@storacha/encrypt-upload-client 1.1.66 → 1.1.68

package/README.md

@@ -10,7 +10,7 @@ This library leverages `@storacha/cli` and `@lit-protocol/lit-node-client` to pr
 You can add the `@storacha/encrypt-upload-client` package to your JavaScript or TypeScript project with `npm`:
 
 ```sh
-npm @storacha/encrypt-upload-client
+npm install @storacha/encrypt-upload-client
 ```
 
 ## Usage

package/dist/config/constants.d.ts

@@ -1,3 +1,3 @@
-export const STORACHA_LIT_ACTION_CID: "QmWSLN9m2Noj3kp8rx76yfQ9U7U1Mzjj3kGVpCr891Mjn1";
+export const STORACHA_LIT_ACTION_CID: "QmbJJX7nBZafj4kUGPc9LPSdBvHACxhPWdZSVHcAHP9rik";
 export const GATEWAY_URL: URL;
 //# sourceMappingURL=constants.d.ts.map

package/dist/config/constants.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"constants.d.ts","sourceRoot":"","sources":["../../src/config/constants.js"],"names":[],"mappings":"AAAA,sCACE,gDAAgD,CAAA;AAClD,8BAAsD"}
+{"version":3,"file":"constants.d.ts","sourceRoot":"","sources":["../../src/config/constants.js"],"names":[],"mappings":"AAAA,sCACE,gDAAgD,CAAA;AAElD,8BAA2D"}

package/dist/config/constants.js

@@ -1,3 +1,3 @@
-export const STORACHA_LIT_ACTION_CID = 'QmWSLN9m2Noj3kp8rx76yfQ9U7U1Mzjj3kGVpCr891Mjn1';
-export const GATEWAY_URL = new URL('https://w3s.link');
+export const STORACHA_LIT_ACTION_CID = 'QmbJJX7nBZafj4kUGPc9LPSdBvHACxhPWdZSVHcAHP9rik';
+export const GATEWAY_URL = new URL('https://storacha.link');
 //# sourceMappingURL=constants.js.map

package/dist/config/env.d.ts

@@ -1,6 +1,5 @@
 export default env;
 declare const env: Schema.InferStruct<{
-    LIT_NETWORK: Schema.DefaultSchema<"custom" | "datil" | "datil-dev" | "datil-test", unknown>;
     LIT_DEBUG: Schema.DefaultSchema<boolean, unknown>;
 }>;
 import { Schema } from '@ucanto/core';

package/dist/config/env.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"env.d.ts","sourceRoot":"","sources":["../../src/config/env.js"],"names":[],"mappings":";AAwCA;;;GAAsC;uBAxCf,cAAc"}
+{"version":3,"file":"env.d.ts","sourceRoot":"","sources":["../../src/config/env.js"],"names":[],"mappings":";AAiCA;;GAAsC;uBAjCf,cAAc"}

package/dist/config/env.js

@@ -1,5 +1,4 @@
 import { Schema } from '@ucanto/core';
-import { LIT_NETWORK } from '@lit-protocol/constants';
 // Only conditionally load dotenv in Node.js environments to prevent browser bundling issues
 if (typeof window === 'undefined' &&
     typeof process !== 'undefined' &&
@@ -14,12 +13,6 @@ if (typeof window === 'undefined' &&
     }
 }
 const envSchema = Schema.struct({
-    LIT_NETWORK: Schema.enum([
-        LIT_NETWORK.Custom,
-        LIT_NETWORK.Datil,
-        LIT_NETWORK.DatilDev,
-        LIT_NETWORK.DatilTest,
-    ]).default(LIT_NETWORK.DatilTest),
     LIT_DEBUG: Schema.boolean().default(false),
 });
 // Safe environment variable access

package/dist/core/client.js

@@ -54,7 +54,7 @@ export class EncryptedClient {
 /**
  * Creates a new EncryptedClient.
  *
- * If no Gateway URL is provided, the default value of 'https://w3s.link' will be used.
+ * If no Gateway URL is provided, the default value of 'https://storacha.link' will be used.
  *
  * @param {Type.EncryptedClientOptions} options
  */

