@rialo/ts-cdk 0.4.0-alpha.1 → 0.5.0-alpha.0

package/dist/index.mjs

@@ -10874,6 +10874,298 @@ var KeypairSigner = class {
   }
 };
 
+// src/generated/keyring.ts
+var Keyring = class {
+};
+
+// src/keyring/validation.ts
+var U32_MAX = 4294967295;
+function validateKeypairIndex(index) {
+  if (!Number.isInteger(index) || index < 0 || index > U32_MAX) {
+    throw new RialoError(
+      "INVALID_INPUT" /* INVALID_INPUT */,
+      `Invalid keypair index: ${index}. Must be a non-negative integer <= ${U32_MAX}.`
+    );
+  }
+}
+
+// src/keyring/keyring.ts
+var RialoKeyring = class extends Keyring {
+  keypairs;
+  derivationPaths;
+  activeIndex;
+  constructor(keypairs, derivationPaths) {
+    super();
+    this.keypairs = keypairs;
+    this.derivationPaths = derivationPaths;
+    this.activeIndex = 0;
+  }
+  /**
+   * Sets the active keypair index (facade operation, not in WIT contract).
+   *
+   * @param index - The keypair index to make active
+   * @throws {RialoError} If the index does not exist in this keyring
+   */
+  setActiveKeypair(index) {
+    validateKeypairIndex(index);
+    if (!this.keypairs.has(index)) {
+      throw new RialoError(
+        "WALLET" /* WALLET */,
+        `Keypair ${index} not found in keyring`
+      );
+    }
+    this.activeIndex = index;
+  }
+  activeKeypair() {
+    const kp = this.keypairs.get(this.activeIndex);
+    if (!kp) {
+      throw new RialoError("WALLET" /* WALLET */, "Active keypair does not exist");
+    }
+    return kp;
+  }
+  sign(message) {
+    return this.activeKeypair().sign(message).toBytes();
+  }
+  verify(message, sig) {
+    return this.activeKeypair().verify(message, Signature.fromBytes(sig));
+  }
+  pubkeyString() {
+    return this.activeKeypair().publicKey.toString();
+  }
+  pubkey() {
+    return this.activeKeypair().publicKey;
+  }
+  getKeypairInfo(index) {
+    validateKeypairIndex(index);
+    const kp = this.keypairs.get(index);
+    if (!kp) return void 0;
+    return {
+      index,
+      pubkey: kp.publicKey,
+      pubkeyString: kp.publicKey.toString(),
+      derivationPath: this.derivationPaths.get(index) ?? void 0
+    };
+  }
+  listKeypairs() {
+    return Array.from(this.keypairs.keys()).sort((a, b) => a - b);
+  }
+  getKeypairsInfo() {
+    return this.listKeypairs().map((index) => this.getKeypairInfo(index));
+  }
+  signWithKeypair(message, index) {
+    validateKeypairIndex(index);
+    const kp = this.keypairs.get(index);
+    if (!kp) {
+      throw new RialoError(
+        "WALLET" /* WALLET */,
+        `Keypair ${index} not found in keyring`
+      );
+    }
+    return kp.sign(message).toBytes();
+  }
+  /**
+   * Securely erases all secret key material from this keyring snapshot.
+   *
+   * Calls {@link Keypair.dispose} on every keypair, zeroing private key bytes.
+   * After disposal, signing and secret-key export will throw. Verification
+   * still works (uses only the public key). Does not affect provider-stored
+   * state or other snapshots.
