npm - @silencelaboratories/walletprovider-sdk - Versions diffs - 1.7.0 → 4.0.0-hackaton - Mend

@silencelaboratories/walletprovider-sdk 1.7.0 → 4.0.0-hackaton

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (17) hide show

package/README.md +80 -38
package/dist/auth/EOAauthentication.d.ts +1 -1
package/dist/auth/authentication.d.ts +15 -26
package/dist/builder/signRequest.d.ts +2 -2
package/dist/builder/userAuth.d.ts +14 -9
package/dist/client/networkRequest.d.ts +38 -0
package/dist/client/networkResponse.d.ts +19 -11
package/dist/client/networkSigner.d.ts +20 -4
package/dist/client/walletProviderServiceClient.d.ts +16 -2
package/dist/client/walletProviderServiceClientInterface.d.ts +21 -7
package/dist/index.cjs.js +1 -1
package/dist/index.d.ts +17 -1
package/dist/index.esm.js +1 -1
package/dist/policy.d.ts +220 -0
package/dist/setupMessage.d.ts +5 -10
package/dist/tsconfig.tsbuildinfo +1 -1
package/package.json +1 -1

package/dist/index.cjs.js CHANGED Viewed

@@ -1,4 +1,4 @@
-"use strict";var G=Object.defineProperty;var Oe=Object.getOwnPropertyDescriptor;var Te=Object.getOwnPropertyNames;var Me=Object.prototype.hasOwnProperty;var $e=(n,e,t)=>e in n?G(n,e,{enumerable:!0,configurable:!0,writable:!0,value:t}):n[e]=t;var Ne=(n,e)=>{for(var t in e)G(n,t,{get:e[t],enumerable:!0})},Ve=(n,e,t,r)=>{if(e&&typeof e=="object"||typeof e=="function")for(let s of Te(e))!Me.call(n,s)&&s!==t&&G(n,s,{get:()=>e[s],enumerable:!(r=Oe(e,s))||r.enumerable});return n};var We=n=>Ve(G({},"__esModule",{value:!0}),n);var c=(n,e,t)=>$e(n,typeof e!="symbol"?e+"":e,t);var Ye={};Ne(Ye,{EOAAuth:()=>T,EphAuth:()=>M,EphKeyClaim:()=>E,FinishPresignOpts:()=>w,HttpClient:()=>W,InitPresignOpts:()=>O,KeygenSetupOpts:()=>m,NetworkSigner:()=>V,NoAuthWalletProviderServiceClient:()=>A,PasskeyAuth:()=>v,PasskeyRegister:()=>$,SignRequestBuilder:()=>k,SignSetupOpts:()=>y,UserSignatures:()=>P,WalletProviderServiceClient:()=>N,computeAddress:()=>te,default:()=>Xe,flattenSignature:()=>Y,generateEphPrivateKey:()=>H,getEphPublicKey:()=>I});module.exports=We(Ye);var Se=require("json-canonicalize");var d=(n,e)=>{g(typeof e!="string",`${n} must be string`),g((e==null?void 0:e.trim().length)===0,`${n} cannot be empty`)},fe=(n,e)=>{if(g(!(n instanceof Uint8Array),"key must be an Uint8Array"),e==="secp256k1")g(n.length!==65,"secp256k1: key length must be 65 bytes, got "+n.length);else if(e==="ed25519")g(n.length!==32,"ed25519: key length must be 32 bytes, got "+n.length);else throw new Error("Invalid signature algorithm")},me=(n,e)=>{if(g(!(n instanceof Uint8Array),"key must be an Uint8Array"),e==="secp256k1")g(n.length!==32,"secp256k1: key length must be 32 bytes, got "+n.length);else if(e==="ed25519")g(n.length!==32,"ed25519: key length must be 32 bytes, got "+n.length);else throw new Error("Invalid signature algorithm")},we=n=>{g(n!=="ed25519"&&n!=="secp256k1",'signAlg must be either "ed25519" or "secp256k"')},g=(n,e)=>{if(n)throw new Error(e)},De=(n,e)=>`Invalid payload ${JSON.stringify(n)}, cannot be authenticated by ${e.toLocaleUpperCase()} method.`,F=(n,e,t)=>{g(!e.some(r=>n instanceof r),De(n,t))};var k=class{constructor(){c(this,"signRequest",new Map)}setRequest(e,t,r){if(d("transactionId",e),d("message",t),d("requestType",r),this.signRequest.has(e))throw new Error(`Transaction ID ${e} is already set.`);return this.signRequest.set(e,{signingMessage:t,requestType:r}),this}build(){let e={};if(this.signRequest.forEach((t,r)=>{e[r]=t}),Object.keys(e).length===0)throw new Error("No sign request is set.");return(0,Se.canonicalize)(e)}};var ue=require("json-canonicalize");var xe=require("js-base64");function Be(n){return n instanceof Uint8Array||ArrayBuffer.isView(n)&&n.constructor.name==="Uint8Array"}function ne(n,...e){if(!Be(n))throw new Error("Uint8Array expected");if(e.length>0&&!e.includes(n.length))throw new Error("Uint8Array expected of length "+e+", got length="+n.length)}function se(n,e=!0){if(n.destroyed)throw new Error("Hash instance has been destroyed");if(e&&n.finished)throw new Error("Hash#digest() has already been called")}function Pe(n,e){ne(n);let t=e.outputLen;if(n.length<t)throw new Error("digestInto() expects output buffer of length at least "+t)}var j=n=>new DataView(n.buffer,n.byteOffset,n.byteLength),f=(n,e)=>n<<32-e|n>>>e;function Fe(n){if(typeof n!="string")throw new Error("utf8ToBytes expected string, got "+typeof n);return new Uint8Array(new TextEncoder().encode(n))}function ie(n){return typeof n=="string"&&(n=Fe(n)),ne(n),n}var z=class{clone(){return this._cloneInto()}};function Ae(n){let e=r=>n().update(ie(r)).digest(),t=n();return e.outputLen=t.outputLen,e.blockLen=t.blockLen,e.create=()=>n(),e}function Le(n,e,t,r){if(typeof n.setBigUint64=="function")return n.setBigUint64(e,t,r);let s=BigInt(32),o=BigInt(4294967295),i=Number(t>>s&o),a=Number(t&o),u=r?4:0,p=r?0:4;n.setUint32(e+u,i,r),n.setUint32(e+p,a,r)}var be=(n,e,t)=>n&e^~n&t,Re=(n,e,t)=>n&e^n&t^e&t,Q=class extends z{constructor(e,t,r,s){super(),this.blockLen=e,this.outputLen=t,this.padOffset=r,this.isLE=s,this.finished=!1,this.length=0,this.pos=0,this.destroyed=!1,this.buffer=new Uint8Array(e),this.view=j(this.buffer)}update(e){se(this);let{view:t,buffer:r,blockLen:s}=this;e=ie(e);let o=e.length;for(let i=0;i<o;){let a=Math.min(s-this.pos,o-i);if(a===s){let u=j(e);for(;s<=o-i;i+=s)this.process(u,i);continue}r.set(e.subarray(i,i+a),this.pos),this.pos+=a,i+=a,this.pos===s&&(this.process(t,0),this.pos=0)}return this.length+=e.length,this.roundClean(),this}digestInto(e){se(this),Pe(e,this),this.finished=!0;let{buffer:t,view:r,blockLen:s,isLE:o}=this,{pos:i}=this;t[i++]=128,this.buffer.subarray(i).fill(0),this.padOffset>s-i&&(this.process(r,0),i=0);for(let h=i;h<s;h++)t[h]=0;Le(r,s-8,BigInt(this.length*8),o),this.process(r,0);let a=j(e),u=this.outputLen;if(u%4)throw new Error("_sha2: outputLen should be aligned to 32bit");let p=u/4,l=this.get();if(p>l.length)throw new Error("_sha2: outputLen bigger than state");for(let h=0;h<p;h++)a.setUint32(4*h,l[h],o)}digest(){let{buffer:e,outputLen:t}=this;this.digestInto(e);let r=e.slice(0,t);return this.destroy(),r}_cloneInto(e){e||(e=new this.constructor),e.set(...this.get());let{blockLen:t,buffer:r,length:s,finished:o,destroyed:i,pos:a}=this;return e.length=s,e.pos=a,e.finished=o,e.destroyed=i,s%t&&e.buffer.set(r),e}};var _e=new Uint32Array([1116352408,1899447441,3049323471,3921009573,961987163,1508970993,2453635748,2870763221,3624381080,310598401,607225278,1426881987,1925078388,2162078206,2614888103,3248222580,3835390401,4022224774,264347078,604807628,770255983,1249150122,1555081692,1996064986,2554220882,2821834349,2952996808,3210313671,3336571891,3584528711,113926993,338241895,666307205,773529912,1294757372,1396182291,1695183700,1986661051,2177026350,2456956037,2730485921,2820302411,3259730800,3345764771,3516065817,3600352804,4094571909,275423344,430227734,506948616,659060556,883997877,958139571,1322822218,1537002063,1747873779,1955562222,2024104815,2227730452,2361852424,2428436474,2756734187,3204031479,3329325298]),b=new Uint32Array([1779033703,3144134277,1013904242,2773480762,1359893119,2600822924,528734635,1541459225]),R=new Uint32Array(64),oe=class extends Q{constructor(){super(64,32,8,!1),this.A=b[0]|0,this.B=b[1]|0,this.C=b[2]|0,this.D=b[3]|0,this.E=b[4]|0,this.F=b[5]|0,this.G=b[6]|0,this.H=b[7]|0}get(){let{A:e,B:t,C:r,D:s,E:o,F:i,G:a,H:u}=this;return[e,t,r,s,o,i,a,u]}set(e,t,r,s,o,i,a,u){this.A=e|0,this.B=t|0,this.C=r|0,this.D=s|0,this.E=o|0,this.F=i|0,this.G=a|0,this.H=u|0}process(e,t){for(let h=0;h<16;h++,t+=4)R[h]=e.getUint32(t,!1);for(let h=16;h<64;h++){let B=R[h-15],U=R[h-2],ye=f(B,7)^f(B,18)^B>>>3,re=f(U,17)^f(U,19)^U>>>10;R[h]=re+R[h-7]+ye+R[h-16]|0}let{A:r,B:s,C:o,D:i,E:a,F:u,G:p,H:l}=this;for(let h=0;h<64;h++){let B=f(a,6)^f(a,11)^f(a,25),U=l+B+be(a,u,p)+_e[h]+R[h]|0,re=(f(r,2)^f(r,13)^f(r,22))+Re(r,s,o)|0;l=p,p=u,u=a,a=i+U|0,i=o,o=s,s=r,r=U+re|0}r=r+this.A|0,s=s+this.B|0,o=o+this.C|0,i=i+this.D|0,a=a+this.E|0,u=u+this.F|0,p=p+this.G|0,l=l+this.H|0,this.set(r,s,o,i,a,u,p,l)}roundClean(){R.fill(0)}destroy(){this.set(0,0,0,0,0,0,0,0),this.buffer.fill(0)}};var ae=Ae(()=>new oe);var X=require("viem"),S=n=>xe.Base64.fromUint8Array(new Uint8Array(n),!0),ce=n=>{let e=(0,X.stringToBytes)(n),t=ae(ae(e));return(0,X.toHex)(t,{size:32}).slice(2)};var P=class{constructor(e,t){c(this,"userAuthentications");c(this,"authModule");c(this,"apiVersion");this.authModule=e,this.userAuthentications=new Map,this.apiVersion=t}async setDefaultAuth(e,t){let r=await this.authModule.authenticate({payload:e,challenge:t!=null?t:ce((0,ue.canonicalize)(e))});this.userAuthentications.set("default",r)}async setKeygenUserSigs(e,t){if(this.apiVersion==="v1"&&!t)throw new Error("no challenge response for keygen");for(let r of e){let s=r.signAlg,o=t?t[s]:ce((0,ue.canonicalize)(r));if(o){let i=await this.authModule.authenticate({payload:r,challenge:o});this.userAuthentications.set(s,i)}else throw new Error(`no final challenge found in response for ${s}`)}}async setSigngenUserSigs(e,t){if(this.apiVersion==="v1"&&!t)throw new Error("no challenge response for signgen v1");await this.setDefaultAuth(e,t)}async setAddEphKeyUserSigs(e,t){if(this.apiVersion==="v1"&&!t)throw new Error("no challenge response for add ephemeral key v1");await this.setDefaultAuth(e,t)}async setRevokeEphKeyUserSigs(e,t){if(this.apiVersion==="v1"&&!t)throw new Error("no challenge response for revoke ephemeral key v1");await this.setDefaultAuth(e,t)}async setRegisterPasskeyUserSigs(e,t){if(!t)throw new Error("missing challenge response for registerPasskey");await this.setDefaultAuth(e,t)}async setKeyRefreshUserSigs(e,t){if(!t)throw new Error("missing challenge response for keyRefresh");await this.setDefaultAuth(e,t)}async setFinishPresignUserSigs(e,t){await this.setDefaultAuth(e,t)}async build(e,t,r){if(e==="keygen"){let s=r?JSON.parse(r):void 0;await this.setKeygenUserSigs(t,s)}else e==="signgen"?await this.setSigngenUserSigs(t,r):e==="addEphemeralKey"?await this.setAddEphKeyUserSigs(t,r):e==="revokeEphemeralKey"?await this.setRevokeEphKeyUserSigs(t,r):e==="registerPasskey"?await this.setRegisterPasskeyUserSigs(t,r):e==="keyRefresh"?await this.setKeyRefreshUserSigs(t,r):e==="finishPresign"&&await this.setFinishPresignUserSigs(t,r);return Object.fromEntries(this.userAuthentications)}};var Y=n=>{let{sign:e,recid:t}=n,r=(27+t).toString(16);return`0x${e}${r}`};var x=class{constructor(e,t){c(this,"key_id");c(this,"eph_claim");d("keyId",e),this.key_id=e,this.eph_claim=t.toJSON()}get eoaRequestSchema(){return{Request:[{name:"setup",type:"RevokeEphKeyRequest"},{name:"challenge",type:"string"}],RevokeEphKeyRequest:[{name:"key_id",type:"string"},{name:"eph_claim",type:"string"}]}}},C=class{constructor(e,t){c(this,"key_id_list");c(this,"eph_claim");for(let r of e)d("keyId",r);this.key_id_list=e,this.eph_claim=t.toJSON()}get eoaRequestSchema(){return{Request:[{name:"setup",type:"AddEphKeyRequest"},{name:"challenge",type:"string"}],AddEphKeyRequest:[{name:"key_id_list",type:"string[]"},{name:"eph_claim",type:"string"}]}}},q=class{constructor(e){c(this,"options");d("options",e),this.options=e}},K=class{constructor({t:e,keyId:t,signAlg:r}){c(this,"t");c(this,"key_id");c(this,"sign_alg");d("keyId",t),d("signAlg",r),this.t=e,this.key_id=t,this.sign_alg=r}get eoaRequestSchema(){return{Request:[{name:"setup",type:"KeyRefreshRequest"},{name:"challenge",type:"string"}],KeyRefreshRequest:[{name:"t",type:"uint32"},{name:"key_id",type:"string"},{name:"sign_alg",type:"string"}]}}};var He=[{name:"tag",type:"uint16"},{name:"value",type:"string"}],m=class{constructor({t:e,n:t,ephClaim:r,permissions:s,signAlg:o}){c(this,"t");c(this,"n");c(this,"ephClaim");c(this,"metadata");c(this,"signAlg");d("signAlg",o),this.t=e,this.n=t,this.signAlg=o,this.ephClaim=r==null?void 0:r.toJSON(),this.metadata=[],s&&this.metadata.push({tag:1,value:s})}get eoaRequestSchema(){return{Request:[{name:"setup",type:"KeygenSetupOpts"},{name:"challenge",type:"string"}],KeygenSetupOpts:this.ephClaim?[{name:"t",type:"uint32"},{name:"n",type:"uint32"},{name:"ephClaim",type:"string"},{name:"metadata",type:"TaggedValue[]"}]:[{name:"t",type:"uint32"},{name:"n",type:"uint32"},{name:"metadata",type:"TaggedValue[]"}],TaggedValue:He}}},y=class{constructor({t:e,key_id:t,signAlg:r,message:s}){c(this,"t");c(this,"key_id");c(this,"message");c(this,"signAlg");d("keyId",t),d("signAlg",r),d("message",s),this.t=e,this.key_id=t,this.message=s,this.signAlg=r}get eoaRequestSchema(){return{Request:[{name:"setup",type:"SignSetupOpts"},{name:"challenge",type:"string"}],SignSetupOpts:[{name:"t",type:"uint32"},{name:"key_id",type:"string"},{name:"signAlg",type:"string"},{name:"message",type:"string"}]}}},O=class{constructor({amount:e,keyId:t,t:r,expiryInSecs:s}){c(this,"amount");c(this,"key_id");c(this,"t");c(this,"expiry");if(e<=0)throw new Error("Amount must be greater than 0");d("keyId",t),this.amount=e,this.key_id=t,this.t=r,this.expiry=s!=null?s:Math.floor(Date.now()/1e3)+7*24*3600}},w=class{constructor({presignSessionId:e,message:t}){c(this,"presignSessionId");c(this,"message");d("presignSessionId",e),d("message",t),this.presignSessionId=e,this.message=t}get eoaRequestSchema(){return{Request:[{name:"setup",type:"FinishPresignOpts"},{name:"challenge",type:"string"}],FinishPresignOpts:[{name:"presignSessionId",type:"string"},{name:"message",type:"string"}]}}};var Je={name:"SilentShard authentication",version:"0.1.0"},Ge=[{name:"name",type:"string"},{name:"version",type:"string"}];function ze(n,e){let t={setup:n,challenge:e};return{types:{EIP712Domain:Ge,...n.eoaRequestSchema},domain:Je,primaryType:"Request",message:t}}async function Ee({setup:n,eoa:e,challenge:t,browserWallet:r}){let s=ze(n,t),o=await r.signTypedData(e,s);return{credentials:{credentials:"",method:"eoa",id:e},signature:o}}var pe=require("js-base64"),he=require("viem"),L=require("json-canonicalize");async function ve({user:n,challenge:e,rpConfig:t}){let r=(0,he.hexToBytes)(`0x${e}`,{size:32}),s={publicKey:{authenticatorSelection:{residentKey:"preferred",userVerification:"required"},challenge:r,excludeCredentials:[],pubKeyCredParams:[{type:"public-key",alg:-7},{type:"public-key",alg:-257}],rp:{name:t.rpName,id:t.rpId},user:{...n,id:pe.Base64.toUint8Array(n.id)}}},o=await navigator.credentials.create(s);if(o===null)throw new Error("No credential returned");let i=S(o.response.attestationObject),u={rawCredential:(0,L.canonicalize)({authenticatorAttachment:o.authenticatorAttachment,id:o.id,rawId:S(o.rawId),response:{attestationObject:i,clientDataJSON:S(o.response.clientDataJSON)},type:o.type}),origin:t.rpName,rpId:t.rpId};return{credentials:{credentials:"",method:"passkey",id:o.id},signature:(0,L.canonicalize)(u)}}async function ke({challenge:n,allowCredentialId:e,rpConfig:t}){let r=(0,he.hexToBytes)(`0x${n}`,{size:32}),s=e?[{type:"public-key",id:pe.Base64.toUint8Array(e)}]:[],o={publicKey:{userVerification:"required",challenge:r,allowCredentials:s}},i=await navigator.credentials.get(o);if(i===null)throw new Error("Failed to get navigator credentials");let a=i.response,u=a.userHandle;if(u===null)throw new Error("User handle cannot be null");let p=S(a.signature),h={rawCredential:(0,L.canonicalize)({authenticatorAttachment:i.authenticatorAttachment,id:i.id,rawId:S(i.rawId),response:{authenticatorData:S(a.authenticatorData),clientDataJSON:S(a.clientDataJSON),signature:p,userHandle:S(u)},type:i.type}),origin:t.rpName,rpId:t.rpId};return{credentials:{credentials:"",method:"passkey",id:i.id},signature:(0,L.canonicalize)(h)}}var _=require("viem"),Z=require("@noble/curves/ed25519"),le=require("@noble/curves/secp256k1");var Ce=require("viem/accounts"),de=require("json-canonicalize");var E=class n{constructor(e,t,r,s=Math.floor(Date.now()/1e3)+3600){c(this,"ephId");c(this,"ephPK");c(this,"signAlg");c(this,"expiry");this.validateInputs(e,t,r,s),this.ephId=e,this.ephPK=(0,_.toHex)(t),this.signAlg=r,this.expiry=s}validateInputs(e,t,r,s){d("ephId",e),fe(t,r),g(Number.isInteger(s)===!1,"expiry must be an integer");let o=Math.floor(Date.now()/1e3),i=s-o,a=i>0&&i<=365*24*60*60;g(!a,`lifetime must be greater than 0 and less than or equal to 365 days expiry - now ${i}, expiry ${s} now secs ${o}`)}toJSON(){return(0,de.canonicalize)({ephId:this.ephId,ephPK:this.ephPK,expiry:this.expiry,signAlg:this.signAlg})}static generateKeys(e,t){let r=H(e),s=I(r,e),o=new n((0,_.toHex)(s),s,e,t);return{privKey:r,pubKey:s,ephClaim:o}}};async function Ke({setup:n,challenge:e,ephSK:t,ephClaim:r}){let s={setup:n,challenge:e},o=new TextEncoder().encode((0,de.canonicalize)(s)),i=await je(o,t,r.signAlg);return{credentials:{credentials:r.toJSON(),method:"ephemeral",id:r.ephId},signature:i}}async function je(n,e,t){switch(t){case"ed25519":return(0,_.toHex)(Z.ed25519.sign(n,e));case"secp256k1":return await(0,Ce.signMessage)({message:{raw:n},privateKey:(0,_.toHex)(e)});default:throw new Error("Invalid signature algorithm")}}function H(n){switch(n){case"ed25519":return Z.ed25519.utils.randomPrivateKey();case"secp256k1":return le.secp256k1.utils.randomPrivateKey();default:throw new Error("Invalid signature algorithm")}}function I(n,e){switch(e){case"ed25519":return Z.ed25519.getPublicKey(n);case"secp256k1":return le.secp256k1.getPublicKey(n,!1);default:throw new Error("Invalid signature algorithm")}}var Ie=require("viem");var T=class{constructor(e,t){c(this,"browserWallet");c(this,"eoa");this.validateInputs(e,t),this.browserWallet=t,this.eoa=e}validateInputs(e,t){g(!