@talismn/keyring 0.0.0-pr2277-20251211071316 → 0.0.0-pr2295-20260110031023

package/dist/talismn-keyring.cjs.prod.js

@@ -1,451 +0,0 @@
-'use strict';
-
-var crypto$1 = require('@talismn/crypto');
-
-const isAccountOfType = (account, type) => {
-  return account?.type === type;
-};
-const isAccountInTypes = (account, types) => {
-  return !!account && types.includes(account.type);
-};
-const ACCOUNT_TYPES_OWNED = ["keypair", "ledger-ethereum", "ledger-polkadot", "ledger-solana", "polkadot-vault"];
-const ACCOUNT_TYPES_EXTERNAL = ["contact", "watch-only", "ledger-ethereum", "ledger-polkadot", "ledger-solana", "polkadot-vault", "signet"];
-const isAccountExternal = account => {
-  return isAccountInTypes(account, ACCOUNT_TYPES_EXTERNAL);
-};
-const isAccountOwned = account => {
-  return isAccountInTypes(account, ACCOUNT_TYPES_OWNED);
-};
-const isAccountPortfolio = account => {
-  return isAccountOwned(account) || isAccountOfType(account, "watch-only") && account.isPortfolio;
-};
-const isAccountNotContact = acc => acc.type !== "contact";
-const isAccountAddressEthereum = account => {
-  return !!account && crypto$1.isEthereumAddress(account.address);
-};
-const isAccountPlatformEthereum = account => {
-  return !!account && account.type !== "ledger-polkadot" && crypto$1.isEthereumAddress(account.address);
-};
-const isAccountPlatformSolana = account => {
-  return !!account && crypto$1.isSolanaAddress(account.address);
-};
-const isAccountPlatformPolkadot = account => {
-  return !!account && account.type !== "ledger-ethereum" && (isAccountAddressEthereum(account) || isAccountAddressSs58(account));
-};
-const isAccountAddressSs58 = account => {
-  return !!account && crypto$1.detectAddressEncoding(account.address) === "ss58";
-};
-const isAccountLedgerPolkadot = account => {
-  return isAccountOfType(account, "ledger-polkadot");
-};
-const isAccountLedgerPolkadotGeneric = account => {
-  return isAccountOfType(account, "ledger-polkadot") && !account.genesisHash;
-};
-const isAccountLedgerPolkadotLegacy = account => {
-  return isAccountOfType(account, "ledger-polkadot") && !!account.genesisHash;
-};
-const isAccountBitcoin = account => {
-  return !!account && crypto$1.isBitcoinAddress(account.address);
-};
-const getAccountGenesisHash = account => {
-  if (!account) return undefined;
-  return "genesisHash" in account ? account.genesisHash || undefined : undefined;
-};
-const getAccountSignetUrl = account => {
-  return isAccountOfType(account, "signet") ? account.url : undefined;
-};
-const getAccountPlatform = account => {
-  if (!account) return undefined;
-  return "curve" in account ? crypto$1.getAccountPlatformFromCurve(account.curve) : crypto$1.getAccountPlatformFromAddress(account.address);
-};
-
-// Derive a key generated with PBKDF2 that will be used for AES-GCM encryption
-const deriveKey = async (password, salt) =>
-// Deriving 32-byte key using PBKDF2 with 100,000 iterations and SHA-256
-await crypto.subtle.importKey("raw", await crypto$1.pbkdf2("SHA-256", new TextEncoder().encode(password), salt, 100_000,
-// 100,000 iterations
-32 // 32 bytes (32 * 8 == 256 bits)
-), {
-  name: "AES-GCM",
-  length: 256
-}, false, ["encrypt", "decrypt"]);
-const encryptData = async (data, password) => {
-  try {
-    const salt = crypto.getRandomValues(new Uint8Array(16)); // 16 bytes of salt
-    const iv = crypto.getRandomValues(new Uint8Array(12)); // 12-byte IV for AES-GCM
-    const key = await deriveKey(password, salt);
-
-    // encrypt
-    const encryptedSeed = await crypto.subtle.encrypt({
-      name: "AES-GCM",
-      iv
-    }, key, data);
