@tapforce/pod-bridge-sdk 1.1.17 → 1.2.2

package/dist/libs/abi/bridge.abi.js

@@ -1,49 +1,29 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.SOURCE_CHAIN_BRIDGE_ABI = exports.POD_BRIDGE_ABI = void 0;
+exports.POD_BRIDGE_ABI = exports.SOURCE_CHAIN_BRIDGE_ABI = exports.BRIDGE_ABI = void 0;
 /**
- * ABI for BridgeMintBurn contract on POD Chain
- * - Deposits burn tokens
- * - Claims use block number verification via precompiles
+ * ABI for Bridge contract on Source Chain (ETH/Sepolia)
+ * New architecture:
+ * - ETH -> Pod: deposit on ETH, auto-claim on Pod (no claim needed)
+ * - Pod -> ETH: deposit on Pod, claim on ETH with aggregated validator signatures
+ * - Only ERC20 tokens supported (no native ETH - must wrap to WETH)
  */
-exports.POD_BRIDGE_ABI = [
+exports.BRIDGE_ABI = [
     // Events
-    "event Deposit(uint256 indexed id, address indexed from, address indexed to, address token, uint256 amount, uint256 timestamp, uint256 blockNumber)",
-    "event DepositNative(uint256 indexed id, address indexed from, address indexed to, uint256 amount, uint256 timestamp, uint256 blockNumber)",
-    "event Claim(uint256 indexed id, address indexed claimer, address indexed to, address mirrorToken, address token, uint256 amount, uint256 timestamp)",
-    "event ClaimNative(uint256 indexed id, address indexed claimer, address indexed to, uint256 amount, uint256 timestamp)",
-    "event BurnNative(address indexed from, uint256 amount)",
-    // Deposit functions
-    "function deposit(address token, uint256 amount, address to) returns (uint256)",
-    "function depositNative(address to) payable returns (uint256)",
-    // Claim functions (use block number verification)
-    "function claim(uint256 id, address token, uint256 blockNumber)",
-    "function claimNative(uint256 id, uint256 blockNumber)",
+    "event Deposit(bytes32 indexed id, address indexed from, address indexed to, address token, uint256 amount)",
+    "event Claim(bytes32 indexed id, address indexed to, address token, uint256 amount)",
+    // Deposit function (ERC20 only)
+    "function deposit(address token, uint256 amount, address to) returns (bytes32)",
+    // Claim function with aggregated validator signatures
+    "function claim(address token, uint256 amount, address to, uint64 committeeEpoch, bytes aggregatedSignatures, bytes proof)",
     // View functions
     "function processedRequests(bytes32) view returns (bool)",
-    "function bridgeContract() view returns (address)",
-    "function SOURCE_CHAIN_ID() view returns (uint96)",
-    "function areRequestsProcessed(uint256[] ids, address[] tokens, uint256[] amounts, address[] tos) view returns (bool[])",
-];
-/**
- * ABI for BridgeDepositWithdraw contract on Source Chain (e.g., Sepolia)
- * - Deposits lock tokens
- * - Claims use POD certificates with attestations and merkle proofs
- */
-exports.SOURCE_CHAIN_BRIDGE_ABI = [
-    // Events
-    "event Deposit(uint256 indexed id, address indexed from, address indexed to, address token, uint256 amount, uint256 timestamp, uint256 blockNumber)",
-    "event DepositNative(uint256 indexed id, address indexed from, address indexed to, uint256 amount, uint256 timestamp, uint256 blockNumber)",
-    "event Claim(uint256 indexed id, address indexed claimer, address indexed to, address mirrorToken, address token, uint256 amount, uint256 timestamp)",
-    "event ClaimNative(uint256 indexed id, address indexed claimer, address indexed to, uint256 amount, uint256 timestamp)",
-    // Deposit functions
-    "function deposit(address token, uint256 amount, address to) returns (uint256)",
-    "function depositNative(address to) payable returns (uint256)",
-    // Claim functions (use PodECDSA.CertifiedLog with certificates)
-    "function claim(tuple(tuple(address addr, bytes32[] topics, bytes data) log, uint256 logIndex, tuple(tuple(bytes32 receiptRoot, bytes aggregateSignature, uint256[] sortedAttestationTimestamps) certifiedReceipt, bytes32 leaf, tuple(bytes32[] path) proof) certificate) certifiedLog)",
-    "function claimNative(tuple(tuple(address addr, bytes32[] topics, bytes data) log, uint256 logIndex, tuple(tuple(bytes32 receiptRoot, bytes aggregateSignature, uint256[] sortedAttestationTimestamps) certifiedReceipt, bytes32 leaf, tuple(bytes32[] path) proof) certificate) certifiedLog)",
-    // View functions
-    "function processedRequests(bytes32) view returns (bool)",
-    "function bridgeContract() view returns (address)",
-    "function areRequestsProcessed(uint256[] ids, address[] tokens, uint256[] amounts, address[] tos) view returns (bool[])",
+    "function BRIDGE_CONTRACT() view returns (address)",
+    "function DOMAIN_SEPARATOR() view returns (bytes32)",
+    "function tokenData(address) view returns (uint256 minAmount, uint256 depositLimit, uint256 claimLimit, tuple(uint256 consumed, uint256 lastUpdated) depositUsage, tuple(uint256 consumed, uint256 lastUpdated) claimUsage, address mirrorToken)",
+    "function whitelistedTokens(uint256) view returns (address)",
+    "function depositIndex() view returns (uint256)",
 ];
+// Legacy alias for backwards compatibility
+exports.SOURCE_CHAIN_BRIDGE_ABI = exports.BRIDGE_ABI;
+exports.POD_BRIDGE_ABI = exports.BRIDGE_ABI;

