@silencelaboratories/walletprovider-sdk 1.3.0 → 1.4.0

package/dist/index.d.ts

@@ -1,21 +1,39 @@
-export type { SignResponse, KeygenResponse, OperationStatusResponse, RegisterPasskeyResponse } from './networkSigner';
-export type { ApiVersion, ClientConfig, IWalletProviderServiceClient } from './walletProviderServiceClientInterface';
-export type { IBrowserWallet, TypedData } from './EOAauthentication';
-export type { PasskeyUser, RelyingPartyConfig } from './passkeyAuthentication';
-export type { SignAlgorithm } from './ephemeralAuthentication';
-export { NetworkSigner } from './networkSigner';
-export { WalletProviderServiceClient } from './walletProviderServiceClient';
-export { EOAAuth, EphAuth, PasskeyAuth, PasskeyRegister } from './authentication';
-export { generateEphPrivateKey, getEphPublicKey, EphKeyClaim } from './ephemeralAuthentication';
+export type { SignRequestType } from './builder/signRequest';
+export type { ApiVersion, ClientConfig, IWalletProviderServiceClient, } from './client/walletProviderServiceClientInterface';
+export type { IBrowserWallet, TypedData } from './auth/EOAauthentication';
+export type { PasskeyUser, RelyingPartyConfig } from './auth/passkeyAuthentication';
+export type { UserAuthentication } from './auth/authentication';
+export type { KeygenResponse, KeyRefreshResponse, SignResponse, AddEphKeyResponse, RevokeEphKeyResponse, RegisterPasskeyResponse, } from './client/networkResponse';
+export type { MPCSignAlgorithm } from './client/networkSigner';
+export type { EphKeySignAlgorithm } from './auth/ephemeralAuthentication';
+export type { DSGOpts } from './viemSigner';
+export { SignRequestBuilder } from './builder/signRequest';
+export { UserSignatures } from './builder/userAuth';
+export { flattenSignature } from './client/ethUtil';
+export { NetworkSigner } from './client/networkSigner';
+export { WalletProviderServiceClient } from './client/walletProviderServiceClient';
+export { parseSigngenResult, parseKeygenResult, parseEphKeyOperationResult } from './client/networkResponse';
+export { HttpClient } from './client/httpClient';
+export { EOAAuth, EphAuth, PasskeyAuth, PasskeyRegister } from './auth/authentication';
+export { generateEphPrivateKey, getEphPublicKey, EphKeyClaim } from './auth/ephemeralAuthentication';
 export { computeAddress } from './viemSigner';
-import { NetworkSigner } from './networkSigner';
-import { WalletProviderServiceClient } from './walletProviderServiceClient';
-import { EOAAuth, EphAuth, PasskeyAuth, PasskeyRegister } from './authentication';
-import { generateEphPrivateKey, getEphPublicKey, EphKeyClaim } from './ephemeralAuthentication';
+export { KeygenSetupOpts } from './setupMessage';
+import { SignRequestBuilder } from './builder/signRequest';
+import { UserSignatures } from './builder/userAuth';
+import { NetworkSigner } from './client/networkSigner';
+import { WalletProviderServiceClient } from './client/walletProviderServiceClient';
+import { HttpClient } from './client/httpClient';
+import { EOAAuth, EphAuth, PasskeyAuth, PasskeyRegister } from './auth/authentication';
+import { generateEphPrivateKey, getEphPublicKey, EphKeyClaim } from './auth/ephemeralAuthentication';
 import { computeAddress } from './viemSigner';
+import { KeygenSetupOpts } from './setupMessage';
 declare const _default: {
+    KeygenSetupOpts: typeof KeygenSetupOpts;
+    UserSignatures: typeof UserSignatures;
     NetworkSigner: typeof NetworkSigner;
+    SignRequestBuilder: typeof SignRequestBuilder;
     WalletProviderServiceClient: typeof WalletProviderServiceClient;
+    HttpClient: typeof HttpClient;
     EOAAuth: typeof EOAAuth;
     EphAuth: typeof EphAuth;
     PasskeyAuth: typeof PasskeyAuth;
@@ -24,5 +42,9 @@ declare const _default: {
     getEphPublicKey: typeof getEphPublicKey;
     EphKeyClaim: typeof EphKeyClaim;
     computeAddress: typeof computeAddress;
+    flattenSignature: (signgenResponse: import(".").SignResponse) => `0x${string}`;
+    parseSigngenResult: (signResult: string, signAlg: string) => import(".").SignResponse[];
+    parseKeygenResult: (keygenResult: string, totalKey: number) => import(".").KeygenResponse[];
+    parseEphKeyOperationResult: (operationsResult: string) => import(".").AddEphKeyResponse[];
 };
 export default _default;

package/dist/index.esm.js

@@ -1,4 +1,4 @@
-var ft=Object.defineProperty,mt=Object.defineProperties;var yt=Object.getOwnPropertyDescriptors;var j=Object.getOwnPropertySymbols;var St=Object.prototype.hasOwnProperty,xt=Object.prototype.propertyIsEnumerable;var D=(n,t,e)=>t in n?ft(n,t,{enumerable:!0,configurable:!0,writable:!0,value:e}):n[t]=e,v=(n,t)=>{for(var e in t||(t={}))St.call(t,e)&&D(n,e,t[e]);if(j)for(var e of j(t))xt.call(t,e)&&D(n,e,t[e]);return n},V=(n,t)=>mt(n,yt(t));var p=(n,t,e)=>D(n,typeof t!="symbol"?t+"":t,e);var wt=1,X=2,L=3,Z=[{name:"tag",type:"uint16"},{name:"value",type:"string"}],m=class{constructor({t,n:e,key_label:i,permissions:r}){p(this,"t");p(this,"n");p(this,"key_label");p(this,"metadata");this.t=t,this.n=e,i&&(this.key_label=i),this.metadata=[],r&&this.metadata.push({tag:wt,value:r})}set ephClaim(t){this.metadata.push({tag:X,value:t.toJSON()})}get requestSchema(){return{Request:[{name:"setup",type:"KeygenSetupOpts"},{name:"challenge",type:"string"}],KeygenSetupOpts:[{name:"t",type:"uint32"},{name:"n",type:"uint32"},{name:"metadata",type:"TaggedValue[]"}],TaggedValue:Z}}},k=class{constructor({t,key_id:e,message:i}){p(this,"t");p(this,"key_id");p(this,"message");this.t=t,this.key_id=e,this.message=i}},d=class{constructor(){p(this,"metadata");this.metadata=[]}set ephClaim(t){this.metadata.push({tag:X,value:t.toJSON()})}set keyId(t){this.metadata.push({tag:L,value:t})}extractMetadataByTag(t){let e=this.metadata.find(i=>i.tag===t);if(e)return e.value;throw new Error("Tag ".concat(t," not found in metadata"))}get requestSchema(){return{Request:[{name:"setup",type:"MetadataSetupOpts"},{name:"challenge",type:"string"}],MetadataSetupOpts:[{name:"metadata",type:"TaggedValue[]"}],TaggedValue:Z}}};var bt={name:"SilentShard authentication",version:"0.1.0"},At=[{name:"name",type:"string"},{name:"version",type:"string"}];function Pt(n,t,e){let i;return n instanceof m?i=new m({t:n.t,n:n.n,key_label:n.key_label,permissions:void 0}):(i=new d,i.keyId=n.extractMetadataByTag(L)),i.ephClaim=e,{types:v({EIP712Domain:At},n.requestSchema),domain:bt,primaryType:"Request",message:{setup:i,challenge:t}}}async function tt({setup:n,eoa:t,challenge:e,browserWallet:i,ephClaim:r}){let o=Pt(n,e,r),s=await i.signTypedData(t,o);return{credentials:{credentials:r.toJSON(),method:"eoa",id:t},signature:s}}import{Base64 as It}from"js-base64";function Ct(n){return n instanceof Uint8Array||ArrayBuffer.isView(n)&&n.constructor.name==="Uint8Array"}function J(n,...t){if(!Ct(n))throw new Error("Uint8Array expected");if(t.length>0&&!t.includes(n.length))throw new Error("Uint8Array expected of length "+t+", got length="+n.length)}function $(n,t=!0){if(n.destroyed)throw new Error("Hash instance has been destroyed");if(t&&n.finished)throw new Error("Hash#digest() has already been called")}function et(n,t){J(n);let e=t.outputLen;if(n.length<e)throw new Error("digestInto() expects output buffer of length at least "+e)}var T=n=>new DataView(n.buffer,n.byteOffset,n.byteLength),f=(n,t)=>n<<32-t|n>>>t;function Ot(n){if(typeof n!