@tangle-network/blueprint-ui 0.1.0 → 0.1.2

package/src/hooks/useOperators.ts

@@ -9,9 +9,208 @@ export interface DiscoveredOperator {
   rpcAddress: string;
 }
 
+interface OperatorDiscoveryClient {
+  readContract(args: Record<string, unknown>): Promise<unknown>;
+  getLogs(args: Record<string, unknown>): Promise<Array<Record<string, unknown>>>;
+  multicall(args: Record<string, unknown>): Promise<Array<Record<string, unknown>>>;
+}
+
+interface OperatorDiscoveryResult {
+  operators: DiscoveredOperator[];
+  operatorCount: bigint;
+}
+
+function readPreferenceValue(
+  result: unknown,
+  field: 'ecdsaPublicKey' | 'rpcAddress',
+): string {
+  if (Array.isArray(result)) {
+    return String(result[field === 'ecdsaPublicKey' ? 0 : 1] ?? '');
+  }
+  if (result && typeof result === 'object') {
+    return String((result as Record<string, unknown>)[field] ?? '');
+  }
+  return '';
+}
+
+async function verifyCandidatesWithMulticall(
+  client: OperatorDiscoveryClient,
+  servicesAddress: Address,
+  blueprintId: bigint,
+  candidates: DiscoveredOperator[],
+): Promise<DiscoveredOperator[] | null> {
+  const [registrationResults, preferencesResults] = await Promise.all([
+    client.multicall({
+      contracts: candidates.map((op) => ({
+        address: servicesAddress,
+        abi: tangleOperatorsAbi,
+        functionName: 'isOperatorRegistered' as const,
+        args: [blueprintId, op.address] as const,
+      })),
+    }),
+    client.multicall({
+      contracts: candidates.map((op) => ({
+        address: servicesAddress,
+        abi: tangleOperatorsAbi,
+        functionName: 'getOperatorPreferences' as const,
+        args: [blueprintId, op.address] as const,
+      })),
+    }),
+  ]);
+
+  const hadRegistrationFailure = registrationResults.some((result) => result?.status === 'failure');
+  const hadPreferenceFailure = preferencesResults.some((result) => result?.status === 'failure');
+
+  const active: DiscoveredOperator[] = [];
+  candidates.forEach((op, i) => {
+    if (registrationResults[i]?.result !== true) return;
+    const prefs = preferencesResults[i];
+    if (prefs?.status === 'success' && prefs.result != null) {
+      active.push({
+        ...op,
+        ecdsaPublicKey: readPreferenceValue(prefs.result, 'ecdsaPublicKey') || op.ecdsaPublicKey,
+        rpcAddress: readPreferenceValue(prefs.result, 'rpcAddress') || op.rpcAddress,
+      });
+      return;
+    }
+    active.push(op);
+  });
+
+  if (active.length === 0 && (hadRegistrationFailure || hadPreferenceFailure)) {
+    return null;
+  }
+
+  return active;
+}
+
+async function verifyCandidatesDirectly(
+  client: OperatorDiscoveryClient,
+  servicesAddress: Address,
+  blueprintId: bigint,
+  candidates: DiscoveredOperator[],
+): Promise<DiscoveredOperator[]> {
+  const results = await Promise.allSettled(
+    candidates.map(async (op) => {
+      const registration = await client.readContract({
+        address: servicesAddress,
+        abi: tangleOperatorsAbi,
+        functionName: 'isOperatorRegistered',
+        args: [blueprintId, op.address],
+      });
+
+      if (registration !== true) {
+        return null;
+      }
+
+      try {
+        const preferences = await client.readContract({
+          address: servicesAddress,
+          abi: tangleOperatorsAbi,
+          functionName: 'getOperatorPreferences',
+          args: [blueprintId, op.address],
+        });
+
+        return {
+          ...op,
+          ecdsaPublicKey: readPreferenceValue(preferences, 'ecdsaPublicKey') || op.ecdsaPublicKey,
+          rpcAddress: readPreferenceValue(preferences, 'rpcAddress') || op.rpcAddress,
+        };
+      } catch {
+        return op;
+      }
+    }),
+  );
+
+  const active = results
+    .filter((result): result is PromiseFulfilledResult<DiscoveredOperator | null> => result.status === 'fulfilled')
+    .map((result) => result.value)
+    .filter((op): op is DiscoveredOperator => op != null);
+
+  if (active.length > 0) {
+    return active;
+  }
+
+  const failure = results.find((result): result is PromiseRejectedResult => result.status === 'rejected');
+  if (failure) {
+    throw failure.reason instanceof Error ? failure.reason : new Error(String(failure.reason));
+  }
+
+  return [];
+}
+
+/**
+ * Shared discovery logic for operator lookup.
+ * Tries multicall first for efficiency, then falls back to direct reads when
+ * multicall is unavailable in local/dev environments.
+ */
+export async function discoverOperatorsWithClient(
+  client: OperatorDiscoveryClient,
+  servicesAddress: Address,
+  blueprintId: bigint,
+): Promise<OperatorDiscoveryResult> {
+  const count = await client.readContract({
+    address: servicesAddress,
+    abi: tangleOperatorsAbi,
+    functionName: 'blueprintOperatorCount',
+    args: [blueprintId],
+  });
+  const operatorCount = count as bigint;
+
+  if (operatorCount === 0n) {
+    return { operators: [], operatorCount };
+  }
+
+  const registeredLogs = await client.getLogs({
+    address: servicesAddress,
+    event: {
+      type: 'event' as const,
+      name: 'OperatorRegistered',
+      inputs: [
+        { name: 'blueprintId', type: 'uint64', indexed: true },
+        { name: 'operator', type: 'address', indexed: true },
+        { name: 'ecdsaPublicKey', type: 'bytes', indexed: false },
+        { name: 'rpcAddress', type: 'string', indexed: false },
+      ],
+    },
+    args: { blueprintId },
+    fromBlock: 0n,
+    toBlock: 'latest',
+  });
+
+  const byAddress = new Map<Address, DiscoveredOperator>();
+  for (const log of registeredLogs) {
+    const args = (log.args ?? {}) as Record<string, unknown>;
+    const addr = args.operator as Address | undefined;
+    if (!addr) continue;
+    byAddress.set(addr, {
+      address: addr,
+      ecdsaPublicKey: String(args.ecdsaPublicKey ?? '0x'),
+      rpcAddress: String(args.rpcAddress ?? ''),
+    });
+  }
+
+  const candidates = Array.from(byAddress.values());
+  if (candidates.length === 0) {
+    return { operators: [], operatorCount };
+  }
+
+  try {
+    const active = await verifyCandidatesWithMulticall(client, servicesAddress, blueprintId, candidates);
+    if (active != null) {
+      return { operators: active, operatorCount };
+    }
+  } catch {
+    // Fall through to direct reads below.
+  }
+
+  const active = await verifyCandidatesDirectly(client, servicesAddress, blueprintId, candidates);
+  return { operators: active, operatorCount };
+}
+
 /**
  * Discover operators registered for a blueprint by scanning OperatorRegistered
- * events, then verifying each is still active via multicall.
+ * events, then verifying each is still active. Falls back to direct reads when
+ * multicall is unavailable.
  */
 export function useOperators(blueprintId: bigint) {
   const [operators, setOperators] = useState<DiscoveredOperator[]>([]);
@@ -28,102 +227,10 @@ export function useOperators(blueprintId: bigint) {
       setError(null);
 
