@tapforce/pod-bridge-sdk 1.2.1 → 1.2.2

package/dist/index.d.ts

@@ -2,5 +2,5 @@ export { PodToSourceChainActionClient } from './clients/action/pod-to-source-cha
 export { SourceChainToPodActionClient } from './clients/action/source-chain-to-pod-client';
 export { PodBridgeTrackerClient } from './clients/tracker/client';
 export { BRIDGE_ABI, POD_BRIDGE_ABI, SOURCE_CHAIN_BRIDGE_ABI, } from './libs/abi/bridge.abi';
-export { recoverSignature65B, recoverAggregatedSignatures65B, computeDepositTxHash, extractAggregatedSignatures, extractAttestationInfo, addressFromPublicKey, } from './libs/helpers/signature-recovery.helper';
+export { recoverSignature65B, recoverAggregatedSignatures65B, computeDepositTxHash, extractAggregatedSignatures, extractSignatureInfo, addressFromPublicKey, parseDerSignature, recoverSignatureWithoutPubkey, } from './libs/helpers/signature-recovery.helper';
 export { PodBridgeConfig, BridgeRequest, BridgeRequestWithType, BridgeChain, DepositType, UnsignedTransaction, ClaimProofData, PodBridgeActionsClientConfig, PodBridgeChainConfig, } from './libs/types/pod-bridge.types';

package/dist/index.js

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.DepositType = exports.BridgeChain = exports.addressFromPublicKey = exports.extractAttestationInfo = exports.extractAggregatedSignatures = exports.computeDepositTxHash = exports.recoverAggregatedSignatures65B = exports.recoverSignature65B = exports.SOURCE_CHAIN_BRIDGE_ABI = exports.POD_BRIDGE_ABI = exports.BRIDGE_ABI = exports.PodBridgeTrackerClient = exports.SourceChainToPodActionClient = exports.PodToSourceChainActionClient = void 0;
+exports.DepositType = exports.BridgeChain = exports.recoverSignatureWithoutPubkey = exports.parseDerSignature = exports.addressFromPublicKey = exports.extractSignatureInfo = exports.extractAggregatedSignatures = exports.computeDepositTxHash = exports.recoverAggregatedSignatures65B = exports.recoverSignature65B = exports.SOURCE_CHAIN_BRIDGE_ABI = exports.POD_BRIDGE_ABI = exports.BRIDGE_ABI = exports.PodBridgeTrackerClient = exports.SourceChainToPodActionClient = exports.PodToSourceChainActionClient = void 0;
 var pod_to_source_chain_client_1 = require("./clients/action/pod-to-source-chain-client");
 Object.defineProperty(exports, "PodToSourceChainActionClient", { enumerable: true, get: function () { return pod_to_source_chain_client_1.PodToSourceChainActionClient; } });
 var source_chain_to_pod_client_1 = require("./clients/action/source-chain-to-pod-client");
@@ -16,8 +16,10 @@ Object.defineProperty(exports, "recoverSignature65B", { enumerable: true, get: f
 Object.defineProperty(exports, "recoverAggregatedSignatures65B", { enumerable: true, get: function () { return signature_recovery_helper_1.recoverAggregatedSignatures65B; } });
 Object.defineProperty(exports, "computeDepositTxHash", { enumerable: true, get: function () { return signature_recovery_helper_1.computeDepositTxHash; } });
 Object.defineProperty(exports, "extractAggregatedSignatures", { enumerable: true, get: function () { return signature_recovery_helper_1.extractAggregatedSignatures; } });
-Object.defineProperty(exports, "extractAttestationInfo", { enumerable: true, get: function () { return signature_recovery_helper_1.extractAttestationInfo; } });
+Object.defineProperty(exports, "extractSignatureInfo", { enumerable: true, get: function () { return signature_recovery_helper_1.extractSignatureInfo; } });
 Object.defineProperty(exports, "addressFromPublicKey", { enumerable: true, get: function () { return signature_recovery_helper_1.addressFromPublicKey; } });
+Object.defineProperty(exports, "parseDerSignature", { enumerable: true, get: function () { return signature_recovery_helper_1.parseDerSignature; } });
+Object.defineProperty(exports, "recoverSignatureWithoutPubkey", { enumerable: true, get: function () { return signature_recovery_helper_1.recoverSignatureWithoutPubkey; } });
 var pod_bridge_types_1 = require("./libs/types/pod-bridge.types");
 Object.defineProperty(exports, "BridgeChain", { enumerable: true, get: function () { return pod_bridge_types_1.BridgeChain; } });
 Object.defineProperty(exports, "DepositType", { enumerable: true, get: function () { return pod_bridge_types_1.DepositType; } });

package/dist/libs/helpers/signature-recovery.helper.d.ts

@@ -1,4 +1,27 @@
 import { PodTransactionReceipt } from '../pod-sdk/src/types/responses';
+/**
+ * Parse a DER-encoded ECDSA signature to extract r and s components.
