@renown/sdk 6.0.2-staging.2 → 6.0.2-staging.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -0
- package/dist/index.d.ts +77 -0
- package/dist/index.d.ts.map +1 -0
- package/dist/index.js +173 -0
- package/dist/index.js.map +1 -0
- package/dist/node.d.ts +136 -0
- package/dist/node.d.ts.map +1 -0
- package/dist/node.js +305 -0
- package/dist/node.js.map +1 -0
- package/dist/renown-builder-xQpZet3I.js +816 -0
- package/dist/renown-builder-xQpZet3I.js.map +1 -0
- package/dist/utils-D7B6E7_Z.d.ts +682 -0
- package/dist/utils-D7B6E7_Z.d.ts.map +1 -0
- package/package.json +14 -13
- package/dist/src/common.d.ts +0 -23
- package/dist/src/common.d.ts.map +0 -1
- package/dist/src/common.js +0 -145
- package/dist/src/common.js.map +0 -1
- package/dist/src/constants.d.ts +0 -130
- package/dist/src/constants.d.ts.map +0 -1
- package/dist/src/constants.js +0 -40
- package/dist/src/constants.js.map +0 -1
- package/dist/src/crypto/browser-key-storage.d.ts +0 -10
- package/dist/src/crypto/browser-key-storage.d.ts.map +0 -1
- package/dist/src/crypto/browser-key-storage.js +0 -76
- package/dist/src/crypto/browser-key-storage.js.map +0 -1
- package/dist/src/crypto/common.d.ts +0 -6
- package/dist/src/crypto/common.d.ts.map +0 -1
- package/dist/src/crypto/common.js +0 -8
- package/dist/src/crypto/common.js.map +0 -1
- package/dist/src/crypto/index.d.ts +0 -3
- package/dist/src/crypto/index.d.ts.map +0 -1
- package/dist/src/crypto/index.js +0 -3
- package/dist/src/crypto/index.js.map +0 -1
- package/dist/src/crypto/memory-key-storage.d.ts +0 -9
- package/dist/src/crypto/memory-key-storage.d.ts.map +0 -1
- package/dist/src/crypto/memory-key-storage.js +0 -18
- package/dist/src/crypto/memory-key-storage.js.map +0 -1
- package/dist/src/crypto/node-key-storage.d.ts +0 -21
- package/dist/src/crypto/node-key-storage.d.ts.map +0 -1
- package/dist/src/crypto/node-key-storage.js +0 -107
- package/dist/src/crypto/node-key-storage.js.map +0 -1
- package/dist/src/crypto/node.d.ts +0 -3
- package/dist/src/crypto/node.d.ts.map +0 -1
- package/dist/src/crypto/node.js +0 -3
- package/dist/src/crypto/node.js.map +0 -1
- package/dist/src/crypto/renown-crypto-builder.d.ts +0 -11
- package/dist/src/crypto/renown-crypto-builder.d.ts.map +0 -1
- package/dist/src/crypto/renown-crypto-builder.js +0 -34
- package/dist/src/crypto/renown-crypto-builder.js.map +0 -1
- package/dist/src/crypto/renown-crypto.d.ts +0 -26
- package/dist/src/crypto/renown-crypto.d.ts.map +0 -1
- package/dist/src/crypto/renown-crypto.js +0 -56
- package/dist/src/crypto/renown-crypto.js.map +0 -1
- package/dist/src/crypto/signer.d.ts +0 -74
- package/dist/src/crypto/signer.d.ts.map +0 -1
- package/dist/src/crypto/signer.js +0 -306
- package/dist/src/crypto/signer.js.map +0 -1
- package/dist/src/crypto/types.d.ts +0 -27
- package/dist/src/crypto/types.d.ts.map +0 -1
- package/dist/src/crypto/types.js +0 -2
- package/dist/src/crypto/types.js.map +0 -1
- package/dist/src/crypto/utils.d.ts +0 -13
- package/dist/src/crypto/utils.d.ts.map +0 -1
- package/dist/src/crypto/utils.js +0 -39
- package/dist/src/crypto/utils.js.map +0 -1
- package/dist/src/event/event.browser.d.ts +0 -10
- package/dist/src/event/event.browser.d.ts.map +0 -1
- package/dist/src/event/event.browser.js +0 -24
- package/dist/src/event/event.browser.js.map +0 -1
- package/dist/src/event/event.node.d.ts +0 -8
- package/dist/src/event/event.node.d.ts.map +0 -1
- package/dist/src/event/event.node.js +0 -17
- package/dist/src/event/event.node.js.map +0 -1
- package/dist/src/event/memory.d.ts +0 -8
- package/dist/src/event/memory.d.ts.map +0 -1
- package/dist/src/event/memory.js +0 -16
- package/dist/src/event/memory.js.map +0 -1
- package/dist/src/event/types.d.ts +0 -16
- package/dist/src/event/types.d.ts.map +0 -1
- package/dist/src/event/types.js +0 -2
- package/dist/src/event/types.js.map +0 -1
- package/dist/src/index.d.ts +0 -8
- package/dist/src/index.d.ts.map +0 -1
- package/dist/src/index.js +0 -8
- package/dist/src/index.js.map +0 -1
- package/dist/src/init.browser.d.ts +0 -52
- package/dist/src/init.browser.d.ts.map +0 -1
- package/dist/src/init.browser.js +0 -66
- package/dist/src/init.browser.js.map +0 -1
- package/dist/src/init.node.d.ts +0 -29
- package/dist/src/init.node.d.ts.map +0 -1
- package/dist/src/init.node.js +0 -30
- package/dist/src/init.node.js.map +0 -1
- package/dist/src/node.d.ts +0 -10
- package/dist/src/node.d.ts.map +0 -1
- package/dist/src/node.js +0 -10
- package/dist/src/node.js.map +0 -1
- package/dist/src/profile.d.ts +0 -3
- package/dist/src/profile.d.ts.map +0 -1
- package/dist/src/profile.js +0 -22
- package/dist/src/profile.js.map +0 -1
- package/dist/src/renown-builder.d.ts +0 -68
- package/dist/src/renown-builder.d.ts.map +0 -1
- package/dist/src/renown-builder.js +0 -130
- package/dist/src/renown-builder.js.map +0 -1
- package/dist/src/storage/common.d.ts +0 -17
- package/dist/src/storage/common.d.ts.map +0 -1
- package/dist/src/storage/common.js +0 -20
- package/dist/src/storage/common.js.map +0 -1
- package/dist/src/storage/storage.browser.d.ts +0 -10
- package/dist/src/storage/storage.browser.d.ts.map +0 -1
- package/dist/src/storage/storage.browser.js +0 -27
- package/dist/src/storage/storage.browser.js.map +0 -1
- package/dist/src/storage/storage.node.d.ts +0 -11
- package/dist/src/storage/storage.node.d.ts.map +0 -1