package/dist/libs/helpers/convert-certified-log.helper.d.ts

@@ -1,23 +1,11 @@
-import { CertifiedLog } from "../types/pod-bridge.types";
 /**
- * Convert FFI CertifiedLog to the TypeScript CertifiedLog format
+ * @deprecated This helper is no longer needed in the new bridge architecture.
+ *
+ * The new bridge uses aggregated validator signatures instead of certified logs.
+ * See signature-recovery.helper.ts for the new signature recovery utilities.
+ *
+ * New architecture:
+ * - ETH -> Pod: Auto-claim on Pod (no claim transaction needed)
+ * - Pod -> ETH: Claim with aggregated 65-byte ECDSA signatures
  */
-export declare const convertFFICertifiedLog: (ffi: CertifiedLog) => {
-    log: {
-        addr: string;
-        topics: string[];
-        data: string;
-    };
-    logIndex: bigint;
-    certificate: {
-        certifiedReceipt: {
-            receiptRoot: string;
-            aggregateSignature: string;
-            sortedAttestationTimestamps: bigint[];
-        };
-        leaf: string;
-        proof: {
-            path: string[];
-        };
-    };
-};
+export declare const convertFFICertifiedLog: (_ffi: unknown) => never;

package/dist/libs/helpers/convert-certified-log.helper.js

@@ -1,28 +1,19 @@
 "use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.convertFFICertifiedLog = void 0;
 /**
- * Convert FFI CertifiedLog to the TypeScript CertifiedLog format
+ * @deprecated This helper is no longer needed in the new bridge architecture.
+ *
+ * The new bridge uses aggregated validator signatures instead of certified logs.
+ * See signature-recovery.helper.ts for the new signature recovery utilities.
+ *
+ * New architecture:
+ * - ETH -> Pod: Auto-claim on Pod (no claim transaction needed)
+ * - Pod -> ETH: Claim with aggregated 65-byte ECDSA signatures
  */
-const convertFFICertifiedLog = (ffi) => {
-    return {
-        log: {
-            addr: ffi.log.addr,
-            topics: ffi.log.topics,
-            data: ffi.log.data,
-        },
-        logIndex: BigInt(ffi.log_index),
-        certificate: {
-            certifiedReceipt: {
-                receiptRoot: ffi.certificate.certified_receipt.receipt_root,
-                aggregateSignature: ffi.certificate.certified_receipt.aggregate_signature,
-                sortedAttestationTimestamps: ffi.certificate.certified_receipt.sorted_attestation_timestamps.map(t => BigInt(t)),
-            },
-            leaf: ffi.certificate.leaf,
-            proof: {
-                path: ffi.certificate.proof.path,
-            },
-        },
-    };
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.convertFFICertifiedLog = void 0;
+// Kept for backwards compatibility, but will be removed in future versions
+const convertFFICertifiedLog = (_ffi) => {
+    console.warn('[DEPRECATED] convertFFICertifiedLog is deprecated. Use signature-recovery.helper.ts instead.');
+    throw new Error('CertifiedLog format is no longer supported. Use ClaimProofData with aggregated signatures.');
 };
 exports.convertFFICertifiedLog = convertFFICertifiedLog;

