@silencelaboratories/walletprovider-sdk 4.1.1 → 4.1.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +148 -76
- package/dist/auth/auth0JWTIssuer.d.ts +63 -0
- package/dist/builder/userAuth.d.ts +4 -15
- package/dist/client/networkRequest.d.ts +28 -0
- package/dist/client/networkResponse.d.ts +29 -9
- package/dist/client/networkSigner.d.ts +1 -1
- package/dist/client/walletProviderServiceClientInterface.d.ts +10 -6
- package/dist/index.cjs.js +1 -1
- package/dist/index.d.ts +8 -3
- package/dist/index.esm.js +1 -1
- package/dist/tsconfig.tsbuildinfo +1 -1
- package/dist/utils/jwt.d.ts +1 -0
- package/package.json +6 -4
package/README.md
CHANGED
|
@@ -13,10 +13,11 @@ The client library for Silent Network Wallet Provider Service.
|
|
|
13
13
|
- [Network Without Authentication](#network-without-authentication)
|
|
14
14
|
- [Keygen](#keygen)
|
|
15
15
|
- [Signgen](#signgen)
|
|
16
|
-
- [Network
|
|
16
|
+
- [Network With Authentication](#network-with-authentication)
|
|
17
17
|
- [Keygen](#keygen-1)
|
|
18
18
|
- [Authenticate with EOA wallet](#authenticate-with-eoa-wallet)
|
|
19
19
|
- [Authenticate with Passkey](#authenticate-with-passkey)
|
|
20
|
+
- [Policy](#policy)
|
|
20
21
|
- [Signing](#signing)
|
|
21
22
|
- [Key refresh](#key-refresh)
|
|
22
23
|
- [Development](#development)
|
|
@@ -105,7 +106,7 @@ The example usage of different types is [shown here](https://github.com/silence-
|
|
|
105
106
|
);
|
|
106
107
|
```
|
|
107
108
|
|
|
108
|
-
## Network
|
|
109
|
+
## Network With Authentication
|
|
109
110
|
### Initialize the Client object
|
|
110
111
|
Create the [WalletProviderServiceClient](./docs/classes/WalletProviderServiceClient.html), using [ClientConfig](./docs/types/ClientConfig.html). The `wpClient` will connect to the Wallet Provider Backend Service (WPBE).
|
|
111
112
|
|
|
@@ -137,80 +138,9 @@ We provide EOA authentication via [EOAAuth](./docs/classes/EOAAuth.html) module.
|
|
|
137
138
|
|
|
138
139
|
```
|
|
139
140
|
|
|
140
|
-
Now you can generate a key
|
|
141
|
+
Now you can generate a key by calling the [generateKey](./docs/classes/NetworkSigner.html#generatekey) method. See [Policy](#policy) if you want to restrict what the generated key is allowed to sign.
|
|
141
142
|
|
|
142
|
-
|
|
143
|
-
const POLICY_ERC20_TRANSFER = new Policy({
|
|
144
|
-
version: '1.0',
|
|
145
|
-
description: 'Simple ERC20 transfer policy',
|
|
146
|
-
rules: [
|
|
147
|
-
new Rule({
|
|
148
|
-
description: 'ERC20 transferFrom: sender/recipient match and value < 10000',
|
|
149
|
-
chain_type: ChainType.Ethereum,
|
|
150
|
-
conditions: [
|
|
151
|
-
{
|
|
152
|
-
logic: Logic.And,
|
|
153
|
-
abi: {
|
|
154
|
-
name: 'transfer',
|
|
155
|
-
type: 'function',
|
|
156
|
-
inputs: [
|
|
157
|
-
{
|
|
158
|
-
name: 'to',
|
|
159
|
-
type: 'address',
|
|
160
|
-
},
|
|
161
|
-
{
|
|
162
|
-
name: 'amount',
|
|
163
|
-
type: 'uint256',
|
|
164
|
-
},
|
|
165
|
-
],
|
|
166
|
-
outputs: [
|
|
167
|
-
{
|
|
168
|
-
name: '',
|
|
169
|
-
type: 'bool',
|