(0,Ie.isAddress)(e),"invalid Ethereum address format"),g(!((t==null?void 0:t.signTypedData)instanceof Function),"invalid browserWallet")}async authenticate({payload:e,challenge:t}){return F(e,[m,K,C,x,y,w],"eoa"),await Ee({setup:e,eoa:this.eoa,challenge:t,browserWallet:this.browserWallet})}},M=class{constructor(e,t,r){c(this,"ephSK");c(this,"ephClaim");me(t,r),this.ephSK=t;let s=I(this.ephSK,r);this.ephClaim=new E(e,s,r)}async authenticate({payload:e,challenge:t}){return F(e,[y,x,w],"ephemeral"),await Ke({setup:e,challenge:t,ephSK:this.ephSK,ephClaim:this.ephClaim})}},v=class{constructor(e,t){c(this,"rpConfig");c(this,"allowCredentialId");this.rpConfig=e,this.allowCredentialId=t}async authenticate({payload:e,challenge:t}){return F(e,[m,C,x,y,w,K],"passkey"),await ke({allowCredentialId:this.allowCredentialId,challenge:t,rpConfig:this.rpConfig})}},$=class{constructor(e,t){c(this,"rpConfig");c(this,"user");this.rpConfig=e,this.user=t}async authenticate({payload:e,challenge:t}){return F(e,[q],"passkey"),await ve({user:this.user,challenge:t,rpConfig:this.rpConfig})}};var J=require("json-canonicalize");var N=class{constructor(e){c(this,"walletProviderUrl");c(this,"apiVersion","v1");this.walletProviderUrl=`${e.walletProviderUrl}/${e.apiVersion}`,this.apiVersion=e.apiVersion}getVersion(){return this.apiVersion}async startKeygen({setups:e,authModule:t}){return(this.apiVersion==="v1"?this.connect.bind(this):this.connectV2.bind(this))("keygen",e,t).then(s=>{try{return JSON.parse(s)}catch{throw new Error(`Failed to parse keygen response: ${s}`)}})}async startKeyRefresh({payload:e,authModule:t}){if(this.apiVersion==="v2")throw new Error("Key refresh is not supported in v2 API");return this.connect.bind(this)("keyRefresh",e,t).then(s=>{try{return JSON.parse(s)}catch{throw new Error(`Failed to parse key refresh response: ${s}`)}})}async startSigngen({setup:e,authModule:t}){return(this.apiVersion==="v1"?this.connect.bind(this):this.connectV2.bind(this))("signgen",e,t).then(s=>{try{return JSON.parse(s)}catch{throw new Error(`Failed to parse signgen response: ${s}`)}})}async addEphemeralKey({payload:e,authModule:t}){return(this.apiVersion==="v1"?this.connect.bind(this):this.connectV2.bind(this))("addEphemeralKey",e,t).then(s=>{try{return JSON.parse(s)}catch{throw new Error(`Failed to parse add ephemeral key response: ${s}`)}})}async revokeEphemeralKey({payload:e,authModule:t}){return(this.apiVersion==="v1"?this.connect.bind(this):this.connectV2.bind(this))("revokeEphemeralKey",e,t).then(s=>({status:s}))}async registerPasskey({payload:e,authModule:t}){if(this.apiVersion==="v2")throw new Error("Passkey registration is not supported in v2 API");return this.connect.bind(this)("registerPasskey",e,t).then(s=>({passkeyCredentialId:s}))}connect(e,t,r){return new Promise((s,o)=>{let i=new WebSocket(`${this.walletProviderUrl}/${e}`),a=0;return console.debug("Connecting to ",i.url),i.addEventListener("open",u=>{switch(console.debug(`Connection opened in state ${a} with event ${JSON.stringify(u,void 0,"	")}`),a){case 0:{a=1;try{let p=(0,J.canonicalize)({payload:t});console.debug("Sending request:",p),i.send(p)}catch(p){this.finishWithError(i,a,p,"open event",o)}break}case 1:case 2:this.finishWithError(i,a,"Unexpected message in state waitingForResult.","open event",o);break;case 3:break}}),i.addEventListener("message",async u=>{switch(console.debug(`Connection message in state ${a} with event data ${JSON.stringify(u.data,void 0,"	")}`),a){case 0:this.finishWithError(i,a,"Unexpected message in state initiated.","message event",o);break;case 1:{a=2;try{let p=u.data,l=await new P(r,this.apiVersion).build(e,t,p);i.send((0,J.canonicalize)(l))}catch(p){this.finishWithError(i,a,p,"message event",o)}break}case 2:{a=3,i.close(),s(u.data);break}case 3:break}}),i.addEventListener("error",u=>{this.finishWithError(i,a,`Connection encountered an error event: ${JSON.stringify(u,void 0,"	")}`,"error event",o)}),i.addEventListener("close",u=>{let p=u.reason||"No specific reason provided.",l=u.code;console.debug(`Connection closed. State: ${a}, Code: ${l}, Reason: '${p}'`);let h=l>=4e3?`Application Error ${l}: ${p}`:l===1006?"Connection Abnormality (Code 1006): Server closed connection unexpectedly or network issue.":`WebSocket Closed Unexpectedly (Code ${l}): ${p}`;this.finishWithError(i,a,new Error(h),"close event",o)}),()=>{(i.readyState===WebSocket.OPEN||i.readyState===WebSocket.CONNECTING)&&i.close(1001,"Cleanup/Unmount")}})}connectV2(e,t,r){return new Promise((s,o)=>{let i=new WebSocket(`${this.walletProviderUrl}/${e}`),a=0;return console.debug("Connecting to ",i.url),i.addEventListener("open",async u=>{switch(console.debug(`Connection opened in state ${a} with event ${JSON.stringify(u,void 0,"	")}`),a){case 0:a=2;try{let p=await new P(r,this.apiVersion).build(e,t);i.send((0,J.canonicalize)({payload:t,userSigs:p}))}catch(p){this.finishWithError(i,a,p,"open event",o)}break;case 2:a=3,this.finishWithError(i,a,"Unexpected message in state waitingForResult.","open event",o);break;case 3:break}}),i.addEventListener("message",async u=>{switch(console.debug(`Connection message in state ${a} with event ${JSON.stringify(u,void 0,"	")}`),a){case 0:this.finishWithError(i,a,"Unexpected message in state initiated.","message event",o);break;case 2:{a=3,i.close(),s(u.data);break}case 3:break}}),i.addEventListener("error",u=>{this.finishWithError(i,a,`Connection encountered an error event: ${JSON.stringify(u,void 0,"	")}`,"error event",o)}),i.addEventListener("close",u=>{let p=u.reason||"No specific reason provided.",l=u.code;console.debug(`Connection closed. State: ${a}, Code: ${l}, Reason: '${p}'`);let h=l>=4e3?`Application Error ${l}: ${p}`:l===1006?"Connection Abnormality (Code 1006): Server closed connection unexpectedly or network issue.":`WebSocket Closed Unexpectedly (Code ${l}): ${p}`;this.finishWithError(i,a,new Error(h),"close event",o)}),()=>{(i.readyState===WebSocket.OPEN||i.readyState===WebSocket.CONNECTING)&&i.close(1001,"Cleanup/Unmount")}})}finishWithError(e,t,r,s,o){t!==3&&(console.error(`Error from ${s} in state ${t}:`,r),t=3,o(r instanceof Error?r:new Error(String(r)))),e.readyState===WebSocket.OPEN&&e.close(1e3,`Protocol run failed. Client attempted to close connection in state ${t}`)}},A=class{constructor(e){c(this,"walletProviderUrl");c(this,"apiVersion","v1");this.walletProviderUrl=`${e.walletProviderUrl}/${e.apiVersion}`,this.apiVersion=e.apiVersion}getVersion(){return this.apiVersion}async startKeygen({setups:e}){return this.connect.bind(this)("keygen",e).then(r=>{try{return JSON.parse(r)}catch{throw new Error(`Failed to parse keygen response: ${r}`)}})}async startSigngen({setup:e}){return this.connect.bind(this)("signgen",e).then(r=>{try{return JSON.parse(r)}catch{throw new Error(`Failed to parse signgen response: ${r}`)}})}async startKeyRefresh({payload:e}){if(this.apiVersion==="v2")throw new Error("Key refresh is not supported in v2 API");return this.connect.bind(this)("keyRefresh",e).then(r=>{try{return JSON.parse(r)}catch{throw new Error(`Failed to parse key refresh response: ${r}`)}})}connect(e,t){return new Promise((r,s)=>{let o=0,i=new WebSocket(`${this.walletProviderUrl}/${e}`);i.addEventListener("open",async a=>{switch(console.debug(`Connection opened in state ${o} with event ${JSON.stringify(a,void 0,"	")}`),o){case 0:o=2;try{i.send((0,J.canonicalize)({payload:t}))}catch(u){s(u)}break;case 2:o=3,s("Incorrect protocol state");break;case 3:break}}),i.addEventListener("message",async a=>{switch(console.debug(`Connection message in state ${o} with event ${JSON.stringify(a,void 0,"	")}`),o){case 0:o=3,s("Incorrect protocol state");break;case 2:{o=3,i.close(),r(a.data);break}case 3:break}}),i.addEventListener("error",a=>{console.debug(`Connection error in state ${o} with event ${JSON.stringify(a,void 0,"	")}`),o!=3&&(o=3,s("Incorrect protocol state"))}),i.addEventListener("close",a=>{console.debug(`Connection closed in state ${o} with event ${JSON.stringify(a,void 0,"	")}`),o!=3&&(o=3,s("Incorrect protocol state"))})})}};var V=class{constructor(e,t){c(this,"authModule");c(this,"wpClient");if(!t&&!(e instanceof A))throw new Error("missing authModule for wallet provider client in auth mode");if(t&&e instanceof A)throw new Error("authModule is required but using wallet provider client in no-auth mode");this.authModule=t,this.wpClient=e}validateQuorumSetup({threshold:e,totalNodes:t}){e&&g(e<2,`Threshold = ${e} must be at least 2`),e&&t&&g(t<e,`Total nodes = ${t} must be greater or equal to threshold = ${e}`)}async generateKey(e,t,r,s,o){this.validateQuorumSetup({threshold:e,totalNodes:t});let i=r.map(a=>new m({t:e,n:t,ephClaim:s,permissions:o,signAlg:a}));return this.authModule?await this.wpClient.startKeygen({setups:i,authModule:this.authModule}):await this.wpClient.startKeygen({setups:i})}async signMessage(e,t,r,s){this.validateQuorumSetup({threshold:e}),we(r);let o=new y({t:e,key_id:t,signAlg:r,message:s});if(this.authModule){if(this.authModule instanceof v&&new Map(Object.entries(JSON.parse(s))).size>1)throw new Error("For Passkey Authentication only one message in signing request is supported");return await this.wpClient.startSigngen({setup:o,authModule:this.authModule})}else return await this.wpClient.startSigngen({setup:o})}async refreshKey(e,t,r){let s=new K({t:e,keyId:t,signAlg:r});return this.authModule?await this.wpClient.startKeyRefresh({payload:s,authModule:this.authModule}):await this.wpClient.startKeyRefresh({payload:s})}async addEphemeralKey(e,t){let r=new C(e,t);if(!this.authModule)throw new Error("Add ephemeral key is not supported in no auth mode");return await this.wpClient.addEphemeralKey({payload:r,authModule:this.authModule})}async revokeEphemeralKey(e,t){d("keyId",e);let r=new x(e,t);if(!this.authModule)throw new Error("Revoke ephemeral key is not supported in no auth mode");return await this.wpClient.revokeEphemeralKey({payload:r,authModule:this.authModule})}async registerPasskey(e){let t=new q(e!=null?e:"passkey options");if(!this.authModule)throw new Error("Register passkey is not supported in no auth mode");return await this.wpClient.registerPasskey({payload:t,authModule:this.authModule})}};var Ue=require("json-canonicalize");var ge=class extends Error{constructor(t,r,s){super(s||r);this.status=t;this.statusText=r;this.name="HttpError"}},W=class{constructor(e="",t={}){c(this,"baseURL");c(this,"defaultHeaders");this.baseURL=e,this.validateHeaders(t),this.defaultHeaders={"Content-Type":"application/json",...t}}validateHeaders(e){if(typeof e!="object"||e===null)throw new Error("Headers must be an object.");for(let[t,r]of Object.entries(e))if(typeof t!="string"||typeof r!="string")throw new Error(`Invalid header: ${t}. Header names and values must be strings.`)}setDefaultHeaders(e){this.defaultHeaders={...this.defaultHeaders,...e}}buildUrl(e){return`${this.baseURL}${e}`}async handleResponse(e){if(!e.ok){let r;try{r=(await e.json()).message||e.statusText}catch{r=e.statusText}throw new ge(e.status,e.statusText,r)}let t=e.headers.get("content-type");return t&&t.includes("application/json")?e.json():e.text()}async request(e,t,r,s={}){let o=this.buildUrl(t),i={...this.defaultHeaders,...s.headers},a={method:e,headers:i,...s,body:r?(0,Ue.canonicalize)(r):null},u=await fetch(o,a);return this.handleResponse(u)}async get(e,t){return this.request("GET",e,void 0,t)}async post(e,t,r){return this.request("POST",e,t,r)}async put(e,t,r){return this.request("PUT",e,t,r)}async patch(e,t,r){return this.request("PATCH",e,t,r)}async delete(e,t){return this.request("DELETE",e,void 0,t)}};var ee=require("viem/accounts"),qe=require("@noble/curves/secp256k1"),D=require("viem"),Qe=require("js-base64");function te(n){if(n.startsWith("0x")&&(n=n.slice(2)),n.startsWith("04"))return(0,ee.publicKeyToAddress)(`0x${n} `);if(n.startsWith("02")||n.startsWith("03")){let e=qe.secp256k1.ProjectivePoint.fromHex(n).toHex(!1);return(0,ee.publicKeyToAddress)(`0x${e}`)}else throw new Error("Invalid public key")}var Xe={KeygenSetupOpts:m,InitPresignOpts:O,FinishPresignOpts:w,SignSetupOpts:y,UserSignatures:P,NetworkSigner:V,SignRequestBuilder:k,WalletProviderServiceClient:N,NoAuthWalletProviderServiceClient:A,HttpClient:W,EOAAuth:T,EphAuth:M,PasskeyAuth:v,PasskeyRegister:$,generateEphPrivateKey:H,getEphPublicKey:I,EphKeyClaim:E,computeAddress:te,flattenSignature:Y};0&&(module.exports={EOAAuth,EphAuth,EphKeyClaim,FinishPresignOpts,HttpClient,InitPresignOpts,KeygenSetupOpts,NetworkSigner,NoAuthWalletProviderServiceClient,PasskeyAuth,PasskeyRegister,SignRequestBuilder,SignSetupOpts,UserSignatures,WalletProviderServiceClient,computeAddress,flattenSignature,generateEphPrivateKey,getEphPublicKey});
+"use strict";var X=Object.defineProperty;var Qe=Object.getOwnPropertyDescriptor;var Xe=Object.getOwnPropertyNames;var Ye=Object.prototype.hasOwnProperty;var Ze=(s,e,t)=>e in s?X(s,e,{enumerable:!0,configurable:!0,writable:!0,value:t}):s[e]=t;var Ue=(s,e)=>{for(var t in e)X(s,t,{get:e[t],enumerable:!0})},et=(s,e,t,r)=>{if(e&&typeof e=="object"||typeof e=="function")for(let n of Xe(e))!Ye.call(s,n)&&n!==t&&X(s,n,{get:()=>e[n],enumerable:!(r=Qe(e,n))||r.enumerable});return s};var tt=s=>et(X({},"__esModule",{value:!0}),s);var c=(s,e,t)=>Ze(s,typeof e!="symbol"?e+"":e,t);var gt={};Ue(gt,{Action:()=>xe,ChainType:()=>Ee,DeletePolicyRequest:()=>P,EOAAuth:()=>$,EphAuth:()=>V,EphKeyClaim:()=>K,FinishPresignOpts:()=>R,HttpClient:()=>_,InitPresignOpts:()=>T,IssuerType:()=>Ae,KeygenSetupOpts:()=>S,Logic:()=>be,NetworkSigner:()=>F,NoAuthWalletProviderServiceClient:()=>E,Operator:()=>Ce,PasskeyAuth:()=>q,PasskeyRegister:()=>W,Policy:()=>ce,Rule:()=>ae,SignRequestBuilder:()=>U,SignSetupOpts:()=>m,TransactionAttribute:()=>ke,TransactionType:()=>ve,UpdatePolicyRequest:()=>w,UserSignatures:()=>x,WalletProviderServiceClient:()=>B,computeAddress:()=>ie,default:()=>dt,flattenSignature:()=>re,generateEphPrivateKey:()=>j,getEphPublicKey:()=>O});module.exports=tt(gt);var Ne=require("json-canonicalize");var h=(s,e)=>{g(typeof e!="string",`${s} must be string`),g((e==null?void 0:e.trim().length)===0,`${s} cannot be empty`)},Ie=(s,e)=>{if(g(!(s instanceof Uint8Array),"key must be an Uint8Array"),e==="secp256k1")g(s.length!==65,"secp256k1: key length must be 65 bytes, got "+s.length);else if(e==="ed25519")g(s.length!==32,"ed25519: key length must be 32 bytes, got "+s.length);else throw new Error("Invalid signature algorithm")},Me=(s,e)=>{if(g(!(s instanceof Uint8Array),"key must be an Uint8Array"),e==="secp256k1")g(s.length!==32,"secp256k1: key length must be 32 bytes, got "+s.length);else if(e==="ed25519")g(s.length!==32,"ed25519: key length must be 32 bytes, got "+s.length);else throw new Error("Invalid signature algorithm")},Oe=s=>{g(s!=="ed25519"&&s!=="secp256k1",'signAlg must be either "ed25519" or "secp256k"')},g=(s,e)=>{if(s)throw new Error(e)},rt=(s,e)=>`Invalid payload ${JSON.stringify(s)}, cannot be authenticated by ${e.toLocaleUpperCase()} method.`,H=(s,e,t)=>{g(!e.some(r=>s instanceof r),rt(s,t))};var U=class{constructor(){c(this,"signRequest",new Map)}setRequest(e,t,r){if(h("transactionId",e),h("message",t),h("requestType",r),this.signRequest.has(e))throw new Error(`Transaction ID ${e} is already set.`);return this.signRequest.set(e,{signingMessage:t,requestType:r}),this}build(){let e={};if(this.signRequest.forEach((t,r)=>{e[r]=t}),Object.keys(e).length===0)throw new Error("No sign request is set.");return(0,Ne.canonicalize)(e)}};var me=require("json-canonicalize");var We=require("js-base64");function st(s){return s instanceof Uint8Array||ArrayBuffer.isView(s)&&s.constructor.name==="Uint8Array"}function ue(s,...e){if(!st(s))throw new Error("Uint8Array expected");if(e.length>0&&!e.includes(s.length))throw new Error("Uint8Array expected of length "+e+", got length="+s.length)}function pe(s,e=!0){if(s.destroyed)throw new Error("Hash instance has been destroyed");if(e&&s.finished)throw new Error("Hash#digest() has already been called")}function De(s,e){ue(s);let t=e.outputLen;if(s.length<t)throw new Error("digestInto() expects output buffer of length at least "+t)}var Z=s=>new DataView(s.buffer,s.byteOffset,s.byteLength),f=(s,e)=>s<<32-e|s>>>e;function nt(s){if(typeof s!