package/dist/crypto/adapters/lit-crypto-adapter.d.ts

@@ -11,11 +11,42 @@ export class LitCryptoAdapter implements Type.CryptoAdapter {
      * Create a new Lit crypto adapter
      *
      * @param {Type.SymmetricCrypto} symmetricCrypto - The symmetric crypto implementation (browser or node)
-     * @param {import('@lit-protocol/lit-node-client').LitNodeClient} litClient - The Lit client instance
+     * @param {import('@lit-protocol/lit-client').LitClientType} litClient - The Lit client instance
+     * @param {Type.AuthManager} authManager - The Lit Auth Manager instance
      */
-    constructor(symmetricCrypto: Type.SymmetricCrypto, litClient: import("@lit-protocol/lit-node-client").LitNodeClient);
+    constructor(symmetricCrypto: Type.SymmetricCrypto, litClient: import("@lit-protocol/lit-client").LitClientType, authManager: Type.AuthManager);
     symmetricCrypto: Type.SymmetricCrypto;
-    litClient: import("@lit-protocol/lit-node-client").LitNodeClient;
+    litClient: {
+        encrypt: (params: import("@lit-protocol/types").EncryptSdkParams) => Promise<import("@lit-protocol/types").EncryptResponse>;
+        decrypt: (params: import("@lit-protocol/types").DecryptRequest) => Promise<import("@lit-protocol/types").DecryptResponse>;
+        getContext: () => Promise</*elided*/ any>; /*... 15 more elided ...*/
+        chain: {
+            raw: {
+                pkpSign: (params: {
+                    /*elided*/
+                } | /*... 1 more elided ...*/ any | {
+                    /*elided*/
+                }) => Promise<import("@lit-protocol/types").LitNodeSignature>;
+            };
+            ethereum: {
+                pkpSign: (params: {
+                    /*elided*/
+                } | /*... 1 more elided ...*/ any | {
+                    /*elided*/
+                }) => Promise<import("@lit-protocol/types").LitNodeSignature>;
+            };
+            bitcoin: {
+                pkpSign: (params: {
+                    /*elided*/
+                } | /*... 1 more elided ...*/ any | {
+                    /*elided*/
+                }) => Promise<import("@lit-protocol/types").LitNodeSignature>;
+            };
+        };
+    };
+    authManager: {
+        /*elided*/
+    };
     /**
      * Encrypt a stream of data using the symmetric crypto implementation
      *
@@ -45,7 +76,7 @@ export class LitCryptoAdapter implements Type.CryptoAdapter {
      * Decrypt a symmetric key using the Lit crypto adapter
      *
      * @param {string} encryptedKey - The encrypted key to decrypt
-     * @param {object} configs - The decryption configuration
+     * @param {object} configs - The decryption configuration object
      * @param {Type.DecryptionConfig} configs.decryptionConfig - The decryption config
      * @param {Type.ExtractedMetadata} configs.metadata - The extracted metadata
      * @param {import('@ucanto/interface').Proof} configs.decryptDelegation - The delegation that gives permission to decrypt (required for both strategies)