|
170
|
-
},
|
|
171
|
-
],
|
|
172
|
-
},
|
|
173
|
-
group: [
|
|
174
|
-
{
|
|
175
|
-
transaction_type: TransactionType.Erc20,
|
|
176
|
-
transaction_attr: TransactionAttribute.Receiver,
|
|
177
|
-
operator: Operator.Eq,
|
|
178
|
-
value: '0x1c7d4b196cb0c7b01d743fbc6116a902379c7238',
|
|
179
|
-
},
|
|
180
|
-
{
|
|
181
|
-
transaction_type: TransactionType.Erc20,
|
|
182
|
-
transaction_attr: "to",
|
|
183
|
-
operator: Operator.Eq,
|
|
184
|
-
value: '0x1758f42af7026fbbb559dc60ece0de3ef81f665e',
|
|
185
|
-
},
|
|
186
|
-
{
|
|
187
|
-
transaction_type: TransactionType.Erc20,
|
|
188
|
-
transaction_attr: "amount",
|
|
189
|
-
operator: Operator.Lt,
|
|
190
|
-
value: 10000,
|
|
191
|
-
},
|
|
192
|
-
],
|
|
193
|
-
},
|
|
194
|
-
],
|
|
195
|
-
}),
|
|
196
|
-
],
|
|
197
|
-
});
|
|
198
|
-
|
|
199
|
-
let signAlgs = ['secp256k1', 'ed25519'];
|
|
200
|
-
|
|
201
|
-
// Generate new eph key, will be later used in sign requests
|
|
202
|
-
const selectedEphSignAlg = 'secp256k1'; // Signing algorithm of Ephemeral Key
|
|
203
|
-
const sk = generateEphPrivateKey(selectedEphSignAlg);
|
|
204
|
-
const ephPK = getEphPublicKey(sk, selectedEphSignAlg);
|
|
205
|
-
const ephId = uuidv4();
|
|
206
|
-
|
|
207
|
-
const ephClaim = new EphKeyClaim(ephId, ephPK, selectedEphSignAlg, expireAt(60 * 60));
|
|
208
|
-
|
|
209
|
-
// Generate keys for secp256k1, ed25519, and include Ephemeral Key, Policy in the request
|
|
210
|
-
let resp: KeygenResponse[] = await sdk.generateKey(+threshold, +partiesNumber, signAlgs, ephClaim, POLICY_ERC20_TRANSFER);
|
|
211
|
-
```
|
|
212
|
-
|
|
213
|
-
Calling this method will cause to the Digital Wallet window to pop up, requesting the User to sign the request.
|
|
143
|
+
Calling this method will cause the Digital Wallet window to pop up, requesting the User to sign the request.
|
|
214
144
|
|
|
215
145
|
The returned response [KeygenResponse](./docs/interfaces/KeygenResponse.html) is a list of DKG results, each contains `keyId`, `publicKey` and `signAlg`. The `publicKey` is the public part of the key generated by Silent Network. The `signAlg` is the sign algorithm of the MPC key. Use the `keyId` in subsequent calls to sign.
|
|
216
146
|
|
|
@@ -272,6 +202,148 @@ Calling this method will prompt the device to request [Passkey User Verification
|
|
|
272
202
|
|
|
273
203
|
The `sk` key can be later used in subsequent signgen requests.
|
|
274
204
|
|
|
205
|
+
### Policy
|
|
206
|
+
Use a [Policy](./docs/classes/Policy.html) when you want a key to sign only a constrained set of requests.
|
|
207
|
+
|
|
208
|
+
Typical uses for policies:
|
|
209
|
+
|
|
210
|
+
- Allow transfers only to specific recipients.
|
|
211
|
+
- Cap the maximum amount for ERC-20, native-token, or SPL transfers.
|
|
212
|
+
- Restrict signing to a specific contract function or chain.
|
|
213
|
+
- Allow only specific EIP-191 messages or EIP-712 payloads.
|
|
214
|
+
|
|
215
|
+
If you do not provide a policy, the key is created without signing restrictions.