- package/dist/src/storage/storage.node.js +0 -42
- package/dist/src/storage/storage.node.js.map +0 -1
- package/dist/src/types.d.ts +0 -126
- package/dist/src/types.d.ts.map +0 -1
- package/dist/src/types.js +0 -2
- package/dist/src/types.js.map +0 -1
- package/dist/src/utils.d.ts +0 -24
- package/dist/src/utils.d.ts.map +0 -1
- package/dist/src/utils.js +0 -94
- package/dist/src/utils.js.map +0 -1
- package/dist/test/auth.test.d.ts +0 -2
- package/dist/test/auth.test.d.ts.map +0 -1
- package/dist/test/auth.test.js +0 -13
- package/dist/test/auth.test.js.map +0 -1
- package/dist/test/crypto/signer.test.d.ts +0 -2
- package/dist/test/crypto/signer.test.d.ts.map +0 -1
- package/dist/test/crypto/signer.test.js +0 -184
- package/dist/test/crypto/signer.test.js.map +0 -1
- package/dist/test/renown.test.d.ts +0 -2
- package/dist/test/renown.test.d.ts.map +0 -1
- package/dist/test/renown.test.js +0 -287
- package/dist/test/renown.test.js.map +0 -1
- package/dist/test/storage.node.test.d.ts +0 -2
- package/dist/test/storage.node.test.d.ts.map +0 -1
- package/dist/test/storage.node.test.js +0 -66
- package/dist/test/storage.node.test.js.map +0 -1
- package/dist/tsconfig.tsbuildinfo +0 -1
- package/dist/vitest.config.d.ts +0 -3
- package/dist/vitest.config.d.ts.map +0 -1
- package/dist/vitest.config.js +0 -7
- package/dist/vitest.config.js.map +0 -1
|
@@ -1,107 +0,0 @@
|
|
|
1
|
-
import { existsSync, mkdirSync, readFileSync, unlinkSync, writeFileSync, } from "node:fs";
|
|
2
|
-
import { dirname, join } from "node:path";
|
|
3
|
-
const ENV_KEY_NAME = "PH_RENOWN_PRIVATE_KEY";
|
|
4
|
-
const DEFAULT_KEYPAIR_PATH = join(process.cwd(), ".ph/.keypair.json");
|
|
5
|
-
/**
|
|
6
|
-
* Key storage that supports:
|
|
7
|
-
* 1. PH_RENOWN_PRIVATE_KEY environment variable (JSON-encoded JwkKeyPair)
|
|
8
|
-
* 2. Custom file path passed via options
|
|
9
|
-
* 3. Falls back to file storage at .ph/.keypair.json in current working directory
|
|
10
|
-
*/
|
|
11
|
-
export class NodeKeyStorage {
|
|
12
|
-
#filePath;
|
|
13
|
-
#envKeyName;
|
|
14
|
-
#logger;
|
|
15
|
-
static DEFAULT_KEYPAIR_PATH = DEFAULT_KEYPAIR_PATH;
|
|
16
|
-
static ENV_KEY_NAME = ENV_KEY_NAME;
|
|
17
|
-
constructor(filePath, options = {}) {
|
|
18
|
-
this.#filePath = filePath || DEFAULT_KEYPAIR_PATH;
|
|
19
|
-
this.#envKeyName = options.envKeyName || ENV_KEY_NAME;
|
|
20
|
-
this.#logger = options.logger;
|
|
21
|
-
// Ensure directory exists
|
|
22
|
-
const dir = dirname(this.#filePath);
|
|
23
|
-
if (!existsSync(dir)) {
|
|
24
|
-
mkdirSync(dir, { recursive: true });
|
|
25
|
-
}
|
|
26
|
-
}
|
|
27
|
-
loadKeyPair() {
|
|
28
|
-
// First check environment variable
|
|
29
|
-
const envKey = process.env[this.#envKeyName];
|
|
30
|
-
if (envKey) {
|
|
31
|
-
try {
|
|
32
|
-
const keyPairJson = JSON.parse(envKey);
|
|
33
|
-
const keyPair = this.#parseKeyPair(keyPairJson);
|
|
34
|
-
// Validate it has the required structure
|
|
35
|
-
this.#logger?.debug("Loaded keypair from environment variable");
|
|
36
|
-
return Promise.resolve(keyPair);
|
|
37
|
-
}
|
|
38
|
-
catch (e) {
|
|
39
|
-
throw new Error(`Failed to parse ${this.#envKeyName}: ${e instanceof Error ? e.message : String(e)}`, {
|
|
40
|
-
cause: e,
|
|
41
|
-
});
|
|
42
|
-
}
|
|
43
|
-
}
|
|
44
|
-
// Fall back to file storage
|
|
45
|
-
return Promise.resolve(this.#loadFromFile());
|
|
46
|
-
}
|
|
47
|
-
async saveKeyPair(keyPair) {
|
|
48
|
-
// Don't save if using env var
|
|
49
|
-
if (process.env[this.#envKeyName]) {
|
|
50
|
-
return;
|
|
51
|
-
}
|
|
52
|
-
// Save to file
|
|
53
|
-
this.#saveToFile(keyPair);
|
|
54
|
-
return Promise.resolve();
|
|
55
|
-
}
|
|
56
|
-
removeKeyPair() {
|
|
57
|
-
if (process.env[this.#envKeyName]) {
|
|
58
|
-
delete process.env[this.#envKeyName];
|
|
59
|
-
}
|
|
60
|
-
if (existsSync(this.#filePath)) {
|
|
61
|
-
unlinkSync(this.#filePath);
|
|
62
|
-
}
|
|
63
|
-
return Promise.resolve();
|
|
64
|
-
}
|
|
65
|
-
#loadFromFile() {
|
|
66
|
-
try {
|
|
67
|
-
if (!existsSync(this.#filePath)) {
|
|
68
|
-
return undefined;
|
|
69
|
-
}
|
|
70
|
-
const data = readFileSync(this.#filePath, "utf-8");
|
|
71
|
-
const parsed = JSON.parse(data);
|
|
72
|
-
const keyPair = this.#parseKeyPair(parsed);
|
|
73
|
-
this.#logger?.debug(`Loaded keypair from ${this.#filePath}`);
|
|
74
|
-
return keyPair;
|
|
75
|
-
}
|
|
76
|
-
catch (e) {
|
|
77
|
-
throw new Error(`Failed to parse ${this.#filePath}: ${e instanceof Error ? e.message : String(e)}`, {
|
|
78
|
-
cause: e,
|
|
79
|
-
});
|
|
80
|
-
}
|
|
81
|
-
}
|
|
82
|
-
#saveToFile(keyPair) {
|
|
83
|
-
const data = { keyPair };
|
|
84
|
-
writeFileSync(this.#filePath, JSON.stringify(data, null, 2), "utf-8");
|
|
85
|
-
this.#logger?.debug(`Saved keypair to ${this.#filePath}`);
|
|
86
|
-
}
|
|
87
|
-
#parseKeyPair(json) {
|
|
88
|
-
if (typeof json !== "object") {
|
|
89
|
-
throw new Error("Invalid keyPair format:" + JSON.stringify(json));
|
|
90
|
-
}
|
|
91
|
-
const object = json;
|
|
92
|
-
let keyPair;
|
|
93
|
-
if ("keyPair" in object) {
|
|
94
|
-
keyPair = object.keyPair;
|
|
95
|
-
}
|
|
96
|
-
else {
|
|
97
|
-
keyPair = object;
|
|
98
|
-
}
|
|
99
|
-
if ("publicKey" in keyPair && "privateKey" in keyPair) {
|
|
100
|
-
return keyPair;
|
|
101
|
-
}
|
|
102
|
-
else {
|
|
103
|
-
throw new Error("Invalid keyPair format:" + JSON.stringify(json));
|
|
104
|
-
}
|
|