="string")throw new Error("utf8ToBytes expected string, got "+typeof n);return new Uint8Array(new TextEncoder().encode(n))}function _(n){return typeof n=="string"&&(n=Ot(n)),J(n),n}var R=class{clone(){return this._cloneInto()}};function nt(n){let t=i=>n().update(_(i)).digest(),e=n();return t.outputLen=e.outputLen,t.blockLen=e.blockLen,t.create=()=>n(),t}function kt(n,t,e,i){if(typeof n.setBigUint64=="function")return n.setBigUint64(t,e,i);let r=BigInt(32),o=BigInt(4294967295),s=Number(e>>r&o),a=Number(e&o),c=i?4:0,u=i?0:4;n.setUint32(t+c,s,i),n.setUint32(t+u,a,i)}var it=(n,t,e)=>n&t^~n&e,st=(n,t,e)=>n&t^n&e^t&e,B=class extends R{constructor(t,e,i,r){super(),this.blockLen=t,this.outputLen=e,this.padOffset=i,this.isLE=r,this.finished=!1,this.length=0,this.pos=0,this.destroyed=!1,this.buffer=new Uint8Array(t),this.view=T(this.buffer)}update(t){$(this);let{view:e,buffer:i,blockLen:r}=this;t=_(t);let o=t.length;for(let s=0;s<o;){let a=Math.min(r-this.pos,o-s);if(a===r){let c=T(t);for(;r<=o-s;s+=r)this.process(c,s);continue}i.set(t.subarray(s,s+a),this.pos),this.pos+=a,s+=a,this.pos===r&&(this.process(e,0),this.pos=0)}return this.length+=t.length,this.roundClean(),this}digestInto(t){$(this),et(t,this),this.finished=!0;let{buffer:e,view:i,blockLen:r,isLE:o}=this,{pos:s}=this;e[s++]=128,this.buffer.subarray(s).fill(0),this.padOffset>r-s&&(this.process(i,0),s=0);for(let l=s;l<r;l++)e[l]=0;kt(i,r-8,BigInt(this.length*8),o),this.process(i,0);let a=T(t),c=this.outputLen;if(c%4)throw new Error("_sha2: outputLen should be aligned to 32bit");let u=c/4,g=this.get();if(u>g.length)throw new Error("_sha2: outputLen bigger than state");for(let l=0;l<u;l++)a.setUint32(4*l,g[l],o)}digest(){let{buffer:t,outputLen:e}=this;this.digestInto(t);let i=t.slice(0,e);return this.destroy(),i}_cloneInto(t){t||(t=new this.constructor),t.set(...this.get());let{blockLen:e,buffer:i,length:r,finished:o,destroyed:s,pos:a}=this;return t.length=r,t.pos=a,t.finished=o,t.destroyed=s,r%e&&t.buffer.set(i),t}};var vt=new Uint32Array([1116352408,1899447441,3049323471,3921009573,961987163,1508970993,2453635748,2870763221,3624381080,310598401,607225278,1426881987,1925078388,2162078206,2614888103,3248222580,3835390401,4022224774,264347078,604807628,770255983,1249150122,1555081692,1996064986,2554220882,2821834349,2952996808,3210313671,3336571891,3584528711,113926993,338241895,666307205,773529912,1294757372,1396182291,1695183700,1986661051,2177026350,2456956037,2730485921,2820302411,3259730800,3345764771,3516065817,3600352804,4094571909,275423344,430227734,506948616,659060556,883997877,958139571,1322822218,1537002063,1747873779,1955562222,2024104815,2227730452,2361852424,2428436474,2756734187,3204031479,3329325298]),S=new Uint32Array([1779033703,3144134277,1013904242,2773480762,1359893119,2600822924,528734635,1541459225]),x=new Uint32Array(64),W=class extends B{constructor(){super(64,32,8,!1),this.A=S[0]|0,this.B=S[1]|0,this.C=S[2]|0,this.D=S[3]|0,this.E=S[4]|0,this.F=S[5]|0,this.G=S[6]|0,this.H=S[7]|0}get(){let{A:t,B:e,C:i,D:r,E:o,F:s,G:a,H:c}=this;return[t,e,i,r,o,s,a,c]}set(t,e,i,r,o,s,a,c){this.A=t|0,this.B=e|0,this.C=i|0,this.D=r|0,this.E=o|0,this.F=s|0,this.G=a|0,this.H=c|0}process(t,e){for(let l=0;l<16;l++,e+=4)x[l]=t.getUint32(e,!1);for(let l=16;l<64;l++){let w=x[l-15],O=x[l-2],Y=f(w,7)^f(w,18)^w>>>3,N=f(O,17)^f(O,19)^O>>>10;x[l]=N+x[l-7]+Y+x[l-16]|0}let{A:i,B:r,C:o,D:s,E:a,F:c,G:u,H:g}=this;for(let l=0;l<64;l++){let w=f(a,6)^f(a,11)^f(a,25),O=g+w+it(a,c,u)+vt[l]+x[l]|0,N=(f(i,2)^f(i,13)^f(i,22))+st(i,r,o)|0;g=u,u=c,c=a,a=s+O|0,s=o,o=r,r=i,i=O+N|0}i=i+this.A|0,r=r+this.B|0,o=o+this.C|0,s=s+this.D|0,a=a+this.E|0,c=c+this.F|0,u=u+this.G|0,g=g+this.H|0,this.set(i,r,o,s,a,c,u,g)}roundClean(){x.fill(0)}destroy(){this.set(0,0,0,0,0,0,0,0),this.buffer.fill(0)}};var F=nt(()=>new W);import{stringToBytes as Et,toHex as Ut}from"viem";var q=n=>btoa(String.fromCodePoint.apply(null,Array.from(n))),y=n=>It.fromUint8Array(new Uint8Array(n),!0),rt=n=>{let t=Et(n),e=F(F(t));return Ut(e,{size:32}).slice(2)};import{Base64 as ot}from"js-base64";import{hexToBytes as at}from"viem";async function ct({user:n,challenge:t,rpConfig:e}){let i=at("0x".concat(t),{size:32}),r={publicKey:{authenticatorSelection:{residentKey:"preferred",userVerification:"required"},challenge:i,excludeCredentials:[],pubKeyCredParams:[{type:"public-key",alg:-7},{type:"public-key",alg:-257}],rp:{name:e.rpName,id:e.rpId},user:V(v({},n),{id:ot.toUint8Array(n.id)})}},o=await navigator.credentials.create(r);if(o===null)throw new Error("No credential returned");let s=y(o.response.attestationObject),c={rawCredential:JSON.stringify({authenticatorAttachment:o.authenticatorAttachment,id:o.id,rawId:y(o.rawId),response:{attestationObject:s,clientDataJSON:y(o.response.clientDataJSON)},type:o.type}),origin:e.rpName,rpId:e.rpId};return{credentials:{credentials:"",method:"passkey",id:o.id},signature:JSON.stringify(c)}}async function pt({challenge:n,allowCredentialId:t,rpConfig:e,ephClaim:i}){let r=at("0x".concat(n),{size:32}),o=t?[{type:"public-key",id:ot.toUint8Array(t)}]:[],s={publicKey:{userVerification:"required",challenge:r,allowCredentials:o}},a=await navigator.credentials.get(s);if(a===null)throw new Error("Failed to get navigator credentials");let c=a.response,u=c.userHandle;if(u===null)throw new Error("User handle cannot be null");let g=y(c.signature),w={rawCredential:JSON.stringify({authenticatorAttachment:a.authenticatorAttachment,id:a.id,rawId:y(a.rawId),response:{authenticatorData:y(c.authenticatorData),clientDataJSON:y(c.clientDataJSON),signature:g,userHandle:y(u)},type:a.type}),origin:e.rpName,rpId:e.rpId};return{credentials:{credentials:i.toJSON(),method:"passkey",id:a.id},signature:JSON.stringify(w)}}import{toHex as H}from"viem";import{ed25519 as G}from"@noble/curves/ed25519";import{secp256k1 as ht}from"@noble/curves/secp256k1";var b=(n,t)=>{h(typeof t!