-
-    // Combine salt, IV, and encrypted seed
-    const combined = new Uint8Array(salt.length + iv.length + encryptedSeed.byteLength);
-    combined.set(salt, 0);
-    combined.set(iv, salt.length);
-    combined.set(new Uint8Array(encryptedSeed), salt.length + iv.length);
-
-    // Base64 encode the combined data
-    return btoa(String.fromCharCode(...combined));
-  } catch (cause) {
-    throw new Error("Failed to encrypt data", {
-      cause
-    });
-  }
-};
-const decryptData = async (encryptedData, password) => {
-  try {
-    // Decode Base64 and parse the combined data
-    const combined = Uint8Array.from(atob(encryptedData), c => c.charCodeAt(0));
-
-    // Extract salt, IV, and encrypted seed
-    const salt = combined.slice(0, 16); // First 16 bytes
-    const iv = combined.slice(16, 28); // Next 12 bytes
-    const encryptedSeed = combined.slice(28); // Remaining bytes
-
-    const key = await deriveKey(password, salt);
-
-    // Decrypt the seed
-    const decryptedSeed = await crypto.subtle.decrypt({
-      name: "AES-GCM",
-      iv
-    }, key, encryptedSeed);
-    return new Uint8Array(decryptedSeed);
-  } catch (cause) {
-    throw new Error("Failed to decrypt data", {
-      cause
-    });
-  }
-};
-const changeEncryptedDataPassword = async (encryptedData, oldPassword, newPassword) => {
-  try {
-    const decrypted = await decryptData(encryptedData, oldPassword);
-    return await encryptData(decrypted, newPassword);
-  } catch (cause) {
-    throw new Error("Failed to change password on encrypted data", {
-      cause
-    });
-  }
-};
-
-// we dont want to reference @talismn/util in the keyring, so we copy this here
-
-const REGEX_HEX_STRING = /^0x[0-9a-fA-F]*$/;
-const isHexString = value => {
-  return typeof value === "string" && REGEX_HEX_STRING.test(value);
-};
-
-class Keyring {
-  #data;
-  constructor(data) {
-    this.#data = structuredClone(data);
-  }
-  static create() {
-    return new Keyring({
-      passwordCheck: null,
-      // well-known data encrypted using the password, used to ensure all secrets of the keyring are encrypted with the same password
-      mnemonics: [],
-      accounts: []
-    });
-  }
-  static load(data) {
-    if (!data.accounts || !data.mnemonics) throw new Error("Invalid data");
-
-    // automatic upgrade : set default values for newly introduced properties
-    for (const account of data.accounts) {
-      // eslint-disable-next-line @typescript-eslint/ban-ts-comment
-      // @ts-expect-error
-      if (account.type === "ledger-polkadot" && !account.curve) account.curve = "ed25519";
-    }
-    return new Keyring(data);
-  }
-  async checkPassword(password, reset = false) {
-    if (typeof password !== "string" || !password) throw new Error("password is required");
-    const passwordHash = oneWayHash(password);
-    const PASSWORD_CHECK_PHRASE = "PASSWORD_CHECK_PHRASE";
-
-    // run through same complexity as for other secrets, to make it so it s not easier to brute force passwordCheck than other secrets
-    if (!this.#data.passwordCheck || reset) {
-      const bytes = crypto$1.utf8.decode(PASSWORD_CHECK_PHRASE);
-      this.#data.passwordCheck = await encryptData(bytes, passwordHash);
-    } else {
-      try {
-        const bytes = await decryptData(this.#data.passwordCheck, passwordHash);
-        const text = crypto$1.utf8.encode(bytes);
-        if (text !== PASSWORD_CHECK_PHRASE) throw new Error("Invalid password");
-      } catch {
-        throw new Error("Invalid password");
-      }
-    }
-  }
-  toJson() {
-    return structuredClone(this.#data);
-  }