105
|
-
}
|
|
106
|
-
}
|
|
107
|
-
//# sourceMappingURL=node-key-storage.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"node-key-storage.js","sourceRoot":"","sources":["../../../src/crypto/node-key-storage.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,UAAU,EACV,SAAS,EACT,YAAY,EACZ,UAAU,EACV,aAAa,GACd,MAAM,SAAS,CAAC;AACjB,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAI1C,MAAM,YAAY,GAAG,uBAAuB,CAAC;AAC7C,MAAM,oBAAoB,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,mBAAmB,CAAC,CAAC;AAEtE;;;;;GAKG;AACH,MAAM,OAAO,cAAc;IACzB,SAAS,CAAS;IAClB,WAAW,CAAS;IACpB,OAAO,CAAW;IAElB,MAAM,CAAU,oBAAoB,GAAG,oBAAoB,CAAC;IAC5D,MAAM,CAAU,YAAY,GAAG,YAAY,CAAC;IAE5C,YACE,QAAiB,EACjB,UAAqD,EAAE;QAEvD,IAAI,CAAC,SAAS,GAAG,QAAQ,IAAI,oBAAoB,CAAC;QAClD,IAAI,CAAC,WAAW,GAAG,OAAO,CAAC,UAAU,IAAI,YAAY,CAAC;QACtD,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC;QAE9B,0BAA0B;QAC1B,MAAM,GAAG,GAAG,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QACpC,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;YACrB,SAAS,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QACtC,CAAC;IACH,CAAC;IAED,WAAW;QACT,mCAAmC;QACnC,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QAC7C,IAAI,MAAM,EAAE,CAAC;YACX,IAAI,CAAC;gBACH,MAAM,WAAW,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAY,CAAC;gBAClD,MAAM,OAAO,GAAe,IAAI,CAAC,aAAa,CAAC,WAAW,CAAC,CAAC;gBAE5D,yCAAyC;gBACzC,IAAI,CAAC,OAAO,EAAE,KAAK,CAAC,0CAA0C,CAAC,CAAC;gBAChE,OAAO,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;YAClC,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;gBACX,MAAM,IAAI,KAAK,CACb,mBAAmB,IAAI,CAAC,WAAW,KAAK,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EACpF;oBACE,KAAK,EAAE,CAAC;iBACT,CACF,CAAC;YACJ,CAAC;QACH,CAAC;QAED,4BAA4B;QAC5B,OAAO,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,aAAa,EAAE,CAAC,CAAC;IAC/C,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,OAAmB;QACnC,8BAA8B;QAC9B,IAAI,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,CAAC;YAClC,OAAO;QACT,CAAC;QAED,eAAe;QACf,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;QAC1B,OAAO,OAAO,CAAC,OAAO,EAAE,CAAC;IAC3B,CAAC;IAED,aAAa;QACX,IAAI,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,CAAC;YAClC,OAAO,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QACvC,CAAC;QACD,IAAI,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC;YAC/B,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QAC7B,CAAC;QACD,OAAO,OAAO,CAAC,OAAO,EAAE,CAAC;IAC3B,CAAC;IAED,aAAa;QACX,IAAI,CAAC;YACH,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC;gBAChC,OAAO,SAAS,CAAC;YACnB,CAAC;YACD,MAAM,IAAI,GAAG,YAAY,CAAC,IAAI,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;YACnD,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAY,CAAC;YAC3C,MAAM,OAAO,GAAe,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC;YACvD,IAAI,CAAC,OAAO,EAAE,KAAK,CAAC,uBAAuB,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC;YAC7D,OAAO,OAAO,CAAC;QACjB,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,MAAM,IAAI,KAAK,CACb,mBAAmB,IAAI,CAAC,SAAS,KAAK,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAClF;gBACE,KAAK,EAAE,CAAC;aACT,CACF,CAAC;QACJ,CAAC;IACH,CAAC;IAED,WAAW,CAAC,OAAmB;QAC7B,MAAM,IAAI,GAAG,EAAE,OAAO,EAAE,CAAC;QACzB,aAAa,CAAC,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,OAAO,CAAC,CAAC;QACtE,IAAI,CAAC,OAAO,EAAE,KAAK,CAAC,oBAAoB,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC;IAC5D,CAAC;IAED,aAAa,CAAC,IAAa;QACzB,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;YAC7B,MAAM,IAAI,KAAK,CAAC,yBAAyB,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC;QACpE,CAAC;QAED,MAAM,MAAM,GAAG,IAA4C,CAAC;QAC5D,IAAI,OAAmB,CAAC;QACxB,IAAI,SAAS,IAAI,MAAM,EAAE,CAAC;YACxB,OAAO,GAAG,MAAM,CAAC,OAAO,CAAC;QAC3B,CAAC;aAAM,CAAC;YACN,OAAO,GAAG,MAAM,CAAC;QACnB,CAAC;QAED,IAAI,WAAW,IAAI,OAAO,IAAI,YAAY,IAAI,OAAO,EAAE,CAAC;YACtD,OAAO,OAAO,CAAC;QACjB,CAAC;aAAM,CAAC;YACN,MAAM,IAAI,KAAK,CAAC,yBAAyB,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC;QACpE,CAAC;IACH,CAAC"}
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"node.d.ts","sourceRoot":"","sources":["../../../src/crypto/node.ts"],"names":[],"mappings":"AAAA,cAAc,aAAa,CAAC;AAE5B,OAAO,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC"}
|
package/dist/src/crypto/node.js
DELETED
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"node.js","sourceRoot":"","sources":["../../../src/crypto/node.ts"],"names":[],"mappings":"AAAA,cAAc,aAAa,CAAC;AAE5B,OAAO,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC"}
|
|
@@ -1,11 +0,0 @@
|
|
|
1
|
-
import { RenownCrypto } from "./renown-crypto.js";
|
|
2
|
-
import type { JsonWebKeyPairStorage } from "./types.js";
|
|
3
|
-
export declare class RenownCryptoBuilder {
|
|
4
|
-
#private;
|
|
5
|
-
private keyPairStorage?;
|
|
6
|
-
private subtleCrypto?;
|
|
7
|
-
withKeyPairStorage(storage: JsonWebKeyPairStorage): this;
|
|
8
|
-
withSubtleCrypto(crypto: SubtleCrypto): this;
|
|
9
|
-
build(): Promise<RenownCrypto>;
|
|
10
|
-
}
|
|
11
|
-
//# sourceMappingURL=renown-crypto-builder.d.ts.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"renown-crypto-builder.d.ts","sourceRoot":"","sources":["../../../src/crypto/renown-crypto-builder.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,KAAK,EAAE,qBAAqB,EAAE,MAAM,YAAY,CAAC;AAQxD,qBAAa,mBAAmB;;IAC9B,OAAO,CAAC,cAAc,CAAC,CAAwB;IAC/C,OAAO,CAAC,YAAY,CAAC,CAAe;IAEpC,kBAAkB,CAAC,OAAO,EAAE,qBAAqB,GAAG,IAAI;IAKxD,gBAAgB,CAAC,MAAM,EAAE,YAAY,GAAG,IAAI;IAKtC,KAAK,IAAI,OAAO,CAAC,YAAY,CAAC;CA+BrC"}