="string","".concat(n," must be string")),h((t==null?void 0:t.trim().length)===0,"".concat(n," cannot be empty"))},ut=(n,t)=>{h(!(n instanceof Uint8Array),"key must be an Uint8Array"),t==="secp256k1"&&h(n.length!==65,"secp256k1: key length must be 65 bytes, got "+n.length),t==="ed25519"&&h(n.length!==32,"ed25519: key length must be 32 bytes, got "+n.length)},lt=(n,t)=>{h(!(n instanceof Uint8Array),"key must be an Uint8Array"),t==="secp256k1"&&h(n.length!==32,"secp256k1: key length must be 32 bytes, got "+n.length),t==="ed25519"&&h(n.length!==32,"ed25519: key length must be 32 bytes, got "+n.length)};var h=(n,t)=>{if(n)throw new Error(t)};import{signMessage as Mt}from"viem/accounts";var A=class{constructor(t,e,i,r=3600){p(this,"ephId");p(this,"ephPK");p(this,"signAlg");p(this,"expiry");this.validateInputs(t,e,i,r),this.ephId=t,this.ephPK=H(e),this.signAlg=i,this.expiry=Math.floor(Date.now()/1e3)+r}validateInputs(t,e,i,r){b("ephId",t),ut(e,i),h(Number.isInteger(r)===!1,"lifetime must be an integer");let o=r>0&&r<=365*24*60*60;h(!o,"lifetime must be greater than 0 and less than or equal to 365 days")}toJSON(){return JSON.stringify({ephId:this.ephId,ephPK:this.ephPK,expiry:this.expiry,signAlg:this.signAlg})}};async function dt({setup:n,challenge:t,ephSK:e,ephClaim:i}){let r={setup:n,challenge:t},s=new TextEncoder().encode(JSON.stringify(r)),a=await Kt(s,e,i.signAlg);return{credentials:{credentials:i.toJSON(),method:"ephemeral",id:i.ephId},signature:a}}async function Kt(n,t,e){switch(e){case"ed25519":return H(G.sign(n,t));case"secp256k1":return await Mt({message:{raw:n},privateKey:H(t)});default:throw new Error("Invalid signature algorithm")}}function z(n){switch(n){case"ed25519":return G.utils.randomPrivateKey();case"secp256k1":return ht.utils.randomPrivateKey();default:throw new Error("Invalid signature algorithm")}}function I(n,t){switch(t){case"ed25519":return G.getPublicKey(n);case"secp256k1":return ht.getPublicKey(n,!1);default:throw new Error("Invalid signature algorithm")}}import{isAddress as Rt}from"viem";var P=class{constructor(t,e,i){p(this,"browserWallet");p(this,"eoa");p(this,"ephClaim");this.validateInputs(t,e),this.ephClaim=i,this.browserWallet=e,this.eoa=t}validateInputs(t,e){h(!Rt(t),"invalid Ethereum address format"),h(!((e==null?void 0:e.signTypedData)instanceof Function),"invalid browserWallet")}async authenticate({setup:t,challenge:e}){return h(!(t instanceof m||t instanceof d),"invalid setup for EOA authenticate. Requires KeygenSetupOpts or MetadataSetupOpts but found ".concat(JSON.stringify(t))),await tt({setup:t,eoa:this.eoa,challenge:e,browserWallet:this.browserWallet,ephClaim:this.ephClaim})}},E=class{constructor(t,e,i){p(this,"ephSK");p(this,"ephClaim");lt(e,i),this.ephSK=e;let r=I(this.ephSK,i);this.ephClaim=new A(t,r,i)}async authenticate({setup:t,challenge:e}){return h(!(t instanceof k||t instanceof d),"invalid setup for Eph authenticate. Requires SignSetupOpts or MetadataSetupOpts but found ".concat(JSON.stringify(t))),await dt({setup:t,challenge:e,ephSK:this.ephSK,ephClaim:this.ephClaim})}},C=class{constructor(t,e,i){p(this,"rpConfig");p(this,"allowCredentialId");p(this,"ephClaim");this.ephClaim=i,this.rpConfig=t,this.allowCredentialId=e}async authenticate({setup:t,challenge:e}){return h(!(t instanceof m||t instanceof d),"invalid setup for Passkey authenticate. Requires KeygenSetupOpts or MetadataSetupOpts but found ".concat(JSON.stringify(t))),await pt({allowCredentialId:this.allowCredentialId,challenge:e,rpConfig:this.rpConfig,ephClaim:this.ephClaim})}},U=class{constructor(t,e){p(this,"rpConfig");p(this,"user");this.rpConfig=t,this.user=e}async authenticate({setup:t,challenge:e}){return h(!(t instanceof d),"invalid setup for Passkey register. Requires MetadataSetupOpts but found ".concat(JSON.stringify(t))),await ct({user:this.user,challenge:e,rpConfig:this.rpConfig})}};var M=class{constructor(t,e,i,r){p(this,"authModule");p(this,"threshold");p(this,"totalNodes");p(this,"wpClient");h(e<2,"Threshold = ".concat(e," must be at least 2")),h(i<e,"Total nodes = ".concat(i," must be greater or equal to threshold = ").concat(e)),this.threshold=e,this.totalNodes=i,this.authModule=r,this.wpClient=t}async generateKey(t){let e=new m({t:this.threshold,n:this.totalNodes,permissions:t,key_label:void 0});return this.setEphClaimOf(e),await this.wpClient.startKeygen({setup:e,authModule:this.authModule})}async signMessage(t,e){b("keyId",t),b("message",e);let i=new k({t:this.threshold,key_id:t,message:e});return await this.wpClient.startSigngen({setup:i,authModule:this.authModule})}async addEphemeralKey(t){b("keyId",t);let e=new d;return e.keyId=t,this.setEphClaimOf(e),await this.wpClient.addEphemeralKey({setup:e,authModule:this.authModule})}async revokeEphemeralKey(t){b("keyId",t);let e=new d;return e.keyId=t,this.setEphClaimOf(e),await this.wpClient.revokeEphemeralKey({setup:e,authModule:this.authModule})}async registerPasskey(){let t=new d;return await this.wpClient.registerPasskey({setup:t,authModule:this.authModule})}setEphClaimOf(t){(this.authModule instanceof P||this.authModule instanceof C)&&(t.ephClaim=this.authModule.ephClaim)}};var K=class{constructor(t){p(this,"walletProviderId");p(this,"walletProviderUrl");p(this,"apiVersion","v1");this.walletProviderId=t.walletProviderId,this.walletProviderUrl="".concat(t.walletProviderUrl,"/").concat(t.apiVersion),this.apiVersion=t.apiVersion}getVersion(){return this.apiVersion}getWalletId(){return this.walletProviderId}async startKeygen({setup:t,authModule:e}){return(this.apiVersion==="v1"?this.connect.bind(this):this.connectV2.bind(this))("keygen",t,e).then(r=>{var c,u;let o=r.split(":");h(o.length!==2,"Invalid keygen response from network");let s=(c=o[0])==null?void 0:c.split("=")[1];return{publicKey:(u=o[1])==null?void 0:u.split("=")[1],keyId:s}})}async startSigngen({setup:t,authModule:e}){return(this.apiVersion==="v1"?this.connect.bind(this):this.connectV2.bind(this))("signgen",t,e).then(r=>{var c,u;let o=r.split(":");h(o.length!