@socialproof/memory-mcp 0.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +189 -0
- package/dist/bin/memory-mcp.d.ts +2 -0
- package/dist/bin/memory-mcp.js +3 -0
- package/dist/cli.d.ts +2 -0
- package/dist/cli.js +61 -0
- package/dist/credentials.d.ts +21 -0
- package/dist/credentials.js +157 -0
- package/dist/errors.d.ts +26 -0
- package/dist/errors.js +57 -0
- package/dist/hosted.d.ts +15 -0
- package/dist/hosted.js +108 -0
- package/dist/index.d.ts +11 -0
- package/dist/index.js +20 -0
- package/dist/oauth.d.ts +25 -0
- package/dist/oauth.js +104 -0
- package/dist/provisioning.d.ts +19 -0
- package/dist/provisioning.js +70 -0
- package/dist/server.d.ts +3 -0
- package/dist/server.js +28 -0
- package/dist/signers.d.ts +119 -0
- package/dist/signers.js +323 -0
- package/dist/social-gateway.d.ts +195 -0
- package/dist/social-gateway.js +671 -0
- package/dist/tools.d.ts +29 -0
- package/dist/tools.js +1089 -0
- package/dist/version.d.ts +3 -0
- package/dist/version.js +12 -0
- package/package.json +42 -0
package/dist/index.js
ADDED
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
import path from "node:path";
|
|
2
|
+
import { fileURLToPath } from "node:url";
|
|
3
|
+
import { runCliMain } from "./cli.js";
|
|
4
|
+
export { runCli, runCliMain } from "./cli.js";
|
|
5
|
+
export { DEFAULT_CREDENTIALS_PATH, loadCredentials, parseCredentials, } from "./credentials.js";
|
|
6
|
+
export { McpRuntimeError, formatStartupError, redactSensitiveText, toStructuredMcpError, } from "./errors.js";
|
|
7
|
+
export { createMemoryMcpServer } from "./server.js";
|
|
8
|
+
export { createHostedMcpHttpServer } from "./hosted.js";
|
|
9
|
+
export { authenticateHostedRequest, OAuthIntrospectionVerifier, } from "./oauth.js";
|
|
10
|
+
export { SponsoredSocialGateway, } from "./social-gateway.js";
|
|
11
|
+
export { InjectedAgentSigner, KmsSessionAgentSigner, HttpKmsSessionAuthorizer, RemoteKmsSigningProvider, LocalEd25519Signer, createCliSigner, } from "./signers.js";
|
|
12
|
+
export { LocalKeychainAgentProvisioner, } from "./provisioning.js";
|
|
13
|
+
export { createToolCatalog, executeTool, TOOL_OAUTH_SCOPES, } from "./tools.js";
|
|
14
|
+
export { MCP_PACKAGE_NAME, MCP_PACKAGE_VERSION, MCP_SERVER_NAME, } from "./version.js";
|
|
15
|
+
function isMainModule() {
|
|
16
|
+
const entrypoint = process.argv[1];
|
|
17
|
+
return Boolean(entrypoint) && path.resolve(entrypoint) === fileURLToPath(import.meta.url);
|
|
18
|
+
}
|
|
19
|
+
if (isMainModule())
|
|
20
|
+
runCliMain();
|
package/dist/oauth.d.ts
ADDED
|
@@ -0,0 +1,25 @@
|
|
|
1
|
+
import type { IncomingMessage } from "node:http";
|
|
2
|
+
import type { OAuthTokenVerifier } from "@modelcontextprotocol/sdk/server/auth/provider.js";
|
|
3
|
+
import type { AuthInfo } from "@modelcontextprotocol/sdk/server/auth/types.js";
|
|
4
|
+
export interface OAuthIntrospectionVerifierOptions {
|
|
5
|
+
introspectionUrl: string;
|
|
6
|
+
clientId: string;
|
|
7