="string")throw new Error("utf8ToBytes expected string, got "+typeof s);return new Uint8Array(new TextEncoder().encode(s))}function he(s){return typeof s=="string"&&(s=nt(s)),ue(s),s}var Y=class{clone(){return this._cloneInto()}};function Te(s){let e=r=>s().update(he(r)).digest(),t=s();return e.outputLen=t.outputLen,e.blockLen=t.blockLen,e.create=()=>s(),e}function it(s,e,t,r){if(typeof s.setBigUint64=="function")return s.setBigUint64(e,t,r);let n=BigInt(32),o=BigInt(4294967295),i=Number(t>>n&o),a=Number(t&o),l=r?4:0,u=r?0:4;s.setUint32(e+l,i,r),s.setUint32(e+u,a,r)}var $e=(s,e,t)=>s&e^~s&t,Ve=(s,e,t)=>s&e^s&t^e&t,ee=class extends Y{constructor(e,t,r,n){super(),this.blockLen=e,this.outputLen=t,this.padOffset=r,this.isLE=n,this.finished=!1,this.length=0,this.pos=0,this.destroyed=!1,this.buffer=new Uint8Array(e),this.view=Z(this.buffer)}update(e){pe(this);let{view:t,buffer:r,blockLen:n}=this;e=he(e);let o=e.length;for(let i=0;i<o;){let a=Math.min(n-this.pos,o-i);if(a===n){let l=Z(e);for(;n<=o-i;i+=n)this.process(l,i);continue}r.set(e.subarray(i,i+a),this.pos),this.pos+=a,i+=a,this.pos===n&&(this.process(t,0),this.pos=0)}return this.length+=e.length,this.roundClean(),this}digestInto(e){pe(this),De(e,this),this.finished=!0;let{buffer:t,view:r,blockLen:n,isLE:o}=this,{pos:i}=this;t[i++]=128,this.buffer.subarray(i).fill(0),this.padOffset>n-i&&(this.process(r,0),i=0);for(let p=i;p<n;p++)t[p]=0;it(r,n-8,BigInt(this.length*8),o),this.process(r,0);let a=Z(e),l=this.outputLen;if(l%4)throw new Error("_sha2: outputLen should be aligned to 32bit");let u=l/4,d=this.get();if(u>d.length)throw new Error("_sha2: outputLen bigger than state");for(let p=0;p<u;p++)a.setUint32(4*p,d[p],o)}digest(){let{buffer:e,outputLen:t}=this;this.digestInto(e);let r=e.slice(0,t);return this.destroy(),r}_cloneInto(e){e||(e=new this.constructor),e.set(...this.get());let{blockLen:t,buffer:r,length:n,finished:o,destroyed:i,pos:a}=this;return e.length=n,e.pos=a,e.finished=o,e.destroyed=i,n%t&&e.buffer.set(r),e}};var ot=new Uint32Array([1116352408,1899447441,3049323471,3921009573,961987163,1508970993,2453635748,2870763221,3624381080,310598401,607225278,1426881987,1925078388,2162078206,2614888103,3248222580,3835390401,4022224774,264347078,604807628,770255983,1249150122,1555081692,1996064986,2554220882,2821834349,2952996808,3210313671,3336571891,3584528711,113926993,338241895,666307205,773529912,1294757372,1396182291,1695183700,1986661051,2177026350,2456956037,2730485921,2820302411,3259730800,3345764771,3516065817,3600352804,4094571909,275423344,430227734,506948616,659060556,883997877,958139571,1322822218,1537002063,1747873779,1955562222,2024104815,2227730452,2361852424,2428436474,2756734187,3204031479,3329325298]),v=new Uint32Array([1779033703,3144134277,1013904242,2773480762,1359893119,2600822924,528734635,1541459225]),k=new Uint32Array(64),de=class extends ee{constructor(){super(64,32,8,!1),this.A=v[0]|0,this.B=v[1]|0,this.C=v[2]|0,this.D=v[3]|0,this.E=v[4]|0,this.F=v[5]|0,this.G=v[6]|0,this.H=v[7]|0}get(){let{A:e,B:t,C:r,D:n,E:o,F:i,G:a,H:l}=this;return[e,t,r,n,o,i,a,l]}set(e,t,r,n,o,i,a,l){this.A=e|0,this.B=t|0,this.C=r|0,this.D=n|0,this.E=o|0,this.F=i|0,this.G=a|0,this.H=l|0}process(e,t){for(let p=0;p<16;p++,t+=4)k[p]=e.getUint32(t,!1);for(let p=16;p<64;p++){let J=k[p-15],N=k[p-2],qe=f(J,7)^f(J,18)^J>>>3,le=f(N,17)^f(N,19)^N>>>10;k[p]=le+k[p-7]+qe+k[p-16]|0}let{A:r,B:n,C:o,D:i,E:a,F:l,G:u,H:d}=this;for(let p=0;p<64;p++){let J=f(a,6)^f(a,11)^f(a,25),N=d+J+$e(a,l,u)+ot[p]+k[p]|0,le=(f(r,2)^f(r,13)^f(r,22))+Ve(r,n,o)|0;d=u,u=l,l=a,a=i+N|0,i=o,o=n,n=r,r=N+le|0}r=r+this.A|0,n=n+this.B|0,o=o+this.C|0,i=i+this.D|0,a=a+this.E|0,l=l+this.F|0,u=u+this.G|0,d=d+this.H|0,this.set(r,n,o,i,a,l,u,d)}roundClean(){k.fill(0)}destroy(){this.set(0,0,0,0,0,0,0,0),this.buffer.fill(0)}};var ge=Te(()=>new de);var te=require("viem"),A=s=>We.Base64.fromUint8Array(new Uint8Array(s),!0),ye=s=>{let e=(0,te.stringToBytes)(s),t=ge(ge(e));return(0,te.toHex)(t,{size:32}).slice(2)};var x=class{constructor(e,t){c(this,"userAuthentications");c(this,"authModule");c(this,"apiVersion");this.authModule=e,this.userAuthentications=new Map,this.apiVersion=t}async setDefaultAuth(e){let t=await this.authModule.authenticate({payload:e.payload,challenge:e.challenge});this.userAuthentications.set("default",t)}async setKeygenUserSigs(e,t){if(this.apiVersion==="v1"&&!t)throw new Error("no challenge response for keygen");for(let r of e){let n=r.signAlg,o=t?t[n]:ye((0,me.canonicalize)(r));if(o){let i=await this.authModule.authenticate({payload:r,challenge:o});this.userAuthentications.set(n,i)}else throw new Error(`no final challenge found in response for ${n}`)}}async setSigngenUserSigs(e){await this.setDefaultAuth(e)}async setAddEphKeyUserSigs(e){await this.setDefaultAuth(e)}async setRevokeEphKeyUserSigs(e){await this.setDefaultAuth(e)}async setRegisterPasskeyUserSigs(e){await this.setDefaultAuth(e)}async setKeyRefreshUserSigs(e){await this.setDefaultAuth(e)}async setFinishPresignUserSigs(e){await this.setDefaultAuth(e)}async setUpdatePolicyUserSigs(e){await this.setDefaultAuth(e)}async setDeletePolicyUserSigs(e){await this.setDefaultAuth(e)}async build(e,t,r){if(this.apiVersion!=="v1"&&(e==="registerPasskey"||e==="keyRefresh"))throw new Error(`${e} is only supported in V1`);let{challenge:n}=r!=null?r:{};if(e==="keygen"){let o=n?JSON.parse(n):void 0;await this.setKeygenUserSigs(t,o)}else{if(this.apiVersion==="v1"&&!n)throw new Error(`missing challenge response for ${e} V1`);let o=n!=null?n:ye((0,me.canonicalize)(t));e==="signgen"?await this.setSigngenUserSigs({payload:t,challenge:o}):e==="addEphemeralKey"?await this.setAddEphKeyUserSigs({payload:t,challenge:o}):e==="revokeEphemeralKey"?await this.setRevokeEphKeyUserSigs({payload:t,challenge:o}):e==="registerPasskey"?await this.setRegisterPasskeyUserSigs({payload:t,challenge:o}):e==="keyRefresh"?await this.setKeyRefreshUserSigs({payload:t,challenge:o}):e==="finishPresign"?await this.setFinishPresignUserSigs({payload:t,challenge:o}):e==="updatePolicy"?await this.setUpdatePolicyUserSigs({payload:t,challenge:o}):e==="deletePolicy"&&await this.setDeletePolicyUserSigs({payload:t,challenge:o})}return Object.fromEntries(this.userAuthentications)}};var re=s=>{let{sign:e,recid:t}=s,r=(27+t).toString(16);return`0x${e}${r}`};var C=class{constructor(e,t){c(this,"key_id");c(this,"eph_claim");h("keyId",e),this.key_id=e,this.eph_claim=t.toJSON()}get eoaRequestSchema(){return{Request:[{name:"setup",type:"RevokeEphKeyRequest"},{name:"challenge",type:"string"}],RevokeEphKeyRequest:[{name:"key_id",type:"string"},{name:"eph_claim",type:"string"}]}}},I=class{constructor(e,t){c(this,"key_id_list");c(this,"eph_claim");for(let r of e)h("keyId",r);this.key_id_list=e,this.eph_claim=t.toJSON()}get eoaRequestSchema(){return{Request:[{name:"setup",type:"AddEphKeyRequest"},{name:"challenge",type:"string"}],AddEphKeyRequest:[{name:"key_id_list",type:"string[]"},{name:"eph_claim",type:"string"}]}}},D=class{constructor(e){c(this,"options");h("options",e),this.options=e}},M=class{constructor({t:e,keyId:t,signAlg:r}){c(this,"t");c(this,"key_id");c(this,"sign_alg");h("keyId",t),h("signAlg",r),this.t=e,this.key_id=t,this.sign_alg=r}get eoaRequestSchema(){return{Request:[{name:"setup",type:"KeyRefreshRequest"},{name:"challenge",type:"string"}],KeyRefreshRequest:[{name:"t",type:"uint32"},{name:"key_id",type:"string"},{name:"sign_alg",type:"string"}]}}},w=class{constructor({keyId:e,policy:t}){c(this,"key_id");c(this,"policy");h("keyId",e),this.key_id=e,this.policy=t.toJSON()}get eoaRequestSchema(){return{Request:[{name:"setup",type:"UpdatePolicyRequest"},{name:"challenge",type:"string"}],UpdatePolicyRequest:[{name:"key_id",type:"string"},{name:"policy",type:"string"}]}}},P=class{constructor({keyId:e}){c(this,"key_id");h("keyId",e),this.key_id=e}get eoaRequestSchema(){return{Request:[{name:"setup",type:"DeletePolicyRequest"},{name:"challenge",type:"string"}],DeletePolicyRequest:[{name:"key_id",type:"string"}]}}};var at=[{name:"tag",type:"uint16"},{name:"value",type:"string"}],S=class{constructor({t:e,n:t,ephClaim:r,policy:n,signAlg:o}){c(this,"t");c(this,"n");c(this,"ephClaim");c(this,"metadata");c(this,"signAlg");c(this,"policy");h("signAlg",o),this.t=e,this.n=t,this.signAlg=o,this.ephClaim=r==null?void 0:r.toJSON(),this.metadata=[],this.policy=n==null?void 0:n.toJSON()}get eoaRequestSchema(){let e=[{name:"t",type:"uint32"},{name:"n",type:"uint32"},{name:"metadata",type:"TaggedValue[]"}];return this.ephClaim&&e.push({name:"ephClaim",type:"string"}),this.policy&&e.push({name:"policy",type:"string"}),{Request:[{name:"setup",type:"KeygenSetupOpts"},{name:"challenge",type:"string"}],KeygenSetupOpts:e,TaggedValue:at}}},m=class{constructor({t:e,key_id:t,signAlg:r,message:n}){c(this,"t");c(this,"key_id");c(this,"message");c(this,"signAlg");h("keyId",t),h("signAlg",r),h("message",n),this.t=e,this.key_id=t,this.message=n,this.signAlg=r}get eoaRequestSchema(){return{Request:[{name:"setup",type:"SignSetupOpts"},{name:"challenge",type:"string"}],SignSetupOpts:[{name:"t",type:"uint32"},{name:"key_id",type:"string"},{name:"signAlg",type:"string"},{name:"message",type:"string"}]}}},T=class{constructor({amount:e,keyId:t,t:r,expiryInSecs:n}){c(this,"amount");c(this,"key_id");c(this,"t");c(this,"expiry");if(e<=0)throw new Error("Amount must be greater than 0");h("keyId",t),this.amount=e,this.key_id=t,this.t=r,this.expiry=n!=null?n:Math.floor(Date.now()/1e3)+7*24*3600}},R=class{constructor({presignSessionId:e,message:t}){c(this,"presignSessionId");c(this,"message");h("presignSessionId",e),h("message",t),this.presignSessionId=e,this.message=t}get eoaRequestSchema(){return{Request:[{name:"setup",type:"FinishPresignOpts"},{name:"challenge",type:"string"}],FinishPresignOpts:[{name:"presignSessionId",type:"string"},{name:"message",type:"string"}]}}};var ct={name:"SilentShard authentication",version:"0.1.0"},lt=[{name:"name",type:"string"},{name:"version",type:"string"}];function ut(s,e){let t={setup:s,challenge:e};return{types:{EIP712Domain:lt,...s.eoaRequestSchema},domain:ct,primaryType:"Request",message:t}}async function Be({setup:s,eoa:e,challenge:t,browserWallet:r}){let n=ut(s,t),o=await r.signTypedData(e,n);return new b({method:"eoa",id:e},o)}var fe=require("js-base64"),we=require("viem"),G=require("json-canonicalize");async function Fe({user:s,challenge:e,rpConfig:t}){let r=(0,we.hexToBytes)(`0x${e}`,{size:32}),n={publicKey:{authenticatorSelection:{residentKey:"preferred",userVerification:"required"},challenge:r,excludeCredentials:[],pubKeyCredParams:[{type:"public-key",alg:-7},{type:"public-key",alg:-257}],rp:{name:t.rpName,id:t.rpId},user:{...s,id:fe.Base64.toUint8Array(s.id)}}},o=await navigator.credentials.create(n);if(o===null)throw new Error("No credential returned");let i=A(o.response.attestationObject),l={rawCredential:(0,G.canonicalize)({authenticatorAttachment:o.authenticatorAttachment,id:o.id,rawId:A(o.rawId),response:{attestationObject:i,clientDataJSON:A(o.response.clientDataJSON)},type:o.type}),origin:t.rpName,rpId:t.rpId};return new b({method:"passkey",id:o.id},(0,G.canonicalize)(l))}async function _e({challenge:s,allowCredentialId:e,rpConfig:t}){let r=(0,we.hexToBytes)(`0x${s}`,{size:32}),n=e?[{type:"public-key",id:fe.Base64.toUint8Array(e)}]:[],o={publicKey:{userVerification:"required",challenge:r,allowCredentials:n}},i=await navigator.credentials.get(o);if(i===null)throw new Error("Failed to get navigator credentials");let a=i.response,l=a.userHandle;if(l===null)throw new Error("User handle cannot be null");let u=A(a.signature),p={rawCredential:(0,G.canonicalize)({authenticatorAttachment:i.authenticatorAttachment,id:i.id,rawId:A(i.rawId),response:{authenticatorData:A(a.authenticatorData),clientDataJSON:A(a.clientDataJSON),signature:u,userHandle:A(l)},type:i.type}),origin:t.rpName,rpId:t.rpId};return new b({method:"passkey",id:i.id},(0,G.canonicalize)(p))}var z=require("viem");var se=require("@noble/curves/ed25519"),Pe=require("@noble/curves/secp256k1");var Le=require("viem/accounts"),Se=require("json-canonicalize");var K=class s{constructor(e,t,r,n=Math.floor(Date.now()/1e3)+3600){c(this,"ephId");c(this,"ephPK");c(this,"signAlg");c(this,"expiry");this.validateInputs(e,t,r,n),this.ephId=e,this.ephPK=(0,z.toHex)(t),this.signAlg=r,this.expiry=n}validateInputs(e,t,r,n){h("ephId",e),Ie(t,r),g(Number.isInteger(n)===!1,"expiry must be an integer");let o=Math.floor(Date.now()/1e3),i=n-o,a=i>0&&i<=365*24*60*60;g(!a,`lifetime must be greater than 0 and less than or equal to 365 days expiry - now ${i}, expiry ${n} now secs ${o}`)}toJSON(){try{return(0,Se.canonicalize)({ephId:this.ephId,ephPK:this.ephPK,expiry:this.expiry,signAlg:this.signAlg})}catch(e){throw console.error("Error while serializing ephemeral key claim",e),new Error("Error while serializing ephemeral key claim")}}static generateKeys(e,t){let r=j(e),n=O(r,e),o=new s((0,z.toHex)(n),n,e,t);return{privKey:r,pubKey:n,ephClaim:o}}};async function Je({setup:s,challenge:e,ephSK:t,ephClaim:r}){let n={setup:s,challenge:e},o=new TextEncoder().encode((0,Se.canonicalize)(n)),i=await pt(o,t,r.signAlg);return new b({method:"ephemeral",id:r.ephId},i)}async function pt(s,e,t){switch(t){case"ed25519":return(0,z.toHex)(se.ed25519.sign(s,e));case"secp256k1":return await(0,Le.signMessage)({message:{raw:s},privateKey:(0,z.toHex)(e)});default:throw new Error("Invalid signature algorithm")}}function j(s){switch(s){case"ed25519":return se.ed25519.utils.randomPrivateKey();case"secp256k1":return Pe.secp256k1.utils.randomPrivateKey();default:throw new Error("Invalid signature algorithm")}}function O(s,e){switch(e){case"ed25519":return se.ed25519.getPublicKey(s);case"secp256k1":return Pe.secp256k1.getPublicKey(s,!1);default:throw new Error("Invalid signature algorithm")}}var He=require("viem");var b=class{constructor(e,t){this.credentials=e;this.signature=t;this.credentials=e,this.signature=t}},$=class{constructor(e,t){c(this,"browserWallet");c(this,"eoa");this.validateInputs(e,t),this.browserWallet=t,this.eoa=e}validateInputs(e,t){g(!(0,He.isAddress)(e),"invalid Ethereum address format"),g(!((t==null?void 0:t.signTypedData)instanceof Function),"invalid browserWallet")}async authenticate({payload:e,challenge:t}){return H(e,[S,M,I,C,m,R,w,P],"eoa"),await Be({setup:e,eoa:this.eoa,challenge:t,browserWallet:this.browserWallet})}},V=class{constructor(e,t,r){c(this,"ephSK");c(this,"ephClaim");Me(t,r),this.ephSK=t;let n=O(this.ephSK,r);this.ephClaim=new K(e,n,r)}async authenticate({payload:e,challenge:t}){return H(e,[m,C,R],"ephemeral"),await Je({setup:e,challenge:t,ephSK:this.ephSK,ephClaim:this.ephClaim})}},q=class{constructor(e,t){c(this,"rpConfig");c(this,"allowCredentialId");this.rpConfig=e,this.allowCredentialId=t}async authenticate({payload:e,challenge:t}){return H(e,[S,I,m,R,M,C,w,P],"passkey"),await _e({allowCredentialId:this.allowCredentialId,challenge:t,rpConfig:this.rpConfig})}},W=class{constructor(e,t){c(this,"rpConfig");c(this,"user");this.rpConfig=e,this.user=t}async authenticate({payload:e,challenge:t}){return H(e,[D],"passkey"),await Fe({user:this.user,challenge:t,rpConfig:this.rpConfig})}};var Q=require("json-canonicalize");var B=class{constructor(e){c(this,"walletProviderUrl");c(this,"apiVersion","v1");this.walletProviderUrl=`${e.walletProviderUrl}/${e.apiVersion}`,this.apiVersion=e.apiVersion}getVersion(){return this.apiVersion}async startKeygen({setups:e,authModule:t}){return(this.apiVersion==="v1"?this.connect.bind(this):this.connectV2.bind(this))("keygen",e,t).then(n=>{try{return JSON.parse(n)}catch{throw new Error(`Failed to parse keygen response: ${n}`)}})}async startKeyRefresh({payload:e,authModule:t}){if(this.apiVersion==="v2")throw new Error("Key refresh is not supported in v2 API");return this.connect.bind(this)("keyRefresh",e,t).then(n=>{try{return JSON.parse(n)}catch{throw new Error(`Failed to parse key refresh response: ${n}`)}})}async startSigngen({setup:e,authModule:t}){return(this.apiVersion==="v1"?this.connect.bind(this):this.connectV2.bind(this))("signgen",e,t).then(n=>{try{return JSON.parse(n)}catch{throw new Error(`Failed to parse signgen response: ${n}`)}})}async addEphemeralKey({payload:e,authModule:t}){return(this.apiVersion==="v1"?this.connect.bind(this):this.connectV2.bind(this))("addEphemeralKey",e,t).then(n=>{try{return JSON.parse(n)}catch{throw new Error(`Failed to parse add ephemeral key response: ${n}`)}})}async revokeEphemeralKey({payload:e,authModule:t}){return(this.apiVersion==="v1"?this.connect.bind(this):this.connectV2.bind(this))("revokeEphemeralKey",e,t).then(n=>{try{return JSON.parse(n)}catch{throw new Error(`Failed to parse revoke ephemeral key response: ${n}`)}})}async registerPasskey({payload:e,authModule:t}){if(this.apiVersion==="v2")throw new Error("Passkey registration is not supported in v2 API");return this.connect.bind(this)("registerPasskey",e,t).then(n=>({passkeyCredentialId:n}))}async updatePolicy({payload:e,authModule:t}){return(this.apiVersion==="v1"?this.connect.bind(this):this.connectV2.bind(this))("updatePolicy",e,t).then(n=>{try{return JSON.parse(n)}catch{throw new Error(`Failed to parse update policy response: ${n}`)}})}async deletePolicy({payload:e,authModule:t}){return(this.apiVersion==="v1"?this.connect.bind(this):this.connectV2.bind(this))("deletePolicy",e,t).then(n=>{try{return JSON.parse(n)}catch{throw new Error(`Failed to parse delete policy response: ${n}`)}})}connect(e,t,r){return new Promise((n,o)=>{let i=new WebSocket(`${this.walletProviderUrl}/${e}`),a=0;return console.debug("Connecting to ",i.url),i.addEventListener("open",l=>{switch(console.debug(`Connection opened in state ${a} with event ${JSON.stringify(l,void 0,"	")}`),a){case 0:{a=1;try{let u=(0,Q.canonicalize)({payload:t});console.debug("Sending request:",u),i.send(u)}catch(u){this.finishWithError(i,a,u,"open event",o)}break}case 1:case 2:this.finishWithError(i,a,"Unexpected message in state waitingForResult.","open event",o);break;case 3:break}}),i.addEventListener("message",async l=>{switch(console.debug(`Connection message in state ${a} with event data ${JSON.stringify(l.data,void 0,"	")}`),a){case 0:this.finishWithError(i,a,"Unexpected message in state initiated.","message event",o);break;case 1:{a=2;try{let u=l.data,d=await new x(r,this.apiVersion).build(e,t,{challenge:u});i.send((0,Q.canonicalize)(d))}catch(u){this.finishWithError(i,a,u,"message event",o)}break}case 2:{a=3,i.close(),n(l.data);break}case 3:break}}),i.addEventListener("error",l=>{this.finishWithError(i,a,`Connection encountered an error event: ${JSON.stringify(l,void 0,"	")}`,"error event",o)}),i.addEventListener("close",l=>{let u=l.reason||"No specific reason provided.",d=l.code;console.debug(`Connection closed. State: ${a}, Code: ${d}, Reason: '${u}'`);let p=d>=4e3?