+   */
+  dispose() {
+    for (const kp of this.keypairs.values()) {
+      kp.dispose();
+    }
+  }
+};
+
+// src/generated/keyring-provider.ts
+var KeyringProvider = class {
+};
+
+// src/keyring/keyring-provider.ts
+var InMemoryKeyringProvider = class extends KeyringProvider {
+  keyrings = /* @__PURE__ */ new Map();
+  getStored(name) {
+    const stored = this.keyrings.get(name);
+    if (!stored) {
+      throw new RialoError("WALLET" /* WALLET */, `Keyring not found: ${name}`);
+    }
+    return stored;
+  }
+  checkPassword(stored, password) {
+    if (stored.password !== password) {
+      throw new RialoError("PASSWORD" /* PASSWORD */, "Invalid password");
+    }
+  }
+  buildKeyring(stored) {
+    const keypairsCopy = /* @__PURE__ */ new Map();
+    for (const [idx, kp] of stored.keypairs) {
+      keypairsCopy.set(idx, Keypair.fromSecretKey(kp.secretKeyBytes()));
+    }
+    const pathsCopy = new Map(stored.derivationPaths);
+    return new RialoKeyring(keypairsCopy, pathsCopy);
+  }
+  toInfo(index, kp, derivationPath) {
+    return {
+      index,
+      pubkey: kp.publicKey,
+      pubkeyString: kp.publicKey.toString(),
+      derivationPath
+    };
+  }
+  nextIndex(stored) {
+    if (stored.keypairs.size === 0) return 0;
+    return Math.max(...stored.keypairs.keys()) + 1;
+  }
+  async create(name, password) {
+    if (this.keyrings.has(name)) {
+      throw new RialoError("WALLET" /* WALLET */, `Keyring already exists: ${name}`);
+    }
+    const kp = Keypair.generate();
+    const keypairs = /* @__PURE__ */ new Map([[0, kp]]);
+    const derivationPaths = /* @__PURE__ */ new Map([[0, void 0]]);
+    this.keyrings.set(name, { keypairs, derivationPaths, mnemonic: void 0, password });
+    return this.buildKeyring(this.getStored(name));
+  }
+  async createWithMnemonic(name, strengthBits, password) {
+    if (this.keyrings.has(name)) {
+      throw new RialoError("WALLET" /* WALLET */, `Keyring already exists: ${name}`);
+    }
+    if (strengthBits !== 128 && strengthBits !== 256) {
+      throw new RialoError(
+        "INVALID_INPUT" /* INVALID_INPUT */,
+        `Invalid mnemonic strength: ${strengthBits}. Must be 128 or 256.`
+      );
+    }
+    const mnemonic = Mnemonic.generate(strengthBits);
+    const kp = await mnemonic.toKeypair(0);
+    const path = `${BASE_DERIVATION_PATH}0'/0'`;
+    const keypairs = /* @__PURE__ */ new Map([[0, kp]]);
+    const derivationPaths = /* @__PURE__ */ new Map([[0, path]]);
+    this.keyrings.set(name, {
+      keypairs,
+      derivationPaths,
+      mnemonic: mnemonic.toString(),
+      password
+    });
+    return [this.buildKeyring(this.getStored(name)), mnemonic.toString()];
+  }
+  async recoverFromMnemonic(name, mnemonicPhrase, password) {
+    if (this.keyrings.has(name)) {
+      throw new RialoError("WALLET" /* WALLET */, `Keyring already exists: ${name}`);
+    }
+    if (!Mnemonic.isValid(mnemonicPhrase)) {
+      throw new RialoError("INVALID_INPUT" /* INVALID_INPUT */, "Invalid BIP39 mnemonic phrase");
+    }
+    const mnemonic = Mnemonic.fromPhrase(mnemonicPhrase);
+    const kp = await mnemonic.toKeypair(0);
+    const path = `${BASE_DERIVATION_PATH}0'/0'`;
+    const keypairs = /* @__PURE__ */ new Map([[0, kp]]);
+    const derivationPaths = /* @__PURE__ */ new Map([[0, path]]);
+    this.keyrings.set(name, {
+      keypairs,
+      derivationPaths,
+      mnemonic: mnemonicPhrase,
+      password
+    });
+    return this.buildKeyring(this.getStored(name));
+  }
+  async load(name, password) {
+    const stored = this.getStored(name);
+    this.checkPassword(stored, password);
+    return this.buildKeyring(stored);
+  }
+  async list() {