|
+
clientSecret: string;
|
|
8
|
+
resourceUrl: string;
|
|
9
|
+
fetch?: typeof globalThis.fetch;
|
|
10
|
+
}
|
|
11
|
+
/** RFC 7662 verifier. Introspection on every MCP request makes token revocation immediate. */
|
|
12
|
+
export declare class OAuthIntrospectionVerifier implements OAuthTokenVerifier {
|
|
13
|
+
private readonly options;
|
|
14
|
+
private readonly fetchImpl;
|
|
15
|
+
private readonly resource;
|
|
16
|
+
constructor(options: OAuthIntrospectionVerifierOptions);
|
|
17
|
+
verifyAccessToken(token: string): Promise<AuthInfo>;
|
|
18
|
+
}
|
|
19
|
+
export interface HostedMcpPrincipal {
|
|
20
|
+
auth: AuthInfo;
|
|
21
|
+
accountId: string;
|
|
22
|
+
agentObjectId: string;
|
|
23
|
+
signerSessionId: string;
|
|
24
|
+
}
|
|
25
|
+
export declare function authenticateHostedRequest(request: IncomingMessage, verifier: OAuthTokenVerifier, resource: URL): Promise<HostedMcpPrincipal>;
|
package/dist/oauth.js
ADDED
|
@@ -0,0 +1,104 @@
|
|
|
1
|
+
import { McpRuntimeError } from "./errors.js";
|
|
2
|
+
/** RFC 7662 verifier. Introspection on every MCP request makes token revocation immediate. */
|
|
3
|
+
export class OAuthIntrospectionVerifier {
|
|
4
|
+
options;
|
|
5
|
+
fetchImpl;
|
|
6
|
+
resource;
|
|
7
|
+
constructor(options) {
|
|
8
|
+
this.options = options;
|
|
9
|
+
if (!options.introspectionUrl.startsWith("https://") && !options.introspectionUrl.startsWith("http://localhost")) {
|
|
10
|
+
throw new McpRuntimeError("INVALID_CONFIGURATION", "OAuth introspection must use HTTPS.");
|
|
11
|
+
}
|
|
12
|
+
if (!options.clientId || !options.clientSecret) {
|
|
13
|
+
throw new McpRuntimeError("INVALID_CONFIGURATION", "OAuth introspection client credentials are required.");
|
|
14
|
+
}
|
|
15
|
+
this.fetchImpl = options.fetch ?? globalThis.fetch;
|
|
16
|
+
this.resource = new URL(options.resourceUrl);
|
|
17
|
+
}
|
|
18
|
+
async verifyAccessToken(token) {
|
|
19
|
+
const form = new URLSearchParams({ token, token_type_hint: "access_token" });
|
|
20
|
+
const basic = Buffer.from(`${this.options.clientId}:${this.options.clientSecret}`).toString("base64");
|
|
21
|
+
const response = await this.fetchImpl(this.options.introspectionUrl, {
|
|
22
|
+
method: "POST",
|
|
23
|
+
headers: {
|
|
24
|
+
authorization: `Basic ${basic}`,
|
|
25
|
+
"content-type": "application/x-www-form-urlencoded",
|
|
26
|
+
accept: "application/json",
|
|
27
|
+
},
|
|
28
|
+
body: form,
|
|
29
|
+
});
|
|
30
|
+
if (!response.ok) {
|
|
31
|
+
throw new McpRuntimeError("AUTHENTICATION_FAILED", "OAuth token introspection failed.");
|
|
32
|
+
}
|
|
33
|
+
const result = await response.json();
|
|
34
|
+
if (result.active !== true) {
|
|
35
|
+
throw new McpRuntimeError("AUTHENTICATION_FAILED", "OAuth token is inactive or revoked.");
|
|
36
|
+
}
|
|
37
|
+
const audience = Array.isArray(result.aud) ? result.aud : [result.aud];
|
|
38
|
+
const expected = normalizeResource(this.resource);
|
|
39
|