package/dist/crypto/adapters/lit-crypto-adapter.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"lit-crypto-adapter.d.ts","sourceRoot":"","sources":["../../../src/crypto/adapters/lit-crypto-adapter.js"],"names":[],"mappings":"AAMA;;;;;;;GAOG;AACH,yCAFgB,IAAI,CAAC,aAAa;IAGhC;;;;;OAKG;IACH,6BAHW,IAAI,CAAC,eAAe,aACpB,OAAO,+BAA+B,EAAE,aAAa,EAK/D;IAFC,sCAAsC;IACtC,iEAA0B;IAG5B;;;;;OAKG;IACH,oBAHW,IAAI,CAAC,QAAQ,GACX,OAAO,CAAC,IAAI,CAAC,aAAa,CAAC,CAIvC;IAED;;;;;;;OAOG;IACH,6BALW,cAAc,OACd,UAAU,MACV,UAAU,GACR,OAAO,CAAC,cAAc,CAAC,CAInC;IAED;;;;;;;OAOG;IACH,yBALW,UAAU,MACV,UAAU,oBACV,IAAI,CAAC,gBAAgB,GACnB,OAAO,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAgC5C;IAED;;;;;;;;;;;;OAYG;IACH,kCAVW,MAAM,WAEd;QAAuC,gBAAgB,EAA/C,IAAI,CAAC,gBAAgB;QACW,QAAQ,EAAxC,IAAI,CAAC,iBAAiB;QACqB,iBAAiB,EAA5D,OAAO,mBAAmB,EAAE,KAAK;QACX,WAAW,EAAjC,IAAI,CAAC,OAAO;QACoH,MAAM,EAAtI,OAAO,wBAAwB,EAAE,MAAM,CAAC,OAAO,wBAAwB,EAAE,GAAG,EAAE,OAAO,wBAAwB,EAAE,MAAM,CAAC;QACxE,QAAQ,EAAtD,OAAO,wBAAwB,EAAE,GAAG;KAC5C,GAAU,OAAO,CAAC;QAAE,GAAG,EAAE,UAAU,CAAC;QAAC,EAAE,EAAE,UAAU,CAAA;KAAE,CAAC,CAgFxD;IAED;;;;;OAKG;IACH,8BAHW,UAAU,GACR,IAAI,CAAC,iBAAiB,CA4BlC;IAED;;;;;OAKG;IACH,0BAHW,IAAI,CAAC,iBAAiB,GACpB,MAAM,CAOlB;IAED;;;;;;;OAOG;IACH,iCALW,MAAM,gBACN,MAAM,YACN,IAAI,CAAC,cAAc,GACjB,OAAO,CAAC;QAAE,GAAG,EAAE,OAAO,+BAA+B,EAAE,OAAO,CAAC;QAAC,KAAK,EAAE,UAAU,CAAA;KAAE,CAAC,CAehG;CACF;sBAtPqB,gBAAgB"}
+{"version":3,"file":"lit-crypto-adapter.d.ts","sourceRoot":"","sources":["../../../src/crypto/adapters/lit-crypto-adapter.js"],"names":[],"mappings":"AAMA;;;;;;;GAOG;AACH,yCAFgB,IAAI,CAAC,aAAa;IAGhC;;;;;;OAMG;IACH,6BAJW,IAAI,CAAC,eAAe,aACpB,OAAO,0BAA0B,EAAE,aAAa,eAChD,IAAI,CAAC,WAAW,EAM1B;IAHC,sCAAsC;IACtC;;;;;;;;;;;;;;;;;;;;;;;;;;;MAA0B;IAC1B;;MAA8B;IAGhC;;;;;OAKG;IACH,oBAHW,IAAI,CAAC,QAAQ,GACX,OAAO,CAAC,IAAI,CAAC,aAAa,CAAC,CAIvC;IAED;;;;;;;OAOG;IACH,6BALW,cAAc,OACd,UAAU,MACV,UAAU,GACR,OAAO,CAAC,cAAc,CAAC,CAInC;IAED;;;;;;;OAOG;IACH,yBALW,UAAU,MACV,UAAU,oBACV,IAAI,CAAC,gBAAgB,GACnB,OAAO,CAAC,IAAI,CAAC,kBAAkB,CAAC,CA6B5C;IAED;;;;;;;;;;;;OAYG;IACH,kCAVW,MAAM,WAEd;QAAuC,gBAAgB,EAA/C,IAAI,CAAC,gBAAgB;QACW,QAAQ,EAAxC,IAAI,CAAC,iBAAiB;QACqB,iBAAiB,EAA5D,OAAO,mBAAmB,EAAE,KAAK;QACX,WAAW,EAAjC,IAAI,CAAC,OAAO;QACoH,MAAM,EAAtI,OAAO,wBAAwB,EAAE,MAAM,CAAC,OAAO,wBAAwB,EAAE,GAAG,EAAE,OAAO,wBAAwB,EAAE,MAAM,CAAC;QACxE,QAAQ,EAAtD,OAAO,wBAAwB,EAAE,GAAG;KAC5C,GAAU,OAAO,CAAC;QAAE,GAAG,EAAE,UAAU,CAAC;QAAC,EAAE,EAAE,UAAU,CAAA;KAAE,CAAC,CAgFxD;IAED;;;;;OAKG;IACH,8BAHW,UAAU,GACR,IAAI,CAAC,iBAAiB,CA4BlC;IAED;;;;;OAKG;IACH,0BAHW,IAAI,CAAC,iBAAiB,GACpB,MAAM,CAOlB;IAED;;;;;;;OAOG;IACH,iCALW,MAAM,gBACN,MAAM,YACN,IAAI,CAAC,cAAc,GACjB,OAAO,CAAC;QAAE,GAAG,EAAE,OAAO,+BAA+B,EAAE,OAAO,CAAC;QAAC,KAAK,EAAE,UAAU,CAAA;KAAE,CAAC,CAehG;CACF;sBAxPqB,gBAAgB"}