|
|
216
|
+
|
|
217
|
+
Policies are built from [Policy](./docs/classes/Policy.html), [Rule](./docs/classes/Rule.html), [ChainType](./docs/enums/ChainType.html), [TransactionType](./docs/enums/TransactionType.html), [TransactionAttribute](./docs/enums/TransactionAttribute.html), [Operator](./docs/enums/Operator.html), and optionally [Logic](./docs/enums/Logic.html).
|
|
218
|
+
|
|
219
|
+
The structure is:
|
|
220
|
+
|
|
221
|
+
- A `Policy` contains one or more ordered rules.
|
|
222
|
+
- A `Rule` targets a chain and defines the conditions that must match.
|
|
223
|
+
- A condition checks one transaction attribute, such as receiver, amount, chain ID, or message.
|
|
224
|
+
- A condition group can share an ABI so the policy engine can decode calldata and validate function arguments such as `to` or `value`.
|
|
225
|
+
|
|
226
|
+
Here is a common import set:
|
|
227
|
+
|
|
228
|
+
```ts
|
|
229
|
+
import {
|
|
230
|
+
Policy,
|
|
231
|
+
Rule,
|
|
232
|
+
ChainType,
|
|
233
|
+
Logic,
|
|
234
|
+
Operator,
|
|
235
|
+
TransactionType,
|
|
236
|
+
TransactionAttribute,
|
|
237
|
+
} from '@silencelaboratories/walletprovider-sdk';
|
|
238
|
+
```
|
|
239
|
+
|
|
240
|
+
Example: allow only ERC-20 `transfer()` calls to a specific token contract, a specific recipient, and an amount below `10000`.
|
|
241
|
+
|
|
242
|
+
```ts
|
|
243
|
+
const erc20TransferPolicy = new Policy({
|
|
244
|
+
version: '1.0',
|
|
245
|
+
description: 'Simple ERC20 transfer policy',
|
|
246
|
+
rules: [
|
|
247
|
+
new Rule({
|
|
248
|
+
description: 'Allow transfer() to one recipient with value < 10000',
|
|
249
|
+
chain_type: ChainType.Ethereum,
|
|
250
|
+
conditions: [
|
|
251
|
+
{
|
|
252
|
+
logic: Logic.And,
|
|
253
|
+
abi: {
|
|
254
|
+
name: 'transfer',
|
|
255
|
+
type: 'function',
|
|
256
|
+
inputs: [
|
|
257
|
+
{ name: 'to', type: 'address' },
|
|
258
|
+
{ name: 'value', type: 'uint256' },
|
|
259
|
+
],
|
|
260
|
+
outputs: [{ name: '', type: 'bool' }],
|
|
261
|
+
},
|
|
262
|
+
group: [
|
|
263
|
+
{
|
|
264
|
+
transaction_type: TransactionType.Erc20,
|
|
265
|
+
transaction_attr: TransactionAttribute.Receiver,
|
|
266
|
+
operator: Operator.Eq,
|
|
267
|
+
value: '0x1c7d4b196cb0c7b01d743fbc6116a902379c7238',
|
|
268
|
+
},
|
|
269
|
+
{
|
|
270
|
+
transaction_type: TransactionType.Erc20,
|
|
271
|
+
transaction_attr: 'to',
|
|
272
|
+
operator: Operator.Eq,
|
|
273
|
+
value: '0x1758f42af7026fbbb559dc60ece0de3ef81f665e',
|
|
274
|
+
},
|
|
275
|
+
{
|
|
276
|
+
transaction_type: TransactionType.Erc20,
|
|
277
|
+
transaction_attr: 'value',
|
|
278
|
+
operator: Operator.Lt,
|
|
279
|
+
value: 10000,
|
|
280
|
+
},
|
|
281
|
+
],
|
|
282
|
+
},
|
|
283
|
+
],
|
|
284
|
+
}),
|
|
285
|
+
],
|
|
286
|
+
});
|
|
287
|
+
```
|
|
288
|
+
|
|
289
|
+
Example: allow a Solana native transfer only to one recipient and only if the amount is at most `100`.
