npm - @tinycloud/node-sdk - Versions diffs - 2.3.0-beta.2 → 2.3.0-beta.4 - Mend

@tinycloud/node-sdk 2.3.0-beta.2 → 2.3.0-beta.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (15) hide show

package/dist/{core-CWdCZ8q6.d.cts → core-CNyXnUx9.d.cts} +0 -1
package/dist/{core-CWdCZ8q6.d.ts → core-CNyXnUx9.d.ts} +0 -1
package/dist/core.cjs +70 -38
package/dist/core.cjs.map +1 -1
package/dist/core.d.cts +2 -2
package/dist/core.d.ts +2 -2
package/dist/core.js +84 -42
package/dist/core.js.map +1 -1
package/dist/index.cjs +70 -38
package/dist/index.cjs.map +1 -1
package/dist/index.d.cts +2 -2
package/dist/index.d.ts +2 -2
package/dist/index.js +79 -41
package/dist/index.js.map +1 -1
package/package.json +2 -2

package/dist/index.cjs CHANGED Viewed

@@ -17053,6 +17053,7 @@ __export(index_exports, {
   EncryptionService: () => import_sdk_core14.EncryptionService,
   FileSessionStorage: () => FileSessionStorage,
   HooksService: () => import_sdk_core15.HooksService,
+  IdentityParseError: () => import_sdk_core8.IdentityParseError,
   KVService: () => import_sdk_core10.KVService,
   ManifestValidationError: () => import_sdk_core9.ManifestValidationError,
   MemorySessionStorage: () => MemorySessionStorage,
@@ -17083,6 +17084,7 @@ __export(index_exports, {
   VaultPublicSpaceKVActions: () => import_sdk_core13.VaultPublicSpaceKVActions,
   VersionCheckError: () => import_sdk_core19.VersionCheckError,
   WasmKeyProvider: () => WasmKeyProvider,
+  addressStorageKey: () => import_sdk_core8.addressStorageKey,
   buildCanonicalDecryptRequest: () => import_sdk_core14.buildCanonicalDecryptRequest,
   buildDecryptAttenuation: () => import_sdk_core14.buildDecryptAttenuation,
   buildDecryptFacts: () => import_sdk_core14.buildDecryptFacts,
@@ -17091,7 +17093,11 @@ __export(index_exports, {
   buildSpaceUri: () => import_sdk_core18.buildSpaceUri,
   canonicalHashHex: () => import_sdk_core14.canonicalHashHex,
   canonicalSignedResponse: () => import_sdk_core14.canonicalSignedResponse,
+  canonicalizeAddress: () => import_sdk_core8.canonicalizeAddress,
+  canonicalizeDid: () => import_sdk_core8.canonicalizeDid,
+  canonicalizeDidUrl: () => import_sdk_core8.canonicalizeDidUrl,
   canonicalizeEncryptionJson: () => import_sdk_core14.canonicalizeEncryptionJson,
+  canonicalizeNetworkId: () => import_sdk_core8.canonicalizeNetworkId,
   canonicalizeSecretScope: () => import_sdk_core13.canonicalizeSecretScope,
   checkDecryptInvocationInput: () => import_sdk_core14.checkDecryptInvocationInput,
   checkNodeInfo: () => import_sdk_core19.checkNodeInfo,
@@ -17106,6 +17112,8 @@ __export(index_exports, {
   defaultSpaceCreationHandler: () => import_sdk_core8.defaultSpaceCreationHandler,
   deriveSignedReceiverKey: () => import_sdk_core14.deriveSignedReceiverKey,
   deserializeDelegation: () => deserializeDelegation,
+  didCacheKey: () => import_sdk_core8.didCacheKey,
+  didEquals: () => import_sdk_core8.didEquals,
   discoverNetwork: () => import_sdk_core14.discoverNetwork,
   encryptToNetwork: () => import_sdk_core14.encryptToNetwork,
   encryptionBase64Decode: () => import_sdk_core14.encryptionBase64Decode,
@@ -17121,14 +17129,21 @@ __export(index_exports, {
   hexDecode: () => import_sdk_core14.hexDecode,
   hexEncode: () => import_sdk_core14.hexEncode,
   isCapabilitySubset: () => import_sdk_core9.isCapabilitySubset,
+  isEvmAddress: () => import_sdk_core8.isEvmAddress,
   isNetworkId: () => import_sdk_core14.isNetworkId,
