@tinycloud/node-sdk 2.4.0-beta.1 → 2.4.0-beta.11
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/{core-Dbzm1kA_.d.cts → core--mjBU9Jq.d.cts} +154 -6
- package/dist/{core-Dbzm1kA_.d.ts → core--mjBU9Jq.d.ts} +154 -6
- package/dist/core.cjs +462 -222
- package/dist/core.cjs.map +1 -1
- package/dist/core.d.cts +2 -2
- package/dist/core.d.ts +2 -2
- package/dist/core.js +291 -48
- package/dist/core.js.map +1 -1
- package/dist/index.cjs +533 -265
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.cts +2 -2
- package/dist/index.d.ts +2 -2
- package/dist/index.js +322 -52
- package/dist/index.js.map +1 -1
- package/package.json +2 -2
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { ISessionStorage, PersistedSessionData, AutoSignStrategy, AutoRejectStrategy, CallbackStrategy, IUserAuthorization, ISigner, ISpaceCreationHandler, IWasmBindings, SiweConfig, Manifest, ComposedManifestRequest, ClientSession, TinyCloudSession, Extension, SignInOptions, Delegation, DelegatedResource, TelemetryConfig, IKVService, ISQLService, IDuckDbService, IHooksService, INotificationHandler, IENSResolver, IDataVaultService, IEncryptionService, NetworkDescriptor, ISecretsService, ICapabilityKeyRegistry,
|
|
1
|
+
import { ISessionStorage, PersistedSessionData, AutoSignStrategy, AutoRejectStrategy, CallbackStrategy, IUserAuthorization, ISigner, ISpaceCreationHandler, IWasmBindings, SiweConfig, Manifest, ComposedManifestRequest, ClientSession, TinyCloudSession, Extension, SignInOptions, Delegation, DelegatedResource, PermissionEntry, TelemetryConfig, IKVService, ISQLService, IDuckDbService, IHooksService, INotificationHandler, IENSResolver, AccountService, IDataVaultService, IEncryptionService, NetworkDescriptor, ISecretsService, ICapabilityKeyRegistry, DelegationManager, ISpaceService, ISpace, ISharingService, CreateDelegationParams, DelegationResult, ResolvedDelegate, KeyProvider, ISessionManager, JWK } from '@tinycloud/sdk-core';
|
|
2
2
|
import { EventEmitter } from 'events';
|
|
3
3
|
import { InvokeFunction } from '@tinycloud/sdk-services';
|
|
4
4
|
|
|
@@ -332,8 +332,31 @@ declare class NodeUserAuthorization implements IUserAuthorization {
|
|
|
332
332
|
* `siwe` is the load-bearing one because `extractSiweExpiration` returns
|
|
333
333
|
* undefined for missing SIWEs and the SDK then treats the session as
|
|
334
334
|
* expired-at-epoch-zero.
|
|
335
|
+
*
|
|
336
|
+
* @param hosts - The TinyCloud hosts this session was created against,
|
|
337
|
+
* as persisted in {@link PersistedSessionData.tinycloudHosts}. When
|
|
338
|
+
* present (and non-empty) they are adopted directly so the restored
|
|
339
|
+
* session resolves to the same node as the original sign-in without
|
|
340
|
+
* re-running registry/fallback resolution. When absent (old session)
|
|
341
|
+
* hosts are resolved lazily on the first host-needing call via
|
|
342
|
+
* {@link ensureTinyCloudHosts}.
|
|
343
|
+
*/
|
|
344
|
+
setRestoredTinyCloudSession(session: TinyCloudSession, hosts?: string[]): void;
|
|
345
|
+
/**
|
|
346
|
+
* Ensure `tinycloudHosts` are resolved before a host-needing call.
|
|
347
|
+
*
|
|
348
|
+
* Fresh sign-in resolves hosts up front; a restored session may not have
|
|
349
|
+
* (old persisted sessions predate {@link PersistedSessionData.tinycloudHosts}).
|
|
350
|
+
* This guard makes a restored session resolve the node exactly like a fresh
|
|
351
|
+
* sign-in — persisted hosts are preferred (already set by
|
|
352
|
+
* {@link setRestoredTinyCloudSession}), otherwise the registry/fallback
|
|
353
|
+
* resolution runs lazily here. Idempotent: {@link resolveTinyCloudHostsForSignIn}
|
|
354
|
+
* early-returns when hosts are already set.
|
|
355
|
+
*
|
|
356
|
+
* Throws if hosts are unset and the restored session has no address/chainId
|
|
357
|
+
* to resolve from — a real failure that must surface, not be masked.