|
|
290
|
+
|
|
291
|
+
```ts
|
|
292
|
+
const solTransferPolicy = new Policy({
|
|
293
|
+
version: '1.0',
|
|
294
|
+
description: 'Solana transfer policy',
|
|
295
|
+
rules: [
|
|
296
|
+
new Rule({
|
|
297
|
+
description: 'Allow transfer to one address with value <= 100',
|
|
298
|
+
chain_type: ChainType.Solana,
|
|
299
|
+
conditions: [
|
|
300
|
+
{
|
|
301
|
+
transaction_type: TransactionType.NativeTransfer,
|
|
302
|
+
transaction_attr: TransactionAttribute.Receiver,
|
|
303
|
+
operator: Operator.Eq,
|
|
304
|
+
value: 'DGUiWE2kY5rEhPNrwCGygcyrWwLxJFrH7ApFep6A8rdF',
|
|
305
|
+
},
|
|
306
|
+
{
|
|
307
|
+
transaction_type: TransactionType.NativeTransfer,
|
|
308
|
+
transaction_attr: TransactionAttribute.NativeValue,
|
|
309
|
+
operator: Operator.Lte,
|
|
310
|
+
value: 100,
|
|
311
|
+
},
|
|
312
|
+
],
|
|
313
|
+
}),
|
|
314
|
+
],
|
|
315
|
+
});
|
|
316
|
+
```
|
|
317
|
+
|
|
318
|
+
You can attach a policy during key generation:
|
|
319
|
+
|
|
320
|
+
```ts
|
|
321
|
+
const signAlgs = ['secp256k1', 'ed25519'];
|
|
322
|
+
|
|
323
|
+
const selectedEphSignAlg = 'secp256k1';
|
|
324
|
+
const sk = generateEphPrivateKey(selectedEphSignAlg);
|
|
325
|
+
const ephPK = getEphPublicKey(sk, selectedEphSignAlg);
|
|
326
|
+
const ephId = uuidv4();
|
|
327
|
+
const ephClaim = new EphKeyClaim(ephId, ephPK, selectedEphSignAlg, expireAt(60 * 60));
|
|
328
|
+
|
|
329
|
+
const resp: KeygenResponse[] = await sdk.generateKey(
|
|
330
|
+
+threshold,
|
|
331
|
+
+partiesNumber,
|
|
332
|
+
signAlgs,
|
|
333
|
+
ephClaim,
|
|
334
|
+
erc20TransferPolicy,
|
|
335
|
+
);
|
|
336
|
+
```
|
|
337
|
+
|
|
338
|
+
You can also change or remove the policy later for an existing key:
|
|
339
|
+
|
|
340
|
+
```ts
|
|
341
|
+
await sdk.updatePolicy(selectedKeyId, solTransferPolicy);
|
|
342
|
+
await sdk.deletePolicy(selectedKeyId);
|
|
343
|
+
```
|
|
344
|
+
|
|
345
|
+
In practice, a good pattern is to start with the smallest policy that supports your flow, test the exact transaction payloads your app produces, and only then broaden the rules if needed.
|
|
346
|
+
|
|
275
347
|
### Signing
|
|
276
348
|
The full signing example is [here](https://github.com/silence-laboratories/walletprovider-sdk/blob/564cca4bb59658a6e477a59e8ea554a67c26b161/demo/src/routes/+page.svelte#L374).
|
|
277
349
|
|
|
@@ -372,4 +444,4 @@ npm run docs
|
|
|
372
444
|
|
|
373
445
|
```bash
|
|
374
446
|
./local_ci.sh
|
|
375
|
-
```
|
|
447
|
+
```
|
|
@@ -0,0 +1,63 @@
|
|
|
1
|
+
import { Auth0Client } from '@auth0/auth0-spa-js';
|
|
2
|
+
import { IJWTIssuer } from './JWTAuthentication';
|
|
3
|
+
type Auth0TokenClient = Pick<Auth0Client, 'getTokenSilently' | 'getTokenWithPopup'> & Partial<Pick<Auth0Client, 'getUser' | 'isAuthenticated' | 'logout'>>;
|
|
4
|
+
export type Auth0TokenCacheMode = 'on' | 'off' | 'cache-only';
|
|
5
|
+
export type Auth0InteractiveTokenMode = 'silent' | 'popup' | 'silent-with-popup-fallback';
|
|
6
|
+
/** Configuration for Auth0-backed JWT issuance in browser/WPFE flows.