   loadManifest: () => import_sdk_core9.loadManifest,
+  makePkhSpaceId: () => import_sdk_core8.makePkhSpaceId,
   makePublicSpaceId: () => import_sdk_core18.makePublicSpaceId,
   networkDiscoveryKey: () => import_sdk_core14.networkDiscoveryKey,
   openWrappedKey: () => import_sdk_core14.openWrappedKey,
+  parseCanonicalNetworkId: () => import_sdk_core8.parseCanonicalNetworkId,
   parseExpiry: () => import_sdk_core9.parseExpiry,
   parseNetworkId: () => import_sdk_core14.parseNetworkId,
+  parsePkhDid: () => import_sdk_core8.parsePkhDid,
   parseSpaceUri: () => import_sdk_core18.parseSpaceUri,
+  pkhDid: () => import_sdk_core8.pkhDid,
+  principalDid: () => import_sdk_core8.principalDid,
+  principalDidEquals: () => import_sdk_core8.principalDidEquals,
   resolveManifest: () => import_sdk_core9.resolveManifest,
   resolveSecretListPrefix: () => import_sdk_core13.resolveSecretListPrefix,
   resolveSecretPath: () => import_sdk_core13.resolveSecretPath,
@@ -17440,15 +17455,16 @@ var NodeUserAuthorization = class {
    * expired-at-epoch-zero.
    */
   setRestoredTinyCloudSession(session) {
-    this._tinyCloudSession = session;
-    this._address = session.address;
+    const address = (0, import_sdk_core.canonicalizeAddress)(session.address);
+    this._tinyCloudSession = { ...session, address };
+    this._address = address;
     this._chainId = session.chainId;
   }
   async resolveTinyCloudHostsForSignIn(address, chainId) {
     if (this.tinycloudHosts && this.tinycloudHosts.length > 0) {
       return;
     }
-    const subject = `did:pkh:eip155:${chainId}:${address}`;
+    const subject = (0, import_sdk_core.pkhDid)(address, chainId);
     const resolved = await (0, import_sdk_core.resolveTinyCloudHosts)(subject, {
       registryUrl: this.tinycloudRegistryUrl,
       fallbackHosts: this.tinycloudFallbackHosts
@@ -17512,19 +17528,19 @@ var NodeUserAuthorization = class {
     if (space.startsWith("tinycloud:")) {
       return space;
     }
-    return this.wasm.makeSpaceId(address, chainId, space);
+    return (0, import_sdk_core.makePkhSpaceId)(address, chainId, space);
   }
   defaultEncryptionNetworkId(address, chainId) {
-    return `urn:tinycloud:encryption:did:pkh:eip155:${chainId}:${address}:default`;
+    return `urn:tinycloud:encryption:${(0, import_sdk_core.pkhDid)(address, chainId)}:default`;
   }
   resolveSignInCapabilities(address, chainId) {
     const request = this.getCapabilityRequest();
     if (request === void 0) {
       const defaultNetworkId = this.defaultEncryptionNetworkId(address, chainId);
-      const secretsSpaceId = this.wasm.makeSpaceId(address, chainId, "secrets");
+      const secretsSpaceId = (0, import_sdk_core.makePkhSpaceId)(address, chainId, "secrets");
       return {
         abilities: this.defaultActions,
-        spaceId: this.wasm.makeSpaceId(address, chainId, this.spacePrefix),
+        spaceId: (0, import_sdk_core.makePkhSpaceId)(address, chainId, this.spacePrefix),
         spaceAbilities: {
           [secretsSpaceId]: {
             kv: {
@@ -17786,9 +17802,9 @@ var NodeUserAuthorization = class {
    * @param options - Optional per-call SIWE overrides for this sign-in only
    */
   async signIn(options) {
-    this._address = await this.signer.getAddress();
+    this._address = (0, import_sdk_core.canonicalizeAddress)(await this.signer.getAddress());
     this._chainId = await this.signer.getChainId();