package/dist/crypto/adapters/lit-crypto-adapter.js

@@ -1,8 +1,8 @@
 import { base64 } from 'multiformats/bases/base64';
+import * as Type from '../../types.js';
 import * as Lit from '../../protocols/lit.js';
 import * as EncryptedMetadata from '../../core/metadata/encrypted-metadata.js';
 import { createDecryptWrappedInvocation } from '../../utils.js';
-import * as Type from '../../types.js';
 /**
  * LitCryptoAdapter implements the complete CryptoAdapter interface using Lit Protocol.
  * It uses composition with a SymmetricCrypto implementation for file encryption/decryption
@@ -16,11 +16,13 @@ export class LitCryptoAdapter {
      * Create a new Lit crypto adapter
      *
      * @param {Type.SymmetricCrypto} symmetricCrypto - The symmetric crypto implementation (browser or node)
-     * @param {import('@lit-protocol/lit-node-client').LitNodeClient} litClient - The Lit client instance
+     * @param {import('@lit-protocol/lit-client').LitClientType} litClient - The Lit client instance
+     * @param {Type.AuthManager} authManager - The Lit Auth Manager instance
      */
-    constructor(symmetricCrypto, litClient) {
+    constructor(symmetricCrypto, litClient, authManager) {
         this.symmetricCrypto = symmetricCrypto;
         this.litClient = litClient;
+        this.authManager = authManager;
     }
     /**
      * Encrypt a stream of data using the symmetric crypto implementation
@@ -58,18 +60,18 @@ export class LitCryptoAdapter {
         const accessControlConditions = Lit.getAccessControlConditions(spaceDID);
         // Step 3. Encrypt the base64 encoded combined key and IV with Lit
         const dataToEncrypt = base64.encode(combinedKeyAndIV);
-        const { ciphertext, dataToEncryptHash } = await Lit.encryptString({
+        const encryptedData = await this.litClient.encrypt({
             dataToEncrypt,
-            accessControlConditions,
-        }, this.litClient);
+            unifiedAccessControlConditions: accessControlConditions,
+        });
         // Step 4. Return the encrypted key and metadata
         return {
             strategy: /** @type {'lit'} */ ('lit'),
-            encryptedKey: ciphertext,
+            encryptedKey: encryptedData.ciphertext,
             metadata: {
-                plaintextKeyHash: dataToEncryptHash,
+                plaintextKeyHash: encryptedData.dataToEncryptHash,
                 accessControlConditions: 
-                /** @type {import('@lit-protocol/types').AccessControlConditions} */ (accessControlConditions),
+                /** @type {import('@lit-protocol/access-control-conditions').AccessControlConditions} */ (accessControlConditions),
             },
         };
     }
@@ -77,7 +79,7 @@ export class LitCryptoAdapter {
      * Decrypt a symmetric key using the Lit crypto adapter
      *
      * @param {string} encryptedKey - The encrypted key to decrypt
-     * @param {object} configs - The decryption configuration
+     * @param {object} configs - The decryption configuration object
      * @param {Type.DecryptionConfig} configs.decryptionConfig - The decryption config
      * @param {Type.ExtractedMetadata} configs.metadata - The extracted metadata
      * @param {import('@ucanto/interface').Proof} configs.decryptDelegation - The delegation that gives permission to decrypt (required for both strategies)
@@ -94,36 +96,31 @@ export class LitCryptoAdapter {
         }
         const { plaintextKeyHash, accessControlConditions } = metadata;
         // Step 1. Extract spaceDID from access control conditions
-        const spaceDID = /** @type {Type.SpaceDID} */ (accessControlConditions[0].parameters[1]);
-        // Step 2. Create session signatures if not provided
-        let sessionSigs = decryptionConfig.sessionSigs;
-        if (!sessionSigs) {
-            const acc = 
-            /** @type import('@lit-protocol/types').AccessControlConditions */ (
-            /** @type {unknown} */ (accessControlConditions));
-            const expiration = new Date(Date.now() + 1000 * 60 * 5).toISOString(); // 5 min
-            // Step 2.1. Create session signatures for the wallet if provided
-            if (decryptionConfig.wallet) {
-                sessionSigs = await Lit.getSessionSigs(this.litClient, {
-                    wallet: decryptionConfig.wallet,
-                    dataToEncryptHash: plaintextKeyHash,
-                    expiration,
-                    accessControlConditions: acc,
-                });
-            }
-            // Step 2.2. Otherwise, create session signatures for the PKP if provided
-            else if (decryptionConfig.pkpPublicKey && decryptionConfig.authMethod) {
-                sessionSigs = await Lit.getPkpSessionSigs(this.litClient, {
-                    pkpPublicKey: decryptionConfig.pkpPublicKey,
-                    authMethod: decryptionConfig.authMethod,
-                    dataToEncryptHash: plaintextKeyHash,
-                    expiration,
-                    accessControlConditions: acc,
-                });
-            }
-            else {
-                throw new Error('Session signatures or signer (wallet/PKP) required for Lit decryption');
-            }
+        const spaceDID = /** @type {Type.SpaceDID} */ (
+        /** @type {import('@lit-protocol/access-control-conditions').EvmBasicAcc} */ (accessControlConditions[0]).parameters[1]);
+        const expiration = new Date(Date.now() + 1000 * 60 * 5).toISOString(); // 5 min
+        // Step 2. Get Auth Context for decryption
+        /** @type {Type.AuthContext} */
+        let authContext;
+        if (decryptionConfig.wallet) {
+            authContext = await Lit.createEoaAuthContext(this.litClient, this.authManager, {
+                wallet: decryptionConfig.wallet,
+                accessControlConditions,
+                dataToEncryptHash: plaintextKeyHash,
+                expiration,
+            });
+        }
+        else if (decryptionConfig.pkpPublicKey && decryptionConfig.authData) {
+            authContext = await Lit.createPkpAuthContext(this.litClient, this.authManager, {
+                pkpPublicKey: decryptionConfig.pkpPublicKey,
+                authData: decryptionConfig.authData,
+                accessControlConditions,
+                dataToEncryptHash: plaintextKeyHash,
+                expiration,
+            });
+        }
+        else {
+            throw new Error('Either wallet or PKP authData must be provided');
         }
         // Step 3. Create wrapped UCAN invocation
         const wrappedInvocationJSON = await createDecryptWrappedInvocation({
@@ -136,7 +133,7 @@ export class LitCryptoAdapter {
         });
         // Step 4. Execute the Lit Action with all the prepared context to decrypt the symmetric key
         const decryptedString = await Lit.executeUcanValidationAction(this.litClient, {
-            sessionSigs,
+            authContext,
             spaceDID,
             identityBoundCiphertext: encryptedKey,
             plaintextKeyHash,

