@sentico-labs/sdk 0.1.0-preview.1 → 0.1.0-preview.2

package/CHANGELOG.md

@@ -1,8 +1,15 @@
-# Changelog
-
-## 0.1.0-preview.1
-
-- Converts the SDK into a publishable preview package.
+# Changelog
+
+## 0.1.0-preview.2
+
+- Adds local secp256k1 action signing helpers (`signAction`, `signActionHash`) for direct Trading HTTP and Order Entry submission.
+- Adds deterministic order-id helpers for place orders and quote-replace child legs.
+- Replaces placeholder example signatures with submit-ready locally signed actions.
+- Rejects submit-ready JSON payloads that would lose integer precision in JavaScript.
+
+## 0.1.0-preview.1
+
+- Converts the SDK into a publishable preview package.
 - Adds `SenticoreClient` with explicit `public`, `trading`, `orderEntry`, `raw`, and `ws` planes.
 - Adds typed `ApiResponse`, rate-limit metadata, request-id propagation, timeouts, and retries.
 - Adds typed API errors for auth, validation, conflict, rate-limit, payload-too-large, and server failures.

package/README.md

@@ -4,12 +4,12 @@ Official TypeScript SDK preview for Senticore HTTP, WebSocket, and
 Institutional Order Entry.
 
 Package name: `@sentico-labs/sdk`
-Preview version: `0.1.0-preview.1`
+Preview version: `0.1.0-preview.2`
 
 ## Install
 
 ```bash
-npm install @sentico-labs/sdk@0.1.0-preview.1
+npm install @sentico-labs/sdk@0.1.0-preview.2
 ```
 
 For local development from the repository:
@@ -59,48 +59,71 @@ const book = await client.public.getMarketOrderbook(1, { book: "YES", depth: 20
 const trades = await client.public.listMarketTrades(1, { limit: 50 });
 ```
 
-## Trading HTTP
-
-```ts
-const account = "0x00000000000000000000000000000000000000d3";
-const nonce = await client.trading.reserveNonce(account, {
-  count: 1,
-  ttlMs: 30_000,
-  idempotencyKey: "nonce-1"
-});
-
-const signedAction = {
-  payload: {
-    account,
-    nonce: nonce.data.startNonce,
-    nonceReservationId: nonce.data.reservationId,
-    ts: Date.now(),
-    action: {
-      PlaceOrder: {
-        market: 1,
-        book: "YES",
-        side: "Bid",
-        price: 500000,
-        qty: 100000,
-        is_market: false,
-        reduce_only: false,
-        time_in_force: null,
-        expires_at: null,
-        stp_mode: null
-      }
-    }
-  },
-  signature: {
-    scheme: "EcdsaSecp256k1",
-    bytes: new Uint8Array(65)
-  }
-};
-
-const accepted = await client.trading.submitSignedAction(signedAction, {
-  idempotencyKey: "client-order-1"
-});
-console.log(accepted.data);
-```
+## Trading HTTP
+
+```ts
+import {
+  actionSigningHashHex,
+  deriveOrderIdHex,
+  signAction,
+  type LocalActionPayload
+} from "@sentico-labs/sdk";
+
+const account = "0x00000000000000000000000000000000000000d3" as const;
+const privateKey = process.env.SENTICORE_PRIVATE_KEY!;
+
+const payload: LocalActionPayload = {
+  account,
+  nonce: 4810,
+  ts: Date.now(),
+  action: {
+    kind: "SpotPlaceOrder",
+    market: 7,
+    side: "Bid",
+    price: 998400,
+    qty: 1000,
+    timeInForce: "post_only"
+  }
+};
+
+const signedAction = signAction(payload, privateKey);
+
+const accepted = await client.trading.submitSignedAction(signedAction, {
+  idempotencyKey: "client-order-1"
+});
+
+console.log({
+  signingHash: actionSigningHashHex(payload),
+  derivedOrderId: deriveOrderIdHex(payload),
+  accepted: accepted.data
+});
+```
+
+If you use nonce reservations, include the returned token in the payload before
+signing:
+
+```ts
+const reserved = await client.trading.reserveNonce(account, {
+  count: 1,
+  ttlMs: 30_000,
+  idempotencyKey: "nonce-1"
+});
+
+const reservedPayload: LocalActionPayload = {
+  account,
+  nonce: Number((reserved.data as { startNonce: number }).startNonce),
+  nonceReservationId: (reserved.data as { reservationId: string }).reservationId,
+  ts: Date.now(),
+  action: {
+    kind: "SpotPlaceOrder",
+    market: 7,
+    side: "Bid",
+    price: 998400,
+    qty: 1000,
+    timeInForce: "post_only"
+  }
+};
+```
 
 ## Institutional Order Entry
 
@@ -185,6 +208,6 @@ try {
 
 ## Preview Compatibility
 
-`0.1.0-preview.1` is not a v1 stability promise. The stable preview shape is the
+`0.1.0-preview.2` is not a v1 stability promise. The stable preview shape is the
 top-level namespace split: `public`, `trading`, `orderEntry`, `raw`, and `ws`.