-    const address = this.wasm.ensureEip55(this._address);
+    const address = this._address;
     const chainId = this._chainId;
     await this.resolveTinyCloudHostsForSignIn(address, chainId);
     const keyId = `session-${Date.now()}`;
@@ -17833,7 +17849,7 @@ var NodeUserAuthorization = class {
       siwe: prepared.siwe,
       signature: signature2
     };
-    const spacesMetadata = this.enablePublicSpace ? { public: this.wasm.makeSpaceId(address, chainId, "public") } : void 0;
+    const spacesMetadata = this.enablePublicSpace ? { public: (0, import_sdk_core.makePkhSpaceId)(address, chainId, "public") } : void 0;
     const tinyCloudSession = {
       address,
       chainId,
@@ -17908,7 +17924,7 @@ var NodeUserAuthorization = class {
    */
   async signMessage(message) {
     if (!this._address) {
-      this._address = await this.signer.getAddress();
+      this._address = (0, import_sdk_core.canonicalizeAddress)(await this.signer.getAddress());
     }
     if (!this._chainId) {
       this._chainId = await this.signer.getChainId();
@@ -17935,7 +17951,7 @@ var NodeUserAuthorization = class {
    * ```
    */
   async prepareSessionForSigning() {
-    const address = this.wasm.ensureEip55(await this.signer.getAddress());
+    const address = (0, import_sdk_core.canonicalizeAddress)(await this.signer.getAddress());
     const chainId = await this.signer.getChainId();
     const keyId = `session-${Date.now()}`;
     this.sessionManager.renameSessionKeyId("default", keyId);
@@ -17985,7 +18001,7 @@ var NodeUserAuthorization = class {
       ...prepared,
       signature: signature2
     });
-    const address = this.wasm.ensureEip55(await this.signer.getAddress());
+    const address = (0, import_sdk_core.canonicalizeAddress)(await this.signer.getAddress());
     const chainId = await this.signer.getChainId();
     await this.resolveTinyCloudHostsForSignIn(address, chainId);
     const clientSession = {
@@ -17996,7 +18012,7 @@ var NodeUserAuthorization = class {
       siwe: prepared.siwe,
       signature: signature2
     };
-    const spacesMetadata = this.enablePublicSpace ? { public: this.wasm.makeSpaceId(address, chainId, "public") } : void 0;
+    const spacesMetadata = this.enablePublicSpace ? { public: (0, import_sdk_core.makePkhSpaceId)(address, chainId, "public") } : void 0;
     const tinyCloudSession = {
       address,
       chainId,
@@ -18523,6 +18539,13 @@ var NETWORK_CREATE_ACTION = "tinycloud.encryption/network.create";
 var DECRYPT_ACTION = "tinycloud.encryption/decrypt";
 var NETWORK_ADMIN_TYPE = "tinycloud.encryption.network-admin/v1";
 var DEFAULT_SESSION_EXPIRATION_MS = import_sdk_core5.EXPIRY.SESSION_MS;
+function didPrincipalMatches(actual, expected) {
+  try {
+    return (0, import_sdk_core5.principalDidEquals)(actual, expected);
+  } catch {
+    return actual === expected;
+  }
+}
 function base64UrlEncode(bytes) {
   const alphabet = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_";
   let output = "";
@@ -18819,7 +18842,7 @@ var _TinyCloudNode = class _TinyCloudNode {
    */
   get did() {
     if (this._address) {
-      return `did:pkh:eip155:${this._chainId}:${this._address}`;
+      return (0, import_sdk_core5.pkhDid)(this._address, this._chainId);
     }
     return this.sessionManager.getDID(this.sessionKeyId);
   }
@@ -18836,7 +18859,7 @@ var _TinyCloudNode = class _TinyCloudNode {
    * Get the Ethereum address for this user.