       try {
-        // Step 1: Check operator count
-        const count = await publicClient.readContract({
-          address: addrs.services,
-          abi: tangleOperatorsAbi,
-          functionName: 'blueprintOperatorCount',
-          args: [blueprintId],
-        });
-        if (cancelled) return;
-        setOperatorCount(count as bigint);
-
-        if ((count as bigint) === 0n) {
-          setOperators([]);
-          setIsLoading(false);
-          return;
-        }
-
-        // Step 2: Fetch OperatorRegistered logs
-        const registeredLogs = await publicClient.getLogs({
-          address: addrs.services,
-          event: {
-            type: 'event' as const,
-            name: 'OperatorRegistered',
-            inputs: [
-              { name: 'blueprintId', type: 'uint64', indexed: true },
-              { name: 'operator', type: 'address', indexed: true },
-              { name: 'ecdsaPublicKey', type: 'bytes', indexed: false },
-              { name: 'rpcAddress', type: 'string', indexed: false },
-            ],
-          },
-          args: { blueprintId },
-          fromBlock: 0n,
-          toBlock: 'latest',
-        });
-
-        if (cancelled) return;
-
-        // Deduplicate by address (keep latest)
-        const byAddress = new Map<Address, DiscoveredOperator>();
-        for (const log of registeredLogs) {
-          const addr = log.args.operator as Address | undefined;
-          if (!addr) continue;
-          byAddress.set(addr, {
-            address: addr,
-            ecdsaPublicKey: (log.args.ecdsaPublicKey as string) ?? '0x',
-            rpcAddress: (log.args.rpcAddress as string) ?? '',
-          });
-        }
-
-        const candidates = Array.from(byAddress.values());
-        if (candidates.length === 0) {
-          setOperators([]);
-          setIsLoading(false);
-          return;
-        }
-
-        // Step 3: Verify each is still registered + fetch current preferences
-        const [registrationResults, preferencesResults] = await Promise.all([
-          publicClient.multicall({
-            contracts: candidates.map((op) => ({
-              address: addrs.services,
-              abi: tangleOperatorsAbi,
-              functionName: 'isOperatorRegistered' as const,
-              args: [blueprintId, op.address] as const,
-            })),
-          }),
-          publicClient.multicall({
-            contracts: candidates.map((op) => ({
-              address: addrs.services,
-              abi: tangleOperatorsAbi,
-              functionName: 'getOperatorPreferences' as const,
-              args: [blueprintId, op.address] as const,
-            })),
-          }),
-        ]);
-
+        const result = await discoverOperatorsWithClient(publicClient, addrs.services, blueprintId);
         if (cancelled) return;
-
-        const active: DiscoveredOperator[] = [];
-        candidates.forEach((op, i) => {
-          if (registrationResults[i]?.result !== true) return;
-          const prefs = preferencesResults[i];
-          if (prefs?.status === 'success' && prefs.result != null) {
-            const result = prefs.result as Record<string, unknown>;
-            const ecdsaKey = Array.isArray(result) ? String(result[0] ?? '') : String((result as any).ecdsaPublicKey ?? '');
-            const rpcAddr = Array.isArray(result) ? String(result[1] ?? '') : String((result as any).rpcAddress ?? '');
-            active.push({
-              ...op,
-              ecdsaPublicKey: ecdsaKey || op.ecdsaPublicKey,
-              rpcAddress: rpcAddr || op.rpcAddress,
-            });
-          } else {
-            active.push(op);
-          }
-        });
-
-        setOperators(active);
+        setOperatorCount(result.operatorCount);
+        setOperators(result.operators);
       } catch (err) {
         if (!cancelled) {
           setError(err instanceof Error ? err : new Error(String(err)));

