npm - @tatchi-xyz/sdk - Versions diffs - 0.20.0 → 0.31.0 - Mend

@tatchi-xyz/sdk 0.20.0 → 0.31.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2491) hide show

package/dist/cjs/server/sdk/src/core/NearClient.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"NearClient.js","names":["base64Encode","txPayload: EncodableSignedTx","isFunction","errorMessage","lastError: unknown","NearRpcError","base64Decode","DEFAULT_WAIT_STATUS","err: unknown","params: Record<string, unknown>","fullAccessKeys: FullAccessKey[]","functionCallAccessKeys: FunctionCallAccessKey[]"],"sources":["../../../../../../src/core/NearClient.ts"],"sourcesContent":["/*\n Minimal NEAR RPC client that replaces @near-js/providers\n * Only includes the methods actually used by TatchiPasskey\n \n If needed, we can just wrap @near-js if we require more complex\n * functionality and type definitions\n /\n\nimport type {\n FinalExecutionOutcome,\n QueryResponseKind,\n TxExecutionStatus,\n AccessKeyView,\n AccessKeyInfoView,\n AccessKeyList,\n FunctionCallPermissionView,\n AccountView,\n BlockResult,\n BlockReference,\n RpcQueryRequest,\n FinalityReference,\n} from \"@near-js/types\";\nimport { base64Encode, base64Decode } from \"../utils\";\nimport { errorMessage } from \"../utils/errors\";\nimport { NearRpcError } from \"./NearRpcError\";\nimport { DEFAULT_WAIT_STATUS, RpcResponse } from \"./types/rpc\";\nimport { isFunction } from './WalletIframe/validation';\nimport {\n WasmTransaction,\n WasmSignature,\n} from \"../wasm_signer_worker/pkg/wasm_signer_worker.js\";\n\n// re-export near-js types\nexport type { AccessKeyList } from \"@near-js/types\";\n\nexport interface ViewAccountParams {\n account: string;\n block_id?: string;\n}\n\nexport type FullAccessKey = Omit<AccessKeyInfoView, 'access_key'>\n & { access_key: Omit<AccessKeyView, 'permission'> & { permission: 'FullAccess' } }\n\nexport type FunctionCallAccessKey = Omit<AccessKeyInfoView, 'access_key'>\n & { access_key: Omit<AccessKeyView, 'permission'> & { permission: FunctionCallPermissionView } }\n\nexport interface ContractResult<T> extends QueryResponseKind {\n result?: T \| string \| number;\n logs: string[];\n}\n\nexport enum RpcCallType {\n Query = \"query\",\n View = \"view\",\n Send = \"send_tx\",\n Block = \"block\",\n Call = \"call_function\",\n}\n\nexport class SignedTransaction {\n transaction: WasmTransaction;\n signature: WasmSignature;\n borsh_bytes: number[];\n\n constructor(data: {\n transaction: WasmTransaction;\n signature: WasmSignature;\n borsh_bytes: number[]\n }) {\n this.transaction = data.transaction;\n this.signature = data.signature;\n this.borsh_bytes = data.borsh_bytes;\n }\n\n static fromPlain(input: { transaction: unknown; signature: unknown; borsh_bytes: number[] }): SignedTransaction {\n return new SignedTransaction({\n transaction: input.transaction as WasmTransaction,\n signature: input.signature as WasmSignature,\n borsh_bytes: input.borsh_bytes,\n });\n }\n\n encode(): ArrayBuffer {\n // If borsh_bytes are already available, use them\n return (new Uint8Array(this.borsh_bytes)).buffer;\n }\n\n base64Encode(): string {\n return base64Encode(this.encode());\n }\n\n static decode(bytes: Uint8Array): SignedTransaction {\n // This would need borsh deserialization\n throw new Error('SignedTransaction.decode(): borsh deserialization not implemented');\n }\n}\n\n/\n Serialize a signed transaction-like object to base64.\n * Accepts either our SignedTransaction instance or a plain object\n * with borsh bytes (borsh_bytes \| borshBytes) from cross-origin RPC.\n \n Implementation notes / pitfalls:\n * - We always bind `this` correctly when calling .base64Encode() / .encode()\n * so methods defined on SignedTransaction can safely call this.encode().\n * - The underlying base64Encode() helper is implemented to avoid spreading large\n * Uint8Arrays into String.fromCharCode(...), which can overflow the JS call\n * stack for big WASM binaries or large transactions.\n * - As a fallback, we accept raw borsh bytes in multiple shapes to keep the\n * serializer resilient to different runtimes (plain objects, typed arrays, etc.).\n /\nexport type EncodableSignedTx =\n \| SignedTransaction\n \| {\n // Borsh bytes in various shapes from different runtimes\n borsh_bytes?: unknown;\n borshBytes?: unknown;\n // Optional helper methods from some callers\n encode?: () => ArrayBuffer;\n base64Encode?: () => string;\n };\n\nexport function toArrayBufferFromUnknownBytes(\n bytes: unknown\n): ArrayBuffer \| SharedArrayBuffer \| null {\n if (!bytes) return null;\n\n // Plain number[]\n if (Array.isArray(bytes)) {\n return new Uint8Array(bytes as number[]).buffer;\n }\n\n // Typed arrays / DataView\n if (ArrayBuffer.isView(bytes)) {\n const view = bytes as ArrayBufferView;\n return view.buffer.slice(view.byteOffset, view.byteOffset + view.byteLength);\n }\n\n // Raw ArrayBuffer\n if (bytes instanceof ArrayBuffer) {\n return bytes;\n }\n\n return null;\n}\n\nexport function encodeSignedTransactionBase64(signed: EncodableSignedTx): string {\n // Some call sites wrap the actual SignedTransaction in a { signedTransaction } envelope.\n // Normalize that here so the rest of the function always works with a concrete tx-like object.\n const maybeSigned = (signed as any)?.signedTransaction;\n const txPayload: EncodableSignedTx =\n maybeSigned && typeof maybeSigned === 'object'\n ? (maybeSigned as EncodableSignedTx)\n : signed;\n\n // 1) If the payload exposes a .base64Encode() helper (our SignedTransaction class),\n // use it directly. Bind `this` so the method can safely call this.encode().\n const maybeBase64 = (txPayload as { base64Encode?: unknown }).base64Encode;\n if (isFunction(maybeBase64)) {\n return (maybeBase64 as () => string).call(txPayload);\n }\n\n // 2) Otherwise, fall back to a generic encode() → ArrayBuffer method if present.\n const maybeEncode = (txPayload as { encode?: unknown }).encode;\n if (isFunction(maybeEncode)) {\n const buf = (maybeEncode as () => ArrayBuffer).call(txPayload);\n return base64Encode(buf);\n }\n\n // 3) Finally, accept raw borsh bytes in multiple shapes / field names.\n // This keeps the serializer resilient across runtimes that may not\n // hydrate SignedTransaction instances but still provide borsh_bytes/Bytes.\n const snakeBuf = toArrayBufferFromUnknownBytes(\n (txPayload as { borsh_bytes?: unknown }).borsh_bytes\n );\n if (snakeBuf) {\n return base64Encode(snakeBuf);\n }\n\n const camelBuf = toArrayBufferFromUnknownBytes(\n (txPayload as { borshBytes?: unknown }).borshBytes\n );\n if (camelBuf) {\n return base64Encode(camelBuf);\n }\n\n throw new Error('Invalid signed transaction payload: cannot serialize to base64');\n}\n\n/\n MinimalNearClient provides a simplified interface for NEAR protocol interactions\n /\nexport interface NearClient {\n viewAccessKey(accountId: string, publicKey: string, finalityQuery?: FinalityReference): Promise<AccessKeyView>;\n viewAccessKeyList(accountId: string, finalityQuery?: FinalityReference): Promise<AccessKeyList>;\n viewAccount(accountId: string): Promise<AccountView>;\n viewCode(accountId: string, finalityQuery?: FinalityReference): Promise<Uint8Array>;\n viewBlock(params: BlockReference): Promise<BlockResult>;\n sendTransaction(\n signedTransaction: SignedTransaction,\n waitUntil?: TxExecutionStatus\n ): Promise<FinalExecutionOutcome>;\n query<T extends QueryResponseKind>(params: RpcQueryRequest): Promise<T>;\n callFunction<A, T>(\n contractId: string,\n method: string,\n args: A,\n blockQuery?: BlockReference\n ): Promise<T>;\n view<A, T>(params: { account: string; method: string; args: A }): Promise<T>;\n getAccessKeys(params: ViewAccountParams): Promise<{\n fullAccessKeys: FullAccessKey[];\n functionCallAccessKeys: FunctionCallAccessKey[];\n }>;\n}\n\nexport class MinimalNearClient implements NearClient {\n private readonly rpcUrls: string[];\n\n constructor(rpcUrl: string \| string[]) {\n this.rpcUrls = MinimalNearClient.normalizeRpcUrls(rpcUrl);\n }\n\n private static normalizeRpcUrls(input: string \| string[]): string[] {\n const urls = Array.isArray(input)\n ? input\n : input\n .split(/[\\s,]+/)\n .map(url => url.trim())\n .filter(Boolean);\n\n const normalized = urls.map(url => {\n try {\n return new URL(url).toString();\n } catch (err) {\n const message = errorMessage(err) \|\| `Invalid NEAR RPC URL: ${url}`;\n throw new Error(message);\n }\n });\n\n if (!normalized.length) {\n throw new Error('NEAR RPC URL cannot be empty');\n }\n\n return Array.from(new Set(normalized));\n }\n\n // ===========================\n // PRIVATE HELPER FUNCTIONS\n // ===========================\n\n /* Build a JSON-RPC 2.0 POST body (stringified). /\n private buildRequestBody<P>(method: string, params: P): string {\n return JSON.stringify({\n jsonrpc: '2.0',\n id: crypto.randomUUID(),\n method,\n params\n });\n }\n\n /* Perform a single POST to one endpoint and return parsed RpcResponse. /\n private async postOnce(url: string, requestBody: string): Promise<RpcResponse> {\n const response = await fetch(url, {\n method: 'POST',\n headers: { 'Content-Type': 'application/json' },\n body: requestBody\n });\n\n if (!response.ok) {\n throw new Error(`RPC request failed: ${response.status} ${response.statusText}`);\n }\n\n const text = await response.text();\n if (!text?.trim()) {\n throw new Error('Empty response from RPC server');\n }\n\n return JSON.parse(text) as RpcResponse;\n }\n\n /* Try each configured RPC endpoint in order and return the first successful RpcResponse. /\n private async requestWithFallback(requestBody: string): Promise<RpcResponse> {\n let lastError: unknown;\n for (const [index, url] of this.rpcUrls.entries()) {\n try {\n const result = await this.postOnce(url, requestBody);\n if (index > 0) console.warn(`[NearClient] RPC succeeded via fallback: ${url}`);\n return result;\n } catch (err) {\n lastError = err;\n const remaining = index < this.rpcUrls.length - 1;\n console.warn(`[NearClient] RPC call to ${url} failed${remaining ? ', trying next' : ''}: ${errorMessage(err) \|\| 'RPC request failed'}`);\n if (!remaining) throw err instanceof Error ? err : new Error(String(err));\n }\n }\n throw new Error(errorMessage(lastError) \|\| 'RPC request failed');\n }\n\n /* Validate and unwrap RpcResponse into the typed result with rich error forwarding. /\n private unwrapRpcResult<T>(rpc: RpcResponse, operationName: string): T {\n if (rpc.error) {\n throw NearRpcError.fromRpcResponse(operationName, rpc);\n }\n const result = rpc.result as any;\n // Some providers return a wrapped error in `result.error`\n if (result?.error) {\n const msg = typeof result.error === 'string' ? result.error : JSON.stringify(result.error);\n throw new NearRpcError({ message: `${operationName} Error: ${msg}`, short: 'RpcError', type: 'RpcError' });\n }\n return rpc.result as T;\n }\n\n /\n Execute RPC call with proper error handling and result extraction\n /\n private async makeRpcCall<P, T>(\n method: string,\n params: P,\n operationName: string\n ): Promise<T> {\n const requestBody = this.buildRequestBody(method, params);\n const rpc = await this.requestWithFallback(requestBody);\n return this.unwrapRpcResult<T>(rpc, operationName);\n }\n\n // ===========================\n // PUBLIC API METHODS\n // ===========================\n\n async query<T extends QueryResponseKind>(params: RpcQueryRequest): Promise<T> {\n return this.makeRpcCall<RpcQueryRequest, T>(RpcCallType.Query, params, 'Query');\n }\n\n async viewAccessKey(accountId: string, publicKey: string, finalityQuery?: FinalityReference): Promise<AccessKeyView> {\n const publicKeyStr = publicKey;\n const finality = finalityQuery?.finality \|\| 'final';\n const params = {\n request_type: 'view_access_key',\n finality: finality,\n account_id: accountId,\n public_key: publicKeyStr\n };\n return this.makeRpcCall<typeof params, AccessKeyView>(\n RpcCallType.Query,\n params,\n 'View Access Key'\n );\n }\n\n async viewAccessKeyList(accountId: string, finalityQuery?: FinalityReference): Promise<AccessKeyList> {\n const finality = finalityQuery?.finality \|\| 'final';\n const params = {\n request_type: 'view_access_key_list',\n finality: finality,\n account_id: accountId\n };\n return this.makeRpcCall<typeof params, AccessKeyList>(RpcCallType.Query, params, 'View Access Key List');\n }\n\n async viewAccount(accountId: string): Promise<AccountView> {\n const params = {\n request_type: 'view_account',\n finality: 'final',\n account_id: accountId\n };\n return this.makeRpcCall<typeof params, AccountView>(RpcCallType.Query, params, 'View Account');\n }\n\n async viewCode(accountId: string, finalityQuery?: FinalityReference): Promise<Uint8Array> {\n const finality = finalityQuery?.finality \|\| 'final';\n const params = {\n request_type: 'view_code',\n finality,\n account_id: accountId\n };\n const result = await this.makeRpcCall<typeof params, any>(\n RpcCallType.Query,\n params,\n 'View Code'\n );\n const codeBase64 = result?.code_base64;\n if (typeof codeBase64 !== 'string' \|\| !codeBase64.length) {\n throw new Error('Invalid View Code response: missing code_base64');\n }\n return base64Decode(codeBase64);\n }\n\n async viewBlock(params: BlockReference): Promise<BlockResult> {\n return this.makeRpcCall<BlockReference, BlockResult>(RpcCallType.Block, params, 'View Block');\n }\n\n async sendTransaction(\n signedTransaction: SignedTransaction,\n waitUntil: TxExecutionStatus = DEFAULT_WAIT_STATUS.executeAction\n ): Promise<FinalExecutionOutcome> {\n const params = {\n signed_tx_base64: encodeSignedTransactionBase64(signedTransaction),\n wait_until: waitUntil\n };\n\n // Retry on transient RPC errors commonly seen with shared/public nodes\n const maxAttempts = 5;\n let lastError: unknown = null;\n for (let attempt = 1; attempt <= maxAttempts; attempt++) {\n try {\n const outcome = await this.makeRpcCall<typeof params, FinalExecutionOutcome>(RpcCallType.Send, params, 'Send Transaction');\n // near-api-js throws on Failure; replicate that for clearer UX\n const status = (outcome as any)?.status;\n if (status && typeof status === 'object' && 'Failure' in status) {\n const failure = (status as any).Failure;\n throw NearRpcError.fromOutcome('Send Transaction', outcome, failure);\n }\n return outcome;\n } catch (err: unknown) {\n lastError = err;\n const msg = errorMessage(err);\n const retryable = /server error\|internal\|temporar\|timeout\|too many requests\|429\|unavailable\|bad gateway\|gateway timeout/i.test(msg \|\| '');\n if (!retryable \|\| attempt === maxAttempts) {\n throw err;\n }\n // Exponential backoff with jitter (200–1200ms approx across attempts)\n const base = 200 Math.pow(2, attempt - 1);\n const jitter = Math.floor(Math.random() * 150);\n await new Promise(r => setTimeout(r, base + jitter));\n }\n }\n // Should be unreachable\n throw lastError instanceof Error ? lastError : new Error(String(lastError));\n }\n\n // legacy helpers removed in favor of NearRpcError\n\n async callFunction<A, T>(\n contractId: string,\n method: string,\n args: A,\n blockQuery?: BlockReference\n ): Promise<T> {\n const rpcParams = {\n request_type: 'call_function',\n finality: 'final',\n account_id: contractId,\n method_name: method,\n args_base64: base64Encode(new TextEncoder().encode(JSON.stringify(args)).buffer)\n };\n const result = await this.makeRpcCall<typeof rpcParams, ContractResult<T>>(\n RpcCallType.Query,\n rpcParams,\n 'View Function'\n );\n\n // Parse result bytes to string/JSON\n const resultBytes = result.result;\n\n if (!Array.isArray(resultBytes)) {\n // If result is not bytes array, it might already be parsed\n return result as unknown as T;\n }\n\n const resultString = String.fromCharCode(...resultBytes);\n\n if (!resultString.trim()) {\n return null as T;\n }\n\n try {\n const parsed = JSON.parse(resultString);\n return parsed as T;\n } catch (parseError) {\n console.warn('Failed to parse result as JSON, returning as string:', parseError);\n console.warn('Raw result string:', resultString);\n // Return the string value if it's not valid JSON\n const cleanString = resultString.replace(/^\"\|\"$/g, ''); // Remove quotes\n return cleanString as T;\n }\n }\n\n async view<A, T>(params: { account: string; method: string; args: A }): Promise<T> {\n return this.callFunction<A, T>(params.account, params.method, params.args);\n }\n\n async getAccessKeys({ account, block_id }: ViewAccountParams): Promise<{\n fullAccessKeys: FullAccessKey[];\n functionCallAccessKeys: FunctionCallAccessKey[];\n }> {\n // Build RPC parameters similar to the official implementation\n const params: Record<string, unknown> = {\n request_type: 'view_access_key_list',\n account_id: account,\n finality: 'final'\n };\n\n // Add block_id if provided (for specific block queries)\n if (block_id) {\n params.block_id = block_id;\n delete params.finality; // block_id takes precedence over finality\n }\n\n // Make the RPC call directly to match the official implementation\n const accessKeyList = await this.makeRpcCall<typeof params, AccessKeyList>(\n RpcCallType.Query,\n params,\n 'View Access Key List'\n );\n\n // Separate full access keys and function call access keys\n const fullAccessKeys: FullAccessKey[] = [];\n const functionCallAccessKeys: FunctionCallAccessKey[] = [];\n\n // Process each access key (matching the official categorization logic)\n for (const key of accessKeyList.keys) {\n if (key.access_key.permission === 'FullAccess') {\n // Full Access Keys: Keys with FullAccess permission\n fullAccessKeys.push(key as FullAccessKey);\n } else if (key.access_key.permission && typeof key.access_key.permission === 'object' && 'FunctionCall' in key.access_key.permission) {\n // Function Call Keys: Keys with limited permissions for specific contract calls\n functionCallAccessKeys.push(key as FunctionCallAccessKey);\n }\n }\n\n return {\n fullAccessKeys,\n functionCallAccessKeys\n };\n }\n}\n"],"mappings":";;;;;;;AAmDA,IAAY,sDAAL;AACL;AACA;AACA;AACA;AACA;;;AAGF,IAAa,oBAAb,MAAa,kBAAkB;CAC7B;CACA;CACA;CAEA,YAAY,MAIT;AACD,OAAK,cAAc,KAAK;AACxB,OAAK,YAAY,KAAK;AACtB,OAAK,cAAc,KAAK;;CAG1B,OAAO,UAAU,OAA+F;AAC9G,SAAO,IAAI,kBAAkB;GAC3B,aAAa,MAAM;GACnB,WAAW,MAAM;GACjB,aAAa,MAAM;;;CAIvB,SAAsB;AAEpB,SAAQ,IAAI,WAAW,KAAK,aAAc;;CAG5C,eAAuB;AACrB,SAAOA,4BAAa,KAAK;;CAG3B,OAAO,OAAO,OAAsC;AAElD,QAAM,IAAI,MAAM;;;AA6BpB,SAAgB,8BACd,OACwC;AACxC,KAAI,CAAC,MAAO,QAAO;AAGnB,KAAI,MAAM,QAAQ,OAChB,QAAO,IAAI,WAAW,OAAmB;AAI3C,KAAI,YAAY,OAAO,QAAQ;EAC7B,MAAM,OAAO;AACb,SAAO,KAAK,OAAO,MAAM,KAAK,YAAY,KAAK,aAAa,KAAK;;AAInE,KAAI,iBAAiB,YACnB,QAAO;AAGT,QAAO;;AAGT,SAAgB,8BAA8B,QAAmC;CAG/E,MAAM,cAAe,QAAgB;CACrC,MAAMC,YACJ,eAAe,OAAO,gBAAgB,WACjC,cACD;CAIN,MAAM,cAAe,UAAyC;AAC9D,KAAIC,8BAAW,aACb,QAAQ,YAA6B,KAAK;CAI5C,MAAM,cAAe,UAAmC;AACxD,KAAIA,8BAAW,cAAc;EAC3B,MAAM,MAAO,YAAkC,KAAK;AACpD,SAAOF,4BAAa;;CAMtB,MAAM,WAAW,8BACd,UAAwC;AAE3C,KAAI,SACF,QAAOA,4BAAa;CAGtB,MAAM,WAAW,8BACd,UAAuC;AAE1C,KAAI,SACF,QAAOA,4BAAa;AAGtB,OAAM,IAAI,MAAM;;AA8BlB,IAAa,oBAAb,MAAa,kBAAwC;CACnD,AAAiB;CAEjB,YAAY,QAA2B;AACrC,OAAK,UAAU,kBAAkB,iBAAiB;;CAGpD,OAAe,iBAAiB,OAAoC;EAClE,MAAM,OAAO,MAAM,QAAQ,SACvB,QACA,MACG,MAAM,UACN,KAAI,QAAO,IAAI,QACf,OAAO;EAEd,MAAM,aAAa,KAAK,KAAI,QAAO;AACjC,OAAI;AACF,WAAO,IAAI,IAAI,KAAK;YACb,KAAK;IACZ,MAAM,UAAUG,4BAAa,QAAQ,yBAAyB;AAC9D,UAAM,IAAI,MAAM;;;AAIpB,MAAI,CAAC,WAAW,OACd,OAAM,IAAI,MAAM;AAGlB,SAAO,MAAM,KAAK,IAAI,IAAI;;;CAQ5B,AAAQ,iBAAoB,QAAgB,QAAmB;AAC7D,SAAO,KAAK,UAAU;GACpB,SAAS;GACT,IAAI,OAAO;GACX;GACA;;;;CAKJ,MAAc,SAAS,KAAa,aAA2C;EAC7E,MAAM,WAAW,MAAM,MAAM,KAAK;GAChC,QAAQ;GACR,SAAS,EAAE,gBAAgB;GAC3B,MAAM;;AAGR,MAAI,CAAC,SAAS,GACZ,OAAM,IAAI,MAAM,uBAAuB,SAAS,OAAO,GAAG,SAAS;EAGrE,MAAM,OAAO,MAAM,SAAS;AAC5B,MAAI,CAAC,MAAM,OACT,OAAM,IAAI,MAAM;AAGlB,SAAO,KAAK,MAAM;;;CAIpB,MAAc,oBAAoB,aAA2C;EAC3E,IAAIC;AACJ,OAAK,MAAM,CAAC,OAAO,QAAQ,KAAK,QAAQ,UACtC,KAAI;GACF,MAAM,SAAS,MAAM,KAAK,SAAS,KAAK;AACxC,OAAI,QAAQ,EAAG,SAAQ,KAAK,4CAA4C;AACxE,UAAO;WACA,KAAK;AACZ,eAAY;GACZ,MAAM,YAAY,QAAQ,KAAK,QAAQ,SAAS;AAChD,WAAQ,KAAK,4BAA4B,IAAI,SAAS,YAAY,kBAAkB,GAAG,IAAID,4BAAa,QAAQ;AAChH,OAAI,CAAC,UAAW,OAAM,eAAe,QAAQ,MAAM,IAAI,MAAM,OAAO;;AAGxE,QAAM,IAAI,MAAMA,4BAAa,cAAc;;;CAI7C,AAAQ,gBAAmB,KAAkB,eAA0B;AACrE,MAAI,IAAI,MACN,OAAME,kCAAa,gBAAgB,eAAe;EAEpD,MAAM,SAAS,IAAI;AAEnB,MAAI,QAAQ,OAAO;GACjB,MAAM,MAAM,OAAO,OAAO,UAAU,WAAW,OAAO,QAAQ,KAAK,UAAU,OAAO;AACpF,SAAM,IAAIA,kCAAa;IAAE,SAAS,GAAG,cAAc,UAAU;IAAO,OAAO;IAAY,MAAM;;;AAE/F,SAAO,IAAI;;;;;CAMb,MAAc,YACZ,QACA,QACA,eACY;EACZ,MAAM,cAAc,KAAK,iBAAiB,QAAQ;EAClD,MAAM,MAAM,MAAM,KAAK,oBAAoB;AAC3C,SAAO,KAAK,gBAAmB,KAAK;;CAOtC,MAAM,MAAmC,QAAqC;AAC5E,SAAO,KAAK,YAAgC,YAAY,OAAO,QAAQ;;CAGzE,MAAM,cAAc,WAAmB,WAAmB,eAA2D;EACnH,MAAM,eAAe;EACrB,MAAM,WAAW,eAAe,YAAY;EAC5C,MAAM,SAAS;GACb,cAAc;GACJ;GACV,YAAY;GACZ,YAAY;;AAEd,SAAO,KAAK,YACV,YAAY,OACZ,QACA;;CAIJ,MAAM,kBAAkB,WAAmB,eAA2D;EACpG,MAAM,WAAW,eAAe,YAAY;EAC5C,MAAM,SAAS;GACb,cAAc;GACJ;GACV,YAAY;;AAEd,SAAO,KAAK,YAA0C,YAAY,OAAO,QAAQ;;CAGnF,MAAM,YAAY,WAAyC;EACzD,MAAM,SAAS;GACb,cAAc;GACd,UAAU;GACV,YAAY;;AAEd,SAAO,KAAK,YAAwC,YAAY,OAAO,QAAQ;;CAGjF,MAAM,SAAS,WAAmB,eAAwD;EACxF,MAAM,WAAW,eAAe,YAAY;EAC5C,MAAM,SAAS;GACb,cAAc;GACd;GACA,YAAY;;EAEd,MAAM,SAAS,MAAM,KAAK,YACxB,YAAY,OACZ,QACA;EAEF,MAAM,aAAa,QAAQ;AAC3B,MAAI,OAAO,eAAe,YAAY,CAAC,WAAW,OAChD,OAAM,IAAI,MAAM;AAElB,SAAOC,4BAAa;;CAGtB,MAAM,UAAU,QAA8C;AAC5D,SAAO,KAAK,YAAyC,YAAY,OAAO,QAAQ;;CAGlF,MAAM,gBACJ,mBACA,YAA+BC,gCAAoB,eACnB;EAChC,MAAM,SAAS;GACb,kBAAkB,8BAA8B;GAChD,YAAY;;EAId,MAAM,cAAc;EACpB,IAAIH,YAAqB;AACzB,OAAK,IAAI,UAAU,GAAG,WAAW,aAAa,UAC5C,KAAI;GACF,MAAM,UAAU,MAAM,KAAK,YAAkD,YAAY,MAAM,QAAQ;GAEvG,MAAM,SAAU,SAAiB;AACjC,OAAI,UAAU,OAAO,WAAW,YAAY,aAAa,QAAQ;IAC/D,MAAM,UAAW,OAAe;AAChC,UAAMC,kCAAa,YAAY,oBAAoB,SAAS;;AAE9D,UAAO;WACAG,KAAc;AACrB,eAAY;GACZ,MAAM,MAAML,4BAAa;GACzB,MAAM,YAAY,wGAAwG,KAAK,OAAO;AACtI,OAAI,CAAC,aAAa,YAAY,YAC5B,OAAM;GAGR,MAAM,OAAO,MAAM,KAAK,IAAI,GAAG,UAAU;GACzC,MAAM,SAAS,KAAK,MAAM,KAAK,WAAW;AAC1C,SAAM,IAAI,SAAQ,MAAK,WAAW,GAAG,OAAO;;AAIhD,QAAM,qBAAqB,QAAQ,YAAY,IAAI,MAAM,OAAO;;CAKlE,MAAM,aACJ,YACA,QACA,MACA,YACY;EACZ,MAAM,YAAY;GAChB,cAAc;GACd,UAAU;GACV,YAAY;GACZ,aAAa;GACb,aAAaH,4BAAa,IAAI,cAAc,OAAO,KAAK,UAAU,OAAO;;EAE3E,MAAM,SAAS,MAAM,KAAK,YACxB,YAAY,OACZ,WACA;EAIF,MAAM,cAAc,OAAO;AAE3B,MAAI,CAAC,MAAM,QAAQ,aAEjB,QAAO;EAGT,MAAM,eAAe,OAAO,aAAa,GAAG;AAE5C,MAAI,CAAC,aAAa,OAChB,QAAO;AAGT,MAAI;GACF,MAAM,SAAS,KAAK,MAAM;AAC1B,UAAO;WACA,YAAY;AACnB,WAAQ,KAAK,wDAAwD;AACrE,WAAQ,KAAK,sBAAsB;GAEnC,MAAM,cAAc,aAAa,QAAQ,UAAU;AACnD,UAAO;;;CAIX,MAAM,KAAW,QAAkE;AACjF,SAAO,KAAK,aAAmB,OAAO,SAAS,OAAO,QAAQ,OAAO;;CAGvE,MAAM,cAAc,EAAE,SAAS,YAG5B;EAED,MAAMS,SAAkC;GACtC,cAAc;GACd,YAAY;GACZ,UAAU;;AAIZ,MAAI,UAAU;AACZ,UAAO,WAAW;AAClB,UAAO,OAAO;;EAIhB,MAAM,gBAAgB,MAAM,KAAK,YAC/B,YAAY,OACZ,QACA;EAIF,MAAMC,iBAAkC;EACxC,MAAMC,yBAAkD;AAGxD,OAAK,MAAM,OAAO,cAAc,KAC9B,KAAI,IAAI,WAAW,eAAe,aAEhC,gBAAe,KAAK;WACX,IAAI,WAAW,cAAc,OAAO,IAAI,WAAW,eAAe,YAAY,kBAAkB,IAAI,WAAW,WAExH,wBAAuB,KAAK;AAIhC,SAAO;GACL;GACA"}