|
|
@@ -1,34 +0,0 @@
|
|
|
1
|
-
import { RenownCrypto } from "./renown-crypto.js";
|
|
2
|
-
import { exportKeyPair, generateKeyPair, importKeyPair, parseDid, } from "./utils.js";
|
|
3
|
-
export class RenownCryptoBuilder {
|
|
4
|
-
keyPairStorage;
|
|
5
|
-
subtleCrypto;
|
|
6
|
-
withKeyPairStorage(storage) {
|
|
7
|
-
this.keyPairStorage = storage;
|
|
8
|
-
return this;
|
|
9
|
-
}
|
|
10
|
-
withSubtleCrypto(crypto) {
|
|
11
|
-
this.subtleCrypto = crypto;
|
|
12
|
-
return this;
|
|
13
|
-
}
|
|
14
|
-
async build() {
|
|
15
|
-
if (!this.keyPairStorage) {
|
|
16
|
-
throw new Error("KeyPairStorage is required. Use withKeyPairStorage() to set it.");
|
|
17
|
-
}
|
|
18
|
-
const subtleCrypto = this.subtleCrypto ?? globalThis.crypto.subtle;
|
|
19
|
-
const keyPair = await this.#initializeKeyPair(subtleCrypto, this.keyPairStorage);
|
|
20
|
-
const did = await parseDid(keyPair, subtleCrypto);
|
|
21
|
-
return new RenownCrypto(this.keyPairStorage, subtleCrypto, keyPair, did);
|
|
22
|
-
}
|
|
23
|
-
async #initializeKeyPair(subtleCrypto, keyPairStorage) {
|
|
24
|
-
const loadedKeyPair = await keyPairStorage.loadKeyPair();
|
|
25
|
-
if (loadedKeyPair) {
|
|
26
|
-
return importKeyPair(loadedKeyPair, subtleCrypto);
|
|
27
|
-
}
|
|
28
|
-
const keyPair = await generateKeyPair(subtleCrypto);
|
|
29
|
-
const exported = await exportKeyPair(keyPair, subtleCrypto);
|
|
30
|
-
await keyPairStorage.saveKeyPair(exported);
|
|
31
|
-
return keyPair;
|
|
32
|
-
}
|
|
33
|
-
}
|
|
34
|
-
//# sourceMappingURL=renown-crypto-builder.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"renown-crypto-builder.js","sourceRoot":"","sources":["../../../src/crypto/renown-crypto-builder.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAElD,OAAO,EACL,aAAa,EACb,eAAe,EACf,aAAa,EACb,QAAQ,GACT,MAAM,YAAY,CAAC;AAEpB,MAAM,OAAO,mBAAmB;IACtB,cAAc,CAAyB;IACvC,YAAY,CAAgB;IAEpC,kBAAkB,CAAC,OAA8B;QAC/C,IAAI,CAAC,cAAc,GAAG,OAAO,CAAC;QAC9B,OAAO,IAAI,CAAC;IACd,CAAC;IAED,gBAAgB,CAAC,MAAoB;QACnC,IAAI,CAAC,YAAY,GAAG,MAAM,CAAC;QAC3B,OAAO,IAAI,CAAC;IACd,CAAC;IAED,KAAK,CAAC,KAAK;QACT,IAAI,CAAC,IAAI,CAAC,cAAc,EAAE,CAAC;YACzB,MAAM,IAAI,KAAK,CACb,iEAAiE,CAClE,CAAC;QACJ,CAAC;QAED,MAAM,YAAY,GAAG,IAAI,CAAC,YAAY,IAAI,UAAU,CAAC,MAAM,CAAC,MAAM,CAAC;QACnE,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAC3C,YAAY,EACZ,IAAI,CAAC,cAAc,CACpB,CAAC;QACF,MAAM,GAAG,GAAG,MAAM,QAAQ,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;QAElD,OAAO,IAAI,YAAY,CAAC,IAAI,CAAC,cAAc,EAAE,YAAY,EAAE,OAAO,EAAE,GAAG,CAAC,CAAC;IAC3E,CAAC;IAED,KAAK,CAAC,kBAAkB,CACtB,YAA0B,EAC1B,cAAqC;QAErC,MAAM,aAAa,GAAG,MAAM,cAAc,CAAC,WAAW,EAAE,CAAC;QACzD,IAAI,aAAa,EAAE,CAAC;YAClB,OAAO,aAAa,CAAC,aAAa,EAAE,YAAY,CAAC,CAAC;QACpD,CAAC;QAED,MAAM,OAAO,GAAG,MAAM,eAAe,CAAC,YAAY,CAAC,CAAC;QACpD,MAAM,QAAQ,GAAG,MAAM,aAAa,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;QAC5D,MAAM,cAAc,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC;QAC3C,OAAO,OAAO,CAAC;IACjB,CAAC;CACF"}
|
|
@@ -1,26 +0,0 @@
|
|
|
1
|
-
import type { Issuer } from "did-jwt-vc";
|
|
2
|
-
import type { CreateBearerTokenOptions } from "../types.js";
|
|
3
|
-
import type { DID, IRenownCrypto, JsonWebKeyPairStorage } from "./types.js";
|
|
4
|
-
export declare class RenownCrypto implements IRenownCrypto {
|
|
5
|
-
#private;
|
|
6
|
-
readonly did: DID;
|
|
7
|
-
static algorithm: EcKeyAlgorithm;
|
|
8
|
-
static signAlgorithm: {
|
|
9
|
-
name: string;
|
|
10
|
-
namedCurve: string;
|
|
11
|
-
hash: string;
|
|
12
|
-
};
|
|
13
|
-
constructor(keyPairStorage: JsonWebKeyPairStorage, crypto: SubtleCrypto, keyPair: CryptoKeyPair, did: DID);
|
|
14
|
-
get publicKey(): CryptoKey;
|
|
15
|
-
getBearerToken(address: string | undefined, options?: CreateBearerTokenOptions): Promise<string>;
|
|
16
|
-
removeDid(): Promise<void>;
|
|
17
|
-
sign(data: Uint8Array | string): Promise<Uint8Array>;
|
|
18
|
-
verify(data: Uint8Array, signature: Uint8Array): Promise<boolean>;
|
|
19
|
-
get issuer(): Issuer;
|
|
20
|
-
}
|
|
21
|
-
/**
|
|
22
|
-
* @deprecated Use RenownCrypto instead
|
|
23
|
-
*/
|
|
24
|
-
export declare class ConnectCrypto extends RenownCrypto {
|
|
25
|
-
}
|
|
26
|
-
//# sourceMappingURL=renown-crypto.d.ts.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"renown-crypto.d.ts","sourceRoot":"","sources":["../../../src/crypto/renown-crypto.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,YAAY,CAAC;AAEzC,OAAO,KAAK,EAAE,wBAAwB,EAAE,MAAM,aAAa,CAAC;AAE5D,OAAO,KAAK,EAAE,GAAG,EAAE,aAAa,EAAE,qBAAqB,EAAE,MAAM,YAAY,CAAC;AAM5E,qBAAa,YAAa,YAAW,aAAa;;IAKhD,QAAQ,CAAC,GAAG,EAAE,GAAG,CAAC;IAElB,MAAM,CAAC,SAAS,iBAAmB;IACnC,MAAM,CAAC,aAAa;;;;MAAwB;gBAG1C,cAAc,EAAE,qBAAqB,EACrC,MAAM,EAAE,YAAY,EACpB,OAAO,EAAE,aAAa,EACtB,GAAG,EAAE,GAAG;IAQV,IAAI,SAAS,cAEZ;IAEK,cAAc,CAClB,OAAO,EAAE,MAAM,GAAG,SAAS,EAC3B,OAAO,CAAC,EAAE,wBAAwB,GACjC,OAAO,CAAC,MAAM,CAAC;IAUZ,SAAS,IAAI,OAAO,CAAC,IAAI,CAAC;IAQ1B,IAAI,CAAC,IAAI,EAAE,UAAU,GAAG,MAAM,GAAG,OAAO,CAAC,UAAU,CAAC;IAapD,MAAM,CAAC,IAAI,EAAE,UAAU,EAAE,SAAS,EAAE,UAAU,GAAG,OAAO,CAAC,OAAO,CAAC;IASvE,IAAI,MAAM,IAAI,MAAM,CAWnB;CACF;AAED;;GAEG;AACH,qBAAa,aAAc,SAAQ,YAAY;CAAG"}
|
|
@@ -1,56 +0,0 @@
|
|
|
1
|
-
import { bytesToBase64url } from "did-jwt";
|
|
2
|
-
import { fromString } from "uint8arrays";
|
|
3
|
-
import { createAuthBearerToken } from "../utils.js";
|
|
4
|
-