`Application Error ${d}: ${u}`:d===1006?"Connection Abnormality (Code 1006): Server closed connection unexpectedly or network issue.":`WebSocket Closed Unexpectedly (Code ${d}): ${u}`;this.finishWithError(i,a,new Error(p),"close event",o)}),()=>{(i.readyState===WebSocket.OPEN||i.readyState===WebSocket.CONNECTING)&&i.close(1001,"Cleanup/Unmount")}})}connectV2(e,t,r){return new Promise((n,o)=>{let i=new WebSocket(`${this.walletProviderUrl}/${e}`),a=0;return console.debug("Connecting to ",i.url),i.addEventListener("open",async l=>{switch(console.debug(`Connection opened in state ${a} with event ${JSON.stringify(l,void 0,"	")}`),a){case 0:a=2;try{let u=await new x(r,this.apiVersion).build(e,t);i.send((0,Q.canonicalize)({payload:t,userSigs:u}))}catch(u){this.finishWithError(i,a,u,"open event",o)}break;case 2:a=3,this.finishWithError(i,a,"Unexpected message in state waitingForResult.","open event",o);break;case 3:break}}),i.addEventListener("message",async l=>{switch(console.debug(`Connection message in state ${a} with event ${JSON.stringify(l,void 0,"	")}`),a){case 0:this.finishWithError(i,a,"Unexpected message in state initiated.","message event",o);break;case 2:{a=3,i.close(),n(l.data);break}case 3:break}}),i.addEventListener("error",l=>{this.finishWithError(i,a,`Connection encountered an error event: ${JSON.stringify(l,void 0,"	")}`,"error event",o)}),i.addEventListener("close",l=>{let u=l.reason||"No specific reason provided.",d=l.code;console.debug(`Connection closed. State: ${a}, Code: ${d}, Reason: '${u}'`);let p=d>=4e3?`Application Error ${d}: ${u}`:d===1006?"Connection Abnormality (Code 1006): Server closed connection unexpectedly or network issue.":`WebSocket Closed Unexpectedly (Code ${d}): ${u}`;this.finishWithError(i,a,new Error(p),"close event",o)}),()=>{(i.readyState===WebSocket.OPEN||i.readyState===WebSocket.CONNECTING)&&i.close(1001,"Cleanup/Unmount")}})}finishWithError(e,t,r,n,o){t!==3&&(console.error(`Error from ${n} in state ${t}:`,r),t=3,o(r instanceof Error?r:new Error(String(r)))),e.readyState===WebSocket.OPEN&&e.close(1e3,`Protocol run failed. Client attempted to close connection in state ${t}`)}},E=class{constructor(e){c(this,"walletProviderUrl");c(this,"apiVersion","v1");this.walletProviderUrl=`${e.walletProviderUrl}/${e.apiVersion}`,this.apiVersion=e.apiVersion}getVersion(){return this.apiVersion}async startKeygen({setups:e}){return this.connect.bind(this)("keygen",e).then(r=>{try{return JSON.parse(r)}catch{throw new Error(`Failed to parse keygen response: ${r}`)}})}async startSigngen({setup:e}){return this.connect.bind(this)("signgen",e).then(r=>{try{return JSON.parse(r)}catch{throw new Error(`Failed to parse signgen response: ${r}`)}})}async startKeyRefresh({payload:e}){if(this.apiVersion==="v2")throw new Error("Key refresh is not supported in v2 API");return this.connect.bind(this)("keyRefresh",e).then(r=>{try{return JSON.parse(r)}catch{throw new Error(`Failed to parse key refresh response: ${r}`)}})}async updatePolicy({payload:e}){return this.connect.bind(this)("updatePolicy",e).then(r=>{try{return JSON.parse(r)}catch{throw new Error(`Failed to parse update policy response: ${r}`)}})}async deletePolicy({payload:e}){return this.connect.bind(this)("deletePolicy",e).then(r=>{try{return JSON.parse(r)}catch{throw new Error(`Failed to parse delete policy response: ${r}`)}})}connect(e,t){return new Promise((r,n)=>{let o=0,i=new WebSocket(`${this.walletProviderUrl}/${e}`);i.addEventListener("open",async a=>{switch(console.debug(`Connection opened in state ${o} with event ${JSON.stringify(a,void 0,"	")}`),o){case 0:o=2;try{i.send((0,Q.canonicalize)({payload:t}))}catch(l){n(l)}break;case 2:o=3,n("Incorrect protocol state");break;case 3:break}}),i.addEventListener("message",async a=>{switch(console.debug(`Connection message in state ${o} with event ${JSON.stringify(a,void 0,"	")}`),o){case 0:o=3,n("Incorrect protocol state");break;case 2:{o=3,i.close(),r(a.data);break}case 3:break}}),i.addEventListener("error",a=>{console.debug(`Connection error in state ${o} with event ${JSON.stringify(a,void 0,"	")}`),o!=3&&(o=3,n("Incorrect protocol state"))}),i.addEventListener("close",a=>{console.debug(`Connection closed in state ${o} with event ${JSON.stringify(a,void 0,"	")}`),o!=3&&(o=3,n("Incorrect protocol state"))})})}};var F=class{constructor(e,t){c(this,"authModule");c(this,"wpClient");if(!t&&!(e instanceof E))throw new Error("missing authModule for wallet provider client in auth mode");if(t&&e instanceof E)throw new Error("authModule is required but using wallet provider client in no-auth mode");this.authModule=t,this.wpClient=e}validateQuorumSetup({threshold:e,totalNodes:t}){e&&g(e<2,`Threshold = ${e} must be at least 2`),e&&t&&g(t<e,`Total nodes = ${t} must be greater or equal to threshold = ${e}`)}async generateKey(e,t,r,n,o){this.validateQuorumSetup({threshold:e,totalNodes:t});let i=r.map(a=>new S({t:e,n:t,ephClaim:n,policy:o,signAlg:a}));return this.authModule?await this.wpClient.startKeygen({setups:i,authModule:this.authModule}):await this.wpClient.startKeygen({setups:i})}async signMessage(e,t,r,n){this.validateQuorumSetup({threshold:e}),Oe(r);let o=new m({t:e,key_id:t,signAlg:r,message:n});if(this.authModule){if(this.authModule instanceof q&&new Map(Object.entries(JSON.parse(n))).size>1)throw new Error("For Passkey Authentication only one message in signing request is supported");return await this.wpClient.startSigngen({setup:o,authModule:this.authModule})}else return await this.wpClient.startSigngen({setup:o})}async refreshKey(e,t,r){let n=new M({t:e,keyId:t,signAlg:r});return this.authModule?await this.wpClient.startKeyRefresh({payload:n,authModule:this.authModule}):await this.wpClient.startKeyRefresh({payload:n})}async addEphemeralKey(e,t){let r=new I(e,t);if(!this.authModule)throw new Error("Add ephemeral key is not supported in no auth mode");return await this.wpClient.addEphemeralKey({payload:r,authModule:this.authModule})}async revokeEphemeralKey(e,t){h("keyId",e);let r=new C(e,t);if(!this.authModule)throw new Error("Revoke ephemeral key is not supported in no auth mode");return await this.wpClient.revokeEphemeralKey({payload:r,authModule:this.authModule})}async registerPasskey(e){let t=new D(e!=null?e:"passkey options");if(!this.authModule)throw new Error("Register passkey is not supported in no auth mode");return await this.wpClient.registerPasskey({payload:t,authModule:this.authModule})}async updatePolicy(e,t){let r=new w({keyId:e,policy:t});return this.authModule?await this.wpClient.updatePolicy({payload:r,authModule:this.authModule}):await this.wpClient.updatePolicy({payload:r})}async deletePolicy(e){let t=new P({keyId:e});return this.authModule?await this.wpClient.deletePolicy({payload:t,authModule:this.authModule}):await this.wpClient.deletePolicy({payload:t})}};var Ge=require("json-canonicalize");var Re=class extends Error{constructor(t,r,n){super(n||r);this.status=t;this.statusText=r;this.name="HttpError"}},_=class{constructor(e="",t={}){c(this,"baseURL");c(this,"defaultHeaders");this.baseURL=e,this.validateHeaders(t),this.defaultHeaders={"Content-Type":"application/json",...t}}validateHeaders(e){if(typeof e!="object"||e===null)throw new Error("Headers must be an object.");for(let[t,r]of Object.entries(e))if(typeof t!="string"||typeof r!="string")throw new Error(`Invalid header: ${t}. Header names and values must be strings.`)}setDefaultHeaders(e){this.defaultHeaders={...this.defaultHeaders,...e}}buildUrl(e){return`${this.baseURL}${e}`}async handleResponse(e){if(!e.ok){let r;try{r=(await e.json()).message||e.statusText}catch{r=e.statusText}throw new Re(e.status,e.statusText,r)}let t=e.headers.get("content-type");return t&&t.includes("application/json")?e.json():e.text()}async request(e,t,r,n={}){let o=this.buildUrl(t),i={...this.defaultHeaders,...n.headers},a={method:e,headers:i,...n,body:r?(0,Ge.canonicalize)(r):null},l=await fetch(o,a);return this.handleResponse(l)}async get(e,t){return this.request("GET",e,void 0,t)}async post(e,t,r){return this.request("POST",e,t,r)}async put(e,t,r){return this.request("PUT",e,t,r)}async patch(e,t,r){return this.request("PATCH",e,t,r)}async delete(e,t){return this.request("DELETE",e,void 0,t)}};var ne=require("viem/accounts"),ze=require("@noble/curves/secp256k1"),L=require("viem"),ht=require("js-base64");function ie(s){if(s.startsWith("0x")&&(s=s.slice(2)),s.startsWith("04"))return(0,ne.publicKeyToAddress)(`0x${s} `);if(s.startsWith("02")||s.startsWith("03")){let e=ze.secp256k1.ProjectivePoint.fromHex(s).toHex(!1);return(0,ne.publicKeyToAddress)(`0x${e}`)}else throw new Error("Invalid public key")}var Ke={};Ue(Ke,{Action:()=>xe,ChainType:()=>Ee,IssuerType:()=>Ae,Logic:()=>be,Operator:()=>Ce,Policy:()=>ce,Rule:()=>ae,TransactionAttribute:()=>ke,TransactionType:()=>ve});var je=require("json-canonicalize");var oe=512,Ae=(r=>(r.SessionKeyId="SessionKeyId",r.UserId="UserId",r.All="*",r))(Ae||{}),xe=(t=>(t.Allow="allow",t.Deny="deny",t))(xe||{}),be=(t=>(t.Or="or",t.And="and",t))(be||{}),Ee=(r=>(r.Off="off",r.Ethereum="ethereum",r.Solana="solana",r))(Ee||{}),ve=(i=>(i.Eip712="eip712",i.Eip191="eip191",i.Erc20="erc20",i.Erc721="erc721",i.NativeTransfer="nativeTransfer",i.SolanaTransaction="solanaTransaction",i))(ve||{}),ke=(y=>(y.Sender="sender",y.Receiver="receiver",y.NativeValue="nativeValue",y.ChainId="chainId",y.FunctionSelector="functionSelector",y.Message="message",y.VerifyingContract="verifyingContract",y.PrimaryType="primaryType",y.DomainName="domainName",y.DomainVersion="domainVersion",y.SolanaAccountKeys="solanaAccountKeys",y.SplTransferAmount="splTransferAmount",y.SplTokenMint="splTokenMint",y.CustomProgramInstruction="customProgramInstruction",y.SystemInstructionName="systemInstructionName",y.SplInstructionName="splInstructionName",y))(ke||{}),Ce=(l=>(l.Eq="eq",l.Neq="neq",l.Lt="lt",l.Lte="lte",l.Gt="gt",l.Gte="gte",l.In="in",l.All="all",l))(Ce||{}),ae=class{constructor({description:e,chain_type:t,conditions:r,issuer:n,action:o,logic:i}){c(this,"description");c(this,"issuer");c(this,"action");c(this,"logic");c(this,"chain_type");c(this,"conditions");if(!r.length)throw new Error("Rule must have at least one condition");if(!t)throw new Error("Chain type must be set");if(e.length>oe)throw new Error(`Description length exceeds maximum of ${oe}`);this.description=e,this.chain_type=t,this.conditions=r,this.issuer=n||[{type:"*",id:"*"}],this.action=o||"allow",this.logic=i||"and"}},ce=class{constructor({version:e,description:t,rules:r}){c(this,"version");c(this,"description");c(this,"rules");if(!r.length)throw new Error("Policy must have at least one rule");if(t.length>oe)throw new Error(`Description length exceeds maximum of ${oe}`);this.version=e!=null?e:"1.0",this.description=t,this.rules=r}toJSON(){try{return(0,je.canonicalize)({version:this.version,description:this.description,rules:this.rules})}catch(e){throw console.error("Error while serializing policy",e),new Error("Error while serializing policy")}}};var dt={KeygenSetupOpts:S,InitPresignOpts:T,FinishPresignOpts:R,SignSetupOpts:m,UserSignatures:x,NetworkSigner:F,SignRequestBuilder:U,WalletProviderServiceClient:B,NoAuthWalletProviderServiceClient:E,HttpClient:_,EOAAuth:$,EphAuth:V,PasskeyAuth:q,PasskeyRegister:W,generateEphPrivateKey:j,getEphPublicKey:O,EphKeyClaim:K,computeAddress:ie,flattenSignature:re,UpdatePolicyRequest:w,DeletePolicyRequest:P,...Ke};0&&(module.exports={Action,ChainType,DeletePolicyRequest,EOAAuth,EphAuth,EphKeyClaim,FinishPresignOpts,HttpClient,InitPresignOpts,IssuerType,KeygenSetupOpts,Logic,NetworkSigner,NoAuthWalletProviderServiceClient,Operator,PasskeyAuth,PasskeyRegister,Policy,Rule,SignRequestBuilder,SignSetupOpts,TransactionAttribute,TransactionType,UpdatePolicyRequest,UserSignatures,WalletProviderServiceClient,computeAddress,flattenSignature,generateEphPrivateKey,getEphPublicKey});
 /*! Bundled license information:
 @noble/hashes/esm/utils.js:

package/dist/index.d.ts CHANGED Viewed

@@ -1,9 +1,10 @@
 export type { SignRequestType } from './builder/signRequest';
+export type { UserSignaturesOptionalParams } from './builder/userAuth';
 export type { ApiVersion, ClientConfig, IWalletProviderServiceClient, INoAuthWpServiceClient, } from './client/walletProviderServiceClientInterface';
 export type { IBrowserWallet, TypedData } from './auth/EOAauthentication';
 export type { PasskeyUser, RelyingPartyConfig } from './auth/passkeyAuthentication';
 export type { UserAuthentication } from './auth/authentication';
-export type { KeygenResponse, KeyRefreshResponse, SignResponse, AddEphKeyResponse, RevokeEphKeyResponse, RegisterPasskeyResponse, } from './client/networkResponse';
+export type { KeygenResponse, KeyRefreshResponse, SignResponse, AddEphKeyResponse, RevokeEphKeyResponse, RegisterPasskeyResponse, UpdatePolicyResponse, DeletePolicyResponse, } from './client/networkResponse';
 export type { MPCSignAlgorithm } from './client/networkSigner';
 export type { EphKeySignAlgorithm } from './auth/ephemeralAuthentication';
 export type { DSGOpts } from './viemSigner';
@@ -17,6 +18,8 @@ export { EOAAuth, EphAuth, PasskeyAuth, PasskeyRegister } from './auth/authentic
 export { generateEphPrivateKey, getEphPublicKey, EphKeyClaim } from './auth/ephemeralAuthentication';
 export { computeAddress } from './viemSigner';
 export { KeygenSetupOpts, InitPresignOpts, FinishPresignOpts, SignSetupOpts } from './setupMessage';
+export { UpdatePolicyRequest, DeletePolicyRequest } from './client/networkRequest';
+export * from './policy';
 import { SignRequestBuilder } from './builder/signRequest';
 import { UserSignatures } from './builder/userAuth';
 import { NetworkSigner } from './client/networkSigner';
@@ -26,7 +29,18 @@ import { EOAAuth, EphAuth, PasskeyAuth, PasskeyRegister } from './auth/authentic
 import { generateEphPrivateKey, getEphPublicKey, EphKeyClaim } from './auth/ephemeralAuthentication';
 import { computeAddress } from './viemSigner';
 import { KeygenSetupOpts, InitPresignOpts, FinishPresignOpts, SignSetupOpts } from './setupMessage';
+import { UpdatePolicyRequest, DeletePolicyRequest } from './client/networkRequest';
+import * as policy from './policy';
 declare const _default: {
+    IssuerType: typeof policy.IssuerType;
+    Action: typeof policy.Action;
+    Logic: typeof policy.Logic;
+    ChainType: typeof policy.ChainType;
+    TransactionType: typeof policy.TransactionType;
+    TransactionAttribute: typeof policy.TransactionAttribute;
+    Operator: typeof policy.Operator;
+    Rule: typeof policy.Rule;
+    Policy: typeof policy.Policy;
     KeygenSetupOpts: typeof KeygenSetupOpts;
     InitPresignOpts: typeof InitPresignOpts;
     FinishPresignOpts: typeof FinishPresignOpts;
@@ -46,5 +60,7 @@ declare const _default: {
     EphKeyClaim: typeof EphKeyClaim;
     computeAddress: typeof computeAddress;
     flattenSignature: (signgenResponse: import(".").SignResponse) => `0x${string}`;
+    UpdatePolicyRequest: typeof UpdatePolicyRequest;
+    DeletePolicyRequest: typeof DeletePolicyRequest;
 };
 export default _default;

package/dist/index.esm.js CHANGED Viewed

@@ -1,4 +1,4 @@