+
if (!audience.some((value) => typeof value === "string" && safeNormalizedResource(value) === expected)) {
|
|
40
|
+
throw new McpRuntimeError("AUTHENTICATION_FAILED", "OAuth token audience is invalid.");
|
|
41
|
+
}
|
|
42
|
+
const scopes = typeof result.scope === "string" ? result.scope.split(/\s+/).filter(Boolean) : [];
|
|
43
|
+
const clientId = typeof result.client_id === "string" ? result.client_id : "";
|
|
44
|
+
if (!clientId) {
|
|
45
|
+
throw new McpRuntimeError("AUTHENTICATION_FAILED", "OAuth token client_id is missing.");
|
|
46
|
+
}
|
|
47
|
+
return {
|
|
48
|
+
token,
|
|
49
|
+
clientId,
|
|
50
|
+
scopes,
|
|
51
|
+
expiresAt: typeof result.exp === "number" ? result.exp : undefined,
|
|
52
|
+
resource: this.resource,
|
|
53
|
+
extra: {
|
|
54
|
+
accountId: result.account_id,
|
|
55
|
+
agentObjectId: result.agent_object_id,
|
|
56
|
+
signerSessionId: result.signer_session_id,
|
|
57
|
+
},
|
|
58
|
+
};
|
|
59
|
+
}
|
|
60
|
+
}
|
|
61
|
+
function safeNormalizedResource(value) {
|
|
62
|
+
try {
|
|
63
|
+
return normalizeResource(new URL(value));
|
|
64
|
+
}
|
|
65
|
+
catch {
|
|
66
|
+
return "";
|
|
67
|
+
}
|
|
68
|
+
}
|
|
69
|
+
function extraString(auth, name) {
|
|
70
|
+
const value = auth.extra?.[name];
|
|
71
|
+
if (typeof value !== "string" || !value.trim()) {
|
|
72
|
+
throw new McpRuntimeError("AUTHENTICATION_FAILED", `OAuth token is missing ${name}.`);
|
|
73
|
+
}
|
|
74
|
+
return value;
|
|
75
|
+
}
|
|
76
|
+
export async function authenticateHostedRequest(request, verifier, resource) {
|
|
77
|
+
const header = request.headers.authorization;
|
|
78
|
+
const match = typeof header === "string" ? /^Bearer ([A-Za-z0-9._~+\/-]+=*)$/.exec(header) : null;
|
|
79
|
+
if (!match) {
|
|
80
|
+
throw new McpRuntimeError("AUTHENTICATION_FAILED", "A Bearer access token is required.");
|
|
81
|
+
}
|
|
82
|
+
const auth = await verifier.verifyAccessToken(match[1]);
|
|
83
|
+
const nowSeconds = Math.floor(Date.now() / 1000);
|
|
84
|
+
if (auth.expiresAt !== undefined && auth.expiresAt <= nowSeconds) {
|
|
85
|
+
throw new McpRuntimeError("AUTHENTICATION_FAILED", "The OAuth access token expired.");
|
|
86
|
+
}
|
|
87
|
+
if (!auth.scopes.includes("mcp:connect")) {
|
|
88
|
+
throw new McpRuntimeError("CAPABILITY_DENIED", "The OAuth token lacks mcp:connect.");
|
|
89
|
+
}
|
|
90
|
+
if (!auth.resource || normalizeResource(auth.resource) !== normalizeResource(resource)) {
|
|
91
|
+
throw new McpRuntimeError("AUTHENTICATION_FAILED", "The OAuth token audience does not match this MCP resource.");
|
|
92
|
+
}
|
|
93
|
+
return {
|
|
94
|
+
auth,
|
|
95
|
+
accountId: extraString(auth, "accountId"),
|
|
96
|
+
agentObjectId: extraString(auth, "agentObjectId"),
|
|
97
|
+
signerSessionId: extraString(auth, "signerSessionId"),
|
|
98
|
+
};
|
|
99
|
+
}
|
|
100
|
+
function normalizeResource(value) {
|
|
101
|
+
const copy = new URL(value);
|
|
102
|
+
copy.hash = "";
|
|
