@terminal3/t3n-sdk 0.14.0 → 1.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.d.ts +74 -0
- package/dist/index.esm.js +1 -1
- package/dist/index.js +1 -1
- package/dist/src/client/t3n-client.d.ts +74 -0
- package/package.json +1 -1
|
@@ -108,6 +108,80 @@ export declare class T3nClient {
|
|
|
108
108
|
* @throws {ContractResponseError} when the response is not valid JSON
|
|
109
109
|
*/
|
|
110
110
|
executeAndDecode<T = unknown>(payload: unknown, schema?: ContractResponseSchema<T>): Promise<T>;
|
|
111
|
+
/**
|
|
112
|
+
* Return the authenticated user's Ethereum address from their
|
|
113
|
+
* T3N-hosted per-user wallet, as a 0x-prefixed lowercase hex string.
|
|
114
|
+
* Returns `null` if the user has no wallet yet (pre-backfill edge
|
|
115
|
+
* case — `tee:user` has not yet been migrated for this DID).
|
|
116
|
+
*
|
|
117
|
+
* Backed by the `tee:user/get-self-eth-address` contract function,
|
|
118
|
+
* which delegates to the signing host's `get-user-eth-address`
|
|
119
|
+
* primitive (T3-TS-027 §7.1). The request carries no body; the
|
|
120
|
+
* authenticated user's DID is read from session context by the host.
|
|
121
|
+
*
|
|
122
|
+
* Requires the session to be Authenticated (same precondition as
|
|
123
|
+
* {@link execute}).
|
|
124
|
+
*
|
|
125
|
+
* @throws if unauthenticated, if the node rejects the action, or if
|
|
126
|
+
* the response is not a JSON string / `null`.
|
|
127
|
+
*/
|
|
128
|
+
getSelfEthAddress(): Promise<string | null>;
|
|
129
|
+
/**
|
|
130
|
+
* Enumerate every wallet the authenticated user currently controls
|
|
131
|
+
* under T3-TS-028 multi-wallet custody.
|
|
132
|
+
*
|
|
133
|
+
* `primary` is the identity-bearing wallet — same address
|
|
134
|
+
* {@link getSelfEthAddress} returns, same address the host signs
|
|
135
|
+
* with under `sign-as-user`. `secondary` is an insertion-ordered
|
|
136
|
+
* list of archival wallets absorbed through prior
|
|
137
|
+
* {@link mergeProfiles} calls (most recent last); these are signable
|
|
138
|
+
* only via an explicit sign-with-wallet flow — never ambient.
|
|
139
|
+
*
|
|
140
|
+
* Backed by `tee:user/list-user-wallets` which delegates to the
|
|
141
|
+
* signing host's `list-user-wallets` primitive. See T3-TS-028 §7.1.
|
|
142
|
+
*
|
|
143
|
+
* @throws if unauthenticated, if the node rejects the action, or if
|
|
144
|
+
* the response shape is unexpected.
|
|
145
|
+
*/
|
|
146
|
+
listUserWallets(): Promise<{
|
|
147
|
+
primary: string;
|
|
148
|
+
secondary: string[];
|
|
149
|
+
}>;
|
|
150
|
+
/**
|
|
151
|
+
* Return the ownership audit trail for a specific wallet address.
|
|
152
|
+
*
|
|
153
|
+
* The response is an array of `AuditEntry` objects (newest last)
|
|
154
|
+
* describing every DID that has owned the wallet: `Created` at DID
|
|
155
|
+
* creation, `MergedFrom { source_did }` for every merge that pulled
|
|
156
|
+
* this wallet onto a new owner, `Abandoned` if
|
|
157
|
+
* {@link removeUserWithWalletAbandonment} was called on the last
|
|
158
|
+
* owner. Public-safe data: DIDs + timestamps + reason codes only,
|
|
159
|
+
* no key material or PII. See T3-TS-028 §4.1.
|
|
160
|
+
*
|
|
161
|
+
* @param walletAddress 0x-prefixed 40-char hex Ethereum address.
|
|
162
|
+
* @throws if the node rejects the action or if the response is not
|
|
163
|
+
* a JSON array.
|
|
164
|
+
*/
|
|
165
|
+
getWalletHistory(walletAddress: string): Promise<unknown[]>;
|
|
166
|
+
/**
|
|
167
|
+
* Remove the authenticated user's account AND explicitly abandon
|
|
168
|
+
* any wallets. Writes `Abandoned` audit rows to wallet history,
|
|
169
|
+
* clears the DID's wallet index, then runs the usual user-removal
|
|
170
|
+
* cleanup (profile, authenticators, VCs, attribution).
|
|
171
|
+
*
|
|
172
|
+
* `wallet_secrets[*]` is NOT deleted — key material stays preserved
|
|
173
|
+
* in the TEE but becomes unreachable from any DID. This path
|
|
174
|
+
* exists as an opt-in alternative to {@link removeUser}, which
|
|
175
|
+
* refuses when the DID owns wallets. Callers must sweep funds
|
|
176
|
+
* off-chain BEFORE calling this if they want to retain access —
|
|
177
|
+
* the host does not reconcile balances. See T3-TS-028 §6.2.
|
|
178
|
+
*
|
|
179
|
+
* Requires the session to be Authenticated (SelfOnly delegation).
|
|
180
|
+
*
|
|
181
|
+
* @throws if unauthenticated, if the node rejects the action, or if
|
|
182
|
+
* the response cannot be decoded.
|
|
183
|
+
*/
|
|
184
|
+
removeUserWithWalletAbandonment(): Promise<unknown>;
|
|
111
185
|
/**
|
|
112
186
|
* The server-minted session ID once handshake has completed, or
|
|
113
187
|
* `null` beforehand (pentest M-1 / MAT-983).
|