-  async export(password, jsonPassword) {
-    const keyring = new Keyring(structuredClone(this.#data));
-    for (const mnemonic of keyring.#data.mnemonics) mnemonic.entropy = await changeEncryptedDataPassword(mnemonic.entropy, password, jsonPassword);
-    for (const account of keyring.#data.accounts) if (account.type === "keypair") account.secretKey = await changeEncryptedDataPassword(account.secretKey, password, jsonPassword);
-
-    // reset password check
-    await keyring.checkPassword(jsonPassword, true);
-    return keyring.toJson();
-  }
-  getMnemonics() {
-    return this.#data.mnemonics.map(mnemonicFromStorage);
-  }
-  async addMnemonic({
-    name,
-    mnemonic,
-    confirmed
-  }, password) {
-    if (typeof name !== "string" || !name) throw new Error("name is required");
-    if (typeof mnemonic !== "string") throw new Error("mnemonic is required");
-    if (typeof confirmed !== "boolean") throw new Error("confirmed is required");
-    if (!crypto$1.isValidMnemonic(mnemonic)) throw new Error("Invalid mnemonic");
-    await this.checkPassword(password);
-    const entropy = crypto$1.mnemonicToEntropy(mnemonic);
-
-    // id is a hash of the entropy, helps us prevent having duplicates and allows automatic remapping of accounts/mnemonics if mnemonics are deleted then re-added
-    const id = oneWayHash(entropy);
-    if (this.#data.mnemonics.find(s => s.id === id)) throw new Error("Mnemonic already exists");
-    const storage = {
-      id,
-      name,
-      entropy: await encryptData(entropy, password),
-      confirmed,
-      createdAt: Date.now()
-    };
-    this.#data.mnemonics.push(storage);
-    return mnemonicFromStorage(storage);
-  }
-  getMnemonic(id) {
-    const mnemonic = this.#data.mnemonics.find(s => s.id === id);
-    return mnemonic ? mnemonicFromStorage(mnemonic) : null;
-  }
-  updateMnemonic(id, {
-    name,
-    confirmed
-  }) {
-    const mnemonic = this.#data.mnemonics.find(s => s.id === id);
-    if (!mnemonic) throw new Error("Mnemonic not found");
-    if (name !== undefined) {
-      if (typeof name !== "string" || !name) throw new Error("name must be a string");
-      mnemonic.name = name;
-    }
-    if (confirmed !== undefined) {
-      if (typeof confirmed !== "boolean") throw new Error("confirmed must be a boolean");
-      mnemonic.confirmed = confirmed;
-    }
-    return mnemonicFromStorage(mnemonic);
-  }
-  removeMnemonic(id) {
-    const index = this.#data.mnemonics.findIndex(mnemonic => mnemonic.id == id);
-    if (index === -1) throw new Error("Mnemonic not found");
-    this.#data.mnemonics.splice(index, 1);
-  }
-  async getMnemonicText(id, password) {
-    const mnemonic = this.#data.mnemonics.find(s => s.id === id);
-    if (!mnemonic) throw new Error("Mnemonic not found");
-    const entropy = await decryptData(mnemonic.entropy, password);
-    return crypto$1.entropyToMnemonic(entropy);
-  }
-  getExistingMnemonicId(mnemonic) {
-    const entropy = crypto$1.mnemonicToEntropy(mnemonic);
-    const mnemonicId = oneWayHash(entropy);
-    return this.#data.mnemonics.some(s => s.id === mnemonicId) ? mnemonicId : null;
-  }
-  getAccounts() {
-    return this.#data.accounts.map(accountFromStorage);
-  }
-  getAccount(address) {
-    const account = this.#data.accounts.find(s => crypto$1.isAddressEqual(s.address, address));
-    return account ? accountFromStorage(account) : null;
-  }
-  updateAccount(address, {
-    name,
-    isPortfolio,
-    genesisHash
-  }) {
-    const account = this.#data.accounts.find(s => s.address === address);
-    if (!account) throw new Error("Account not found");