package/dist/crypto/factories.node.d.ts

@@ -6,21 +6,15 @@
  * @param {string} keyManagerServiceDID
  */
 export function createGenericKMSAdapter(keyManagerServiceURL: URL | string, keyManagerServiceDID: string): KMSCryptoAdapter;
-/**
- * Create a Lit crypto adapter for Node.js using AES-CBC (legacy).
- * Compatible with previous versions of the library.
- *
- * @deprecated Use createGenericLitAdapter instead for new uploads.
- * @param {import('@lit-protocol/lit-node-client').LitNodeClient} litClient
- */
-export function createNodeLitAdapter(litClient: import("@lit-protocol/lit-node-client").LitNodeClient): LitCryptoAdapter;
 /**
  * Create a Lit crypto adapter for Node.js using the generic AES-CTR streaming crypto.
  * Works in Node.js & browser environments.
  *
- * @param {import('@lit-protocol/lit-node-client').LitNodeClient} litClient
+ * @param {import('@lit-protocol/lit-client').LitClientType} litClient
+ * @param {Type.AuthManager} authManager - The Lit Auth Manager instance
  */
-export function createGenericLitAdapter(litClient: import("@lit-protocol/lit-node-client").LitNodeClient): LitCryptoAdapter;
+export function createGenericLitAdapter(litClient: import("@lit-protocol/lit-client").LitClientType, authManager: Type.AuthManager): LitCryptoAdapter;
 import { KMSCryptoAdapter } from './adapters/kms-crypto-adapter.js';
+import * as Type from '../types.js';
 import { LitCryptoAdapter } from './adapters/lit-crypto-adapter.js';
 //# sourceMappingURL=factories.node.d.ts.map

package/dist/crypto/factories.node.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"factories.node.d.ts","sourceRoot":"","sources":["../../src/crypto/factories.node.js"],"names":[],"mappings":"AAKA;;;;;;GAMG;AACH,8DAHW,GAAG,GAAC,MAAM,wBACV,MAAM,oBAYhB;AAED;;;;;;GAMG;AACH,gDAFW,OAAO,+BAA+B,EAAE,aAAa,oBAK/D;AAED;;;;;GAKG;AACH,mDAFW,OAAO,+BAA+B,EAAE,aAAa,oBAK/D;iCA1CgC,kCAAkC;iCADlC,kCAAkC"}
+{"version":3,"file":"factories.node.d.ts","sourceRoot":"","sources":["../../src/crypto/factories.node.js"],"names":[],"mappings":"AAKA;;;;;;GAMG;AACH,8DAHW,GAAG,GAAC,MAAM,wBACV,MAAM,oBAYhB;AAED;;;;;;GAMG;AACH,mDAHW,OAAO,0BAA0B,EAAE,aAAa,eAChD,IAAI,CAAC,WAAW,oBAK1B;iCAjCgC,kCAAkC;sBAE7C,aAAa;iCADF,kCAAkC"}

package/dist/crypto/factories.node.js

@@ -1,7 +1,7 @@
 import { GenericAesCtrStreamingCrypto } from './symmetric/generic-aes-ctr-streaming-crypto.js';
-import { NodeAesCbcCrypto } from './symmetric/node-aes-cbc-crypto.js';
-import { LitCryptoAdapter } from './adapters/lit-crypto-adapter.js';
 import { KMSCryptoAdapter } from './adapters/kms-crypto-adapter.js';
+import { LitCryptoAdapter } from './adapters/lit-crypto-adapter.js';
+import * as Type from '../types.js';
 /**
  * Create a KMS crypto adapter for Node.js using the generic AES-CTR streaming crypto.
  * Works in Node.js & browser environments.
@@ -14,25 +14,15 @@ export function createGenericKMSAdapter(keyManagerServiceURL, keyManagerServiceD
     return new KMSCryptoAdapter(symmetricCrypto, keyManagerServiceURL, 
     /** @type {`did:${string}:${string}`} */ (keyManagerServiceDID));
 }
-/**
- * Create a Lit crypto adapter for Node.js using AES-CBC (legacy).
- * Compatible with previous versions of the library.
- *
- * @deprecated Use createGenericLitAdapter instead for new uploads.
- * @param {import('@lit-protocol/lit-node-client').LitNodeClient} litClient
- */
-export function createNodeLitAdapter(litClient) {
-    const symmetricCrypto = new NodeAesCbcCrypto();
-    return new LitCryptoAdapter(symmetricCrypto, litClient);
-}
 /**
  * Create a Lit crypto adapter for Node.js using the generic AES-CTR streaming crypto.
  * Works in Node.js & browser environments.
  *
- * @param {import('@lit-protocol/lit-node-client').LitNodeClient} litClient
+ * @param {import('@lit-protocol/lit-client').LitClientType} litClient
+ * @param {Type.AuthManager} authManager - The Lit Auth Manager instance
  */
-export function createGenericLitAdapter(litClient) {
+export function createGenericLitAdapter(litClient, authManager) {
     const symmetricCrypto = new GenericAesCtrStreamingCrypto();
-    return new LitCryptoAdapter(symmetricCrypto, litClient);
+    return new LitCryptoAdapter(symmetricCrypto, litClient, authManager);
 }
 //# sourceMappingURL=factories.node.js.map