 `mm` remains as a deprecated compatibility alias.

package/dist/examples/market-maker-batch.js

@@ -1,5 +1,12 @@
-import { SenticoreClient } from "../src/index.js";
-const account = process.env.SENTICORE_ACCOUNT;
+import { SenticoreClient, signAction } from "../src/index.js";
+function requireEnv(name) {
+    const value = process.env[name];
+    if (!value)
+        throw new Error(`${name} is required`);
+    return value;
+}
+const account = requireEnv("SENTICORE_ACCOUNT");
+const privateKey = requireEnv("SENTICORE_PRIVATE_KEY");
 const client = new SenticoreClient({
     publicHttpBaseUrl: process.env.SENTICORE_PUBLIC_HTTP_URL ?? "https://api.sentico-labs.xyz",
     tradingHttpBaseUrl: process.env.SENTICORE_TRADING_HTTP_URL ?? "https://api.sentico-labs.xyz",
@@ -8,28 +15,21 @@ const client = new SenticoreClient({
         "wss://api.sentico-labs.xyz/api/v1/ws/private/{account}",
     orderEntryHttpBaseUrl: process.env.SENTICORE_ORDER_ENTRY_HTTP_URL ?? "https://api.sentico-labs.xyz",
     orderEntryBinaryPath: process.env.SENTICORE_ORDER_ENTRY_BINARY_PATH ?? "/api/order-entry/binary",
-    orderEntryApiKey: process.env.SENTICORE_ORDER_ENTRY_API_KEY ?? process.env.SENTICORE_MM_API_KEY
+    orderEntryApiKey: process.env.SENTICORE_ORDER_ENTRY_API_KEY ?? process.env.SENTICORE_MM_API_KEY,
 });
-const action = {
-    payload: {
-        account,
-        nonce: Number(process.env.SENTICORE_NONCE ?? "0"),
-        nonceReservationId: null,
-        ts: Date.now(),
-        action: {
-            Cancel: {
-                order_id: process.env.SENTICORE_ORDER_ID ??
-                    "0x0101010101010101010101010101010101010101010101010101010101010101"
-            }
-        }
+const payload = {
+    account,
+    nonce: Number(requireEnv("SENTICORE_NONCE")),
+    ts: Date.now(),
+    action: {
+        kind: "Cancel",
+        orderId: process.env.SENTICORE_ORDER_ID ??