+ *
+ * DER format:
+ * 0x30 [total-length] 0x02 [r-length] [r] 0x02 [s-length] [s]
+ *
+ * Example: 3044022020749ca9...0220292484ed...
+ * - 30 = SEQUENCE tag
+ * - 44 = total length (68 bytes)
+ * - 02 = INTEGER tag for r
+ * - 20 = r length (32 bytes)
+ * - [32 bytes of r]
+ * - 02 = INTEGER tag for s
+ * - 20 = s length (32 bytes)
+ * - [32 bytes of s]
+ *
+ * @param derSignature The DER-encoded signature as hex string
+ * @returns Object with r and s as 32-byte hex strings (0x prefixed)
+ */
+export declare function parseDerSignature(derSignature: string): {
+    r: string;
+    s: string;
+};
 /**
  * Derive Ethereum address from a public key.
  *
@@ -65,27 +88,74 @@ export declare function recoverAggregatedSignatures65B(aggregatedSig64: string |
  */
 export declare function computeDepositTxHash(domainSeparator: string, bridgeContract: string, token: string, amount: bigint | string, to: string, proof: string): string;
 /**
- * Extract aggregated 65-byte signatures from Pod transaction receipt attestations.
+ * Extract aggregated 65-byte signatures from Pod transaction receipt.
  *
- * Exactly matches the Rust implementation - recovers the v (parity bit) by trying
- * both recovery IDs and checking which one recovers to the correct public key.
+ * Receipt format:
+ * - attested_tx.hash: The transaction hash that was signed
+ * - signatures: Object with numeric keys containing DER-encoded signatures
  *
  * @param receipt The Pod transaction receipt
- * @param msgHash The message hash that validators signed (transaction hash)
- * @returns Concatenated 65-byte signatures (r || s || v for each attestation)
+ * @param msgHash Optional override for the message hash (defaults to attested_tx.hash)
+ * @param committeePublicKeys Optional array of validator public keys for v-value recovery
+ * @returns Concatenated 65-byte signatures (r || s || v for each signature)
  */
-export declare function extractAggregatedSignatures(receipt: PodTransactionReceipt, msgHash?: string): string;
+export declare function extractAggregatedSignatures(receipt: PodTransactionReceipt, msgHash?: string, committeePublicKeys?: string[]): string;
 /**
- * Extract attestation data from Pod receipt for debugging/verification.
- * Uses recoverSignature65B to properly recover v value.
+ * Recover a 65-byte signature without knowing the public key.
+ * Tries both v values (27 and 28) and returns the first valid recovery.
  *
- * @param receipt The Pod transaction receipt
- * @param msgHash The message hash that validators signed
- * @returns Array of attestation info with public keys and recovered signatures
+ * WARNING: This is less secure as we can't verify the signer.
+ * Use recoverSignature65B with public key when possible.