import { ECDSA_ALGORITHM, ECDSA_SIGN_ALGORITHM } from "./utils.js";
|
|
5
|
-
const RENOWN_NETWORK_ID = "eip155";
|
|
6
|
-
const RENOWN_CHAIN_ID = 1;
|
|
7
|
-
export class RenownCrypto {
|
|
8
|
-
#subtleCrypto;
|
|
9
|
-
#keyPair;
|
|
10
|
-
#keyPairStorage;
|
|
11
|
-
did;
|
|
12
|
-
static algorithm = ECDSA_ALGORITHM;
|
|
13
|
-
static signAlgorithm = ECDSA_SIGN_ALGORITHM;
|
|
14
|
-
constructor(keyPairStorage, crypto, keyPair, did) {
|
|
15
|
-
this.#keyPairStorage = keyPairStorage;
|
|
16
|
-
this.#subtleCrypto = crypto;
|
|
17
|
-
this.#keyPair = keyPair;
|
|
18
|
-
this.did = did;
|
|
19
|
-
}
|
|
20
|
-
get publicKey() {
|
|
21
|
-
return this.#keyPair.publicKey;
|
|
22
|
-
}
|
|
23
|
-
async getBearerToken(address, options) {
|
|
24
|
-
return await createAuthBearerToken(Number(RENOWN_CHAIN_ID), RENOWN_NETWORK_ID, address || this.did, this.issuer, options);
|
|
25
|
-
}
|
|
26
|
-
async removeDid() {
|
|
27
|
-
await this.#keyPairStorage.removeKeyPair();
|
|
28
|
-
}
|
|
29
|
-
#stringToBytes(s) {
|
|
30
|
-
return fromString(s, "utf-8");
|
|
31
|
-
}
|
|
32
|
-
async sign(data) {
|
|
33
|
-
const dataBytes = typeof data === "string" ? this.#stringToBytes(data) : data;
|
|
34
|
-
const arrayBuffer = await this.#subtleCrypto.sign(RenownCrypto.signAlgorithm, this.#keyPair.privateKey, dataBytes.buffer);
|
|
35
|
-
return new Uint8Array(arrayBuffer);
|
|
36
|
-
}
|
|
37
|
-
async verify(data, signature) {
|
|
38
|
-
return this.#subtleCrypto.verify({ name: "ECDSA", hash: "SHA-256" }, this.#keyPair.publicKey, signature.buffer, data.buffer);
|
|
39
|
-
}
|
|
40
|
-
get issuer() {
|
|
41
|
-
return {
|
|
42
|
-
did: this.did,
|
|
43
|
-
signer: async (data) => {
|
|
44
|
-
const signature = await this.sign(typeof data === "string" ? new TextEncoder().encode(data) : data);
|
|
45
|
-
return bytesToBase64url(signature);
|
|
46
|
-
},
|
|
47
|
-
alg: "ES256",
|
|
48
|
-
};
|
|
49
|
-
}
|
|
50
|
-
}
|
|
51
|
-
/**
|
|
52
|
-
* @deprecated Use RenownCrypto instead
|
|
53
|
-
*/
|
|
54
|
-
export class ConnectCrypto extends RenownCrypto {
|
|
55
|
-
}
|
|
56
|
-
//# sourceMappingURL=renown-crypto.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"renown-crypto.js","sourceRoot":"","sources":["../../../src/crypto/renown-crypto.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,gBAAgB,EAAE,MAAM,SAAS,CAAC;AAE3C,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAEzC,OAAO,EAAE,qBAAqB,EAAE,MAAM,aAAa,CAAC;AAEpD,OAAO,EAAE,eAAe,EAAE,oBAAoB,EAAE,MAAM,YAAY,CAAC;AAEnE,MAAM,iBAAiB,GAAG,QAAQ,CAAC;AACnC,MAAM,eAAe,GAAG,CAAC,CAAC;AAE1B,MAAM,OAAO,YAAY;IACvB,aAAa,CAAe;IAC5B,QAAQ,CAAgB;IACxB,eAAe,CAAwB;IAE9B,GAAG,CAAM;IAElB,MAAM,CAAC,SAAS,GAAG,eAAe,CAAC;IACnC,MAAM,CAAC,aAAa,GAAG,oBAAoB,CAAC;IAE5C,YACE,cAAqC,EACrC,MAAoB,EACpB,OAAsB,EACtB,GAAQ;QAER,IAAI,CAAC,eAAe,GAAG,cAAc,CAAC;QACtC,IAAI,CAAC,aAAa,GAAG,MAAM,CAAC;QAC5B,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC;QACxB,IAAI,CAAC,GAAG,GAAG,GAAG,CAAC;IACjB,CAAC;IAED,IAAI,SAAS;QACX,OAAO,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC;IACjC,CAAC;IAED,KAAK,CAAC,cAAc,CAClB,OAA2B,EAC3B,OAAkC;QAElC,OAAO,MAAM,qBAAqB,CAChC,MAAM,CAAC,eAAe,CAAC,EACvB,iBAAiB,EACjB,OAAO,IAAI,IAAI,CAAC,GAAG,EACnB,IAAI,CAAC,MAAM,EACX,OAAO,CACR,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,SAAS;QACb,MAAM,IAAI,CAAC,eAAe,CAAC,aAAa,EAAE,CAAC;IAC7C,CAAC;IAED,cAAc,CAAC,CAAS;QACtB,OAAO,UAAU,CAAC,CAAC,EAAE,OAAO,CAAC,CAAC;IAChC,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,IAAyB;QAClC,MAAM,SAAS,GACb,OAAO,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;QAE9D,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,IAAI,CAC/C,YAAY,CAAC,aAAa,EAC1B,IAAI,CAAC,QAAQ,CAAC,UAAU,EACxB,SAAS,CAAC,MAAqB,CAChC,CAAC;QAEF,OAAO,IAAI,UAAU,CAAC,WAAW,CAAC,CAAC;IACrC,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,IAAgB,EAAE,SAAqB;QAClD,OAAO,IAAI,CAAC,aAAa,CAAC,MAAM,CAC9B,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,EAClC,IAAI,CAAC,QAAQ,CAAC,SAAS,EACvB,SAAS,CAAC,MAAqB,EAC/B,IAAI,CAAC,MAAqB,CAC3B,CAAC;IACJ,CAAC;IAED,IAAI,MAAM;QACR,OAAO;YACL,GAAG,EAAE,IAAI,CAAC,GAAG;YACb,MAAM,EAAE,KAAK,EAAE,IAAyB,EAAE,EAAE;gBAC1C,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,IAAI,CAC/B,OAAO,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CACjE,CAAC;gBACF,OAAO,gBAAgB,CAAC,SAAS,CAAC,CAAC;YACrC,CAAC;YACD,GAAG,EAAE,OAAO;SACb,CAAC;IACJ,CAAC;;AAGH;;GAEG;AACH,MAAM,OAAO,aAAc,SAAQ,YAAY;CAAG"}
|
|
@@ -1,74 +0,0 @@
|
|
|
1
|
-
import type { Action, AppActionSigner, ISigner, Signature, SignatureVerificationHandler, UserActionSigner } from "document-model";
|
|
2
|
-
import type { IRenownCrypto } from "./index.js";
|
|
3
|
-
export declare class InvalidSignatureError extends Error {
|
|
4
|
-
constructor();
|
|
5
|
-
}
|
|
6
|
-
export declare class RenownCryptoSigner implements ISigner {
|
|
7
|
-
private readonly crypto;
|
|
8
|
-
private readonly appName;
|
|
9
|
-
user?: UserActionSigner | undefined;
|
|
10
|
-
readonly app: AppActionSigner;
|
|
11
|
-
constructor(crypto: IRenownCrypto, appName: string, user?: UserActionSigner | undefined);
|
|
12
|
-
get publicKey(): CryptoKey;
|
|
13
|
-
sign(data: Uint8Array): Promise<Uint8Array>;
|
|
14
|
-
verify(data: Uint8Array, signature: Uint8Array): Promise<void>;
|
|
15
|
-
signAction(action: Action, abortSignal?: AbortSignal): Promise<Signature>;
|
|
16
|
-
/**
|
|
17
|
-
* Signs an action including a predicted resulting state hash.
|
|
18
|
-
*
|
|
19
|
-
* The resulting hash is packed into the signature tuple's 4th element (index 3)
|
|
20
|
-
* using the format: `${prevStateHash}:${resultingStateHash}`
|
|
21
|
-
*
|
|
22
|
-
* This allows offline verification of documents without reducer logic:
|
|
23
|
-
* - Verifier can check that the signature is valid for the claimed resulting state
|
|
24
|
-
* - Verifier can compare claimed resulting state to actual operation.hash
|
|
25
|
-
*
|
|
26
|
-
* @param action - The action to sign
|
|
27
|
-
* @param resultingStateHash - The predicted hash of document state AFTER this action runs
|
|
28
|
-
* @param abortSignal - Optional abort signal
|
|
29
|
-
* @returns A Signature tuple with the resulting hash encoded in element [3]
|
|
30
|
-
*/
|
|
31
|
-
signActionWithResultingState(action: Action, resultingStateHash: string, abortSignal?: AbortSignal): Promise<Signature>;
|
|
32
|
-
/**
|
|
33
|
-
* Internal signing implementation shared by signAction and signActionWithResultingState.
|
|
34
|
-
*/
|
|
35
|
-
private _signAction;
|
|
36
|
-
private hashAction;
|
|
37
|
-
private buildSignatureMessage;
|
|
38
|
-
private arrayBufferToHex;
|
|
39
|
-
private arrayBufferToBase64;
|
|
40
|
-
}
|
|
41
|
-
/**
|
|
42
|
-
* Creates a signature verification handler that verifies signatures using the Web Crypto API.
|
|
43
|
-
* The verification uses ECDSA with P-256 curve and SHA-256 hash, matching the RenownCrypto signing algorithm.
|
|
44
|
-
*/
|
|
45
|
-
export declare function createSignatureVerifier(requireSignature?: boolean): SignatureVerificationHandler;
|
|
46
|
-
/**
|
|
47
|
-
* Parses the hash field (element [3]) from a signature tuple.
|
|
48
|
-
*
|
|
49
|
-
* Supports two formats:
|
|
50
|
-
* - Old format: just `prevStateHash` (no colon)
|
|
51
|
-
* - New format: `prevStateHash:resultingStateHash` (colon-separated)
|
|
52
|
-
*
|
|
53
|
-
* @param hashField - The 4th element of a Signature tuple
|
|
54
|
-
* @returns Object with prevStateHash and optional resultingStateHash
|
|
55
|
-
*/
|
|
56
|
-
export declare function parseSignatureHashField(hashField: string): {
|
|
57
|
-
prevStateHash: string;
|
|
58
|
-
resultingStateHash: string | undefined;
|
|
59
|
-
};
|
|
60
|
-
/**
|
|
61
|
-
* Extracts the resulting state hash from a signature, if present.
|
|
62
|
-
*
|
|
63
|
-
* @param signature - A Signature tuple
|
|
64
|
-
* @returns The resulting state hash, or undefined if not present
|
|
65
|
-
*/
|
|
66
|
-
export declare function extractResultingHashFromSignature(signature: Signature): string | undefined;
|
|
67
|
-
/**
|
|
68
|
-
* Checks if a signature includes a resulting state hash.
|
|
69
|
-
*
|
|
70
|
-
* @param signature - A Signature tuple
|
|
71
|
-
* @returns true if the signature includes a resulting state hash
|
|
72
|
-
*/
|
|
73
|
-
export declare function signatureHasResultingHash(signature: Signature): boolean;
|
|
74
|
-
//# sourceMappingURL=signer.d.ts.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"signer.d.ts","sourceRoot":"","sources":["../../../src/crypto/signer.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,MAAM,EACN,eAAe,EACf,OAAO,EAEP,SAAS,EACT,4BAA4B,EAC5B,gBAAgB,EACjB,MAAM,gBAAgB,CAAC;AACxB,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAEhD,qBAAa,qBAAsB,SAAQ,KAAK;;CAI/C;AAED,qBAAa,kBAAmB,YAAW,OAAO;IAI9C,OAAO,CAAC,QAAQ,CAAC,MAAM;IACvB,OAAO,CAAC,QAAQ,CAAC,OAAO;IACjB,IAAI,CAAC,EAAE,gBAAgB;IALhC,QAAQ,CAAC,GAAG,EAAE,eAAe,CAAC;gBAGX,MAAM,EAAE,aAAa,EACrB,OAAO,EAAE,MAAM,EACzB,IAAI,CAAC,EAAE,gBAAgB,YAAA;IAQhC,IAAI,SAAS,cAEZ;IAEK,IAAI,CAAC,IAAI,EAAE,UAAU,GAAG,OAAO,CAAC,UAAU,CAAC;IAI3C,MAAM,CAAC,IAAI,EAAE,UAAU,EAAE,SAAS,EAAE,UAAU,GAAG,OAAO,CAAC,IAAI,CAAC;IAO9D,UAAU,CACd,MAAM,EAAE,MAAM,EACd,WAAW,CAAC,EAAE,WAAW,GACxB,OAAO,CAAC,SAAS,CAAC;IAKrB;;;;;;;;;;;;;;OAcG;IACG,4BAA4B,CAChC,MAAM,EAAE,MAAM,EACd,kBAAkB,EAAE,MAAM,EAC1B,WAAW,CAAC,EAAE,WAAW,GACxB,OAAO,CAAC,SAAS,CAAC;IAMrB;;OAEG;YACW,WAAW;YAiCX,UAAU;IAYxB,OAAO,CAAC,qBAAqB;IAS7B,OAAO,CAAC,gBAAgB;IAQxB,OAAO,CAAC,mBAAmB;CAQ5B;AAED;;;GAGG;AACH,wBAAgB,uBAAuB,CACrC,gBAAgB,UAAQ,GACvB,4BAA4B,CAuC9B;AA+JD;;;;;;;;;GASG;AACH,wBAAgB,uBAAuB,CAAC,SAAS,EAAE,MAAM,GAAG;IAC1D,aAAa,EAAE,MAAM,CAAC;IACtB,kBAAkB,EAAE,MAAM,GAAG,SAAS,CAAC;CACxC,CAcA;AAED;;;;;GAKG;AACH,wBAAgB,iCAAiC,CAC/C,SAAS,EAAE,SAAS,GACnB,MAAM,GAAG,SAAS,CAIpB;AAED;;;;;GAKG;AACH,wBAAgB,yBAAyB,CAAC,SAAS,EAAE,SAAS,GAAG,OAAO,CAEvE"}
|
|
@@ -1,306 +0,0 @@
|
|
|
1
|
-
export class InvalidSignatureError extends Error {
|
|
2
|
-
constructor() {
|
|
3
|
-
super("Invalid signature");
|
|
4
|
-
}
|
|
5
|
-
}
|
|
6
|
-
export class RenownCryptoSigner {
|
|
7
|
-
crypto;
|
|
8
|
-
appName;
|
|
9
|
-
user;
|
|
10
|
-
app;
|
|
11
|
-
constructor(crypto, appName, user) {
|
|
12
|
-
this.crypto = crypto;
|
|
13
|
-
this.appName = appName;
|
|
14
|
-
this.user = user;
|
|
15
|
-
this.app = {
|
|
16
|
-
key: this.crypto.did,
|
|
17
|
-
name: this.appName,
|
|
18
|
-
};
|
|
19
|
-
}
|
|
20
|
-
get publicKey() {
|
|
21
|
-
return this.crypto.publicKey;
|
|
22
|
-
}
|
|
23
|
-
async sign(data) {
|
|
24
|
-
return this.crypto.sign(data);
|
|
25
|
-
}
|
|
26
|
-
async verify(data, signature) {
|
|
27
|
-
const isValid = await this.crypto.verify(data, signature);
|
|
28
|
-
if (!isValid) {
|
|
29
|
-
throw new InvalidSignatureError();
|
|
30
|
-
}
|
|
31
|
-
}
|
|
32
|
-
async signAction(action, abortSignal) {
|
|
33
|
-
const hashField = action.context?.prevOpHash ?? "";
|
|
34
|
-
return this._signAction(action, hashField, abortSignal);
|
|
35
|
-
}
|
|
36
|
-
/**
|
|
37
|
-
* Signs an action including a predicted resulting state hash.