|
|
335
358
|
*/
|
|
336
|
-
|
|
359
|
+
ensureTinyCloudHosts(): Promise<void>;
|
|
337
360
|
private resolveTinyCloudHostsForSignIn;
|
|
338
361
|
private requireTinyCloudHosts;
|
|
339
362
|
private get primaryTinyCloudHost();
|
|
@@ -540,6 +563,69 @@ interface PortableDelegation extends Omit<Delegation, "isRevoked"> {
|
|
|
540
563
|
*/
|
|
541
564
|
resources?: DelegatedResource[];
|
|
542
565
|
}
|
|
566
|
+
/**
|
|
567
|
+
* The transport shape `tc auth request --emit` produces and that an owner
|
|
568
|
+
* grants to its requester. Only the fields the grant logic needs are declared;
|
|
569
|
+
* the CLI artifact carries more (posture, captured command, ...) and remains a
|
|
570
|
+
* structural superset of this interface.
|
|
571
|
+
*/
|
|
572
|
+
interface AuthRequestArtifact {
|
|
573
|
+
kind: "tinycloud.auth.request";
|
|
574
|
+
version: 1;
|
|
575
|
+
requestId: string;
|
|
576
|
+
/** The requester's session DID — the audience the grant is issued to. */
|
|
577
|
+
sessionDid: string;
|
|
578
|
+
/** The capabilities the requester is asking the owner to delegate. */
|
|
579
|
+
requested: PermissionEntry[];
|
|
580
|
+
/** Optional lifetime override carried from the request. */
|
|
581
|
+
requestedExpiry?: string | number;
|
|
582
|
+
}
|
|
583
|
+
/**
|
|
584
|
+
* The transport shape returned by {@link grantAuthRequest} (and written by
|
|
585
|
+
* `tc auth grant`). `tc auth import` accepts this artifact directly.
|
|
586
|
+
*/
|
|
587
|
+
interface AuthDelegationArtifact {
|
|
588
|
+
kind: "tinycloud.auth.delegation";
|
|
589
|
+
version: 1;
|
|
590
|
+
requestId: string;
|
|
591
|
+
delegationCid: string;
|
|
592
|
+
delegation: PortableDelegation;
|
|
593
|
+
permissions: PermissionEntry[];
|
|
594
|
+
expiry: string;
|
|
595
|
+
/** Whether issuing the delegation triggered a wallet prompt. */
|
|
596
|
+
prompted: boolean;
|
|
597
|
+
}
|
|
598
|
+
/**
|
|
599
|
+
* Minimal owner-side capability {@link grantAuthRequest} needs: the signed
|
|
600
|
+
* `delegateTo` primitive. `TinyCloudNode` satisfies this directly; web/SDK
|
|
601
|
+
* contexts can supply any object that exposes the same method.
|
|
602
|
+
*/
|
|
603
|
+
interface DelegationAuthority {
|
|
604
|
+
delegateTo(did: string, permissions: PermissionEntry[], options?: {
|
|
605
|
+
expiry?: string | number;
|
|
606
|
+
forceWalletSign?: boolean;
|
|
607
|
+
}): Promise<{
|
|
608
|
+
delegation: PortableDelegation;
|
|
609
|
+
prompted: boolean;
|
|
610
|
+
}>;
|
|
611
|
+
}
|
|
612
|
+
/**
|
|
613
|
+
* Turn a delegation REQUEST into a signed GRANT.
|
|
614
|
+
*
|
|
615
|
+
* Lifts the body of `tc auth grant` into the SDK so the request→grant
|
|
616
|
+
* handshake is callable programmatically (future SDK/web owner tooling and the
|
|
617
|
+
* KV delegation inbox), with the CLI verb reduced to a thin wrapper. The owner
|
|
618
|
+
* `authority` (a `TinyCloudNode`) signs a delegation scoped to exactly the
|
|
619
|
+
* requested caps, audienced to the requester's `sessionDid`, honoring the
|
|
620
|
+
* request's expiry. The returned artifact round-trips through `tc auth import`.
|
|
621
|
+
*
|
|
622
|
+
* Authorization is enforced cryptographically by `delegateTo`: caps that are
|
|
623
|
+
* not derivable from the owner's own session capability chain are rejected
|
|
624
|
+
* (it throws), so this never widens authority the owner doesn't hold.
|
|
625
|
+
*/
|
|
626
|
+
declare function grantAuthRequest(authority: DelegationAuthority, request: AuthRequestArtifact, options?: {
|
|
627
|
+
expiry?: string | number;
|
|
628
|
+
}): Promise<AuthDelegationArtifact>;
|
|
543
629
|
/**
|
|
544
630
|
* Serialize a PortableDelegation for transport (e.g., over network).