+    return Array.from(this.keyrings.keys()).sort();
+  }
+  async exists(name) {
+    return this.keyrings.has(name);
+  }
+  async getPublicKey(name) {
+    const stored = this.getStored(name);
+    const kp = stored.keypairs.get(0);
+    if (!kp) throw new RialoError("WALLET" /* WALLET */, `Keyring ${name} has no keypair at index 0`);
+    return kp.publicKey;
+  }
+  async listPublicKeys() {
+    const results = [];
+    for (const [name, stored] of this.keyrings) {
+      const kp = stored.keypairs.get(0);
+      if (kp) {
+        results.push([name, this.toInfo(0, kp, stored.derivationPaths.get(0))]);
+      }
+    }
+    results.sort((a, b) => a[0].localeCompare(b[0]));
+    return results;
+  }
+  async listKeypairs(keyringName) {
+    const stored = this.getStored(keyringName);
+    const indices = Array.from(stored.keypairs.keys()).sort((a, b) => a - b);
+    return indices.map((idx) => {
+      const kp = stored.keypairs.get(idx);
+      return this.toInfo(idx, kp, stored.derivationPaths.get(idx));
+    });
+  }
+  async deriveKeypair(keyringName, keypairIndex, password) {
+    validateKeypairIndex(keypairIndex);
+    const stored = this.getStored(keyringName);
+    this.checkPassword(stored, password);
+    if (stored.keypairs.has(keypairIndex)) {
+      throw new RialoError(
+        "WALLET" /* WALLET */,
+        `Keypair with index ${keypairIndex} already exists`
+      );
+    }
+    let kp;
+    let derivationPath;
+    if (stored.mnemonic) {
+      const mnemonic = Mnemonic.fromPhrase(stored.mnemonic);
+      kp = await mnemonic.toKeypair(keypairIndex);
+      derivationPath = `${BASE_DERIVATION_PATH}${keypairIndex}'/0'`;
+    } else {
+      kp = Keypair.generate();
+      derivationPath = void 0;
+    }
+    stored.keypairs.set(keypairIndex, kp);
+    stored.derivationPaths.set(keypairIndex, derivationPath);
+    return this.toInfo(keypairIndex, kp, derivationPath);
+  }
+  async importSecretKey(keyringName, secretKey, derivationPath, password) {
+    if (secretKey.length !== 32) {
+      throw new RialoError(
+        "INVALID_INPUT" /* INVALID_INPUT */,
+        `Invalid secret key length: expected 32 bytes, got ${secretKey.length}`
+      );
+    }
+    const stored = this.getStored(keyringName);
+    this.checkPassword(stored, password);
+    const kp = Keypair.fromSecretKey(secretKey);
+    const nextIdx = this.nextIndex(stored);
+    stored.keypairs.set(nextIdx, kp);
+    stored.derivationPaths.set(nextIdx, derivationPath);
+    return this.toInfo(nextIdx, kp, derivationPath);
+  }
+  async getKeypairsInfo(name) {
+    return this.listKeypairs(name);
+  }
+  async getKeypairInfo(name, keypairIndex) {
+    validateKeypairIndex(keypairIndex);
+    const stored = this.getStored(name);
+    const kp = stored.keypairs.get(keypairIndex);
+    if (!kp) {
+      throw new RialoError(
+        "WALLET" /* WALLET */,
+        `Keypair ${keypairIndex} not found in keyring ${name}`
+      );
+    }
+    return this.toInfo(keypairIndex, kp, stored.derivationPaths.get(keypairIndex));
+  }
+  async nextKeypairIndex(name) {
+    const stored = this.getStored(name);
+    return this.nextIndex(stored);
+  }
+};
+
 // src/program/constants.ts
 var RISCV_LOADER_PROGRAM_ID = "RiscVLoader11111111111111111111111111111111";
 var LOADER_V4_PROGRAM_ID = "LoaderV411111111111111111111111111111111111";
@@ -11247,6 +11539,6 @@ var ProgramDeployment = class {
   (*! scure-bip39 - MIT License (c) 2022 Patricio Palladino, Paul Miller (paulmillr.com) *)
 */
 