|
|
38
|
-
*
|
|
39
|
-
* The resulting hash is packed into the signature tuple's 4th element (index 3)
|
|
40
|
-
* using the format: `${prevStateHash}:${resultingStateHash}`
|
|
41
|
-
*
|
|
42
|
-
* This allows offline verification of documents without reducer logic:
|
|
43
|
-
* - Verifier can check that the signature is valid for the claimed resulting state
|
|
44
|
-
* - Verifier can compare claimed resulting state to actual operation.hash
|
|
45
|
-
*
|
|
46
|
-
* @param action - The action to sign
|
|
47
|
-
* @param resultingStateHash - The predicted hash of document state AFTER this action runs
|
|
48
|
-
* @param abortSignal - Optional abort signal
|
|
49
|
-
* @returns A Signature tuple with the resulting hash encoded in element [3]
|
|
50
|
-
*/
|
|
51
|
-
async signActionWithResultingState(action, resultingStateHash, abortSignal) {
|
|
52
|
-
const prevStateHash = action.context?.prevOpHash ?? "";
|
|
53
|
-
const hashField = `${prevStateHash}:${resultingStateHash}`;
|
|
54
|
-
return this._signAction(action, hashField, abortSignal);
|
|
55
|
-
}
|
|
56
|
-
/**
|
|
57
|
-
* Internal signing implementation shared by signAction and signActionWithResultingState.
|
|
58
|
-
*/
|
|
59
|
-
async _signAction(action, hashField, abortSignal) {
|
|
60
|
-
if (abortSignal?.aborted) {
|
|
61
|
-
throw new Error("Signing aborted");
|
|
62
|
-
}
|
|
63
|
-
const timestamp = (new Date().getTime() / 1000).toFixed(0);
|
|
64
|
-
const hash = await this.hashAction(action);
|
|
65
|
-
if (abortSignal?.aborted) {
|
|
66
|
-
throw new Error("Signing aborted");
|
|
67
|
-
}
|
|
68
|
-
const params = [
|
|
69
|
-
timestamp,
|
|
70
|
-
this.crypto.did,
|
|
71
|
-
hash,
|
|
72
|
-
hashField,
|
|
73
|
-
];
|
|
74
|
-
const message = this.buildSignatureMessage(params);
|
|
75
|
-
const signatureBytes = await this.crypto.sign(message);
|
|
76
|
-
const signatureHex = `0x${this.arrayBufferToHex(signatureBytes)}`;
|
|
77
|
-
if (abortSignal?.aborted) {
|
|
78
|
-
throw new Error("Signing aborted");
|
|
79
|
-
}
|
|
80
|
-
return [...params, signatureHex];
|
|
81
|
-
}
|
|
82
|
-
async hashAction(action) {
|
|
83
|
-
const payload = [
|
|
84
|
-
action.scope,
|
|
85
|
-
action.type,
|
|
86
|
-
JSON.stringify(action.input),
|
|
87
|
-
].join("");
|
|
88
|
-
const encoder = new TextEncoder();
|
|
89
|
-
const data = encoder.encode(payload);
|
|
90
|
-
const hashBuffer = await crypto.subtle.digest("SHA-256", data);
|
|
91
|
-
return this.arrayBufferToBase64(hashBuffer);
|
|
92
|
-
}
|
|
93
|
-
buildSignatureMessage(params) {
|
|
94
|
-
const message = params.join("");
|
|
95
|
-
const prefix = "\x19Signed Operation:\n" + message.length.toString();
|
|
96
|
-
const encoder = new TextEncoder();
|
|
97
|
-
return encoder.encode(prefix + message);
|
|
98
|
-
}
|
|
99
|
-
arrayBufferToHex(buffer) {
|
|
100
|
-
const bytes = buffer instanceof Uint8Array ? buffer : new Uint8Array(buffer);
|
|
101
|
-
return Array.from(bytes)
|
|
102
|
-
.map((byte) => byte.toString(16).padStart(2, "0"))
|
|
103
|
-
.join("");
|
|
104
|
-
}
|
|
105
|
-
arrayBufferToBase64(buffer) {
|
|
106
|
-
const bytes = new Uint8Array(buffer);
|
|
107
|
-
let binary = "";
|
|
108
|
-
for (let i = 0; i < bytes.length; i++) {
|
|
109
|
-
binary += String.fromCharCode(bytes[i]);
|
|
110
|
-
}
|
|
111
|
-
return btoa(binary);
|
|
112
|
-
}
|
|
113
|
-
}
|
|
114
|
-
/**
|
|
115
|
-
* Creates a signature verification handler that verifies signatures using the Web Crypto API.
|
|
116
|
-
* The verification uses ECDSA with P-256 curve and SHA-256 hash, matching the RenownCrypto signing algorithm.
|
|
117
|
-
*/
|
|
118
|
-
export function createSignatureVerifier(requireSignature = false) {
|
|
119
|
-
return async (operation, publicKey) => {
|
|
120
|
-
const signer = operation.action.context?.signer;
|
|
121
|
-
if (!signer || !publicKey) {
|
|
122
|
-
return !requireSignature;
|
|
123
|
-
}
|
|
124
|
-
const signatures = signer.signatures;
|
|
125
|
-
if (signatures.length === 0) {
|
|
126
|
-
return false;
|
|
127
|
-
}
|
|
128
|
-
const signature = signatures[signatures.length - 1];
|
|
129
|
-
const [timestamp, signerKey, hash, prevStateHash, signatureHex] = signature;
|
|
130
|
-
if (signerKey !== publicKey) {
|
|
131
|
-
return false;
|
|
132
|
-
}
|
|
133
|
-
const params = [
|
|
134
|
-
timestamp,
|
|
135
|
-
signerKey,
|
|
136
|
-
hash,
|
|
137
|
-
prevStateHash,
|
|
138
|
-
];
|
|
139
|
-
const message = buildSignatureMessage(params);
|
|
140
|
-
const signatureBytes = hexToUint8Array(signatureHex);
|
|
141
|
-
const cryptoKey = await importPublicKey(publicKey);
|
|
142
|
-
const isValid = await crypto.subtle.verify({ name: "ECDSA", hash: "SHA-256" }, cryptoKey, signatureBytes.buffer, message.buffer);
|
|
143
|
-
return isValid;
|
|
144
|
-
};
|
|
145
|
-
}
|
|
146
|
-
function buildSignatureMessage(params) {
|
|
147
|
-
const message = params.join("");
|
|
148
|
-
const prefix = "\x19Signed Operation:\n" + message.length.toString();
|
|
149
|
-
const encoder = new TextEncoder();
|
|
150
|
-
return encoder.encode(prefix + message);
|
|
151
|
-
}
|
|
152
|
-
function hexToUint8Array(hex) {
|
|
153
|
-
const cleanHex = hex.startsWith("0x") ? hex.slice(2) : hex;
|
|
154
|
-
const bytes = new Uint8Array(cleanHex.length / 2);
|
|
155
|
-
for (let i = 0; i < cleanHex.length; i += 2) {
|
|
156
|
-
bytes[i / 2] = parseInt(cleanHex.substring(i, i + 2), 16);
|
|
157
|
-
}
|
|
158
|
-
return bytes;
|
|
159
|
-
}
|
|
160
|
-
async function importPublicKey(did) {
|
|
161
|
-
const keyData = extractKeyFromDid(did);
|
|
162
|
-
return crypto.subtle.importKey("raw", keyData.buffer, { name: "ECDSA", namedCurve: "P-256" }, true, ["verify"]);
|
|
163
|
-
}
|
|
164
|
-
function extractKeyFromDid(did) {
|
|
165
|
-
const parts = did.split(":");
|
|
166
|
-
if (parts.length < 3 || parts[0] !== "did" || parts[1] !== "key") {
|
|
167
|
-
throw new Error(`Invalid DID format: ${did}`);
|
|
168
|
-
}
|
|
169
|
-
const multibaseKey = parts[2];
|
|
170
|
-
if (!multibaseKey.startsWith("z")) {
|
|
171
|
-
throw new Error(`Unsupported multibase encoding: ${multibaseKey[0]}`);
|
|
172
|
-
}
|
|
173
|
-
const decoded = base58Decode(multibaseKey.slice(1));
|
|
174
|
-
if (decoded[0] !== 0x80 || decoded[1] !== 0x24) {
|
|
175
|
-
throw new Error("Not a P-256 public key multicodec");
|
|
176
|
-
}
|
|
177
|
-
const compressedKey = decoded.slice(2);
|
|
178
|
-
return decompressP256PublicKey(compressedKey);
|
|
179
|
-
}
|
|
180
|
-
function base58Decode(input) {
|
|
181
|
-
const ALPHABET = "123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz";
|
|
182
|
-
const ALPHABET_MAP = new Map();
|
|
183
|
-
for (let i = 0; i < ALPHABET.length; i++) {
|
|
184
|
-
ALPHABET_MAP.set(ALPHABET[i], i);
|
|
185
|
-
}
|
|
186
|
-
if (input.length === 0) {
|
|
187
|
-
return new Uint8Array(0);
|
|
188
|
-
}
|
|
189
|
-
const bytes = [0];
|
|
190
|
-
for (const char of input) {
|
|
191
|
-
const value = ALPHABET_MAP.get(char);
|
|
192
|
-
if (value === undefined) {
|
|
193
|
-
throw new Error(`Invalid base58 character: ${char}`);
|
|
194
|
-
}
|
|
195
|
-
let carry = value;
|
|
196
|
-
for (let j = 0; j < bytes.length; j++) {
|
|
197
|
-
carry += bytes[j] * 58;
|
|
198
|
-
bytes[j] = carry & 0xff;
|
|
199
|
-
carry >>= 8;
|
|
200
|
-
}
|
|
201
|
-
while (carry > 0) {
|
|
202
|
-
bytes.push(carry & 0xff);
|
|
203
|
-
carry >>= 8;
|
|
204
|
-
}
|
|
205
|
-
}
|
|
206
|
-
for (const char of input) {
|
|
207
|
-
if (char !== "1")
|
|
208
|
-
break;
|
|
209
|
-
bytes.push(0);
|
|
210
|
-
}
|
|
211
|
-
return new Uint8Array(bytes.reverse());
|
|
212
|
-
}
|
|
213
|
-
function decompressP256PublicKey(compressed) {
|
|
214
|
-
if (compressed.length !== 33) {
|
|
215
|
-
throw new Error(`Invalid compressed key length: ${compressed.length}`);
|
|
216
|
-
}
|
|
217
|
-
const prefix = compressed[0];
|
|
218
|
-
if (prefix !== 0x02 && prefix !== 0x03) {
|
|
219
|
-
throw new Error(`Invalid compression prefix: ${prefix}`);
|
|
220
|
-
}
|
|
221
|
-
const p = BigInt("0xffffffff00000001000000000000000000000000ffffffffffffffffffffffff");
|
|
222
|
-
const a = BigInt("0xffffffff00000001000000000000000000000000fffffffffffffffffffffffc");
|
|
223
|
-
const b = BigInt("0x5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b");
|
|
224
|
-
let x = BigInt(0);
|
|
225
|
-
for (let i = 1; i < compressed.length; i++) {
|
|
226
|
-
x = (x << BigInt(8)) | BigInt(compressed[i]);
|
|
227
|
-
}
|
|
228
|
-
const ySquared = (modPow(x, BigInt(3), p) + a * x + b) % p;
|
|
229
|
-
let y = modPow(ySquared, (p + BigInt(1)) / BigInt(4), p);
|
|
230
|
-
const isYEven = y % BigInt(2) === BigInt(0);
|
|
231
|
-
const shouldBeEven = prefix === 0x02;
|
|
232
|
-
if (isYEven !== shouldBeEven) {
|
|
233
|
-
y = p - y;
|
|
234
|
-
}
|
|
235
|
-
const uncompressed = new Uint8Array(65);
|
|
236
|
-
uncompressed[0] = 0x04;
|
|
237
|
-
const xBytes = bigIntToBytes(x, 32);
|
|
238
|
-
const yBytes = bigIntToBytes(y, 32);
|
|
239
|
-
uncompressed.set(xBytes, 1);
|
|
240
|
-
uncompressed.set(yBytes, 33);
|
|
241
|
-
return uncompressed;
|
|
242
|
-
}
|
|
243
|
-
function modPow(base, exp, mod) {
|
|
244
|
-
let result = BigInt(1);
|
|
245
|
-
base = base % mod;
|
|
246
|
-
while (exp > BigInt(0)) {
|
|
247
|
-
if (exp % BigInt(2) === BigInt(1)) {
|
|
248
|
-
result = (result * base) % mod;
|
|
249
|
-
}
|
|
250
|
-
exp = exp >> BigInt(1);
|
|
251
|
-
base = (base * base) % mod;
|
|
252
|
-
}
|
|
253
|
-
return result;
|
|
254
|
-
}
|
|
255
|
-
function bigIntToBytes(n, length) {
|
|
256
|
-
const bytes = new Uint8Array(length);
|
|
257
|
-
for (let i = length - 1; i >= 0; i--) {
|
|
258
|
-
bytes[i] = Number(n & BigInt(0xff));
|
|
259
|
-
n = n >> BigInt(8);
|
|
260
|
-
}
|
|
261
|
-
return bytes;
|
|
262
|
-
}
|
|
263
|
-
/**
|
|
264
|
-
* Parses the hash field (element [3]) from a signature tuple.
|
|
265
|
-
*
|
|
266
|
-
* Supports two formats:
|
|
267
|
-
* - Old format: just `prevStateHash` (no colon)
|
|
268
|
-
* - New format: `prevStateHash:resultingStateHash` (colon-separated)
|
|
269
|
-
*
|
|
270
|
-
* @param hashField - The 4th element of a Signature tuple
|
|
271
|
-
* @returns Object with prevStateHash and optional resultingStateHash
|
|
272
|
-
*/
|
|
273
|
-
export function parseSignatureHashField(hashField) {
|
|
274
|
-
const colonIndex = hashField.indexOf(":");
|
|
275
|
-
if (colonIndex === -1) {
|
|
276
|
-
return {
|
|
277
|
-
prevStateHash: hashField,
|
|
278
|
-
resultingStateHash: undefined,
|
|
279
|
-
};
|
|
280
|
-
}
|
|
281
|
-
return {
|
|
282
|
-
prevStateHash: hashField.substring(0, colonIndex),
|
|
283
|
-
resultingStateHash: hashField.substring(colonIndex + 1),
|
|
284
|
-
};
|
|
285
|
-
}
|
|
286
|
-
/**
|
|
287
|
-
* Extracts the resulting state hash from a signature, if present.
|
|
288
|
-
*
|
|
289
|
-
* @param signature - A Signature tuple
|
|
290
|
-
* @returns The resulting state hash, or undefined if not present
|
|
291
|
-
*/
|
|
292
|
-
export function extractResultingHashFromSignature(signature) {
|
|
293
|
-
const hashField = signature[3];
|
|
294
|
-
const { resultingStateHash } = parseSignatureHashField(hashField);
|
|
295
|
-
return resultingStateHash;
|
|
296
|
-
}
|
|
297
|
-
/**
|
|
298
|
-
* Checks if a signature includes a resulting state hash.
|
|
299
|
-
*
|
|
300
|
-
* @param signature - A Signature tuple
|
|
301
|
-
* @returns true if the signature includes a resulting state hash
|
|
302
|
-
*/
|
|
303
|
-
export function signatureHasResultingHash(signature) {
|
|
304
|
-
return extractResultingHashFromSignature(signature) !== undefined;
|
|
305
|
-
}
|
|
306
|
-
//# sourceMappingURL=signer.js.map
|