|
|
545
631
|
*/
|
|
@@ -796,6 +882,7 @@ declare class TinyCloudNode {
|
|
|
796
882
|
private _encryption?;
|
|
797
883
|
private _baseSecrets?;
|
|
798
884
|
private _secrets?;
|
|
885
|
+
private _account?;
|
|
799
886
|
/** Cached public KV with proper delegation (set by ensurePublicSpace) */
|
|
800
887
|
private _publicKV?;
|
|
801
888
|
/** Session key ID - always available */
|
|
@@ -898,6 +985,15 @@ declare class TinyCloudNode {
|
|
|
898
985
|
* Available after signIn().
|
|
899
986
|
*/
|
|
900
987
|
get spaceId(): string | undefined;
|
|
988
|
+
/**
|
|
989
|
+
* Get the account space ID for this wallet identity.
|
|
990
|
+
* Available after wallet-backed sign-in or a restored session with address metadata.
|
|
991
|
+
*/
|
|
992
|
+
get accountSpaceId(): string | undefined;
|
|
993
|
+
/**
|
|
994
|
+
* Account-level application and delegation helpers.
|
|
995
|
+
*/
|
|
996
|
+
get account(): AccountService;
|
|
901
997
|
/**
|
|
902
998
|
* Get the current TinyCloud session.
|
|
903
999
|
* Available after signIn().
|
|
@@ -913,7 +1009,11 @@ declare class TinyCloudNode {
|
|
|
913
1009
|
signIn(options?: SignInOptions): Promise<void>;
|
|
914
1010
|
private ownedSpaceId;
|
|
915
1011
|
private writeManifestRegistryRecords;
|
|
916
|
-
private
|
|
1012
|
+
private scheduleAccountRegistrySync;
|
|
1013
|
+
private withAccountRegistryRetry;
|
|
1014
|
+
private requestedEncryptionNetworkIds;
|
|
1015
|
+
private ensureRequestedEncryptionNetworks;
|
|
1016
|
+
private ensureOwnedSpaceHostedById;
|
|
917
1017
|
/**
|
|
918
1018
|
* Host one of this user's owned spaces by name (e.g. `"applications"`).
|
|
919
1019
|
*
|
|
@@ -924,7 +1024,7 @@ declare class TinyCloudNode {
|
|
|
924
1024
|
* caller is the root authority of their own owned spaces, so no additional
|
|
925
1025
|
* delegation is required.
|
|
926
1026
|
*
|
|
927
|
-
* Unlike {@link
|
|
1027
|
+
* Unlike {@link ensureOwnedSpaceHostedById}, this always submits the host
|
|
928
1028
|
* delegation rather than inferring hosting from session activation: a space
|
|
929
1029
|
* the current session has never referenced is reported neither as
|
|
930
1030
|
* `activated` nor `skipped`, so activation-based detection would wrongly
|
|
@@ -935,6 +1035,27 @@ declare class TinyCloudNode {
|
|
|
935
1035
|
* @returns The hosted space URI.
|
|
936
1036
|
*/
|
|
937
1037
|
hostOwnedSpace(name: string): Promise<string>;
|
|
1038
|
+
/**
|
|
1039
|
+
* Ensure one of this user's owned spaces (e.g. `"secrets"`) is hosted on the
|
|
1040
|
+
* server.
|
|
1041
|
+
*
|
|
1042
|
+
* At sign-in, a full-authority session auto-hosts the owner's `secrets`
|
|
1043
|
+
* space, but a session created with a manifest / capabilityRequest does not.
|
|
1044
|
+
* Such a session can therefore hold valid `tinycloud.kv/*` capabilities for
|
|
1045
|
+
* the owned `secrets` space yet still fail its first scoped
|
|
1046
|
+
* `secrets.put(...)` with `404 Space not found`, because the space was never
|
|
1047
|
+
* registered on the node.
|
|
1048
|
+
*
|
|
1049
|
+
* Calling this resolves `name` to the owner's owned-space URI
|
|
1050
|
+
* (`tinycloud:pkh:eip155:<chain>:<addr>:<name>`) and hosts it via the
|
|
1051
|
+
* host-SIWE delegation flow. The host SIWE is idempotent server-side, so it
|
|
1052
|
+
* is safe to call whether or not the space already exists; do not gate it on
|
|
1053
|
+
* a prior existence check. Must be called after {@link signIn}.
|
|
1054
|
+
*
|
|
1055
|
+
* @param name - The owned space name (e.g. `"secrets"`).
|
|
1056
|
+
* @returns The hosted owned-space URI.
|
|
1057
|
+
*/
|
|
1058
|
+
ensureOwnedSpaceHosted(name: string): Promise<string>;
|
|
938
1059
|
/**
|
|
939
1060
|
* Restore a previously established session from stored delegation data.