==2,"Invalid signgen response from network");let s=(c=o[0])==null?void 0:c.split("=")[1],a=(u=o[1])==null?void 0:u.split("=")[1];if(s===void 0||a===void 0)throw new Error("Invalid signgen response from network");return{sign:s,recid:parseInt(a)}})}async addEphemeralKey({setup:t,authModule:e}){return(this.apiVersion==="v1"?this.connect.bind(this):this.connectV2.bind(this))("addEphemeralKey",t,e).then(r=>({status:r}))}async revokeEphemeralKey({setup:t,authModule:e}){return(this.apiVersion==="v1"?this.connect.bind(this):this.connectV2.bind(this))("revokeEphemeralKey",t,e).then(r=>({status:r}))}async registerPasskey({setup:t,authModule:e}){return(this.apiVersion==="v1"?this.connect.bind(this):this.connectV2.bind(this))("registerPasskey",t,e).then(r=>({passkeyCredentialId:r}))}connect(t,e,i){return new Promise((r,o)=>{let s=0;t==="signgen"&&(e.message=q(new TextEncoder().encode(e.message)));let a=new WebSocket("".concat(this.walletProviderUrl,"/").concat(t));a.addEventListener("open",c=>{switch(console.debug("Connection opened in state ".concat(s," with event ").concat(JSON.stringify(c,void 0,"	"))),s){case 0:s=1,a.send(JSON.stringify(e));break;case 1:case 2:s=3,o("Incorrect protocol state");break;case 3:break}}),a.addEventListener("message",async c=>{switch(console.debug("Connection message in state ".concat(s," with event ").concat(JSON.stringify(c,void 0,"	"))),s){case 0:s=3,o("Incorrect protocol state");break;case 1:{s=2;try{let u=await i.authenticate({setup:e,challenge:c.data});a.send(JSON.stringify(u))}catch(u){o(u)}break}case 2:s=3,a.close(),r(c.data);break;case 3:break}}),a.addEventListener("error",c=>{console.debug("Connection error in state ".concat(s," with event ").concat(JSON.stringify(c,void 0,"	"))),s!=3&&(s=3,o("Incorrect protocol state"))}),a.addEventListener("close",c=>{console.debug("Connection closed in state ".concat(s," with event ").concat(JSON.stringify(c,void 0,"	"))),s!=3&&(s=3,o("Incorrect protocol state"))})})}connectV2(t,e,i){return new Promise((r,o)=>{let s=0;t==="signgen"&&(e.message=q(new TextEncoder().encode(e.message)));let a=new WebSocket("".concat(this.walletProviderUrl,"/").concat(t));a.addEventListener("open",async c=>{switch(console.debug("Connection opened in state ".concat(s," with event ").concat(JSON.stringify(c,void 0,"	"))),s){case 0:s=2;try{let u=JSON.stringify(e),g=await i.authenticate({setup:e,challenge:rt(u)});a.send(JSON.stringify({setupOpts:u,userAuth:JSON.stringify(g)}))}catch(u){o(u)}break;case 2:s=3,o("Incorrect protocol state");break;case 3:break}}),a.addEventListener("message",async c=>{switch(console.debug("Connection message in state ".concat(s," with event ").concat(JSON.stringify(c,void 0,"	"))),s){case 0:s=3,o("Incorrect protocol state");break;case 2:s=3,a.close(),r(c.data);break;case 3:break}}),a.addEventListener("error",c=>{console.debug("Connection error in state ".concat(s," with event ").concat(JSON.stringify(c,void 0,"	"))),s!=3&&(s=3,o("Incorrect protocol state"))}),a.addEventListener("close",c=>{console.debug("Connection closed in state ".concat(s," with event ").concat(JSON.stringify(c,void 0,"	"))),s!=3&&(s=3,o("Incorrect protocol state"))})})}};import{publicKeyToAddress as gt,toAccount as Le}from"viem/accounts";import{secp256k1 as Tt}from"@noble/curves/secp256k1";import{hashMessage as Fe,hashTypedData as qe,keccak256 as He,serializeSignature as Ge,serializeTransaction as ze,toHex as Ye}from"viem";function Q(n){if(n.startsWith("0x")&&(n=n.slice(2)),n.startsWith("04"))return gt("0x".concat(n," "));if(n.startsWith("02")||n.startsWith("03")){let t=Tt.ProjectivePoint.fromHex(n).toHex(!1);return gt("0x".concat(t))}else throw new Error("Invalid public key")}var rn={NetworkSigner:M,WalletProviderServiceClient:K,EOAAuth:P,EphAuth:E,PasskeyAuth:C,PasskeyRegister:U,generateEphPrivateKey:z,getEphPublicKey:I,EphKeyClaim:A,computeAddress:Q};export{P as EOAAuth,E as EphAuth,A as EphKeyClaim,M as NetworkSigner,C as PasskeyAuth,U as PasskeyRegister,K as WalletProviderServiceClient,Q as computeAddress,rn as default,z as generateEphPrivateKey,I as getEphPublicKey};
+var qe=Object.defineProperty,Ce=Object.defineProperties;var Ue=Object.getOwnPropertyDescriptors;var le=Object.getOwnPropertySymbols;var Te=Object.prototype.hasOwnProperty,Oe=Object.prototype.propertyIsEnumerable;var Y=(s,e,t)=>e in s?qe(s,e,{enumerable:!0,configurable:!0,writable:!0,value:t}):s[e]=t,y=(s,e)=>{for(var t in e||(e={}))Te.call(e,t)&&Y(s,t,e[t]);if(le)for(var t of le(e))Oe.call(e,t)&&Y(s,t,e[t]);return s},U=(s,e)=>Ce(s,Ue(e));var p=(s,e,t)=>Y(s,typeof e!="symbol"?e+"":e,t);import{canonicalize as Me}from"json-canonicalize";var g=(s,e)=>{l(typeof e!="string","".concat(s," must be string")),l((e==null?void 0:e.trim().length)===0,"".concat(s," cannot be empty"))},ge=(s,e)=>{if(l(!(s instanceof Uint8Array),"key must be an Uint8Array"),e==="secp256k1")l(s.length!==65,"secp256k1: key length must be 65 bytes, got "+s.length);else if(e==="ed25519")l(s.length!==32,"ed25519: key length must be 32 bytes, got "+s.length);else throw new Error("Invalid signature algorithm")},de=(s,e)=>{if(l(!(s instanceof Uint8Array),"key must be an Uint8Array"),e==="secp256k1")l(s.length!==32,"secp256k1: key length must be 32 bytes, got "+s.length);else if(e==="ed25519")l(s.length!==32,"ed25519: key length must be 32 bytes, got "+s.length);else throw new Error("Invalid signature algorithm")},ye=s=>{l(s!=="ed25519"&&s!=="secp256k1",'signAlg must be either "ed25519" or "secp256k"')},l=(s,e)=>{if(s)throw new Error(e)};var v=class{constructor(){p(this,"signRequest",new Map)}setRequest(e,t,n){if(g("transactionId",e),g("message",t),g("requestType",n),this.signRequest.has(e))throw new Error("Transaction ID ".concat(e," is already set."));return this.signRequest.set(e,{signingMessage:t,requestType:n}),this}build(){let e={};if(this.signRequest.forEach((t,n)=>{e[n]=t}),Object.keys(e).length===0)throw new Error("No sign request is set.");return Me(e)}};import{canonicalize as xe}from"json-canonicalize";import{Base64 as Le}from"js-base64";function De(s){return s instanceof Uint8Array||ArrayBuffer.isView(s)&&s.constructor.name==="Uint8Array"}function Z(s,...e){if(!De(s))throw new Error("Uint8Array expected");if(e.length>0&&!e.includes(s.length))throw new Error("Uint8Array expected of length "+e+", got length="+s.length)}function ee(s,e=!0){if(s.destroyed)throw new Error("Hash instance has been destroyed");if(e&&s.finished)throw new Error("Hash#digest() has already been called")}function fe(s,e){Z(s);let t=e.outputLen;if(s.length<t)throw new Error("digestInto() expects output buffer of length at least "+t)}var W=s=>new DataView(s.buffer,s.byteOffset,s.byteLength),f=(s,e)=>s<<32-e|s>>>e;function Ve(s){if(typeof s!