103
|
+
return copy.toString().replace(/\/$/, "");
|
|
104
|
+
}
|
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
export interface ProvisionedAgentSigner {
|
|
2
|
+
publicKeyHex: string;
|
|
3
|
+
derivedAddress: string;
|
|
4
|
+
signer: {
|
|
5
|
+
type: "keychain" | "kms-session";
|
|
6
|
+
keyId: string;
|
|
7
|
+
service?: string;
|
|
8
|
+
account?: string;
|
|
9
|
+
};
|
|
10
|
+
}
|
|
11
|
+
export interface AgentSignerProvisioner {
|
|
12
|
+
provision(label: string): Promise<ProvisionedAgentSigner>;
|
|
13
|
+
}
|
|
14
|
+
/** Generates an Ed25519 seed and stores it in macOS Keychain without returning it. */
|
|
15
|
+
export declare class LocalKeychainAgentProvisioner implements AgentSignerProvisioner {
|
|
16
|
+
private readonly service;
|
|
17
|
+
constructor(service?: string);
|
|
18
|
+
provision(label: string): Promise<ProvisionedAgentSigner>;
|
|
19
|
+
}
|
|
@@ -0,0 +1,70 @@
|
|
|
1
|
+
import { execFileSync } from "node:child_process";
|
|
2
|
+
import { randomBytes } from "node:crypto";
|
|
3
|
+
import { McpRuntimeError } from "./errors.js";
|
|
4
|
+
import { LocalEd25519Signer } from "./signers.js";
|
|
5
|
+
/** Generates an Ed25519 seed and stores it in macOS Keychain without returning it. */
|
|
6
|
+
export class LocalKeychainAgentProvisioner {
|
|
7
|
+
service;
|
|
8
|
+
constructor(service = "network.mysocial.memory-agent") {
|
|
9
|
+
this.service = service;
|
|
10
|
+
}
|
|
11
|
+
async provision(label) {
|
|
12
|
+
if (process.platform !== "darwin") {
|
|
13
|
+
throw new McpRuntimeError("SIGNER_UNAVAILABLE", "Local agent provisioning requires macOS Keychain; hosted runtimes must inject a KMS provisioner.");
|
|
14
|
+
}
|
|
15
|
+
const account = label.trim();
|
|
16
|
+
if (!/^[A-Za-z0-9._-]{1,64}$/.test(account)) {
|
|
17
|
+
throw new McpRuntimeError("INVALID_ARGUMENT", "Agent signer label must contain 1-64 letters, numbers, dots, underscores, or hyphens.");
|
|
18
|
+
}
|
|
19
|
+
try {
|
|
20
|
+
execFileSync("/usr/bin/security", [
|
|
21
|
+
"find-generic-password",
|
|
22
|
+
"-s",
|
|
23
|
+
this.service,
|
|
24
|
+
"-a",
|
|
25
|
+
account,
|
|
26
|
+
], { stdio: "ignore" });
|
|
27
|
+
throw new McpRuntimeError("CONFLICT", "A Keychain signer already exists for this label; choose a new label.");
|
|
28
|
+
}
|
|
29
|
+
catch (error) {
|
|
30
|
+
if (error instanceof McpRuntimeError)
|
|
31
|
+
throw error;
|
|
32
|
+
}
|
|
33
|
+
const secret = Uint8Array.from(randomBytes(32));
|
|
34
|
+
const signer = new LocalEd25519Signer("keychain", `${this.service}:${account}`, secret);
|
|
35
|
+
try {
|
|
36
|
+
const [publicKey, derivedAddress] = await Promise.all([
|
|
37
|
+
signer.getPublicKey(),
|
|
38
|
+
signer.getMySoAddress(),
|
|
39
|
+
]);
|
|
40
|
+
execFileSync("/usr/bin/security", [
|
|
41
|
+
"add-generic-password",
|
|
42
|
+
"-s",
|
|
43
|
+
this.service,
|
|
44
|
+
"-a",
|
|
45
|
+
account,
|
|
46
|
+
"-w",
|
|
47
|
+
Buffer.from(secret).toString("hex"),