+            "0x0101010101010101010101010101010101010101010101010101010101010101",
     },
-    signature: {
-        scheme: "EcdsaSecp256k1",
-        bytes: new Uint8Array(65)
-    }
 };
+const action = signAction(payload, privateKey);
 const response = await client.orderEntry.submitActions([action], {
-    idempotencyKey: `order-entry-${Date.now()}`,
-    responseMode: "summary"
+    idempotencyKey: `order-entry-${account}-${payload.nonce}`,
+    responseMode: "summary",
 });
 console.log(response.data);

package/dist/examples/submit-order.js

@@ -1,45 +1,40 @@
-import { SenticoreClient } from "../src/index.js";
-const account = process.env.SENTICORE_ACCOUNT;
+import { SenticoreClient, actionSigningHashHex, deriveOrderIdHex, signAction, } from "../src/index.js";
+function requireEnv(name) {
+    const value = process.env[name];
+    if (!value)
+        throw new Error(`${name} is required`);
+    return value;
+}
+const account = requireEnv("SENTICORE_ACCOUNT");
+const privateKey = requireEnv("SENTICORE_PRIVATE_KEY");
+const nonce = Number(requireEnv("SENTICORE_NONCE"));
 const client = new SenticoreClient({
     publicHttpBaseUrl: process.env.SENTICORE_PUBLIC_HTTP_URL ?? "https://api.sentico-labs.xyz",
     tradingHttpBaseUrl: process.env.SENTICORE_TRADING_HTTP_URL ?? "https://api.sentico-labs.xyz",
     publicWsUrl: process.env.SENTICORE_PUBLIC_WS_URL ?? "wss://api.sentico-labs.xyz/api/v1/ws/public",
     privateWsUrl: process.env.SENTICORE_PRIVATE_WS_URL ??
         "wss://api.sentico-labs.xyz/api/v1/ws/private/{account}",
-    bearerToken: process.env.SENTICORE_BEARER_TOKEN
+    bearerToken: process.env.SENTICORE_BEARER_TOKEN,
 });
-const nonce = await client.trading.reserveNonce(account, {
-    count: 1,
-    ttlMs: 30_000,
-    idempotencyKey: `nonce-${Date.now()}`
-});
-const signedAction = {
-    payload: {
-        account,
-        nonce: Number(nonce.data.startNonce),
-        nonceReservationId: nonce.data.reservationId,
-        ts: Date.now(),
-        action: {
-            PlaceOrder: {
-                market: 1,
-                book: "YES",
-                side: "Bid",
-                price: 500000,
-                qty: 100000,
-                is_market: false,
-                reduce_only: false,
-                time_in_force: null,
-                expires_at: null,
-                stp_mode: null
-            }
-        }
+const payload = {
+    account,
+    nonce,
+    ts: Date.now(),
+    action: {
+        kind: "SpotPlaceOrder",
+        market: Number(process.env.SENTICORE_MARKET_ID ?? "7"),
+        side: "Bid",
+        price: Number(process.env.SENTICORE_PRICE_MICROS ?? "998400"),
+        qty: Number(process.env.SENTICORE_QTY_ATOMS ?? "1000"),
+        timeInForce: "post_only",
     },
-    signature: {
-        scheme: "EcdsaSecp256k1",
-        bytes: new Uint8Array(65)
-    }
 };
+const signedAction = signAction(payload, privateKey);
 const response = await client.trading.submitSignedAction(signedAction, {
-    idempotencyKey: `order-${Date.now()}`
+    idempotencyKey: `order-${account}-${nonce}`,
+});
+console.log({
+    signingHash: actionSigningHashHex(payload),
+    derivedOrderId: deriveOrderIdHex(payload),
+    response: response.data,
 });
-console.log(response.data);

package/dist/src/config.js

@@ -2,7 +2,7 @@ const DEFAULT_TIMEOUT_MS = 10_000;
 const DEFAULT_MAX_RETRIES = 2;
 const DEFAULT_RETRY_BACKOFF_MS = 250;
 const DEFAULT_ORDER_ENTRY_BINARY_PATH = "/api/order-entry/binary";
-const DEFAULT_USER_AGENT = "@sentico-labs/sdk/0.1.0-preview.1";
+const DEFAULT_USER_AGENT = "@sentico-labs/sdk/0.1.0-preview.2";
 export function normalizeConfig(config) {
     const fetchImpl = config.fetch ?? globalThis.fetch?.bind(globalThis);
     if (!fetchImpl) {

package/dist/src/signing.d.ts

@@ -25,8 +25,27 @@
  * Golden vectors pinning compatibility with the backend live in
  * `tests/signing.test.ts` and in `senticore-types::tests::signing_hash_golden_vectors`.