package/src/hooks/useProvisionProgress.ts

@@ -1,4 +1,5 @@
 import { useCallback, useEffect, useRef, useState } from 'react';
+import { getEnvVar } from '../utils/env';
 
 // ---------------------------------------------------------------------------
 // Types matching sandbox-runtime/src/provision_progress.rs
@@ -64,7 +65,7 @@ export function useProvisionProgress({
   const [isPolling, setIsPolling] = useState(false);
   const intervalRef = useRef<ReturnType<typeof setInterval> | null>(null);
 
-  const baseUrl = apiUrl ?? import.meta.env.VITE_OPERATOR_API_URL ?? 'http://localhost:9090';
+  const baseUrl = apiUrl ?? getEnvVar('VITE_OPERATOR_API_URL') ?? 'http://localhost:9090';
 
   const fetchProgress = useCallback(async () => {
     if (callId == null) return;

package/src/hooks/useQuotes.ts

@@ -18,6 +18,16 @@ import { resolveOperatorRpc } from '../utils/resolveOperatorRpc';
 
 // ── Types ──
 
+type SecurityCommitment = {
+  asset: { kind: number; token: Address };
+  exposureBps: number;
+};
+
+type ResourceCommitment = {
+  kind: number;
+  count: bigint;
+};
+
 export interface OperatorQuote {
   operator: Address;
   totalCost: bigint;
@@ -28,12 +38,13 @@ export interface OperatorQuote {
     totalCost: bigint;
     timestamp: bigint;
     expiry: bigint;
-    securityCommitments: readonly {
-      asset: { kind: number; token: Address };
-      exposureBps: number;
-    }[];
+    confidentiality: number;
+    securityCommitments: readonly SecurityCommitment[];
+    resourceCommitments: readonly ResourceCommitment[];
   };
   costRate: number;
+  teeAttested?: boolean;
+  teeProvider?: string;
 }
 
 export interface UseQuotesResult {
@@ -49,6 +60,20 @@ export interface UseQuotesResult {
 