1	+ {"version":3,"file":"NearClient.js","names":["base64Encode","txPayload: EncodableSignedTx","isFunction","errorMessage","lastError: unknown","NearRpcError","base64Decode","DEFAULT_WAIT_STATUS","err: unknown","params: Record<string, unknown>","fullAccessKeys: FullAccessKey[]","functionCallAccessKeys: FunctionCallAccessKey[]"],"sources":["../../../../../../src/core/NearClient.ts"],"sourcesContent":["/*\n Minimal NEAR RPC client that replaces @near-js/providers\n * Only includes the methods actually used by TatchiPasskey\n \n If needed, we can just wrap @near-js if we require more complex\n * functionality and type definitions\n /\n\nimport type {\n FinalExecutionOutcome,\n QueryResponseKind,\n TxExecutionStatus,\n AccessKeyView,\n AccessKeyInfoView,\n AccessKeyList,\n FunctionCallPermissionView,\n AccountView,\n BlockResult,\n BlockReference,\n RpcQueryRequest,\n FinalityReference,\n} from \"@near-js/types\";\nimport { base64Encode, base64Decode } from \"../utils\";\nimport { errorMessage } from \"../utils/errors\";\nimport { NearRpcError } from \"./NearRpcError\";\nimport { DEFAULT_WAIT_STATUS, RpcResponse } from \"./types/rpc\";\nimport { isFunction } from '@/utils/validation';\nimport {\n WasmTransaction,\n WasmSignature,\n} from \"../wasm_signer_worker/pkg/wasm_signer_worker.js\";\n\n// re-export near-js types\nexport type { AccessKeyList } from \"@near-js/types\";\n\nexport interface ViewAccountParams {\n account: string;\n block_id?: string;\n}\n\nexport type FullAccessKey = Omit<AccessKeyInfoView, 'access_key'>\n & { access_key: Omit<AccessKeyView, 'permission'> & { permission: 'FullAccess' } }\n\nexport type FunctionCallAccessKey = Omit<AccessKeyInfoView, 'access_key'>\n & { access_key: Omit<AccessKeyView, 'permission'> & { permission: FunctionCallPermissionView } }\n\nexport interface ContractResult<T> extends QueryResponseKind {\n result?: T \| string \| number;\n logs: string[];\n}\n\nexport enum RpcCallType {\n Query = \"query\",\n View = \"view\",\n Send = \"send_tx\",\n Block = \"block\",\n Call = \"call_function\",\n}\n\nexport class SignedTransaction {\n transaction: WasmTransaction;\n signature: WasmSignature;\n borsh_bytes: number[];\n\n constructor(data: {\n transaction: WasmTransaction;\n signature: WasmSignature;\n borsh_bytes: number[]\n }) {\n this.transaction = data.transaction;\n this.signature = data.signature;\n this.borsh_bytes = data.borsh_bytes;\n }\n\n static fromPlain(input: { transaction: unknown; signature: unknown; borsh_bytes: number[] }): SignedTransaction {\n return new SignedTransaction({\n transaction: input.transaction as WasmTransaction,\n signature: input.signature as WasmSignature,\n borsh_bytes: input.borsh_bytes,\n });\n }\n\n encode(): ArrayBuffer {\n // If borsh_bytes are already available, use them\n return (new Uint8Array(this.borsh_bytes)).buffer;\n }\n\n base64Encode(): string {\n return base64Encode(this.encode());\n }\n\n static decode(bytes: Uint8Array): SignedTransaction {\n // This would need borsh deserialization\n throw new Error('SignedTransaction.decode(): borsh deserialization not implemented');\n }\n}\n\n/\n Serialize a signed transaction-like object to base64.\n * Accepts either our SignedTransaction instance or a plain object\n * with borsh bytes (borsh_bytes \| borshBytes) from cross-origin RPC.\n \n Implementation notes / pitfalls:\n * - We always bind `this` correctly when calling .base64Encode() / .encode()\n * so methods defined on SignedTransaction can safely call this.encode().\n * - The underlying base64Encode() helper is implemented to avoid spreading large\n * Uint8Arrays into String.fromCharCode(...), which can overflow the JS call\n * stack for big WASM binaries or large transactions.\n * - As a fallback, we accept raw borsh bytes in multiple shapes to keep the\n * serializer resilient to different runtimes (plain objects, typed arrays, etc.).\n /\nexport type EncodableSignedTx =\n \| SignedTransaction\n \| {\n // Borsh bytes in various shapes from different runtimes\n borsh_bytes?: unknown;\n borshBytes?: unknown;\n // Optional helper methods from some callers\n encode?: () => ArrayBuffer;\n base64Encode?: () => string;\n };\n\nexport function toArrayBufferFromUnknownBytes(\n bytes: unknown\n): ArrayBuffer \| SharedArrayBuffer \| null {\n if (!bytes) return null;\n\n // Plain number[]\n if (Array.isArray(bytes)) {\n return new Uint8Array(bytes as number[]).buffer;\n }\n\n // Typed arrays / DataView\n if (ArrayBuffer.isView(bytes)) {\n const view = bytes as ArrayBufferView;\n return view.buffer.slice(view.byteOffset, view.byteOffset + view.byteLength);\n }\n\n // Raw ArrayBuffer\n if (bytes instanceof ArrayBuffer) {\n return bytes;\n }\n\n return null;\n}\n\nexport function encodeSignedTransactionBase64(signed: EncodableSignedTx): string {\n // Some call sites wrap the actual SignedTransaction in a { signedTransaction } envelope.\n // Normalize that here so the rest of the function always works with a concrete tx-like object.\n const maybeSigned = (signed as any)?.signedTransaction;\n const txPayload: EncodableSignedTx =\n maybeSigned && typeof maybeSigned === 'object'\n ? (maybeSigned as EncodableSignedTx)\n : signed;\n\n // 1) If the payload exposes a .base64Encode() helper (our SignedTransaction class),\n // use it directly. Bind `this` so the method can safely call this.encode().\n const maybeBase64 = (txPayload as { base64Encode?: unknown }).base64Encode;\n if (isFunction(maybeBase64)) {\n return (maybeBase64 as () => string).call(txPayload);\n }\n\n // 2) Otherwise, fall back to a generic encode() → ArrayBuffer method if present.\n const maybeEncode = (txPayload as { encode?: unknown }).encode;\n if (isFunction(maybeEncode)) {\n const buf = (maybeEncode as () => ArrayBuffer).call(txPayload);\n return base64Encode(buf);\n }\n\n // 3) Finally, accept raw borsh bytes in multiple shapes / field names.\n // This keeps the serializer resilient across runtimes that may not\n // hydrate SignedTransaction instances but still provide borsh_bytes/Bytes.\n const snakeBuf = toArrayBufferFromUnknownBytes(\n (txPayload as { borsh_bytes?: unknown }).borsh_bytes\n );\n if (snakeBuf) {\n return base64Encode(snakeBuf);\n }\n\n const camelBuf = toArrayBufferFromUnknownBytes(\n (txPayload as { borshBytes?: unknown }).borshBytes\n );\n if (camelBuf) {\n return base64Encode(camelBuf);\n }\n\n throw new Error('Invalid signed transaction payload: cannot serialize to base64');\n}\n\n/\n MinimalNearClient provides a simplified interface for NEAR protocol interactions\n /\nexport interface NearClient {\n viewAccessKey(accountId: string, publicKey: string, finalityQuery?: FinalityReference): Promise<AccessKeyView>;\n viewAccessKeyList(accountId: string, finalityQuery?: FinalityReference): Promise<AccessKeyList>;\n viewAccount(accountId: string): Promise<AccountView>;\n viewCode(accountId: string, finalityQuery?: FinalityReference): Promise<Uint8Array>;\n viewBlock(params: BlockReference): Promise<BlockResult>;\n sendTransaction(\n signedTransaction: SignedTransaction,\n waitUntil?: TxExecutionStatus\n ): Promise<FinalExecutionOutcome>;\n txStatus(txHash: string, senderAccountId: string): Promise<FinalExecutionOutcome>;\n query<T extends QueryResponseKind>(params: RpcQueryRequest): Promise<T>;\n callFunction<A, T>(\n contractId: string,\n method: string,\n args: A,\n blockQuery?: BlockReference\n ): Promise<T>;\n view<A, T>(params: { account: string; method: string; args: A }): Promise<T>;\n getAccessKeys(params: ViewAccountParams): Promise<{\n fullAccessKeys: FullAccessKey[];\n functionCallAccessKeys: FunctionCallAccessKey[];\n }>;\n}\n\nexport class MinimalNearClient implements NearClient {\n private readonly rpcUrls: string[];\n\n constructor(rpcUrl: string \| string[]) {\n this.rpcUrls = MinimalNearClient.normalizeRpcUrls(rpcUrl);\n }\n\n private static normalizeRpcUrls(input: string \| string[]): string[] {\n const urls = Array.isArray(input)\n ? input\n : input\n .split(/[\\s,]+/)\n .map(url => url.trim())\n .filter(Boolean);\n\n const normalized = urls.map(url => {\n try {\n return new URL(url).toString();\n } catch (err) {\n const message = errorMessage(err) \|\| `Invalid NEAR RPC URL: ${url}`;\n throw new Error(message);\n }\n });\n\n if (!normalized.length) {\n throw new Error('NEAR RPC URL cannot be empty');\n }\n\n return Array.from(new Set(normalized));\n }\n\n // ===========================\n // PRIVATE HELPER FUNCTIONS\n // ===========================\n\n /* Build a JSON-RPC 2.0 POST body (stringified). /\n private buildRequestBody<P>(method: string, params: P): string {\n return JSON.stringify({\n jsonrpc: '2.0',\n id: crypto.randomUUID(),\n method,\n params\n });\n }\n\n /* Perform a single POST to one endpoint and return parsed RpcResponse. /\n private async postOnce(url: string, requestBody: string): Promise<RpcResponse> {\n const response = await fetch(url, {\n method: 'POST',\n headers: { 'Content-Type': 'application/json' },\n body: requestBody\n });\n\n if (!response.ok) {\n throw new Error(`RPC request failed: ${response.status} ${response.statusText}`);\n }\n\n const text = await response.text();\n if (!text?.trim()) {\n throw new Error('Empty response from RPC server');\n }\n\n return JSON.parse(text) as RpcResponse;\n }\n\n /* Try each configured RPC endpoint in order and return the first successful RpcResponse. /\n private async requestWithFallback(requestBody: string): Promise<RpcResponse> {\n let lastError: unknown;\n for (const [index, url] of this.rpcUrls.entries()) {\n try {\n const result = await this.postOnce(url, requestBody);\n if (index > 0) console.warn(`[NearClient] RPC succeeded via fallback: ${url}`);\n return result;\n } catch (err) {\n lastError = err;\n const remaining = index < this.rpcUrls.length - 1;\n console.warn(`[NearClient] RPC call to ${url} failed${remaining ? ', trying next' : ''}: ${errorMessage(err) \|\| 'RPC request failed'}`);\n if (!remaining) throw err instanceof Error ? err : new Error(String(err));\n }\n }\n throw new Error(errorMessage(lastError) \|\| 'RPC request failed');\n }\n\n /* Validate and unwrap RpcResponse into the typed result with rich error forwarding. /\n private unwrapRpcResult<T>(rpc: RpcResponse, operationName: string): T {\n if (rpc.error) {\n throw NearRpcError.fromRpcResponse(operationName, rpc);\n }\n const result = rpc.result as any;\n // Some providers return a wrapped error in `result.error`\n if (result?.error) {\n const msg = typeof result.error === 'string' ? result.error : JSON.stringify(result.error);\n throw new NearRpcError({ message: `${operationName} Error: ${msg}`, short: 'RpcError', type: 'RpcError' });\n }\n return rpc.result as T;\n }\n\n /\n Execute RPC call with proper error handling and result extraction\n /\n private async makeRpcCall<P, T>(\n method: string,\n params: P,\n operationName: string\n ): Promise<T> {\n const requestBody = this.buildRequestBody(method, params);\n const rpc = await this.requestWithFallback(requestBody);\n return this.unwrapRpcResult<T>(rpc, operationName);\n }\n\n // ===========================\n // PUBLIC API METHODS\n // ===========================\n\n async query<T extends QueryResponseKind>(params: RpcQueryRequest): Promise<T> {\n return this.makeRpcCall<RpcQueryRequest, T>(RpcCallType.Query, params, 'Query');\n }\n\n async viewAccessKey(accountId: string, publicKey: string, finalityQuery?: FinalityReference): Promise<AccessKeyView> {\n const publicKeyStr = publicKey;\n const finality = finalityQuery?.finality \|\| 'final';\n const params = {\n request_type: 'view_access_key',\n finality: finality,\n account_id: accountId,\n public_key: publicKeyStr\n };\n return this.makeRpcCall<typeof params, AccessKeyView>(\n RpcCallType.Query,\n params,\n 'View Access Key'\n );\n }\n\n async viewAccessKeyList(accountId: string, finalityQuery?: FinalityReference): Promise<AccessKeyList> {\n const finality = finalityQuery?.finality \|\| 'final';\n const params = {\n request_type: 'view_access_key_list',\n finality: finality,\n account_id: accountId\n };\n return this.makeRpcCall<typeof params, AccessKeyList>(RpcCallType.Query, params, 'View Access Key List');\n }\n\n async viewAccount(accountId: string): Promise<AccountView> {\n const params = {\n request_type: 'view_account',\n finality: 'final',\n account_id: accountId\n };\n return this.makeRpcCall<typeof params, AccountView>(RpcCallType.Query, params, 'View Account');\n }\n\n async viewCode(accountId: string, finalityQuery?: FinalityReference): Promise<Uint8Array> {\n const finality = finalityQuery?.finality \|\| 'final';\n const params = {\n request_type: 'view_code',\n finality,\n account_id: accountId\n };\n const result = await this.makeRpcCall<typeof params, any>(\n RpcCallType.Query,\n params,\n 'View Code'\n );\n const codeBase64 = result?.code_base64;\n if (typeof codeBase64 !== 'string' \|\| !codeBase64.length) {\n throw new Error('Invalid View Code response: missing code_base64');\n }\n return base64Decode(codeBase64);\n }\n\n async viewBlock(params: BlockReference): Promise<BlockResult> {\n return this.makeRpcCall<BlockReference, BlockResult>(RpcCallType.Block, params, 'View Block');\n }\n\n async sendTransaction(\n signedTransaction: SignedTransaction,\n waitUntil: TxExecutionStatus = DEFAULT_WAIT_STATUS.executeAction\n ): Promise<FinalExecutionOutcome> {\n const params = {\n signed_tx_base64: encodeSignedTransactionBase64(signedTransaction),\n wait_until: waitUntil\n };\n\n // Retry on transient RPC errors commonly seen with shared/public nodes\n const maxAttempts = 5;\n let lastError: unknown = null;\n for (let attempt = 1; attempt <= maxAttempts; attempt++) {\n try {\n const outcome = await this.makeRpcCall<typeof params, FinalExecutionOutcome>(RpcCallType.Send, params, 'Send Transaction');\n // near-api-js throws on Failure; replicate that for clearer UX\n const status = (outcome as any)?.status;\n if (status && typeof status === 'object' && 'Failure' in status) {\n const failure = (status as any).Failure;\n throw NearRpcError.fromOutcome('Send Transaction', outcome, failure);\n }\n return outcome;\n } catch (err: unknown) {\n lastError = err;\n const msg = errorMessage(err);\n const retryable = /server error\|internal\|temporar\|timeout\|too many requests\|429\|unavailable\|bad gateway\|gateway timeout/i.test(msg \|\| '');\n if (!retryable \|\| attempt === maxAttempts) {\n throw err;\n }\n // Exponential backoff with jitter (200–1200ms approx across attempts)\n const base = 200 Math.pow(2, attempt - 1);\n const jitter = Math.floor(Math.random() * 150);\n await new Promise(r => setTimeout(r, base + jitter));\n }\n }\n // Should be unreachable\n throw lastError instanceof Error ? lastError : new Error(String(lastError));\n }\n\n async txStatus(txHash: string, senderAccountId: string): Promise<FinalExecutionOutcome> {\n const params = {\n tx_hash: txHash,\n sender_account_id: senderAccountId,\n };\n return this.makeRpcCall<typeof params, FinalExecutionOutcome>(\n 'EXPERIMENTAL_tx_status',\n params,\n 'Tx Status'\n );\n }\n\n // legacy helpers removed in favor of NearRpcError\n\n async callFunction<A, T>(\n contractId: string,\n method: string,\n args: A,\n blockQuery?: BlockReference\n ): Promise<T> {\n const rpcParams = {\n request_type: 'call_function',\n finality: 'final',\n account_id: contractId,\n method_name: method,\n args_base64: base64Encode(new TextEncoder().encode(JSON.stringify(args)).buffer)\n };\n const result = await this.makeRpcCall<typeof rpcParams, ContractResult<T>>(\n RpcCallType.Query,\n rpcParams,\n 'View Function'\n );\n\n // Parse result bytes to string/JSON\n const resultBytes = result.result;\n\n if (!Array.isArray(resultBytes)) {\n // If result is not bytes array, it might already be parsed\n return result as unknown as T;\n }\n\n const resultString = String.fromCharCode(...resultBytes);\n\n if (!resultString.trim()) {\n return null as T;\n }\n\n try {\n const parsed = JSON.parse(resultString);\n return parsed as T;\n } catch (parseError) {\n console.warn('Failed to parse result as JSON, returning as string:', parseError);\n console.warn('Raw result string:', resultString);\n // Return the string value if it's not valid JSON\n const cleanString = resultString.replace(/^\"\|\"$/g, ''); // Remove quotes\n return cleanString as T;\n }\n }\n\n async view<A, T>(params: { account: string; method: string; args: A }): Promise<T> {\n return this.callFunction<A, T>(params.account, params.method, params.args);\n }\n\n async getAccessKeys({ account, block_id }: ViewAccountParams): Promise<{\n fullAccessKeys: FullAccessKey[];\n functionCallAccessKeys: FunctionCallAccessKey[];\n }> {\n // Build RPC parameters similar to the official implementation\n const params: Record<string, unknown> = {\n request_type: 'view_access_key_list',\n account_id: account,\n finality: 'final'\n };\n\n // Add block_id if provided (for specific block queries)\n if (block_id) {\n params.block_id = block_id;\n delete params.finality; // block_id takes precedence over finality\n }\n\n // Make the RPC call directly to match the official implementation\n const accessKeyList = await this.makeRpcCall<typeof params, AccessKeyList>(\n RpcCallType.Query,\n params,\n 'View Access Key List'\n );\n\n // Separate full access keys and function call access keys\n const fullAccessKeys: FullAccessKey[] = [];\n const functionCallAccessKeys: FunctionCallAccessKey[] = [];\n\n // Process each access key (matching the official categorization logic)\n for (const key of accessKeyList.keys) {\n if (key.access_key.permission === 'FullAccess') {\n // Full Access Keys: Keys with FullAccess permission\n fullAccessKeys.push(key as FullAccessKey);\n } else if (key.access_key.permission && typeof key.access_key.permission === 'object' && 'FunctionCall' in key.access_key.permission) {\n // Function Call Keys: Keys with limited permissions for specific contract calls\n functionCallAccessKeys.push(key as FunctionCallAccessKey);\n }\n }\n\n return {\n fullAccessKeys,\n functionCallAccessKeys\n };\n }\n}\n"],"mappings":";;;;;;;AAmDA,IAAY,sDAAL;AACL;AACA;AACA;AACA;AACA;;;AAGF,IAAa,oBAAb,MAAa,kBAAkB;CAC7B;CACA;CACA;CAEA,YAAY,MAIT;AACD,OAAK,cAAc,KAAK;AACxB,OAAK,YAAY,KAAK;AACtB,OAAK,cAAc,KAAK;;CAG1B,OAAO,UAAU,OAA+F;AAC9G,SAAO,IAAI,kBAAkB;GAC3B,aAAa,MAAM;GACnB,WAAW,MAAM;GACjB,aAAa,MAAM;;;CAIvB,SAAsB;AAEpB,SAAQ,IAAI,WAAW,KAAK,aAAc;;CAG5C,eAAuB;AACrB,SAAOA,4BAAa,KAAK;;CAG3B,OAAO,OAAO,OAAsC;AAElD,QAAM,IAAI,MAAM;;;AA6BpB,SAAgB,8BACd,OACwC;AACxC,KAAI,CAAC,MAAO,QAAO;AAGnB,KAAI,MAAM,QAAQ,OAChB,QAAO,IAAI,WAAW,OAAmB;AAI3C,KAAI,YAAY,OAAO,QAAQ;EAC7B,MAAM,OAAO;AACb,SAAO,KAAK,OAAO,MAAM,KAAK,YAAY,KAAK,aAAa,KAAK;;AAInE,KAAI,iBAAiB,YACnB,QAAO;AAGT,QAAO;;AAGT,SAAgB,8BAA8B,QAAmC;CAG/E,MAAM,cAAe,QAAgB;CACrC,MAAMC,YACJ,eAAe,OAAO,gBAAgB,WACjC,cACD;CAIN,MAAM,cAAe,UAAyC;AAC9D,KAAIC,8BAAW,aACb,QAAQ,YAA6B,KAAK;CAI5C,MAAM,cAAe,UAAmC;AACxD,KAAIA,8BAAW,cAAc;EAC3B,MAAM,MAAO,YAAkC,KAAK;AACpD,SAAOF,4BAAa;;CAMtB,MAAM,WAAW,8BACd,UAAwC;AAE3C,KAAI,SACF,QAAOA,4BAAa;CAGtB,MAAM,WAAW,8BACd,UAAuC;AAE1C,KAAI,SACF,QAAOA,4BAAa;AAGtB,OAAM,IAAI,MAAM;;AA+BlB,IAAa,oBAAb,MAAa,kBAAwC;CACnD,AAAiB;CAEjB,YAAY,QAA2B;AACrC,OAAK,UAAU,kBAAkB,iBAAiB;;CAGpD,OAAe,iBAAiB,OAAoC;EAClE,MAAM,OAAO,MAAM,QAAQ,SACvB,QACA,MACG,MAAM,UACN,KAAI,QAAO,IAAI,QACf,OAAO;EAEd,MAAM,aAAa,KAAK,KAAI,QAAO;AACjC,OAAI;AACF,WAAO,IAAI,IAAI,KAAK;YACb,KAAK;IACZ,MAAM,UAAUG,4BAAa,QAAQ,yBAAyB;AAC9D,UAAM,IAAI,MAAM;;;AAIpB,MAAI,CAAC,WAAW,OACd,OAAM,IAAI,MAAM;AAGlB,SAAO,MAAM,KAAK,IAAI,IAAI;;;CAQ5B,AAAQ,iBAAoB,QAAgB,QAAmB;AAC7D,SAAO,KAAK,UAAU;GACpB,SAAS;GACT,IAAI,OAAO;GACX;GACA;;;;CAKJ,MAAc,SAAS,KAAa,aAA2C;EAC7E,MAAM,WAAW,MAAM,MAAM,KAAK;GAChC,QAAQ;GACR,SAAS,EAAE,gBAAgB;GAC3B,MAAM;;AAGR,MAAI,CAAC,SAAS,GACZ,OAAM,IAAI,MAAM,uBAAuB,SAAS,OAAO,GAAG,SAAS;EAGrE,MAAM,OAAO,MAAM,SAAS;AAC5B,MAAI,CAAC,MAAM,OACT,OAAM,IAAI,MAAM;AAGlB,SAAO,KAAK,MAAM;;;CAIpB,MAAc,oBAAoB,aAA2C;EAC3E,IAAIC;AACJ,OAAK,MAAM,CAAC,OAAO,QAAQ,KAAK,QAAQ,UACtC,KAAI;GACF,MAAM,SAAS,MAAM,KAAK,SAAS,KAAK;AACxC,OAAI,QAAQ,EAAG,SAAQ,KAAK,4CAA4C;AACxE,UAAO;WACA,KAAK;AACZ,eAAY;GACZ,MAAM,YAAY,QAAQ,KAAK,QAAQ,SAAS;AAChD,WAAQ,KAAK,4BAA4B,IAAI,SAAS,YAAY,kBAAkB,GAAG,IAAID,4BAAa,QAAQ;AAChH,OAAI,CAAC,UAAW,OAAM,eAAe,QAAQ,MAAM,IAAI,MAAM,OAAO;;AAGxE,QAAM,IAAI,MAAMA,4BAAa,cAAc;;;CAI7C,AAAQ,gBAAmB,KAAkB,eAA0B;AACrE,MAAI,IAAI,MACN,OAAME,kCAAa,gBAAgB,eAAe;EAEpD,MAAM,SAAS,IAAI;AAEnB,MAAI,QAAQ,OAAO;GACjB,MAAM,MAAM,OAAO,OAAO,UAAU,WAAW,OAAO,QAAQ,KAAK,UAAU,OAAO;AACpF,SAAM,IAAIA,kCAAa;IAAE,SAAS,GAAG,cAAc,UAAU;IAAO,OAAO;IAAY,MAAM;;;AAE/F,SAAO,IAAI;;;;;CAMb,MAAc,YACZ,QACA,QACA,eACY;EACZ,MAAM,cAAc,KAAK,iBAAiB,QAAQ;EAClD,MAAM,MAAM,MAAM,KAAK,oBAAoB;AAC3C,SAAO,KAAK,gBAAmB,KAAK;;CAOtC,MAAM,MAAmC,QAAqC;AAC5E,SAAO,KAAK,YAAgC,YAAY,OAAO,QAAQ;;CAGzE,MAAM,cAAc,WAAmB,WAAmB,eAA2D;EACnH,MAAM,eAAe;EACrB,MAAM,WAAW,eAAe,YAAY;EAC5C,MAAM,SAAS;GACb,cAAc;GACJ;GACV,YAAY;GACZ,YAAY;;AAEd,SAAO,KAAK,YACV,YAAY,OACZ,QACA;;CAIJ,MAAM,kBAAkB,WAAmB,eAA2D;EACpG,MAAM,WAAW,eAAe,YAAY;EAC5C,MAAM,SAAS;GACb,cAAc;GACJ;GACV,YAAY;;AAEd,SAAO,KAAK,YAA0C,YAAY,OAAO,QAAQ;;CAGnF,MAAM,YAAY,WAAyC;EACzD,MAAM,SAAS;GACb,cAAc;GACd,UAAU;GACV,YAAY;;AAEd,SAAO,KAAK,YAAwC,YAAY,OAAO,QAAQ;;CAGjF,MAAM,SAAS,WAAmB,eAAwD;EACxF,MAAM,WAAW,eAAe,YAAY;EAC5C,MAAM,SAAS;GACb,cAAc;GACd;GACA,YAAY;;EAEd,MAAM,SAAS,MAAM,KAAK,YACxB,YAAY,OACZ,QACA;EAEF,MAAM,aAAa,QAAQ;AAC3B,MAAI,OAAO,eAAe,YAAY,CAAC,WAAW,OAChD,OAAM,IAAI,MAAM;AAElB,SAAOC,4BAAa;;CAGtB,MAAM,UAAU,QAA8C;AAC5D,SAAO,KAAK,YAAyC,YAAY,OAAO,QAAQ;;CAGlF,MAAM,gBACJ,mBACA,YAA+BC,gCAAoB,eACnB;EAChC,MAAM,SAAS;GACb,kBAAkB,8BAA8B;GAChD,YAAY;;EAId,MAAM,cAAc;EACpB,IAAIH,YAAqB;AACzB,OAAK,IAAI,UAAU,GAAG,WAAW,aAAa,UAC5C,KAAI;GACF,MAAM,UAAU,MAAM,KAAK,YAAkD,YAAY,MAAM,QAAQ;GAEvG,MAAM,SAAU,SAAiB;AACjC,OAAI,UAAU,OAAO,WAAW,YAAY,aAAa,QAAQ;IAC/D,MAAM,UAAW,OAAe;AAChC,UAAMC,kCAAa,YAAY,oBAAoB,SAAS;;AAE9D,UAAO;WACAG,KAAc;AACrB,eAAY;GACZ,MAAM,MAAML,4BAAa;GACzB,MAAM,YAAY,wGAAwG,KAAK,OAAO;AACtI,OAAI,CAAC,aAAa,YAAY,YAC5B,OAAM;GAGR,MAAM,OAAO,MAAM,KAAK,IAAI,GAAG,UAAU;GACzC,MAAM,SAAS,KAAK,MAAM,KAAK,WAAW;AAC1C,SAAM,IAAI,SAAQ,MAAK,WAAW,GAAG,OAAO;;AAIhD,QAAM,qBAAqB,QAAQ,YAAY,IAAI,MAAM,OAAO;;CAGlE,MAAM,SAAS,QAAgB,iBAAyD;EACtF,MAAM,SAAS;GACb,SAAS;GACT,mBAAmB;;AAErB,SAAO,KAAK,YACV,0BACA,QACA;;CAMJ,MAAM,aACJ,YACA,QACA,MACA,YACY;EACZ,MAAM,YAAY;GAChB,cAAc;GACd,UAAU;GACV,YAAY;GACZ,aAAa;GACb,aAAaH,4BAAa,IAAI,cAAc,OAAO,KAAK,UAAU,OAAO;;EAE3E,MAAM,SAAS,MAAM,KAAK,YACxB,YAAY,OACZ,WACA;EAIF,MAAM,cAAc,OAAO;AAE3B,MAAI,CAAC,MAAM,QAAQ,aAEjB,QAAO;EAGT,MAAM,eAAe,OAAO,aAAa,GAAG;AAE5C,MAAI,CAAC,aAAa,OAChB,QAAO;AAGT,MAAI;GACF,MAAM,SAAS,KAAK,MAAM;AAC1B,UAAO;WACA,YAAY;AACnB,WAAQ,KAAK,wDAAwD;AACrE,WAAQ,KAAK,sBAAsB;GAEnC,MAAM,cAAc,aAAa,QAAQ,UAAU;AACnD,UAAO;;;CAIX,MAAM,KAAW,QAAkE;AACjF,SAAO,KAAK,aAAmB,OAAO,SAAS,OAAO,QAAQ,OAAO;;CAGvE,MAAM,cAAc,EAAE,SAAS,YAG5B;EAED,MAAMS,SAAkC;GACtC,cAAc;GACd,YAAY;GACZ,UAAU;;AAIZ,MAAI,UAAU;AACZ,UAAO,WAAW;AAClB,UAAO,OAAO;;EAIhB,MAAM,gBAAgB,MAAM,KAAK,YAC/B,YAAY,OACZ,QACA;EAIF,MAAMC,iBAAkC;EACxC,MAAMC,yBAAkD;AAGxD,OAAK,MAAM,OAAO,cAAc,KAC9B,KAAI,IAAI,WAAW,eAAe,aAEhC,gBAAe,KAAK;WACX,IAAI,WAAW,cAAc,OAAO,IAAI,WAAW,eAAe,YAAY,kBAAkB,IAAI,WAAW,WAExH,wBAAuB,KAAK;AAIhC,SAAO;GACL;GACA"}

package/dist/cjs/server/sdk/src/core/defaultConfigs.js CHANGED Viewed

@@ -5,6 +5,7 @@ const PASSKEY_MANAGER_DEFAULT_CONFIGS = {
 	nearNetwork: "testnet",
 	contractId: "w3a-v1.testnet",
 	nearExplorerUrl: "https://testnet.nearblocks.io",
+	signerMode: { mode: "local-signer" },
 	signingSessionDefaults: {
 		ttlMs: 0,
 		remainingUses: 0
@@ -17,9 +18,7 @@ const PASSKEY_MANAGER_DEFAULT_CONFIGS = {
 			pollingIntervalMs: 4e3,
 			maxPollingDurationMs: 1800 * 1e3,
 			pendingTtlMs: 1800 * 1e3,
-			mailtoAddress: "recover@web3authn.org",
-			dkimVerifierAccountId: "email-dkim-verifier-v1.testnet",
-			verificationViewMethod: "get_verification_result"
+			mailtoAddress: "recover@web3authn.org"
 		}
 	},
 	vrfWorkerConfigs: { shamir3pass: {
@@ -40,12 +39,18 @@ const PASSKEY_MANAGER_DEFAULT_CONFIGS = {
 		rpIdOverride: "example.localhost"
 	}
 };
+const THRESHOLD_ED25519_CLIENT_PARTICIPANT_ID = 1;
+const THRESHOLD_ED25519_RELAYER_PARTICIPANT_ID = 2;
+const THRESHOLD_ED25519_2P_PARTICIPANT_IDS = [THRESHOLD_ED25519_CLIENT_PARTICIPANT_ID, THRESHOLD_ED25519_RELAYER_PARTICIPANT_ID];
 const DEFAULT_EMAIL_RECOVERY_CONTRACTS = {
-	emailRecovererGlobalContract: PASSKEY_MANAGER_DEFAULT_CONFIGS.emailRecoveryContracts.emailDkimVerifierContract,
+	emailRecovererGlobalContract: PASSKEY_MANAGER_DEFAULT_CONFIGS.emailRecoveryContracts.emailRecovererGlobalContract,
 	zkEmailVerifierContract: PASSKEY_MANAGER_DEFAULT_CONFIGS.emailRecoveryContracts.zkEmailVerifierContract,
 	emailDkimVerifierContract: PASSKEY_MANAGER_DEFAULT_CONFIGS.emailRecoveryContracts.emailDkimVerifierContract
 };
 //#endregion
 exports.DEFAULT_EMAIL_RECOVERY_CONTRACTS = DEFAULT_EMAIL_RECOVERY_CONTRACTS;
+exports.THRESHOLD_ED25519_2P_PARTICIPANT_IDS = THRESHOLD_ED25519_2P_PARTICIPANT_IDS;
+exports.THRESHOLD_ED25519_CLIENT_PARTICIPANT_ID = THRESHOLD_ED25519_CLIENT_PARTICIPANT_ID;
+exports.THRESHOLD_ED25519_RELAYER_PARTICIPANT_ID = THRESHOLD_ED25519_RELAYER_PARTICIPANT_ID;
 //# sourceMappingURL=defaultConfigs.js.map