-    if (name) {
-      if (typeof name !== "string" || !name) throw new Error("name is required");
-      account.name = name;
-    }
-    if (account.type === "watch-only" && isPortfolio !== undefined) {
-      if (typeof isPortfolio !== "boolean") throw new Error("isPortfolio must be a boolean");
-      account.isPortfolio = isPortfolio;
-    }
-    // allow updating genesisHash only for contacts
-    if (account.type === "contact") {
-      if (genesisHash) {
-        if (!isHexString(genesisHash)) throw new Error("genesisHash must be a hex string");
-        account.genesisHash = genesisHash;
-      } else delete account.genesisHash;
-    }
-    return accountFromStorage(account);
-  }
-  removeAccount(address) {
-    const index = this.#data.accounts.findIndex(s => crypto$1.isAddressEqual(s.address, address));
-    if (index === -1) throw new Error("Account not found");
-    this.#data.accounts.splice(index, 1);
-  }
-  addAccountExternal(options) {
-    const address = crypto$1.normalizeAddress(options.address); // breaks if invalid address
-
-    if (this.getAccount(address)) throw new Error("Account already exists");
-    const account = {
-      ...options,
-      address,
-      createdAt: Date.now()
-    };
-    if (!isAccountExternal(account)) throw new Error("Invalid account type");
-    this.#data.accounts.push(account);
-    return accountFromStorage(account);
-  }
-
-  /**
-   * Needs to be called before deriving an account from a mnemonic.
-   *
-   * This will ensure that it is present (or add it if possible) in the keyring before actually creating the account.
-   *
-   * @param options
-   * @param password
-   * @returns the id of the mnemonic
-   */
-  async ensureMnemonic(options, password) {
-    await this.checkPassword(password);
-    switch (options.type) {
-      case "new-mnemonic":
-        {
-          const {
-            mnemonic,
-            mnemonicName: name,
-            confirmed
-          } = options;
-          if (typeof name !== "string" || !name) throw new Error("mnemonicName is required");
-          if (typeof confirmed !== "boolean") throw new Error("confirmed is required");
-          const mnemonicId = this.getExistingMnemonicId(mnemonic);
-          if (mnemonicId) return mnemonicId;
-          const {
-            id
-          } = await this.addMnemonic({
-            name,
-            mnemonic,
-            confirmed
-          }, password);
-          return id;
-        }
-      case "existing-mnemonic":
-        {
-          if (typeof options.mnemonicId !== "string" || !options.mnemonicId) throw new Error("mnemonicId must be a string");
-          return options.mnemonicId;
-        }
-    }
-  }
-  async addAccountDerive(options, password) {
-    await this.checkPassword(password);
-    const {
-      curve,
-      derivationPath,
-      name
-    } = options;
-    const mnemonicId = await this.ensureMnemonic(options, password);
-    const mnemonic = this.#data.mnemonics.find(s => s.id === mnemonicId);
-    if (!mnemonic) throw new Error("Mnemonic not found");
-    const entropy = await decryptData(mnemonic.entropy, password);
-    const seed = await crypto$1.entropyToSeed(entropy, curve);
-    const pair = crypto$1.deriveKeypair(seed, derivationPath, curve);
-    if (this.getAccount(pair.address)) throw new Error("Account already exists");
-    const account = {
-      type: "keypair",
-      curve,
-      name,
-      address: crypto$1.normalizeAddress(pair.address),
-      secretKey: await encryptData(pair.secretKey, password),
-      mnemonicId,
-      derivationPath,
