npm - @reclaimprotocol/js-sdk - Versions diffs - 5.0.0 → 5.1.0-dev.0 - Mend

@reclaimprotocol/js-sdk 5.0.0 → 5.1.0-dev.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/README.md CHANGED Viewed

@@ -138,7 +138,7 @@ Let's break down what's happening in this code:
    - Generate a request URL using `getRequestUrl()`. This URL is used to create the QR code.
    - Get the status URL using `getStatusUrl()`. This URL can be used to check the status of the claim process.
-   - Start a session with `startSession()`, which sets up callbacks for successful and failed verifications.
+   - Start a session with `startSession()`, which sets up callbacks for successful and failed verifications, and allows you to pass an optional `verificationConfig` to customize proof verification.
 3. We display a QR code using the request URL. When a user scans this code, it starts the verification process.

package/dist/index.d.ts CHANGED Viewed

@@ -271,7 +271,7 @@ interface ResponseMatchSpec {
  */
 interface ResponseRedactionSpec {
     /** Optional hashing method applied to the redacted content (e.g., 'oprf') */
-    hash?: "oprf" | "oprf-mpc" | undefined;
+    hash?: "oprf" | "oprf-mpc" | "oprf-raw" | undefined;
     /** JSON path for locating the value to redact */
     jsonPath: string;
     /** RegEx applied to correctly parse and extract/redact value */
@@ -280,6 +280,88 @@ interface ResponseRedactionSpec {
     xPath: string;
 }
+/**
+ * Content validation configuration specifying essential required hashes and optional extra proofs.
+ * Used to explicitly validate that a generated proof matches the exact request structure expected.
+ */
+type ValidationConfigWithHash = {
+    /**
+     * Array of computed hashes that must be satisfied by the proofs.
+     *
+     * An element can be a `HashRequirement` object or a string that is equivalent to
+     * a `{ value: '<hash>', required: true, multiple: false }` as `HashRequirement`.
+     */
+    hashes: (string | HashRequirement)[];
+};
+/**
+ * Content validation configuration specifying the provider id and version used in the verification session that generated the proofs.
+ * Used to explicitly validate that a generated proof matches the exact request structure expected.
+ *
+ * See also:
+ *
+ * * `ReclaimProofRequest.getProviderVersion()` - With a ReclaimProofRequest object, you can get the provider id & exact version of provider used in verification session.
+ */
+interface ValidationConfigWithProviderInformation {
+    /**
+     * The identifier of provider used in verifications that resulted in a proof
+     *
+     * See also:
+     *
+     * * `ReclaimProofRequest.getProviderVersion()` - With a ReclaimProofRequest object, you can get the provider id & exact version of provider used in verification session.
+     **/
+    providerId: string;
+    /**
+     * The exact version of provider used in verifications that resulted in a proof.
+     *
+     * This cannot be a version constaint or version expression. It can be undefined or left blank if proof must be validated with latest version of provider.
+     * Patches for the next provider version are also fetched and hashes from that spec is also be used to compare the hashes from proof.
+     *
+     * See also:
+     *
+     * * `ReclaimProofRequest.getProviderVersion()` - With a ReclaimProofRequest object, you can get the provider id & exact version of provider used in verification session.
+     **/
+    providerVersion?: string;
+    /**
+     * List of allowed pre-release tags.
+     * For example, if you are using AI, provide `['ai']` to allow AI patch versions of the provider.
+     */
+    allowedTags?: string[];
+}
+/**
+ * Legacy configuration to completely bypass content validation during verification.
+ * Warning: Using this poses a risk as it avoids strictly matching proof parameters to expected hashes.
+ */
+interface ValidationConfigWithDisabledValidation {
+    dangerouslyDisableContentValidation: true;
+}
+/**
+ * Represents the configuration options applied when validating proof contents, allowing
+ * strict hash checking or intentionally skipping validation if flagged.
+ */
+type ValidationConfig = ValidationConfigWithHash | ValidationConfigWithProviderInformation | ValidationConfigWithDisabledValidation;
+/**
+ * Describes the comprehensive configuration required to initialize the proof verification process.
+ * Aligns with `ValidationConfig` options for verifying signatures alongside proof contents.
+ */
+type VerificationConfig = ValidationConfig & {
+    /**
+     * If true, verifies TEE (Trusted Execution Environment) attestation included in the proof.
+     * When enabled, the result will include `isTeeVerified` and `isVerified` will be false
+     * if TEE data is missing or TEE verification fails.
+     */
+    verifyTEE?: boolean;
+};
+declare function assertValidProofsByHash(proofs: Proof[], config: ProviderHashRequirementsConfig): void;
+declare function isHttpProviderClaimParams(claimParams: unknown): claimParams is HttpProviderClaimParams;
+declare function getHttpProviderClaimParamsFromProof(proof: Proof): HttpProviderClaimParams;
+/**
+ * Asserts that the proof is validated by checking the content of proof with with expectations from provider config or hash based on [options]
+ * @param proofs - The proofs to validate
+ * @param config - The validation config
+ * @throws {ProofNotValidatedError} When the proof is not validated
+ */
+declare function assertValidateProof(proofs: Proof[], config: VerificationConfig): Promise<void>;
 type ClaimID = ProviderClaimData['identifier'];
 type ClaimInfo = Pick<ProviderClaimData, 'context' | 'provider' | 'parameters'>;