package/dist/cjs/server/sdk/src/core/defaultConfigs.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"defaultConfigs.js","names":["PASSKEY_MANAGER_DEFAULT_CONFIGS: TatchiConfigs","DEFAULT_EMAIL_RECOVERY_CONTRACTS: EmailRecoveryContracts"],"sources":["../../../../../../src/core/defaultConfigs.ts"],"sourcesContent":["import type { EmailRecoveryContracts, TatchiConfigs, TatchiConfigsInput } from './types/tatchi';\n\n// Default SDK configs suitable for local dev.\n// Cross-origin wallet isolation is recommended; set iframeWallet in your app config when you have a dedicated origin.\n// Consumers can shallow-merge overrides by field.\n\nexport const PASSKEY_MANAGER_DEFAULT_CONFIGS: TatchiConfigs = {\n // You can provide a single URL or a comma-separated list for failover.\n // First URL is treated as primary, subsequent URLs are fallbacks.\n nearRpcUrl: 'https://test.rpc.fastnear.com, https://rpc.testnet.near.org',\n nearNetwork: 'testnet',\n contractId: 'w3a-v1.testnet',\n nearExplorerUrl: 'https://testnet.nearblocks.io',\n // Warm signing session defaults used by login/unlock flows.\n // Enforcement (TTL/uses) is owned by the VRF worker; signer workers remain one-shot.\n signingSessionDefaults: {\n ttlMs: 0, // 0 minutes\n remainingUses: 0, // default to requiring a touchID prompt for each transaction\n },\n relayer: {\n // accountId: 'w3a-v1.testnet',\n // No default relayer URL. Force apps to configure via env/overrides.\n // Using an empty string triggers early validation errors in code paths that require it.\n url: '',\n delegateActionRoute: '/signed-delegate',\n emailRecovery: {\n // Require at least 0.01 NEAR available to start email recovery.\n minBalanceYocto: '10000000000000000000000', // 0.01 NEAR\n // Poll every 4 seconds for verification status / access key.\n pollingIntervalMs: 4000,\n // Stop polling after 30 minutes.\n maxPollingDurationMs: 30 * 60 * 1000,\n // Expire pending recovery records after 30 minutes.\n pendingTtlMs: 30 * 60 * 1000,\n // Default recovery mailbox for examples / docs.\n mailtoAddress: 'recover@web3authn.org',\n // EmailDKIMVerifier contract that stores verification results.\n dkimVerifierAccountId: 'email-dkim-verifier-v1.testnet',\n // View method used to fetch VerificationResult by request_id.\n verificationViewMethod: 'get_verification_result',\n },\n },\n vrfWorkerConfigs: {\n shamir3pass: {\n // default Shamir's P in vrf-wasm-worker, needs to match relay server's Shamir P\n p: '3N5w46AIGjGT2v5Vua_TMD5Ywfa9U2F7-WzW8SNDsIM',\n // No default relay server URL to avoid accidental localhost usage in non-dev envs\n // Defaults to relayer.url when undefined\n relayServerUrl: '',\n applyServerLockRoute: '/vrf/apply-server-lock',\n removeServerLockRoute: '/vrf/remove-server-lock',\n }\n },\n emailRecoveryContracts: {\n emailRecovererGlobalContract: 'w3a-email-recoverer-v1.testnet',\n zkEmailVerifierContract: 'zk-email-verifier-v1.testnet',\n emailDkimVerifierContract: 'email-dkim-verifier-v1.testnet',\n },\n // Configure iframeWallet in application code to point at your dedicated wallet origin when available.\n iframeWallet: {\n walletOrigin: 'https://wallet.example.localhost',\n walletServicePath: '/wallet-service',\n sdkBasePath: '/sdk',\n rpIdOverride: 'example.localhost',\n }\n};\n\nexport const DEFAULT_EMAIL_RECOVERY_CONTRACTS: EmailRecoveryContracts = {\n emailRecovererGlobalContract: PASSKEY_MANAGER_DEFAULT_CONFIGS.emailRecoveryContracts.~~emailDkimVerifierContract~~,\n zkEmailVerifierContract: PASSKEY_MANAGER_DEFAULT_CONFIGS.emailRecoveryContracts.zkEmailVerifierContract,\n emailDkimVerifierContract: PASSKEY_MANAGER_DEFAULT_CONFIGS.emailRecoveryContracts.emailDkimVerifierContract,\n};\n\n// Merge defaults with overrides\nexport function buildConfigsFromEnv(overrides: TatchiConfigsInput = {}): TatchiConfigs {\n\n const defaults = PASSKEY_MANAGER_DEFAULT_CONFIGS;\n const relayerUrl = overrides.relayer?.url ?? defaults.relayer?.url ?? '';\n // Prefer explicit override for relayer URL; fall back to default preset.\n // Used below to default VRF relayServerUrl when it is undefined.\n const relayServerUrlDefault = relayerUrl;\n\n const merged: TatchiConfigs = {\n nearRpcUrl: overrides.nearRpcUrl ?? defaults.nearRpcUrl,\n nearNetwork: overrides.nearNetwork ?? defaults.nearNetwork,\n contractId: overrides.contractId ?? defaults.contractId,\n nearExplorerUrl: overrides.nearExplorerUrl ?? defaults.nearExplorerUrl,\n walletTheme: overrides.walletTheme ?? defaults.walletTheme,\n signingSessionDefaults: {\n ttlMs: overrides.signingSessionDefaults?.ttlMs\n ?? defaults.signingSessionDefaults?.ttlMs,\n remainingUses: overrides.signingSessionDefaults?.remainingUses\n ?? defaults.signingSessionDefaults?.remainingUses,\n },\n relayer: {\n url: relayerUrl,\n delegateActionRoute: overrides.relayer?.delegateActionRoute\n ?? defaults.relayer?.delegateActionRoute,\n emailRecovery: {\n minBalanceYocto: overrides.relayer?.emailRecovery?.minBalanceYocto\n ?? defaults.relayer?.emailRecovery?.minBalanceYocto,\n pollingIntervalMs: overrides.relayer?.emailRecovery?.pollingIntervalMs\n ?? defaults.relayer?.emailRecovery?.pollingIntervalMs,\n maxPollingDurationMs: overrides.relayer?.emailRecovery?.maxPollingDurationMs\n ?? defaults.relayer?.emailRecovery?.maxPollingDurationMs,\n pendingTtlMs: overrides.relayer?.emailRecovery?.pendingTtlMs\n ?? defaults.relayer?.emailRecovery?.pendingTtlMs,\n mailtoAddress: overrides.relayer?.emailRecovery?.mailtoAddress\n ?? defaults.relayer?.emailRecovery?.mailtoAddress,\n dkimVerifierAccountId: overrides.relayer?.emailRecovery?.dkimVerifierAccountId\n ?? defaults.relayer?.emailRecovery?.dkimVerifierAccountId,\n verificationViewMethod: overrides.relayer?.emailRecovery?.verificationViewMethod\n ?? defaults.relayer?.emailRecovery?.verificationViewMethod,\n },\n },\n authenticatorOptions: overrides.authenticatorOptions ?? defaults.authenticatorOptions,\n vrfWorkerConfigs: {\n shamir3pass: {\n p: overrides.vrfWorkerConfigs?.shamir3pass?.p\n ?? defaults.vrfWorkerConfigs?.shamir3pass?.p,\n relayServerUrl: overrides.vrfWorkerConfigs?.shamir3pass?.relayServerUrl\n ?? defaults.vrfWorkerConfigs?.shamir3pass?.relayServerUrl\n ?? relayServerUrlDefault,\n applyServerLockRoute: overrides.vrfWorkerConfigs?.shamir3pass?.applyServerLockRoute\n ?? defaults.vrfWorkerConfigs?.shamir3pass?.applyServerLockRoute,\n removeServerLockRoute: overrides.vrfWorkerConfigs?.shamir3pass?.removeServerLockRoute\n ?? defaults.vrfWorkerConfigs?.shamir3pass?.removeServerLockRoute,\n },\n },\n emailRecoveryContracts: {\n emailRecovererGlobalContract: overrides.emailRecoveryContracts?.emailRecovererGlobalContract\n ?? defaults.emailRecoveryContracts?.emailRecovererGlobalContract,\n zkEmailVerifierContract: overrides.emailRecoveryContracts?.zkEmailVerifierContract\n ?? defaults.emailRecoveryContracts?.zkEmailVerifierContract,\n emailDkimVerifierContract: overrides.emailRecoveryContracts?.emailDkimVerifierContract\n ?? defaults.emailRecoveryContracts?.emailDkimVerifierContract,\n },\n iframeWallet: {\n walletOrigin: overrides.iframeWallet?.walletOrigin\n ?? defaults.iframeWallet?.walletOrigin,\n ~~walletServicePath~~: overrides.iframeWallet?.~~walletServicePath~~\n ?? defaults.iframeWallet?.~~walletServicePath~~\n ?? '/~~wallet~~-~~service',\~~n ~~sdkBasePath~~: overrides.iframeWallet?.~~sdkBasePath~~\n ?? defaults.iframeWallet?.~~sdkBasePath~~\n ?? '/~~sdk~~',\n ~~rpIdOverride~~: overrides.iframeWallet?.~~rpIdOverride~~\n ?? defaults.iframeWallet?.~~rpIdOverride~~,\n }\n };\n if (!merged.contractId) {\n throw new Error('[configPresets] Missing required config: contractId');\n }\n if (!merged.relayer.url) {\n throw new Error('[configPresets] Missing required config: relayer.url');\n }\n return merged;\n}\n"],"mappings":";;~~AAMA~~,MAAaA,kCAAiD;CAG5D,YAAY;CACZ,aAAa;CACb,YAAY;CACZ,iBAAiB;~~CAGjB~~,wBAAwB;EACtB,OAAO;EACP,eAAe;;CAEjB,SAAS;EAIP,KAAK;EACL,qBAAqB;EACrB,eAAe;GAEb,iBAAiB;GAEjB,mBAAmB;GAEnB,sBAAsB,OAAU;GAEhC,cAAc,OAAU;GAExB,eAAe~~;GAEf,uBAAuB;GAEvB,wBAAwB~~;;;~~CAG5B~~,kBAAkB,EAChB,aAAa;EAEX,GAAG;EAGH,gBAAgB;EAChB,sBAAsB;EACtB,uBAAuB;;CAG3B,wBAAwB;EACtB,8BAA8B;EAC9B,yBAAyB;EACzB,2BAA2B;;CAG7B,cAAc;EACZ,cAAc;EACd,mBAAmB;EACnB,aAAa;EACb,cAAc;;;~~AAIlB~~,MAAaC,mCAA2D;CACtE,8BAA8B,gCAAgC,uBAAuB;CACrF,yBAAyB,gCAAgC,uBAAuB;CAChF,2BAA2B,gCAAgC,uBAAuB"}
1	+ {"version":3,"file":"defaultConfigs.js","names":["PASSKEY_MANAGER_DEFAULT_CONFIGS: TatchiConfigs","DEFAULT_EMAIL_RECOVERY_CONTRACTS: EmailRecoveryContracts"],"sources":["../../../../../../src/core/defaultConfigs.ts"],"sourcesContent":["import type { EmailRecoveryContracts, TatchiConfigs, TatchiConfigsInput } from './types/tatchi';\nimport { coerceSignerMode } from './types/signer-worker';\nimport { toTrimmedString } from '@/utils';\n\n// Default SDK configs suitable for local dev.\n// Cross-origin wallet isolation is recommended; set iframeWallet in your app config when you have a dedicated origin.\n// Consumers can shallow-merge overrides by field.\n\nexport const PASSKEY_MANAGER_DEFAULT_CONFIGS: TatchiConfigs = {\n // You can provide a single URL or a comma-separated list for failover.\n // First URL is treated as primary, subsequent URLs are fallbacks.\n nearRpcUrl: 'https://test.rpc.fastnear.com, https://rpc.testnet.near.org',\n nearNetwork: 'testnet',\n contractId: 'w3a-v1.testnet',\n nearExplorerUrl: 'https://testnet.nearblocks.io',\n signerMode: { mode: 'local-signer' },\n // Warm signing session defaults used by login/unlock flows.\n // Enforcement (TTL/uses) is owned by the VRF worker; signer workers remain one-shot.\n signingSessionDefaults: {\n ttlMs: 0, // 0 minutes\n remainingUses: 0, // default to requiring a touchID prompt for each transaction\n },\n relayer: {\n // accountId: 'w3a-v1.testnet',\n // No default relayer URL. Force apps to configure via env/overrides.\n // Using an empty string triggers early validation errors in code paths that require it.\n url: '',\n delegateActionRoute: '/signed-delegate',\n emailRecovery: {\n // Require at least 0.01 NEAR available to start email recovery.\n minBalanceYocto: '10000000000000000000000', // 0.01 NEAR\n // Poll every 4 seconds for verification status / access key.\n pollingIntervalMs: 4000,\n // Stop polling after 30 minutes.\n maxPollingDurationMs: 30 * 60 * 1000,\n // Expire pending recovery records after 30 minutes.\n pendingTtlMs: 30 * 60 * 1000,\n // Default recovery mailbox for examples / docs.\n mailtoAddress: 'recover@web3authn.org',\n },\n },\n vrfWorkerConfigs: {\n shamir3pass: {\n // default Shamir's P in vrf-wasm-worker, needs to match relay server's Shamir P\n p: '3N5w46AIGjGT2v5Vua_TMD5Ywfa9U2F7-WzW8SNDsIM',\n // No default relay server URL to avoid accidental localhost usage in non-dev envs\n // Defaults to relayer.url when undefined\n relayServerUrl: '',\n applyServerLockRoute: '/vrf/apply-server-lock',\n removeServerLockRoute: '/vrf/remove-server-lock',\n }\n },\n emailRecoveryContracts: {\n emailRecovererGlobalContract: 'w3a-email-recoverer-v1.testnet',\n zkEmailVerifierContract: 'zk-email-verifier-v1.testnet',\n emailDkimVerifierContract: 'email-dkim-verifier-v1.testnet',\n },\n // Configure iframeWallet in application code to point at your dedicated wallet origin when available.\n iframeWallet: {\n walletOrigin: 'https://wallet.example.localhost',\n walletServicePath: '/wallet-service',\n sdkBasePath: '/sdk',\n rpIdOverride: 'example.localhost',\n }\n};\n\n// Default threshold participant identifiers (2P FROST).\n// These are intentionally exported as standalone constants so apps can reuse them when wiring\n// threshold signing across client + server environments.\nexport const THRESHOLD_ED25519_CLIENT_PARTICIPANT_ID = 1 as const;\nexport const THRESHOLD_ED25519_RELAYER_PARTICIPANT_ID = 2 as const;\nexport const THRESHOLD_ED25519_2P_PARTICIPANT_IDS = [\n THRESHOLD_ED25519_CLIENT_PARTICIPANT_ID,\n THRESHOLD_ED25519_RELAYER_PARTICIPANT_ID,\n] as const;\n\n// Threshold node roles.\n// Coordinator is the default because it exposes the public `/threshold-ed25519/sign/*` endpoints.\nexport const THRESHOLD_NODE_ROLE_COORDINATOR = 'coordinator' as const;\nexport const THRESHOLD_NODE_ROLE_DEFAULT = THRESHOLD_NODE_ROLE_COORDINATOR;\n\nexport const DEFAULT_EMAIL_RECOVERY_CONTRACTS: EmailRecoveryContracts = {\n emailRecovererGlobalContract: PASSKEY_MANAGER_DEFAULT_CONFIGS.emailRecoveryContracts.emailRecovererGlobalContract,\n zkEmailVerifierContract: PASSKEY_MANAGER_DEFAULT_CONFIGS.emailRecoveryContracts.zkEmailVerifierContract,\n emailDkimVerifierContract: PASSKEY_MANAGER_DEFAULT_CONFIGS.emailRecoveryContracts.emailDkimVerifierContract,\n};\n\n// Merge defaults with overrides\nexport function buildConfigsFromEnv(overrides: TatchiConfigsInput = {}): TatchiConfigs {\n\n const defaults = PASSKEY_MANAGER_DEFAULT_CONFIGS;\n const relayerUrl = overrides.relayer?.url ?? defaults.relayer?.url ?? '';\n // Prefer explicit override for relayer URL; fall back to default preset.\n // Used below to default VRF relayServerUrl when it is undefined.\n const relayServerUrlDefault = relayerUrl;\n const signerMode = coerceSignerMode(overrides.signerMode, defaults.signerMode);\n\n const merged: TatchiConfigs = {\n nearRpcUrl: overrides.nearRpcUrl ?? defaults.nearRpcUrl,\n nearNetwork: overrides.nearNetwork ?? defaults.nearNetwork,\n contractId: overrides.contractId ?? defaults.contractId,\n nearExplorerUrl: overrides.nearExplorerUrl ?? defaults.nearExplorerUrl,\n walletTheme: overrides.walletTheme ?? defaults.walletTheme,\n signerMode,\n signingSessionDefaults: {\n ttlMs: overrides.signingSessionDefaults?.ttlMs\n ?? defaults.signingSessionDefaults?.ttlMs,\n remainingUses: overrides.signingSessionDefaults?.remainingUses\n ?? defaults.signingSessionDefaults?.remainingUses,\n },\n relayer: {\n url: relayerUrl,\n delegateActionRoute: overrides.relayer?.delegateActionRoute\n ?? defaults.relayer?.delegateActionRoute,\n emailRecovery: {\n minBalanceYocto: overrides.relayer?.emailRecovery?.minBalanceYocto\n ?? defaults.relayer?.emailRecovery?.minBalanceYocto,\n pollingIntervalMs: overrides.relayer?.emailRecovery?.pollingIntervalMs\n ?? defaults.relayer?.emailRecovery?.pollingIntervalMs,\n maxPollingDurationMs: overrides.relayer?.emailRecovery?.maxPollingDurationMs\n ?? defaults.relayer?.emailRecovery?.maxPollingDurationMs,\n pendingTtlMs: overrides.relayer?.emailRecovery?.pendingTtlMs\n ?? defaults.relayer?.emailRecovery?.pendingTtlMs,\n mailtoAddress: overrides.relayer?.emailRecovery?.mailtoAddress\n ?? defaults.relayer?.emailRecovery?.mailtoAddress,\n },\n },\n authenticatorOptions: overrides.authenticatorOptions ?? defaults.authenticatorOptions,\n vrfWorkerConfigs: {\n shamir3pass: {\n p: overrides.vrfWorkerConfigs?.shamir3pass?.p\n ?? defaults.vrfWorkerConfigs?.shamir3pass?.p,\n relayServerUrl: overrides.vrfWorkerConfigs?.shamir3pass?.relayServerUrl\n ?? defaults.vrfWorkerConfigs?.shamir3pass?.relayServerUrl\n ?? relayServerUrlDefault,\n applyServerLockRoute: overrides.vrfWorkerConfigs?.shamir3pass?.applyServerLockRoute\n ?? defaults.vrfWorkerConfigs?.shamir3pass?.applyServerLockRoute,\n removeServerLockRoute: overrides.vrfWorkerConfigs?.shamir3pass?.removeServerLockRoute\n ?? defaults.vrfWorkerConfigs?.shamir3pass?.removeServerLockRoute,\n },\n },\n emailRecoveryContracts: {\n emailRecovererGlobalContract: overrides.emailRecoveryContracts?.emailRecovererGlobalContract\n ?? defaults.emailRecoveryContracts?.emailRecovererGlobalContract,\n zkEmailVerifierContract: overrides.emailRecoveryContracts?.zkEmailVerifierContract\n ?? defaults.emailRecoveryContracts?.zkEmailVerifierContract,\n emailDkimVerifierContract: overrides.emailRecoveryContracts?.emailDkimVerifierContract\n ?? defaults.emailRecoveryContracts?.emailDkimVerifierContract,\n },\n iframeWallet: {\n // Preserve explicit empty-string walletOrigin (\"\") because it is used as a sentinel\n // to disable iframe-wallet mode in tests and some apps.\n walletOrigin: overrides.iframeWallet?.walletOrigin\n ?? defaults.iframeWallet?.walletOrigin,\n rpIdOverride: overrides.iframeWallet?.rpIdOverride\n ?? defaults.iframeWallet?.rpIdOverride,\n // IMPORTANT: the following fields are often wired from CI env vars like `VITE_SDK_BASE_PATH`.\n // When a GitHub Actions env var is missing, expressions like `${{ vars.VITE_SDK_BASE_PATH }}`\n // frequently become the empty string at build-time. Treat empty strings as \"unset\" so we\n // fall back to SDK defaults instead of accidentally generating root-relative URLs like:\n // https://wallet.example.com/w3a-components.css (wrong; should be /sdk/w3a-components.css)\n walletServicePath: toTrimmedString(overrides.iframeWallet?.walletServicePath)\n \|\| toTrimmedString(defaults.iframeWallet?.walletServicePath)\n \|\| '/wallet-service',\n sdkBasePath: toTrimmedString(overrides.iframeWallet?.sdkBasePath)\n \|\| toTrimmedString(defaults.iframeWallet?.sdkBasePath)\n \|\| '/sdk',\n }\n };\n if (!merged.contractId) {\n throw new Error('[configPresets] Missing required config: contractId');\n }\n if (!merged.relayer.url) {\n throw new Error('[configPresets] Missing required config: relayer.url');\n }\n return merged;\n}\n"],"mappings":";;AAQA,MAAaA,kCAAiD;CAG5D,YAAY;CACZ,aAAa;CACb,YAAY;CACZ,iBAAiB;CACjB,YAAY,EAAE,MAAM;CAGpB,wBAAwB;EACtB,OAAO;EACP,eAAe;;CAEjB,SAAS;EAIP,KAAK;EACL,qBAAqB;EACrB,eAAe;GAEb,iBAAiB;GAEjB,mBAAmB;GAEnB,sBAAsB,OAAU;GAEhC,cAAc,OAAU;GAExB,eAAe;;;CAGnB,kBAAkB,EAChB,aAAa;EAEX,GAAG;EAGH,gBAAgB;EAChB,sBAAsB;EACtB,uBAAuB;;CAG3B,wBAAwB;EACtB,8BAA8B;EAC9B,yBAAyB;EACzB,2BAA2B;;CAG7B,cAAc;EACZ,cAAc;EACd,mBAAmB;EACnB,aAAa;EACb,cAAc;;;AAOlB,MAAa,0CAA0C;AACvD,MAAa,2CAA2C;AACxD,MAAa,uCAAuC,CAClD,yCACA;AAQF,MAAaC,mCAA2D;CACtE,8BAA8B,gCAAgC,uBAAuB;CACrF,yBAAyB,gCAAgC,uBAAuB;CAChF,2BAA2B,gCAAgC,uBAAuB"}