-var Ce=Object.defineProperty,Ke=Object.defineProperties;var Ie=Object.getOwnPropertyDescriptors;var pe=Object.getOwnPropertySymbols;var Ue=Object.prototype.hasOwnProperty,qe=Object.prototype.propertyIsEnumerable;var Y=(n,e,t)=>e in n?Ce(n,e,{enumerable:!0,configurable:!0,writable:!0,value:t}):n[e]=t,y=(n,e)=>{for(var t in e||(e={}))Ue.call(e,t)&&Y(n,t,e[t]);if(pe)for(var t of pe(e))qe.call(e,t)&&Y(n,t,e[t]);return n},M=(n,e)=>Ke(n,Ie(e));var c=(n,e,t)=>Y(n,typeof e!="symbol"?e+"":e,t);import{canonicalize as Te}from"json-canonicalize";var d=(n,e)=>{g(typeof e!="string","".concat(n," must be string")),g((e==null?void 0:e.trim().length)===0,"".concat(n," cannot be empty"))},he=(n,e)=>{if(g(!(n instanceof Uint8Array),"key must be an Uint8Array"),e==="secp256k1")g(n.length!==65,"secp256k1: key length must be 65 bytes, got "+n.length);else if(e==="ed25519")g(n.length!==32,"ed25519: key length must be 32 bytes, got "+n.length);else throw new Error("Invalid signature algorithm")},le=(n,e)=>{if(g(!(n instanceof Uint8Array),"key must be an Uint8Array"),e==="secp256k1")g(n.length!==32,"secp256k1: key length must be 32 bytes, got "+n.length);else if(e==="ed25519")g(n.length!==32,"ed25519: key length must be 32 bytes, got "+n.length);else throw new Error("Invalid signature algorithm")},de=n=>{g(n!=="ed25519"&&n!=="secp256k1",'signAlg must be either "ed25519" or "secp256k"')},g=(n,e)=>{if(n)throw new Error(e)},Oe=(n,e)=>"Invalid payload ".concat(JSON.stringify(n),", cannot be authenticated by ").concat(e.toLocaleUpperCase()," method."),$=(n,e,t)=>{g(!e.some(r=>n instanceof r),Oe(n,t))};var U=class{constructor(){c(this,"signRequest",new Map)}setRequest(e,t,r){if(d("transactionId",e),d("message",t),d("requestType",r),this.signRequest.has(e))throw new Error("Transaction ID ".concat(e," is already set."));return this.signRequest.set(e,{signingMessage:t,requestType:r}),this}build(){let e={};if(this.signRequest.forEach((t,r)=>{e[r]=t}),Object.keys(e).length===0)throw new Error("No sign request is set.");return Te(e)}};import{canonicalize as we}from"json-canonicalize";import{Base64 as We}from"js-base64";function Me(n){return n instanceof Uint8Array||ArrayBuffer.isView(n)&&n.constructor.name==="Uint8Array"}function Z(n,...e){if(!Me(n))throw new Error("Uint8Array expected");if(e.length>0&&!e.includes(n.length))throw new Error("Uint8Array expected of length "+e+", got length="+n.length)}function ee(n,e=!0){if(n.destroyed)throw new Error("Hash instance has been destroyed");if(e&&n.finished)throw new Error("Hash#digest() has already been called")}function ge(n,e){Z(n);let t=e.outputLen;if(n.length<t)throw new Error("digestInto() expects output buffer of length at least "+t)}var H=n=>new DataView(n.buffer,n.byteOffset,n.byteLength),f=(n,e)=>n<<32-e|n>>>e;function $e(n){if(typeof n!="string")throw new Error("utf8ToBytes expected string, got "+typeof n);return new Uint8Array(new TextEncoder().encode(n))}function te(n){return typeof n=="string"&&(n=$e(n)),Z(n),n}var _=class{clone(){return this._cloneInto()}};function ye(n){let e=r=>n().update(te(r)).digest(),t=n();return e.outputLen=t.outputLen,e.blockLen=t.blockLen,e.create=()=>n(),e}function Ne(n,e,t,r){if(typeof n.setBigUint64=="function")return n.setBigUint64(e,t,r);let s=BigInt(32),o=BigInt(4294967295),i=Number(t>>s&o),a=Number(t&o),u=r?4:0,p=r?0:4;n.setUint32(e+u,i,r),n.setUint32(e+p,a,r)}var fe=(n,e,t)=>n&e^~n&t,me=(n,e,t)=>n&e^n&t^e&t,J=class extends _{constructor(e,t,r,s){super(),this.blockLen=e,this.outputLen=t,this.padOffset=r,this.isLE=s,this.finished=!1,this.length=0,this.pos=0,this.destroyed=!1,this.buffer=new Uint8Array(e),this.view=H(this.buffer)}update(e){ee(this);let{view:t,buffer:r,blockLen:s}=this;e=te(e);let o=e.length;for(let i=0;i<o;){let a=Math.min(s-this.pos,o-i);if(a===s){let u=H(e);for(;s<=o-i;i+=s)this.process(u,i);continue}r.set(e.subarray(i,i+a),this.pos),this.pos+=a,i+=a,this.pos===s&&(this.process(t,0),this.pos=0)}return this.length+=e.length,this.roundClean(),this}digestInto(e){ee(this),ge(e,this),this.finished=!0;let{buffer:t,view:r,blockLen:s,isLE:o}=this,{pos:i}=this;t[i++]=128,this.buffer.subarray(i).fill(0),this.padOffset>s-i&&(this.process(r,0),i=0);for(let h=i;h<s;h++)t[h]=0;Ne(r,s-8,BigInt(this.length*8),o),this.process(r,0);let a=H(e),u=this.outputLen;if(u%4)throw new Error("_sha2: outputLen should be aligned to 32bit");let p=u/4,l=this.get();if(p>l.length)throw new Error("_sha2: outputLen bigger than state");for(let h=0;h<p;h++)a.setUint32(4*h,l[h],o)}digest(){let{buffer:e,outputLen:t}=this;this.digestInto(e);let r=e.slice(0,t);return this.destroy(),r}_cloneInto(e){e||(e=new this.constructor),e.set(...this.get());let{blockLen:t,buffer:r,length:s,finished:o,destroyed:i,pos:a}=this;return e.length=s,e.pos=a,e.finished=o,e.destroyed=i,s%t&&e.buffer.set(r),e}};var Ve=new Uint32Array([1116352408,1899447441,3049323471,3921009573,961987163,1508970993,2453635748,2870763221,3624381080,310598401,607225278,1426881987,1925078388,2162078206,2614888103,3248222580,3835390401,4022224774,264347078,604807628,770255983,1249150122,1555081692,1996064986,2554220882,2821834349,2952996808,3210313671,3336571891,3584528711,113926993,338241895,666307205,773529912,1294757372,1396182291,1695183700,1986661051,2177026350,2456956037,2730485921,2820302411,3259730800,3345764771,3516065817,3600352804,4094571909,275423344,430227734,506948616,659060556,883997877,958139571,1322822218,1537002063,1747873779,1955562222,2024104815,2227730452,2361852424,2428436474,2756734187,3204031479,3329325298]),A=new Uint32Array([1779033703,3144134277,1013904242,2773480762,1359893119,2600822924,528734635,1541459225]),b=new Uint32Array(64),re=class extends J{constructor(){super(64,32,8,!1),this.A=A[0]|0,this.B=A[1]|0,this.C=A[2]|0,this.D=A[3]|0,this.E=A[4]|0,this.F=A[5]|0,this.G=A[6]|0,this.H=A[7]|0}get(){let{A:e,B:t,C:r,D:s,E:o,F:i,G:a,H:u}=this;return[e,t,r,s,o,i,a,u]}set(e,t,r,s,o,i,a,u){this.A=e|0,this.B=t|0,this.C=r|0,this.D=s|0,this.E=o|0,this.F=i|0,this.G=a|0,this.H=u|0}process(e,t){for(let h=0;h<16;h++,t+=4)b[h]=e.getUint32(t,!1);for(let h=16;h<64;h++){let T=b[h-15],I=b[h-2],ue=f(T,7)^f(T,18)^T>>>3,X=f(I,17)^f(I,19)^I>>>10;b[h]=X+b[h-7]+ue+b[h-16]|0}let{A:r,B:s,C:o,D:i,E:a,F:u,G:p,H:l}=this;for(let h=0;h<64;h++){let T=f(a,6)^f(a,11)^f(a,25),I=l+T+fe(a,u,p)+Ve[h]+b[h]|0,X=(f(r,2)^f(r,13)^f(r,22))+me(r,s,o)|0;l=p,p=u,u=a,a=i+I|0,i=o,o=s,s=r,r=I+X|0}r=r+this.A|0,s=s+this.B|0,o=o+this.C|0,i=i+this.D|0,a=a+this.E|0,u=u+this.F|0,p=p+this.G|0,l=l+this.H|0,this.set(r,s,o,i,a,u,p,l)}roundClean(){b.fill(0)}destroy(){this.set(0,0,0,0,0,0,0,0),this.buffer.fill(0)}};var ne=ye(()=>new re);import{stringToBytes as De,toHex as Be}from"viem";var S=n=>We.fromUint8Array(new Uint8Array(n),!0),se=n=>{let e=De(n),t=ne(ne(e));return Be(t,{size:32}).slice(2)};var R=class{constructor(e,t){c(this,"userAuthentications");c(this,"authModule");c(this,"apiVersion");this.authModule=e,this.userAuthentications=new Map,this.apiVersion=t}async setDefaultAuth(e,t){let r=await this.authModule.authenticate({payload:e,challenge:t!=null?t:se(we(e))});this.userAuthentications.set("default",r)}async setKeygenUserSigs(e,t){if(this.apiVersion==="v1"&&!t)throw new Error("no challenge response for keygen");for(let r of e){let s=r.signAlg,o=t?t[s]:se(we(r));if(o){let i=await this.authModule.authenticate({payload:r,challenge:o});this.userAuthentications.set(s,i)}else throw new Error("no final challenge found in response for ".concat(s))}}async setSigngenUserSigs(e,t){if(this.apiVersion==="v1"&&!t)throw new Error("no challenge response for signgen v1");await this.setDefaultAuth(e,t)}async setAddEphKeyUserSigs(e,t){if(this.apiVersion==="v1"&&!t)throw new Error("no challenge response for add ephemeral key v1");await this.setDefaultAuth(e,t)}async setRevokeEphKeyUserSigs(e,t){if(this.apiVersion==="v1"&&!t)throw new Error("no challenge response for revoke ephemeral key v1");await this.setDefaultAuth(e,t)}async setRegisterPasskeyUserSigs(e,t){if(!t)throw new Error("missing challenge response for registerPasskey");await this.setDefaultAuth(e,t)}async setKeyRefreshUserSigs(e,t){if(!t)throw new Error("missing challenge response for keyRefresh");await this.setDefaultAuth(e,t)}async setFinishPresignUserSigs(e,t){await this.setDefaultAuth(e,t)}async build(e,t,r){if(e==="keygen"){let s=r?JSON.parse(r):void 0;await this.setKeygenUserSigs(t,s)}else e==="signgen"?await this.setSigngenUserSigs(t,r):e==="addEphemeralKey"?await this.setAddEphKeyUserSigs(t,r):e==="revokeEphemeralKey"?await this.setRevokeEphKeyUserSigs(t,r):e==="registerPasskey"?await this.setRegisterPasskeyUserSigs(t,r):e==="keyRefresh"?await this.setKeyRefreshUserSigs(t,r):e==="finishPresign"&&await this.setFinishPresignUserSigs(t,r);return Object.fromEntries(this.userAuthentications)}};var ie=n=>{let{sign:e,recid:t}=n,r=(27+t).toString(16);return"0x".concat(e).concat(r)};var x=class{constructor(e,t){c(this,"key_id");c(this,"eph_claim");d("keyId",e),this.key_id=e,this.eph_claim=t.toJSON()}get eoaRequestSchema(){return{Request:[{name:"setup",type:"RevokeEphKeyRequest"},{name:"challenge",type:"string"}],RevokeEphKeyRequest:[{name:"key_id",type:"string"},{name:"eph_claim",type:"string"}]}}},v=class{constructor(e,t){c(this,"key_id_list");c(this,"eph_claim");for(let r of e)d("keyId",r);this.key_id_list=e,this.eph_claim=t.toJSON()}get eoaRequestSchema(){return{Request:[{name:"setup",type:"AddEphKeyRequest"},{name:"challenge",type:"string"}],AddEphKeyRequest:[{name:"key_id_list",type:"string[]"},{name:"eph_claim",type:"string"}]}}},q=class{constructor(e){c(this,"options");d("options",e),this.options=e}},k=class{constructor({t:e,keyId:t,signAlg:r}){c(this,"t");c(this,"key_id");c(this,"sign_alg");d("keyId",t),d("signAlg",r),this.t=e,this.key_id=t,this.sign_alg=r}get eoaRequestSchema(){return{Request:[{name:"setup",type:"KeyRefreshRequest"},{name:"challenge",type:"string"}],KeyRefreshRequest:[{name:"t",type:"uint32"},{name:"key_id",type:"string"},{name:"sign_alg",type:"string"}]}}};var Fe=[{name:"tag",type:"uint16"},{name:"value",type:"string"}],w=class{constructor({t:e,n:t,ephClaim:r,permissions:s,signAlg:o}){c(this,"t");c(this,"n");c(this,"ephClaim");c(this,"metadata");c(this,"signAlg");d("signAlg",o),this.t=e,this.n=t,this.signAlg=o,this.ephClaim=r==null?void 0:r.toJSON(),this.metadata=[],s&&this.metadata.push({tag:1,value:s})}get eoaRequestSchema(){return{Request:[{name:"setup",type:"KeygenSetupOpts"},{name:"challenge",type:"string"}],KeygenSetupOpts:this.ephClaim?[{name:"t",type:"uint32"},{name:"n",type:"uint32"},{name:"ephClaim",type:"string"},{name:"metadata",type:"TaggedValue[]"}]:[{name:"t",type:"uint32"},{name:"n",type:"uint32"},{name:"metadata",type:"TaggedValue[]"}],TaggedValue:Fe}}},m=class{constructor({t:e,key_id:t,signAlg:r,message:s}){c(this,"t");c(this,"key_id");c(this,"message");c(this,"signAlg");d("keyId",t),d("signAlg",r),d("message",s),this.t=e,this.key_id=t,this.message=s,this.signAlg=r}get eoaRequestSchema(){return{Request:[{name:"setup",type:"SignSetupOpts"},{name:"challenge",type:"string"}],SignSetupOpts:[{name:"t",type:"uint32"},{name:"key_id",type:"string"},{name:"signAlg",type:"string"},{name:"message",type:"string"}]}}},N=class{constructor({amount:e,keyId:t,t:r,expiryInSecs:s}){c(this,"amount");c(this,"key_id");c(this,"t");c(this,"expiry");if(e<=0)throw new Error("Amount must be greater than 0");d("keyId",t),this.amount=e,this.key_id=t,this.t=r,this.expiry=s!=null?s:Math.floor(Date.now()/1e3)+7*24*3600}},P=class{constructor({presignSessionId:e,message:t}){c(this,"presignSessionId");c(this,"message");d("presignSessionId",e),d("message",t),this.presignSessionId=e,this.message=t}get eoaRequestSchema(){return{Request:[{name:"setup",type:"FinishPresignOpts"},{name:"challenge",type:"string"}],FinishPresignOpts:[{name:"presignSessionId",type:"string"},{name:"message",type:"string"}]}}};var Le={name:"SilentShard authentication",version:"0.1.0"},_e=[{name:"name",type:"string"},{name:"version",type:"string"}];function He(n,e){let t={setup:n,challenge:e};return{types:y({EIP712Domain:_e},n.eoaRequestSchema),domain:Le,primaryType:"Request",message:t}}async function Se({setup:n,eoa:e,challenge:t,browserWallet:r}){let s=He(n,t),o=await r.signTypedData(e,s);return{credentials:{credentials:"",method:"eoa",id:e},signature:o}}import{Base64 as Pe}from"js-base64";import{hexToBytes as Ae}from"viem";import{canonicalize as G}from"json-canonicalize";async function be({user:n,challenge:e,rpConfig:t}){let r=Ae("0x".concat(e),{size:32}),s={publicKey:{authenticatorSelection:{residentKey:"preferred",userVerification:"required"},challenge:r,excludeCredentials:[],pubKeyCredParams:[{type:"public-key",alg:-7},{type:"public-key",alg:-257}],rp:{name:t.rpName,id:t.rpId},user:M(y({},n),{id:Pe.toUint8Array(n.id)})}},o=await navigator.credentials.create(s);if(o===null)throw new Error("No credential returned");let i=S(o.response.attestationObject),u={rawCredential:G({authenticatorAttachment:o.authenticatorAttachment,id:o.id,rawId:S(o.rawId),response:{attestationObject:i,clientDataJSON:S(o.response.clientDataJSON)},type:o.type}),origin:t.rpName,rpId:t.rpId};return{credentials:{credentials:"",method:"passkey",id:o.id},signature:G(u)}}async function Re({challenge:n,allowCredentialId:e,rpConfig:t}){let r=Ae("0x".concat(n),{size:32}),s=e?[{type:"public-key",id:Pe.toUint8Array(e)}]:[],o={publicKey:{userVerification:"required",challenge:r,allowCredentials:s}},i=await navigator.credentials.get(o);if(i===null)throw new Error("Failed to get navigator credentials");let a=i.response,u=a.userHandle;if(u===null)throw new Error("User handle cannot be null");let p=S(a.signature),h={rawCredential:G({authenticatorAttachment:i.authenticatorAttachment,id:i.id,rawId:S(i.rawId),response:{authenticatorData:S(a.authenticatorData),clientDataJSON:S(a.clientDataJSON),signature:p,userHandle:S(u)},type:i.type}),origin:t.rpName,rpId:t.rpId};return{credentials:{credentials:"",method:"passkey",id:i.id},signature:G(h)}}import{toHex as z}from"viem";import{ed25519 as oe}from"@noble/curves/ed25519";import{secp256k1 as xe}from"@noble/curves/secp256k1";import{signMessage as Je}from"viem/accounts";import{canonicalize as Ee}from"json-canonicalize";var C=class n{constructor(e,t,r,s=Math.floor(Date.now()/1e3)+3600){c(this,"ephId");c(this,"ephPK");c(this,"signAlg");c(this,"expiry");this.validateInputs(e,t,r,s),this.ephId=e,this.ephPK=z(t),this.signAlg=r,this.expiry=s}validateInputs(e,t,r,s){d("ephId",e),he(t,r),g(Number.isInteger(s)===!1,"expiry must be an integer");let o=Math.floor(Date.now()/1e3),i=s-o,a=i>0&&i<=365*24*60*60;g(!a,"lifetime must be greater than 0 and less than or equal to 365 days expiry - now ".concat(i,", expiry ").concat(s," now secs ").concat(o))}toJSON(){return Ee({ephId:this.ephId,ephPK:this.ephPK,expiry:this.expiry,signAlg:this.signAlg})}static generateKeys(e,t){let r=j(e),s=O(r,e),o=new n(z(s),s,e,t);return{privKey:r,pubKey:s,ephClaim:o}}};async function ve({setup:n,challenge:e,ephSK:t,ephClaim:r}){let s={setup:n,challenge:e},o=new TextEncoder().encode(Ee(s)),i=await Ge(o,t,r.signAlg);return{credentials:{credentials:r.toJSON(),method:"ephemeral",id:r.ephId},signature:i}}async function Ge(n,e,t){switch(t){case"ed25519":return z(oe.sign(n,e));case"secp256k1":return await Je({message:{raw:n},privateKey:z(e)});default:throw new Error("Invalid signature algorithm")}}function j(n){switch(n){case"ed25519":return oe.utils.randomPrivateKey();case"secp256k1":return xe.utils.randomPrivateKey();default:throw new Error("Invalid signature algorithm")}}function O(n,e){switch(e){case"ed25519":return oe.getPublicKey(n);case"secp256k1":return xe.getPublicKey(n,!1);default:throw new Error("Invalid signature algorithm")}}import{isAddress as ze}from"viem";var V=class{constructor(e,t){c(this,"browserWallet");c(this,"eoa");this.validateInputs(e,t),this.browserWallet=t,this.eoa=e}validateInputs(e,t){g(!ze(e),"invalid Ethereum address format"),g(!((t==null?void 0:t.signTypedData)instanceof Function),"invalid browserWallet")}async authenticate({payload:e,challenge:t}){return $(e,[w,k,v,x,m,P],"eoa"),await Se({setup:e,eoa:this.eoa,challenge:t,browserWallet:this.browserWallet})}},W=class{constructor(e,t,r){c(this,"ephSK");c(this,"ephClaim");le(t,r),this.ephSK=t;let s=O(this.ephSK,r);this.ephClaim=new C(e,s,r)}async authenticate({payload:e,challenge:t}){return $(e,[m,x,P],"ephemeral"),await ve({setup:e,challenge:t,ephSK:this.ephSK,ephClaim:this.ephClaim})}},K=class{constructor(e,t){c(this,"rpConfig");c(this,"allowCredentialId");this.rpConfig=e,this.allowCredentialId=t}async authenticate({payload:e,challenge:t}){return $(e,[w,v,x,m,P,k],"passkey"),await Re({allowCredentialId:this.allowCredentialId,challenge:t,rpConfig:this.rpConfig})}},D=class{constructor(e,t){c(this,"rpConfig");c(this,"user");this.rpConfig=e,this.user=t}async authenticate({payload:e,challenge:t}){return $(e,[q],"passkey"),await be({user:this.user,challenge:t,rpConfig:this.rpConfig})}};import{canonicalize as Q}from"json-canonicalize";var B=class{constructor(e){c(this,"walletProviderUrl");c(this,"apiVersion","v1");this.walletProviderUrl="".concat(e.walletProviderUrl,"/").concat(e.apiVersion),this.apiVersion=e.apiVersion}getVersion(){return this.apiVersion}async startKeygen({setups:e,authModule:t}){return(this.apiVersion==="v1"?this.connect.bind(this):this.connectV2.bind(this))("keygen",e,t).then(s=>{try{return JSON.parse(s)}catch(o){throw new Error("Failed to parse keygen response: ".concat(s))}})}async startKeyRefresh({payload:e,authModule:t}){if(this.apiVersion==="v2")throw new Error("Key refresh is not supported in v2 API");return this.connect.bind(this)("keyRefresh",e,t).then(s=>{try{return JSON.parse(s)}catch(o){throw new Error("Failed to parse key refresh response: ".concat(s))}})}async startSigngen({setup:e,authModule:t}){return(this.apiVersion==="v1"?this.connect.bind(this):this.connectV2.bind(this))("signgen",e,t).then(s=>{try{return JSON.parse(s)}catch(o){throw new Error("Failed to parse signgen response: ".concat(s))}})}async addEphemeralKey({payload:e,authModule:t}){return(this.apiVersion==="v1"?this.connect.bind(this):this.connectV2.bind(this))("addEphemeralKey",e,t).then(s=>{try{return JSON.parse(s)}catch(o){throw new Error("Failed to parse add ephemeral key response: ".concat(s))}})}async revokeEphemeralKey({payload:e,authModule:t}){return(this.apiVersion==="v1"?this.connect.bind(this):this.connectV2.bind(this))("revokeEphemeralKey",e,t).then(s=>({status:s}))}async registerPasskey({payload:e,authModule:t}){if(this.apiVersion==="v2")throw new Error("Passkey registration is not supported in