package/dist/protocols/lit.d.ts

@@ -1,25 +1,20 @@
 /**
- * Get a LitClient instance.
+ * @param {import('@lit-protocol/lit-client').LitClientType} litClient
+ * @param {Type.AuthManager} authManager - The Lit Auth Manager instance
+ * @param {Type.EoaAuthContextOptions} param0
+ * @returns {Promise<Type.EoaAuthContext>}
  */
-export function getLitClient(): Promise<LitNodeClient>;
+export function createEoaAuthContext(litClient: import("@lit-protocol/lit-client").LitClientType, authManager: Type.AuthManager, { wallet, accessControlConditions, expiration, dataToEncryptHash, capabilityAuthSigs, }: Type.EoaAuthContextOptions): Promise<Type.EoaAuthContext>;
 /**
- * @param {LitNodeClient} litClient
- * @param {Type.SessionSignatureOptions} param0
- * @returns {Promise<import('@lit-protocol/types').SessionSigsMap>}
- */
-export function getSessionSigs(litClient: LitNodeClient, { wallet, accessControlConditions, dataToEncryptHash, expiration, capabilityAuthSigs, }: Type.SessionSignatureOptions): Promise<import("@lit-protocol/types").SessionSigsMap>;
-/**
- * Get session signatures for a PKP key and auth method.
- * There is not need to execute the auth callback for this function, because the auth method provided.
+ * Get PKP Auth Context.
  *
- * @param {LitNodeClient} litClient
- * @param {Type.PkpSessionSignatureOptions} options
- * @returns {Promise<import('@lit-protocol/types').SessionSigsMap>}
+ * @param {import('@lit-protocol/lit-client').LitClientType} litClient
+ * @param {Type.AuthManager} authManager - The Lit Auth Manager instance
+ * @param {Type.PkpAuthContextOptions} options
+ * @returns {Promise<Type.PkpAuthContext>}
  */
-export function getPkpSessionSigs(litClient: LitNodeClient, { pkpPublicKey, authMethod, accessControlConditions, dataToEncryptHash, expiration, capabilityAuthSigs, }: Type.PkpSessionSignatureOptions): Promise<import("@lit-protocol/types").SessionSigsMap>;
-export { encryptString } from "@lit-protocol/encryption";
-export function getAccessControlConditions(spaceDID: Type.SpaceDID): import("@lit-protocol/types").AccessControlConditions;
-export function executeUcanValidationAction(litClient: LitNodeClient, options: Type.ExecuteUcanValidationOptions): Promise<any>;
-import { LitNodeClient } from '@lit-protocol/lit-node-client';
+export function createPkpAuthContext(litClient: import("@lit-protocol/lit-client").LitClientType, authManager: Type.AuthManager, { pkpPublicKey, authData, accessControlConditions, dataToEncryptHash, expiration, capabilityAuthSigs, }: Type.PkpAuthContextOptions): Promise<Type.PkpAuthContext>;
+export function getAccessControlConditions(spaceDID: Type.SpaceDID): import("@lit-protocol/access-control-conditions").AccessControlConditions;
+export function executeUcanValidationAction(litClient: import("@lit-protocol/lit-client").LitClientType, options: Type.ExecuteUcanValidationActionOptions): Promise<any>;
 import * as Type from '../types.js';
 //# sourceMappingURL=lit.d.ts.map

package/dist/protocols/lit.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"lit.d.ts","sourceRoot":"","sources":["../../src/protocols/lit.js"],"names":[],"mappings":"AAsCA;;GAEG;AACH,uDAQC;AAED;;;;GAIG;AACH,0CAJW,aAAa,2FACb,IAAI,CAAC,uBAAuB,GAC1B,OAAO,CAAC,OAAO,qBAAqB,EAAE,cAAc,CAAC,CAsDjE;AAED;;;;;;;GAOG;AACH,6CAJW,aAAa,6GACb,IAAI,CAAC,0BAA0B,GAC7B,OAAO,CAAC,OAAO,qBAAqB,EAAE,cAAc,CAAC,CAqCjE;;AAnIM,qDAHI,IAAI,CAAC,QAAQ,GACX,OAAO,qBAAqB,EAAE,uBAAuB,CAgBjE;AA6HM,uDAJI,aAAa,WACb,IAAI,CAAC,4BAA4B,gBA4B3C;8BA1L6B,+BAA+B;sBAUvC,aAAa"}
+{"version":3,"file":"lit.d.ts","sourceRoot":"","sources":["../../src/protocols/lit.js"],"names":[],"mappings":"AAmCA;;;;;GAKG;AACH,gDALW,OAAO,0BAA0B,EAAE,aAAa,eAChD,IAAI,CAAC,WAAW,2FAChB,IAAI,CAAC,qBAAqB,GACxB,OAAO,CAAC,IAAI,CAAC,cAAc,CAAC,CAsCxC;AAED;;;;;;;GAOG;AACH,gDALW,OAAO,0BAA0B,EAAE,aAAa,eAChD,IAAI,CAAC,WAAW,2GAChB,IAAI,CAAC,qBAAqB,GACxB,OAAO,CAAC,IAAI,CAAC,cAAc,CAAC,CAuCxC;AA/GM,qDAHI,IAAI,CAAC,QAAQ,GACX,OAAO,yCAAyC,EAAE,uBAAuB,CAsBrF;AAmGM,uDAJI,OAAO,0BAA0B,EAAE,aAAa,WAChD,IAAI,CAAC,kCAAkC,gBAiDjD;sBA/KqB,aAAa"}

