@terminal3/t3n-sdk 0.7.0 → 0.8.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.d.ts +95 -4
- package/dist/index.esm.js +1 -1
- package/dist/index.js +1 -1
- package/dist/src/config/index.d.ts +36 -2
- package/dist/src/index.d.ts +2 -2
- package/dist/src/wasm/quote-verifier/quote_verifier_bytes.d.ts +1 -0
- package/dist/src/wasm/quote-verifier-loader.d.ts +58 -0
- package/package.json +1 -1
|
@@ -12,6 +12,18 @@ import type { SdkConfig, Environment } from "./types";
|
|
|
12
12
|
* or by passing `baseUrl` to `T3nClient`.
|
|
13
13
|
*/
|
|
14
14
|
export declare const NODE_URLS: Record<Environment, string>;
|
|
15
|
+
/** DKG attestation bundle from the cluster. */
|
|
16
|
+
export interface DkgAttestation {
|
|
17
|
+
/** Sorted base58 peer IDs that participated in DKG. */
|
|
18
|
+
peer_ids: string[];
|
|
19
|
+
/** Per-node TDX quotes keyed by base58 peer ID (base64-encoded). */
|
|
20
|
+
quotes: Record<string, string>;
|
|
21
|
+
/**
|
|
22
|
+
* Base64-encoded raw attestation message: `encaps_key || sorted_peer_ids`.
|
|
23
|
+
* Each quote's `report_data` is `keccak512(attestation_msg)`.
|
|
24
|
+
*/
|
|
25
|
+
attestation_msg: string;
|
|
26
|
+
}
|
|
15
27
|
/**
|
|
16
28
|
* Set the active environment. Clears any previous URL override and the key
|
|
17
29
|
* cache so the next fetch uses the new environment's default URL.
|
|
@@ -32,10 +44,30 @@ export declare function setNodeUrl(url: string | null): void;
|
|
|
32
44
|
/** Resolve the active node URL: explicit `baseUrl` > override > env default. */
|
|
33
45
|
export declare function getNodeUrl(baseUrl?: string): string;
|
|
34
46
|
/**
|
|
35
|
-
* Fetch the ML-KEM root public key from `${nodeUrl}/status`. Cached
|
|
36
|
-
*
|
|
47
|
+
* Fetch the ML-KEM root public key from `${nodeUrl}/status`. Cached
|
|
48
|
+
* per URL because the key is stable for the cluster's lifetime (a
|
|
49
|
+
* new DKG means a full redeploy; callers clear the cache via
|
|
50
|
+
* `clearKeyCache()` or `setNodeUrl()` in that case).
|
|
51
|
+
*
|
|
52
|
+
* Returns only the base64-encoded key. For the DKG attestation
|
|
53
|
+
* bundle (which changes over time as peer quotes replicate via
|
|
54
|
+
* Raft), call `fetchDkgAttestation()` \u2014 that path is
|
|
55
|
+
* intentionally uncached.
|
|
37
56
|
*/
|
|
38
57
|
export declare function fetchMlKemPublicKey(baseUrl?: string): Promise<string>;
|
|
58
|
+
/**
|
|
59
|
+
* Fetch the DKG attestation bundle from `${nodeUrl}/status`. Never
|
|
60
|
+
* cached \u2014 peer quotes are written to consensus KV asynchronously
|
|
61
|
+
* during cluster bootstrap, so early reads may see a subset of the
|
|
62
|
+
* expected quotes. Caching would pin an incomplete bundle and cause
|
|
63
|
+
* spurious `valid_count < expected_count` failures in
|
|
64
|
+
* `verifyDkgAttestation()` for the whole process lifetime.
|
|
65
|
+
*
|
|
66
|
+
* Returns `undefined` when the node has not yet published an
|
|
67
|
+
* attestation (e.g. still bootstrapping, or running with a mock
|
|
68
|
+
* signer where attestation is skipped by design).
|
|
69
|
+
*/
|
|
70
|
+
export declare function fetchDkgAttestation(baseUrl?: string): Promise<DkgAttestation | undefined>;
|
|
39
71
|
/** Clear the cached ML-KEM public keys. Useful in tests. */
|
|
40
72
|
export declare function clearKeyCache(): void;
|
|
41
73
|
/**
|
|
@@ -44,5 +76,7 @@ export declare function clearKeyCache(): void;
|
|
|
44
76
|
* `fetchMlKemPublicKey()`.
|
|
45
77
|
*/
|
|
46
78
|
export declare function loadConfig(baseUrl?: string): SdkConfig;
|
|
79
|
+
export { verifyTdxQuote, verifyDkgAttestation } from "../wasm/quote-verifier-loader";
|
|
80
|
+
export type { QuoteVerifyResult, DkgVerifyResult, PeerQuoteResult, } from "../wasm/quote-verifier-loader";
|
|
47
81
|
export type { SdkConfig, Environment, ConfigValidationResult } from "./types";
|
|
48
82
|
export { validateConfig } from "./loader";
|
package/dist/src/index.d.ts
CHANGED
|
@@ -19,5 +19,5 @@ export type { WasmComponent, ClientHandshake, ClientAuth, SessionCrypto, WasmNex
|
|
|
19
19
|
export { loadWasmComponent } from "./wasm";
|
|
20
20
|
export { generateRandomString, generateUUID, getScriptVersion, stringToBytes, bytesToString, redactSecrets, redactSecretsFromJson, } from "./utils";
|
|
21
21
|
export { T3nError, SessionStateError, AuthenticationError, HandshakeError, RpcError, WasmError, decodeWasmErrorMessage, extractWasmError, } from "./utils/errors";
|
|
22
|
-
export type { SdkConfig, Environment, ConfigValidationResult } from "./config";
|
|
23
|
-
export { loadConfig, fetchMlKemPublicKey, clearKeyCache, getEnvironmentName, getEnvironment, setEnvironment, setNodeUrl, getNodeUrl, NODE_URLS, validateConfig, } from "./config";
|
|
22
|
+
export type { SdkConfig, Environment, ConfigValidationResult, DkgAttestation, QuoteVerifyResult, DkgVerifyResult, PeerQuoteResult, } from "./config";
|
|
23
|
+
export { loadConfig, fetchMlKemPublicKey, fetchDkgAttestation, verifyTdxQuote, verifyDkgAttestation, clearKeyCache, getEnvironmentName, getEnvironment, setEnvironment, setNodeUrl, getNodeUrl, NODE_URLS, validateConfig, } from "./config";
|