|
|
940
1061
|
*
|
|
@@ -969,7 +1090,32 @@ declare class TinyCloudNode {
|
|
|
969
1090
|
* for callers that need to round-trip the full session shape.
|
|
970
1091
|
*/
|
|
971
1092
|
signature?: string;
|
|
1093
|
+
/**
|
|
1094
|
+
* The TinyCloud hosts this session was created against (from
|
|
1095
|
+
* {@link PersistedSessionData.tinycloudHosts}). When present they are
|
|
1096
|
+
* adopted so the restored session targets the same node as the
|
|
1097
|
+
* original sign-in — without this, service calls fall back to the
|
|
1098
|
+
* default host and the auth layer throws "TinyCloud hosts have not
|
|
1099
|
+
* been resolved". When absent (old persisted session) hosts resolve
|
|
1100
|
+
* lazily via the registry/fallback on the first host-needing call.
|
|
1101
|
+
*/
|
|
1102
|
+
tinycloudHosts?: string[];
|
|
972
1103
|
}): Promise<void>;
|
|
1104
|
+
/**
|
|
1105
|
+
* Resolve the host a restored session should target.
|
|
1106
|
+
*
|
|
1107
|
+
* Mirrors fresh sign-in host resolution but for the restore path:
|
|
1108
|
+
* an explicit/pinned host always wins, then the hosts the session was
|
|
1109
|
+
* persisted with, then a lazy registry/fallback resolution for sessions
|
|
1110
|
+
* that predate the persisted `tinycloudHosts` field. Returns `undefined`
|
|
1111
|
+
* only when there's nothing to resolve from (no explicit host, no
|
|
1112
|
+
* persisted hosts, and no address/chainId) — in which case the existing
|
|
1113
|
+
* `config.host` (default) is left in place.
|
|
1114
|
+
*
|
|
1115
|
+
* Resolution failures are surfaced, not swallowed: a genuinely broken
|
|
1116
|
+
* registry lookup throws rather than silently falling back to a wrong host.
|
|
1117
|
+
*/
|
|
1118
|
+
private resolveRestoredHost;
|
|
973
1119
|
/**
|
|
974
1120
|
* Resolve the currently-active TinyCloudSession, preferring the auth
|
|
975
1121
|
* layer's value (wallet mode) and falling back to the node-level
|
|
@@ -1129,7 +1275,7 @@ declare class TinyCloudNode {
|
|
|
1129
1275
|
get encryption(): IEncryptionService;
|
|
1130
1276
|
getEncryptionNetwork(nameOrNetworkId?: string): Promise<NetworkDescriptor | null>;
|
|
1131
1277
|
createEncryptionNetwork(name?: string): Promise<NetworkDescriptor>;
|
|
1132
|
-
ensureEncryptionNetwork(
|
|
1278
|
+
ensureEncryptionNetwork(nameOrNetworkId?: string): Promise<NetworkDescriptor>;
|
|
1133
1279
|
/**
|
|
1134
1280
|
* App-facing secrets API backed by the `secrets` space vault.
|
|
1135
1281
|
*/
|
|
@@ -1475,6 +1621,8 @@ declare class TinyCloudNode {
|
|
|
1475
1621
|
private findGrantForOperation;
|
|
1476
1622
|
private pruneExpiredRuntimePermissionGrants;
|
|
1477
1623
|
private operationCovers;
|
|
1624
|
+
private spaceIdsEqual;
|
|
1625
|
+
private normalizeSpaceAddress;
|
|
1478
1626
|
private actionContains;
|
|
1479
1627
|
private invocationServiceName;
|
|
1480
1628
|
private isEncryptionNetworkOperation;
|
|
@@ -1669,4 +1817,4 @@ declare class WasmKeyProvider implements KeyProvider {
|
|
|
1669
1817
|
*/
|
|
1670
1818
|
declare function createWasmKeyProvider(sessionManager: SessionManagerWithListing): WasmKeyProvider;
|
|
1671
1819
|
|
|
1672
|
-
export { type DelegateToOptions as D, FileSessionStorage as F, MemorySessionStorage as M, type NodeEventEmitterStrategy as N, type PortableDelegation as P, type RestorableSession as R, type SignStrategy as S, TinyCloudNode as T, WasmKeyProvider as W, type
|
|
1820
|
+
export { type AuthDelegationArtifact as A, type DelegateToOptions as D, FileSessionStorage as F, MemorySessionStorage as M, type NodeEventEmitterStrategy as N, type PortableDelegation as P, type RestorableSession as R, type SignStrategy as S, TinyCloudNode as T, WasmKeyProvider as W, type AuthRequestArtifact as a, type DelegateToResult as b, DelegatedAccess as c, type DelegationAuthority as d, NodeUserAuthorization as e, type NodeUserAuthorizationConfig as f, type RuntimePermissionGrantOptions as g, type TinyCloudNodeConfig as h, type WasmKeyProviderConfig as i, createWasmKeyProvider as j, defaultSignStrategy as k, deserializeDelegation as l, grantAuthRequest as m, serializeDelegation as s };