package/dist/cjs/server/sdk/src/core/nearCrypto.js CHANGED Viewed

@@ -1,39 +1,25 @@
 const require_rolldown_runtime = require('../../../_virtual/rolldown_runtime.js');
+const require_validation = require('../utils/validation.js');
 let bs58 = require("bs58");
 bs58 = require_rolldown_runtime.__toESM(bs58);
 require("@noble/ed25519");
 //#region src/core/nearCrypto.ts
-const NEAR_KEY_PREFIX = "ed25519:";
-function ensurePrefix(str) {
-	return str.startsWith(NEAR_KEY_PREFIX) ? str : `${NEAR_KEY_PREFIX}${str}`;
-}
-function stripPrefix(str) {
-	return str.startsWith(NEAR_KEY_PREFIX) ? str.slice(8) : str;
-}
 /**
-* Parse NEAR secret key string ('ed25519:...') into its components.
-* NEAR secrets are 64 bytes: seed(32) | pub(32)
+* Remove the NEAR Ed25519 prefix (`ed25519:`) if present.
+* Useful for comparing keys where one side may omit the prefix.
 */
-function parseNearSecretKey(str) {
-	const b58 = stripPrefix(str);
-	const bytes = bs58.default.decode(b58);
-	if (bytes.length !== 64) throw new Error(`Invalid NEAR secret key length: ${bytes.length}`);
-	const all = new Uint8Array(bytes);
-	const seed = all.slice(0, 32);
-	const pub = all.slice(32, 64);
-	return {
-		seed,
-		pub
-	};
+function stripEd25519Prefix(value) {
+	const raw = String(value || "").trim();
+	return raw.replace(/^ed25519:/i, "");
 }
 /** Convert raw 32-byte public key to NEAR string ('ed25519:...') */
 function toPublicKeyString(pub) {
 	if (!(pub?.length === 32)) throw new Error("Public key must be 32 bytes");
-	return ensurePrefix(bs58.default.encode(pub));
+	return require_validation.ensureEd25519Prefix(bs58.default.encode(pub));
 }
 //#endregion
-exports.parseNearSecretKey = parseNearSecretKey;
+exports.stripEd25519Prefix = stripEd25519Prefix;
 exports.toPublicKeyString = toPublicKeyString;
 //# sourceMappingURL=nearCrypto.js.map

package/dist/cjs/server/sdk/src/core/nearCrypto.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"nearCrypto.js","names":[],"sources":["../../../../../../src/core/nearCrypto.ts"],"sourcesContent":["import * as ed25519 from '@noble/ed25519';\nimport bs58 from 'bs58';\n\~~n//~~ ~~NEAR~~ ~~key~~ ~~prefix~~\~~nconst~~ ~~NEAR_KEY_PREFIX~~ = 'ed25519:';\n\~~nfunction~~ ~~ensurePrefix(str:~~ ~~string):~~ ~~string~~ ~~{\n return~~ ~~str.startsWith~~(~~NEAR_KEY_PREFIX~~) ? ~~str~~ : ~~`${NEAR_KEY_PREFIX}${str}`;\~~n~~}\n\nfunction~~ ~~stripPrefix~~(~~str~~: string): string {\n ~~return~~ ~~str.startsWith~~(~~NEAR_KEY_PREFIX)~~ ? ~~str~~.~~slice~~(~~NEAR_KEY_PREFIX.length~~) : ~~str~~;\n}\n\n/*\n Creates a NEAR-compatible Ed25519 keypair formatted as strings:\n * - publicKey: 'ed25519:' + base58(pub)\n * - privateKey: 'ed25519:' + base58(seed(32) \| pub(32))\n /\nexport async function createNearKeypair(): Promise<{ publicKey: string; privateKey: string }> {\n const seed = ed25519.utils.randomPrivateKey(); // 32 bytes\n const pub = await ed25519.getPublicKeyAsync(seed); // 32 bytes\n\n const secret = new Uint8Array(64);\n secret.set(seed, 0);\n secret.set(pub, 32);\n\n const publicKey = ~~ensurePrefix~~(bs58.encode(pub));\n const privateKey = ~~ensurePrefix~~(bs58.encode(secret));\n return { publicKey, privateKey };\n}\n\n/* Parse NEAR public key string ('ed25519:...') into 32-byte Uint8Array /\nexport function parseNearPublicKey(str: string): Uint8Array {\n const b58 = ~~stripPrefix~~(str);\n const bytes = bs58.decode(b58);\n if (bytes.length !== 32) {\n throw new Error(`Invalid NEAR public key length: ${bytes.length}`);\n }\n return new Uint8Array(bytes);\n}\n\n/\n Parse NEAR secret key string ('ed25519:...') into its components.\n * NEAR secrets are 64 bytes: seed(32) \| pub(32)\n /\nexport function parseNearSecretKey(str: string): { seed: Uint8Array; pub: Uint8Array } {\n const b58 = stripPrefix(str);\n const bytes = bs58.decode(b58);\n if (bytes.length !== 64) {\n throw new Error(`Invalid NEAR secret key length: ${bytes.length}`);\n }\n const all = new Uint8Array(bytes);\n const seed = all.slice(0, 32);\n const pub = all.slice(32, 64);\n return { seed, pub };\n}\n\n/* Convert raw 32-byte public key to NEAR string ('ed25519:...') /\nexport function toPublicKeyString(pub: Uint8Array): string {\n if (!(pub?.length === 32)) {\n throw new Error('Public key must be 32 bytes');\n }\n return ~~ensurePrefix~~(bs58.encode(pub));\n}\n\n/* Convert raw seed(32) + pub(32) to NEAR secret string ('ed25519:...') */\nexport function toSecretKeyString(seed: Uint8Array, pub: Uint8Array): string {\n if (!(seed?.length === 32)) {\n throw new Error('Seed must be 32 bytes');\n }\n if (!(pub?.length === 32)) {\n throw new Error('Public key must be 32 bytes');\n }\n const secret = new Uint8Array(64);\n secret.set(seed, 0);\n secret.set(pub, 32);\n return ~~ensurePrefix~~(bs58.encode(secret));\n}\n\n"],"mappings":"~~;;;;;;AAIA~~,~~MAAM,kBAAkB;AAExB,SAAS,aAAa,KAAqB;AACzC,QAAO,IAAI,WAAW,mBAAmB,MAAM,GAAG,kBAAkB;;AAGtE,SAAS,YAAY,KAAqB;AACxC,QAAO,IAAI,WAAW,mBAAmB,IAAI,MAAM,KAA0B;;;;;;AAmC/E,~~SAAgB,mBAAmB,~~KAAoD~~;~~CACrF~~,MAAM,MAAM,~~YAAY;CACxB,MAAM,QAAQ,aAAK,~~OAAO~~;AAC1B~~,~~KAAI~~,~~MAAM,WAAW,GACnB,OAAM,~~IAAI~~,MAAM,mCAAmC,MAAM~~;~~CAE3D~~,~~MAAM~~,~~MAAM,~~IAAI,~~WAAW;CAC3B~~,~~MAAM~~,~~OAAO,IAAI,MAAM,GAAG;CAC1B,MAAM,MAAM,IAAI,MAAM,IAAI;AAC1B,QAAO;EAAE;EAAM;;;;AAIjB,~~SAAgB,kBAAkB,KAAyB;AACzD,KAAI,EAAE,KAAK,WAAW,IACpB,OAAM,IAAI,MAAM;AAElB,~~QAAO~~,~~aAAa~~,aAAK,OAAO"}
1	+ {"version":3,"file":"nearCrypto.js","names":["ensureEd25519Prefix"],"sources":["../../../../../../src/core/nearCrypto.ts"],"sourcesContent":["import * as ed25519 from '@noble/ed25519';\nimport bs58 from 'bs58';\n\nimport { ensureEd25519Prefix } from '../utils/validation';\nexport { ensureEd25519Prefix };\n\nexport const NEAR_ED25519_KEY_PREFIX = 'ed25519:' as const;\n\n/*\n Remove the NEAR Ed25519 prefix (`ed25519:`) if present.\n * Useful for comparing keys where one side may omit the prefix.\n /\nexport function stripEd25519Prefix(value: string): string {\n const raw = String(value \|\| '').trim();\n return raw.replace(/^ed25519:/i, '');\n}\n\n/\n Creates a NEAR-compatible Ed25519 keypair formatted as strings:\n * - publicKey: 'ed25519:' + base58(pub)\n * - privateKey: 'ed25519:' + base58(seed(32) \| pub(32))\n /\nexport async function createNearKeypair(): Promise<{ publicKey: string; privateKey: string }> {\n const seed = ed25519.utils.randomPrivateKey(); // 32 bytes\n const pub = await ed25519.getPublicKeyAsync(seed); // 32 bytes\n\n const secret = new Uint8Array(64);\n secret.set(seed, 0);\n secret.set(pub, 32);\n\n const publicKey = ensureEd25519Prefix(bs58.encode(pub));\n const privateKey = ensureEd25519Prefix(bs58.encode(secret));\n return { publicKey, privateKey };\n}\n\n/* Parse NEAR public key string ('ed25519:...') into 32-byte Uint8Array /\nexport function parseNearPublicKey(str: string): Uint8Array {\n const b58 = stripEd25519Prefix(str);\n const bytes = bs58.decode(b58);\n if (bytes.length !== 32) {\n throw new Error(`Invalid NEAR public key length: ${bytes.length}`);\n }\n return new Uint8Array(bytes);\n}\n\n/* Convert raw 32-byte public key to NEAR string ('ed25519:...') /\nexport function toPublicKeyString(pub: Uint8Array): string {\n if (!(pub?.length === 32)) {\n throw new Error('Public key must be 32 bytes');\n }\n return ensureEd25519Prefix(bs58.encode(pub));\n}\n\n/* Convert raw seed(32) + pub(32) to NEAR secret string ('ed25519:...') */\nexport function toSecretKeyString(seed: Uint8Array, pub: Uint8Array): string {\n if (!(seed?.length === 32)) {\n throw new Error('Seed must be 32 bytes');\n }\n if (!(pub?.length === 32)) {\n throw new Error('Public key must be 32 bytes');\n }\n const secret = new Uint8Array(64);\n secret.set(seed, 0);\n secret.set(pub, 32);\n return ensureEd25519Prefix(bs58.encode(secret));\n}\n"],"mappings":";;;;;;;;;;;AAYA,SAAgB,mBAAmB,OAAuB;CACxD,MAAM,MAAM,OAAO,SAAS,IAAI;AAChC,QAAO,IAAI,QAAQ,cAAc;;;AAgCnC,SAAgB,kBAAkB,KAAyB;AACzD,KAAI,EAAE,KAAK,WAAW,IACpB,OAAM,IAAI,MAAM;AAElB,QAAOA,uCAAoB,aAAK,OAAO"}