v2 API");return this.connect.bind(this)("registerPasskey",e,t).then(s=>({passkeyCredentialId:s}))}connect(e,t,r){return new Promise((s,o)=>{let i=new WebSocket("".concat(this.walletProviderUrl,"/").concat(e)),a=0;return console.debug("Connecting to ",i.url),i.addEventListener("open",u=>{switch(console.debug("Connection opened in state ".concat(a," with event ").concat(JSON.stringify(u,void 0,"	"))),a){case 0:{a=1;try{let p=Q({payload:t});console.debug("Sending request:",p),i.send(p)}catch(p){this.finishWithError(i,a,p,"open event",o)}break}case 1:case 2:this.finishWithError(i,a,"Unexpected message in state waitingForResult.","open event",o);break;case 3:break}}),i.addEventListener("message",async u=>{switch(console.debug("Connection message in state ".concat(a," with event data ").concat(JSON.stringify(u.data,void 0,"	"))),a){case 0:this.finishWithError(i,a,"Unexpected message in state initiated.","message event",o);break;case 1:{a=2;try{let p=u.data,l=await new R(r,this.apiVersion).build(e,t,p);i.send(Q(l))}catch(p){this.finishWithError(i,a,p,"message event",o)}break}case 2:{a=3,i.close(),s(u.data);break}case 3:break}}),i.addEventListener("error",u=>{this.finishWithError(i,a,"Connection encountered an error event: ".concat(JSON.stringify(u,void 0,"	")),"error event",o)}),i.addEventListener("close",u=>{let p=u.reason||"No specific reason provided.",l=u.code;console.debug("Connection closed. State: ".concat(a,", Code: ").concat(l,", Reason: '").concat(p,"'"));let h=l>=4e3?"Application Error ".concat(l,": ").concat(p):l===1006?"Connection Abnormality (Code 1006): Server closed connection unexpectedly or network issue.":"WebSocket Closed Unexpectedly (Code ".concat(l,"): ").concat(p);this.finishWithError(i,a,new Error(h),"close event",o)}),()=>{(i.readyState===WebSocket.OPEN||i.readyState===WebSocket.CONNECTING)&&i.close(1001,"Cleanup/Unmount")}})}connectV2(e,t,r){return new Promise((s,o)=>{let i=new WebSocket("".concat(this.walletProviderUrl,"/").concat(e)),a=0;return console.debug("Connecting to ",i.url),i.addEventListener("open",async u=>{switch(console.debug("Connection opened in state ".concat(a," with event ").concat(JSON.stringify(u,void 0,"	"))),a){case 0:a=2;try{let p=await new R(r,this.apiVersion).build(e,t);i.send(Q({payload:t,userSigs:p}))}catch(p){this.finishWithError(i,a,p,"open event",o)}break;case 2:a=3,this.finishWithError(i,a,"Unexpected message in state waitingForResult.","open event",o);break;case 3:break}}),i.addEventListener("message",async u=>{switch(console.debug("Connection message in state ".concat(a," with event ").concat(JSON.stringify(u,void 0,"	"))),a){case 0:this.finishWithError(i,a,"Unexpected message in state initiated.","message event",o);break;case 2:{a=3,i.close(),s(u.data);break}case 3:break}}),i.addEventListener("error",u=>{this.finishWithError(i,a,"Connection encountered an error event: ".concat(JSON.stringify(u,void 0,"	")),"error event",o)}),i.addEventListener("close",u=>{let p=u.reason||"No specific reason provided.",l=u.code;console.debug("Connection closed. State: ".concat(a,", Code: ").concat(l,", Reason: '").concat(p,"'"));let h=l>=4e3?"Application Error ".concat(l,": ").concat(p):l===1006?"Connection Abnormality (Code 1006): Server closed connection unexpectedly or network issue.":"WebSocket Closed Unexpectedly (Code ".concat(l,"): ").concat(p);this.finishWithError(i,a,new Error(h),"close event",o)}),()=>{(i.readyState===WebSocket.OPEN||i.readyState===WebSocket.CONNECTING)&&i.close(1001,"Cleanup/Unmount")}})}finishWithError(e,t,r,s,o){t!==3&&(console.error("Error from ".concat(s," in state ").concat(t,":"),r),t=3,o(r instanceof Error?r:new Error(String(r)))),e.readyState===WebSocket.OPEN&&e.close(1e3,"Protocol run failed. Client attempted to close connection in state ".concat(t))}},E=class{constructor(e){c(this,"walletProviderUrl");c(this,"apiVersion","v1");this.walletProviderUrl="".concat(e.walletProviderUrl,"/").concat(e.apiVersion),this.apiVersion=e.apiVersion}getVersion(){return this.apiVersion}async startKeygen({setups:e}){return this.connect.bind(this)("keygen",e).then(r=>{try{return JSON.parse(r)}catch(s){throw new Error("Failed to parse keygen response: ".concat(r))}})}async startSigngen({setup:e}){return this.connect.bind(this)("signgen",e).then(r=>{try{return JSON.parse(r)}catch(s){throw new Error("Failed to parse signgen response: ".concat(r))}})}async startKeyRefresh({payload:e}){if(this.apiVersion==="v2")throw new Error("Key refresh is not supported in v2 API");return this.connect.bind(this)("keyRefresh",e).then(r=>{try{return JSON.parse(r)}catch(s){throw new Error("Failed to parse key refresh response: ".concat(r))}})}connect(e,t){return new Promise((r,s)=>{let o=0,i=new WebSocket("".concat(this.walletProviderUrl,"/").concat(e));i.addEventListener("open",async a=>{switch(console.debug("Connection opened in state ".concat(o," with event ").concat(JSON.stringify(a,void 0,"	"))),o){case 0:o=2;try{i.send(Q({payload:t}))}catch(u){s(u)}break;case 2:o=3,s("Incorrect protocol state");break;case 3:break}}),i.addEventListener("message",async a=>{switch(console.debug("Connection message in state ".concat(o," with event ").concat(JSON.stringify(a,void 0,"	"))),o){case 0:o=3,s("Incorrect protocol state");break;case 2:{o=3,i.close(),r(a.data);break}case 3:break}}),i.addEventListener("error",a=>{console.debug("Connection error in state ".concat(o," with event ").concat(JSON.stringify(a,void 0,"	"))),o!=3&&(o=3,s("Incorrect protocol state"))}),i.addEventListener("close",a=>{console.debug("Connection closed in state ".concat(o," with event ").concat(JSON.stringify(a,void 0,"	"))),o!=3&&(o=3,s("Incorrect protocol state"))})})}};var F=class{constructor(e,t){c(this,"authModule");c(this,"wpClient");if(!t&&!(e instanceof E))throw new Error("missing authModule for wallet provider client in auth mode");if(t&&e instanceof E)throw new Error("authModule is required but using wallet provider client in no-auth mode");this.authModule=t,this.wpClient=e}validateQuorumSetup({threshold:e,totalNodes:t}){e&&g(e<2,"Threshold = ".concat(e," must be at least 2")),e&&t&&g(t<e,"Total nodes = ".concat(t," must be greater or equal to threshold = ").concat(e))}async generateKey(e,t,r,s,o){this.validateQuorumSetup({threshold:e,totalNodes:t});let i=r.map(a=>new w({t:e,n:t,ephClaim:s,permissions:o,signAlg:a}));return this.authModule?await this.wpClient.startKeygen({setups:i,authModule:this.authModule}):await this.wpClient.startKeygen({setups:i})}async signMessage(e,t,r,s){this.validateQuorumSetup({threshold:e}),de(r);let o=new m({t:e,key_id:t,signAlg:r,message:s});if(this.authModule){if(this.authModule instanceof K&&new Map(Object.entries(JSON.parse(s))).size>1)throw new Error("For Passkey Authentication only one message in signing request is supported");return await this.wpClient.startSigngen({setup:o,authModule:this.authModule})}else return await this.wpClient.startSigngen({setup:o})}async refreshKey(e,t,r){let s=new k({t:e,keyId:t,signAlg:r});return this.authModule?await this.wpClient.startKeyRefresh({payload:s,authModule:this.authModule}):await this.wpClient.startKeyRefresh({payload:s})}async addEphemeralKey(e,t){let r=new v(e,t);if(!this.authModule)throw new Error("Add ephemeral key is not supported in no auth mode");return await this.wpClient.addEphemeralKey({payload:r,authModule:this.authModule})}async revokeEphemeralKey(e,t){d("keyId",e);let r=new x(e,t);if(!this.authModule)throw new Error("Revoke ephemeral key is not supported in no auth mode");return await this.wpClient.revokeEphemeralKey({payload:r,authModule:this.authModule})}async registerPasskey(e){let t=new q(e!=null?e:"passkey options");if(!this.authModule)throw new Error("Register passkey is not supported in no auth mode");return await this.wpClient.registerPasskey({payload:t,authModule:this.authModule})}};import{canonicalize as je}from"json-canonicalize";var ae=class extends Error{constructor(t,r,s){super(s||r);this.status=t;this.statusText=r;this.name="HttpError"}},L=class{constructor(e="",t={}){c(this,"baseURL");c(this,"defaultHeaders");this.baseURL=e,this.validateHeaders(t),this.defaultHeaders=y({"Content-Type":"application/json"},t)}validateHeaders(e){if(typeof e!="object"||e===null)throw new Error("Headers must be an object.");for(let[t,r]of Object.entries(e))if(typeof t!="string"||typeof r!="string")throw new Error("Invalid header: ".concat(t,". Header names and values must be strings."))}setDefaultHeaders(e){this.defaultHeaders=y(y({},this.defaultHeaders),e)}buildUrl(e){return"".concat(this.baseURL).concat(e)}async handleResponse(e){if(!e.ok){let r;try{r=(await e.json()).message||e.statusText}catch(s){r=e.statusText}throw new ae(e.status,e.statusText,r)}let t=e.headers.get("content-type");return t&&t.includes("application/json")?e.json():e.text()}async request(e,t,r,s={}){let o=this.buildUrl(t),i=y(y({},this.defaultHeaders),s.headers),a=M(y({method:e,headers:i},s),{body:r?je(r):null}),u=await fetch(o,a);return this.handleResponse(u)}async get(e,t){return this.request("GET",e,void 0,t)}async post(e,t,r){return this.request("POST",e,t,r)}async put(e,t,r){return this.request("PUT",e,t,r)}async patch(e,t,r){return this.request("PATCH",e,t,r)}async delete(e,t){return this.request("DELETE",e,void 0,t)}};import{publicKeyToAddress as ke,toAccount as br}from"viem/accounts";import{secp256k1 as Qe}from"@noble/curves/secp256k1";import{hashMessage as vr,hashTypedData as kr,keccak256 as Cr,serializeSignature as Kr,serializeTransaction as Ir,toHex as qr}from"viem";import{Base64 as Tr}from"js-base64";function ce(n){if(n.startsWith("0x")&&(n=n.slice(2)),n.startsWith("04"))return ke("0x".concat(n," "));if(n.startsWith("02")||n.startsWith("03")){let e=Qe.ProjectivePoint.fromHex(n).toHex(!1);return ke("0x".concat(e))}else throw new Error("Invalid public key")}var zr={KeygenSetupOpts:w,InitPresignOpts:N,FinishPresignOpts:P,SignSetupOpts:m,UserSignatures:R,NetworkSigner:F,SignRequestBuilder:U,WalletProviderServiceClient:B,NoAuthWalletProviderServiceClient:E,HttpClient:L,EOAAuth:V,EphAuth:W,PasskeyAuth:K,PasskeyRegister:D,generateEphPrivateKey:j,getEphPublicKey:O,EphKeyClaim:C,computeAddress:ce,flattenSignature:ie};export{V as EOAAuth,W as EphAuth,C as EphKeyClaim,P as FinishPresignOpts,L as HttpClient,N as InitPresignOpts,w as KeygenSetupOpts,F as NetworkSigner,E as NoAuthWalletProviderServiceClient,K as PasskeyAuth,D as PasskeyRegister,U as SignRequestBuilder,m as SignSetupOpts,R as UserSignatures,B as WalletProviderServiceClient,ce as computeAddress,zr as default,ie as flattenSignature,j as generateEphPrivateKey,O as getEphPublicKey};
+var Pe=Object.defineProperty,Le=Object.defineProperties;var Je=Object.getOwnPropertyDescriptors;var we=Object.getOwnPropertySymbols;var He=Object.prototype.hasOwnProperty,Ge=Object.prototype.propertyIsEnumerable;var se=(s,e,t)=>e in s?Pe(s,e,{enumerable:!0,configurable:!0,writable:!0,value:t}):s[e]=t,m=(s,e)=>{for(var t in e||(e={}))He.call(e,t)&&se(s,t,e[t]);if(we)for(var t of we(e))Ge.call(e,t)&&se(s,t,e[t]);return s},V=(s,e)=>Le(s,Je(e));var ze=(s,e)=>{for(var t in e)Pe(s,t,{get:e[t],enumerable:!0})};var c=(s,e,t)=>se(s,typeof e!="symbol"?e+"":e,t);import{canonicalize as Qe}from"json-canonicalize";var h=(s,e)=>{g(typeof e!="string","".concat(s," must be string")),g((e==null?void 0:e.trim().length)===0,"".concat(s," cannot be empty"))},Se=(s,e)=>{if(g(!(s instanceof Uint8Array),"key must be an Uint8Array"),e==="secp256k1")g(s.length!==65,"secp256k1: key length must be 65 bytes, got "+s.length);else if(e==="ed25519")g(s.length!==32,"ed25519: key length must be 32 bytes, got "+s.length);else throw new Error("Invalid signature algorithm")},Re=(s,e)=>{if(g(!(s instanceof Uint8Array),"key must be an Uint8Array"),e==="secp256k1")g(s.length!==32,"secp256k1: key length must be 32 bytes, got "+s.length);else if(e==="ed25519")g(s.length!==32,"ed25519: key length must be 32 bytes, got "+s.length);else throw new Error("Invalid signature algorithm")},Ae=s=>{g(s!=="ed25519"&&s!=="secp256k1",'signAlg must be either "ed25519" or "secp256k"')},g=(s,e)=>{if(s)throw new Error(e)},je=(s,e)=>"Invalid payload ".concat(JSON.stringify(s),", cannot be authenticated by ").concat(e.toLocaleUpperCase()," method."),W=(s,e,t)=>{g(!e.some(r=>s instanceof r),je(s,t))};var N=class{constructor(){c(this,"signRequest",new Map)}setRequest(e,t,r){if(h("transactionId",e),h("message",t),h("requestType",r),this.signRequest.has(e))throw new Error("Transaction ID ".concat(e," is already set."));return this.signRequest.set(e,{signingMessage:t,requestType:r}),this}build(){let e={};if(this.signRequest.forEach((t,r)=>{e[r]=t}),Object.keys(e).length===0)throw new Error("No sign request is set.");return Qe(e)}};import{canonicalize as ke}from"json-canonicalize";import{Base64 as tt}from"js-base64";function Xe(s){return s instanceof Uint8Array||ArrayBuffer.isView(s)&&s.constructor.name==="Uint8Array"}function ne(s,...e){if(!Xe(s))throw new Error("Uint8Array expected");if(e.length>0&&!e.includes(s.length))throw new Error("Uint8Array expected of length "+e+", got length="+s.length)}function ie(s,e=!0){if(s.destroyed)throw new Error("Hash instance has been destroyed");if(e&&s.finished)throw new Error("Hash#digest() has already been called")}function xe(s,e){ne(s);let t=e.outputLen;if(s.length<t)throw new Error("digestInto() expects output buffer of length at least "+t)}var j=s=>new DataView(s.buffer,s.byteOffset,s.byteLength),f=(s,e)=>s<<32-e|s>>>e;function Ye(s){if(typeof s!="string")throw new Error("utf8ToBytes expected string, got "+typeof s);return new Uint8Array(new TextEncoder().encode(s))}function oe(s){return typeof s=="string"&&(s=Ye(s)),ne(s),s}var z=class{clone(){return this._cloneInto()}};function be(s){let e=r=>s().update(oe(r)).digest(),t=s();return e.outputLen=t.outputLen,e.blockLen=t.blockLen,e.create=()=>s(),e}function Ze(s,e,t,r){if(typeof s.setBigUint64=="function")return s.setBigUint64(e,t,r);let n=BigInt(32),i=BigInt(4294967295),o=Number(t>>n&i),a=Number(t&i),l=r?4:0,u=r?0:4;s.setUint32(e+l,o,r),s.setUint32(e+u,a,r)}var Ee=(s,e,t)=>s&e^~s&t,ve=(s,e,t)=>s&e^s&t^e&t,Q=class extends z{constructor(e,t,r,n){super(),this.blockLen=e,this.outputLen=t,this.padOffset=r,this.isLE=n,this.finished=!1,this.length=0,this.pos=0,this.destroyed=!1,this.buffer=new Uint8Array(e),this.view=j(this.buffer)}update(e){ie(this);let{view:t,buffer:r,blockLen:n}=this;e=oe(e);let i=e.length;for(let o=0;o<i;){let a=Math.min(n-this.pos,i-o);if(a===n){let l=j(e);for(;n<=i-o;o+=n)this.process(l,o);continue}r.set(e.subarray(o,o+a),this.pos),this.pos+=a,o+=a,this.pos===n&&(this.process(t,0),this.pos=0)}return this.length+=e.length,this.roundClean(),this}digestInto(e){ie(this),xe(e,this),this.finished=!0;let{buffer:t,view:r,blockLen:n,isLE:i}=this,{pos:o}=this;t[o++]=128,this.buffer.subarray(o).fill(0),this.padOffset>n-o&&(this.process(r,0),o=0);for(let p=o;p<n;p++)t[p]=0;Ze(r,n-8,BigInt(this.length*8),i),this.process(r,0);let a=j(e),l=this.outputLen;if(l%4)throw new Error("_sha2: outputLen should be aligned to 32bit");let u=l/4,d=this.get();if(u>d.length)throw new Error("_sha2: outputLen bigger than state");for(let p=0;p<u;p++)a.setUint32(4*p,d[p],i)}digest(){let{buffer:e,outputLen:t}=this;this.digestInto(e);let r=e.slice(0,t);return this.destroy(),r}_cloneInto(e){e||(e=new this.constructor),e.set(...this.get());let{blockLen:t,buffer:r,length:n,finished:i,destroyed:o,pos:a}=this;return e.length=n,e.pos=a,e.finished=i,e.destroyed=o,n%t&&e.buffer.set(r),e}};var et=new Uint32Array([1116352408,1899447441,3049323471,3921009573,961987163,1508970993,2453635748,2870763221,3624381080,310598401,607225278,1426881987,1925078388,2162078206,2614888103,3248222580,3835390401,4022224774,264347078,604807628,770255983,1249150122,1555081692,1996064986,2554220882,2821834349,2952996808,3210313671,3336571891,3584528711,113926993,338241895,666307205,773529912,1294757372,1396182291,1695183700,1986661051,2177026350,2456956037,2730485921,2820302411,3259730800,3345764771,3516065817,3600352804,4094571909,275423344,430227734,506948616,659060556,883997877,958139571,1322822218,1537002063,1747873779,1955562222,2024104815,2227730452,2361852424,2428436474,2756734187,3204031479,3329325298]),E=new Uint32Array([1779033703,3144134277,1013904242,2773480762,1359893119,2600822924,528734635,1541459225]),v=new Uint32Array(64),ae=class extends Q{constructor(){super(64,32,8,!1),this.A=E[0]|0,this.B=E[1]|0,this.C=E[2]|0,this.D=E[3]|0,this.E=E[4]|0,this.F=E[5]|0,this.G=E[6]|0,this.H=E[7]|0}get(){let{A:e,B:t,C:r,D:n,E:i,F:o,G:a,H:l}=this;return[e,t,r,n,i,o,a,l]}set(e,t,r,n,i,o,a,l){this.A=e|0,this.B=t|0,this.C=r|0,this.D=n|0,this.E=i|0,this.F=o|0,this.G=a|0,this.H=l|0}process(e,t){for(let p=0;p<16;p++,t+=4)v[p]=e.getUint32(t,!1);for(let p=16;p<64;p++){let $=v[p-15],O=v[p-2],fe=f($,7)^f($,18)^$>>>3,re=f(O,17)^f(O,19)^O>>>10;v[p]=re+v[p-7]+fe+v[p-16]|0}let{A:r,B:n,C:i,D:o,E:a,F:l,G:u,H:d}=this;for(let p=0;p<64;p++){let $=f(a,6)^f(a,11)^f(a,25),O=d+$+Ee(a,l,u)+et[p]+v[p]|0,re=(f(r,2)^f(r,13)^f(r,22))+ve(r,n,i)|0;d=u,u=l,l=a,a=o+O|0,o=i,i=n,n=r,r=O+re|0}r=r+this.A|0,n=n+this.B|0,i=i+this.C|0,o=o+this.D|0,a=a+this.E|0,l=l+this.F|0,u=u+this.G|0,d=d+this.H|0,this.set(r,n,i,o,a,l,u,d)}roundClean(){v.fill(0)}destroy(){this.set(0,0,0,0,0,0,0,0),this.buffer.fill(0)}};var ce=be(()=>new ae);import{stringToBytes as rt,toHex as st}from"viem";var A=s=>tt.fromUint8Array(new Uint8Array(s),!0),le=s=>{let e=rt(s),t=ce(ce(e));return st(t,{size:32}).slice(2)};var k=class{constructor(e,t){c(this,"userAuthentications");c(this,"authModule");c(this,"apiVersion");this.authModule=e,this.userAuthentications=new Map,this.apiVersion=t}async setDefaultAuth(e){let t=await this.authModule.authenticate({payload:e.payload,challenge:e.challenge});this.userAuthentications.set("default",t)}async setKeygenUserSigs(e,t){if(this.apiVersion==="v1"&&!t)throw new Error("no challenge response for keygen");for(let r of e){let n=r.signAlg,i=t?t[n]:le(ke(r));if(i){let o=await this.authModule.authenticate({payload:r,challenge:i});this.userAuthentications.set(n,o)}else throw new Error("no final challenge found in response for ".concat(n))}}async setSigngenUserSigs(e){await this.setDefaultAuth(e)}async setAddEphKeyUserSigs(e){await this.setDefaultAuth(e)}async setRevokeEphKeyUserSigs(e){await this.setDefaultAuth(e)}async setRegisterPasskeyUserSigs(e){await this.setDefaultAuth(e)}async setKeyRefreshUserSigs(e){await this.setDefaultAuth(e)}async setFinishPresignUserSigs(e){await this.setDefaultAuth(e)}async setUpdatePolicyUserSigs(e){await this.setDefaultAuth(e)}async setDeletePolicyUserSigs(e){await this.setDefaultAuth(e)}async build(e,t,r){if(this.apiVersion!