@tinycloud/node-sdk 2.4.1-beta.0 → 2.5.0-beta.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/core.d.cts CHANGED
@@ -1,4 +1,4 @@
1
1
  export { ACCOUNT_REGISTRY_PATH, ACCOUNT_REGISTRY_SPACE, AccountApplication, AccountApplicationListOptions, AccountDelegation, AccountDelegationListOptions, AccountDelegationRevokeOptions, AccountIndexEnsureResult, AccountIndexRebuildResult, AccountIndexStatus, AccountIndexedReadOptions, AccountService, AccountServiceConfig, AccountSpace, AccountSpaceListOptions, AccountStatus, AutoApproveSpaceCreationHandler, AutoRejectStrategy, AutoSignStrategy, BatchOptions, BatchResponse, CallbackStrategy, CanonicalAddress, CanonicalParsedNetworkId, CapabilityEntry, CapabilityKeyRegistry, CapabilityKeyRegistryErrorCode, CapabilityKeyRegistryErrorCodes, ClientSession, ColumnInfo, ComposeManifestOptions, ComposedManifestRequest, CreateDelegationParams, DEFAULT_MANIFEST_SPACE, DEFAULT_MANIFEST_VERSION, DEFAULT_SIGNED_READ_URL_EXPIRY_MS, DataVaultConfig, DataVaultService, DatabaseHandle, Delegation, DelegationChain, DelegationChainV2, DelegationDirection, DelegationError, DelegationErrorCode, DelegationErrorCodes, DelegationFilters, DelegationManager, DelegationManagerConfig, DelegationRecord, DelegationResult, DidCacheKeyOptions, DidEqualsOptions, DuckDbAction, DuckDbActionType, DuckDbBatchOptions, DuckDbBatchResponse, DuckDbDatabaseHandle, DuckDbExecuteOptions, DuckDbExecuteResponse, DuckDbOptions, DuckDbQueryOptions, DuckDbQueryResponse, DuckDbService, DuckDbServiceConfig, DuckDbStatement, DuckDbValue, EncodedShareData, ExecuteOptions, ExecuteResponse, Extension, FetchFunction, GenerateShareParams, ICapabilityKeyRegistry, IDataVaultService, IDatabaseHandle, IDuckDbDatabaseHandle, IDuckDbService, IENSResolver, IKVService, INotificationHandler, IPrefixedKVService, ISQLService, ISecretsService, ISessionManager, ISessionStorage, ISharingService, ISigner, ISpace, ISpaceCreationHandler, ISpaceScopedDelegations, ISpaceScopedSharing, ISpaceService, IUserAuthorization, IWasmBindings, IdentityParseError, IngestOptions, InvokeFunction, JWK, KVCreateSignedReadUrlOptions, KVResponse, KVService, KVServiceConfig, KVSignedReadUrlResponse, KeyInfo, KeyProvider, KeyType, Manifest, ManifestDefaults, ManifestRegistryRecord, ManifestSecretActions, ManifestValidationError, OpenKeyCallbackStrategy, OpenKeySigningRequestBody, OpenKeySigningResponseBody, OpenKeySigningStrategyOptions, PermissionEntry, PermissionNotInManifestError, PersistedSessionData, PkhDidParts, PrefixedKVService, ProtocolMismatchError, QueryOptions, QueryResponse, ReceiveOptions, ResolvedCapabilities, ResolvedDelegate, ResolvedSecretPath, ResourceCapability, SECRET_NAME_RE, SQLAction, SQLActionType, SQLService, SQLServiceConfig, SchemaInfo, SecretPayload, SecretScopeOptions, SecretsError, SecretsService, ServiceContext, ServiceContextConfig, ServiceSession, SessionExpiredError, ShareAccess, ShareLink, ShareLinkData, ShareSchema, SharingService, SharingServiceConfig, SignCallback, SignInOptions, SignRequest, SignResponse, SilentNotificationHandler, Space, SpaceAbilitiesMap, SpaceConfig, SpaceCreationContext, SpaceErrorCode, SpaceErrorCodes, SpaceInfo, SpaceOwnership, SpaceService, SpaceServiceConfig, SqlStatement, SqlValue, StoredDelegationChain, TableInfo, TelemetryConfig, TelemetryEventHandler, TinyCloud, TinyCloudConfig, TinyCloudDebugEnableOptions, TinyCloudDebugEvent, TinyCloudDebugLevel, TinyCloudDebugLogger, TinyCloudDebugTimer, TinyCloudSession, UnsupportedFeatureError, VAULT_PERMISSION_SERVICE, VaultCrypto, VaultEntry, VaultError, VaultGetOptions, VaultGrantOptions, VaultHeaders, VaultListOptions, VaultPublicSpaceKVActions, VaultPutOptions, VersionCheckError, ViewInfo, WasmVaultFunctions, addressStorageKey, buildSpaceUri, canonicalizeAddress, canonicalizeDid, canonicalizeDidUrl, canonicalizeNetworkId, canonicalizeSecretScope, checkNodeInfo, clearTinyCloudDebugLogs, composeManifestRequest, createCapabilityKeyRegistry, createOpenKeyCallbackSigningStrategy, createSharingService, createSpaceService, createVaultCrypto, defaultSpaceCreationHandler, didCacheKey, didEquals, disableTinyCloudDebug, enableTinyCloudDebug, expandActionShortNames, expandPermissionEntries, expandPermissionEntry, getTinyCloudDebugLogs, installTinyCloudDebugGlobals, isCapabilitySubset, isEvmAddress, loadManifest, makePkhSpaceId, makePublicSpaceId, parseCanonicalNetworkId, parseExpiry, parsePkhDid, parseSpaceUri, pkhDid, principalDid, principalDidEquals, resolveManifest, resolveSecretListPrefix, resolveSecretPath, resourceCapabilitiesToSpaceAbilitiesMap, tinyCloudDebugLogger, validateManifest } from '@tinycloud/sdk-core';
2
- export { D as DelegateToOptions, b as DelegateToResult, c as DelegatedAccess, F as FileSessionStorage, M as MemorySessionStorage, N as NodeEventEmitterStrategy, e as NodeUserAuthorization, f as NodeUserAuthorizationConfig, P as PortableDelegation, g as RuntimePermissionGrantOptions, S as SignStrategy, T as TinyCloudNode, h as TinyCloudNodeConfig, W as WasmKeyProvider, i as WasmKeyProviderConfig, j as createWasmKeyProvider, k as defaultSignStrategy, l as deserializeDelegation, s as serializeDelegation } from './core-D01sn2vf.cjs';
2
+ export { D as DelegateToOptions, b as DelegateToResult, c as DelegatedAccess, F as FileSessionStorage, M as MemorySessionStorage, N as NodeEventEmitterStrategy, e as NodeUserAuthorization, f as NodeUserAuthorizationConfig, P as PortableDelegation, g as RuntimePermissionGrantOptions, S as SignStrategy, T as TinyCloudNode, h as TinyCloudNodeConfig, W as WasmKeyProvider, i as WasmKeyProviderConfig, j as createWasmKeyProvider, k as defaultSignStrategy, l as deserializeDelegation, s as serializeDelegation } from './core-ojeY-wet.cjs';
3
3
  import 'events';
4
4
  import '@tinycloud/sdk-services';
package/dist/core.d.ts CHANGED
@@ -1,4 +1,4 @@
1
1
  export { ACCOUNT_REGISTRY_PATH, ACCOUNT_REGISTRY_SPACE, AccountApplication, AccountApplicationListOptions, AccountDelegation, AccountDelegationListOptions, AccountDelegationRevokeOptions, AccountIndexEnsureResult, AccountIndexRebuildResult, AccountIndexStatus, AccountIndexedReadOptions, AccountService, AccountServiceConfig, AccountSpace, AccountSpaceListOptions, AccountStatus, AutoApproveSpaceCreationHandler, AutoRejectStrategy, AutoSignStrategy, BatchOptions, BatchResponse, CallbackStrategy, CanonicalAddress, CanonicalParsedNetworkId, CapabilityEntry, CapabilityKeyRegistry