    */
   get address() {
-    return this._address;
+    return this.auth?.address() ?? this._address;
   }
   /**
    * Check if this instance is in session-only mode (no wallet).
@@ -18874,7 +18897,7 @@ var _TinyCloudNode = class _TinyCloudNode {
       );
     }
     await this.wasmBindings.ensureInitialized?.();
-    this._address = await this.signer.getAddress();
+    this._address = (0, import_sdk_core5.canonicalizeAddress)(await this.signer.getAddress());
     this._chainId = await this.signer.getChainId();
     this._kv = void 0;
     this._sql = void 0;
@@ -18981,8 +19004,9 @@ var _TinyCloudNode = class _TinyCloudNode {
     this._spaceService = void 0;
     this._serviceContext = void 0;
     this.runtimePermissionGrants = [];
-    if (sessionData.address) {
-      this._address = sessionData.address;
+    const restoredAddress = sessionData.address ? (0, import_sdk_core5.canonicalizeAddress)(sessionData.address) : void 0;
+    if (restoredAddress) {
+      this._address = restoredAddress;
     }
     if (sessionData.chainId) {
       this._chainId = sessionData.chainId;
@@ -19017,9 +19041,9 @@ var _TinyCloudNode = class _TinyCloudNode {
     this._vault.initialize(this._serviceContext);
     this._serviceContext.registerService("vault", this._vault);
     this.initializeV2Services(serviceSession);
-    if (sessionData.siwe && sessionData.address && sessionData.chainId) {
+    if (sessionData.siwe && restoredAddress && sessionData.chainId) {
       const tcSession = {
-        address: sessionData.address,
+        address: restoredAddress,
         chainId: sessionData.chainId,
         sessionKey: JSON.stringify(sessionData.jwk),
         spaceId: sessionData.spaceId,
@@ -19358,8 +19382,8 @@ var _TinyCloudNode = class _TinyCloudNode {
         fetchByNetworkId: (networkId) => this.getEncryptionNetwork(networkId)
       },
       wellKnown: {
-        fetchWellKnown: async (ownerDid, discoveryKey) => {
-          if (!this._address || ownerDid !== this.did) {
+        fetchWellKnown: async (principal, discoveryKey) => {
+          if (!this._address || !didPrincipalMatches(principal, this.did)) {
             return null;
           }
           if (!this.config.host) {
@@ -19683,7 +19707,7 @@ var _TinyCloudNode = class _TinyCloudNode {
       return {
         cid: delegationSession.delegationCid,
         delegateDID: params.shareKeyDID,
-        delegatorDID: `did:pkh:eip155:${session.chainId}:${session.address}`,
+        delegatorDID: (0, import_sdk_core5.pkhDid)(session.address, session.chainId),
         spaceId: params.spaceId,
         path: params.path,
         actions: params.actions,
@@ -20015,13 +20039,8 @@ var _TinyCloudNode = class _TinyCloudNode {
     if (delegation.expiry.getTime() <= Date.now()) {
       throw new import_sdk_core5.SessionExpiredError(delegation.expiry);
     }
-    const expectedDids = /* @__PURE__ */ new Set([
-      session.verificationMethod,
-      this.didWithoutFragment(session.verificationMethod),
-      this.sessionDid,
-      this.didWithoutFragment(this.sessionDid)
-    ]);
-    if (!expectedDids.has(delegation.delegateDID)) {
+    const expectedDids = [session.verificationMethod, this.sessionDid];
+    if (!expectedDids.some((did) => didPrincipalMatches(delegation.delegateDID, did))) {
       throw new Error(
         `Runtime delegation targets ${delegation.delegateDID} but this session key is ${session.verificationMethod}.`
       );