-      createdAt: Date.now()
-    };
-    this.#data.accounts.push(account);
-    return accountFromStorage(account);
-  }
-  async addAccountKeypair({
-    curve,
-    name,
-    secretKey
-  }, password) {
-    await this.checkPassword(password);
-    const publicKey = crypto$1.getPublicKeyFromSecret(secretKey, curve);
-    const encoding = crypto$1.addressEncodingFromCurve(curve);
-    const address = crypto$1.addressFromPublicKey(publicKey, encoding);
-    if (this.getAccount(address)) throw new Error("Account already exists");
-    const account = {
-      type: "keypair",
-      curve,
-      name,
-      address: crypto$1.normalizeAddress(address),
-      secretKey: await encryptData(secretKey, password),
-      createdAt: Date.now()
-    };
-    this.#data.accounts.push(account);
-    return accountFromStorage(account);
-  }
-  getAccountSecretKey(address, password) {
-    if (typeof address !== "string" || !address) throw new Error("address is required");
-    if (typeof password !== "string" || !password) throw new Error("password is required");
-    const account = this.#data.accounts.find(a => a.address === crypto$1.normalizeAddress(address));
-    if (!account) throw new Error("Account not found");
-    if (account.type !== "keypair") throw new Error("Secret key unavailable");
-    return decryptData(account.secretKey, password);
-  }
-  async getDerivedAddress(mnemonicId, derivationPath, curve, password) {
-    if (typeof mnemonicId !== "string" || !mnemonicId) throw new Error("mnemonicId is required");
-    if (typeof password !== "string" || !password) throw new Error("password is required");
-    const mnemonic = this.#data.mnemonics.find(s => s.id === mnemonicId);
-    if (!mnemonic) throw new Error("Mnemonic not found");
-    const entropy = await decryptData(mnemonic.entropy, password);
-    const seed = await crypto$1.entropyToSeed(entropy, curve);
-    const pair = crypto$1.deriveKeypair(seed, derivationPath, curve);
-    return pair.address;
-  }
-}
-const oneWayHash = bytes => {
-  if (typeof bytes === "string") bytes = crypto$1.utf8.decode(bytes);
-
-  // cryptographically secure one way hash
-  // outputs 44 characters without special characters
-  return crypto$1.base58.encode(crypto$1.blake3(bytes));
-};
-const mnemonicFromStorage = data => {
-  const copy = structuredClone(data);
-  if ("entropy" in copy) delete copy.entropy;
-  return Object.freeze(copy);
-};
-const accountFromStorage = data => {
-  const copy = structuredClone(data);
-  if ("secretKey" in copy) delete copy.secretKey;
-  return Object.freeze(copy);
-};
-
-exports.Keyring = Keyring;
-exports.getAccountGenesisHash = getAccountGenesisHash;
-exports.getAccountPlatform = getAccountPlatform;
-exports.getAccountSignetUrl = getAccountSignetUrl;
-exports.isAccountAddressEthereum = isAccountAddressEthereum;
-exports.isAccountAddressSs58 = isAccountAddressSs58;
-exports.isAccountBitcoin = isAccountBitcoin;
-exports.isAccountExternal = isAccountExternal;
-exports.isAccountInTypes = isAccountInTypes;
-exports.isAccountLedgerPolkadot = isAccountLedgerPolkadot;
-exports.isAccountLedgerPolkadotGeneric = isAccountLedgerPolkadotGeneric;
-exports.isAccountLedgerPolkadotLegacy = isAccountLedgerPolkadotLegacy;
-exports.isAccountNotContact = isAccountNotContact;
-exports.isAccountOfType = isAccountOfType;
-exports.isAccountOwned = isAccountOwned;
-exports.isAccountPlatformEthereum = isAccountPlatformEthereum;
-exports.isAccountPlatformPolkadot = isAccountPlatformPolkadot;
-exports.isAccountPlatformSolana = isAccountPlatformSolana;
-exports.isAccountPortfolio = isAccountPortfolio;