  */
+import type { SignedAction } from "./types.js";
 export declare const ACTION_PAYLOAD_DOMAIN_V1 = "SENTICORE/ACTION_PAYLOAD/v1";
+export declare const ORDER_ID_DOMAIN_V1 = "SENTICORE/ORDER_ID/v1";
 export type UintLike = number | bigint;
+export type HexString = `0x${string}`;
+export type PrivateKeyLike = Uint8Array | HexString | string;
+export type SignatureLike = Uint8Array | number[] | HexString | string;
+export type ActionSigningMode = "raw" | "personal";
+export interface SignActionOptions {
+    /**
+     * `raw` signs the 32-byte BLAKE3 action hash directly.
+     * `personal` signs keccak256("\x19Ethereum Signed Message:\n32" || hash).
+     * The backend accepts both forms.
+     */
+    mode?: ActionSigningMode;
+    /**
+     * Recovery byte format. The backend accepts both 0/1 and 27/28.
+     * 0/1 is the default to avoid Ethereum-specific post-processing.
+     */
+    recoveryId?: "recovery" | "ethereum";
+}
 export type LocalSide = "Bid" | "Ask";
 export type LocalBook = "YES" | "NO";
 export type LocalTimeInForce = "gtc" | "ioc" | "fok" | "post_only";
@@ -90,12 +109,24 @@ export interface LocalActionPayload {
     ts: UintLike;
     action: LocalAction;
 }
-/**
- * Canonical declaration-order JSON for an action payload — the EXACT bytes
- * the backend hashes and persists.
- */
 export declare function canonicalActionPayloadJson(payload: LocalActionPayload): string;
+/** Wire payload object suitable for submitSignedAction/order-entry JSON. */
+export declare function actionPayloadToWirePayload(payload: LocalActionPayload): Record<string, unknown>;
 /** blake3(domain || canonical_bytes) as raw bytes. */
 export declare function actionSigningHash(payload: LocalActionPayload): Uint8Array;
 /** blake3 signing hash as 0x-prefixed lowercase hex. */
-export declare function actionSigningHashHex(payload: LocalActionPayload): `0x${string}`;
+export declare function actionSigningHashHex(payload: LocalActionPayload): HexString;
+/** Deterministic order id for SpotPlaceOrder/OutcomePlaceOrder payloads. */
+export declare function deriveOrderIdHex(payload: LocalActionPayload): HexString | null;
+/** Deterministic child order id for QuoteReplace/SpotQuoteReplace place legs. */
+export declare function deriveQuoteReplaceOrderIdHex(payload: LocalActionPayload, legIndex: number): HexString | null;
+/** EIP-191 personal_sign digest for a 32-byte action hash. */
+export declare function personalSignDigestHash(hash32: Uint8Array): Uint8Array;
+/** Sign a 32-byte action hash and return 65 bytes (r || s || v). */
+export declare function signActionHash(hash32: Uint8Array, privateKey: PrivateKeyLike, options?: SignActionOptions): Uint8Array;
+/** Hex helper for logging, fixtures, or wallet interop. */
+export declare function signatureToHex(signature: SignatureLike): HexString;
+/** Build a SignedAction from a local payload and externally produced signature. */
+export declare function signedActionFromLocalPayload(payload: LocalActionPayload, signature: SignatureLike): SignedAction;
+/** Compute, sign, and wrap a local action payload for direct submission. */
+export declare function signAction(payload: LocalActionPayload, privateKey: PrivateKeyLike, options?: SignActionOptions): SignedAction;

package/dist/src/signing.js

@@ -25,8 +25,12 @@
  * Golden vectors pinning compatibility with the backend live in
  * `tests/signing.test.ts` and in `senticore-types::tests::signing_hash_golden_vectors`.