="string")throw new Error("utf8ToBytes expected string, got "+typeof s);return new Uint8Array(new TextEncoder().encode(s))}function te(s){return typeof s=="string"&&(s=Ve(s)),Z(s),s}var H=class{clone(){return this._cloneInto()}};function me(s){let e=n=>s().update(te(n)).digest(),t=s();return e.outputLen=t.outputLen,e.blockLen=t.blockLen,e.create=()=>s(),e}function _e(s,e,t,n){if(typeof s.setBigUint64=="function")return s.setBigUint64(e,t,n);let r=BigInt(32),o=BigInt(4294967295),i=Number(t>>r&o),a=Number(t&o),u=n?4:0,h=n?0:4;s.setUint32(e+u,i,n),s.setUint32(e+h,a,n)}var we=(s,e,t)=>s&e^~s&t,Re=(s,e,t)=>s&e^s&t^e&t,F=class extends H{constructor(e,t,n,r){super(),this.blockLen=e,this.outputLen=t,this.padOffset=n,this.isLE=r,this.finished=!1,this.length=0,this.pos=0,this.destroyed=!1,this.buffer=new Uint8Array(e),this.view=W(this.buffer)}update(e){ee(this);let{view:t,buffer:n,blockLen:r}=this;e=te(e);let o=e.length;for(let i=0;i<o;){let a=Math.min(r-this.pos,o-i);if(a===r){let u=W(e);for(;r<=o-i;i+=r)this.process(u,i);continue}n.set(e.subarray(i,i+a),this.pos),this.pos+=a,i+=a,this.pos===r&&(this.process(t,0),this.pos=0)}return this.length+=e.length,this.roundClean(),this}digestInto(e){ee(this),fe(e,this),this.finished=!0;let{buffer:t,view:n,blockLen:r,isLE:o}=this,{pos:i}=this;t[i++]=128,this.buffer.subarray(i).fill(0),this.padOffset>r-i&&(this.process(n,0),i=0);for(let c=i;c<r;c++)t[c]=0;_e(n,r-8,BigInt(this.length*8),o),this.process(n,0);let a=W(e),u=this.outputLen;if(u%4)throw new Error("_sha2: outputLen should be aligned to 32bit");let h=u/4,d=this.get();if(h>d.length)throw new Error("_sha2: outputLen bigger than state");for(let c=0;c<h;c++)a.setUint32(4*c,d[c],o)}digest(){let{buffer:e,outputLen:t}=this;this.digestInto(e);let n=e.slice(0,t);return this.destroy(),n}_cloneInto(e){e||(e=new this.constructor),e.set(...this.get());let{blockLen:t,buffer:n,length:r,finished:o,destroyed:i,pos:a}=this;return e.length=r,e.pos=a,e.finished=o,e.destroyed=i,r%t&&e.buffer.set(n),e}};var Be=new Uint32Array([1116352408,1899447441,3049323471,3921009573,961987163,1508970993,2453635748,2870763221,3624381080,310598401,607225278,1426881987,1925078388,2162078206,2614888103,3248222580,3835390401,4022224774,264347078,604807628,770255983,1249150122,1555081692,1996064986,2554220882,2821834349,2952996808,3210313671,3336571891,3584528711,113926993,338241895,666307205,773529912,1294757372,1396182291,1695183700,1986661051,2177026350,2456956037,2730485921,2820302411,3259730800,3345764771,3516065817,3600352804,4094571909,275423344,430227734,506948616,659060556,883997877,958139571,1322822218,1537002063,1747873779,1955562222,2024104815,2227730452,2361852424,2428436474,2756734187,3204031479,3329325298]),x=new Uint32Array([1779033703,3144134277,1013904242,2773480762,1359893119,2600822924,528734635,1541459225]),b=new Uint32Array(64),se=class extends F{constructor(){super(64,32,8,!1),this.A=x[0]|0,this.B=x[1]|0,this.C=x[2]|0,this.D=x[3]|0,this.E=x[4]|0,this.F=x[5]|0,this.G=x[6]|0,this.H=x[7]|0}get(){let{A:e,B:t,C:n,D:r,E:o,F:i,G:a,H:u}=this;return[e,t,n,r,o,i,a,u]}set(e,t,n,r,o,i,a,u){this.A=e|0,this.B=t|0,this.C=n|0,this.D=r|0,this.E=o|0,this.F=i|0,this.G=a|0,this.H=u|0}process(e,t){for(let c=0;c<16;c++,t+=4)b[c]=e.getUint32(t,!1);for(let c=16;c<64;c++){let m=b[c-15],k=b[c-2],he=f(m,7)^f(m,18)^m>>>3,X=f(k,17)^f(k,19)^k>>>10;b[c]=X+b[c-7]+he+b[c-16]|0}let{A:n,B:r,C:o,D:i,E:a,F:u,G:h,H:d}=this;for(let c=0;c<64;c++){let m=f(a,6)^f(a,11)^f(a,25),k=d+m+we(a,u,h)+Be[c]+b[c]|0,X=(f(n,2)^f(n,13)^f(n,22))+Re(n,r,o)|0;d=h,h=u,u=a,a=i+k|0,i=o,o=r,r=n,n=k+X|0}n=n+this.A|0,r=r+this.B|0,o=o+this.C|0,i=i+this.D|0,a=a+this.E|0,u=u+this.F|0,h=h+this.G|0,d=d+this.H|0,this.set(n,r,o,i,a,u,h,d)}roundClean(){b.fill(0)}destroy(){this.set(0,0,0,0,0,0,0,0),this.buffer.fill(0)}};var ne=me(()=>new se);import{stringToBytes as $e,toHex as Ne}from"viem";var R=s=>Le.fromUint8Array(new Uint8Array(s),!0),re=s=>{let e=$e(s),t=ne(ne(e));return Ne(t,{size:32}).slice(2)};var A=class{constructor(e,t){p(this,"userAuthentications");p(this,"authModule");p(this,"apiVersion");this.authModule=e,this.userAuthentications=new Map,this.apiVersion=t}async setDefaultAuth(e,t){let n=await this.authModule.authenticate({payload:e,challenge:t!=null?t:re(xe(e))});this.userAuthentications.set("default",n)}async setKeygenUserSigs(e,t){if(this.apiVersion==="v1"&&!t)throw new Error("no challenge response for keygen");for(let n of e){let r=n.signAlg,o=t?t[r]:re(xe(n));if(o){let i=await this.authModule.authenticate({payload:n,challenge:o});this.userAuthentications.set(r,i)}else throw new Error("no final challenge found in response for ".concat(r))}}async setSigngenUserSigs(e,t){if(this.apiVersion==="v1"&&!t)throw new Error("no challenge response for signgen v1");await this.setDefaultAuth(e,t)}async setAddEphKeyUserSigs(e,t){await this.setDefaultAuth(e,t)}async setRevokeEphKeyUserSigs(e,t){await this.setDefaultAuth(e,t)}async setRegisterPasskeyUserSigs(e,t){if(!t)throw new Error("missing challenge response for registerPasskey");await this.setDefaultAuth(e,t)}async setKeyRefreshUserSigs(e,t){if(!t)throw new Error("missing challenge response for keyRefresh");await this.setDefaultAuth(e,t)}async setQcUserSigs(e,t){if(!t)throw new Error("missing challenge response for quorumChange");await this.setDefaultAuth(e,t)}async build(e,t,n){if(e==="keygen"){let r=n?JSON.parse(n):void 0;await this.setKeygenUserSigs(t,r)}else e==="signgen"?await this.setSigngenUserSigs(t,n):e==="addEphemeralKey"?await this.setAddEphKeyUserSigs(t,n):e==="revokeEphemeralKey"?await this.setRevokeEphKeyUserSigs(t,n):e==="registerPasskey"?await this.setRegisterPasskeyUserSigs(t,n):e==="keyRefresh"?await this.setKeyRefreshUserSigs(t,n):e==="quorumChange"&&await this.setQcUserSigs(t,n);return Object.fromEntries(this.userAuthentications)}};var ie=s=>{let{sign:e,recid:t}=s,n=(27+t).toString(16);return"0x".concat(e).concat(n)};var He=[{name:"tag",type:"uint16"},{name:"value",type:"string"}],w=class{constructor({t:e,n:t,permissions:n,signAlg:r}){p(this,"t");p(this,"n");p(this,"metadata");p(this,"signAlg");g("signAlg",r),this.t=e,this.n=t,this.signAlg=r,this.metadata=[],n&&this.metadata.push({tag:1,value:n})}get eoaRequestSchema(){return{Request:[{name:"setup",type:"KeygenSetupOpts"},{name:"challenge",type:"string"},{name:"eph_claim",type:"string"}],KeygenSetupOpts:[{name:"t",type:"uint32"},{name:"n",type:"uint32"},{name:"metadata",type:"TaggedValue[]"}],TaggedValue:He}}},K=class{constructor({t:e,key_id:t,signAlg:n,message:r}){p(this,"t");p(this,"key_id");p(this,"message");p(this,"signAlg");g("keyId",t),g("signAlg",n),g("signRequest",r),this.t=e,this.key_id=t,this.message=r,this.signAlg=n}};var