HEADER_LINE_END.length);
+        return line;
     }
-    const line = uint8ArrayToStr(requestBuffer.slice(0, idx));
-    requestBuffer = requestBuffer.slice(idx + HTTP_HEADER_LINE_END.length);
-    return line;
-  }
 }
-export {
-  getHttpRequestDataFromTranscript,
-  makeHttpResponseParser
-};

package/lib/utils/logger.js CHANGED Viewed

@@ -1,82 +1,91 @@
-import { pino, stdTimeFunctions } from "pino";
-import { getEnvVariable } from "../utils/env.js";
-const PII_PROPERTIES = ["ownerPrivateKey", "secretParams"];
-const redactedText = "[REDACTED]";
-const envLevel = getEnvVariable("LOG_LEVEL");
-let logger = pino();
+import { pino, stdTimeFunctions } from 'pino';
+import { getEnvVariable } from "./env.js";
+const PII_PROPERTIES = ['ownerPrivateKey', 'secretParams'];
+const redactedText = '[REDACTED]';
+const envLevel = getEnvVariable('LOG_LEVEL');
+export let logger = pino();
 makeLogger(false, envLevel);
-function makeLogger(redactPii, level, onLog) {
-  const opts = {
-    // Log human readable time stamps instead of epoch time
-    timestamp: stdTimeFunctions.isoTime
-  };
-  if (redactPii) {
-    opts.formatters = { log: redact };
-    opts.serializers = { redact };
-    opts.browser = {
-      write: {
-        fatal: (log) => writeLog("fatal", log),
-        error: (log) => writeLog("error", log),
-        warn: (log) => writeLog("warn", log),
-        info: (log) => writeLog("info", log),
-        debug: (log) => writeLog("debug", log),
-        trace: (log) => writeLog("trace", log)
-      }
+/**
+ * Creates a logger instance with optional redaction of PII.
+ * Replaces default logger
+ * See PII_PROPERTIES for the list of properties that will be redacted.
+ *
+ * @param redactPii - whether to redact PII from logs
+ * @param level - the log level to use
+ * @param onLog - a callback to call when a log is written
+ */
+export function makeLogger(redactPii, level, onLog) {
+    const opts = {
+        // Log human readable time stamps instead of epoch time
+        timestamp: stdTimeFunctions.isoTime,
     };
-  }
-  const pLogger = pino(opts);
-  pLogger.level = level || "info";
-  logger = pLogger;
-  return pLogger;
-  function writeLog(level2, log) {
-    log = redact(log);
-    const { msg, ...obj } = log;
-    if (console[level2]) {
-      console[level2](obj, msg);
-    } else {
-      console.log(obj, msg);
+    if (redactPii) {
+        opts.formatters = { log: redact };
+        opts.serializers = { redact };
+        opts.browser = {
+            write: {
+                fatal: log => writeLog('fatal', log),
+                error: log => writeLog('error', log),
+                warn: log => writeLog('warn', log),
+                info: log => writeLog('info', log),
+                debug: log => writeLog('debug', log),
+                trace: log => writeLog('trace', log),
+            }
+        };
+    }
+    const pLogger = pino(opts);
+    pLogger.level = level || 'info';
+    logger = pLogger;
+    return pLogger;
+    function writeLog(level, log) {
+        log = redact(log);
+        const { msg, ...obj } = log;
+        if (console[level]) {
+            console[level](obj, msg);
+        }
+        else {
+            console.log(obj, msg);
+        }
+        onLog?.(level, log);
     }
-    onLog?.(level2, log);
-  }
 }
 function isObjectProperty(property) {
-  return typeof property === "object" && !Array.isArray(property) && property !== null;
+    return (typeof property) === 'object'
+        && !Array.isArray(property)
+        && property !== null;
 }
 function getReplacer() {
-  const references = /* @__PURE__ */ new WeakSet();
-  return function(key, value) {
-    const isObject = typeof value === "object" && value !== null;
-    if (isObject) {
-      if (references.has(value)) {
-        return "[CIRCULAR]";
-      }
-      references.add(value);
-    }
-    return value;
-  };
+    // Store references to previously visited objects
+    const references = new WeakSet();
+    return function (key, value) {
+        const isObject = (typeof value) === 'object' && value !== null;
+        if (isObject) {
+            if (references.has(value)) {
+                return '[CIRCULAR]';
+            }
+            references.add(value);
+        }
+        return value;
+    };
 }
-function redact(json) {
-  const isObject = isObjectProperty(json);
-  if (!isObject && !Array.isArray(json)) {
-    return json;
-  }
-  const redacted = JSON.parse(JSON.stringify(json, getReplacer()));
-  for (const prop in redacted) {
-    if (PII_PROPERTIES.includes(prop)) {
-      redacted[prop] = redactedText;
+export function redact(json) {
+    const isObject = isObjectProperty(json);
+    if (!isObject && !Array.isArray(json)) {
+        return json;
     }
-    if (Array.isArray(redacted[prop])) {
-      for (const [index, value] of redacted[prop].entries()) {
-        redacted[prop][index] = redact(value);
-      }
-    } else if (isObjectProperty(redacted[prop])) {
-      redacted[prop] = redact(redacted[prop]);
+    const redacted = JSON.parse(JSON.stringify(json, getReplacer()));
+    for (const prop in redacted) {
+        if (PII_PROPERTIES.includes(prop)) {
+            redacted[prop] = redactedText;
+        }
+        if (Array.isArray(redacted[prop])) {
+            for (const [index, value] of redacted[prop].entries()) {
+                redacted[prop][index] = redact(value);
+            }
+        }
+        else if (isObjectProperty(redacted[prop])) {
+            redacted[prop] = redact(redacted[prop]);
+        }
     }
-  }
-  return redacted;
+    return redacted;
 }
-export {
-  logger,
-  makeLogger,
-  redact
-};