+ *
+ * @param r The r component
+ * @param s The s component
+ * @param msgHash The message hash
+ * @returns The 65-byte signature with v=27 (tries 27 first, then 28)
  */
-export declare function extractAttestationInfo(receipt: PodTransactionReceipt, msgHash?: string): Array<{
-    publicKey: string;
-    address: string;
+export declare function recoverSignatureWithoutPubkey(r: string, s: string, msgHash: string): string;
+/**
+ * Recover a 65-byte signature by checking which v-value recovers to a known validator address.
+ *
+ * @param r The r component
+ * @param s The s component
+ * @param msgHash The message hash
+ * @param validatorAddresses Set of known validator addresses (lowercase)
+ * @returns Object with signature and recovered address, or null if no validator match
+ */
+export declare function recoverSignatureWithValidators(r: string, s: string, msgHash: string, validatorAddresses: Set<string>): {
     signature: string;
-    timestamp: number;
+    recoveredAddress: string;
+} | null;
+/**
+ * Decompress a compressed secp256k1 public key (33 bytes) to uncompressed format.
+ * Compressed format: 02/03 prefix + 32-byte x coordinate
+ * Uncompressed format: 04 prefix + 32-byte x + 32-byte y
+ *
+ * @param compressedPubKey The compressed public key (66 hex chars with 02/03 prefix)
+ * @returns The uncompressed public key (130 hex chars with 04 prefix)
+ */
+export declare function decompressPublicKey(compressedPubKey: string): string;
+/**
+ * Extract aggregated 65-byte signatures using validator public keys for v-value recovery.
+ * Committee format: Array of [index, compressed_public_key] tuples
+ *
+ * @param receipt The Pod transaction receipt
+ * @param validators Array of [index, compressedPubKey] tuples from pod_getCommittee
+ * @param msgHash Optional override for the message hash
+ * @returns Concatenated 65-byte signatures (r || s || v for each signature)
+ */
+export declare function extractAggregatedSignaturesWithValidators(receipt: PodTransactionReceipt, validators: [number, string][], msgHash?: string): string;
+/**
+ * Extract signature info from Pod receipt for debugging/verification.
+ *
+ * @param receipt The Pod transaction receipt
+ * @param msgHash Optional override for the message hash
+ * @returns Array of signature info with recovered 65-byte signatures
+ */
+export declare function extractSignatureInfo(receipt: PodTransactionReceipt, msgHash?: string): Array<{
+    index: number;
+    derSignature: string;
+    r: string;
+    s: string;
+    signature65: string;
 }>;

package/dist/libs/helpers/signature-recovery.helper.js

@@ -1,12 +1,78 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
+exports.parseDerSignature = parseDerSignature;
 exports.addressFromPublicKey = addressFromPublicKey;
 exports.recoverSignature65B = recoverSignature65B;
 exports.recoverAggregatedSignatures65B = recoverAggregatedSignatures65B;
 exports.computeDepositTxHash = computeDepositTxHash;
 exports.extractAggregatedSignatures = extractAggregatedSignatures;
-exports.extractAttestationInfo = extractAttestationInfo;
+exports.recoverSignatureWithoutPubkey = recoverSignatureWithoutPubkey;
+exports.recoverSignatureWithValidators = recoverSignatureWithValidators;
+exports.decompressPublicKey = decompressPublicKey;
+exports.extractAggregatedSignaturesWithValidators = extractAggregatedSignaturesWithValidators;
+exports.extractSignatureInfo = extractSignatureInfo;
 const ethers_1 = require("ethers");
+/**
+ * Parse a DER-encoded ECDSA signature to extract r and s components.
+ *
+ * DER format:
+ * 0x30 [total-length] 0x02 [r-length] [r] 0x02 [s-length] [s]
+ *
+ * Example: 3044022020749ca9...0220292484ed...