@@ -20548,7 +20567,9 @@ var _TinyCloudNode = class _TinyCloudNode {
         "materializeDelegation requires a composed manifest request"
       );
     }
-    const target = request.delegationTargets.find((entry) => entry.did === did);
+    const target = request.delegationTargets.find(
+      (entry) => didPrincipalMatches(entry.did, did)
+    );
     if (!target) {
       throw new Error(`No manifest delegation target found for DID ${did}`);
     }
@@ -20856,10 +20877,6 @@ var _TinyCloudNode = class _TinyCloudNode {
       expiresAt: delegation.expiry
     };
   }
-  didWithoutFragment(did) {
-    const fragment = did.indexOf("#");
-    return fragment === -1 ? did : did.slice(0, fragment);
-  }
   installRuntimeGrantFromServiceSession(delegation, session, expiresAt) {
     const operations = this.operationsFromDelegation(delegation);
     if (operations.length === 0) {
@@ -21055,7 +21072,7 @@ var _TinyCloudNode = class _TinyCloudNode {
     if (resolvedDelegateDID.endsWith(".eth") && this.config.ensResolver) {
       const address = await this.config.ensResolver.resolveAddress(resolvedDelegateDID);
       if (!address) throw new Error(`Could not resolve ENS name: ${resolvedDelegateDID}`);
-      resolvedDelegateDID = `did:pkh:eip155:1:${address}`;
+      resolvedDelegateDID = (0, import_sdk_core5.pkhDid)(address, 1);
     }
     const entries = legacyParamsToPermissionEntries(
       params.actions,
@@ -21212,7 +21229,7 @@ var _TinyCloudNode = class _TinyCloudNode {
     const targetHost = delegation.host ?? this.config.host;
     if (this.isSessionOnly) {
       const myDid = this.did;
-      if (delegation.delegateDID !== myDid) {
+      if (!didPrincipalMatches(delegation.delegateDID, myDid)) {
         throw new Error(
           `Delegation targets ${delegation.delegateDID} but this user's DID is ${myDid}. The delegation must target this user's DID.`
         );
@@ -21616,6 +21633,7 @@ var import_sdk_core20 = require("@tinycloud/sdk-core");
   EncryptionService,
   FileSessionStorage,
   HooksService,
+  IdentityParseError,
   KVService,
   ManifestValidationError,
   MemorySessionStorage,
@@ -21646,6 +21664,7 @@ var import_sdk_core20 = require("@tinycloud/sdk-core");
   VaultPublicSpaceKVActions,
   VersionCheckError,
   WasmKeyProvider,
+  addressStorageKey,
   buildCanonicalDecryptRequest,
   buildDecryptAttenuation,
   buildDecryptFacts,
@@ -21654,7 +21673,11 @@ var import_sdk_core20 = require("@tinycloud/sdk-core");
   buildSpaceUri,
   canonicalHashHex,
   canonicalSignedResponse,
+  canonicalizeAddress,
+  canonicalizeDid,
+  canonicalizeDidUrl,
   canonicalizeEncryptionJson,
+  canonicalizeNetworkId,
   canonicalizeSecretScope,
   checkDecryptInvocationInput,
   checkNodeInfo,
@@ -21669,6 +21692,8 @@ var import_sdk_core20 = require("@tinycloud/sdk-core");
   defaultSpaceCreationHandler,
   deriveSignedReceiverKey,
   deserializeDelegation,
+  didCacheKey,
+  didEquals,
   discoverNetwork,
   encryptToNetwork,
   encryptionBase64Decode,
@@ -21684,14 +21709,21 @@ var import_sdk_core20 = require("@tinycloud/sdk-core");
   hexDecode,
   hexEncode,
   isCapabilitySubset,
+  isEvmAddress,
   isNetworkId,
   loadManifest,
+  makePkhSpaceId,
   makePublicSpaceId,
   networkDiscoveryKey,
   openWrappedKey,
+  parseCanonicalNetworkId,
   parseExpiry,
   parseNetworkId,
+  parsePkhDid,
   parseSpaceUri,
+  pkhDid,
+  principalDid,
+  principalDidEquals,
   resolveManifest,
   resolveSecretListPrefix,
   resolveSecretPath,