package/dist/cjs/server/sdk/src/core/types/actions.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"actions.js","names":[],"sources":["../../../../../../../src/core/types/actions.ts"],"sourcesContent":["import { DelegateAction, Signature } from './delegate';\n\n// === TRANSACTION INPUT INTERFACES ===\n\nexport interface TransactionInput {\n receiverId: string;\n actions: ActionArgs[],\n}\n\nexport interface TransactionInputWasm {\n receiverId: string;\n actions: ActionArgsWasm[],\n nonce?: string; // Optional - computed in confirmation flow if not provided\n}\n\n/*\n Enum for all supported NEAR action types\n /\nexport enum ActionType {\n CreateAccount = \"CreateAccount\",\n DeployContract = \"DeployContract\",\n FunctionCall = \"FunctionCall\",\n Transfer = \"Transfer\",\n Stake = \"Stake\",\n AddKey = \"AddKey\",\n DeleteKey = \"DeleteKey\",\n DeleteAccount = \"DeleteAccount\",\n SignedDelegate = \"SignedDelegate\",\n DeployGlobalContract = \"DeployGlobalContract\",\n UseGlobalContract = \"UseGlobalContract\",\n}\n\nexport enum TxExecutionStatus {\n NONE = 'NONE',\n INCLUDED = 'INCLUDED',\n INCLUDED_FINAL = 'INCLUDED_FINAL',\n EXECUTED = 'EXECUTED',\n FINAL = 'FINAL',\n EXECUTED_OPTIMISTIC = 'EXECUTED_OPTIMISTIC'\n}\n\n// === ACTION INTERFACES (camelCase for JS) ===\n\nexport interface FunctionCallAction {\n type: ActionType.FunctionCall;\n /* Name of the contract method to call /\n methodName: string;\n /* Arguments to pass to the method (will be JSON.stringify'd automatically) /\n args: Record<string, any>;\n /* Maximum gas to use for this call (default: '30000000000000' 30 TGas) /\n gas?: string;\n /* Amount of NEAR tokens to attach in yoctoNEAR (default: '0') /\n deposit?: string;\n}\n\nexport interface TransferAction {\n type: ActionType.Transfer;\n /* Amount of NEAR tokens to transfer in yoctoNEAR /\n amount: string;\n}\n\nexport interface CreateAccountAction {\n type: ActionType.CreateAccount;\n}\n\nexport interface DeployContractAction {\n type: ActionType.DeployContract;\n /* Contract code as Uint8Array or base64 string /\n code: Uint8Array \| string;\n}\n\nexport interface DeployGlobalContractAction {\n type: ActionType.DeployGlobalContract;\n /* Global contract code as Uint8Array or base64 string /\n code: Uint8Array \| string;\n /* Deployment mode: CodeHash \| AccountId /\n deployMode: 'CodeHash' \| 'AccountId';\n}\n\nexport interface UseGlobalContractAction {\n type: ActionType.UseGlobalContract;\n /* Exactly one of these should be set /\n accountId?: string;\n /* bs58-encoded 32-byte code hash /\n codeHash?: string;\n}\n\nexport interface StakeAction {\n type: ActionType.Stake;\n /* Amount to stake in yoctoNEAR /\n stake: string;\n /* Public key of the validator /\n publicKey: string;\n}\n\nexport interface AddKeyAction {\n type: ActionType.AddKey;\n /* Public key to add /\n publicKey: string;\n /* Access key configuration /\n accessKey: {\n /* Starting nonce for the key /\n nonce?: number;\n /* Permission level for the key /\n permission: 'FullAccess' \| {\n /* Function call permissions /\n FunctionCall: {\n /* Maximum allowance in yoctoNEAR (optional for unlimited) /\n allowance?: string;\n /* Contract that can be called (default: same as receiverId) /\n receiverId?: string;\n /* Method names that can be called (empty array = all methods) /\n methodNames?: string[];\n };\n };\n };\n}\n\nexport interface DeleteKeyAction {\n type: ActionType.DeleteKey;\n /* Public key to remove /\n publicKey: string;\n}\n\nexport interface DeleteAccountAction {\n type: ActionType.DeleteAccount;\n /* Account that will receive the remaining balance /\n beneficiaryId: string;\n}\n\n/\n Action types for all NEAR actions\n * camelCase for JS\n /\nexport type ActionArgs =\n \| FunctionCallAction\n \| TransferAction\n \| CreateAccountAction\n \| DeployContractAction\n \| StakeAction\n \| AddKeyAction\n \| DeleteKeyAction\n \| DeleteAccountAction\n \| DeployGlobalContractAction\n \| UseGlobalContractAction;\n\n// === ACTION TYPES ===\n\n// ActionArgsWasm matches the Rust enum structure exactly\n// snake_case for wasm\nexport type ActionArgsWasm =\n \| { action_type: ActionType.CreateAccount }\n \| { action_type: ActionType.DeployContract; code: number[] }\n \| {\n action_type: ActionType.FunctionCall;\n method_name: string;\n args: string; // JSON string\n gas: string;\n deposit: string;\n }\n \| { action_type: ActionType.Transfer; deposit: string }\n \| { action_type: ActionType.Stake; stake: string; public_key: string }\n \| { action_type: ActionType.AddKey; public_key: string; access_key: string }\n \| { action_type: ActionType.DeleteKey; public_key: string }\n \| { action_type: ActionType.DeleteAccount; beneficiary_id: string }\n \| {\n action_type: ActionType.SignedDelegate;\n delegate_action: DelegateAction;\n signature: Signature;\n }\n \| { action_type: ActionType.DeployGlobalContract; code: number[]; deploy_mode: 'CodeHash' \| 'AccountId' }\n \| { action_type: ActionType.UseGlobalContract; account_id?: string; code_hash?: string }\n\nexport function isActionArgsWasm(a?: any): a is ActionArgsWasm {\n return isObject(a) && 'action_type' in a;\n}\n\nexport function toActionArgsWasm(action: ActionArgs): ActionArgsWasm {\n switch (action.type) {\n case ActionType.Transfer:\n return {\n action_type: ActionType.Transfer,\n deposit: action.amount\n };\n\n case ActionType.FunctionCall:\n return {\n action_type: ActionType.FunctionCall,\n method_name: action.methodName,\n args: JSON.stringify(action.args),\n gas: action.gas \|\| \"30000000000000\",\n deposit: action.deposit \|\| \"0\"\n };\n\n case ActionType.AddKey:\n // Ensure access key has proper format with nonce and permission object.\n // For FullAccess we emit the NEAR-style `{ FullAccess: {} }` shape to\n // match near-api-js and RPC JSON; FunctionCall permissions are passed\n // through as-is.\n const rawPermission = action.accessKey.permission;\n const permission = rawPermission === 'FullAccess'\n ? { FullAccess: {} }\n : rawPermission;\n const accessKey = {\n nonce: action.accessKey.nonce \|\| 0,\n permission,\n };\n return {\n action_type: ActionType.AddKey,\n public_key: action.publicKey,\n access_key: JSON.stringify(accessKey)\n };\n\n case ActionType.DeleteKey:\n return {\n action_type: ActionType.DeleteKey,\n public_key: action.publicKey\n };\n\n case ActionType.CreateAccount:\n return {\n action_type: ActionType.CreateAccount\n };\n\n case ActionType.DeleteAccount:\n return {\n action_type: ActionType.DeleteAccount,\n beneficiary_id: action.beneficiaryId\n };\n\n case ActionType.DeployContract:\n return {\n action_type: ActionType.DeployContract,\n code: typeof action.code === 'string'\n ? Array.from(new TextEncoder().encode(action.code))\n : Array.from(action.code)\n };\n\n case ActionType.DeployGlobalContract:\n return {\n action_type: ActionType.DeployGlobalContract,\n code: typeof action.code === 'string'\n ? Array.from(new TextEncoder().encode(action.code))\n : Array.from(action.code),\n deploy_mode: action.deployMode,\n };\n\n case ActionType.UseGlobalContract:\n return {\n action_type: ActionType.UseGlobalContract,\n account_id: action.accountId,\n code_hash: action.codeHash,\n };\n\n case ActionType.Stake:\n return {\n action_type: ActionType.Stake,\n stake: action.stake,\n public_key: action.publicKey\n };\n\n default:\n throw new Error(`Action type ${(action as any).type} is not supported`);\n }\n}\n\n// === ACTION TYPE VALIDATION ===\n\n/\n Validate action parameters before sending to worker\n /\nexport function validateActionArgsWasm(actionArgsWasm: ActionArgsWasm): void {\n switch (actionArgsWasm.action_type) {\n case ActionType.FunctionCall:\n if (!actionArgsWasm.method_name) {\n throw new Error('method_name required for FunctionCall');\n }\n if (!actionArgsWasm.args) {\n throw new Error('args required for FunctionCall');\n }\n if (!actionArgsWasm.gas) {\n throw new Error('gas required for FunctionCall');\n }\n if (!actionArgsWasm.deposit) {\n throw new Error('deposit required for FunctionCall');\n }\n // Validate args is valid JSON string\n if (typeof actionArgsWasm.args !== 'string') {\n throw new Error('FunctionCall action args must be a valid JSON string');\n }\n try {\n JSON.parse(actionArgsWasm.args);\n } catch {\n throw new Error('FunctionCall action args must be valid JSON string');\n }\n break;\n case ActionType.Transfer:\n if (!actionArgsWasm.deposit) {\n throw new Error('deposit required for Transfer');\n }\n break;\n case ActionType.CreateAccount:\n // No additional validation needed\n break;\n case ActionType.DeployContract:\n if (!actionArgsWasm.code \|\| actionArgsWasm.code.length === 0) {\n throw new Error('code required for DeployContract');\n }\n break;\n case ActionType.Stake:\n if (!actionArgsWasm.stake) {\n throw new Error('stake amount required for Stake');\n }\n if (!actionArgsWasm.public_key) {\n throw new Error('public_key required for Stake');\n }\n break;\n case ActionType.AddKey:\n if (!actionArgsWasm.public_key) {\n throw new Error('public_key required for AddKey');\n }\n if (!actionArgsWasm.access_key) {\n throw new Error('access_key required for AddKey');\n }\n // Validate access_key is valid JSON string\n if (typeof actionArgsWasm.access_key !== 'string') {\n throw new Error('AddKey action access_key must be a valid JSON string');\n }\n try {\n JSON.parse(actionArgsWasm.access_key);\n } catch {\n throw new Error('AddKey action access_key must be valid JSON string');\n }\n break;\n case ActionType.DeleteKey:\n if (!actionArgsWasm.public_key) {\n throw new Error('public_key required for DeleteKey');\n }\n break;\n case ActionType.DeleteAccount:\n if (!actionArgsWasm.beneficiary_id) {\n throw new Error('beneficiary_id required for DeleteAccount');\n }\n break;\n case ActionType.SignedDelegate: {\n const payload = actionArgsWasm as {\n delegate_action?: unknown;\n signature?: unknown;\n };\n if (!payload.delegate_action \|\| typeof payload.delegate_action !== 'object') {\n throw new Error('delegate_action required for SignedDelegate');\n }\n if (!payload.signature \|\| typeof payload.signature !== 'object') {\n throw new Error('signature required for SignedDelegate');\n }\n break;\n }\n case ActionType.DeployGlobalContract:\n if (!actionArgsWasm.code \|\| actionArgsWasm.code.length === 0) {\n throw new Error('code required for DeployGlobalContract');\n }\n if (!actionArgsWasm.deploy_mode \|\| (actionArgsWasm.deploy_mode !== 'CodeHash' && actionArgsWasm.deploy_mode !== 'AccountId')) {\n throw new Error('deploy_mode must be CodeHash or AccountId for DeployGlobalContract');\n }\n break;\n case ActionType.UseGlobalContract: {\n const hasAccountId = !!actionArgsWasm.account_id;\n const hasCodeHash = !!actionArgsWasm.code_hash;\n if (hasAccountId === hasCodeHash) {\n throw new Error('UseGlobalContract requires exactly one of account_id or code_hash');\n }\n break;\n }\n default:\n throw new Error(`Unsupported action type: ${(actionArgsWasm as any).action_type}`);\n }\n}\n\n// === CONVERSIONS: WASM -> JS ACTIONS ===\n\ninterface FunctionCallPermissionView {\n FunctionCall: {\n allowance: string;\n receiver_id: string;\n method_names: string[];\n };\n}\n\n/\n Convert a single ActionArgsWasm (snake_case, stringified fields) to ActionArgs (camelCase, typed fields)\n /\nexport function fromActionArgsWasm(a: ActionArgsWasm): ActionArgs {\n switch (a.action_type) {\n case ActionType.FunctionCall: {\n let parsedArgs: Record<string, any> = {};\n try {\n if (typeof a.args === 'string') {\n parsedArgs = a.args ? JSON.parse(a.args) : {};\n } else {\n parsedArgs = a.args \|\| {};\n }\n } catch {\n // leave as empty object if parsing fails\n parsedArgs = {};\n }\n return {\n type: ActionType.FunctionCall,\n methodName: a.method_name,\n args: parsedArgs,\n gas: a.gas,\n deposit: a.deposit\n };\n }\n case ActionType.Transfer:\n return {\n type: ActionType.Transfer,\n amount: a.deposit\n };\n case ActionType.CreateAccount:\n return {\n type: ActionType.CreateAccount\n };\n case ActionType.DeployContract: {\n // Represent code as Uint8Array for consistency\n const codeBytes = Array.isArray(a.code) ? new Uint8Array(a.code) : new Uint8Array();\n return {\n type: ActionType.DeployContract,\n code: codeBytes\n };\n }\n case ActionType.DeployGlobalContract: {\n const codeBytes = Array.isArray(a.code) ? new Uint8Array(a.code) : new Uint8Array();\n return {\n type: ActionType.DeployGlobalContract,\n code: codeBytes,\n deployMode: a.deploy_mode,\n };\n }\n case ActionType.Stake:\n return {\n type: ActionType.Stake,\n stake: a.stake,\n publicKey: a.public_key\n };\n case ActionType.AddKey: {\n // access_key is a JSON string of { nonce, permission: ... }\n let accessKey: { nonce: bigint; permission: 'FullAccess' \| FunctionCallPermissionView; }\n try {\n accessKey = JSON.parse(a.access_key);\n } catch {\n accessKey = { nonce: BigInt(0), permission: 'FullAccess' };\n }\n // Normalize permission back to SDK shape\n const permission = accessKey?.permission;\n let normalizedPermission: 'FullAccess' \| FunctionCallPermissionView = 'FullAccess';\n\n if (isObject(permission)) {\n if ('FullAccess' in permission) {\n normalizedPermission = 'FullAccess';\n } else if ('FunctionCall' in permission) {\n const fc = (permission as FunctionCallPermissionView).FunctionCall;\n normalizedPermission = {\n FunctionCall: {\n allowance: fc.allowance,\n receiver_id: fc.receiver_id,\n method_names: fc.method_names\n }\n };\n }\n }\n return {\n type: ActionType.AddKey,\n publicKey: a.public_key,\n accessKey: {\n nonce: typeof accessKey?.nonce === 'number' ? accessKey.nonce : 0,\n permission: normalizedPermission\n }\n };\n }\n case ActionType.DeleteKey:\n return {\n type: ActionType.DeleteKey,\n publicKey: a.public_key\n };\n case ActionType.DeleteAccount:\n return {\n type: ActionType.DeleteAccount,\n beneficiaryId: a.beneficiary_id\n };\n case ActionType.UseGlobalContract:\n return {\n type: ActionType.UseGlobalContract,\n accountId: a.account_id,\n codeHash: a.code_hash,\n };\n default:\n // Exhaustive guard\n throw new Error(`Unsupported wasm action_type: ${(a as any)?.action_type}`);\n }\n}\n\n/* Convert a TransactionInputWasm structure to TransactionInput /\nexport function fromTransactionInputWasm(tx: TransactionInputWasm): TransactionInput {\n return {\n receiverId: tx.receiverId,\n actions: tx.actions.map(fromActionArgsWasm)\n };\n}\n\n/* Convert an array of TransactionInputWasm to TransactionInput[] */\nexport function fromTransactionInputsWasm(txs: TransactionInputWasm[]): TransactionInput[] {\n return (txs \|\| []).map(fromTransactionInputWasm);\n}\nimport { isObject } from '../WalletIframe/validation';\n"],"mappings":";;;;;AAkBA,IAAY,oDAAL;AACL;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;AAkPF,SAAgB,uBAAuB,gBAAsC;AAC3E,SAAQ,eAAe,aAAvB;EACE,KAAK,WAAW;AACd,OAAI,CAAC,eAAe,YAClB,OAAM,IAAI,MAAM;AAElB,OAAI,CAAC,eAAe,KAClB,OAAM,IAAI,MAAM;AAElB,OAAI,CAAC,eAAe,IAClB,OAAM,IAAI,MAAM;AAElB,OAAI,CAAC,eAAe,QAClB,OAAM,IAAI,MAAM;AAGlB,OAAI,OAAO,eAAe,SAAS,SACjC,OAAM,IAAI,MAAM;AAElB,OAAI;AACF,SAAK,MAAM,eAAe;WACpB;AACN,UAAM,IAAI,MAAM;;AAElB;EACF,KAAK,WAAW;AACd,OAAI,CAAC,eAAe,QAClB,OAAM,IAAI,MAAM;AAElB;EACF,KAAK,WAAW,cAEd;EACF,KAAK,WAAW;AACd,OAAI,CAAC,eAAe,QAAQ,eAAe,KAAK,WAAW,EACzD,OAAM,IAAI,MAAM;AAElB;EACF,KAAK,WAAW;AACd,OAAI,CAAC,eAAe,MAClB,OAAM,IAAI,MAAM;AAElB,OAAI,CAAC,eAAe,WAClB,OAAM,IAAI,MAAM;AAElB;EACF,KAAK,WAAW;AACd,OAAI,CAAC,eAAe,WAClB,OAAM,IAAI,MAAM;AAElB,OAAI,CAAC,eAAe,WAClB,OAAM,IAAI,MAAM;AAGlB,OAAI,OAAO,eAAe,eAAe,SACvC,OAAM,IAAI,MAAM;AAElB,OAAI;AACF,SAAK,MAAM,eAAe;WACpB;AACN,UAAM,IAAI,MAAM;;AAElB;EACF,KAAK,WAAW;AACd,OAAI,CAAC,eAAe,WAClB,OAAM,IAAI,MAAM;AAElB;EACF,KAAK,WAAW;AACd,OAAI,CAAC,eAAe,eAClB,OAAM,IAAI,MAAM;AAElB;EACF,KAAK,WAAW,gBAAgB;GAC9B,MAAM,UAAU;AAIhB,OAAI,CAAC,QAAQ,mBAAmB,OAAO,QAAQ,oBAAoB,SACjE,OAAM,IAAI,MAAM;AAElB,OAAI,CAAC,QAAQ,aAAa,OAAO,QAAQ,cAAc,SACrD,OAAM,IAAI,MAAM;AAElB;;EAEF,KAAK,WAAW;AACd,OAAI,CAAC,eAAe,QAAQ,eAAe,KAAK,WAAW,EACzD,OAAM,IAAI,MAAM;AAElB,OAAI,CAAC,eAAe,eAAgB,eAAe,gBAAgB,cAAc,eAAe,gBAAgB,YAC9G,OAAM,IAAI,MAAM;AAElB;EACF,KAAK,WAAW,mBAAmB;GACjC,MAAM,eAAe,CAAC,CAAC,eAAe;GACtC,MAAM,cAAc,CAAC,CAAC,eAAe;AACrC,OAAI,iBAAiB,YACnB,OAAM,IAAI,MAAM;AAElB;;EAEF,QACE,OAAM,IAAI,MAAM,4BAA6B,eAAuB"}
1	+ {"version":3,"file":"actions.js","names":[],"sources":["../../../../../../../src/core/types/actions.ts"],"sourcesContent":["import { DelegateAction, Signature } from './delegate';\n\n// === TRANSACTION INPUT INTERFACES ===\n\nexport interface TransactionInput {\n receiverId: string;\n actions: ActionArgs[],\n}\n\nexport interface TransactionInputWasm {\n receiverId: string;\n actions: ActionArgsWasm[],\n nonce?: string; // Optional - computed in confirmation flow if not provided\n}\n\n/*\n Enum for all supported NEAR action types\n /\nexport enum ActionType {\n CreateAccount = \"CreateAccount\",\n DeployContract = \"DeployContract\",\n FunctionCall = \"FunctionCall\",\n Transfer = \"Transfer\",\n Stake = \"Stake\",\n AddKey = \"AddKey\",\n DeleteKey = \"DeleteKey\",\n DeleteAccount = \"DeleteAccount\",\n SignedDelegate = \"SignedDelegate\",\n DeployGlobalContract = \"DeployGlobalContract\",\n UseGlobalContract = \"UseGlobalContract\",\n}\n\nexport enum TxExecutionStatus {\n NONE = 'NONE',\n INCLUDED = 'INCLUDED',\n INCLUDED_FINAL = 'INCLUDED_FINAL',\n EXECUTED = 'EXECUTED',\n FINAL = 'FINAL',\n EXECUTED_OPTIMISTIC = 'EXECUTED_OPTIMISTIC'\n}\n\n// === ACTION INTERFACES (camelCase for JS) ===\n\nexport interface FunctionCallAction {\n type: ActionType.FunctionCall;\n /* Name of the contract method to call /\n methodName: string;\n /* Arguments to pass to the method (will be JSON.stringify'd automatically) /\n args: Record<string, any>;\n /* Maximum gas to use for this call (default: '30000000000000' 30 TGas) /\n gas?: string;\n /* Amount of NEAR tokens to attach in yoctoNEAR (default: '0') /\n deposit?: string;\n}\n\nexport interface TransferAction {\n type: ActionType.Transfer;\n /* Amount of NEAR tokens to transfer in yoctoNEAR /\n amount: string;\n}\n\nexport interface CreateAccountAction {\n type: ActionType.CreateAccount;\n}\n\nexport interface DeployContractAction {\n type: ActionType.DeployContract;\n /* Contract code as Uint8Array or base64 string /\n code: Uint8Array \| string;\n}\n\nexport interface DeployGlobalContractAction {\n type: ActionType.DeployGlobalContract;\n /* Global contract code as Uint8Array or base64 string /\n code: Uint8Array \| string;\n /* Deployment mode: CodeHash \| AccountId /\n deployMode: 'CodeHash' \| 'AccountId';\n}\n\nexport interface UseGlobalContractAction {\n type: ActionType.UseGlobalContract;\n /* Exactly one of these should be set /\n accountId?: string;\n /* bs58-encoded 32-byte code hash /\n codeHash?: string;\n}\n\nexport interface StakeAction {\n type: ActionType.Stake;\n /* Amount to stake in yoctoNEAR /\n stake: string;\n /* Public key of the validator /\n publicKey: string;\n}\n\nexport interface AddKeyAction {\n type: ActionType.AddKey;\n /* Public key to add /\n publicKey: string;\n /* Access key configuration /\n accessKey: {\n /* Starting nonce for the key /\n nonce?: number;\n /* Permission level for the key /\n permission: 'FullAccess' \| {\n /* Function call permissions /\n FunctionCall: {\n /* Maximum allowance in yoctoNEAR (optional for unlimited) /\n allowance?: string;\n /* Contract that can be called (default: same as receiverId) /\n receiverId?: string;\n /* Method names that can be called (empty array = all methods) /\n methodNames?: string[];\n };\n };\n };\n}\n\nexport interface DeleteKeyAction {\n type: ActionType.DeleteKey;\n /* Public key to remove /\n publicKey: string;\n}\n\nexport interface DeleteAccountAction {\n type: ActionType.DeleteAccount;\n /* Account that will receive the remaining balance /\n beneficiaryId: string;\n}\n\n/\n Action types for all NEAR actions\n * camelCase for JS\n /\nexport type ActionArgs =\n \| FunctionCallAction\n \| TransferAction\n \| CreateAccountAction\n \| DeployContractAction\n \| StakeAction\n \| AddKeyAction\n \| DeleteKeyAction\n \| DeleteAccountAction\n \| DeployGlobalContractAction\n \| UseGlobalContractAction;\n\n// === ACTION TYPES ===\n\n// ActionArgsWasm matches the Rust enum structure exactly\n// snake_case for wasm\nexport type ActionArgsWasm =\n \| { action_type: ActionType.CreateAccount }\n \| { action_type: ActionType.DeployContract; code: number[] }\n \| {\n action_type: ActionType.FunctionCall;\n method_name: string;\n args: string; // JSON string\n gas: string;\n deposit: string;\n }\n \| { action_type: ActionType.Transfer; deposit: string }\n \| { action_type: ActionType.Stake; stake: string; public_key: string }\n \| { action_type: ActionType.AddKey; public_key: string; access_key: string }\n \| { action_type: ActionType.DeleteKey; public_key: string }\n \| { action_type: ActionType.DeleteAccount; beneficiary_id: string }\n \| {\n action_type: ActionType.SignedDelegate;\n delegate_action: DelegateAction;\n signature: Signature;\n }\n \| { action_type: ActionType.DeployGlobalContract; code: number[]; deploy_mode: 'CodeHash' \| 'AccountId' }\n \| { action_type: ActionType.UseGlobalContract; account_id?: string; code_hash?: string }\n\nexport function isActionArgsWasm(a?: any): a is ActionArgsWasm {\n return isObject(a) && 'action_type' in a;\n}\n\nexport function toActionArgsWasm(action: ActionArgs): ActionArgsWasm {\n switch (action.type) {\n case ActionType.Transfer:\n return {\n action_type: ActionType.Transfer,\n deposit: action.amount\n };\n\n case ActionType.FunctionCall:\n return {\n action_type: ActionType.FunctionCall,\n method_name: action.methodName,\n args: JSON.stringify(action.args),\n gas: action.gas \|\| \"30000000000000\",\n deposit: action.deposit \|\| \"0\"\n };\n\n case ActionType.AddKey:\n // Ensure access key has proper format with nonce and permission object.\n // For FullAccess we emit the NEAR-style `{ FullAccess: {} }` shape to\n // match near-api-js and RPC JSON; FunctionCall permissions are passed\n // through as-is.\n const rawPermission = action.accessKey.permission;\n const permission = rawPermission === 'FullAccess'\n ? { FullAccess: {} }\n : rawPermission;\n const accessKey = {\n nonce: action.accessKey.nonce \|\| 0,\n permission,\n };\n return {\n action_type: ActionType.AddKey,\n public_key: action.publicKey,\n access_key: JSON.stringify(accessKey)\n };\n\n case ActionType.DeleteKey:\n return {\n action_type: ActionType.DeleteKey,\n public_key: action.publicKey\n };\n\n case ActionType.CreateAccount:\n return {\n action_type: ActionType.CreateAccount\n };\n\n case ActionType.DeleteAccount:\n return {\n action_type: ActionType.DeleteAccount,\n beneficiary_id: action.beneficiaryId\n };\n\n case ActionType.DeployContract:\n return {\n action_type: ActionType.DeployContract,\n code: typeof action.code === 'string'\n ? Array.from(new TextEncoder().encode(action.code))\n : Array.from(action.code)\n };\n\n case ActionType.DeployGlobalContract:\n return {\n action_type: ActionType.DeployGlobalContract,\n code: typeof action.code === 'string'\n ? Array.from(new TextEncoder().encode(action.code))\n : Array.from(action.code),\n deploy_mode: action.deployMode,\n };\n\n case ActionType.UseGlobalContract:\n return {\n action_type: ActionType.UseGlobalContract,\n account_id: action.accountId,\n code_hash: action.codeHash,\n };\n\n case ActionType.Stake:\n return {\n action_type: ActionType.Stake,\n stake: action.stake,\n public_key: action.publicKey\n };\n\n default:\n throw new Error(`Action type ${(action as any).type} is not supported`);\n }\n}\n\n// === ACTION TYPE VALIDATION ===\n\n/\n Validate action parameters before sending to worker\n /\nexport function validateActionArgsWasm(actionArgsWasm: ActionArgsWasm): void {\n switch (actionArgsWasm.action_type) {\n case ActionType.FunctionCall:\n if (!actionArgsWasm.method_name) {\n throw new Error('method_name required for FunctionCall');\n }\n if (!actionArgsWasm.args) {\n throw new Error('args required for FunctionCall');\n }\n if (!actionArgsWasm.gas) {\n throw new Error('gas required for FunctionCall');\n }\n if (!actionArgsWasm.deposit) {\n throw new Error('deposit required for FunctionCall');\n }\n // Validate args is valid JSON string\n if (typeof actionArgsWasm.args !== 'string') {\n throw new Error('FunctionCall action args must be a valid JSON string');\n }\n try {\n JSON.parse(actionArgsWasm.args);\n } catch {\n throw new Error('FunctionCall action args must be valid JSON string');\n }\n break;\n case ActionType.Transfer:\n if (!actionArgsWasm.deposit) {\n throw new Error('deposit required for Transfer');\n }\n break;\n case ActionType.CreateAccount:\n // No additional validation needed\n break;\n case ActionType.DeployContract:\n if (!actionArgsWasm.code \|\| actionArgsWasm.code.length === 0) {\n throw new Error('code required for DeployContract');\n }\n break;\n case ActionType.Stake:\n if (!actionArgsWasm.stake) {\n throw new Error('stake amount required for Stake');\n }\n if (!actionArgsWasm.public_key) {\n throw new Error('public_key required for Stake');\n }\n break;\n case ActionType.AddKey:\n if (!actionArgsWasm.public_key) {\n throw new Error('public_key required for AddKey');\n }\n if (!actionArgsWasm.access_key) {\n throw new Error('access_key required for AddKey');\n }\n // Validate access_key is valid JSON string\n if (typeof actionArgsWasm.access_key !== 'string') {\n throw new Error('AddKey action access_key must be a valid JSON string');\n }\n try {\n JSON.parse(actionArgsWasm.access_key);\n } catch {\n throw new Error('AddKey action access_key must be valid JSON string');\n }\n break;\n case ActionType.DeleteKey:\n if (!actionArgsWasm.public_key) {\n throw new Error('public_key required for DeleteKey');\n }\n break;\n case ActionType.DeleteAccount:\n if (!actionArgsWasm.beneficiary_id) {\n throw new Error('beneficiary_id required for DeleteAccount');\n }\n break;\n case ActionType.SignedDelegate: {\n const payload = actionArgsWasm as {\n delegate_action?: unknown;\n signature?: unknown;\n };\n if (!payload.delegate_action \|\| typeof payload.delegate_action !== 'object') {\n throw new Error('delegate_action required for SignedDelegate');\n }\n if (!payload.signature \|\| typeof payload.signature !== 'object') {\n throw new Error('signature required for SignedDelegate');\n }\n break;\n }\n case ActionType.DeployGlobalContract:\n if (!actionArgsWasm.code \|\| actionArgsWasm.code.length === 0) {\n throw new Error('code required for DeployGlobalContract');\n }\n if (!actionArgsWasm.deploy_mode \|\| (actionArgsWasm.deploy_mode !== 'CodeHash' && actionArgsWasm.deploy_mode !== 'AccountId')) {\n throw new Error('deploy_mode must be CodeHash or AccountId for DeployGlobalContract');\n }\n break;\n case ActionType.UseGlobalContract: {\n const hasAccountId = !!actionArgsWasm.account_id;\n const hasCodeHash = !!actionArgsWasm.code_hash;\n if (hasAccountId === hasCodeHash) {\n throw new Error('UseGlobalContract requires exactly one of account_id or code_hash');\n }\n break;\n }\n default:\n throw new Error(`Unsupported action type: ${(actionArgsWasm as any).action_type}`);\n }\n}\n\n// === CONVERSIONS: WASM -> JS ACTIONS ===\n\ninterface FunctionCallPermissionView {\n FunctionCall: {\n allowance: string;\n receiver_id: string;\n method_names: string[];\n };\n}\n\n/\n Convert a single ActionArgsWasm (snake_case, stringified fields) to ActionArgs (camelCase, typed fields)\n /\nexport function fromActionArgsWasm(a: ActionArgsWasm): ActionArgs {\n switch (a.action_type) {\n case ActionType.FunctionCall: {\n let parsedArgs: Record<string, any> = {};\n try {\n if (typeof a.args === 'string') {\n parsedArgs = a.args ? JSON.parse(a.args) : {};\n } else {\n parsedArgs = a.args \|\| {};\n }\n } catch {\n // leave as empty object if parsing fails\n parsedArgs = {};\n }\n return {\n type: ActionType.FunctionCall,\n methodName: a.method_name,\n args: parsedArgs,\n gas: a.gas,\n deposit: a.deposit\n };\n }\n case ActionType.Transfer:\n return {\n type: ActionType.Transfer,\n amount: a.deposit\n };\n case ActionType.CreateAccount:\n return {\n type: ActionType.CreateAccount\n };\n case ActionType.DeployContract: {\n // Represent code as Uint8Array for consistency\n const codeBytes = Array.isArray(a.code) ? new Uint8Array(a.code) : new Uint8Array();\n return {\n type: ActionType.DeployContract,\n code: codeBytes\n };\n }\n case ActionType.DeployGlobalContract: {\n const codeBytes = Array.isArray(a.code) ? new Uint8Array(a.code) : new Uint8Array();\n return {\n type: ActionType.DeployGlobalContract,\n code: codeBytes,\n deployMode: a.deploy_mode,\n };\n }\n case ActionType.Stake:\n return {\n type: ActionType.Stake,\n stake: a.stake,\n publicKey: a.public_key\n };\n case ActionType.AddKey: {\n // access_key is a JSON string of { nonce, permission: ... }\n let accessKey: { nonce: bigint; permission: 'FullAccess' \| FunctionCallPermissionView; }\n try {\n accessKey = JSON.parse(a.access_key);\n } catch {\n accessKey = { nonce: BigInt(0), permission: 'FullAccess' };\n }\n // Normalize permission back to SDK shape\n const permission = accessKey?.permission;\n let normalizedPermission: 'FullAccess' \| FunctionCallPermissionView = 'FullAccess';\n\n if (isObject(permission)) {\n if ('FullAccess' in permission) {\n normalizedPermission = 'FullAccess';\n } else if ('FunctionCall' in permission) {\n const fc = (permission as FunctionCallPermissionView).FunctionCall;\n normalizedPermission = {\n FunctionCall: {\n allowance: fc.allowance,\n receiver_id: fc.receiver_id,\n method_names: fc.method_names\n }\n };\n }\n }\n return {\n type: ActionType.AddKey,\n publicKey: a.public_key,\n accessKey: {\n nonce: typeof accessKey?.nonce === 'number' ? accessKey.nonce : 0,\n permission: normalizedPermission\n }\n };\n }\n case ActionType.DeleteKey:\n return {\n type: ActionType.DeleteKey,\n publicKey: a.public_key\n };\n case ActionType.DeleteAccount:\n return {\n type: ActionType.DeleteAccount,\n beneficiaryId: a.beneficiary_id\n };\n case ActionType.UseGlobalContract:\n return {\n type: ActionType.UseGlobalContract,\n accountId: a.account_id,\n codeHash: a.code_hash,\n };\n default:\n // Exhaustive guard\n throw new Error(`Unsupported wasm action_type: ${(a as any)?.action_type}`);\n }\n}\n\n/* Convert a TransactionInputWasm structure to TransactionInput /\nexport function fromTransactionInputWasm(tx: TransactionInputWasm): TransactionInput {\n return {\n receiverId: tx.receiverId,\n actions: tx.actions.map(fromActionArgsWasm)\n };\n}\n\n/* Convert an array of TransactionInputWasm to TransactionInput[] */\nexport function fromTransactionInputsWasm(txs: TransactionInputWasm[]): TransactionInput[] {\n return (txs \|\| []).map(fromTransactionInputWasm);\n}\nimport { isObject } from '@/utils/validation';\n"],"mappings":";;;;;AAkBA,IAAY,oDAAL;AACL;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;AAkPF,SAAgB,uBAAuB,gBAAsC;AAC3E,SAAQ,eAAe,aAAvB;EACE,KAAK,WAAW;AACd,OAAI,CAAC,eAAe,YAClB,OAAM,IAAI,MAAM;AAElB,OAAI,CAAC,eAAe,KAClB,OAAM,IAAI,MAAM;AAElB,OAAI,CAAC,eAAe,IAClB,OAAM,IAAI,MAAM;AAElB,OAAI,CAAC,eAAe,QAClB,OAAM,IAAI,MAAM;AAGlB,OAAI,OAAO,eAAe,SAAS,SACjC,OAAM,IAAI,MAAM;AAElB,OAAI;AACF,SAAK,MAAM,eAAe;WACpB;AACN,UAAM,IAAI,MAAM;;AAElB;EACF,KAAK,WAAW;AACd,OAAI,CAAC,eAAe,QAClB,OAAM,IAAI,MAAM;AAElB;EACF,KAAK,WAAW,cAEd;EACF,KAAK,WAAW;AACd,OAAI,CAAC,eAAe,QAAQ,eAAe,KAAK,WAAW,EACzD,OAAM,IAAI,MAAM;AAElB;EACF,KAAK,WAAW;AACd,OAAI,CAAC,eAAe,MAClB,OAAM,IAAI,MAAM;AAElB,OAAI,CAAC,eAAe,WAClB,OAAM,IAAI,MAAM;AAElB;EACF,KAAK,WAAW;AACd,OAAI,CAAC,eAAe,WAClB,OAAM,IAAI,MAAM;AAElB,OAAI,CAAC,eAAe,WAClB,OAAM,IAAI,MAAM;AAGlB,OAAI,OAAO,eAAe,eAAe,SACvC,OAAM,IAAI,MAAM;AAElB,OAAI;AACF,SAAK,MAAM,eAAe;WACpB;AACN,UAAM,IAAI,MAAM;;AAElB;EACF,KAAK,WAAW;AACd,OAAI,CAAC,eAAe,WAClB,OAAM,IAAI,MAAM;AAElB;EACF,KAAK,WAAW;AACd,OAAI,CAAC,eAAe,eAClB,OAAM,IAAI,MAAM;AAElB;EACF,KAAK,WAAW,gBAAgB;GAC9B,MAAM,UAAU;AAIhB,OAAI,CAAC,QAAQ,mBAAmB,OAAO,QAAQ,oBAAoB,SACjE,OAAM,IAAI,MAAM;AAElB,OAAI,CAAC,QAAQ,aAAa,OAAO,QAAQ,cAAc,SACrD,OAAM,IAAI,MAAM;AAElB;;EAEF,KAAK,WAAW;AACd,OAAI,CAAC,eAAe,QAAQ,eAAe,KAAK,WAAW,EACzD,OAAM,IAAI,MAAM;AAElB,OAAI,CAAC,eAAe,eAAgB,eAAe,gBAAgB,cAAc,eAAe,gBAAgB,YAC9G,OAAM,IAAI,MAAM;AAElB;EACF,KAAK,WAAW,mBAAmB;GACjC,MAAM,eAAe,CAAC,CAAC,eAAe;GACtC,MAAM,cAAc,CAAC,CAAC,eAAe;AACrC,OAAI,iBAAiB,YACnB,OAAM,IAAI,MAAM;AAElB;;EAEF,QACE,OAAM,IAAI,MAAM,4BAA6B,eAAuB"}