+ * - 30 = SEQUENCE tag
+ * - 44 = total length (68 bytes)
+ * - 02 = INTEGER tag for r
+ * - 20 = r length (32 bytes)
+ * - [32 bytes of r]
+ * - 02 = INTEGER tag for s
+ * - 20 = s length (32 bytes)
+ * - [32 bytes of s]
+ *
+ * @param derSignature The DER-encoded signature as hex string
+ * @returns Object with r and s as 32-byte hex strings (0x prefixed)
+ */
+function parseDerSignature(derSignature) {
+    const hex = derSignature.replace('0x', '');
+    const bytes = Uint8Array.from(Buffer.from(hex, 'hex'));
+    let offset = 0;
+    // Check SEQUENCE tag (0x30)
+    if (bytes[offset++] !== 0x30) {
+        throw new Error('Invalid DER signature: expected SEQUENCE tag (0x30)');
+    }
+    // Skip total length
+    const totalLength = bytes[offset++];
+    if (totalLength > 127) {
+        // Long form length (shouldn't happen for ECDSA sigs)
+        throw new Error('Invalid DER signature: unexpected long form length');
+    }
+    // Parse r
+    if (bytes[offset++] !== 0x02) {
+        throw new Error('Invalid DER signature: expected INTEGER tag (0x02) for r');
+    }
+    let rLength = bytes[offset++];
+    let rStart = offset;
+    offset += rLength;
+    // Parse s
+    if (bytes[offset++] !== 0x02) {
+        throw new Error('Invalid DER signature: expected INTEGER tag (0x02) for s');
+    }
+    let sLength = bytes[offset++];
+    let sStart = offset;
+    // Extract r and s, handling potential leading zero padding
+    let rBytes = bytes.slice(rStart, rStart + rLength);
+    let sBytes = bytes.slice(sStart, sStart + sLength);
+    // Remove leading zero if present (DER adds 0x00 prefix for values with high bit set)
+    if (rBytes.length === 33 && rBytes[0] === 0) {
+        rBytes = rBytes.slice(1);
+    }
+    if (sBytes.length === 33 && sBytes[0] === 0) {
+        sBytes = sBytes.slice(1);
+    }
+    // Pad to 32 bytes if necessary
+    const r = Buffer.from(rBytes).toString('hex').padStart(64, '0');
+    const s = Buffer.from(sBytes).toString('hex').padStart(64, '0');
+    return { r: '0x' + r, s: '0x' + s };
+}
 /**
  * Derive Ethereum address from a public key.
  *
@@ -148,71 +214,234 @@ function computeDepositTxHash(domainSeparator, bridgeContract, token, amount, to
     // Compute dataHash = keccak256(selector || token || amount || to)
     const dataHash = solidityPackedKeccak256(['bytes4', 'address', 'uint256', 'address'], [DEPOSIT_SELECTOR, token, amount, to]);
     // Compute final hash = keccak256(domainSeparator || bridgeContract || dataHash || proof)
-    const txHash = (0, ethers_1.keccak256)(abiCoder.encode(['bytes32', 'address', 'bytes32', 'bytes'], [domainSeparator, bridgeContract, dataHash, proof]));
-    return txHash;
+    return (0, ethers_1.keccak256)(abiCoder.encode(['bytes32', 'address', 'bytes32', 'bytes'], [domainSeparator, bridgeContract, dataHash, proof]));
 }
 /**
- * Extract aggregated 65-byte signatures from Pod transaction receipt attestations.
+ * Extract aggregated 65-byte signatures from Pod transaction receipt.
  *
- * Exactly matches the Rust implementation - recovers the v (parity bit) by trying
- * both recovery IDs and checking which one recovers to the correct public key.