 type CompleteClaimData = Pick<ProviderClaimData, 'owner' | 'timestampS' | 'epoch'> & ClaimInfo;
@@ -308,6 +390,7 @@ type CreateVerificationRequest = {
 type StartSessionParams = {
     onSuccess: OnSuccess;
     onError: OnError;
+    verificationConfig?: VerificationConfig;
 };
 type OnSuccess = (proof?: Proof | Proof[]) => void;
 type OnError = (error: Error) => void;
@@ -614,88 +697,6 @@ type ProviderHashRequirementsResponse = {
     providerVersionString?: string;
 };
-/**
- * Content validation configuration specifying essential required hashes and optional extra proofs.
- * Used to explicitly validate that a generated proof matches the exact request structure expected.
- */
-type ValidationConfigWithHash = {
-    /**
-     * Array of computed hashes that must be satisfied by the proofs.
-     *
-     * An element can be a `HashRequirement` object or a string that is equivalent to
-     * a `{ value: '<hash>', required: true, multiple: false }` as `HashRequirement`.
-     */
-    hashes: (string | HashRequirement)[];
-};
-/**
- * Content validation configuration specifying the provider id and version used in the verification session that generated the proofs.
- * Used to explicitly validate that a generated proof matches the exact request structure expected.
- *
- * See also:
- *
- * * `ReclaimProofRequest.getProviderVersion()` - With a ReclaimProofRequest object, you can get the provider id & exact version of provider used in verification session.
- */
-interface ValidationConfigWithProviderInformation {
-    /**
-     * The identifier of provider used in verifications that resulted in a proof
-     *
-     * See also:
-     *
-     * * `ReclaimProofRequest.getProviderVersion()` - With a ReclaimProofRequest object, you can get the provider id & exact version of provider used in verification session.
-     **/
-    providerId: string;
-    /**
-     * The exact version of provider used in verifications that resulted in a proof.
-     *
-     * This cannot be a version constaint or version expression. It can be undefined or left blank if proof must be validated with latest version of provider.
-     * Patches for the next provider version are also fetched and hashes from that spec is also be used to compare the hashes from proof.
-     *
-     * See also:
-     *
-     * * `ReclaimProofRequest.getProviderVersion()` - With a ReclaimProofRequest object, you can get the provider id & exact version of provider used in verification session.
-     **/
-    providerVersion?: string;
-    /**
-     * List of allowed pre-release tags.
-     * For example, if you are using AI, provide `['ai']` to allow AI patch versions of the provider.
-     */
-    allowedTags?: string[];
-}
-/**
- * Legacy configuration to completely bypass content validation during verification.
- * Warning: Using this poses a risk as it avoids strictly matching proof parameters to expected hashes.
- */
-interface ValidationConfigWithDisabledValidation {
-    dangerouslyDisableContentValidation: true;
-}
-/**
- * Represents the configuration options applied when validating proof contents, allowing
- * strict hash checking or intentionally skipping validation if flagged.
- */
-type ValidationConfig = ValidationConfigWithHash | ValidationConfigWithProviderInformation | ValidationConfigWithDisabledValidation;
-/**
- * Describes the comprehensive configuration required to initialize the proof verification process.
- * Aligns with `ValidationConfig` options for verifying signatures alongside proof contents.
- */
-type VerificationConfig = ValidationConfig & {
-    /**
-     * If true, verifies TEE (Trusted Execution Environment) attestation included in the proof.
-     * When enabled, the result will include `isTeeVerified` and `isVerified` will be false
-     * if TEE data is missing or TEE verification fails.
-     */
-    verifyTEE?: boolean;
-};
-declare function assertValidProofsByHash(proofs: Proof[], config: ProviderHashRequirementsConfig): void;
-declare function isHttpProviderClaimParams(claimParams: unknown): claimParams is HttpProviderClaimParams;
-declare function getHttpProviderClaimParamsFromProof(proof: Proof): HttpProviderClaimParams;
-/**
- * Asserts that the proof is validated by checking the content of proof with with expectations from provider config or hash based on [options]
- * @param proofs - The proofs to validate
- * @param config - The validation config
- * @throws {ProofNotValidatedError} When the proof is not validated
- */
-declare function assertValidateProof(proofs: Proof[], config: VerificationConfig): Promise<void>;
 /**
  * Verifies one or more Reclaim proofs by validating signatures, verifying witness information,
  * and performing content validation against the expected configuration.
@@ -1285,6 +1286,7 @@ declare class ReclaimProofRequest {
      *
      * @param onSuccess - Callback function invoked when proof is successfully submitted
      * @param onError - Callback function invoked when an error occurs during the session
+     * @param verificationConfig - Optional configuration to customize proof verification
      * @returns Promise<void>
      * @throws {SessionNotStartedError} When session ID is not defined
      * @throws {ProofNotVerifiedError} When proof verification fails (default callback only)
@@ -1303,7 +1305,7 @@ declare class ReclaimProofRequest {
      * });
      * ```
      */
-    startSession({ onSuccess, onError }: StartSessionParams): Promise<void>;
+    startSession({ onSuccess, onError, verificationConfig }: StartSessionParams): Promise<void>;
     /**
      * Closes the QR code modal if it is currently open
      *