package/dist/libs/helpers/signature-recovery.helper.d.ts

@@ -0,0 +1,161 @@
+import { PodTransactionReceipt } from '../pod-sdk/src/types/responses';
+/**
+ * Parse a DER-encoded ECDSA signature to extract r and s components.
+ *
+ * DER format:
+ * 0x30 [total-length] 0x02 [r-length] [r] 0x02 [s-length] [s]
+ *
+ * Example: 3044022020749ca9...0220292484ed...
+ * - 30 = SEQUENCE tag
+ * - 44 = total length (68 bytes)
+ * - 02 = INTEGER tag for r
+ * - 20 = r length (32 bytes)
+ * - [32 bytes of r]
+ * - 02 = INTEGER tag for s
+ * - 20 = s length (32 bytes)
+ * - [32 bytes of s]
+ *
+ * @param derSignature The DER-encoded signature as hex string
+ * @returns Object with r and s as 32-byte hex strings (0x prefixed)
+ */
+export declare function parseDerSignature(derSignature: string): {
+    r: string;
+    s: string;
+};
+/**
+ * Derive Ethereum address from a public key.
+ *
+ * @param publicKey The public key (uncompressed 65 bytes with 04 prefix, or 64 bytes x||y)
+ * @returns The Ethereum address
+ */
+export declare function addressFromPublicKey(publicKey: string): string;
+/**
+ * Recover a 65-byte ECDSA signature (r,s,v) from a 64-byte compact signature.
+ *
+ * Exactly matches the Rust implementation:
+ * ```rust
+ * pub fn recover_65b_signature(
+ *     sig: &Signature,
+ *     msg_hash: [u8; 32],
+ *     pubkey: &PublicKey,
+ * ) -> anyhow::Result<[u8; 65]> {
+ *     let secp = Secp256k1::new();
+ *     let msg = Message::from_digest(msg_hash);
+ *     let sig_bytes = sig.serialize_compact();
+ *
+ *     for recovery_id in [RecoveryId::Zero, RecoveryId::One] {
+ *         let recoverable_sig = RecoverableSignature::from_compact(&sig_bytes, recovery_id)?;
+ *         match secp.recover_ecdsa(msg, &recoverable_sig) {
+ *             Ok(recovered_key) => {
+ *                 if recovered_key == *pubkey {
+ *                     return Ok(recoverable_sig.to_alloy().as_bytes());
+ *                 }
+ *             }
+ *             Err(e) => { ... }
+ *         }
+ *     }
+ *     Err(anyhow!("Could not find valid recovery ID for signature"))
+ * }
+ * ```
+ *
+ * @param r The r component of the signature (32 bytes hex)
+ * @param s The s component of the signature (32 bytes hex)
+ * @param msgHash The 32-byte message hash that was signed
+ * @param publicKey The expected signer's public key
+ * @returns The 65-byte signature (r || s || v) or null if recovery fails
+ */
+export declare function recoverSignature65B(r: string, s: string, msgHash: string, publicKey: string): string | null;
+/**
+ * Recover multiple 65-byte signatures from concatenated 64-byte signatures.
+ *
+ * @param aggregatedSig64 Concatenated 64-byte signatures (r || s for each)
+ * @param msgHash The message hash that was signed
+ * @param publicKeys Array of expected signer public keys in order
+ * @returns Concatenated 65-byte signatures or null if any recovery fails
+ */
+export declare function recoverAggregatedSignatures65B(aggregatedSig64: string | Uint8Array, msgHash: string, publicKeys: string[]): string | null;
+/**
+ * Compute the transaction hash for a bridge deposit that needs to be signed.
+ * This matches the depositTxHash function in the Bridge.sol contract.
+ *
+ * @param domainSeparator The domain separator from the bridge contract
+ * @param bridgeContract The address of the bridge contract on the other chain
+ * @param token The token address
+ * @param amount The amount
+ * @param to The recipient address
+ * @param proof The proof (deposit TX hash)
+ * @returns The transaction hash to be signed