+ * Receipt format:
+ * - attested_tx.hash: The transaction hash that was signed
+ * - signatures: Object with numeric keys containing DER-encoded signatures
  *
  * @param receipt The Pod transaction receipt
- * @param msgHash The message hash that validators signed (transaction hash)
- * @returns Concatenated 65-byte signatures (r || s || v for each attestation)
+ * @param msgHash Optional override for the message hash (defaults to attested_tx.hash)
+ * @param committeePublicKeys Optional array of validator public keys for v-value recovery
+ * @returns Concatenated 65-byte signatures (r || s || v for each signature)
  */
-function extractAggregatedSignatures(receipt, msgHash) {
-    const attestations = receipt.pod_metadata?.attestations;
-    if (!attestations || attestations.length === 0) {
-        throw new Error('No attestations found in receipt');
+function extractAggregatedSignatures(receipt, msgHash, committeePublicKeys) {
+    // Use attested_tx.hash as the message that was signed
+    const hashToSign = msgHash || receipt.attested_tx.hash;
+    // Get signatures in order (0, 1, 2, ...)
+    const sigKeys = Object.keys(receipt.signatures).sort((a, b) => parseInt(a) - parseInt(b));
+    if (sigKeys.length === 0) {
+        throw new Error('No signatures found in receipt');
     }
-    // Use provided msgHash or fall back to transaction hash
-    const hashToSign = msgHash || receipt.transactionHash;
     const signatures = [];
-    for (const attestation of attestations) {
-        const { r, s } = attestation.signature;
-        const publicKey = attestation.public_key;
-        // Use recoverSignature65B to find correct v value - exactly like Rust code
-        const sig65 = recoverSignature65B(r, s, hashToSign, publicKey);
-        if (!sig65) {
-            throw new Error(`Failed to recover signature for public key ${publicKey}`);
+    for (let i = 0; i < sigKeys.length; i++) {
+        const derSig = receipt.signatures[sigKeys[i]];
+        const { r, s } = parseDerSignature(derSig);
+        if (committeePublicKeys && committeePublicKeys[i]) {
+            // Use public key to recover correct v value
+            const sig65 = recoverSignature65B(r, s, hashToSign, committeePublicKeys[i]);
+            if (!sig65) {
+                throw new Error(`Failed to recover signature ${i} for public key ${committeePublicKeys[i]}`);
+            }
+            signatures.push(sig65.replace('0x', ''));
+        }
+        else {
+            // No public key available - try both v values and use the first valid one
+            const sig65 = recoverSignatureWithoutPubkey(r, s, hashToSign);
+            signatures.push(sig65.replace('0x', ''));
         }
-        signatures.push(sig65.replace('0x', ''));
     }
     return '0x' + signatures.join('');
 }
 /**
- * Extract attestation data from Pod receipt for debugging/verification.
- * Uses recoverSignature65B to properly recover v value.
+ * Recover a 65-byte signature without knowing the public key.
+ * Tries both v values (27 and 28) and returns the first valid recovery.
+ *
+ * WARNING: This is less secure as we can't verify the signer.
+ * Use recoverSignature65B with public key when possible.
+ *
+ * @param r The r component
+ * @param s The s component
+ * @param msgHash The message hash
+ * @returns The 65-byte signature with v=27 (tries 27 first, then 28)
+ */
+function recoverSignatureWithoutPubkey(r, s, msgHash) {
+    const rHex = r.replace('0x', '').padStart(64, '0');
+    const sHex = s.replace('0x', '').padStart(64, '0');
+    // Try v=27 first, then v=28
+    for (const v of [27, 28]) {
+        try {
+            const signature = { r: '0x' + rHex, s: '0x' + sHex, v };
+            const recoveredAddress = (0, ethers_1.recoverAddress)(msgHash, signature);
+            // If recovery succeeds, use this v value
+            if (recoveredAddress) {
+                const vHex = v.toString(16).padStart(2, '0');
+                return '0x' + rHex + sHex + vHex;
+            }
+        }
+        catch (e) {
+            continue;
+        }
+    }
+    // Default to v=27 if both fail
+    return '0x' + rHex + sHex + '1b';
+}
+/**
+ * Recover a 65-byte signature by checking which v-value recovers to a known validator address.