S=class{constructor(e){p(this,"key_id");g("keyId",e),this.key_id=e}get eoaRequestSchema(){return{Request:[{name:"setup",type:"RevokeEphKeyRequest"},{name:"challenge",type:"string"},{name:"eph_claim",type:"string"}],RevokeEphKeyRequest:[{name:"key_id",type:"string"}]}}},P=class{constructor(e){p(this,"key_id_list");for(let t of e)g("keyId",t);this.key_id_list=e}get eoaRequestSchema(){return{Request:[{name:"setup",type:"AddEphKeyRequest"},{name:"challenge",type:"string"},{name:"eph_claim",type:"string"}],AddEphKeyRequest:[{name:"key_id_list",type:"string[]"}]}}},I=class{constructor(e){p(this,"options");g("options",e),this.options=e}},J=class{constructor({newT:e,newN:t,keyId:n,signAlg:r}){p(this,"new_t");p(this,"new_n");p(this,"key_id");p(this,"sign_alg");g("keyId",n),g("signAlg",r),this.new_t=e,this.new_n=t,this.key_id=n,this.sign_alg=r}get eoaRequestSchema(){return{Request:[{name:"setup",type:"QuorumChangeRequest"},{name:"challenge",type:"string"},{name:"eph_claim",type:"string"}],QuorumChangeRequest:[{name:"new_t",type:"uint32"},{name:"new_n",type:"uint32"},{name:"key_id",type:"string"},{name:"sign_alg",type:"string"}]}}},q=class{constructor({t:e,keyId:t,signAlg:n}){p(this,"t");p(this,"key_id");p(this,"sign_alg");g("keyId",t),g("signAlg",n),this.t=e,this.key_id=t,this.sign_alg=n}get eoaRequestSchema(){return{Request:[{name:"setup",type:"KeyRefreshRequest"},{name:"challenge",type:"string"},{name:"eph_claim",type:"string"}],KeyRefreshRequest:[{name:"t",type:"uint32"},{name:"key_id",type:"string"},{name:"sign_alg",type:"string"}]}}};var T=class{constructor(e,t){p(this,"authModule");p(this,"wpClient");this.authModule=t,this.wpClient=e}validateQuorumSetup({threshold:e,totalNodes:t}){e&&l(e<2,"Threshold = ".concat(e," must be at least 2")),e&&t&&l(t<e,"Total nodes = ".concat(t," must be greater or equal to threshold = ").concat(e))}async generateKey(e,t,n,r){this.validateQuorumSetup({threshold:e,totalNodes:t});let o=n.map(a=>new w({t:e,n:t,permissions:r,signAlg:a}));return await this.wpClient.startKeygen({setups:o,authModule:this.authModule})}async signMessage(e,t,n,r){this.validateQuorumSetup({threshold:e}),ye(n);let o=new K({t:e,key_id:t,signAlg:n,message:r});return await this.wpClient.startSigngen({setup:o,authModule:this.authModule})}async refreshKey(e,t,n){let r=new q({t:e,keyId:t,signAlg:n});return await this.wpClient.startKeyRefresh({payload:r,authModule:this.authModule})}async addEphemeralKey(e){let t=new P(e);return await this.wpClient.addEphemeralKey({payload:t,authModule:this.authModule})}async revokeEphemeralKey(e){g("keyId",e);let t=new S(e);return await this.wpClient.revokeEphemeralKey({payload:t,authModule:this.authModule})}async registerPasskey(e){let t=new I(e!=null?e:"passkey options");return await this.wpClient.registerPasskey({payload:t,authModule:this.authModule})}};var oe=s=>{var o,i,a;let e=s.split(":");l(e.length!==3,"Invalid keygen response from network");let t=(o=e[0])==null?void 0:o.split("=")[1],n=(i=e[1])==null?void 0:i.split("=")[1],r=(a=e[2])==null?void 0:a.split("=")[1];return{publicKey:n,keyId:t,signAlg:r}},O=(s,e)=>{let t=s.split(";");return l(t.length!==e,"Invalid keygen response from network, not all keys were generated"),t.map(n=>oe(n))},M=(s,e)=>s.split(";").map(n=>{var r,o,i,a,u;if(e==="secp256k1"){let h=n.split(":");l(h.length!==3,"Invalid signgen response from network");let d=(r=h[0])==null?void 0:r.split("=")[1],c=(o=h[1])==null?void 0:o.split("=")[1],m=(i=h[2])==null?void 0:i.split("=")[1];if(d===void 0||c===void 0||m===void 0)throw new Error("Invalid signgen response from network");return{transactionId:m,sign:d,recid:parseInt(c)}}else{let h=n.split(":");l(h.length!==2,"Invalid signgen response from network");let d=(a=h[0])==null?void 0:a.split("=")[1],c=(u=h[1])==null?void 0:u.split("=")[1];if(d===void 0||c===void 0)throw new Error("Invalid signgen response from network");return{transactionId:c,sign:d,recid:0}}}),D=s=>{let e=s.split(";"),t=[];return e.forEach(n=>{let r=n.split(":");l(r.length!==2,"Invalid eph key operation response from network");let o=r[0],i=r[1];t.push({keyId:o,status:i})}),t};import{canonicalize as ae}from"json-canonicalize";var V=class{constructor(e){p(this,"walletProviderUrl");p(this,"apiVersion","v1");this.walletProviderUrl="".concat(e.walletProviderUrl,"/").concat(e.apiVersion),this.apiVersion=e.apiVersion}getVersion(){return this.apiVersion}async startKeygen({setups:e,authModule:t}){return(this.apiVersion==="v1"?this.connect.bind(this):this.connectV2.bind(this))("keygen",e,t).then(r=>O(r,e.length))}async startKeyRefresh({payload:e,authModule:t}){if(this.apiVersion==="v2")throw new Error("Key refresh is not supported in v2 API");return this.connect.bind(this)("keyRefresh",e,t).then(r=>oe(r))}async startSigngen({setup:e,authModule:t}){return(this.apiVersion==="v1"?this.connect.bind(this):this.connectV2.bind(this))("signgen",e,t).then(r=>M(r,e.signAlg))}async addEphemeralKey({payload:e,authModule:t}){return(this.apiVersion==="v1"?this.connect.bind(this):this.connectV2.bind(this))("addEphemeralKey",e,t).then(r=>D(r))}async revokeEphemeralKey({payload:e,authModule:t}){return(this.apiVersion==="v1"?this.connect.bind(this):this.connectV2.bind(this))("revokeEphemeralKey",e,t).then(r=>({status:r}))}async registerPasskey({payload:e,authModule:t}){if(this.apiVersion==="v2")throw new Error("Passkey registration is not supported in v2 API");return this.connect.bind(this)("registerPasskey",e,t).then(r=>({passkeyCredentialId:r}))}connect(e,t,n){return new Promise((r,o)=>{let i=0,a=new WebSocket("".concat(this.walletProviderUrl,"/").concat(e));a.addEventListener("open",u=>{switch(console.debug("Connection opened in state ".concat(i," with event ").concat(JSON.stringify(u,void 0,"	"))),i){case 0:i=1,a.send(ae({payload:t}));break;case 1:case 2:i=3,o("Incorrect protocol state");break;case 3:break}}),a.addEventListener("message",async u=>{switch(console.debug("Connection message in state ".concat(i," with event ").concat(JSON.stringify(u,void 0,"	"))),i){case 0:i=3,o("Incorrect protocol state");break;case 1:{i=2;try{let h=u.data,d=await new A(n,this.apiVersion).build(e,t,h);a.send(ae(d))}catch(h){o(h)}break}case 2:{i=3,a.close(),r(u.data);break}case 3:break}}),a.addEventListener("error",u=>{console.debug("Connection error in state ".concat(i," with event ").concat(JSON.stringify(u,void 0,"	"))),i!