package/dist/cjs/server/sdk/src/core/types/rpc.js CHANGED Viewed

@@ -3,6 +3,7 @@
 const DEFAULT_WAIT_STATUS = {
 	executeAction: "EXECUTED_OPTIMISTIC",
 	linkDeviceAddKey: "INCLUDED_FINAL",
+	thresholdAddKey: "EXECUTED_OPTIMISTIC",
 	linkDeviceSwapKey: "FINAL",
 	linkDeviceAccountMapping: "INCLUDED_FINAL",
 	linkDeviceDeleteKey: "INCLUDED_FINAL",

package/dist/cjs/server/sdk/src/core/types/rpc.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"rpc.js","names":[],"sources":["../../../../../../../src/core/types/rpc.ts"],"sourcesContent":["import type { AccessKeyView, TxExecutionStatus } from \"@near-js/types\";\n\nexport const DEFAULT_WAIT_STATUS = {\n executeAction: \"EXECUTED_OPTIMISTIC\" as TxExecutionStatus,\n linkDeviceAddKey: \"INCLUDED_FINAL\" as TxExecutionStatus,\n linkDeviceSwapKey: \"FINAL\" as TxExecutionStatus,\n linkDeviceAccountMapping: \"INCLUDED_FINAL\" as TxExecutionStatus,\n linkDeviceDeleteKey: \"INCLUDED_FINAL\" as TxExecutionStatus,\n linkDeviceRegistration: \"FINAL\" as TxExecutionStatus,\n // See default finality settings:\n // https://github.com/near/near-api-js/blob/99f34864317725467a097dc3c7a3cc5f7a5b43d4/packages/accounts/src/account.ts#L68\n}\n\n// Transaction and Signature types - defined as TypeScript interfaces since they're handled as JSON\nexport interface TransactionStruct {\n signerAccount: string;\n publicKey: {\n keyType: number;\n keyData: number[];\n };\n nonce: number;\n receiverAccount: string;\n blockHash: number[];\n actions: any[]; // Actions are complex, handled as JSON\n}\n\nexport interface SignatureStruct {\n keyType: number;\n signatureData: number[];\n}\n\nexport interface NearRpcCallParams {\n jsonrpc: string;\n id: string;\n method: string;\n params: {\n signed_tx_base64: string;\n wait_until: TxExecutionStatus;\n }\n}\n\nexport interface TransactionContext {\n nearPublicKeyStr: string;\n accessKeyInfo: AccessKeyView;\n nextNonce: string;\n txBlockHeight: string;\n txBlockHash: string;\n}\n\nexport interface BlockInfo {\n header: {\n hash: string;\n height: number;\n };\n}\nexport interface RpcErrorData {\n // NEAR error payloads vary; keep flexible but preserve common fields\n // Top-level helper message if present\n message?: string;\n // Anything else from the node (TxExecutionError, ActionError, etc.)\n [key: string]: any;\n}\n\nexport interface RpcError {\n code?: number;\n name?: string;\n data?: RpcErrorData;\n message?: string;\n}\n\nexport interface RpcResponse {\n error?: RpcError;\n result?: any;\n}\n"],"mappings":";;AAEA,MAAa,sBAAsB;CACjC,eAAe;CACf,kBAAkB;~~CAClB~~,mBAAmB;CACnB,0BAA0B;CAC1B,qBAAqB;CACpB,wBAAwB"}
1	+ {"version":3,"file":"rpc.js","names":[],"sources":["../../../../../../../src/core/types/rpc.ts"],"sourcesContent":["import type { AccessKeyView, TxExecutionStatus } from \"@near-js/types\";\n\nexport const DEFAULT_WAIT_STATUS = {\n executeAction: \"EXECUTED_OPTIMISTIC\" as TxExecutionStatus,\n linkDeviceAddKey: \"INCLUDED_FINAL\" as TxExecutionStatus,\n // Threshold AddKey is safe to treat optimistically; finality will converge shortly after.\n thresholdAddKey: \"EXECUTED_OPTIMISTIC\" as TxExecutionStatus,\n linkDeviceSwapKey: \"FINAL\" as TxExecutionStatus,\n linkDeviceAccountMapping: \"INCLUDED_FINAL\" as TxExecutionStatus,\n linkDeviceDeleteKey: \"INCLUDED_FINAL\" as TxExecutionStatus,\n linkDeviceRegistration: \"FINAL\" as TxExecutionStatus,\n // See default finality settings:\n // https://github.com/near/near-api-js/blob/99f34864317725467a097dc3c7a3cc5f7a5b43d4/packages/accounts/src/account.ts#L68\n}\n\n// Transaction and Signature types - defined as TypeScript interfaces since they're handled as JSON\nexport interface TransactionStruct {\n signerAccount: string;\n publicKey: {\n keyType: number;\n keyData: number[];\n };\n nonce: number;\n receiverAccount: string;\n blockHash: number[];\n actions: any[]; // Actions are complex, handled as JSON\n}\n\nexport interface SignatureStruct {\n keyType: number;\n signatureData: number[];\n}\n\nexport interface NearRpcCallParams {\n jsonrpc: string;\n id: string;\n method: string;\n params: {\n signed_tx_base64: string;\n wait_until: TxExecutionStatus;\n }\n}\n\nexport interface TransactionContext {\n nearPublicKeyStr: string;\n accessKeyInfo: AccessKeyView;\n nextNonce: string;\n txBlockHeight: string;\n txBlockHash: string;\n}\n\nexport interface BlockInfo {\n header: {\n hash: string;\n height: number;\n };\n}\nexport interface RpcErrorData {\n // NEAR error payloads vary; keep flexible but preserve common fields\n // Top-level helper message if present\n message?: string;\n // Anything else from the node (TxExecutionError, ActionError, etc.)\n [key: string]: any;\n}\n\nexport interface RpcError {\n code?: number;\n name?: string;\n data?: RpcErrorData;\n message?: string;\n}\n\nexport interface RpcResponse {\n error?: RpcError;\n result?: any;\n}\n"],"mappings":";;AAEA,MAAa,sBAAsB;CACjC,eAAe;CACf,kBAAkB;CAElB,iBAAiB;CACjB,mBAAmB;CACnB,0BAA0B;CAC1B,qBAAqB;CACpB,wBAAwB"}

package/dist/cjs/server/sdk/src/threshold/participants.js ADDED Viewed

@@ -0,0 +1,28 @@
+const require_defaultConfigs = require('../core/defaultConfigs.js');
+//#region src/threshold/participants.ts
+function normalizeThresholdEd25519ParticipantId(id) {
+	const n = Number(id);
+	if (!Number.isSafeInteger(n) || n < 1 || n > 65535) return null;
+	return n;
+}
+function normalizeThresholdEd25519ParticipantIds(input) {
+	if (!Array.isArray(input) || input.length === 0) return null;
+	const out = [];
+	const seen = /* @__PURE__ */ new Set();
+	for (const v of input) {
+		const id = normalizeThresholdEd25519ParticipantId(v);
+		if (!id) return null;
+		if (!seen.has(id)) {
+			seen.add(id);
+			out.push(id);
+		}
+	}
+	out.sort((a, b) => a - b);
+	return out.length ? out : null;
+}
+//#endregion
+exports.normalizeThresholdEd25519ParticipantId = normalizeThresholdEd25519ParticipantId;
+exports.normalizeThresholdEd25519ParticipantIds = normalizeThresholdEd25519ParticipantIds;
+//# sourceMappingURL=participants.js.map