 const POW_DIFFICULTY = 20;
 const WEI_PER_TNT = 1_000_000_000_000_000_000; // 10^18
+const RESOURCE_KIND_TO_ID = {
+  CPU: 0,
+  MemoryMB: 1,
+  StorageMB: 2,
+  NetworkEgressMB: 3,
+  NetworkIngressMB: 4,
+  GPU: 5,
+} as const;
+const ZERO_ADDRESS = '0x0000000000000000000000000000000000000000' as Address;
+const DEFAULT_RESOURCE_REQUIREMENTS = [
+  { kind: 'CPU', count: 1 },
+  { kind: 'MemoryMB', count: 1024 },
+  { kind: 'StorageMB', count: 10240 },
+] as const;
 
 function sha256(data: Uint8Array): Uint8Array {
   return viemSha256(data, 'bytes');
@@ -114,6 +139,35 @@ export function formatCost(totalCost: bigint): string {
   return `${tnt.toLocaleString(undefined, { maximumFractionDigits: 2 })} TNT`;
 }
 
+function quoteConfidentiality(requireTee: boolean): number {
+  return requireTee ? 1 : 0;
+}
+
+function resourceKindToId(kind: string): number {
+  const mapped = RESOURCE_KIND_TO_ID[kind as keyof typeof RESOURCE_KIND_TO_ID];
+  if (mapped === undefined) {
+    throw new Error(`Unsupported resource kind in quote: ${kind}`);
+  }
+  return mapped;
+}
+
+function mapJsonSecurityCommitment(sc: any): SecurityCommitment {
+  return {
+    asset: {
+      kind: sc.asset?.kind ?? 0,
+      token: (sc.asset?.token ?? ZERO_ADDRESS) as Address,
+    },
+    exposureBps: sc.exposure_bps ?? 0,
+  };
+}
+
+function mapJsonResourceCommitment(resource: any): ResourceCommitment {
+  return {
+    kind: resourceKindToId(String(resource.kind ?? 'CPU')),
+    count: BigInt(resource.count ?? 0),
+  };
+}
+
 // ── Hook ──
 
 export function useQuotes(
@@ -121,6 +175,7 @@ export function useQuotes(
   blueprintId: bigint,
   ttlBlocks: bigint,
   enabled: boolean,
+  requireTee = false,
 ): UseQuotesResult {
   const [quotes, setQuotes] = useState<OperatorQuote[]>([]);
   const [isLoading, setIsLoading] = useState(false);
@@ -168,6 +223,7 @@ export function useQuotes(
             ttlBlocks,
             proofOfWork: proof,
             challengeTimestamp: timestamp,
+            requireTee,
           });
 
           if (!response) throw new Error('No quote returned from operator');
@@ -194,7 +250,7 @@ export function useQuotes(
     return () => {
       cancelled = true;
     };
-  }, [operators, blueprintId, ttlBlocks, enabled, fetchKey]);
+  }, [operators, blueprintId, ttlBlocks, enabled, fetchKey, requireTee]);
 
   const totalCost = quotes.reduce((sum, q) => sum + q.totalCost, 0n);
 
@@ -213,6 +269,7 @@ async function fetchPriceFromOperator(
     ttlBlocks: bigint;
     proofOfWork: Uint8Array;
     challengeTimestamp: bigint;
+    requireTee: boolean;
   },
 ): Promise<OperatorQuote | null> {
   // Try JSON endpoint (simpler, no protobuf dependency required)
@@ -225,11 +282,8 @@ async function fetchPriceFromOperator(
         ttl_blocks: String(params.ttlBlocks),
         proof_of_work: toHex(params.proofOfWork),
         challenge_timestamp: String(params.challengeTimestamp),
-        resource_requirements: [
-          { kind: 'CPU', count: 1 },
-          { kind: 'MemoryMB', count: 1024 },
-          { kind: 'StorageMB', count: 10240 },
-        ],
+        require_tee: params.requireTee,
+        resource_requirements: DEFAULT_RESOURCE_REQUIREMENTS,
       }),
       signal: AbortSignal.timeout(10_000),
     });
@@ -242,16 +296,17 @@ async function fetchPriceFromOperator(
       totalCost: BigInt(data.total_cost ?? '0'),
       signature: (data.signature ?? '0x') as `0x${string}`,
       costRate: Number(data.cost_rate ?? 0),
+      teeAttested: Boolean(data.tee_attested),
+      teeProvider: data.tee_provider || undefined,
       details: {
         blueprintId: BigInt(data.details?.blueprint_id ?? params.blueprintId),
         ttlBlocks: BigInt(data.details?.ttl_blocks ?? params.ttlBlocks),
         totalCost: BigInt(data.details?.total_cost ?? '0'),
         timestamp: BigInt(data.details?.timestamp ?? params.challengeTimestamp),
         expiry: BigInt(data.details?.expiry ?? '0'),
-        securityCommitments: (data.details?.security_commitments ?? []).map((sc: any) => ({
-          asset: { kind: sc.asset?.kind ?? 0, token: (sc.asset?.token ?? '0x0000000000000000000000000000000000000000') as Address },
-          exposureBps: sc.exposure_bps ?? 0,
-        })),
+        confidentiality: Number(data.details?.confidentiality ?? quoteConfidentiality(params.requireTee)),
+        securityCommitments: (data.details?.security_commitments ?? []).map(mapJsonSecurityCommitment),
+        resourceCommitments: (data.details?.resources ?? []).map(mapJsonResourceCommitment),
       },
     };
   } catch {