|
|
48
|
+
], { stdio: ["ignore", "ignore", "ignore"] });
|
|
49
|
+
return {
|
|
50
|
+
publicKeyHex: Buffer.from(publicKey).toString("hex"),
|
|
51
|
+
derivedAddress,
|
|
52
|
+
signer: {
|
|
53
|
+
type: "keychain",
|
|
54
|
+
keyId: `${this.service}:${account}`,
|
|
55
|
+
service: this.service,
|
|
56
|
+
account,
|
|
57
|
+
},
|
|
58
|
+
};
|
|
59
|
+
}
|
|
60
|
+
catch (error) {
|
|
61
|
+
throw new McpRuntimeError("SIGNER_UNAVAILABLE", "Unable to provision the agent signer.", {
|
|
62
|
+
cause: error,
|
|
63
|
+
});
|
|
64
|
+
}
|
|
65
|
+
finally {
|
|
66
|
+
signer.destroy();
|
|
67
|
+
secret.fill(0);
|
|
68
|
+
}
|
|
69
|
+
}
|
|
70
|
+
}
|
package/dist/server.d.ts
ADDED
package/dist/server.js
ADDED
|
@@ -0,0 +1,28 @@
|
|
|
1
|
+
import { Server } from "@modelcontextprotocol/sdk/server/index.js";
|
|
2
|
+
import { CallToolRequestSchema, ListToolsRequestSchema, } from "@modelcontextprotocol/sdk/types.js";
|
|
3
|
+
import { MCP_PACKAGE_VERSION, MCP_SERVER_NAME } from "./version.js";
|
|
4
|
+
import { createToolCatalog, executeTool } from "./tools.js";
|
|
5
|
+
export function createMemoryMcpServer(dependencies) {
|
|
6
|
+
const socialToolNames = dependencies.social?.supportedToolNames ?? [];
|
|
7
|
+
const server = new Server({ name: MCP_SERVER_NAME, version: MCP_PACKAGE_VERSION }, {
|
|
8
|
+
capabilities: { tools: {} },
|
|
9
|
+
instructions: "Use memory tools for encrypted recall and registered social tools for agent-authorized actions. Tool annotations are descriptive; server and chain policy remain authoritative.",
|
|
10
|
+
});
|
|
11
|
+
server.setRequestHandler(ListToolsRequestSchema, async () => ({
|
|
12
|
+
tools: createToolCatalog(socialToolNames, dependencies.oauthScopes),
|
|
13
|
+
}));
|
|
14
|
+
server.setRequestHandler(CallToolRequestSchema, async (request) => {
|
|
15
|
+
const name = request.params.name;
|
|
16
|
+
const args = (request.params.arguments ?? {});
|
|
17
|
+
const envelope = await executeTool(name, args, dependencies);
|
|
18
|
+
const summary = envelope.ok
|
|
19
|
+
? `${name} completed successfully.`
|
|
20
|
+
: `${envelope.error.code}: ${envelope.error.message}`;
|
|
21
|
+
return {
|
|
22
|
+
content: [{ type: "text", text: summary }],
|
|
23
|
+
structuredContent: envelope,
|
|
24
|
+
...(envelope.ok ? {} : { isError: true }),
|
|
25
|
+
};
|
|
26
|
+
});
|
|
27
|
+
return server;
|
|
28
|
+
}
|
|
@@ -0,0 +1,119 @@
|
|
|
1
|
+
export interface AgentSigner {
|
|
2
|
+
readonly kind: "keychain" | "development-file" | "injected" | "kms-session";
|
|
3
|
+
readonly keyId: string;
|
|
4
|
+
getPublicKey(): Promise<Uint8Array>;
|
|
5
|
+
sign(message: Uint8Array): Promise<Uint8Array>;
|
|
6
|
+
getMySoAddress(): Promise<string>;
|
|
7
|
+
signTransaction(transactionBytes: Uint8Array): Promise<string>;
|
|
8
|
+
destroy(): void;
|
|
9
|
+
}
|
|
10
|
+
export type KmsSigningOperation = "http-auth" | "transaction";
|
|
11
|
+
export interface KmsSessionPolicy {