+ *
+ * @param r The r component
+ * @param s The s component
+ * @param msgHash The message hash
+ * @param validatorAddresses Set of known validator addresses (lowercase)
+ * @returns Object with signature and recovered address, or null if no validator match
+ */
+function recoverSignatureWithValidators(r, s, msgHash, validatorAddresses) {
+    const rHex = r.replace('0x', '').padStart(64, '0');
+    const sHex = s.replace('0x', '').padStart(64, '0');
+    // Try both v values and check if recovered address is a known validator
+    for (const v of [27, 28]) {
+        try {
+            const signature = { r: '0x' + rHex, s: '0x' + sHex, v };
+            const recoveredAddress = (0, ethers_1.recoverAddress)(msgHash, signature);
+            if (recoveredAddress && validatorAddresses.has(recoveredAddress.toLowerCase())) {
+                const vHex = v.toString(16).padStart(2, '0');
+                return {
+                    signature: '0x' + rHex + sHex + vHex,
+                    recoveredAddress: recoveredAddress.toLowerCase()
+                };
+            }
+        }
+        catch (e) {
+            continue;
+        }
+    }
+    return null;
+}
+/**
+ * Decompress a compressed secp256k1 public key (33 bytes) to uncompressed format.
+ * Compressed format: 02/03 prefix + 32-byte x coordinate
+ * Uncompressed format: 04 prefix + 32-byte x + 32-byte y
+ *
+ * @param compressedPubKey The compressed public key (66 hex chars with 02/03 prefix)
+ * @returns The uncompressed public key (130 hex chars with 04 prefix)
+ */
+function decompressPublicKey(compressedPubKey) {
+    const hex = compressedPubKey.replace('0x', '');
+    if (hex.length !== 66) {
+        throw new Error(`Invalid compressed public key length: ${hex.length}. Expected 66 hex chars.`);
+    }
+    const prefix = hex.slice(0, 2);
+    if (prefix !== '02' && prefix !== '03') {
+        throw new Error(`Invalid compressed public key prefix: ${prefix}. Expected 02 or 03.`);
+    }
+    // secp256k1 curve parameters
+    const p = BigInt('0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F');
+    const x = BigInt('0x' + hex.slice(2));
+    // y² = x³ + 7 (mod p)
+    const ySquared = (x ** 3n + 7n) % p;
+    // Calculate modular square root using Tonelli-Shanks for p ≡ 3 (mod 4)
+    // y = ySquared^((p+1)/4) mod p
+    const y = modPow(ySquared, (p + 1n) / 4n, p);
+    // Check if we need to negate y based on the prefix
+    const isYEven = y % 2n === 0n;
+    const needsEvenY = prefix === '02';
+    const finalY = isYEven === needsEvenY ? y : p - y;
+    // Convert to hex, pad to 64 chars
+    const xHex = x.toString(16).padStart(64, '0');
+    const yHex = finalY.toString(16).padStart(64, '0');
+    return '04' + xHex + yHex;
+}
+/**
+ * Modular exponentiation: base^exp mod mod
+ */
+function modPow(base, exp, mod) {
+    let result = 1n;
+    base = base % mod;
+    while (exp > 0n) {
+        if (exp % 2n === 1n) {
+            result = (result * base) % mod;
+        }
+        exp = exp / 2n;
+        base = (base * base) % mod;
+    }
+    return result;
+}
+/**
+ * Extract aggregated 65-byte signatures using validator public keys for v-value recovery.