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { ISessionStorage, PersistedSessionData, AutoSignStrategy, AutoRejectStrategy, CallbackStrategy, IUserAuthorization, ISigner, ISpaceCreationHandler, IWasmBindings, SiweConfig, Manifest, ComposedManifestRequest, ClientSession, TinyCloudSession, Extension, SignInOptions, Delegation, DelegatedResource, TelemetryConfig, IKVService, ISQLService, IDuckDbService, IHooksService, INotificationHandler, IENSResolver, IDataVaultService, IEncryptionService, NetworkDescriptor, ISecretsService, ICapabilityKeyRegistry,
|
|
1
|
+
import { ISessionStorage, PersistedSessionData, AutoSignStrategy, AutoRejectStrategy, CallbackStrategy, IUserAuthorization, ISigner, ISpaceCreationHandler, IWasmBindings, SiweConfig, Manifest, ComposedManifestRequest, ClientSession, TinyCloudSession, Extension, SignInOptions, Delegation, DelegatedResource, PermissionEntry, TelemetryConfig, IKVService, ISQLService, IDuckDbService, IHooksService, INotificationHandler, IENSResolver, AccountService, IDataVaultService, IEncryptionService, NetworkDescriptor, ISecretsService, ICapabilityKeyRegistry, DelegationManager, ISpaceService, ISpace, ISharingService, CreateDelegationParams, DelegationResult, ResolvedDelegate, KeyProvider, ISessionManager, JWK } from '@tinycloud/sdk-core';
|
|
2
2
|
import { EventEmitter } from 'events';
|
|
3
3
|
import { InvokeFunction } from '@tinycloud/sdk-services';
|
|
4
4
|
|
|
@@ -332,8 +332,31 @@ declare class NodeUserAuthorization implements IUserAuthorization {
|
|
|
332
332
|
* `siwe` is the load-bearing one because `extractSiweExpiration` returns
|
|
333
333
|
* undefined for missing SIWEs and the SDK then treats the session as
|
|
334
334
|
* expired-at-epoch-zero.
|
|
335
|
+
*
|
|
336
|
+
* @param hosts - The TinyCloud hosts this session was created against,
|
|
337
|
+
* as persisted in {@link PersistedSessionData.tinycloudHosts}. When
|
|
338
|
+
* present (and non-empty) they are adopted directly so the restored
|
|
339
|
+
* session resolves to the same node as the original sign-in without
|
|
340
|
+
* re-running registry/fallback resolution. When absent (old session)
|
|
341
|
+
* hosts are resolved lazily on the first host-needing call via
|
|
342
|
+
* {@link ensureTinyCloudHosts}.
|
|
343
|
+
*/
|
|
344
|
+
setRestoredTinyCloudSession(session: TinyCloudSession, hosts?: string[]): void;
|
|
345
|
+
/**
|
|
346
|
+
* Ensure `tinycloudHosts` are resolved before a host-needing call.
|
|
347
|
+
*
|
|
348
|
+
* Fresh sign-in resolves hosts up front; a restored session may not have
|
|
349
|
+
* (old persisted sessions predate {@link PersistedSessionData.tinycloudHosts}).
|
|
350
|
+
* This guard makes a restored session resolve the node exactly like a fresh
|
|
351
|
+
* sign-in — persisted hosts are preferred (already set by
|
|
352
|
+
* {@link setRestoredTinyCloudSession}), otherwise the registry/fallback
|
|
353
|
+
* resolution runs lazily here. Idempotent: {@link resolveTinyCloudHostsForSignIn}
|
|
354
|
+
* early-returns when hosts are already set.
|
|
355
|
+
*
|
|
356
|
+
* Throws if hosts are unset and the restored session has no address/chainId
|
|
357
|
+
* to resolve from — a real failure that must surface, not be masked.
|
|
335
358
|
*/
|
|
336
|
-
|
|
359
|
+
ensureTinyCloudHosts(): Promise<void>;
|
|
337
360
|
private resolveTinyCloudHostsForSignIn;
|
|
338
361
|
private requireTinyCloudHosts;
|
|
339
362
|
private get primaryTinyCloudHost();
|
|
@@ -540,6 +563,69 @@ interface PortableDelegation extends Omit<Delegation, "isRevoked"> {
|
|
|
540
563
|
*/
|
|
541
564
|
resources?: DelegatedResource[];
|
|
542
565
|
}
|
|
566
|
+
/**
|
|
567
|
+
* The transport shape `tc auth request --emit` produces and that an owner
|
|
568
|
+
* grants to its requester. Only the fields the grant logic needs are declared;
|
|
569
|
+
* the CLI artifact carries more (posture, captured command, ...) and remains a
|
|
570
|
+
* structural superset of this interface.
|
|
571
|
+
*/
|
|
572
|
+
interface AuthRequestArtifact {
|
|
573
|
+
kind: "tinycloud.auth.request";
|
|
574
|
+
version: 1;
|
|
575
|
+
requestId: string;
|
|
576
|
+
/** The requester's session DID — the audience the grant is issued to. */
|
|
577
|
+
sessionDid: string;
|
|
578
|
+
/** The capabilities the requester is asking the owner to delegate. */
|
|
579
|
+
requested: PermissionEntry[];
|
|
580
|
+
/** Optional lifetime override carried from the request. */
|
|
581
|
+
requestedExpiry?: string | number;
|
|
582
|
+
}
|
|
583
|
+
/**
|
|
584
|
+
* The transport shape returned by {@link grantAuthRequest} (and written by
|
|
585
|
+
* `tc auth grant`). `tc auth import` accepts this artifact directly.
|
|
586
|
+
*/
|
|
587
|
+
interface AuthDelegationArtifact {
|
|
588
|
+
kind: "tinycloud.auth.delegation";
|
|
589
|
+
version: 1;
|
|
590
|
+
requestId: string;
|
|
591
|
+
delegationCid: string;
|
|
592
|
+
delegation: PortableDelegation;
|
|
593
|
+
permissions: PermissionEntry[];
|
|
594
|
+
expiry: string;
|
|
595
|
+
/** Whether issuing the delegation triggered a wallet prompt. */
|
|
596
|
+
prompted: boolean;
|
|
597
|
+
}
|
|
598
|
+
/**
|
|
599
|
+
* Minimal owner-side capability {@link grantAuthRequest} needs: the signed
|
|
600
|
+
* `delegateTo` primitive. `TinyCloudNode` satisfies this directly; web/SDK
|
|
601
|
+
* contexts can supply any object that exposes the same method.
|
|
602
|
+
*/
|
|
603
|
+
interface DelegationAuthority {
|
|
604
|
+
delegateTo(did: string, permissions: PermissionEntry[], options?: {
|
|
605
|
+
expiry?: string | number;
|
|
606
|
+
forceWalletSign?: boolean;
|
|
607
|
+
}): Promise<{
|
|
608
|
+
delegation: PortableDelegation;
|
|
609
|
+
prompted: boolean;
|
|
610
|
+
}>;
|
|
611
|
+
}
|
|
612
|
+
/**
|
|
613
|
+
* Turn a delegation REQUEST into a signed GRANT.
|
|
614
|
+
*
|
|
615
|
+
* Lifts the body of `tc auth grant` into the SDK so the request→grant
|
|
616
|
+
* handshake is callable programmatically (future SDK/web owner tooling and the
|
|
617
|
+
* KV delegation inbox), with the CLI verb reduced to a thin wrapper. The owner
|
|
618
|
+
* `authority` (a `TinyCloudNode`) signs a delegation scoped to exactly the
|
|
619
|
+
* requested caps, audienced to the requester's `sessionDid`, honoring the
|
|
620
|
+
* request's expiry. The returned artifact round-trips through `tc auth import`.
|
|
621
|
+
*
|
|
622
|
+
* Authorization is enforced cryptographically by `delegateTo`: caps that are
|
|
623
|
+
* not derivable from the owner's own session capability chain are rejected
|
|
624
|
+
* (it throws), so this never widens authority the owner doesn't hold.
|
|
625
|
+
*/
|
|
626
|
+
declare function grantAuthRequest(authority: DelegationAuthority, request: AuthRequestArtifact, options?: {
|
|
627
|
+
expiry?: string | number;
|
|
628
|
+
}): Promise<AuthDelegationArtifact>;
|
|
543
629
|
/**
|
|
544
630
|
* Serialize a PortableDelegation for transport (e.g., over network).
|
|
545
631
|
*/
|
|
@@ -796,6 +882,7 @@ declare class TinyCloudNode {
|
|
|
796
882
|
private _encryption?;
|
|
797
883
|
private _baseSecrets?;
|
|
798
884
|
private _secrets?;
|
|
885
|
+
private _account?;
|
|
799
886
|
/** Cached public KV with proper delegation (set by ensurePublicSpace) */
|
|
800
887
|
private _publicKV?;
|
|
801
888
|
/** Session key ID - always available */
|
|
@@ -898,6 +985,15 @@ declare class TinyCloudNode {
|
|
|
898
985
|
* Available after signIn().
|
|
899
986
|
*/
|
|
900
987
|
get spaceId(): string | undefined;
|
|
988
|
+
/**
|
|
989
|
+
* Get the account space ID for this wallet identity.
|
|
990
|
+
* Available after wallet-backed sign-in or a restored session with address metadata.
|
|
991
|
+
*/
|
|
992
|
+
get accountSpaceId(): string | undefined;
|
|
993
|
+
/**
|
|
994
|
+
* Account-level application and delegation helpers.
|
|
995
|
+
*/
|
|
996
|
+
get account(): AccountService;
|
|
901
997
|
/**
|
|
902
998
|
* Get the current TinyCloud session.
|
|
903
999
|
* Available after signIn().
|
|
@@ -913,7 +1009,11 @@ declare class TinyCloudNode {
|
|
|
913
1009
|
signIn(options?: SignInOptions): Promise<void>;
|
|
914
1010
|
private ownedSpaceId;
|
|
915
1011
|
private writeManifestRegistryRecords;
|
|
916
|
-
private
|
|
1012
|
+
private scheduleAccountRegistrySync;
|
|
1013
|
+
private withAccountRegistryRetry;
|
|
1014
|
+
private requestedEncryptionNetworkIds;
|
|
1015
|
+
private ensureRequestedEncryptionNetworks;
|
|
1016
|
+
private ensureOwnedSpaceHostedById;
|
|
917
1017
|
/**
|
|
918
1018
|
* Host one of this user's owned spaces by name (e.g. `"applications"`).
|
|
919
1019
|
*
|
|
@@ -924,7 +1024,7 @@ declare class TinyCloudNode {
|
|
|
924
1024
|
* caller is the root authority of their own owned spaces, so no additional
|
|
925
1025
|
* delegation is required.
|
|
926
1026
|
*
|
|
927
|
-
* Unlike {@link
|
|
1027
|
+
* Unlike {@link ensureOwnedSpaceHostedById}, this always submits the host
|
|
928
1028
|
* delegation rather than inferring hosting from session activation: a space
|
|
929
1029
|
* the current session has never referenced is reported neither as
|
|
930
1030
|
* `activated` nor `skipped`, so activation-based detection would wrongly
|
|
@@ -935,6 +1035,27 @@ declare class TinyCloudNode {
|
|
|
935
1035
|
* @returns The hosted space URI.
|
|
936
1036
|
*/
|
|
937
1037
|
hostOwnedSpace(name: string): Promise<string>;
|
|
1038
|
+
/**
|
|
1039
|
+
* Ensure one of this user's owned spaces (e.g. `"secrets"`) is hosted on the
|
|
1040
|
+
* server.
|
|
1041
|
+
*
|
|
1042
|
+
* At sign-in, a full-authority session auto-hosts the owner's `secrets`
|
|
1043
|
+
* space, but a session created with a manifest / capabilityRequest does not.
|
|
1044
|
+
* Such a session can therefore hold valid `tinycloud.kv/*` capabilities for
|
|
1045
|
+
* the owned `secrets` space yet still fail its first scoped
|
|
1046
|
+
* `secrets.put(...)` with `404 Space not found`, because the space was never
|
|
1047
|
+
* registered on the node.
|
|
1048
|
+
*
|
|
1049
|
+
* Calling this resolves `name` to the owner's owned-space URI
|
|
1050
|
+
* (`tinycloud:pkh:eip155:<chain>:<addr>:<name>`) and hosts it via the
|
|
1051
|
+
* host-SIWE delegation flow. The host SIWE is idempotent server-side, so it
|
|
1052
|
+
* is safe to call whether or not the space already exists; do not gate it on
|
|
1053
|
+
* a prior existence check. Must be called after {@link signIn}.
|
|
1054
|
+
*
|
|
1055
|
+
* @param name - The owned space name (e.g. `"secrets"`).
|
|
1056
|
+
* @returns The hosted owned-space URI.
|
|
1057
|
+
*/
|
|
1058
|
+
ensureOwnedSpaceHosted(name: string): Promise<string>;
|
|
938
1059
|
/**
|
|
939
1060
|
* Restore a previously established session from stored delegation data.
|
|
940
1061
|
*
|
|
@@ -969,7 +1090,32 @@ declare class TinyCloudNode {
|
|
|
969
1090
|
* for callers that need to round-trip the full session shape.
|
|
970
1091
|
*/
|
|
971
1092
|
signature?: string;
|
|
1093
|
+
/**
|
|
1094
|
+
* The TinyCloud hosts this session was created against (from
|
|
1095
|
+
* {@link PersistedSessionData.tinycloudHosts}). When present they are
|
|
1096
|
+
* adopted so the restored session targets the same node as the
|
|
1097
|
+
* original sign-in — without this, service calls fall back to the
|
|
1098
|
+
* default host and the auth layer throws "TinyCloud hosts have not
|
|
1099
|
+
* been resolved". When absent (old persisted session) hosts resolve
|
|
1100
|
+
* lazily via the registry/fallback on the first host-needing call.
|
|
1101
|
+
*/
|
|
1102
|
+
tinycloudHosts?: string[];
|
|
972
1103
|
}): Promise<void>;
|
|
1104
|
+
/**
|
|
1105
|
+
* Resolve the host a restored session should target.
|
|
1106
|
+
*
|
|
1107
|
+
* Mirrors fresh sign-in host resolution but for the restore path:
|
|
1108
|
+
* an explicit/pinned host always wins, then the hosts the session was
|
|
1109
|
+
* persisted with, then a lazy registry/fallback resolution for sessions
|
|
1110
|
+
* that predate the persisted `tinycloudHosts` field. Returns `undefined`
|
|
1111
|
+
* only when there's nothing to resolve from (no explicit host, no
|
|
1112
|
+
* persisted hosts, and no address/chainId) — in which case the existing
|
|
1113
|
+
* `config.host` (default) is left in place.
|
|
1114
|
+
*
|
|
1115
|
+
* Resolution failures are surfaced, not swallowed: a genuinely broken
|
|
1116
|
+
* registry lookup throws rather than silently falling back to a wrong host.
|
|
1117
|
+
*/
|
|
1118
|
+
private resolveRestoredHost;
|
|
973
1119
|
/**
|
|
974
1120
|
* Resolve the currently-active TinyCloudSession, preferring the auth
|
|
975
1121
|
* layer's value (wallet mode) and falling back to the node-level
|
|
@@ -1129,7 +1275,7 @@ declare class TinyCloudNode {
|
|
|
1129
1275
|
get encryption(): IEncryptionService;
|
|
1130
1276
|
getEncryptionNetwork(nameOrNetworkId?: string): Promise<NetworkDescriptor | null>;
|
|
1131
1277
|
createEncryptionNetwork(name?: string): Promise<NetworkDescriptor>;
|
|
1132
|
-
ensureEncryptionNetwork(
|
|
1278
|
+
ensureEncryptionNetwork(nameOrNetworkId?: string): Promise<NetworkDescriptor>;
|
|
1133
1279
|
/**
|
|
1134
1280
|
* App-facing secrets API backed by the `secrets` space vault.
|
|
1135
1281
|
*/
|
|
@@ -1475,6 +1621,8 @@ declare class TinyCloudNode {
|
|
|
1475
1621
|
private findGrantForOperation;
|
|
1476
1622
|
private pruneExpiredRuntimePermissionGrants;
|
|
1477
1623
|
private operationCovers;
|
|
1624
|
+
private spaceIdsEqual;
|
|
1625
|
+
private normalizeSpaceAddress;
|
|
1478
1626
|
private actionContains;
|
|
1479
1627
|
private invocationServiceName;
|
|
1480
1628
|
private isEncryptionNetworkOperation;
|
|
@@ -1669,4 +1817,4 @@ declare class WasmKeyProvider implements KeyProvider {
|
|
|
1669
1817
|
*/
|
|
1670
1818
|
declare function createWasmKeyProvider(sessionManager: SessionManagerWithListing): WasmKeyProvider;
|
|
1671
1819
|
|
|
1672
|
-
export { type DelegateToOptions as D, FileSessionStorage as F, MemorySessionStorage as M, type NodeEventEmitterStrategy as N, type PortableDelegation as P, type RestorableSession as R, type SignStrategy as S, TinyCloudNode as T, WasmKeyProvider as W, type
|
|
1820
|
+
export { type AuthDelegationArtifact as A, type DelegateToOptions as D, FileSessionStorage as F, MemorySessionStorage as M, type NodeEventEmitterStrategy as N, type PortableDelegation as P, type RestorableSession as R, type SignStrategy as S, TinyCloudNode as T, WasmKeyProvider as W, type AuthRequestArtifact as a, type DelegateToResult as b, DelegatedAccess as c, type DelegationAuthority as d, NodeUserAuthorization as e, type NodeUserAuthorizationConfig as f, type RuntimePermissionGrantOptions as g, type TinyCloudNodeConfig as h, type WasmKeyProviderConfig as i, createWasmKeyProvider as j, defaultSignStrategy as k, deserializeDelegation as l, grantAuthRequest as m, serializeDelegation as s };
|