|
|
7
|
+
* @public
|
|
8
|
+
*/
|
|
9
|
+
export type Auth0JWTIssuerConfig = {
|
|
10
|
+
/** Auth0 tenant domain, for example `dev-example.us.auth0.com`. */
|
|
11
|
+
domain: string;
|
|
12
|
+
/** Auth0 Single Page Application client ID. */
|
|
13
|
+
clientId: string;
|
|
14
|
+
/** Auth0 API identifier. This makes Auth0 return a JWT access token for MPCNode verification. */
|
|
15
|
+
audience: string;
|
|
16
|
+
/** OAuth scopes to request for the Silent Network API. */
|
|
17
|
+
scope?: string;
|
|
18
|
+
/** Redirect URI registered in Auth0. Defaults to `window.location.origin` in browsers. */
|
|
19
|
+
redirectUri?: string;
|
|
20
|
+
/** Auth0 cache mode for operation tokens. Defaults to `off` so every token is challenge-bound. */
|
|
21
|
+
cacheMode?: Auth0TokenCacheMode;
|
|
22
|
+
/** Token acquisition mode. Defaults to silent first, then popup if user interaction is required. */
|
|
23
|
+
interactiveMode?: Auth0InteractiveTokenMode;
|
|
24
|
+
/** Reuse an existing Auth0 client, useful for apps that already initialize Auth0 or for tests. */
|
|
25
|
+
auth0Client?: Auth0TokenClient;
|
|
26
|
+
/** Forwarded to Auth0 SPA SDK when this issuer creates the client. */
|
|
27
|
+
useRefreshTokens?: boolean;
|
|
28
|
+
/** Forwarded to Auth0 SPA SDK when this issuer creates the client. */
|
|
29
|
+
useRefreshTokensFallback?: boolean;
|
|
30
|
+
};
|
|
31
|
+
/** Auth0 implementation of `IJWTIssuer` for browser/WPFE social-login flows.
|
|
32
|
+
* @public
|
|
33
|
+
*/
|
|
34
|
+
export declare class Auth0JWTIssuer implements IJWTIssuer {
|
|
35
|
+
private readonly config;
|
|
36
|
+
private auth0Client;
|
|
37
|
+
private auth0ClientPromise;
|
|
38
|
+
constructor(config: Auth0JWTIssuerConfig);
|
|
39
|
+
/** Request a fresh Auth0 access token bound to the provided operation challenge. */
|
|
40
|
+
issueToken(challenge: string): Promise<string>;
|
|
41
|
+
/** Return whether Auth0 currently has an authenticated browser session.
|
|
42
|
+
* @public
|
|
43
|
+
*/
|
|
44
|
+
isAuthenticated(): Promise<boolean>;
|
|
45
|
+
/** Return the Auth0 user profile for the current browser session.
|
|
46
|
+
* @public
|
|
47
|
+
*/
|
|
48
|
+
getUser<TUser extends Record<string, unknown> = Record<string, unknown>>(): Promise<TUser | undefined>;
|
|
49
|
+
/** Log out the Auth0 browser session.