=3&&(i=3,o("Incorrect protocol state"))}),a.addEventListener("close",u=>{console.debug("Connection closed in state ".concat(i," with event ").concat(JSON.stringify(u,void 0,"	"))),i!=3&&(i=3,o("Incorrect protocol state"))})})}connectV2(e,t,n){return new Promise((r,o)=>{let i=0,a=new WebSocket("".concat(this.walletProviderUrl,"/").concat(e));a.addEventListener("open",async u=>{switch(console.debug("Connection opened in state ".concat(i," with event ").concat(JSON.stringify(u,void 0,"	"))),i){case 0:i=2;try{let h=await new A(n,this.apiVersion).build(e,t);a.send(ae({payload:t,userSigs:h}))}catch(h){o(h)}break;case 2:i=3,o("Incorrect protocol state");break;case 3:break}}),a.addEventListener("message",async u=>{switch(console.debug("Connection message in state ".concat(i," with event ").concat(JSON.stringify(u,void 0,"	"))),i){case 0:i=3,o("Incorrect protocol state");break;case 2:{i=3,a.close(),r(u.data);break}case 3:break}}),a.addEventListener("error",u=>{console.debug("Connection error in state ".concat(i," with event ").concat(JSON.stringify(u,void 0,"	"))),i!=3&&(i=3,o("Incorrect protocol state"))}),a.addEventListener("close",u=>{console.debug("Connection closed in state ".concat(i," with event ").concat(JSON.stringify(u,void 0,"	"))),i!=3&&(i=3,o("Incorrect protocol state"))})})}};import{canonicalize as We}from"json-canonicalize";var pe=class extends Error{constructor(t,n,r){super(r||n);this.status=t;this.statusText=n;this.name="HttpError"}},_=class{constructor(e="",t={}){p(this,"baseURL");p(this,"defaultHeaders");this.baseURL=e,this.validateHeaders(t),this.defaultHeaders=y({"Content-Type":"application/json"},t)}validateHeaders(e){if(typeof e!="object"||e===null)throw new Error("Headers must be an object.");for(let[t,n]of Object.entries(e))if(typeof t!="string"||typeof n!="string")throw new Error("Invalid header: ".concat(t,". Header names and values must be strings."))}setDefaultHeaders(e){this.defaultHeaders=y(y({},this.defaultHeaders),e)}buildUrl(e){return"".concat(this.baseURL).concat(e)}async handleResponse(e){if(!e.ok){let n;try{n=(await e.json()).message||e.statusText}catch(r){n=e.statusText}throw new pe(e.status,e.statusText,n)}let t=e.headers.get("content-type");return t&&t.includes("application/json")?e.json():e.text()}async request(e,t,n,r={}){let o=this.buildUrl(t),i=y(y({},this.defaultHeaders),r.headers),a=U(y({method:e,headers:i},r),{body:n?We(n):null}),u=await fetch(o,a);return this.handleResponse(u)}async get(e,t){return this.request("GET",e,void 0,t)}async post(e,t,n){return this.request("POST",e,t,n)}async put(e,t,n){return this.request("PUT",e,t,n)}async patch(e,t,n){return this.request("PATCH",e,t,n)}async delete(e,t){return this.request("DELETE",e,void 0,t)}};var Fe={name:"SilentShard authentication",version:"0.1.0"},Je=[{name:"name",type:"string"},{name:"version",type:"string"}];function ze(s,e,t){return{types:y({EIP712Domain:Je},s.eoaRequestSchema),domain:Fe,primaryType:"Request",message:{setup:s,challenge:e,eph_claim:t}}}async function be({setup:s,eoa:e,challenge:t,browserWallet:n,ephClaim:r}){let o=ze(s,t,r?r.toJSON():""),i=await n.signTypedData(e,o);return{credentials:{credentials:r?r.toJSON():"",method:"eoa",id:e},signature:i}}import{Base64 as Ae}from"js-base64";import{hexToBytes as Se}from"viem";import{canonicalize as z}from"json-canonicalize";async function Pe({user:s,challenge:e,rpConfig:t}){let n=Se("0x".concat(e),{size:32}),r={publicKey:{authenticatorSelection:{residentKey:"preferred",userVerification:"required"},challenge:n,excludeCredentials:[],pubKeyCredParams:[{type:"public-key",alg:-7},{type:"public-key",alg:-257}],rp:{name:t.rpName,id:t.rpId},user:U(y({},s),{id:Ae.toUint8Array(s.id)})}},o=await navigator.credentials.create(r);if(o===null)throw new Error("No credential returned");let i=R(o.response.attestationObject),u={rawCredential:z({authenticatorAttachment:o.authenticatorAttachment,id:o.id,rawId:R(o.rawId),response:{attestationObject:i,clientDataJSON:R(o.response.clientDataJSON)},type:o.type}),origin:t.rpName,rpId:t.rpId};return{credentials:{credentials:"",method:"passkey",id:o.id},signature:z(u)}}async function Ee({challenge:s,allowCredentialId:e,rpConfig:t,ephClaim:n}){let r=Se("0x".concat(s),{size:32}),o=e?[{type:"public-key",id:Ae.toUint8Array(e)}]:[],i={publicKey:{userVerification:"required",challenge:r,allowCredentials:o}},a=await navigator.credentials.get(i);if(a===null)throw new Error("Failed to get navigator credentials");let u=a.response,h=u.userHandle;if(h===null)throw new Error("User handle cannot be null");let d=R(u.signature),m={rawCredential:z({authenticatorAttachment:a.authenticatorAttachment,id:a.id,rawId:R(a.rawId),response:{authenticatorData:R(u.authenticatorData),clientDataJSON:R(u.clientDataJSON),signature:d,userHandle:R(h)},type:a.type}),origin:t.rpName,rpId:t.rpId};return{credentials:{credentials:n.toJSON(),method:"passkey",id:a.id},signature:z(m)}}import{toHex as G}from"viem";import{ed25519 as ue}from"@noble/curves/ed25519";import{secp256k1 as ke}from"@noble/curves/secp256k1";import{signMessage as Ge}from"viem/accounts";import{canonicalize as ve}from"json-canonicalize";var E=class s{constructor(e,t,n,r=Math.floor(Date.now()/1e3)+3600){p(this,"ephId");p(this,"ephPK");p(this,"signAlg");p(this,"expiry");this.validateInputs(e,t,n,r),this.ephId=e,this.ephPK=G(t),this.signAlg=n,this.expiry=r}validateInputs(e,t,n,r){g("ephId",e),ge(t,n),l(Number.isInteger(r)===!1,"expiry must be an integer");let o=Math.floor(Date.now()/1e3),i=r-o,a=i>0&&i<=365*24*60*60;l(!a,"lifetime must be greater than 0 and less than or equal to 365 days expiry - now ".concat(i,", expiry ").concat(r," now secs ").concat(o))}toJSON(){return ve({ephId:this.ephId,ephPK:this.ephPK,expiry:this.expiry,signAlg:this.signAlg})}static generateKeys(e,t){let n=Q(e),r=C(n,e),o=new s(G(r),r,e,t);return{privKey:n,pubKey:r,ephClaim:o}}};async function Ke({setup:s,challenge:e,ephSK:t,ephClaim:n}){let r={setup:s,challenge:e},o=new TextEncoder().encode(ve(r)),i=await Qe(o,t,n.signAlg);return{credentials:{credentials:n.toJSON(),method:"ephemeral",id:n.ephId},signature:i}}async function Qe(s,e,t){switch(t){case"ed25519":return G(ue.sign(s,e));case"secp256k1":return await Ge({message:{raw:s},privateKey:G(e)});default:throw new Error("Invalid signature algorithm")}}function Q(s){switch(s){case"ed25519":return ue.utils.randomPrivateKey();case"secp256k1":return ke.utils.randomPrivateKey();default:throw new Error("Invalid signature algorithm")}}function C(s,e){switch(e){case"ed25519":return ue.getPublicKey(s);case"secp256k1":return ke.getPublicKey(s,!1);default:throw new Error("Invalid signature algorithm")}}import{isAddress as je}from"viem";import{canonicalize as j}from"json-canonicalize";var B=class{constructor(e,t,n){p(this,"browserWallet");p(this,"eoa");p(this,"ephClaim");this.validateInputs(e,t),this.ephClaim=n,this.browserWallet=t,this.eoa=e}validateInputs(e,t){l(!je(e),"invalid Ethereum address format"),l(!