=="v1"&&(e==="registerPasskey"||e==="keyRefresh"))throw new Error("".concat(e," is only supported in V1"));let{challenge:n}=r!=null?r:{};if(e==="keygen"){let i=n?JSON.parse(n):void 0;await this.setKeygenUserSigs(t,i)}else{if(this.apiVersion==="v1"&&!n)throw new Error("missing challenge response for ".concat(e," V1"));let i=n!=null?n:le(ke(t));e==="signgen"?await this.setSigngenUserSigs({payload:t,challenge:i}):e==="addEphemeralKey"?await this.setAddEphKeyUserSigs({payload:t,challenge:i}):e==="revokeEphemeralKey"?await this.setRevokeEphKeyUserSigs({payload:t,challenge:i}):e==="registerPasskey"?await this.setRegisterPasskeyUserSigs({payload:t,challenge:i}):e==="keyRefresh"?await this.setKeyRefreshUserSigs({payload:t,challenge:i}):e==="finishPresign"?await this.setFinishPresignUserSigs({payload:t,challenge:i}):e==="updatePolicy"?await this.setUpdatePolicyUserSigs({payload:t,challenge:i}):e==="deletePolicy"&&await this.setDeletePolicyUserSigs({payload:t,challenge:i})}return Object.fromEntries(this.userAuthentications)}};var ue=s=>{let{sign:e,recid:t}=s,r=(27+t).toString(16);return"0x".concat(e).concat(r)};var C=class{constructor(e,t){c(this,"key_id");c(this,"eph_claim");h("keyId",e),this.key_id=e,this.eph_claim=t.toJSON()}get eoaRequestSchema(){return{Request:[{name:"setup",type:"RevokeEphKeyRequest"},{name:"challenge",type:"string"}],RevokeEphKeyRequest:[{name:"key_id",type:"string"},{name:"eph_claim",type:"string"}]}}},q=class{constructor(e,t){c(this,"key_id_list");c(this,"eph_claim");for(let r of e)h("keyId",r);this.key_id_list=e,this.eph_claim=t.toJSON()}get eoaRequestSchema(){return{Request:[{name:"setup",type:"AddEphKeyRequest"},{name:"challenge",type:"string"}],AddEphKeyRequest:[{name:"key_id_list",type:"string[]"},{name:"eph_claim",type:"string"}]}}},D=class{constructor(e){c(this,"options");h("options",e),this.options=e}},U=class{constructor({t:e,keyId:t,signAlg:r}){c(this,"t");c(this,"key_id");c(this,"sign_alg");h("keyId",t),h("signAlg",r),this.t=e,this.key_id=t,this.sign_alg=r}get eoaRequestSchema(){return{Request:[{name:"setup",type:"KeyRefreshRequest"},{name:"challenge",type:"string"}],KeyRefreshRequest:[{name:"t",type:"uint32"},{name:"key_id",type:"string"},{name:"sign_alg",type:"string"}]}}},P=class{constructor({keyId:e,policy:t}){c(this,"key_id");c(this,"policy");h("keyId",e),this.key_id=e,this.policy=t.toJSON()}get eoaRequestSchema(){return{Request:[{name:"setup",type:"UpdatePolicyRequest"},{name:"challenge",type:"string"}],UpdatePolicyRequest:[{name:"key_id",type:"string"},{name:"policy",type:"string"}]}}},S=class{constructor({keyId:e}){c(this,"key_id");h("keyId",e),this.key_id=e}get eoaRequestSchema(){return{Request:[{name:"setup",type:"DeletePolicyRequest"},{name:"challenge",type:"string"}],DeletePolicyRequest:[{name:"key_id",type:"string"}]}}};var nt=[{name:"tag",type:"uint16"},{name:"value",type:"string"}],R=class{constructor({t:e,n:t,ephClaim:r,policy:n,signAlg:i}){c(this,"t");c(this,"n");c(this,"ephClaim");c(this,"metadata");c(this,"signAlg");c(this,"policy");h("signAlg",i),this.t=e,this.n=t,this.signAlg=i,this.ephClaim=r==null?void 0:r.toJSON(),this.metadata=[],this.policy=n==null?void 0:n.toJSON()}get eoaRequestSchema(){let e=[{name:"t",type:"uint32"},{name:"n",type:"uint32"},{name:"metadata",type:"TaggedValue[]"}];return this.ephClaim&&e.push({name:"ephClaim",type:"string"}),this.policy&&e.push({name:"policy",type:"string"}),{Request:[{name:"setup",type:"KeygenSetupOpts"},{name:"challenge",type:"string"}],KeygenSetupOpts:e,TaggedValue:nt}}},w=class{constructor({t:e,key_id:t,signAlg:r,message:n}){c(this,"t");c(this,"key_id");c(this,"message");c(this,"signAlg");h("keyId",t),h("signAlg",r),h("message",n),this.t=e,this.key_id=t,this.message=n,this.signAlg=r}get eoaRequestSchema(){return{Request:[{name:"setup",type:"SignSetupOpts"},{name:"challenge",type:"string"}],SignSetupOpts:[{name:"t",type:"uint32"},{name:"key_id",type:"string"},{name:"signAlg",type:"string"},{name:"message",type:"string"}]}}},B=class{constructor({amount:e,keyId:t,t:r,expiryInSecs:n}){c(this,"amount");c(this,"key_id");c(this,"t");c(this,"expiry");if(e<=0)throw new Error("Amount must be greater than 0");h("keyId",t),this.amount=e,this.key_id=t,this.t=r,this.expiry=n!=null?n:Math.floor(Date.now()/1e3)+7*24*3600}},x=class{constructor({presignSessionId:e,message:t}){c(this,"presignSessionId");c(this,"message");h("presignSessionId",e),h("message",t),this.presignSessionId=e,this.message=t}get eoaRequestSchema(){return{Request:[{name:"setup",type:"FinishPresignOpts"},{name:"challenge",type:"string"}],FinishPresignOpts:[{name:"presignSessionId",type:"string"},{name:"message",type:"string"}]}}};var it={name:"SilentShard authentication",version:"0.1.0"},ot=[{name:"name",type:"string"},{name:"version",type:"string"}];function at(s,e){let t={setup:s,challenge:e};return{types:m({EIP712Domain:ot},s.eoaRequestSchema),domain:it,primaryType:"Request",message:t}}async function Ce({setup:s,eoa:e,challenge:t,browserWallet:r}){let n=at(s,t),i=await r.signTypedData(e,n);return new b({method:"eoa",id:e},i)}import{Base64 as Ke}from"js-base64";import{hexToBytes as qe}from"viem";import{canonicalize as X}from"json-canonicalize";async function Ue({user:s,challenge:e,rpConfig:t}){let r=qe("0x".concat(e),{size:32}),n={publicKey:{authenticatorSelection:{residentKey:"preferred",userVerification:"required"},challenge:r,excludeCredentials:[],pubKeyCredParams:[{type:"public-key",alg:-7},{type:"public-key",alg:-257}],rp:{name:t.rpName,id:t.rpId},user:V(m({},s),{id:Ke.toUint8Array(s.id)})}},i=await navigator.credentials.create(n);if(i===null)throw new Error("No credential returned");let o=A(i.response.attestationObject),l={rawCredential:X({authenticatorAttachment:i.authenticatorAttachment,id:i.id,rawId:A(i.rawId),response:{attestationObject:o,clientDataJSON:A(i.response.clientDataJSON)},type:i.type}),origin:t.rpName,rpId:t.rpId};return new b({method:"passkey",id:i.id},X(l))}async function Ie({challenge:s,allowCredentialId:e,rpConfig:t}){let r=qe("0x".concat(s),{size:32}),n=e?[{type:"public-key",id:Ke.toUint8Array(e)}]:[],i={publicKey:{userVerification:"required",challenge:r,allowCredentials:n}},o=await navigator.credentials.get(i);if(o===null)throw new Error("Failed to get navigator credentials");let a=o.response,l=a.userHandle;if(l===null)throw new Error("User handle cannot be null");let u=A(a.signature),p={rawCredential:X({authenticatorAttachment:o.authenticatorAttachment,id:o.id,rawId:A(o.rawId),response:{authenticatorData:A(a.authenticatorData),clientDataJSON:A(a.clientDataJSON),signature:u,userHandle:A(l)},type:o.type}),origin:t.rpName,rpId:t.rpId};return new b({method:"passkey",id:o.id},X(p))}import{toHex as Y}from"viem";import{ed25519 as pe}from"@noble/curves/ed25519";import{secp256k1 as Me}from"@noble/curves/secp256k1";import{signMessage as ct}from"viem/accounts";import{canonicalize as Oe}from"json-canonicalize";var I=class s{constructor(e,t,r,n=Math.floor(Date.now()/1e3)+3600){c(this,"ephId");c(this,"ephPK");c(this,"signAlg");c(this,"expiry");this.validateInputs(e,t,r,n),this.ephId=e,this.ephPK=Y(t),this.signAlg=r,this.expiry=n}validateInputs(e,t,r,n){h("ephId",e),Se(t,r),g(Number.isInteger(n)===!1,"expiry must be an integer");let i=Math.floor(Date.now()/1e3),o=n-i,a=o>0&&o<=365*24*60*60;g(!a,"lifetime must be greater than 0 and less than or equal to 365 days expiry - now ".concat(o,", expiry ").concat(n," now secs ").concat(i))}toJSON(){try{return Oe({ephId:this.ephId,ephPK:this.ephPK,expiry:this.expiry,signAlg:this.signAlg})}catch(e){throw console.error("Error while serializing ephemeral key claim",e),new Error("Error while serializing ephemeral key claim")}}static generateKeys(e,t){let r=Z(e),n=T(r,e),i=new s(Y(n),n,e,t);return{privKey:r,pubKey:n,ephClaim:i}}};async function Ne({setup:s,challenge:e,ephSK:t,ephClaim:r}){let n={setup:s,challenge:e},i=new TextEncoder().encode(Oe(n)),o=await lt(i,t,r.signAlg);return new b({method:"ephemeral",id:r.ephId},o)}async function lt(s,e,t){switch(t){case"ed25519":return Y(pe.sign(s,e));case"secp256k1":return await ct({message:{raw:s},privateKey:Y(e)});default:throw new Error("Invalid signature algorithm")}}function Z(s){switch(s){case"ed25519":return pe.utils.randomPrivateKey();case"secp256k1":return Me.utils.randomPrivateKey();default:throw new Error("Invalid signature algorithm")}}function T(s,e){switch(e){case"ed25519":return pe.getPublicKey(s);case"secp256k1":return Me.getPublicKey(s,!1);default:throw new Error("Invalid signature algorithm")}}import{isAddress as ut}from"viem";var b=class{constructor(e,t){this.credentials=e;this.signature=t;this.credentials=e,this.signature=t}},F=class{constructor(e,t){c(this,"browserWallet");c(this,"eoa");this.validateInputs(e,t),this.browserWallet=t,this.eoa=e}validateInputs(e,t){g(!ut(e),"invalid Ethereum address format"),g(!((t==null?void 0:t.signTypedData)instanceof Function),"invalid browserWallet")}async authenticate({payload:e,challenge:t}){return W(e,[R,U,q,C,w,x,P,S],"eoa"),await Ce({setup:e,eoa:this.eoa,challenge:t,browserWallet:this.browserWallet})}},_=class{constructor(e,t,r){c(this,"ephSK");c(this,"ephClaim");Re(t,r),this.ephSK=t;let n=T(this.ephSK,r);this.ephClaim=new I(e,n,r)}async authenticate({payload:e,challenge:t}){return W(e,[w,C,x],"ephemeral"),await Ne({setup:e,challenge:t,ephSK:this.ephSK,ephClaim:this.ephClaim})}},M=class{constructor(e,t){c(this,"rpConfig");c(this,"allowCredentialId");this.rpConfig=e,this.allowCredentialId=t}async authenticate({payload:e,challenge:t}){return W(e,[R,q,w,x,U,C,P,S],"passkey"),await Ie({allowCredentialId:this.allowCredentialId,challenge:t,rpConfig:this.rpConfig})}},L=class{constructor(e,t){c(this,"rpConfig");c(this,"user");this.rpConfig=e,this.user=t}async authenticate({payload:e,challenge:t}){return W(e,[D],"passkey"),await Ue({user:this.user,challenge:t,rpConfig:this.rpConfig})}};import{canonicalize as ee}from"json-canonicalize";var J=class{constructor(e){c(this,"walletProviderUrl");c(this,"apiVersion","v1");this.walletProviderUrl="".concat(e.walletProviderUrl,"/").concat(e.apiVersion),this.apiVersion=e.apiVersion}getVersion(){return this.apiVersion}async startKeygen({setups:e,authModule:t}){return(this.apiVersion==="v1"?this.connect.bind(this):this.connectV2.bind(this))("keygen",e,t).then(n=>{try{return JSON.parse(n)}catch(i){throw new Error("Failed to parse keygen response: ".concat(n))}})}async startKeyRefresh({payload:e,authModule:t}){if(this.apiVersion==="v2")throw new Error("Key refresh is not supported in v2 API");return this.connect.bind(this)("keyRefresh",e,t).then(n=>{try{return JSON.parse(n)}catch(i){throw new Error("Failed to parse key refresh response: ".concat(n))}})}async startSigngen({setup:e,authModule:t}){return(this.apiVersion==="v1"?this.connect.bind(this):this.connectV2.bind(this))("signgen",e,t).then(n=>{try{return JSON.parse(n)}catch(i){throw new Error("Failed to parse signgen response: ".concat(n))}})}async addEphemeralKey({payload:e,authModule:t}){return(this.apiVersion==="v1"?this.connect.bind(this):this.connectV2.bind(this))("addEphemeralKey",e,t).then(n=>{try{return JSON.parse(n)}catch(i){throw new Error("Failed to parse add ephemeral key response: ".concat(n))}})}async revokeEphemeralKey({payload:e,authModule:t}){return(this.apiVersion==="v1"?this.connect.bind(this):this.connectV2.bind(this))("revokeEphemeralKey",e,t).then(n=>{try{return JSON.parse(n)}catch(i){throw new Error("Failed to parse revoke ephemeral key response: ".concat(n))}})}async registerPasskey({payload:e,authModule:t}){if(this.apiVersion==="v2")throw new Error("Passkey registration is not supported in v2 API");return this.connect.bind(this)("registerPasskey",e,t).then(n=>({passkeyCredentialId:n}))}async updatePolicy({payload:e,authModule:t}){return(this.apiVersion==="v1"?this.connect.bind(this):this.connectV2.bind(this))("updatePolicy",e,t).then(n=>{try{return JSON.parse(n)}catch(i){throw new Error("Failed to parse update policy response: ".concat(n))}})}async deletePolicy({payload:e,authModule:t}){return(this.apiVersion==="v1"?this.connect.bind(this):this.connectV2.bind(this))("deletePolicy",e,t).then(n=>{try{return JSON.parse(n)}catch(i){throw new Error("Failed to parse delete policy response: ".concat(n))}})}connect(e,t,r){return new Promise((n,i)=>{let o=new WebSocket("".concat(this.walletProviderUrl,"/").concat(e)),a=0;return console.debug("Connecting to ",o.url),o.addEventListener("open",l=>{switch(console.debug("Connection opened in state ".concat(a," with event ").concat(JSON.stringify(l,void 0,"	"))),a){case 0:{a=1;try{let u=ee({payload:t});console.debug("Sending request:",u),o.send(u)}catch(u){this.finishWithError(o,a,u,"open event",i)}break}case 1:case 2:this.finishWithError(o,a,"Unexpected message in state waitingForResult.","open event",i);break;case 3:break}}),o.addEventListener("message",async l=>{switch(console.debug("Connection message in state ".concat(a," with event data ").concat(JSON.stringify(l.data,void 0,"	"))),a){case 0:this.finishWithError(o,a,"Unexpected message in state initiated.","message event",i);break;case 1:{a=2;try{let u=l.data,d=await new k(r,this.apiVersion).build(e,t,{challenge:u});o.send(ee(d))}catch(u){this.finishWithError(o,a,u,"message event",i)}break}case 2:{a=3,o.close(),n(l.data);break}case 3:break}}),o.addEventListener("error",l=>{this.finishWithError(o,a,"Connection encountered an error event: ".concat(JSON.stringify(l,void 0,"	")),"error event",i)}),o.addEventListener("close",l=>{let u=l.reason||"No specific reason provided.",d=l.code;console.debug("Connection closed. State: ".concat(a,", Code: ").concat(d,", Reason: '").concat(u,"'"));let p=d>=4e3?"Application Error ".concat(d,": ").concat(u):d===1006?"Connection Abnormality (Code 1006): Server closed connection unexpectedly or network issue.":"WebSocket Closed Unexpectedly (Code ".concat(d,"): ").concat(u);this.finishWithError(o,a,new Error(p),"close event",i)}),()=>{(o.readyState===WebSocket.OPEN||o.readyState===WebSocket.CONNECTING)&&o.close(1001,"Cleanup/Unmount")}})}connectV2(e,t,r){return new Promise((n,i)=>{let o=new WebSocket("".concat(this.walletProviderUrl,"/").concat(e)),a=0;return console.debug("Connecting to ",o.url),o.addEventListener("open",async l=>{switch(console.debug("Connection opened in state ".concat(a," with event ").concat(JSON.stringify(l,void 0,"	"))),a){case 0:a=2;try{let u=await new k(r,this.apiVersion).build(e,t);o.send(ee({payload:t,userSigs:u}))}catch(u){this.finishWithError(o,a,u,"open event",i)}break;case 2:a=3,this.finishWithError(o,a,"Unexpected message in state waitingForResult.","open event",i);break;case 3:break}}),o.addEventListener("message",async l=>{switch(console.debug("Connection message in state ".concat(a," with event ").concat(JSON.stringify(l,void 0,"	"))),a){case 0:this.finishWithError(o,a,"Unexpected message in state initiated.","message event",i);break;case 2:{a=3,o.close(),n(l.data);break}case 3:break}}),o.addEventListener("error",l=>{this.finishWithError(o,a,"Connection encountered an error event: ".concat(JSON.stringify(l,void 0,"	")),"error event",i)}),o.addEventListener("close",l=>{let u=l.reason||"No specific reason provided.",d=l.code;console.debug("Connection closed. State: ".concat(a,", Code: ").concat(d,", Reason: '").concat(u,"'"));let p=d>=4e3?"Application Error ".concat(d,": ").concat(u):d===1006?"Connection Abnormality (Code 1006): Server closed connection unexpectedly or network issue.":"WebSocket Closed Unexpectedly (Code ".concat(d,"): ").concat(u);this.finishWithError(o,a,new Error(p),"close event",i)}),()=>{(o.readyState===WebSocket.OPEN||o.readyState===WebSocket.CONNECTING)&&o.close(1001,"Cleanup/Unmount")}})}finishWithError(e,t,r,n,i){t!