-export { AccountMetaTable, BASE_DERIVATION_PATH, BUFFER_BALANCE_FACTOR, BaseRpcClient, BincodeReader, BincodeWriter, CHACHA20_POLY1305_TAG_LENGTH, CryptoError, CryptoErrorCode, DEFAULT_CHUNK_SIZE, DEFAULT_CONFIRMATION_BATCH_SIZE, DEFAULT_MAX_RETRIES2 as DEFAULT_MAX_RETRIES, DEFAULT_NUM_ACCOUNTS, DEFAULT_RETRY_BASE_DELAY_MS, DEFAULT_RETRY_MAX_DELAY_MS, DeploymentError, DeploymentErrorCode, ED25519_PUBLIC_KEY_LENGTH, HPKE_ENC_LENGTH, HPKE_OVERHEAD_LENGTH, HpkeError, HpkeErrorCode, HttpTransport, KELVIN_PER_RLO, Keypair, KeypairSigner, LOADER_V4_PROGRAM_ID, Message, Mnemonic, PROGRAM_DATA_OFFSET, PUBLIC_KEY_LENGTH, ProgramDeployment, PublicKey, QueryRpcClient, RIALO_DEVNET_CHAIN, RIALO_LOCALNET_CHAIN, RIALO_MAINNET_CHAIN, RIALO_TESTNET_CHAIN, RISCV_LOADER_PROGRAM_ID, RexValue, RexValueVariant, RialoClient, RialoError, RialoErrorType, RiscVLoaderInstruction, RpcError, RpcErrorCode, SECRET_KEY_LENGTH, SECRET_SHARING_HPKE_INFO, SIGNATURE_LENGTH, SYSTEM_PROGRAM_ID, Schema, Signature, SystemInstruction, Transaction, TransactionBuilder, TransactionError, TransactionErrorCode, TransactionRpcClient, URL_DEVNET, URL_LOCALNET, URL_MAINNET, URL_TESTNET, USER_SECRET_AAD, X25519_PUBLIC_KEY_LENGTH, allocateInstruction, assignInstruction, calculateBackoff, concatBytes2 as concatBytes, createAccount, createBorshInstruction, createRialoClient, deployInstruction, deserialize, deserializeBorsh, deserializeCompactU162 as deserializeCompactU16, deserializeStrict, encodeBorshData, encryptForRex, field, fixedArray, fromBase64, getCiphertextLength, getDefaultRialoClientConfig, getDevnetUrl, getLocalnetUrl, getMainnetUrl, getTestnetUrl, hpkeEncrypt, isOnCurve, isValidCiphertextLength, option, retractInstruction, seedToBytes, serialize, serializeBorsh, serializeCompactU16, setProgramLengthInstruction, sleep, toBase64, transferInstruction, vec, writeCompactU16, writeInstruction };
+export { AccountMetaTable, BASE_DERIVATION_PATH, BUFFER_BALANCE_FACTOR, BaseRpcClient, BincodeReader, BincodeWriter, CHACHA20_POLY1305_TAG_LENGTH, CryptoError, CryptoErrorCode, DEFAULT_CHUNK_SIZE, DEFAULT_CONFIRMATION_BATCH_SIZE, DEFAULT_MAX_RETRIES2 as DEFAULT_MAX_RETRIES, DEFAULT_NUM_ACCOUNTS, DEFAULT_RETRY_BASE_DELAY_MS, DEFAULT_RETRY_MAX_DELAY_MS, DeploymentError, DeploymentErrorCode, ED25519_PUBLIC_KEY_LENGTH, HPKE_ENC_LENGTH, HPKE_OVERHEAD_LENGTH, HpkeError, HpkeErrorCode, HttpTransport, InMemoryKeyringProvider, KELVIN_PER_RLO, Keypair, KeypairSigner, Keyring, KeyringProvider, LOADER_V4_PROGRAM_ID, Message, Mnemonic, PROGRAM_DATA_OFFSET, PUBLIC_KEY_LENGTH, ProgramDeployment, PublicKey, QueryRpcClient, RIALO_DEVNET_CHAIN, RIALO_LOCALNET_CHAIN, RIALO_MAINNET_CHAIN, RIALO_TESTNET_CHAIN, RISCV_LOADER_PROGRAM_ID, RexValue, RexValueVariant, RialoClient, RialoError, RialoErrorType, RialoKeyring, RiscVLoaderInstruction, RpcError, RpcErrorCode, SECRET_KEY_LENGTH, SECRET_SHARING_HPKE_INFO, SIGNATURE_LENGTH, SYSTEM_PROGRAM_ID, Schema, Signature, SystemInstruction, Transaction, TransactionBuilder, TransactionError, TransactionErrorCode, TransactionRpcClient, URL_DEVNET, URL_LOCALNET, URL_MAINNET, URL_TESTNET, USER_SECRET_AAD, X25519_PUBLIC_KEY_LENGTH, allocateInstruction, assignInstruction, calculateBackoff, concatBytes2 as concatBytes, createAccount, createBorshInstruction, createRialoClient, deployInstruction, deserialize, deserializeBorsh, deserializeCompactU162 as deserializeCompactU16, deserializeStrict, encodeBorshData, encryptForRex, field, fixedArray, fromBase64, getCiphertextLength, getDefaultRialoClientConfig, getDevnetUrl, getLocalnetUrl, getMainnetUrl, getTestnetUrl, hpkeEncrypt, isOnCurve, isValidCiphertextLength, option, retractInstruction, seedToBytes, serialize, serializeBorsh, serializeCompactU16, setProgramLengthInstruction, sleep, toBase64, transferInstruction, vec, writeCompactU16, writeInstruction };
 //# sourceMappingURL=index.mjs.map
 //# sourceMappingURL=index.mjs.map