|
|
12
|
+
sessionId: string;
|
|
13
|
+
keyId: string;
|
|
14
|
+
accountId: string;
|
|
15
|
+
agentObjectId: string;
|
|
16
|
+
expectedAddress: string;
|
|
17
|
+
expiresAtMs: number;
|
|
18
|
+
}
|
|
19
|
+
/** Vendor adapter; implementations may use GCP KMS, an HSM, or a TEE signer. */
|
|
20
|
+
export interface KmsSigningProvider {
|
|
21
|
+
getPublicKey(keyId: string): Promise<Uint8Array>;
|
|
22
|
+
signEd25519(keyId: string, message: Uint8Array): Promise<Uint8Array>;
|
|
23
|
+
signTransaction(keyId: string, transactionBytes: Uint8Array): Promise<string>;
|
|
24
|
+
}
|
|
25
|
+
/** Must check the hosted session and current on-chain agent state, not a stale login cache. */
|
|
26
|
+
export interface KmsSessionAuthorizer {
|
|
27
|
+
assertActive(policy: Readonly<KmsSessionPolicy>, operation: KmsSigningOperation): Promise<void>;
|
|
28
|
+
}
|
|
29
|
+
export declare class KmsSessionAgentSigner implements AgentSigner {
|
|
30
|
+
private readonly policy;
|
|
31
|
+
private readonly provider;
|
|
32
|
+
private readonly authorizer;
|
|
33
|
+
readonly kind: "kms-session";
|
|
34
|
+
readonly keyId: string;
|
|
35
|
+
private active;
|
|
36
|
+
constructor(policy: Readonly<KmsSessionPolicy>, provider: KmsSigningProvider, authorizer: KmsSessionAuthorizer);
|
|
37
|
+
getPublicKey(): Promise<Uint8Array>;
|
|
38
|
+
sign(message: Uint8Array): Promise<Uint8Array>;
|
|
39
|
+
getMySoAddress(): Promise<string>;
|
|
40
|
+
signTransaction(transactionBytes: Uint8Array): Promise<string>;
|
|
41
|
+
destroy(): void;
|
|
42
|
+
private guard;
|
|
43
|
+
}
|
|
44
|
+
export interface RemoteKmsClientOptions {
|
|
45
|
+
baseUrl: string;
|
|
46
|
+
bearerToken(): string | Promise<string>;
|
|
47
|
+
fetch?: typeof globalThis.fetch;
|
|
48
|
+
}
|
|
49
|
+
/** HTTP adapter for a private KMS/HSM signing service. No private key is returned. */
|
|
50
|
+
export declare class RemoteKmsSigningProvider implements KmsSigningProvider {
|
|
51
|
+
private readonly options;
|
|
52
|
+
private readonly baseUrl;
|
|
53
|
+
private readonly fetchImpl;
|
|
54
|
+
constructor(options: RemoteKmsClientOptions);
|
|
55
|
+
getPublicKey(keyId: string): Promise<Uint8Array>;
|
|
56
|
+
signEd25519(keyId: string, message: Uint8Array): Promise<Uint8Array>;
|
|
57
|
+
signTransaction(keyId: string, transactionBytes: Uint8Array): Promise<string>;
|
|
58
|
+
private request;
|
|
59
|
+
}
|
|
60
|
+
export declare class HttpKmsSessionAuthorizer implements KmsSessionAuthorizer {
|
|
61
|
+
private readonly options;
|
|
62
|
+
private readonly baseUrl;
|
|
63
|
+
private readonly fetchImpl;
|
|
64
|
+
constructor(options: RemoteKmsClientOptions);
|
|
65
|
+
assertActive(policy: Readonly<KmsSessionPolicy>, operation: KmsSigningOperation): Promise<void>;
|
|
66
|
+
}
|
|
67
|
+
export interface LocalSecretAgentSigner extends AgentSigner {
|
|
68
|
+
/**
|
|
69
|
+
* Makes a temporary in-process copy available to a local SDK adapter.