((t==null?void 0:t.signTypedData)instanceof Function),"invalid browserWallet")}async authenticate({payload:e,challenge:t}){return l(!(e instanceof w||e instanceof q||e instanceof J||e instanceof P||e instanceof S),"invalid payload for EOA auth. Requires KeygenSetupOpts or KeyRefreshRequest or QuorumChangeRequest or AddEphKeyRequest or RevokeEphKeyRequest but found ".concat(j(e))),await be({setup:e,eoa:this.eoa,challenge:t,browserWallet:this.browserWallet,ephClaim:this.ephClaim})}},L=class{constructor(e,t,n){p(this,"ephSK");p(this,"ephClaim");de(t,n),this.ephSK=t;let r=C(this.ephSK,n);this.ephClaim=new E(e,r,n)}async authenticate({payload:e,challenge:t}){return l(!(e instanceof K||e instanceof S),"invalid payload for Ephemeral auth. Requires SignSetupOpts or RevokeEphKeyRequest but found ".concat(j(e))),await Ke({setup:e,challenge:t,ephSK:this.ephSK,ephClaim:this.ephClaim})}},$=class{constructor(e,t,n){p(this,"rpConfig");p(this,"allowCredentialId");p(this,"ephClaim");this.ephClaim=n,this.rpConfig=e,this.allowCredentialId=t}async authenticate({payload:e,challenge:t}){return l(!(e instanceof w||e instanceof P||e instanceof S),"invalid payload for Passkey login. Requires KeygenSetupOpts or AddEphKeyRequest or RevokeEphKeyRequest but found ".concat(j(e))),await Ee({allowCredentialId:this.allowCredentialId,challenge:t,rpConfig:this.rpConfig,ephClaim:this.ephClaim})}},N=class{constructor(e,t){p(this,"rpConfig");p(this,"user");this.rpConfig=e,this.user=t}async authenticate({payload:e,challenge:t}){return l(!(e instanceof I),"invalid payload for Passkey register. Requires PasskeyRegisterRequest but found ".concat(j(e))),await Pe({user:this.user,challenge:t,rpConfig:this.rpConfig})}};import{publicKeyToAddress as Ie,toAccount as ks}from"viem/accounts";import{secp256k1 as Xe}from"@noble/curves/secp256k1";import{hashMessage as qs,hashTypedData as Cs,keccak256 as Us,serializeSignature as Ts,serializeTransaction as Os,toHex as Ds}from"viem";import{Base64 as _s}from"js-base64";function ce(s){if(s.startsWith("0x")&&(s=s.slice(2)),s.startsWith("04"))return Ie("0x".concat(s," "));if(s.startsWith("02")||s.startsWith("03")){let e=Xe.ProjectivePoint.fromHex(s).toHex(!1);return Ie("0x".concat(e))}else throw new Error("Invalid public key")}var Zs={KeygenSetupOpts:w,UserSignatures:A,NetworkSigner:T,SignRequestBuilder:v,WalletProviderServiceClient:V,HttpClient:_,EOAAuth:B,EphAuth:L,PasskeyAuth:$,PasskeyRegister:N,generateEphPrivateKey:Q,getEphPublicKey:C,EphKeyClaim:E,computeAddress:ce,flattenSignature:ie,parseSigngenResult:M,parseKeygenResult:O,parseEphKeyOperationResult:D};export{B as EOAAuth,L as EphAuth,E as EphKeyClaim,_ as HttpClient,w as KeygenSetupOpts,T as NetworkSigner,$ as PasskeyAuth,N as PasskeyRegister,v as SignRequestBuilder,A as UserSignatures,V as WalletProviderServiceClient,ce as computeAddress,Zs as default,ie as flattenSignature,Q as generateEphPrivateKey,C as getEphPublicKey,D as parseEphKeyOperationResult,O as parseKeygenResult,M as parseSigngenResult};
 /*! Bundled license information:
 
 @noble/hashes/esm/utils.js:

package/dist/setupMessage.d.ts

@@ -1,24 +1,36 @@
-import { EphKeyClaim } from './ephemeralAuthentication';
-export declare const TAG_KEY_ID = 3;
-export declare class KeygenSetupOpts {
+import { EoaAuthPayload } from './auth/EOAauthentication';
+/**
+ * This tagged value is part of key share extra,
+ * and never directly part of setup message.
+ */
+export declare enum KeyshareExtraTag {
+    /** Permissions tag of key share extra. */
+    TAG_PERMISSIONS = 1
+}
+/**
+ * This class represents the setup message for DKG protocol.
+ * It contains the setup parameters to run the protocol.
+ * Its sent to the network as payload of `WpRequest`.
+ * @public
+ */
+export declare class KeygenSetupOpts implements EoaAuthPayload {
     /** Threshold, number of parties that needs to participate in a protocol in order to produce valid signature */
     t: number;
     /** Total number of nodes that participate in Key generation, must be greater or equal than `t` */
     n: number;
-    /** Optional key label */
-    key_label?: string;
     /** Metadata for a key. Currently they store the permissions, can be set in a constructor of this class.
         If permissions are not set, all operations are allowed.
        */
     private metadata;
-    constructor({ t, n, key_label, permissions, }: {
+    /** Signature algorithm chosen for key generation */
+    signAlg: string;
+    constructor({ t, n, permissions, signAlg, }: {
         t: number;
         n: number;
-        key_label: string | undefined;
         permissions: string | undefined;
+        signAlg: string;
     });
-    set ephClaim(ephClaim: EphKeyClaim);
-    get requestSchema(): {
+    get eoaRequestSchema(): {
         Request: {
             name: string;
             type: string;
@@ -40,31 +52,12 @@ export declare class SignSetupOpts {
     key_id: string;
     /** The message to sign */
     message: string;
-    constructor({ t, key_id, message }: {
+    /** Select which signature algorithm to use */
+    signAlg: string;
+    constructor({ t, key_id, signAlg, message }: {
         t: number;
         key_id: string;
         message: string;
+        signAlg: string;
     });
 }
-export declare class MetadataSetupOpts {
-    /** Metadata for a keyshare if in used by adding eph key. Otherwise, it provides metadata for the authentication setup.*/
-    private metadata;
-    constructor();
-    set ephClaim(ephClaim: EphKeyClaim);
-    set keyId(keyId: string);
-    extractMetadataByTag(tag: number): string;
-    get requestSchema(): {
-        Request: {
-            name: string;
-            type: string;
-        }[];
-        MetadataSetupOpts: {
-            name: string;
-            type: string;
-        }[];
-        TaggedValue: {
-            name: string;
-            type: string;
-        }[];
-    };
-}