  */
+import { secp256k1 } from "@noble/curves/secp256k1";
 import { blake3 } from "@noble/hashes/blake3";
+import { keccak_256 } from "@noble/hashes/sha3";
+import { bytesToHex, hexToBytes } from "@noble/hashes/utils";
 export const ACTION_PAYLOAD_DOMAIN_V1 = "SENTICORE/ACTION_PAYLOAD/v1";
+export const ORDER_ID_DOMAIN_V1 = "SENTICORE/ORDER_ID/v1";
 // -----------------------------
 // Canonical JSON writer
 // -----------------------------
@@ -123,6 +127,158 @@ function writeAction(action) {
  * Canonical declaration-order JSON for an action payload — the EXACT bytes
  * the backend hashes and persists.
  */
+function encodeWithDomain(domain, canonicalJson) {
+    const canonical = new TextEncoder().encode(canonicalJson);
+    const domainBytes = new TextEncoder().encode(domain);
+    const joined = new Uint8Array(domainBytes.length + canonical.length);
+    joined.set(domainBytes, 0);
+    joined.set(canonical, domainBytes.length);
+    return blake3(joined);
+}
+function bytesTo0xHex(bytes) {
+    return `0x${bytesToHex(bytes)}`;
+}
+function fixedHexToBytes(value, bytes, field) {
+    const raw = value.startsWith("0x") || value.startsWith("0X") ? value.slice(2) : value;
+    if (!/^[0-9a-fA-F]+$/.test(raw) || raw.length !== bytes * 2) {
+        throw new Error(`${field} must be ${bytes} bytes of hex`);
+    }
+    return hexToBytes(raw);
+}
+function normalizePrivateKey(privateKey) {
+    const bytes = typeof privateKey === "string"
+        ? fixedHexToBytes(privateKey, 32, "privateKey")
+        : privateKey;
+    if (bytes.length !== 32) {
+        throw new Error(`privateKey must be 32 bytes, got ${bytes.length}`);
+    }
+    return bytes;
+}
+function normalizeSignatureBytes(signature) {
+    const bytes = typeof signature === "string"
+        ? fixedHexToBytes(signature, 65, "signature")
+        : signature instanceof Uint8Array
+            ? signature
+            : Uint8Array.from(signature);
+    if (bytes.length !== 65) {
+        throw new Error(`signature must be 65 bytes, got ${bytes.length}`);
+    }
+    return [...bytes];
+}
+function isPlaceOrderPayload(payload) {
+    return (payload.action.kind === "SpotPlaceOrder" ||
+        payload.action.kind === "OutcomePlaceOrder");
+}
+function isZeroUint(value, field) {
+    return writeUint(value, field) === "0";
+}
+function quoteReplaceChildPayload(payload, legIndex) {
+    if (!Number.isSafeInteger(legIndex) || legIndex < 0) {
+        throw new Error("legIndex must be a non-negative safe integer");
+    }
+    if (payload.action.kind === "SpotQuoteReplace") {
+        const leg = payload.action.legs[legIndex];
+        if (!leg || isZeroUint(leg.qty, "qty"))
+            return null;
+        return {
+            account: payload.account,
+            nonce: payload.nonce,
+            nonceReservationId: `spot_quote_replace:${legIndex}`,
+            ts: payload.ts,
+            action: {
+                kind: "SpotPlaceOrder",
+                market: payload.action.market,
+                side: leg.side,
+                price: leg.price,
+                qty: leg.qty,
+                stpMode: leg.stpMode,
+                timeInForce: leg.timeInForce,
+                isMarket: leg.isMarket,
+                reduceOnly: leg.reduceOnly,
+                expiresAt: leg.expiresAt,
+            },
+        };
+    }
+    if (payload.action.kind === "QuoteReplace") {
+        const leg = payload.action.legs[legIndex];
+        if (!leg || isZeroUint(leg.qty, "qty"))
+            return null;
+        return {
+            account: payload.account,
+            nonce: payload.nonce,
+            nonceReservationId: `quote_replace:${legIndex}`,
+            ts: payload.ts,
