@tinycloud/sdk-services 2.2.0-beta.12 → 2.2.0-beta.13
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.cjs +40 -20
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.cts +1 -0
- package/dist/index.d.ts +1 -0
- package/dist/index.js +41 -21
- package/dist/index.js.map +1 -1
- package/package.json +1 -1
package/dist/index.d.cts
CHANGED
|
@@ -1747,6 +1747,7 @@ declare class DataVaultService extends BaseService implements IDataVaultService
|
|
|
1747
1747
|
private encryptionIdentity;
|
|
1748
1748
|
private _isUnlocked;
|
|
1749
1749
|
private vaultConfig;
|
|
1750
|
+
private unlockInFlight;
|
|
1750
1751
|
/**
|
|
1751
1752
|
* Create a new DataVaultService instance.
|
|
1752
1753
|
*
|
package/dist/index.d.ts
CHANGED
|
@@ -1747,6 +1747,7 @@ declare class DataVaultService extends BaseService implements IDataVaultService
|
|
|
1747
1747
|
private encryptionIdentity;
|
|
1748
1748
|
private _isUnlocked;
|
|
1749
1749
|
private vaultConfig;
|
|
1750
|
+
private unlockInFlight;
|
|
1750
1751
|
/**
|
|
1751
1752
|
* Create a new DataVaultService instance.
|
|
1752
1753
|
*
|
package/dist/index.js
CHANGED
|
@@ -2937,6 +2937,9 @@ function base64Decode(str) {
|
|
|
2937
2937
|
}
|
|
2938
2938
|
return bytes;
|
|
2939
2939
|
}
|
|
2940
|
+
function isUnlockSigner(signer) {
|
|
2941
|
+
return typeof signer === "object" && signer !== null && typeof signer.signMessage === "function";
|
|
2942
|
+
}
|
|
2940
2943
|
function defaultVaultMessage(input) {
|
|
2941
2944
|
switch (input.code) {
|
|
2942
2945
|
case "DECRYPTION_FAILED":
|
|
@@ -2974,6 +2977,7 @@ var DataVaultService = class extends BaseService {
|
|
|
2974
2977
|
this.masterKey = null;
|
|
2975
2978
|
this.encryptionIdentity = null;
|
|
2976
2979
|
this._isUnlocked = false;
|
|
2980
|
+
this.unlockInFlight = null;
|
|
2977
2981
|
this.vaultConfig = config;
|
|
2978
2982
|
this._config = config;
|
|
2979
2983
|
}
|
|
@@ -3033,30 +3037,40 @@ var DataVaultService = class extends BaseService {
|
|
|
3033
3037
|
* signatures exist (browser only).
|
|
3034
3038
|
*/
|
|
3035
3039
|
async unlock(signer) {
|
|
3036
|
-
|
|
3040
|
+
const unlockSigner = isUnlockSigner(signer) ? signer : void 0;
|
|
3041
|
+
if (this._isUnlocked && this.masterKey && (this.encryptionIdentity || !unlockSigner)) {
|
|
3042
|
+
return { ok: true, data: void 0 };
|
|
3043
|
+
}
|
|
3044
|
+
if (this.unlockInFlight) {
|
|
3045
|
+
return this.unlockInFlight;
|
|
3046
|
+
}
|
|
3047
|
+
this.unlockInFlight = this.withTelemetry("unlock", void 0, async () => {
|
|
3037
3048
|
const spaceId = this.vaultConfig.spaceId;
|
|
3038
3049
|
const versionConfig = VaultVersionConfig[CURRENT_VAULT_VERSION];
|
|
3039
3050
|
const masterCacheKey = `vault-master:${spaceId}`;
|
|
3040
3051
|
const identityCacheKey = `vault-identity:${this.tc.address}`;
|
|
3041
3052
|
try {
|
|
3042
|
-
|
|
3043
|
-
|
|
3044
|
-
if (!
|
|
3045
|
-
|
|
3046
|
-
|
|
3047
|
-
|
|
3048
|
-
|
|
3053
|
+
if (!this.masterKey) {
|
|
3054
|
+
let masterSigBytes = await loadCachedSignature(masterCacheKey);
|
|
3055
|
+
if (!masterSigBytes) {
|
|
3056
|
+
if (!unlockSigner) {
|
|
3057
|
+
return vaultError({
|
|
3058
|
+
code: "VAULT_LOCKED",
|
|
3059
|
+
message: "Signer is required when no cached master signature exists"
|
|
3060
|
+
});
|
|
3061
|
+
}
|
|
3062
|
+
const sig = await unlockSigner.signMessage(
|
|
3063
|
+
versionConfig.masterMessage(spaceId)
|
|
3064
|
+
);
|
|
3065
|
+
masterSigBytes = toBytes(sig);
|
|
3066
|
+
await cacheSignature(masterCacheKey, masterSigBytes);
|
|
3049
3067
|
}
|
|
3050
|
-
|
|
3051
|
-
|
|
3052
|
-
|
|
3053
|
-
|
|
3054
|
-
|
|
3055
|
-
|
|
3056
|
-
masterSigBytes,
|
|
3057
|
-
this.crypto.sha256(toBytes(spaceId)),
|
|
3058
|
-
toBytes("vault-master")
|
|
3059
|
-
);
|
|
3068
|
+
this.masterKey = this.crypto.deriveKey(
|
|
3069
|
+
masterSigBytes,
|
|
3070
|
+
this.crypto.sha256(toBytes(spaceId)),
|
|
3071
|
+
toBytes("vault-master")
|
|
3072
|
+
);
|
|
3073
|
+
}
|
|
3060
3074
|
const publicSpaceId = this.tc.makePublicSpaceId(this.tc.address, this.tc.chainId);
|
|
3061
3075
|
let existingPubKey = null;
|
|
3062
3076
|
try {
|
|
@@ -3079,13 +3093,14 @@ var DataVaultService = class extends BaseService {
|
|
|
3079
3093
|
} else {
|
|
3080
3094
|
let identitySigBytes = await loadCachedSignature(identityCacheKey);
|
|
3081
3095
|
if (!identitySigBytes) {
|
|
3082
|
-
if (!
|
|
3096
|
+
if (!unlockSigner) {
|
|
3083
3097
|
this.encryptionIdentity = null;
|
|
3084
3098
|
this._isUnlocked = true;
|
|
3085
3099
|
return ok(void 0);
|
|
3086
3100
|
}
|
|
3087
|
-
const
|
|
3088
|
-
|
|
3101
|
+
const sig = await unlockSigner.signMessage(
|
|
3102
|
+
versionConfig.identityMessage
|
|
3103
|
+
);
|
|
3089
3104
|
identitySigBytes = toBytes(sig);
|
|
3090
3105
|
await cacheSignature(identityCacheKey, identitySigBytes);
|
|
3091
3106
|
}
|
|
@@ -3115,6 +3130,11 @@ var DataVaultService = class extends BaseService {
|
|
|
3115
3130
|
});
|
|
3116
3131
|
}
|
|
3117
3132
|
});
|
|
3133
|
+
try {
|
|
3134
|
+
return await this.unlockInFlight;
|
|
3135
|
+
} finally {
|
|
3136
|
+
this.unlockInFlight = null;
|
|
3137
|
+
}
|
|
3118
3138
|
}
|
|
3119
3139
|
/**
|
|
3120
3140
|
* Clear the cached vault signatures.
|