package/dist/cjs/server/sdk/src/threshold/participants.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"participants.js","names":["out: number[]"],"sources":["../../../../../../src/threshold/participants.ts"],"sourcesContent":["export type ThresholdParticipantRole = 'client' | 'relayer';\n\nimport { toOptionalTrimmedString } from '../utils/validation';\nimport {\n THRESHOLD_ED25519_CLIENT_PARTICIPANT_ID,\n THRESHOLD_ED25519_RELAYER_PARTICIPANT_ID,\n THRESHOLD_ED25519_2P_PARTICIPANT_IDS,\n} from '../core/defaultConfigs';\n\nexport {\n THRESHOLD_ED25519_CLIENT_PARTICIPANT_ID,\n THRESHOLD_ED25519_RELAYER_PARTICIPANT_ID,\n THRESHOLD_ED25519_2P_PARTICIPANT_IDS,\n};\n\n/**\n * Metadata describing how a participant share is derived/stored.\n * This is informational in v1 and may be used for validation/policy later.\n */\nexport type ThresholdEd25519ShareDerivation =\n | 'prf_first_v1'\n | 'derived_master_secret_v1'\n | 'kv_random_v1'\n | 'unknown';\n\nexport interface ThresholdEd25519ParticipantV1 {\n /** FROST identifier (1-indexed). */\n id: number;\n role: ThresholdParticipantRole;\n /** Optional relayer endpoint for this participant (future multi-relayer support). */\n relayerUrl?: string;\n /** Key/share identifier understood by this participant (e.g. relayerKeyId). */\n relayerKeyId?: string;\n /** Base64url-encoded 32-byte verifying share (compressed EdwardsY). */\n verifyingShareB64u?: string;\n shareDerivation?: ThresholdEd25519ShareDerivation;\n}\n\nexport const THRESHOLD_ED25519_PARTICIPANT_SET_V1 = 'threshold_ed25519_participants_v1' as const;\n\nexport interface ThresholdEd25519ParticipantSetV1 {\n version: typeof THRESHOLD_ED25519_PARTICIPANT_SET_V1;\n groupPublicKey: string;\n participants: ThresholdEd25519ParticipantV1[];\n}\n\nexport function normalizeThresholdEd25519ParticipantId(id: unknown): number | null {\n const n = Number(id);\n if (!Number.isSafeInteger(n) || n < 1 || n > 65_535) return null;\n return n;\n}\n\nexport function normalizeThresholdEd25519ParticipantIds(input: unknown): number[] | null {\n if (!Array.isArray(input) || input.length === 0) return null;\n const out: number[] = [];\n const seen = new Set<number>();\n for (const v of input) {\n const id = normalizeThresholdEd25519ParticipantId(v);\n if (!id) return null;\n if (!seen.has(id)) {\n seen.add(id);\n out.push(id);\n }\n }\n out.sort((a, b) => a - b);\n return out.length ? out : null;\n}\n\nexport function areThresholdEd25519ParticipantIds2p(\n participantIds: number[] | null | undefined,\n expected: readonly number[] = THRESHOLD_ED25519_2P_PARTICIPANT_IDS,\n): boolean {\n const ids = normalizeThresholdEd25519ParticipantIds(participantIds);\n const expectedIds = normalizeThresholdEd25519ParticipantIds([...expected]);\n if (!ids || !expectedIds) return false;\n if (ids.length !== expectedIds.length) return false;\n return ids.every((id, i) => id === expectedIds[i]);\n}\n\nexport function parseThresholdEd25519ParticipantsV1(input: unknown): ThresholdEd25519ParticipantV1[] | null {\n if (!Array.isArray(input) || input.length === 0) return null;\n\n const out: ThresholdEd25519ParticipantV1[] = [];\n for (const item of input) {\n if (!item || typeof item !== 'object' || Array.isArray(item)) return null;\n const rec = item as Record<string, unknown>;\n\n const id = normalizeThresholdEd25519ParticipantId(rec.id);\n const role = toOptionalTrimmedString(rec.role);\n if (!id || (role !== 'client' && role !== 'relayer')) return null;\n\n const participant: ThresholdEd25519ParticipantV1 = {\n id,\n role: role as ThresholdParticipantRole,\n };\n\n const relayerUrl = toOptionalTrimmedString(rec.relayerUrl);\n if (relayerUrl) participant.relayerUrl = relayerUrl;\n\n const relayerKeyId = toOptionalTrimmedString(rec.relayerKeyId);\n if (relayerKeyId) participant.relayerKeyId = relayerKeyId;\n\n const verifyingShareB64u = toOptionalTrimmedString(rec.verifyingShareB64u);\n if (verifyingShareB64u) participant.verifyingShareB64u = verifyingShareB64u;\n\n const shareDerivation = toOptionalTrimmedString(rec.shareDerivation);\n if (\n shareDerivation === 'prf_first_v1'\n || shareDerivation === 'derived_master_secret_v1'\n || shareDerivation === 'kv_random_v1'\n || shareDerivation === 'unknown'\n ) {\n participant.shareDerivation = shareDerivation;\n }\n\n out.push(participant);\n }\n\n return out.length ? out : null;\n}\n\nexport function buildThresholdEd25519Participants2pV1(input: {\n clientParticipantId?: number | null;\n relayerParticipantId?: number | null;\n relayerKeyId: string;\n relayerUrl?: string | null;\n clientVerifyingShareB64u?: string | null;\n relayerVerifyingShareB64u?: string | null;\n clientShareDerivation?: ThresholdEd25519ShareDerivation | null;\n relayerShareDerivation?: ThresholdEd25519ShareDerivation | null;\n}): ThresholdEd25519ParticipantV1[] {\n const relayerKeyId = toOptionalTrimmedString(input.relayerKeyId);\n const relayerUrl = toOptionalTrimmedString(input.relayerUrl);\n const clientVerifyingShareB64u = toOptionalTrimmedString(input.clientVerifyingShareB64u);\n const relayerVerifyingShareB64u = toOptionalTrimmedString(input.relayerVerifyingShareB64u);\n const clientParticipantId =\n normalizeThresholdEd25519ParticipantId(input.clientParticipantId) ?? THRESHOLD_ED25519_CLIENT_PARTICIPANT_ID;\n const relayerParticipantId =\n normalizeThresholdEd25519ParticipantId(input.relayerParticipantId) ?? THRESHOLD_ED25519_RELAYER_PARTICIPANT_ID;\n\n const client: ThresholdEd25519ParticipantV1 = {\n id: clientParticipantId,\n role: 'client',\n ...(clientVerifyingShareB64u ? { verifyingShareB64u: clientVerifyingShareB64u } : {}),\n shareDerivation: input.clientShareDerivation || 'prf_first_v1',\n };\n\n const relayer: ThresholdEd25519ParticipantV1 = {\n id: relayerParticipantId,\n role: 'relayer',\n ...(relayerUrl ? { relayerUrl } : {}),\n ...(relayerKeyId ? { relayerKeyId } : {}),\n ...(relayerVerifyingShareB64u ? { verifyingShareB64u: relayerVerifyingShareB64u } : {}),\n ...(input.relayerShareDerivation ? { shareDerivation: input.relayerShareDerivation } : {}),\n };\n\n return [client, relayer];\n}\n"],"mappings":";;;AA8CA,SAAgB,uCAAuC,IAA4B;CACjF,MAAM,IAAI,OAAO;AACjB,KAAI,CAAC,OAAO,cAAc,MAAM,IAAI,KAAK,IAAI,MAAQ,QAAO;AAC5D,QAAO;;AAGT,SAAgB,wCAAwC,OAAiC;AACvF,KAAI,CAAC,MAAM,QAAQ,UAAU,MAAM,WAAW,EAAG,QAAO;CACxD,MAAMA,MAAgB;CACtB,MAAM,uBAAO,IAAI;AACjB,MAAK,MAAM,KAAK,OAAO;EACrB,MAAM,KAAK,uCAAuC;AAClD,MAAI,CAAC,GAAI,QAAO;AAChB,MAAI,CAAC,KAAK,IAAI,KAAK;AACjB,QAAK,IAAI;AACT,OAAI,KAAK;;;AAGb,KAAI,MAAM,GAAG,MAAM,IAAI;AACvB,QAAO,IAAI,SAAS,MAAM"}

package/dist/cjs/server/sdk/src/utils/base64.js CHANGED Viewed

@@ -30,8 +30,42 @@ function base64Decode(base64) {
 	for (let i = 0; i < binaryString.length; i++) bytes[i] = binaryString.charCodeAt(i);
 	return bytes;
 }
+/**
+* Encodes an ArrayBuffer into a base64url string.
+* Converts binary data to base64 then replaces standard base64 characters with URL-safe ones:
+* + -> -
+* / -> _
+* Removes padding = characters
+*
+* Used for WebAuthn API compatibility in browser environments.
+* Equivalent to Buffer.from(value).toString('base64url') in Node.js.
+*
+* @param value - The ArrayBufferLike or ArrayBufferView to encode
+* @returns A base64url-encoded string without padding
+*/
+const base64UrlEncode = (value) => {
+	return base64Encode(value).replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, "");
+};
+/**
+* Decodes a base64url-encoded string into a Uint8Array.
+* Handles base64url format by replacing URL-safe characters and adding padding.
+*
+* @param base64Url - The base64url-encoded string to decode
+* @returns Uint8Array containing the decoded bytes
+* @throws Error if decoding fails due to invalid base64url input
+*/
+function base64UrlDecode(base64Url) {
+	const padding = "=".repeat((4 - base64Url.length % 4) % 4);
+	const base64 = base64Url.replace(/-/g, "+").replace(/_/g, "/") + padding;
+	const binaryString = atob(base64);
+	const bytes = new Uint8Array(binaryString.length);
+	for (let i = 0; i < binaryString.length; i++) bytes[i] = binaryString.charCodeAt(i);
+	return bytes;
+}
 //#endregion
 exports.base64Decode = base64Decode;
 exports.base64Encode = base64Encode;
+exports.base64UrlDecode = base64UrlDecode;
+exports.base64UrlEncode = base64UrlEncode;
 //# sourceMappingURL=base64.js.map

package/dist/cjs/server/sdk/src/utils/base64.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"base64.js","names":[],"sources":["../../../../../../src/utils/base64.ts"],"sourcesContent":["/*\n Encodes binary data to standard base64 format for NEAR RPC compatibility.\n * Uses standard base64 characters (+, /, =) rather than base64url encoding.\n \n Important: Avoids spreading large arrays into String.fromCharCode(...) which\n * can overflow the JS call stack when encoding big WASM binaries.\n \n @param value - ArrayBufferLike or ArrayBufferView containing the binary data to encode\n * @returns Standard base64-encoded string with padding\n /\nexport const base64Encode = (value: ArrayBufferLike \| ArrayBufferView): string => {\n const bytes = ArrayBuffer.isView(value)\n ? new Uint8Array(value.buffer, value.byteOffset, value.byteLength)\n : new Uint8Array(value);\n let binary = '';\n // Build the string incrementally to avoid exceeding the argument limit.\n for (let i = 0; i < bytes.length; i++) {\n binary += String.fromCharCode(bytes[i]);\n }\n return btoa(binary);\n}\n\n/\n Decodes a standard base64-encoded string into a Uint8Array.\n * Handles standard base64 format with +, /, and = characters.\n \n @param base64 - The base64-encoded string to decode\n * @returns Uint8Array containing the decoded bytes\n * @throws Error if decoding fails due to invalid base64 input\n /\nexport function base64Decode(base64: string): Uint8Array {\n const binaryString = atob(base64);\n const bytes = new Uint8Array(binaryString.length);\n for (let i = 0; i < binaryString.length; i++) {\n bytes[i] = binaryString.charCodeAt(i);\n }\n return bytes;\n}\n\n/\n Encodes an ArrayBuffer into a base64url string.\n * Converts binary data to base64 then replaces standard base64 characters with URL-safe ones:\n * + -> -\n * / -> _\n * Removes padding = characters\n \n Used for WebAuthn API compatibility in browser environments.\n * Equivalent to Buffer.from(value).toString('base64url') in Node.js.\n \n @param value - The ArrayBufferLike or ArrayBufferView to encode\n * @returns A base64url-encoded string without padding\n /\nexport const base64UrlEncode = (value: ArrayBufferLike \| ArrayBufferView): string => {\n return base64Encode(value)\n .replace(/\\+/g, \"-\")\n .replace(/\\//g, \"_\")\n .replace(/=/g, \"\");\n}\n\n/\n Decodes a base64url-encoded string into a Uint8Array.\n * Handles base64url format by replacing URL-safe characters and adding padding.\n \n @param base64Url - The base64url-encoded string to decode\n * @returns Uint8Array containing the decoded bytes\n * @throws Error if decoding fails due to invalid base64url input\n /\nexport function base64UrlDecode(base64Url: string): Uint8Array {\n const padding = '='.repeat((4 - (base64Url.length % 4)) % 4);\n const base64 = base64Url.replace(/-/g, '+').replace(/_/g, '/') + padding;\n const binaryString = atob(base64);\n const bytes = new Uint8Array(binaryString.length);\n for (let i = 0; i < binaryString.length; i++) {\n bytes[i] = binaryString.charCodeAt(i);\n }\n return bytes;\n}\n\n/\n Converts an ArrayBuffer or ArrayBufferLike object to a plain number array for WASM compatibility.\n * WASM bindings require plain number arrays rather than TypedArrays for memory safety and direct access.\n * The resulting array contains values from 0-255 representing raw bytes.\n \n @param buffer - The source buffer to convert, either ArrayBuffer or ArrayBufferLike\n * @returns A plain number[] array containing the buffer's bytes\n */\nexport const toWasmByteArray = (buffer: ArrayBuffer \| ArrayBufferLike): number[] => {\n return Array.from(new Uint8Array(buffer));\n}\n"],"mappings":";;;;;;;;;;;;AAUA,MAAa,gBAAgB,UAAqD;CAChF,MAAM,QAAQ,YAAY,OAAO,SAC7B,IAAI,WAAW,MAAM,QAAQ,MAAM,YAAY,MAAM,cACrD,IAAI,WAAW;CACnB,IAAI,SAAS;AAEb,MAAK,IAAI,IAAI,GAAG,IAAI,MAAM,QAAQ,IAChC,WAAU,OAAO,aAAa,MAAM;AAEtC,QAAO,KAAK;;;;;;;;;;AAWd,SAAgB,aAAa,QAA4B;CACvD,MAAM,eAAe,KAAK;CAC1B,MAAM,QAAQ,IAAI,WAAW,aAAa;AAC1C,MAAK,IAAI,IAAI,GAAG,IAAI,aAAa,QAAQ,IACvC,OAAM,KAAK,aAAa,WAAW;AAErC,QAAO"}
1	+ {"version":3,"file":"base64.js","names":[],"sources":["../../../../../../src/utils/base64.ts"],"sourcesContent":["/*\n Encodes binary data to standard base64 format for NEAR RPC compatibility.\n * Uses standard base64 characters (+, /, =) rather than base64url encoding.\n \n Important: Avoids spreading large arrays into String.fromCharCode(...) which\n * can overflow the JS call stack when encoding big WASM binaries.\n \n @param value - ArrayBufferLike or ArrayBufferView containing the binary data to encode\n * @returns Standard base64-encoded string with padding\n /\nexport const base64Encode = (value: ArrayBufferLike \| ArrayBufferView): string => {\n const bytes = ArrayBuffer.isView(value)\n ? new Uint8Array(value.buffer, value.byteOffset, value.byteLength)\n : new Uint8Array(value);\n let binary = '';\n // Build the string incrementally to avoid exceeding the argument limit.\n for (let i = 0; i < bytes.length; i++) {\n binary += String.fromCharCode(bytes[i]);\n }\n return btoa(binary);\n}\n\n/\n Decodes a standard base64-encoded string into a Uint8Array.\n * Handles standard base64 format with +, /, and = characters.\n \n @param base64 - The base64-encoded string to decode\n * @returns Uint8Array containing the decoded bytes\n * @throws Error if decoding fails due to invalid base64 input\n /\nexport function base64Decode(base64: string): Uint8Array {\n const binaryString = atob(base64);\n const bytes = new Uint8Array(binaryString.length);\n for (let i = 0; i < binaryString.length; i++) {\n bytes[i] = binaryString.charCodeAt(i);\n }\n return bytes;\n}\n\n/\n Encodes an ArrayBuffer into a base64url string.\n * Converts binary data to base64 then replaces standard base64 characters with URL-safe ones:\n * + -> -\n * / -> _\n * Removes padding = characters\n \n Used for WebAuthn API compatibility in browser environments.\n * Equivalent to Buffer.from(value).toString('base64url') in Node.js.\n \n @param value - The ArrayBufferLike or ArrayBufferView to encode\n * @returns A base64url-encoded string without padding\n /\nexport const base64UrlEncode = (value: ArrayBufferLike \| ArrayBufferView): string => {\n return base64Encode(value)\n .replace(/\\+/g, \"-\")\n .replace(/\\//g, \"_\")\n .replace(/=/g, \"\");\n}\n\n/\n Decodes a base64url-encoded string into a Uint8Array.\n * Handles base64url format by replacing URL-safe characters and adding padding.\n \n @param base64Url - The base64url-encoded string to decode\n * @returns Uint8Array containing the decoded bytes\n * @throws Error if decoding fails due to invalid base64url input\n /\nexport function base64UrlDecode(base64Url: string): Uint8Array {\n const padding = '='.repeat((4 - (base64Url.length % 4)) % 4);\n const base64 = base64Url.replace(/-/g, '+').replace(/_/g, '/') + padding;\n const binaryString = atob(base64);\n const bytes = new Uint8Array(binaryString.length);\n for (let i = 0; i < binaryString.length; i++) {\n bytes[i] = binaryString.charCodeAt(i);\n }\n return bytes;\n}\n\n/\n Converts an ArrayBuffer or ArrayBufferLike object to a plain number array for WASM compatibility.\n * WASM bindings require plain number arrays rather than TypedArrays for memory safety and direct access.\n * The resulting array contains values from 0-255 representing raw bytes.\n \n @param buffer - The source buffer to convert, either ArrayBuffer or ArrayBufferLike\n * @returns A plain number[] array containing the buffer's bytes\n */\nexport const toWasmByteArray = (buffer: ArrayBuffer \| ArrayBufferLike): number[] => {\n return Array.from(new Uint8Array(buffer));\n}\n"],"mappings":";;;;;;;;;;;;AAUA,MAAa,gBAAgB,UAAqD;CAChF,MAAM,QAAQ,YAAY,OAAO,SAC7B,IAAI,WAAW,MAAM,QAAQ,MAAM,YAAY,MAAM,cACrD,IAAI,WAAW;CACnB,IAAI,SAAS;AAEb,MAAK,IAAI,IAAI,GAAG,IAAI,MAAM,QAAQ,IAChC,WAAU,OAAO,aAAa,MAAM;AAEtC,QAAO,KAAK;;;;;;;;;;AAWd,SAAgB,aAAa,QAA4B;CACvD,MAAM,eAAe,KAAK;CAC1B,MAAM,QAAQ,IAAI,WAAW,aAAa;AAC1C,MAAK,IAAI,IAAI,GAAG,IAAI,aAAa,QAAQ,IACvC,OAAM,KAAK,aAAa,WAAW;AAErC,QAAO;;;;;;;;;;;;;;;AAgBT,MAAa,mBAAmB,UAAqD;AACnF,QAAO,aAAa,OACjB,QAAQ,OAAO,KACf,QAAQ,OAAO,KACf,QAAQ,MAAM;;;;;;;;;;AAWnB,SAAgB,gBAAgB,WAA+B;CAC7D,MAAM,UAAU,IAAI,QAAQ,IAAK,UAAU,SAAS,KAAM;CAC1D,MAAM,SAAS,UAAU,QAAQ,MAAM,KAAK,QAAQ,MAAM,OAAO;CACjE,MAAM,eAAe,KAAK;CAC1B,MAAM,QAAQ,IAAI,WAAW,aAAa;AAC1C,MAAK,IAAI,IAAI,GAAG,IAAI,aAAa,QAAQ,IACvC,OAAM,KAAK,aAAa,WAAW;AAErC,QAAO"}

package/dist/cjs/server/sdk/src/utils/digests.js ADDED Viewed

@@ -0,0 +1,28 @@
+//#region src/utils/digests.ts
+function isRecord(value) {
+	return value !== null && typeof value === "object" && !Array.isArray(value);
+}
+function alphabetizeStringify(input) {
+	const normalizeValue = (value) => {
+		if (Array.isArray(value)) return value.map(normalizeValue);
+		if (isRecord(value)) {
+			const sortedKeys = Object.keys(value).sort();
+			const result = {};
+			for (const key of sortedKeys) result[key] = normalizeValue(value[key]);
+			return result;
+		}
+		return value;
+	};
+	return JSON.stringify(normalizeValue(input));
+}
+async function sha256BytesUtf8(input) {
+	const data = new TextEncoder().encode(input);
+	const digest = await crypto.subtle.digest("SHA-256", data);
+	return new Uint8Array(digest);
+}
+//#endregion
+exports.alphabetizeStringify = alphabetizeStringify;
+exports.sha256BytesUtf8 = sha256BytesUtf8;
+//# sourceMappingURL=digests.js.map

package/dist/cjs/server/sdk/src/utils/digests.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"digests.js","names":["result: Record<string, unknown>"],"sources":["../../../../../../src/utils/digests.ts"],"sourcesContent":["// Shared digest primitives used across browser + server code.\n//\n// These helpers deliberately stay small and dependency-free so they can be used from:\n// - UI/VRF binding (WebAuthnManager)\n// - Relayer/server-side verification (threshold validation)\n\nfunction isRecord(value: unknown): value is Record<string, unknown> {\n return value !== null && typeof value === 'object' && !Array.isArray(value);\n}\n\n// Deterministic stringify by alphabetizing object keys recursively.\n// Arrays preserve order; only keys within objects are sorted.\nexport function alphabetizeStringify(input: unknown): string {\n const normalizeValue = (value: unknown): unknown => {\n if (Array.isArray(value)) {\n return value.map(normalizeValue);\n }\n if (isRecord(value)) {\n const sortedKeys = Object.keys(value).sort();\n const result: Record<string, unknown> = {};\n for (const key of sortedKeys) {\n result[key] = normalizeValue(value[key]);\n }\n return result;\n }\n return value;\n };\n\n return JSON.stringify(normalizeValue(input));\n}\n\nexport async function sha256BytesUtf8(input: string): Promise<Uint8Array> {\n const data = new TextEncoder().encode(input);\n const digest = await crypto.subtle.digest('SHA-256', data);\n return new Uint8Array(digest);\n}\n\n"],"mappings":";;AAMA,SAAS,SAAS,OAAkD;AAClE,QAAO,UAAU,QAAQ,OAAO,UAAU,YAAY,CAAC,MAAM,QAAQ;;AAKvE,SAAgB,qBAAqB,OAAwB;CAC3D,MAAM,kBAAkB,UAA4B;AAClD,MAAI,MAAM,QAAQ,OAChB,QAAO,MAAM,IAAI;AAEnB,MAAI,SAAS,QAAQ;GACnB,MAAM,aAAa,OAAO,KAAK,OAAO;GACtC,MAAMA,SAAkC;AACxC,QAAK,MAAM,OAAO,WAChB,QAAO,OAAO,eAAe,MAAM;AAErC,UAAO;;AAET,SAAO;;AAGT,QAAO,KAAK,UAAU,eAAe;;AAGvC,eAAsB,gBAAgB,OAAoC;CACxE,MAAM,OAAO,IAAI,cAAc,OAAO;CACtC,MAAM,SAAS,MAAM,OAAO,OAAO,OAAO,WAAW;AACrD,QAAO,IAAI,WAAW"}

package/dist/cjs/server/sdk/src/utils/errors.js CHANGED Viewed

@@ -16,7 +16,25 @@ function errorMessage(err) {
 		return "";
 	}
 }
+/**
+* Normalize any thrown value into an Error instance.
+* - preserves message/name/stack when available
+* - best-effort copies optional code/details properties if present
+*/
+function toError(e) {
+	if (e instanceof Error) return e;
+	const err = new Error(errorMessage(e));
+	try {
+		const src = e;
+		if (typeof src?.name === "string") err.name = src.name;
+		if (typeof src?.stack === "string") err.stack = src.stack;
+		if (src && typeof src.code !== "undefined") err.code = src.code;
+		if (src && typeof src.details !== "undefined") err.details = src.details;
+	} catch {}
+	return err;
+}
 //#endregion
 exports.errorMessage = errorMessage;
+exports.toError = toError;
 //# sourceMappingURL=errors.js.map