|
|
50
|
+
* @public
|
|
51
|
+
*/
|
|
52
|
+
logout(options?: Parameters<Auth0Client['logout']>[0]): Promise<void>;
|
|
53
|
+
private validateInputs;
|
|
54
|
+
private getClient;
|
|
55
|
+
private buildClientOptions;
|
|
56
|
+
private getRedirectUri;
|
|
57
|
+
private buildAuthorizationParams;
|
|
58
|
+
private getToken;
|
|
59
|
+
private getTokenWithPopup;
|
|
60
|
+
private isInteractiveAuthError;
|
|
61
|
+
private validateTokenChallenge;
|
|
62
|
+
}
|
|
63
|
+
export {};
|
|
@@ -1,7 +1,6 @@
|
|
|
1
|
-
import { AuthModule
|
|
2
|
-
import { ApiVersion, RequestPayloadV1, RequestPayloadV2, Slug } from '../client/walletProviderServiceClientInterface';
|
|
3
|
-
import {
|
|
4
|
-
import { AddEphKeyRequest, CreateStateControllerRequest, DeleteStateControllerRequest, KeyIdOfPolicy, KeyRefreshRequest, RegisterPasskeyRequest, RevokeEphKeyRequest, UpdatePolicyRequest } from '../client/networkRequest';
|
|
1
|
+
import { AuthModule } from '../auth/authentication';
|
|
2
|
+
import { ApiVersion, RequestPayloadV1, RequestPayloadV2, Slug, WpUserSignatures } from '../client/walletProviderServiceClientInterface';
|
|
3
|
+
import { KeygenSetupOpts } from '../setupMessage';
|
|
5
4
|
export type UserSignaturesOptionalParams = {
|
|
6
5
|
challenge?: string | undefined;
|
|
7
6
|
};
|
|
@@ -21,15 +20,5 @@ export declare class UserSignatures {
|
|
|
21
20
|
setKeygenUserSigs(payload: KeygenSetupOpts[], challenges?: {
|
|
22
21
|
[key: string]: string;
|
|
23
22
|
}): Promise<void>;
|
|
24
|
-
|
|
25
|
-
setAddEphKeyUserSigs(authParams: AuthModuleParams<AddEphKeyRequest>): Promise<void>;
|
|
26
|
-
setRevokeEphKeyUserSigs(authParams: AuthModuleParams<RevokeEphKeyRequest>): Promise<void>;
|
|
27
|
-
setRegisterPasskeyUserSigs(authParams: AuthModuleParams<RegisterPasskeyRequest>): Promise<void>;
|
|
28
|
-
setKeyRefreshUserSigs(authParams: AuthModuleParams<KeyRefreshRequest>): Promise<void>;
|
|
29
|
-
setFinishPresignUserSigs(authParams: AuthModuleParams<FinishPresignOpts>): Promise<void>;
|
|
30
|
-
setUpdatePolicyUserSigs(authParams: AuthModuleParams<UpdatePolicyRequest>): Promise<void>;
|
|
31
|
-
setKeyIdOfPolicyUserSigs(authParams: AuthModuleParams<KeyIdOfPolicy>): Promise<void>;
|
|
32
|
-
setCreateStateControllerUserSigs(authParams: AuthModuleParams<CreateStateControllerRequest>): Promise<void>;
|
|
33
|
-
setDeleteStateControllerUserSigs(authParams: AuthModuleParams<DeleteStateControllerRequest>): Promise<void>;
|
|
34
|
-
build(slug: Slug, payload: RequestPayloadV1 | RequestPayloadV2, options?: UserSignaturesOptionalParams): Promise<Record<string, UserAuthentication>>;
|
|
23
|
+
build(slug: Slug, payload: RequestPayloadV1 | RequestPayloadV2, options?: UserSignaturesOptionalParams): Promise<WpUserSignatures>;
|
|
35
24
|
}
|
|
@@ -140,3 +140,31 @@ export declare class DeleteStateControllerRequest implements EoaAuthPayload {
|
|
|
140
140
|
}[];
|
|
141
141
|
};
|
|
142
142
|
}
|
|
143
|
+
export declare class DryRunPolicyRequest implements EoaAuthPayload {
|
|
144
|
+
readonly key_id: string;
|
|
145
|
+
readonly message: string;
|
|
146
|
+
readonly signAlg: string;
|
|
147
|
+
readonly policy: string;
|
|
148
|
+
readonly state_controllers: string;
|
|
149
|
+
readonly initial_state_entries: string;
|
|
150
|
+
readonly evaluation_count: number;
|
|
151
|
+
constructor({ keyId, message, signAlg, policy, stateControllers, initialStateEntries, evaluationCount, }: {
|
|
152
|
+
keyId: string;
|
|
153
|
+
message: string;
|
|
154
|
+
signAlg: string;
|
|
155
|
+
policy: Policy | '';
|
|
156
|
+
stateControllers: string;
|
|
157
|
+
initialStateEntries: string;
|
|
158
|
+
evaluationCount?: number;
|
|
159
|
+
});
|
|
160
|
+
get eoaRequestSchema(): {
|
|
161
|
+
Request: {
|
|
162
|
+
name: string;
|
|
163
|
+
type: string;
|
|
164
|
+
}[];
|
|
165
|
+
DryRunPolicyRequest: {
|
|
166
|
+
name: string;
|
|
167
|
+
type: string;
|
|
168
|
+
}[];
|
|
169
|
+
};
|
|
170
|
+
}
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import {
|
|
1
|
+
import { Action, PolicyStateController } from '../policy';
|
|
2
2
|
/**
|
|
3
3
|
* Response from the SDK for keygen. Receive plaintext response from network.