+ * Committee format: Array of [index, compressed_public_key] tuples
  *
  * @param receipt The Pod transaction receipt
- * @param msgHash The message hash that validators signed
- * @returns Array of attestation info with public keys and recovered signatures
+ * @param validators Array of [index, compressedPubKey] tuples from pod_getCommittee
+ * @param msgHash Optional override for the message hash
+ * @returns Concatenated 65-byte signatures (r || s || v for each signature)
  */
-function extractAttestationInfo(receipt, msgHash) {
-    const attestations = receipt.pod_metadata?.attestations;
-    if (!attestations || attestations.length === 0) {
-        return [];
-    }
-    const hashToSign = msgHash || receipt.transactionHash;
-    return attestations.map(att => {
-        const { r, s } = att.signature;
-        const publicKey = att.public_key;
-        // Recover signature with correct v value
-        const sig65 = recoverSignature65B(r, s, hashToSign, publicKey);
-        // Derive address from public key
-        let address = '';
+function extractAggregatedSignaturesWithValidators(receipt, validators, msgHash) {
+    const hashToSign = msgHash || receipt.attested_tx.hash;
+    // Convert compressed public keys to addresses
+    const validatorAddresses = new Map();
+    for (const [index, compressedPubKey] of validators) {
         try {
-            address = addressFromPublicKey(publicKey);
+            const uncompressed = decompressPublicKey(compressedPubKey);
+            const address = addressFromPublicKey(uncompressed);
+            validatorAddresses.set(index, address.toLowerCase());
         }
         catch (e) {
-            // Ignore
+            console.warn(`Failed to decompress public key for validator ${index}:`, e);
+        }
+    }
+    console.log('Validator addresses:', Object.fromEntries(validatorAddresses));
+    // Create a set of all validator addresses for lookup
+    const validatorSet = new Set(validatorAddresses.values());
+    // Get signatures in order (0, 1, 2, ...)
+    const sigKeys = Object.keys(receipt.signatures).sort((a, b) => parseInt(a) - parseInt(b));
+    if (sigKeys.length === 0) {
+        throw new Error('No signatures found in receipt');
+    }
+    const signatures = [];
+    const recoveredValidators = [];
+    for (let i = 0; i < sigKeys.length; i++) {
+        const sigIndex = parseInt(sigKeys[i]);
+        const derSig = receipt.signatures[sigKeys[i]];
+        const { r, s } = parseDerSignature(derSig);
+        // Try to recover with validator address verification
+        const result = recoverSignatureWithValidators(r, s, hashToSign, validatorSet);
+        if (result) {
+            signatures.push(result.signature.replace('0x', ''));
+            recoveredValidators.push(result.recoveredAddress);
+        }
+        else {
+            // Fallback to without validator check (will likely fail on contract)
+            console.warn(`Signature ${sigIndex}: Could not match to any validator address`);
+            const sig65 = recoverSignatureWithoutPubkey(r, s, hashToSign);
+            signatures.push(sig65.replace('0x', ''));
         }
+    }
+    console.log('Recovered validators:', recoveredValidators);
+    return '0x' + signatures.join('');
+}
+/**
+ * Extract signature info from Pod receipt for debugging/verification.