==3&&(console.error("Error from ".concat(n," in state ").concat(t,":"),r),t=3,i(r instanceof Error?r:new Error(String(r)))),e.readyState===WebSocket.OPEN&&e.close(1e3,"Protocol run failed. Client attempted to close connection in state ".concat(t))}},K=class{constructor(e){c(this,"walletProviderUrl");c(this,"apiVersion","v1");this.walletProviderUrl="".concat(e.walletProviderUrl,"/").concat(e.apiVersion),this.apiVersion=e.apiVersion}getVersion(){return this.apiVersion}async startKeygen({setups:e}){return this.connect.bind(this)("keygen",e).then(r=>{try{return JSON.parse(r)}catch(n){throw new Error("Failed to parse keygen response: ".concat(r))}})}async startSigngen({setup:e}){return this.connect.bind(this)("signgen",e).then(r=>{try{return JSON.parse(r)}catch(n){throw new Error("Failed to parse signgen response: ".concat(r))}})}async startKeyRefresh({payload:e}){if(this.apiVersion==="v2")throw new Error("Key refresh is not supported in v2 API");return this.connect.bind(this)("keyRefresh",e).then(r=>{try{return JSON.parse(r)}catch(n){throw new Error("Failed to parse key refresh response: ".concat(r))}})}async updatePolicy({payload:e}){return this.connect.bind(this)("updatePolicy",e).then(r=>{try{return JSON.parse(r)}catch(n){throw new Error("Failed to parse update policy response: ".concat(r))}})}async deletePolicy({payload:e}){return this.connect.bind(this)("deletePolicy",e).then(r=>{try{return JSON.parse(r)}catch(n){throw new Error("Failed to parse delete policy response: ".concat(r))}})}connect(e,t){return new Promise((r,n)=>{let i=0,o=new WebSocket("".concat(this.walletProviderUrl,"/").concat(e));o.addEventListener("open",async a=>{switch(console.debug("Connection opened in state ".concat(i," with event ").concat(JSON.stringify(a,void 0,"	"))),i){case 0:i=2;try{o.send(ee({payload:t}))}catch(l){n(l)}break;case 2:i=3,n("Incorrect protocol state");break;case 3:break}}),o.addEventListener("message",async a=>{switch(console.debug("Connection message in state ".concat(i," with event ").concat(JSON.stringify(a,void 0,"	"))),i){case 0:i=3,n("Incorrect protocol state");break;case 2:{i=3,o.close(),r(a.data);break}case 3:break}}),o.addEventListener("error",a=>{console.debug("Connection error in state ".concat(i," with event ").concat(JSON.stringify(a,void 0,"	"))),i!=3&&(i=3,n("Incorrect protocol state"))}),o.addEventListener("close",a=>{console.debug("Connection closed in state ".concat(i," with event ").concat(JSON.stringify(a,void 0,"	"))),i!=3&&(i=3,n("Incorrect protocol state"))})})}};var H=class{constructor(e,t){c(this,"authModule");c(this,"wpClient");if(!t&&!(e instanceof K))throw new Error("missing authModule for wallet provider client in auth mode");if(t&&e instanceof K)throw new Error("authModule is required but using wallet provider client in no-auth mode");this.authModule=t,this.wpClient=e}validateQuorumSetup({threshold:e,totalNodes:t}){e&&g(e<2,"Threshold = ".concat(e," must be at least 2")),e&&t&&g(t<e,"Total nodes = ".concat(t," must be greater or equal to threshold = ").concat(e))}async generateKey(e,t,r,n,i){this.validateQuorumSetup({threshold:e,totalNodes:t});let o=r.map(a=>new R({t:e,n:t,ephClaim:n,policy:i,signAlg:a}));return this.authModule?await this.wpClient.startKeygen({setups:o,authModule:this.authModule}):await this.wpClient.startKeygen({setups:o})}async signMessage(e,t,r,n){this.validateQuorumSetup({threshold:e}),Ae(r);let i=new w({t:e,key_id:t,signAlg:r,message:n});if(this.authModule){if(this.authModule instanceof M&&new Map(Object.entries(JSON.parse(n))).size>1)throw new Error("For Passkey Authentication only one message in signing request is supported");return await this.wpClient.startSigngen({setup:i,authModule:this.authModule})}else return await this.wpClient.startSigngen({setup:i})}async refreshKey(e,t,r){let n=new U({t:e,keyId:t,signAlg:r});return this.authModule?await this.wpClient.startKeyRefresh({payload:n,authModule:this.authModule}):await this.wpClient.startKeyRefresh({payload:n})}async addEphemeralKey(e,t){let r=new q(e,t);if(!this.authModule)throw new Error("Add ephemeral key is not supported in no auth mode");return await this.wpClient.addEphemeralKey({payload:r,authModule:this.authModule})}async revokeEphemeralKey(e,t){h("keyId",e);let r=new C(e,t);if(!this.authModule)throw new Error("Revoke ephemeral key is not supported in no auth mode");return await this.wpClient.revokeEphemeralKey({payload:r,authModule:this.authModule})}async registerPasskey(e){let t=new D(e!=null?e:"passkey options");if(!this.authModule)throw new Error("Register passkey is not supported in no auth mode");return await this.wpClient.registerPasskey({payload:t,authModule:this.authModule})}async updatePolicy(e,t){let r=new P({keyId:e,policy:t});return this.authModule?await this.wpClient.updatePolicy({payload:r,authModule:this.authModule}):await this.wpClient.updatePolicy({payload:r})}async deletePolicy(e){let t=new S({keyId:e});return this.authModule?await this.wpClient.deletePolicy({payload:t,authModule:this.authModule}):await this.wpClient.deletePolicy({payload:t})}};import{canonicalize as pt}from"json-canonicalize";var he=class extends Error{constructor(t,r,n){super(n||r);this.status=t;this.statusText=r;this.name="HttpError"}},G=class{constructor(e="",t={}){c(this,"baseURL");c(this,"defaultHeaders");this.baseURL=e,this.validateHeaders(t),this.defaultHeaders=m({"Content-Type":"application/json"},t)}validateHeaders(e){if(typeof e!="object"||e===null)throw new Error("Headers must be an object.");for(let[t,r]of Object.entries(e))if(typeof t!="string"||typeof r!="string")throw new Error("Invalid header: ".concat(t,". Header names and values must be strings."))}setDefaultHeaders(e){this.defaultHeaders=m(m({},this.defaultHeaders),e)}buildUrl(e){return"".concat(this.baseURL).concat(e)}async handleResponse(e){if(!e.ok){let r;try{r=(await e.json()).message||e.statusText}catch(n){r=e.statusText}throw new he(e.status,e.statusText,r)}let t=e.headers.get("content-type");return t&&t.includes("application/json")?e.json():e.text()}async request(e,t,r,n={}){let i=this.buildUrl(t),o=m(m({},this.defaultHeaders),n.headers),a=V(m({method:e,headers:o},n),{body:r?pt(r):null}),l=await fetch(i,a);return this.handleResponse(l)}async get(e,t){return this.request("GET",e,void 0,t)}async post(e,t,r){return this.request("POST",e,t,r)}async put(e,t,r){return this.request("PUT",e,t,r)}async patch(e,t,r){return this.request("PATCH",e,t,r)}async delete(e,t){return this.request("DELETE",e,void 0,t)}};import{publicKeyToAddress as De,toAccount as Fr}from"viem/accounts";import{secp256k1 as ht}from"@noble/curves/secp256k1";import{hashMessage as Hr,hashTypedData as Gr,keccak256 as zr,serializeSignature as jr,serializeTransaction as Qr,toHex as Yr}from"viem";import{Base64 as es}from"js-base64";function de(s){if(s.startsWith("0x")&&(s=s.slice(2)),s.startsWith("04"))return De("0x".concat(s," "));if(s.startsWith("02")||s.startsWith("03")){let e=ht.ProjectivePoint.fromHex(s).toHex(!1);return De("0x".concat(e))}else throw new Error("Invalid public key")}var me={};ze(me,{Action:()=>$e,ChainType:()=>We,IssuerType:()=>Te,Logic:()=>Ve,Operator:()=>_e,Policy:()=>ye,Rule:()=>ge,TransactionAttribute:()=>Fe,TransactionType:()=>Be});import{canonicalize as dt}from"json-canonicalize";var te=512,Te=(r=>(r.SessionKeyId="SessionKeyId",r.UserId="UserId",r.All="*",r))(Te||{}),$e=(t=>(t.Allow="allow",t.Deny="deny",t))($e||{}),Ve=(t=>(t.Or="or",t.And="and",t))(Ve||{}),We=(r=>(r.Off="off",r.Ethereum="ethereum",r.Solana="solana",r))(We||{}),Be=(o=>(o.Eip712="eip712",o.Eip191="eip191",o.Erc20="erc20",o.Erc721="erc721",o.NativeTransfer="nativeTransfer",o.SolanaTransaction="solanaTransaction",o))(Be||{}),Fe=(y=>(y.Sender="sender",y.Receiver="receiver",y.NativeValue="nativeValue",y.ChainId="chainId",y.FunctionSelector="functionSelector",y.Message="message",y.VerifyingContract="verifyingContract",y.PrimaryType="primaryType",y.DomainName="domainName",y.DomainVersion="domainVersion",y.SolanaAccountKeys="solanaAccountKeys",y.SplTransferAmount="splTransferAmount",y.SplTokenMint="splTokenMint",y.CustomProgramInstruction="customProgramInstruction",y.SystemInstructionName="systemInstructionName",y.SplInstructionName="splInstructionName",y))(Fe||{}),_e=(l=>(l.Eq="eq",l.Neq="neq",l.Lt="lt",l.Lte="lte",l.Gt="gt",l.Gte="gte",l.In="in",l.All="all",l))(_e||{}),ge=class{constructor({description:e,chain_type:t,conditions:r,issuer:n,action:i,logic:o}){c(this,"description");c(this,"issuer");c(this,"action");c(this,"logic");c(this,"chain_type");c(this,"conditions");if(!r.length)throw new Error("Rule must have at least one condition");if(!t)throw new Error("Chain type must be set");if(e.length>te)throw new Error("Description length exceeds maximum of ".concat(te));this.description=e,this.chain_type=t,this.conditions=r,this.issuer=n||[{type:"*",id:"*"}],this.action=i||"allow",this.logic=o||"and"}},ye=class{constructor({version:e,description:t,rules:r}){c(this,"version");c(this,"description");c(this,"rules");if(!r.length)throw new Error("Policy must have at least one rule");if(t.length>te)throw new Error("Description length exceeds maximum of ".concat(te));this.version=e!=null?e:"1.0",this.description=t,this.rules=r}toJSON(){try{return dt({version:this.version,description:this.description,rules:this.rules})}catch(e){throw console.error("Error while serializing policy",e),new Error("Error while serializing policy")}}};var fs=m({KeygenSetupOpts:R,InitPresignOpts:B,FinishPresignOpts:x,SignSetupOpts:w,UserSignatures:k,NetworkSigner:H,SignRequestBuilder:N,WalletProviderServiceClient:J,NoAuthWalletProviderServiceClient:K,HttpClient:G,EOAAuth:F,EphAuth:_,PasskeyAuth:M,PasskeyRegister:L,generateEphPrivateKey:Z,getEphPublicKey:T,EphKeyClaim:I,computeAddress:de,flattenSignature:ue,UpdatePolicyRequest:P,DeletePolicyRequest:S},me);export{$e as Action,We as ChainType,S as DeletePolicyRequest,F as EOAAuth,_ as EphAuth,I as EphKeyClaim,x as FinishPresignOpts,G as HttpClient,B as InitPresignOpts,Te as IssuerType,R as KeygenSetupOpts,Ve as Logic,H as NetworkSigner,K as NoAuthWalletProviderServiceClient,_e as Operator,M as PasskeyAuth,L as PasskeyRegister,ye as Policy,ge as Rule,N as SignRequestBuilder,w as SignSetupOpts,Fe as TransactionAttribute,Be as TransactionType,P as UpdatePolicyRequest,k as UserSignatures,J as WalletProviderServiceClient,de as computeAddress,fs as default,ue as flattenSignature,Z as generateEphPrivateKey,T as getEphPublicKey};
 /*! Bundled license information:
 @noble/hashes/esm/utils.js:

package/dist/policy.d.ts ADDED Viewed

@@ -0,0 +1,220 @@
+/**
+ * Core data structures for the policy engine
+ */
+/**
+ * Type of issuer identifier
+ */
+export declare enum IssuerType {
+    /** Session identifier, like Ephemeral key */
+    SessionKeyId = "SessionKeyId",
+    /** User identifier, like EOA, Passkey or custom user credentials */
+    UserId = "UserId",
+    /** Allow all kind of issuers */
+    All = "*"
+}
+/**
+ * Issuer is the entity who issue the request that will be evaluated by the policy engine
+ * Default we allow all issuers
+ */
+export interface Issuer {
+    /** Type of issuer identifier */
+    type: IssuerType;
+    /** Issuer identifier */
+    id: string;
+}
+/**
+ * Action to take when a rule matches
+ */
+export declare enum Action {
+    /** Allow the transaction */
+    Allow = "allow",
+    /** Deny the transaction */
+    Deny = "deny"
+}
+/**
+ * Boolean logic operator
+ */
+export declare enum Logic {
+    Or = "or",
+    And = "and"
+}
+/**
+ * Chain type for the transaction
+ */
+export declare enum ChainType {
+    Off = "off",
+    Ethereum = "ethereum",
+    Solana = "solana"
+}
+/**
+ * Type of transaction
+ */
+export declare enum TransactionType {
+    /** TypedData */
+    Eip712 = "eip712",
+    /** PersonalSign */
+    Eip191 = "eip191",
+    /** Fungible Token interaction */
+    Erc20 = "erc20",
+    /** NFT interaction */
+    Erc721 = "erc721",
+    /** Pure ETH/SOL transfer */
+    NativeTransfer = "nativeTransfer",
+    SolanaTransaction = "solanaTransaction"
+}
+/**
+ * Transaction attribute to extract and compare
+ */
+export declare enum TransactionAttribute {
+    /** Sender of the transaction */
+    Sender = "sender",
+    /** Destination of the transaction */
+    Receiver = "receiver",
+    /** Chain native token value (e.g., ETH/SOL) */
+    NativeValue = "nativeValue",
+    /** Chain ID for EIP-712/1559 transactions */
+    ChainId = "chainId",
+    /** Function signature (4 bytes) of Ethereum calldata */
+    FunctionSelector = "functionSelector",
+    /** EIP-191 message to sign */
+    Message = "message",
+    /** EIP-712 verifying contract address */
+    VerifyingContract = "verifyingContract",
+    /** EIP-712 primary type */
+    PrimaryType = "primaryType",
+    /** EIP-712 domain name */
+    DomainName = "domainName",
+    /** EIP-712 domain version */
+    DomainVersion = "domainVersion",
+    /** Solana account keys */
+    SolanaAccountKeys = "solanaAccountKeys",
+    /** SPL transfer amount */
+    SplTransferAmount = "splTransferAmount",
+    /** SPL token mint */
+    SplTokenMint = "splTokenMint",
+    /** Custom Solana program instruction */
+    CustomProgramInstruction = "customProgramInstruction",
+    /** Solana System instruction name */
+    SystemInstructionName = "systemInstructionName",
+    /** SPL instruction name */
+    SplInstructionName = "splInstructionName"
+}
+/**
+ * Comparison operator
+ */
+export declare enum Operator {
+    /** Equal to */
+    Eq = "eq",
+    /** Not equal to */
+    Neq = "neq",
+    /** Less than */
+    Lt = "lt",
+    /** Less than or equal to */
+    Lte = "lte",
+    /** Greater than */
+    Gt = "gt",
+    /** Greater than or equal to */
+    Gte = "gte",
+    /** Value is in array */
+    In = "in",
+    /** All values in array match */
+    All = "all"
+}
+/**
+ * Value to compare in a condition
+ */
+export type ConditionValue = string | number | string[] | boolean;
+/**
+ * A single condition to evaluate
+ */
+export interface Condition {
+    /** Type of transaction */
+    transaction_type: TransactionType;
+    /** Transaction attribute to check */
+    transaction_attr: string;
+    /** Optional ABI for decoding Ethereum calldata */
+    abi?: any;
+    /** Comparison operator */
+    operator: Operator;
+    /** Value to compare against */
+    value: ConditionValue;
+}
+/**
+ * A group of conditions with boolean logic
+ */
+export interface ConditionGroup {
+    /** Logic to apply to the group */
+    logic: Logic;
+    /** List of conditions in the group */
+    group: Condition[];
+    /**
+     * Optional ABI for decoding Ethereum calldata
+     * The condition-level ABI dominates over the group-level ABI
+     */
+    abi?: any;
+}
+/**
+ * Either a single condition or a group of conditions
+ */
+export type ConditionOrGroup = Condition | ConditionGroup;
+/**
+ * A rule contains conditions that must be satisfied
+ */
+export declare class Rule {
+    /** Human-readable description (max 512 characters) */
+    description: string;
+    /** List of issuers who issue the request that will be evaluated by the policy engine */
+    issuer: Issuer[];
+    /** Action to take if rule matches */
+    action: Action;
+    /** Logic to apply to conditions (default: AND) */
+    logic?: Logic;
+    /** Chain type this rule applies to */
+    chain_type: ChainType;
+    /** List of conditions or condition groups */
+    conditions: ConditionOrGroup[];
+    /**
+     * Creates a new Rule instance.
+     *
+     * @param description - A human-readable description of what the rule does.
+     * @param chain_type - The blockchain network this rule applies to (e.g., Ethereum, Solana).
+     * @param conditions - An array of conditions or condition groups that must be met.
+     * @param issuer - (Optional) The issuers to whom this rule applies. Defaults to allowing all issuers (*).
+     * @param action - (Optional) The action to take if the rule is matched (Allow/Deny). Defaults to Allow.
+     * @param logic - (Optional) The logic operator (AND/OR) to apply to the conditions. Defaults to AND.
+     * @throws Will throw an error if no conditions are provided or chain_type is missing.
+     */
+    constructor({ description, chain_type, conditions, issuer, action, logic, }: {
+        description: string;
+        chain_type: ChainType;
+        conditions: ConditionOrGroup[];
+        issuer?: Issuer[];
+        action?: Action;
+        logic?: Logic;
+    });
+}
+/**
+ * A policy contains multiple rules for transaction validation
+ */
+export declare class Policy {
+    /** Policy version */
+    version: string;
+    /** Human-readable description (max 512 characters) */
+    description: string;
+    /** Ordered list of rules to evaluate */
+    rules: Rule[];
+    /**
+     * Creates a new Policy instance.
+     *
+     * @param version - The version of the policy schema. Defaults to '1.0'.
+     * @param description - A human-readable description of the policy.
+     * @param rules - An array of Rule objects that define the policy.
+     * @throws Will throw an error if no rules are provided.
+     */
+    constructor({ version, description, rules }: {
+        version: string;
+        description: string;
+        rules: Rule[];
+    });
+    toJSON(): string;
+}