package/dist/index.js CHANGED Viewed

@@ -84,7 +84,7 @@ var require_package = __commonJS({
   "package.json"(exports2, module2) {
     module2.exports = {
       name: "@reclaimprotocol/js-sdk",
-      version: "5.0.0",
+      version: "5.1.0-dev.0",
       description: "Designed to request proofs from the Reclaim protocol and manage the flow of claims and witness interactions.",
       main: "dist/index.js",
       types: "dist/index.d.ts",
@@ -3719,6 +3719,7 @@ var ReclaimProofRequest = class _ReclaimProofRequest {
    *
    * @param onSuccess - Callback function invoked when proof is successfully submitted
    * @param onError - Callback function invoked when an error occurs during the session
+   * @param verificationConfig - Optional configuration to customize proof verification
    * @returns Promise<void>
    * @throws {SessionNotStartedError} When session ID is not defined
    * @throws {ProofNotVerifiedError} When proof verification fails (default callback only)
@@ -3738,7 +3739,7 @@ var ReclaimProofRequest = class _ReclaimProofRequest {
    * ```
    */
   startSession(_0) {
-    return __async(this, arguments, function* ({ onSuccess, onError }) {
+    return __async(this, arguments, function* ({ onSuccess, onError, verificationConfig }) {
       if (!this.sessionId) {
         const message = "Session can't be started due to undefined value of sessionId";
         logger10.info(message);
@@ -3772,10 +3773,10 @@ var ReclaimProofRequest = class _ReclaimProofRequest {
             if (statusUrlResponse.session.proofs && statusUrlResponse.session.proofs.length > 0) {
               const proofs = statusUrlResponse.session.proofs;
               if (this.claimCreationType === "createClaim" /* STANDALONE */) {
-                const { isVerified: verified } = yield verifyProof(proofs, this.getProviderVersion());
-                if (!verified) {
+                const result = yield verifyProof(proofs, verificationConfig != null ? verificationConfig : this.getProviderVersion());
+                if (!result.isVerified) {
                   logger10.info(`Proofs not verified: count=${proofs == null ? void 0 : proofs.length}`);
-                  throw new ProofNotVerifiedError();
+                  throw new ProofNotVerifiedError(`Proofs not verified: count=${proofs == null ? void 0 : proofs.length}`, result.error);
                 }
               }
               if (proofs.length === 1) {