+ *
+ * @param receipt The Pod transaction receipt
+ * @param msgHash Optional override for the message hash
+ * @returns Array of signature info with recovered 65-byte signatures
+ */
+function extractSignatureInfo(receipt, msgHash) {
+    const hashToSign = msgHash || receipt.attested_tx.hash;
+    const sigKeys = Object.keys(receipt.signatures).sort((a, b) => parseInt(a) - parseInt(b));
+    return sigKeys.map((key, index) => {
+        const derSig = receipt.signatures[key];
+        const { r, s } = parseDerSignature(derSig);
+        const sig65 = recoverSignatureWithoutPubkey(r, s, hashToSign);
         return {
-            publicKey,
-            address,
-            signature: sig65 || 'recovery_failed',
-            timestamp: att.timestamp
+            index,
+            derSignature: derSig,
+            r,
+            s,
+            signature65: sig65
         };
     });
 }

package/dist/libs/pod-sdk/src/provider/provider-builder.js

@@ -30,14 +30,17 @@ class PodProvider extends ethers_1.ethers.JsonRpcProvider {
         if (!rawReceipt) {
             return null;
         }
-        // Store pod_metadata before ethers formatting
-        const podMetadata = rawReceipt.pod_metadata;
+        const attestedTx = rawReceipt.attested_tx;
+        const signatures = rawReceipt.signatures;
         // Use ethers' internal formatter
         const ethersReceipt = this._wrapTransactionReceipt(rawReceipt, await this.getNetwork());
         // Attach pod_metadata to the formatted receipt
         const podReceipt = ethersReceipt;
-        if (podMetadata) {
-            podReceipt.pod_metadata = podMetadata;
+        if (attestedTx) {
+            podReceipt.attested_tx = attestedTx;
+        }
+        if (signatures) {
+            podReceipt.signatures = signatures;
         }
         return podReceipt;
     }
@@ -51,14 +54,17 @@ class PodProvider extends ethers_1.ethers.JsonRpcProvider {
         if (!rawTx) {
             return null;
         }
-        // Store pod_metadata before ethers formatting
-        const podMetadata = rawTx.pod_metadata;
+        const attestedTx = rawTx.attested_tx;
+        const signatures = rawTx.signatures;
         // Use ethers' internal formatter
         const ethersTx = this._wrapTransactionResponse(rawTx, await this.getNetwork());
         // Attach pod_metadata to the formatted transaction
         const podTx = ethersTx;
-        if (podMetadata) {
-            podTx.pod_metadata = podMetadata;
+        if (attestedTx) {
+            podTx.attested_tx = attestedTx;
+        }
+        if (signatures) {
+            podTx.signatures = signatures;
         }
         return podTx;
     }

package/dist/libs/pod-sdk/src/types/responses.d.ts

@@ -23,7 +23,11 @@ export interface PodTransactionReceipt {
     transactionHash: string;
     transactionIndex: string;
     type: string;
-    pod_metadata: PodTransactionMetadata;
+    attested_tx: {
+        hash: string;
+        committee_epoch: number;
+    };
+    signatures: Record<string, string>;
 }
 export interface PodTransactionLog {
     address: string;
@@ -36,38 +40,6 @@ export interface PodTransactionLog {
     transactionHash: string;
     transactionIndex: string;
 }
-export interface PodTransactionMetadata {
-    attestations: PodAttestationData[];
-    transaction: {
-        signature: {
-            r: string;
-            s: string;
-            v: string;
-            yParity: string;
-        };
-        signed: {
-            to: string | null;
-            value: string;
-            nonce: number;
-            access_list: ethers.AccessList;
-            chain_id?: number | null;
-            gas_limit: number;
-            input: string;
-            max_fee_per_gas: number;
-            max_priority_fee_per_gas: number;
-        };
-    };
-}
-export interface PodAttestationData {
-    public_key: string;
-    signature: {
-        r: string;
-        s: string;
-        v: string;
-        yParity: string;
-    };
-    timestamp: number;
-}
 export interface PodMetrics {
     gas_price: number;
     latency: number;
@@ -75,11 +47,16 @@ export interface PodMetrics {
     validator_uptime: number;
 }
 export interface PodTransactionResponse extends ethers.TransactionResponse {
-    pod_metadata?: PodTransactionMetadata;
+    attested_tx?: {
+        hash: string;
+        committee_epoch: number;
+    };
+    signatures?: Record<string, string>;
 }
 export interface PodTransactionReceiptResponse extends ethers.TransactionReceipt {
-    pod_metadata: PodTransactionMetadata & {
-        attestations: PodAttestationData[];
-        receipt_attestations: PodAttestationData[];
+    attested_tx: {
+        hash: string;
+        committee_epoch: number;
     };
+    signatures: Record<string, string>;
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@tapforce/pod-bridge-sdk",
-  "version": "1.2.1",
+  "version": "1.2.2",
   "description": "SDK for interacting with Bridges between pod and other chains",
   "keywords": [
     "pod",