package/dist/protocols/lit.js

@@ -1,122 +1,101 @@
-import { LitNodeClient } from '@lit-protocol/lit-node-client';
-import { LIT_ABILITY } from '@lit-protocol/constants';
-import { generateAuthSig, LitActionResource, createSiweMessage, LitAccessControlConditionResource, } from '@lit-protocol/auth-helpers';
-import env from '../config/env.js';
+import { LitAccessControlConditionResource } from '@lit-protocol/auth-helpers';
+import { createAccBuilder } from '@lit-protocol/access-control-conditions';
 import * as Type from '../types.js';
 import { STORACHA_LIT_ACTION_CID } from '../config/constants.js';
-export { encryptString } from '@lit-protocol/encryption';
 /**
  * Create access control conditions required to use Lit Protocol.
  * This ensures that the Storacha Lit Action is used to validate decryption permissions for the specified space DID.
  *
  * @param {Type.SpaceDID} spaceDID - The DID of the space
- * @returns {import('@lit-protocol/types').AccessControlConditions} - The access control conditions
+ * @returns {import('@lit-protocol/access-control-conditions').AccessControlConditions} - The access control conditions
  */
 export const getAccessControlConditions = (spaceDID) => {
-    return [
-        {
-            contractAddress: '',
-            standardContractType: '',
-            chain: 'ethereum',
-            method: '',
-            parameters: [':currentActionIpfsId', spaceDID],
-            returnValueTest: {
-                comparator: '=',
-                value: STORACHA_LIT_ACTION_CID,
-            },
+    /** @type {import('@lit-protocol/access-control-conditions').UnifiedAccessControlCondition} */
+    const rawAcc = {
+        conditionType: 'evmBasic',
+        contractAddress: '',
+        standardContractType: '',
+        chain: 'ethereum',
+        method: '',
+        parameters: [':currentActionIpfsId', spaceDID],
+        returnValueTest: {
+            comparator: '=',
+            value: STORACHA_LIT_ACTION_CID,
         },
-    ];
+    };
+    const acc = createAccBuilder().unifiedAccs(rawAcc).build();
+    console.log('Access Control Conditions:\n', acc);
+    return acc;
 };
 /**
- * Get a LitClient instance.
- */
-export async function getLitClient() {
-    const litNodeClient = new LitNodeClient({
-        litNetwork: env.LIT_NETWORK,
-        debug: env.LIT_DEBUG,
-    });
-    await litNodeClient.connect();
-    return litNodeClient;
-}
-/**
- * @param {LitNodeClient} litClient
- * @param {Type.SessionSignatureOptions} param0
- * @returns {Promise<import('@lit-protocol/types').SessionSigsMap>}
+ * @param {import('@lit-protocol/lit-client').LitClientType} litClient
+ * @param {Type.AuthManager} authManager - The Lit Auth Manager instance
+ * @param {Type.EoaAuthContextOptions} param0
+ * @returns {Promise<Type.EoaAuthContext>}
  */
-export async function getSessionSigs(litClient, { wallet, accessControlConditions, dataToEncryptHash, expiration, capabilityAuthSigs, }) {
-    const accsResourceString = await LitAccessControlConditionResource.generateResourceString(accessControlConditions, dataToEncryptHash);
-    const sessionSigs = await litClient.getSessionSigs({
-        chain: 'ethereum',
-        capabilityAuthSigs,
-        expiration,
-        resourceAbilityRequests: [
-            {
-                resource: new LitAccessControlConditionResource(accsResourceString),
-                ability: LIT_ABILITY.AccessControlConditionDecryption,
-            },
-            {
-                resource: new LitActionResource('*'),
-                ability: LIT_ABILITY.LitActionExecution,
-            },
-        ],
-        authNeededCallback: async ({ uri, expiration, resourceAbilityRequests, }) => {
-            const toSign = await createSiweMessage({
-                uri,
-                expiration,
-                resources: resourceAbilityRequests,
-                walletAddress: wallet.address,
-                nonce: await litClient.getLatestBlockhash(),
-                litNodeClient: litClient,
-            });
-            return await generateAuthSig({
-                signer: wallet,
-                toSign,
-            });
+export async function createEoaAuthContext(litClient, authManager, { wallet, accessControlConditions, expiration, dataToEncryptHash, capabilityAuthSigs, }) {
+    const accsResourceString = await LitAccessControlConditionResource.generateResourceString(
+    /** @type {import('@lit-protocol/types').AccessControlConditions} */ (accessControlConditions), dataToEncryptHash);
+    const authContext = await authManager.createEoaAuthContext({
+        config: {
+            account: wallet,
         },
+        authConfig: {
+            expiration,