|
|
4
4
|
* @public
|
|
@@ -101,14 +101,7 @@ export interface StateEntryResponse {
|
|
|
101
101
|
* Response from the network for getting policy state controller request.
|
|
102
102
|
* @public
|
|
103
103
|
*/
|
|
104
|
-
export interface StateControllerResponse {
|
|
105
|
-
id: string;
|
|
106
|
-
key_id: string;
|
|
107
|
-
description: string;
|
|
108
|
-
method: string;
|
|
109
|
-
window_config: StateControllerWindowConfig;
|
|
110
|
-
partition_by: StateControllerPartitionField[];
|
|
111
|
-
referenced_by: string | null;
|
|
104
|
+
export interface StateControllerResponse extends PolicyStateController {
|
|
112
105
|
entries: StateEntryResponse[];
|
|
113
106
|
}
|
|
114
107
|
/**
|
|
@@ -125,4 +118,31 @@ export interface GetStateControllersResponse {
|
|
|
125
118
|
export interface DeleteStateControllerResponse {
|
|
126
119
|
status: string;
|
|
127
120
|
}
|
|
121
|
+
/**
|
|
122
|
+
* Response from the network for dry-run policy state entry changes.
|
|
123
|
+
* @public
|
|
124
|
+
*/
|
|
125
|
+
export interface DryRunPolicyStateEntry {
|
|
126
|
+
controller_id: string;
|
|
127
|
+
partition_key: number[];
|
|
128
|
+
window_start: string;
|
|
129
|
+
value: string;
|
|
130
|
+
base_version?: number | null;
|
|
131
|
+
}
|
|
132
|
+
/**
|
|
133
|
+
* Response from the network for dry-run policy request.
|
|
134
|
+
* @public
|
|
135
|
+
*/
|
|
136
|
+
export interface DryRunPolicyResponse {
|
|
137
|
+
policy_valid: boolean;
|
|
138
|
+
stateful: boolean;
|
|
139
|
+
evaluation_count: number;
|
|
140
|
+
results: {
|
|
141
|
+
evaluation_index: number;
|
|
142
|
+
evaluated_at?: string;
|
|
143
|
+
action: Action;
|
|
144
|
+
reasons?: string[];
|
|
145
|
+
state_changes?: DryRunPolicyStateEntry[];
|
|
146
|
+
}[];
|
|
147
|
+
}
|
|
128
148
|
export {};
|
|
@@ -7,7 +7,7 @@ import { Policy } from '../policy';
|
|
|
7
7
|
* Supported signature algorithms for MPC signing.
|
|
8
8
|
* @public
|
|
9
9
|
*/
|
|
10
|
-
export type MPCSignAlgorithm = 'ed25519' | 'secp256k1';
|
|
10
|
+
export type MPCSignAlgorithm = 'ed25519' | 'secp256k1' | 'mldsa44' | 'mldsa65' | 'mldsa87';
|
|
11
11
|
/** The networkSigner contains an API to communicate with the Silent MPC Network. Call to sign and keygen require
|
|
12
12
|
* the Auth module, that is used to prompt the User before executing the request.