package/src/hooks/useSessionAuth.ts

@@ -1,6 +1,7 @@
 import { useCallback, useState } from 'react';
 import { useSignMessage } from 'wagmi';
 import { getSession, setSession, removeSession, type SessionEntry } from '../stores/session';
+import { getEnvVar } from '../utils/env';
 
 // ---------------------------------------------------------------------------
 // Types
@@ -28,7 +29,7 @@ interface UseSessionAuthOptions {
 }
 
 export function useSessionAuth({ sandboxId, apiUrl }: UseSessionAuthOptions) {
-  const baseUrl = apiUrl ?? import.meta.env.VITE_OPERATOR_API_URL ?? 'http://localhost:9090';
+  const baseUrl = apiUrl ?? getEnvVar('VITE_OPERATOR_API_URL') ?? 'http://localhost:9090';
   const { signMessageAsync } = useSignMessage();
 
   const [isAuthenticating, setIsAuthenticating] = useState(false);

package/src/hooks/useSidecarAuth.ts

@@ -0,0 +1,173 @@
+import { useState, useCallback, useEffect, useRef } from 'react';
+
+// ---------------------------------------------------------------------------
+// Types
+// ---------------------------------------------------------------------------
+
+export interface UseSidecarAuthOptions {
+  /** Scoping key for token storage (e.g. botId, sandboxId). */
+  resourceId: string;
+  /** Base URL of the sidecar or operator API. */
+  apiUrl: string;
+  /**
+   * Sign a plaintext message and return the hex signature.
+   * Consuming apps wire this to their wallet library (e.g. wagmi's signMessageAsync).
+   */
+  signMessage: (message: string) => Promise<string>;
+}
+
+export interface SidecarAuth {
+  token: string | null;
+  isAuthenticated: boolean;
+  isAuthenticating: boolean;
+  authenticate: () => Promise<string | null>;
+  clearCachedToken: () => void;
+  error: string | null;
+}
+
+// ---------------------------------------------------------------------------
+// localStorage helpers
+// ---------------------------------------------------------------------------
+
+function storageKey(resourceId: string, apiUrl: string): string {
+  return `sidecar_session_${resourceId}__${apiUrl}`;
+}
+
+function loadSession(resourceId: string, apiUrl: string): { token: string; expiresAt: number } | null {
+  if (typeof window === 'undefined') return null;
+  try {
+    const raw = localStorage.getItem(storageKey(resourceId, apiUrl));
+    if (!raw) return null;
+    const data = JSON.parse(raw) as { token: string; expiresAt: number };
+    // Discard if within 60s of expiry
+    if (data.expiresAt * 1000 - Date.now() < 60_000) {
+      localStorage.removeItem(storageKey(resourceId, apiUrl));
+      return null;
+    }
+    return data;
+  } catch {
+    return null;
+  }
+}
+
+function saveSession(resourceId: string, apiUrl: string, token: string, expiresAt: number) {
+  if (typeof window === 'undefined') return;
+  try {
+    localStorage.setItem(storageKey(resourceId, apiUrl), JSON.stringify({ token, expiresAt }));
+  } catch {
+    // storage full — ignore
+  }
+}
+
+function clearSession(resourceId: string, apiUrl: string) {
+  if (typeof window === 'undefined') return;
+  localStorage.removeItem(storageKey(resourceId, apiUrl));
+}
+
+// ---------------------------------------------------------------------------
+// Hook
+// ---------------------------------------------------------------------------
+
+/**
+ * Generic sidecar PASETO challenge/response auth.
+ *
+ * Flow:
+ * 1. POST /api/auth/challenge  -> { nonce, message, expires_at }
+ * 2. signMessage(message)       -> signature (provided by consuming app)
+ * 3. POST /api/auth/session     -> { token, address, expires_at }
+ *
+ * Tokens are cached in localStorage and auto-refreshed 5 minutes before expiry.
+ */
+export function useSidecarAuth({ resourceId, apiUrl, signMessage }: UseSidecarAuthOptions): SidecarAuth {
+  const cached = loadSession(resourceId, apiUrl);
+  const [token, setToken] = useState<string | null>(cached?.token ?? null);
+  const [expiresAt, setExpiresAt] = useState<number>(cached?.expiresAt ?? 0);
+  const [isAuthenticating, setIsAuthenticating] = useState(false);
+  const [error, setError] = useState<string | null>(null);
+  const refreshTimerRef = useRef<ReturnType<typeof setTimeout>>();
+
+  const clearCachedToken = useCallback(() => {
+    setToken(null);
+    setExpiresAt(0);
+    clearSession(resourceId, apiUrl);
+  }, [resourceId, apiUrl]);
+
+  const authenticate = useCallback(async (): Promise<string | null> => {
+    if (!apiUrl) return null;
+    setIsAuthenticating(true);
+    setError(null);
+
+    try {
+      // Step 1: Get challenge
+      const challengeRes = await fetch(`${apiUrl}/api/auth/challenge`, {
+        method: 'POST',
+      });
+      if (!challengeRes.ok) {
+        throw new Error(`Challenge failed: ${challengeRes.status}`);
+      }
+      const { nonce, message } = await challengeRes.json();
+
+      // Step 2: Sign with wallet (injected)
+      const signature = await signMessage(message);
+
+      // Step 3: Exchange for session token
+      const sessionRes = await fetch(`${apiUrl}/api/auth/session`, {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/json' },
+        body: JSON.stringify({ nonce, signature }),
+      });
+      if (!sessionRes.ok) {
+        const text = await sessionRes.text();
+        throw new Error(text || `Session exchange failed: ${sessionRes.status}`);
+      }
+
+      const { token: newToken, expires_at } = await sessionRes.json();
+      setToken(newToken);
+      setExpiresAt(expires_at);
+      saveSession(resourceId, apiUrl, newToken, expires_at);
+      return newToken;
+    } catch (err) {
+      setError(err instanceof Error ? err.message : 'Authentication failed');
+      clearCachedToken();
+      return null;
+    } finally {
+      setIsAuthenticating(false);
+    }
+  }, [resourceId, apiUrl, signMessage, clearCachedToken]);
+
+  // Auto-refresh token 5 minutes before expiry
+  useEffect(() => {
+    if (refreshTimerRef.current) {
+      clearTimeout(refreshTimerRef.current);
+    }
+
+    if (!token || !expiresAt) return;
+
+    const msUntilRefresh = (expiresAt - 300) * 1000 - Date.now();
+    if (msUntilRefresh <= 0) {
+      clearCachedToken();
+      return;
+    }
+
+    refreshTimerRef.current = setTimeout(() => {
+      authenticate().catch(() => {
+        clearCachedToken();
+      });
+    }, msUntilRefresh);
+
+    return () => {
+      if (refreshTimerRef.current) {
+        clearTimeout(refreshTimerRef.current);
+      }
+    };
+  }, [token, expiresAt, authenticate, clearCachedToken]);
+
+  return {
+    token,
+    isAuthenticated: token !== null,
+    isAuthenticating,
+    authenticate,
+    clearCachedToken,
+    error,
+  };
+}

package/src/hooks/useWagmiSidecarAuth.ts

@@ -0,0 +1,11 @@
+import { useSignMessage } from 'wagmi';
+import { useSidecarAuth } from './useSidecarAuth';
+
+export function useWagmiSidecarAuth(resourceId: string, apiUrl: string) {
+  const { signMessageAsync } = useSignMessage();
+  return useSidecarAuth({
+    resourceId,
+    apiUrl,
+    signMessage: (msg: string) => signMessageAsync({ message: msg }),
+  });
+}