+            resources: [
+                ['access-control-condition-decryption', accsResourceString], // or '*'
+                ['lit-action-execution', '*'],
+            ],
+            capabilityAuthSigs,
+            statement: 'I authorize the Lit Protocol to execute this Lit Action.',
+        },
+        litClient,
     });
-    return sessionSigs;
+    return authContext;
 }
 /**
- * Get session signatures for a PKP key and auth method.
- * There is not need to execute the auth callback for this function, because the auth method provided.
+ * Get PKP Auth Context.
  *
- * @param {LitNodeClient} litClient
- * @param {Type.PkpSessionSignatureOptions} options
- * @returns {Promise<import('@lit-protocol/types').SessionSigsMap>}
+ * @param {import('@lit-protocol/lit-client').LitClientType} litClient
+ * @param {Type.AuthManager} authManager - The Lit Auth Manager instance
+ * @param {Type.PkpAuthContextOptions} options
+ * @returns {Promise<Type.PkpAuthContext>}
  */
-export async function getPkpSessionSigs(litClient, { pkpPublicKey, authMethod, accessControlConditions, dataToEncryptHash, expiration, capabilityAuthSigs, }) {
-    const accsResourceString = await LitAccessControlConditionResource.generateResourceString(accessControlConditions, dataToEncryptHash);
-    const sessionSigs = await litClient.getPkpSessionSigs({
+export async function createPkpAuthContext(litClient, authManager, { pkpPublicKey, authData, accessControlConditions, dataToEncryptHash, expiration, capabilityAuthSigs, }) {
+    const accsResourceString = await LitAccessControlConditionResource.generateResourceString(
+    /** @type {import('@lit-protocol/types').AccessControlConditions} */ (accessControlConditions), dataToEncryptHash);
+    const authContext = await authManager.createPkpAuthContext({
+        authData,
         pkpPublicKey,
-        authMethods: [authMethod],
-        resourceAbilityRequests: [
-            {
-                resource: new LitAccessControlConditionResource(accsResourceString),
-                ability: LIT_ABILITY.AccessControlConditionDecryption,
-            },
-            {
-                resource: new LitActionResource('*'),
-                ability: LIT_ABILITY.LitActionExecution,
-            },
-        ],
-        expiration,
-        capabilityAuthSigs,
+        authConfig: {
+            resources: [
+                ['pkp-signing', '*'], // remove it?
+                ['access-control-condition-decryption', accsResourceString], // or '*'
+                ['lit-action-execution', '*'],
+            ],
+            capabilityAuthSigs,
+            expiration,
+            statement: 'I authorize the Lit Protocol to execute this Lit Action.',
+        },
+        litClient: litClient,
     });
-    return sessionSigs;
+    return authContext;
 }
 /**
  *
- * @param {LitNodeClient} litClient
- * @param {Type.ExecuteUcanValidationOptions} options
+ * @param {import('@lit-protocol/lit-client').LitClientType} litClient
+ * @param {Type.ExecuteUcanValidationActionOptions} options
  * @returns
  */
 export const executeUcanValidationAction = async (litClient, options) => {
-    const { sessionSigs, ...jsParams } = options;
+    const { authContext, ...jsParams } = options;
     const litActionResponse = await litClient.executeJs({
         ipfsId: STORACHA_LIT_ACTION_CID,
-        sessionSigs,
+        authContext,
         jsParams,
     });
+    console.log('Lit Action Response: \n');
+    console.log(litActionResponse);
     if (!litActionResponse.response) {
         throw new Error('Error getting lit action response.');
     }
@@ -124,10 +103,18 @@ export const executeUcanValidationAction = async (litClient, options) => {
     /** @type string*/ (litActionResponse.response));
     const decryptedData = parsedResponse.decryptedString;
     if (!decryptedData) {
-        let errorMsg;
-        if (parsedResponse.error)
-            errorMsg = parsedResponse.error;
-        throw new Error(`Decrypted data does not exist! Error message: ${errorMsg}`);
+        if (parsedResponse.error) {
+            throw new Error(`Decryption failed: ${parsedResponse.error}`);
+        }
+        if (parsedResponse.validateAccess) {
+            const parsedValidateAccess = JSON.parse(
+            /** @type string*/ (parsedResponse.validateAccess));
+            if (parsedValidateAccess.error) {
+                throw new Error(`Access validation failed: ${parsedValidateAccess.error.message ||
+                    JSON.stringify(parsedValidateAccess.error)}`);
+            }
+        }
+        throw new Error(`Decryption failed: No decrypted data in response despite successful validation`);
     }
     return decryptedData;
 };