+            action: {
+                kind: "OutcomePlaceOrder",
+                market: payload.action.market,
+                book: leg.book,
+                side: leg.side,
+                price: leg.price,
+                qty: leg.qty,
+                stpMode: leg.stpMode,
+                timeInForce: leg.timeInForce,
+                isMarket: leg.isMarket,
+                reduceOnly: leg.reduceOnly,
+                expiresAt: leg.expiresAt,
+            },
+        };
+    }
+    return null;
+}
+function assertJsonSafeUint(value, field) {
+    if (value === null || value === undefined)
+        return;
+    const decimal = writeUint(value, field);
+    if (BigInt(decimal) > BigInt(Number.MAX_SAFE_INTEGER)) {
+        throw new Error(`${field} exceeds Number.MAX_SAFE_INTEGER; JSON SignedAction submission would lose precision`);
+    }
+}
+function assertJsonSafeFlags(flags) {
+    assertJsonSafeUint(flags.expiresAt, "expiresAt");
+}
+function assertJsonSafePayload(payload) {
+    assertJsonSafeUint(payload.nonce, "nonce");
+    assertJsonSafeUint(payload.ts, "ts");
+    switch (payload.action.kind) {
+        case "SpotPlaceOrder":
+            assertJsonSafeUint(payload.action.market, "market");
+            assertJsonSafeUint(payload.action.price, "price");
+            assertJsonSafeUint(payload.action.qty, "qty");
+            assertJsonSafeFlags(payload.action);
+            return;
+        case "OutcomePlaceOrder":
+            assertJsonSafeUint(payload.action.market, "market");
+            assertJsonSafeUint(payload.action.price, "price");
+            assertJsonSafeUint(payload.action.qty, "qty");
+            assertJsonSafeFlags(payload.action);
+            return;
+        case "Cancel":
+            return;
+        case "AmendOrder":
+            assertJsonSafeUint(payload.action.newQty, "newQty");
+            return;
+        case "SpotQuoteReplace":
+            assertJsonSafeUint(payload.action.market, "market");
+            for (const [index, leg] of payload.action.legs.entries()) {
+                assertJsonSafeUint(leg.price, `legs[${index}].price`);
+                assertJsonSafeUint(leg.qty, `legs[${index}].qty`);
+                assertJsonSafeFlags(leg);
+            }
+            return;
+        case "QuoteReplace":
+            assertJsonSafeUint(payload.action.market, "market");
+            for (const [index, leg] of payload.action.legs.entries()) {
+                assertJsonSafeUint(leg.price, `legs[${index}].price`);
+                assertJsonSafeUint(leg.qty, `legs[${index}].qty`);
+                assertJsonSafeFlags(leg);
+            }
+            return;
+        default: {
+            const exhaustive = payload.action;
+            throw new Error(`unsupported action ${exhaustive.kind}`);
+        }
+    }
+}
 export function canonicalActionPayloadJson(payload) {
     return (`{"account":${writeHexBytes(payload.account, 20, "account")},` +
         `"nonce":${writeUint(payload.nonce, "nonce")},` +
@@ -130,20 +286,74 @@ export function canonicalActionPayloadJson(payload) {
         `"ts":${writeUint(payload.ts, "ts")},` +
         `"action":${writeAction(payload.action)}}`);
 }
+/** Wire payload object suitable for submitSignedAction/order-entry JSON. */
+export function actionPayloadToWirePayload(payload) {
+    assertJsonSafePayload(payload);
+    return JSON.parse(canonicalActionPayloadJson(payload));
+}
 /** blake3(domain || canonical_bytes) as raw bytes. */
 export function actionSigningHash(payload) {
-    const canonical = new TextEncoder().encode(canonicalActionPayloadJson(payload));
-    const domain = new TextEncoder().encode(ACTION_PAYLOAD_DOMAIN_V1);