, CapabilityKeyRegistryErrorCode, CapabilityKeyRegistryErrorCodes, ClientSession, ColumnInfo, ComposeManifestOptions, ComposedManifestRequest, CreateDelegationParams, DEFAULT_MANIFEST_SPACE, DEFAULT_MANIFEST_VERSION, DEFAULT_SIGNED_READ_URL_EXPIRY_MS, DataVaultConfig, DataVaultService, DatabaseHandle, Delegation, DelegationChain, DelegationChainV2, DelegationDirection, DelegationError, DelegationErrorCode, DelegationErrorCodes, DelegationFilters, DelegationManager, DelegationManagerConfig, DelegationRecord, DelegationResult, DidCacheKeyOptions, DidEqualsOptions, DuckDbAction, DuckDbActionType, DuckDbBatchOptions, DuckDbBatchResponse, DuckDbDatabaseHandle, DuckDbExecuteOptions, DuckDbExecuteResponse, DuckDbOptions, DuckDbQueryOptions, DuckDbQueryResponse, DuckDbService, DuckDbServiceConfig, DuckDbStatement, DuckDbValue, EncodedShareData, ExecuteOptions, ExecuteResponse, Extension, FetchFunction, GenerateShareParams, ICapabilityKeyRegistry, IDataVaultService, IDatabaseHandle, IDuckDbDatabaseHandle, IDuckDbService, IENSResolver, IKVService, INotificationHandler, IPrefixedKVService, ISQLService, ISecretsService, ISessionManager, ISessionStorage, ISharingService, ISigner, ISpace, ISpaceCreationHandler, ISpaceScopedDelegations, ISpaceScopedSharing, ISpaceService, IUserAuthorization, IWasmBindings, IdentityParseError, IngestOptions, InvokeFunction, JWK, KVCreateSignedReadUrlOptions, KVResponse, KVService, KVServiceConfig, KVSignedReadUrlResponse, KeyInfo, KeyProvider, KeyType, Manifest, ManifestDefaults, ManifestRegistryRecord, ManifestSecretActions, ManifestValidationError, OpenKeyCallbackStrategy, OpenKeySigningRequestBody, OpenKeySigningResponseBody, OpenKeySigningStrategyOptions, PermissionEntry, PermissionNotInManifestError, PersistedSessionData, PkhDidParts, PrefixedKVService, ProtocolMismatchError, QueryOptions, QueryResponse, ReceiveOptions, ResolvedCapabilities, ResolvedDelegate, ResolvedSecretPath, ResourceCapability, SECRET_NAME_RE, SQLAction, SQLActionType, SQLService, SQLServiceConfig, SchemaInfo, SecretPayload, SecretScopeOptions, SecretsError, SecretsService, ServiceContext, ServiceContextConfig, ServiceSession, SessionExpiredError, ShareAccess, ShareLink, ShareLinkData, ShareSchema, SharingService, SharingServiceConfig, SignCallback, SignInOptions, SignRequest, SignResponse, SilentNotificationHandler, Space, SpaceAbilitiesMap, SpaceConfig, SpaceCreationContext, SpaceErrorCode, SpaceErrorCodes, SpaceInfo, SpaceOwnership, SpaceService, SpaceServiceConfig, SqlStatement, SqlValue, StoredDelegationChain, TableInfo, TelemetryConfig, TelemetryEventHandler, TinyCloud, TinyCloudConfig, TinyCloudDebugEnableOptions, TinyCloudDebugEvent, TinyCloudDebugLevel, TinyCloudDebugLogger, TinyCloudDebugTimer, TinyCloudSession, UnsupportedFeatureError, VAULT_PERMISSION_SERVICE, VaultCrypto, VaultEntry, VaultError, VaultGetOptions, VaultGrantOptions, VaultHeaders, VaultListOptions, VaultPublicSpaceKVActions, VaultPutOptions, VersionCheckError, ViewInfo, WasmVaultFunctions, addressStorageKey, buildSpaceUri, canonicalizeAddress, canonicalizeDid, canonicalizeDidUrl, canonicalizeNetworkId, canonicalizeSecretScope, checkNodeInfo, clearTinyCloudDebugLogs, composeManifestRequest, createCapabilityKeyRegistry, createOpenKeyCallbackSigningStrategy, createSharingService, createSpaceService, createVaultCrypto, defaultSpaceCreationHandler, didCacheKey, didEquals, disableTinyCloudDebug, enableTinyCloudDebug, expandActionShortNames, expandPermissionEntries, expandPermissionEntry, getTinyCloudDebugLogs, installTinyCloudDebugGlobals, isCapabilitySubset, isEvmAddress, loadManifest, makePkhSpaceId, makePublicSpaceId, parseCanonicalNetworkId, parseExpiry, parsePkhDid, parseSpaceUri, pkhDid, principalDid, principalDidEquals, resolveManifest, resolveSecretListPrefix, resolveSecretPath, resourceCapabilitiesToSpaceAbilitiesMap, tinyCloudDebugLogger, validateManifest } from '@tinycloud/sdk-core';
2
- export { D as DelegateToOptions, b as DelegateToResult, c as DelegatedAccess, F as FileSessionStorage, M as MemorySessionStorage, N as NodeEventEmitterStrategy, e as NodeUserAuthorization, f as NodeUserAuthorizationConfig, P as PortableDelegation, g as RuntimePermissionGrantOptions, S as SignStrategy, T as TinyCloudNode, h as TinyCloudNodeConfig, W as WasmKeyProvider, i as WasmKeyProviderConfig, j as createWasmKeyProvider, k as defaultSignStrategy, l as deserializeDelegation, s as serializeDelegation } from './core-D01sn2vf.js';
2
+ export { D as DelegateToOptions, b as DelegateToResult, c as DelegatedAccess, F as FileSessionStorage, M as MemorySessionStorage, N as NodeEventEmitterStrategy, e as NodeUserAuthorization, f as NodeUserAuthorizationConfig, P as PortableDelegation, g as RuntimePermissionGrantOptions, S as SignStrategy, T as TinyCloudNode, h as TinyCloudNodeConfig, W as WasmKeyProvider, i as WasmKeyProviderConfig, j as createWasmKeyProvider, k as defaultSignStrategy, l as deserializeDelegation, s as serializeDelegation } from './core-ojeY-wet.js';
3
3
  import 'events';
4
4
  import '@tinycloud/sdk-services';
package/dist/core.js CHANGED
@@ -620,7 +620,7 @@ var NodeUserAuthorization = class {
620
620
  * Create the space on the TinyCloud server (host delegation).
621
621
  * This registers the user as the owner of the space.
622
622
  */
623
- async hostSpace(targetSpaceId) {
623
+ async hostSpace(targetSpaceId, purpose) {
624
624
  if (!this._tinyCloudSession || !this._address || !this._chainId) {
625
625
  throw new Error("Must be signed in to host space");
626
626
  }
@@ -636,7 +636,7 @@ var NodeUserAuthorization = class {
636
636
  spaceId,
637
637
  peerId
638
638
  });
639
- const signature = await this.signMessage(siwe);
639
+ const signature = await this.signMessage(siwe, purpose);
640
640
  const headers = this.wasm.siweToDelegationHeaders({ siwe, signature });
641
641
  const result = await submitHostDelegation(host, headers);
642
642
  return result.success;
@@ -652,8 +652,8 @@ var NodeUserAuthorization = class {
652
652
  * Create a specific owned space on the server via host delegation.
653
653
  * Used by manifest registry setup for the account space.
654
654
  */
655
- async hostOwnedSpace(spaceId) {
656
- return this.hostSpace(spaceId);
655
+ async hostOwnedSpace(spaceId, purpose) {
656
+ return this.hostSpace(spaceId, purpose);
657
657
  }
658
658
  /**
659
659
  * Ensure the user's space exists on the TinyCloud server.
@@ -803,7 +803,8 @@ var NodeUserAuthorization = class {
803
803
  address,
804
804
  chainId,
805
805
  message: prepared.siwe,
806
- type: "siwe"
806
+ type: "siwe",
807
+ purpose: "bootstrap-session"
807
808
  });
808
809
  const session = this.wasm.completeSessionSetup({
809
810
  ...prepared,
@@ -867,7 +868,8 @@ var NodeUserAuthorization = class {
867
868
  address,
868
869
  chainId,
869
870
  message: prepared.siwe,
870
- type: "siwe"
871
+ type: "siwe",
872
+ purpose: "sign-in"
871
873
  });
872
874
  const session = this.wasm.completeSessionSetup({
873
875
  ...prepared,
@@ -955,7 +957,7 @@ var NodeUserAuthorization = class {
955
957
  /**
956
958
  * Sign a message with the connected signer.
957
959
  */
958
- async signMessage(message) {
960
+ async signMessage(message, purpose) {
959
961
  if (!this._address) {
960
962
  this._address = canonicalizeAddress(await this.signer.getAddress());
961
963
  }
@@ -966,7 +968,8 @@ var NodeUserAuthorization = class {
966
968
  address: this._address,
967
969
  chainId: this._chainId,
968
970
  message,
969
- type: "message"
971
+ type: "message",
972
+ ...purpose ? { purpose } : {}
970
973
  });
971
974
  }
972
975
  /**
@@ -1654,6 +1657,15 @@ var DEFAULT_SESSION_EXPIRATION_MS = EXPIRY3.SESSION_MS;
1654
1657
  function isOpenKeyAutoSignStrategy(strategy) {
1655
1658
  return strategy?.openKeyAutoSign === true;
1656
1659
  }
1660
+ function isInteractiveSigner(config) {
1661
+ if (config.privateKey) {
1662
+ return false;
1663
+ }
1664
+ if (isOpenKeyAutoSignStrategy(config.signStrategy)) {
1665
+ return false;
1666
+ }
1667
+ return config.signer !== void 0;
1668
+ }
1657
1669
  function didPrincipalMatches2(actual, expected) {
1658
1670
  try {
1659
1671
  return principalDidEquals2(actual, expected);
@@ -1790,6 +1802,21 @@ var _TinyCloudNode = class _TinyCloudNode {
1790
1802
  this._baseSecrets = /* @__PURE__ */ new Map();
1791
1803
  this._secrets = /* @__PURE__ */ new Map();
1792
1804
  this.runtimePermissionGrants = [];
1805
+ /**
1806
+ * True when the last signIn() detected an interactive signer and skipped
1807
+ * client-side bootstrap. Apps can read this to know whether bootstrap was
1808
+ * deferred to the server (OpenKey) or requires a separate user action.
1809
+ */
1810
+ this._bootstrapSkipped = false;
1811
+ /**
1812
+ * Outcome of the last signIn()'s account-bootstrap attempt. `skipped` is
1813
+ * true when bootstrap did not complete (interactive signer, auto-sign
1814
+ * denied, or a bootstrap step failed); `reason` carries the cause so apps
1815
+ * can surface a "finish account setup" call-to-action.
1816
+ */
1817
+ this._bootstrapStatus = {
1818
+ skipped: false
1819
+ };
1793
1820
  this.invokeWithRuntimePermissions = (session, service, path, action, facts) => {
1794
1821
  return this.wasmBindings.invoke(
1795
1822
  this.selectInvocationSession(session, service, path, action),
@@ -1882,6 +1909,15 @@ var _TinyCloudNode = class _TinyCloudNode {
1882
1909
  static registerNodeDefaults(defaults) {
1883
1910
  _TinyCloudNode.nodeDefaults = defaults;
1884
1911
  }
1912
+ /** Whether the last signIn() skipped client-side bootstrap because the
1913
+ * signer is interactive (browser wallet / EIP-1193 provider). */
1914
+ get bootstrapSkipped() {
1915
+ return this._bootstrapSkipped;
1916
+ }
1917
+ /** Outcome of the last signIn()'s account-bootstrap attempt. */
1918
+ get bootstrapStatus() {
1919
+ return this._bootstrapStatus;
1920
+ }
1885
1921
  get nodeFeatures() {
1886
1922
  return this.auth?.nodeFeatures ?? [];
1887
1923
  }
@@ -2105,17 +2141,38 @@ var _TinyCloudNode = class _TinyCloudNode {
2105
2141
  return this.wasmBindings.makeSpaceId(this._address, this._chainId, name);
2106
2142
  }
2107
2143
  async bootstrapAccountIfNeeded() {
2144
+ this._bootstrapSkipped = false;
2145
+ this._bootstrapStatus = { skipped: false };
2108
2146
  if (this.config.autoBootstrapAccount === false) {
2109
2147
  return false;
2110
2148
  }
2111
2149
  if (!this.auth || !this._address) {
2112
2150
  return false;
2113
2151
  }
2152
+ if (isInteractiveSigner(this.config)) {
2153
+ console.debug(
2154
+ "[TinyCloudNode] bootstrap skipped: interactive signer detected. Server-side bootstrap (OpenKey) is expected to have provisioned the account."
2155
+ );
2156
+ this._bootstrapSkipped = true;
2157
+ this._bootstrapStatus = { skipped: true, reason: "interactive-signer" };
2158
+ return false;
2159
+ }
2114
2160
  const steps = bootstrapSteps(this._address, this._chainId);
2115
2161
  if (!await this.isFreshBootstrapAccount(steps)) {
2116
2162
  return false;
2117
2163
  }
2118
- await this.runAccountBootstrap(steps);
2164
+ try {
2165
+ await this.runAccountBootstrap(steps);
2166
+ } catch (err) {
2167
+ const reason = err instanceof Error ? err.message : String(err);
2168
+ this._bootstrapSkipped = true;
2169
+ this._bootstrapStatus = { skipped: true, reason };
2170
+ this.notificationHandler.warning(
2171
+ `Account bootstrap did not complete: ${reason}`
2172
+ );
2173
+ console.warn(`[TinyCloudNode] account bootstrap failed: ${reason}`);
2174
+ return false;
2175
+ }
2119
2176
  return true;
2120
2177
  }
2121
2178
  async isFreshBootstrapAccount(steps) {
@@ -2167,16 +2224,23 @@ var _TinyCloudNode = class _TinyCloudNode {
2167
2224
  if (rawAbilities) {
2168
2225
  rawAbilitiesBySpace.set(step.space, rawAbilities);
2169
2226
  }
2170
- const session = await auth.createBootstrapSession({
2171
- spaceId: step.spaceId,
2172
- capabilityRequest: step.request ?? BOOTSTRAP_SESSION_REQUESTS[step.space],
2173
- rawAbilities
2174
- });
2227
+ let session;
2228
+ try {
2229
+ session = await auth.createBootstrapSession({
2230
+ spaceId: step.spaceId,
2231
+ capabilityRequest: step.request ?? BOOTSTRAP_SESSION_REQUESTS[step.space],
2232
+ rawAbilities
2233
+ });
2234
+ } catch (err) {
2235
+ throw new Error(
2236
+ `Account bootstrap aborted: signature rejected for space "${step.space}". Cause: ${err instanceof Error ? err.message : String(err)}`
2237
+ );
2238
+ }
2175
2239
  sessions.set(step.space, session);
2176
2240
  }
2177
2241
  for (const step of steps) {
2178
2242
  if (step.kind !== "host") continue;
2179
- const hosted = await auth.hostOwnedSpace(step.spaceId);
2243
+ const hosted = await auth.hostOwnedSpace(step.spaceId, "bootstrap-host");
2180
2244
  if (!hosted) {
2181
2245
  throw new Error(`Failed to host bootstrap space: ${step.spaceId}`);
2182
2246
  }