|
|
13
13
|
* @public
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
import { AuthModule, UserAuthentication } from '../auth/authentication';
|
|
2
2
|
import { KeygenResponse, SignResponse, AddEphKeyResponse, RegisterPasskeyResponse, RevokeEphKeyResponse, KeyRefreshResponse, UpdatePolicyResponse, DeletePolicyResponse } from './networkResponse';
|
|
3
3
|
import { KeygenSetupOpts, SignSetupOpts, InitPresignOpts, FinishPresignOpts } from '../setupMessage';
|
|
4
|
-
import { AddEphKeyRequest, CreateStateControllerRequest, KeyIdOfPolicy, DeleteStateControllerRequest, KeyRefreshRequest, RegisterPasskeyRequest, RevokeEphKeyRequest, UpdatePolicyRequest } from './networkRequest';
|
|
4
|
+
import { AddEphKeyRequest, CreateStateControllerRequest, KeyIdOfPolicy, DeleteStateControllerRequest, KeyRefreshRequest, RegisterPasskeyRequest, RevokeEphKeyRequest, UpdatePolicyRequest, DryRunPolicyRequest } from './networkRequest';
|
|
5
5
|
/**
|
|
6
6
|
* The config used to create Wallet Provider Service backend client.
|
|
7
7
|
* Please refer to {@link https://shipyard.rs/silencelaboratories/crates/wallet-provider-service | example backend service}
|
|
@@ -24,7 +24,10 @@ export type ClientConfig = {
|
|
|
24
24
|
* @public
|
|
25
25
|
*/
|
|
26
26
|
export type ApiVersion = 'v1' | 'v2';
|
|
27
|
-
export type
|
|
27
|
+
export type WpChallengeMessage = string;
|
|
28
|
+
export type WpResultMessage = string;
|
|
29
|
+
export type WpUserSignatures = Record<string, UserAuthentication>;
|
|
30
|
+
export type Signer = (challenge: WpChallengeMessage) => Promise<UserAuthentication>;
|
|
28
31
|
/** Interface for client of Wallet Provider Service
|
|
29
32
|
* @public
|
|
30
33
|
*/
|
|
@@ -63,12 +66,13 @@ export interface IWalletProviderServiceClient {
|
|
|
63
66
|
authModule: AuthModule;
|
|
64
67
|
}): Promise<DeletePolicyResponse>;
|
|
65
68
|
}
|
|
66
|
-
export type Slug = 'signgen' | 'keygen' | 'keyRefresh' | 'quorumChange' | 'addEphemeralKey' | 'revokeEphemeralKey' | 'registerPasskey' | 'initPresign' | 'finishPresign' | 'updatePolicy' | 'deletePolicy' | 'getStateControllers' | 'createStateController' | 'deleteStateController';
|
|
69
|
+
export type Slug = 'signgen' | 'keygen' | 'keyRefresh' | 'quorumChange' | 'addEphemeralKey' | 'revokeEphemeralKey' | 'registerPasskey' | 'initPresign' | 'finishPresign' | 'updatePolicy' | 'deletePolicy' | 'getStateControllers' | 'createStateController' | 'deleteStateController' | 'dryRunPolicy';
|
|
67
70
|
export type RequestPayloadV1 = KeygenSetupOpts[] | KeyRefreshRequest | SignSetupOpts | AddEphKeyRequest | RevokeEphKeyRequest | RegisterPasskeyRequest | UpdatePolicyRequest | KeyIdOfPolicy | FinishPresignOpts;
|
|
68
|
-
export type RequestPayloadV2 = KeygenSetupOpts[] | SignSetupOpts | AddEphKeyRequest | RevokeEphKeyRequest | InitPresignOpts | FinishPresignOpts | UpdatePolicyRequest | KeyIdOfPolicy | CreateStateControllerRequest | DeleteStateControllerRequest;
|
|
71
|
+
export type RequestPayloadV2 = KeygenSetupOpts[] | SignSetupOpts | AddEphKeyRequest | RevokeEphKeyRequest | InitPresignOpts | FinishPresignOpts | UpdatePolicyRequest | KeyIdOfPolicy | CreateStateControllerRequest | DeleteStateControllerRequest | DryRunPolicyRequest;
|
|
72
|
+
export type WpPayload = RequestPayloadV1 | RequestPayloadV2;
|
|
69
73
|
export interface WpRequest {
|
|
70
|
-
payload:
|
|
71
|
-
userSigs:
|
|
74
|
+
payload: WpPayload;
|
|
75
|
+
userSigs: WpUserSignatures | undefined;
|
|
72
76
|
}
|
|
73
77
|
/** Interface for client of Wallet Provider Service
|
|
74
78
|
* @public
|