@thru/programs 0.2.25 → 0.2.28

package/src/passkey-manager/validate.test.ts

@@ -2,7 +2,14 @@ import { createHash } from 'node:crypto';
 import { describe, expect, it } from 'vitest';
 import { encodeAddress } from '@thru/sdk/helpers';
 import { createValidateChallenge } from './challenge';
+import { parseWalletAuthorities } from './accounts';
+import { LONG_LIVED_AUTHORITY_EXPIRY_SECONDS } from './constants';
 import { encodeAddAuthorityInstruction } from './instructions/add-authority';
+import {
+  buildAuthorityRecord,
+  createAuthorityRecord,
+  createSessionAuthorityRecord,
+} from './instructions/create';
 import { encodeRemoveAuthorityInstruction } from './instructions/remove-authority';
 import { encodeValidateInstruction } from './instructions/validate';
 import {
@@ -133,16 +140,17 @@ describe('passkey manager validate helpers', () => {
   it('encodes wallet indexes in add/remove authority instructions', () => {
     const add = encodeAddAuthorityInstruction({
       walletAccountIdx: 0x1234,
-      authority: {
+      authorityRecord: createAuthorityRecord({
         tag: 1,
         pubkeyX: bytes(0x01, 32),
         pubkeyY: bytes(0x02, 32),
-      },
+      }),
     });
     expect(add[0]).toBe(0x04);
     expect(add.slice(1, 3)).toEqual(u16le(0x1234));
     expect(add[3]).toBe(1);
-    expect(add.length).toBe(68);
+    expect(add.slice(68, 76)).toEqual(u64le(LONG_LIVED_AUTHORITY_EXPIRY_SECONDS));
+    expect(add.length).toBe(76);
 
     const remove = encodeRemoveAuthorityInstruction({
       walletAccountIdx: 0x1234,
@@ -151,6 +159,66 @@ describe('passkey manager validate helpers', () => {
     expect(remove).toEqual(new Uint8Array([0x05, 0x34, 0x12, 0x09]));
   });
 
+  it('encodes and parses authority records with expiry seconds', () => {
+    const passkeyRecord = createAuthorityRecord({
+      tag: 1,
+      pubkeyX: bytes(0x01, 32),
+      pubkeyY: bytes(0x02, 32),
+    });
+    const sessionRecord = createSessionAuthorityRecord({
+      pubkey: bytes(0x03, 32),
+      expiresAtBlockTimeSeconds: 1234n,
+    });
+
+    const encodedSession = buildAuthorityRecord(sessionRecord);
+    expect(encodedSession.length).toBe(73);
+    expect(encodedSession[0]).toBe(2);
+    expect(encodedSession.slice(1, 33)).toEqual(bytes(0x03, 32));
+    expect(encodedSession.slice(33, 65)).toEqual(bytes(0x00, 32));
+    expect(encodedSession.slice(65, 73)).toEqual(u64le(1234n));
+
+    const walletData = concat([
+      new Uint8Array([1]),
+      u64le(9n),
+      buildAuthorityRecord(passkeyRecord),
+      encodedSession,
+    ]);
+    const parsed = parseWalletAuthorities(walletData);
+    expect(parsed.nonce).toBe(9n);
+    expect(parsed.authorities).toHaveLength(2);
+    expect(parsed.authorities[0]?.expiresAtBlockTimeSeconds).toBe(
+      LONG_LIVED_AUTHORITY_EXPIRY_SECONDS
+    );
+    expect(parsed.authorities[1]).toMatchObject({
+      idx: 1,
+      kind: 'pubkey',
+      expiresAtBlockTimeSeconds: 1234n,
+    });
+  });
+
+  it('bounds authority record expiry seconds to u64', () => {
+    const u64Max = 0xffffffffffffffffn;
+    const pubkey = bytes(0x03, 32);
+
+    expect(() =>
+      buildAuthorityRecord(
+        createSessionAuthorityRecord({
+          pubkey,
+          expiresAtBlockTimeSeconds: u64Max,
+        })
+      )
+    ).not.toThrow();
+
+    expect(() =>
+      buildAuthorityRecord(
+        createSessionAuthorityRecord({
+          pubkey,
+          expiresAtBlockTimeSeconds: u64Max + 1n,
+        })
+      )
+    ).toThrow('expiresAtBlockTimeSeconds must fit in u64');
+  });
+
   it('encodes multicall instructions with the known program address', () => {
     expect(MULTICALL_PROGRAM_ADDRESS).toBe(
       'taAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAkJ'