@tinycloud/cli 0.6.0-beta.1 → 0.6.0-beta.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/README.md +1 -1
  2. package/dist/index.js +49 -21
  3. package/dist/index.js.map +1 -1
  4. package/package.json +2 -2
package/README.md CHANGED
@@ -71,7 +71,7 @@ tc delegation create --to did:pkh:eip155:1:0x...
71
71
 
72
72
  Secret names are env-style uppercase identifiers such as `FIREFLIES_API_KEY`.
73
73
  `tc secrets network show` accepts either a short network name or a full
74
- `urn:tinycloud:encryption:<principal>:<network>` identifier. `tc secrets
74
+ `urn:tinycloud:encryption:<ownerDid>:<network>` identifier. `tc secrets
75
75
  network grant` takes the short name, resolves the network, and grants
76
76
  `tinycloud.encryption/decrypt`.
77
77
 
package/dist/index.js CHANGED
@@ -549,7 +549,7 @@ var ProfileManager = class _ProfileManager {
549
549
 
550
550
  // src/auth/local-key.ts
551
551
  import { TCWSessionManager, importKey, initPanicHook } from "@tinycloud/node-sdk-wasm";
552
- import { PrivateKeySigner } from "@tinycloud/node-sdk";
552
+ import { PrivateKeySigner, pkhDid } from "@tinycloud/node-sdk";
553
553
  import { randomBytes } from "crypto";
554
554
  var wasmInitialized = false;
555
555
  function ensureWasm() {
@@ -583,7 +583,7 @@ async function deriveAddress(privateKey) {
583
583
  return signer.getAddress();
584
584
  }
585
585
  function addressToDID(address, chainId = 1) {
586
- return `did:pkh:eip155:${chainId}:${address}`;
586
+ return pkhDid(address, chainId);
587
587
  }
588
588
  async function generateLocalIdentity(chainId = 1) {
589
589
  const privateKey = generateEthereumPrivateKey();
@@ -843,7 +843,7 @@ function registerInitCommand(program2) {
843
843
  await ProfileManager.setProfile(profileName, {
844
844
  ...profileConfig,
845
845
  spaceId: delegationData.spaceId,
846
- primaryDid: delegationData.primaryDid
846
+ ownerDid: delegationData.ownerDid
847
847
  });
848
848
  outputJson({
849
849
  profile: profileName,
@@ -903,13 +903,22 @@ import {
903
903
  } from "@tinycloud/node-sdk";
904
904
 
905
905
  // src/lib/space.ts
906
+ import {
907
+ buildSpaceUri,
908
+ canonicalizeAddress,
909
+ makePkhSpaceId,
910
+ parsePkhDid,
911
+ parseSpaceUri
912
+ } from "@tinycloud/node-sdk";
906
913
  function resolveAddress(profile, session) {
907
914
  const sessAddr = session?.address;
908
- if (typeof sessAddr === "string" && sessAddr.length > 0) return sessAddr;
909
- if (profile.address) return profile.address;
910
- if (profile.primaryDid) {
911
- const match = profile.primaryDid.match(/^did:pkh:eip155:\d+:(0x[a-fA-F0-9]{40})$/);
912
- if (match) return match[1];
915
+ if (typeof sessAddr === "string" && sessAddr.length > 0) {
916
+ return canonicalizeAddress(sessAddr);
917
+ }
918
+ if (profile.address) return canonicalizeAddress(profile.address);
919
+ if (profile.ownerDid) {
920
+ const pkh = parsePkhDid(profile.ownerDid);
921
+ if (pkh) return pkh.address;
913
922
  }
914
923
  throw new CLIError(
915
924
  "ADDRESS_UNKNOWN",
@@ -924,7 +933,17 @@ function resolveChainId(profile, session) {
924
933
  }
925
934
  async function resolveSpaceUri(input, profileName) {
926
935
  if (!input) return void 0;
927
- if (input.startsWith("tinycloud:")) return input;
936
+ if (input.startsWith("tinycloud:")) {
937
+ const parsed = parseSpaceUri(input);
938
+ if (!parsed) {
939
+ throw new CLIError(
940
+ "INVALID_SPACE",
941
+ `Invalid --space "${input}". Use a short name ([A-Za-z0-9_-]) or a full tinycloud:... URI.`,
942
+ ExitCode.USAGE_ERROR
943
+ );
944
+ }
945
+ return buildSpaceUri(parsed.owner, parsed.name);
946
+ }
928
947
  if (!/^[A-Za-z0-9_-]+$/.test(input)) {
929
948
  throw new CLIError(
930
949
  "INVALID_SPACE",
@@ -936,7 +955,7 @@ async function resolveSpaceUri(input, profileName) {
936
955
  const session = await ProfileManager.getSession(profileName);
937
956
  const address = resolveAddress(profile, session);
938
957
  const chainId = resolveChainId(profile, session);
939
- return `tinycloud:pkh:eip155:${chainId}:${address}:${input}`;
958
+ return makePkhSpaceId(address, chainId, input);
940
959
  }
941
960
 
942
961
  // src/lib/permissions.ts
@@ -959,8 +978,8 @@ function createPermissionRequestArtifact(params) {
959
978
  posture: resolveProfilePosture(params.profile),
960
979
  operatorType: resolveProfileOperatorType(params.profile),
961
980
  host: params.host,
962
- did: didWithoutFragment(params.profile.sessionDid ?? params.profile.did),
963
- primaryDid: params.profile.primaryDid,
981
+ sessionDid: didWithoutFragment(params.profile.sessionDid ?? params.profile.did),
982
+ ownerDid: params.profile.ownerDid,
964
983
  spaceId: params.profile.spaceId,
965
984
  requestedExpiry: params.requestedExpiry,
966
985
  requested: params.requested,
@@ -1382,7 +1401,7 @@ function registerAuthCommand(program2) {
1382
1401
  authenticated,
1383
1402
  did: profile?.did ?? null,
1384
1403
  sessionDid: profile?.sessionDid ?? null,
1385
- primaryDid: profile?.primaryDid ?? null,
1404
+ ownerDid: profile?.ownerDid ?? null,
1386
1405
  spaceId: profile?.spaceId ?? null,
1387
1406
  host: ctx.host,
1388
1407
  profile: ctx.profile,
@@ -1402,7 +1421,7 @@ function registerAuthCommand(program2) {
1402
1421
  process.stdout.write(formatField("Host", ctx.host) + "\n");
1403
1422
  process.stdout.write(formatField("DID", profile?.did ?? null) + "\n");
1404
1423
  process.stdout.write(formatField("Session DID", profile?.sessionDid ?? null) + "\n");
1405
- process.stdout.write(formatField("Primary DID", profile?.primaryDid ?? null) + "\n");
1424
+ process.stdout.write(formatField("Owner DID", profile?.ownerDid ?? null) + "\n");
1406
1425
  process.stdout.write(formatField("Address", profile?.address ?? null) + "\n");
1407
1426
  process.stdout.write(formatField("Space ID", profile?.spaceId ?? null) + "\n");
1408
1427
  process.stdout.write(formatField("Has Key", hasKey !== null) + "\n");
@@ -1603,7 +1622,7 @@ function registerAuthCommand(program2) {
1603
1622
  yes: options.yes === true
1604
1623
  });
1605
1624
  const result = await node.delegateTo(
1606
- parsed.did,
1625
+ parsed.sessionDid,
1607
1626
  parsed.requested,
1608
1627
  parsed.requestedExpiry !== void 0 ? { expiry: parsed.requestedExpiry } : void 0
1609
1628
  );
@@ -1735,7 +1754,7 @@ function registerAuthCommand(program2) {
1735
1754
  profile: ctx.profile,
1736
1755
  did: profile.did,
1737
1756
  sessionDid: profile.sessionDid ?? null,
1738
- primaryDid: profile.primaryDid ?? null,
1757
+ ownerDid: profile.ownerDid ?? null,
1739
1758
  spaceId: profile.spaceId ?? null,
1740
1759
  host: profile.host,
1741
1760
  authenticated,
@@ -1749,7 +1768,7 @@ function registerAuthCommand(program2) {
1749
1768
  process.stdout.write(formatField("Profile", ctx.profile) + "\n");
1750
1769
  process.stdout.write(formatField("DID", profile.did) + "\n");
1751
1770
  process.stdout.write(formatField("Session DID", profile.sessionDid ?? null) + "\n");
1752
- process.stdout.write(formatField("Primary DID", profile.primaryDid ?? null) + "\n");
1771
+ process.stdout.write(formatField("Owner DID", profile.ownerDid ?? null) + "\n");
1753
1772
  process.stdout.write(formatField("Auth Method", profile.authMethod ?? null) + "\n");
1754
1773
  process.stdout.write(formatField("Posture", posture) + "\n");
1755
1774
  process.stdout.write(formatField("Operator", operatorType) + "\n");
@@ -2133,7 +2152,7 @@ async function handleLocalAuth(profileName, host) {
2133
2152
  spaceName: "default",
2134
2153
  did,
2135
2154
  sessionDid,
2136
- primaryDid: did,
2155
+ ownerDid: did,
2137
2156
  spaceId: sessionResult.spaceId,
2138
2157
  createdAt: profile?.createdAt ?? (/* @__PURE__ */ new Date()).toISOString(),
2139
2158
  posture: profile?.posture ?? "local-owner-key",
@@ -2178,7 +2197,7 @@ async function handleOpenKeyAuth(profileName, host, paste) {
2178
2197
  };
2179
2198
  if (delegationData.spaceId) {
2180
2199
  updatedProfile.spaceId = delegationData.spaceId;
2181
- updatedProfile.primaryDid = delegationData.primaryDid;
2200
+ updatedProfile.ownerDid = delegationData.ownerDid;
2182
2201
  }
2183
2202
  await ProfileManager.setProfile(profileName, updatedProfile);
2184
2203
  outputJson({
@@ -2452,6 +2471,15 @@ function parseExpiry(input) {
2452
2471
  }
2453
2472
 
2454
2473
  // src/commands/delegation.ts
2474
+ import { principalDidEquals } from "@tinycloud/node-sdk";
2475
+ function didMatches(actual, expected) {
2476
+ if (!actual) return false;
2477
+ try {
2478
+ return principalDidEquals(actual, expected);
2479
+ } catch {
2480
+ return actual === expected;
2481
+ }
2482
+ }
2455
2483
  function registerDelegationCommand(program2) {
2456
2484
  const delegation = program2.command("delegation").description("Manage delegations");
2457
2485
  delegation.command("create").description("Create a delegation").requiredOption("--to <did>", "Recipient DID").requiredOption("--path <path>", "KV path scope").requiredOption("--actions <actions>", "Comma-separated actions (e.g., kv/get,kv/list)").option("--expiry <duration>", "Expiry duration (e.g., 1h, 7d, ISO date)", "1h").action(async (options, cmd) => {
@@ -2496,10 +2524,10 @@ function registerDelegationCommand(program2) {
2496
2524
  let delegations = result.data;
2497
2525
  if (options.granted) {
2498
2526
  const myDid = node.did;
2499
- delegations = delegations.filter((d) => d.delegatorDID === myDid);
2527
+ delegations = delegations.filter((d) => didMatches(d.delegatorDID, myDid));
2500
2528
  } else if (options.received) {
2501
2529
  const myDid = node.did;
2502
- delegations = delegations.filter((d) => d.delegateDID === myDid || d.delegateDID?.includes(myDid));
2530
+ delegations = delegations.filter((d) => didMatches(d.delegateDID, myDid));
2503
2531
  }
2504
2532
  outputJson({
2505
2533
  delegations: delegations.map((d) => ({