+ */
+export declare function computeDepositTxHash(domainSeparator: string, bridgeContract: string, token: string, amount: bigint | string, to: string, proof: string): string;
+/**
+ * Extract aggregated 65-byte signatures from Pod transaction receipt.
+ *
+ * Receipt format:
+ * - attested_tx.hash: The transaction hash that was signed
+ * - signatures: Object with numeric keys containing DER-encoded signatures
+ *
+ * @param receipt The Pod transaction receipt
+ * @param msgHash Optional override for the message hash (defaults to attested_tx.hash)
+ * @param committeePublicKeys Optional array of validator public keys for v-value recovery
+ * @returns Concatenated 65-byte signatures (r || s || v for each signature)
+ */
+export declare function extractAggregatedSignatures(receipt: PodTransactionReceipt, msgHash?: string, committeePublicKeys?: string[]): string;
+/**
+ * Recover a 65-byte signature without knowing the public key.
+ * Tries both v values (27 and 28) and returns the first valid recovery.
+ *
+ * WARNING: This is less secure as we can't verify the signer.
+ * Use recoverSignature65B with public key when possible.
+ *
+ * @param r The r component
+ * @param s The s component
+ * @param msgHash The message hash
+ * @returns The 65-byte signature with v=27 (tries 27 first, then 28)
+ */
+export declare function recoverSignatureWithoutPubkey(r: string, s: string, msgHash: string): string;
+/**
+ * Recover a 65-byte signature by checking which v-value recovers to a known validator address.
+ *
+ * @param r The r component
+ * @param s The s component
+ * @param msgHash The message hash
+ * @param validatorAddresses Set of known validator addresses (lowercase)
+ * @returns Object with signature and recovered address, or null if no validator match
+ */
+export declare function recoverSignatureWithValidators(r: string, s: string, msgHash: string, validatorAddresses: Set<string>): {
+    signature: string;
+    recoveredAddress: string;
+} | null;
+/**
+ * Decompress a compressed secp256k1 public key (33 bytes) to uncompressed format.
+ * Compressed format: 02/03 prefix + 32-byte x coordinate
+ * Uncompressed format: 04 prefix + 32-byte x + 32-byte y
+ *
+ * @param compressedPubKey The compressed public key (66 hex chars with 02/03 prefix)
+ * @returns The uncompressed public key (130 hex chars with 04 prefix)
+ */
+export declare function decompressPublicKey(compressedPubKey: string): string;
+/**
+ * Extract aggregated 65-byte signatures using validator public keys for v-value recovery.
+ * Committee format: Array of [index, compressed_public_key] tuples
+ *
+ * @param receipt The Pod transaction receipt
+ * @param validators Array of [index, compressedPubKey] tuples from pod_getCommittee
+ * @param msgHash Optional override for the message hash
+ * @returns Concatenated 65-byte signatures (r || s || v for each signature)
+ */
+export declare function extractAggregatedSignaturesWithValidators(receipt: PodTransactionReceipt, validators: [number, string][], msgHash?: string): string;
+/**
+ * Extract signature info from Pod receipt for debugging/verification.
+ *
+ * @param receipt The Pod transaction receipt
+ * @param msgHash Optional override for the message hash
+ * @returns Array of signature info with recovered 65-byte signatures
+ */
+export declare function extractSignatureInfo(receipt: PodTransactionReceipt, msgHash?: string): Array<{
+    index: number;
+    derSignature: string;
+    r: string;
+    s: string;
+    signature65: string;
+}>;