|
|
70
|
+
* The copy is zeroed immediately after the callback resolves and must never
|
|
71
|
+
* be serialized, logged, or attached to a request.
|
|
72
|
+
*/
|
|
73
|
+
withLocalSecret<T>(callback: (secretKey: Uint8Array) => T | Promise<T>): Promise<T>;
|
|
74
|
+
}
|
|
75
|
+
export interface KeychainSignerReference {
|
|
76
|
+
type: "keychain";
|
|
77
|
+
service: string;
|
|
78
|
+
account: string;
|
|
79
|
+
}
|
|
80
|
+
export interface DevelopmentFileSignerReference {
|
|
81
|
+
type: "development-file";
|
|
82
|
+
path: string;
|
|
83
|
+
}
|
|
84
|
+
export type CliSignerReference = KeychainSignerReference | DevelopmentFileSignerReference;
|
|
85
|
+
export interface InjectedSignerCallbacks {
|
|
86
|
+
keyId: string;
|
|
87
|
+
getPublicKey: () => Promise<Uint8Array> | Uint8Array;
|
|
88
|
+
sign: (message: Uint8Array) => Promise<Uint8Array> | Uint8Array;
|
|
89
|
+
getMySoAddress: () => Promise<string> | string;
|
|
90
|
+
signTransaction: (transactionBytes: Uint8Array) => Promise<string> | string;
|
|
91
|
+
destroy?: () => void;
|
|
92
|
+
}
|
|
93
|
+
export declare class LocalEd25519Signer implements LocalSecretAgentSigner {
|
|
94
|
+
readonly kind: "keychain" | "development-file";
|
|
95
|
+
readonly keyId: string;
|
|
96
|
+
private secretKey;
|
|
97
|
+
private privateKey;
|
|
98
|
+
private publicKey;
|
|
99
|
+
constructor(kind: "keychain" | "development-file", keyId: string, secretKey: Uint8Array);
|
|
100
|
+
getPublicKey(): Promise<Uint8Array>;
|
|
101
|
+
sign(message: Uint8Array): Promise<Uint8Array>;
|
|
102
|
+
withLocalSecret<T>(callback: (secretKey: Uint8Array) => T | Promise<T>): Promise<T>;
|
|
103
|
+
getMySoAddress(): Promise<string>;
|
|
104
|
+
signTransaction(transactionBytes: Uint8Array): Promise<string>;
|
|
105
|
+
destroy(): void;
|
|
106
|
+
private assertActive;
|
|
107
|
+
}
|
|
108
|
+
export declare class InjectedAgentSigner implements AgentSigner {
|
|
109
|
+
readonly kind: "injected";
|
|
110
|
+
readonly keyId: string;
|
|
111
|
+
private readonly callbacks;
|
|
112
|
+
constructor(callbacks: InjectedSignerCallbacks);
|
|
113
|
+
getPublicKey(): Promise<Uint8Array>;
|
|
114
|
+
sign(message: Uint8Array): Promise<Uint8Array>;
|
|
115
|
+
getMySoAddress(): Promise<string>;
|
|
116
|
+
signTransaction(transactionBytes: Uint8Array): Promise<string>;
|
|
117
|
+
destroy(): void;
|
|
118
|
+
}
|
|
119
|
+
export declare function createCliSigner(reference: CliSignerReference): LocalSecretAgentSigner;
|