-    const joined = new Uint8Array(domain.length + canonical.length);
-    joined.set(domain, 0);
-    joined.set(canonical, domain.length);
-    return blake3(joined);
+    return encodeWithDomain(ACTION_PAYLOAD_DOMAIN_V1, canonicalActionPayloadJson(payload));
 }
 /** blake3 signing hash as 0x-prefixed lowercase hex. */
 export function actionSigningHashHex(payload) {
-    const hash = actionSigningHash(payload);
-    let hex = "";
-    for (const byte of hash)
-        hex += byte.toString(16).padStart(2, "0");
-    return `0x${hex}`;
+    return bytesTo0xHex(actionSigningHash(payload));
+}
+/** Deterministic order id for SpotPlaceOrder/OutcomePlaceOrder payloads. */
+export function deriveOrderIdHex(payload) {
+    if (!isPlaceOrderPayload(payload))
+        return null;
+    return bytesTo0xHex(encodeWithDomain(ORDER_ID_DOMAIN_V1, canonicalActionPayloadJson(payload)));
+}
+/** Deterministic child order id for QuoteReplace/SpotQuoteReplace place legs. */
+export function deriveQuoteReplaceOrderIdHex(payload, legIndex) {
+    const child = quoteReplaceChildPayload(payload, legIndex);
+    return child ? deriveOrderIdHex(child) : null;
+}
+/** EIP-191 personal_sign digest for a 32-byte action hash. */
+export function personalSignDigestHash(hash32) {
+    if (hash32.length !== 32) {
+        throw new Error(`hash32 must be 32 bytes, got ${hash32.length}`);
+    }
+    const prefix = new TextEncoder().encode("\x19Ethereum Signed Message:\n32");
+    const joined = new Uint8Array(prefix.length + hash32.length);
+    joined.set(prefix, 0);
+    joined.set(hash32, prefix.length);
+    return keccak_256(joined);
+}
+/** Sign a 32-byte action hash and return 65 bytes (r || s || v). */
+export function signActionHash(hash32, privateKey, options = {}) {
+    if (hash32.length !== 32) {
+        throw new Error(`hash32 must be 32 bytes, got ${hash32.length}`);
+    }
+    const digest = options.mode === "personal" ? personalSignDigestHash(hash32) : hash32;
+    const signature = secp256k1.sign(digest, normalizePrivateKey(privateKey));
+    const compact = signature.toCompactRawBytes();
+    const recovery = signature.recovery;
+    if (recovery !== 0 && recovery !== 1) {
+        throw new Error(`invalid recovery id ${recovery}`);
+    }
+    const out = new Uint8Array(65);
+    out.set(compact, 0);
+    out[64] = options.recoveryId === "ethereum" ? recovery + 27 : recovery;
+    return out;
+}
+/** Hex helper for logging, fixtures, or wallet interop. */
+export function signatureToHex(signature) {
+    return bytesTo0xHex(Uint8Array.from(normalizeSignatureBytes(signature)));
+}
+/** Build a SignedAction from a local payload and externally produced signature. */
+export function signedActionFromLocalPayload(payload, signature) {
+    return {
+        payload: actionPayloadToWirePayload(payload),
+        signature: {
+            scheme: "EcdsaSecp256k1",
+            bytes: normalizeSignatureBytes(signature),
+        },
+    };
+}
+/** Compute, sign, and wrap a local action payload for direct submission. */
+export function signAction(payload, privateKey, options = {}) {
+    const signature = signActionHash(actionSigningHash(payload), privateKey, options);
+    return signedActionFromLocalPayload(payload, signature);
 }

package/package.json

@@ -1,6 +1,6 @@
 {
-  "name": "@sentico-labs/sdk",
-  "version": "0.1.0-preview.1",
+  "name": "@sentico-labs/sdk",
+  "version": "0.1.0-preview.2",
   "private": false,
   "description": "Institutional TypeScript SDK for Senticore HTTP, WebSocket, and Order Entry.",
   "type": "module",
@@ -32,6 +32,7 @@
     "typescript": "^5.6.3"
   },
   "dependencies": {
+    "@noble/curves": "^1.9.7",
     "@noble/hashes": "^1.8.0"
   }
 }