@tinycloud/sdk-services 2.3.0-beta.2 → 2.3.0-beta.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (9) hide show
  1. package/dist/encryption/index.cjs +46 -3
  2. package/dist/encryption/index.cjs.map +1 -1
  3. package/dist/encryption/index.js +46 -3
  4. package/dist/encryption/index.js.map +1 -1
  5. package/dist/index.cjs +46 -3
  6. package/dist/index.cjs.map +1 -1
  7. package/dist/index.js +46 -3
  8. package/dist/index.js.map +1 -1
  9. package/package.json +2 -2
package/dist/encryption/index.cjs CHANGED
@@ -452,6 +452,7 @@ function canonicalHashHex(sha256, value) {
452
452
  // src/encryption/networkId.ts
453
453
  var URN_PREFIX = "urn:tinycloud:encryption:";
454
454
  var NETWORK_NAME_RE = /^[a-z0-9][a-z0-9-]*$/;
455
+ var PKH_EIP155_DID_RE = /^did:pkh:eip155:(\d+):(0x[a-fA-F0-9]{40})$/;
455
456
  var NetworkIdError = class extends Error {
456
457
  constructor(message) {
457
458
  super(message);
@@ -518,6 +519,22 @@ function isNetworkId(networkId) {
518
519
  return false;
519
520
  }
520
521
  }
522
+ function parsePkhOwnerDid(ownerDid) {
523
+ const match = ownerDid.match(PKH_EIP155_DID_RE);
524
+ if (!match) return null;
525
+ return {
526
+ chainId: match[1],
527
+ address: match[2].toLowerCase()
528
+ };
529
+ }
530
+ function ownerDidMatches(a, b) {
531
+ const aPkh = parsePkhOwnerDid(a);
532
+ const bPkh = parsePkhOwnerDid(b);
533
+ if (aPkh && bPkh) {
534
+ return aPkh.chainId === bPkh.chainId && aPkh.address === bPkh.address;
535
+ }
536
+ return a === b;
537
+ }
521
538
  function networkDiscoveryKey(name) {
522
539
  if (!NETWORK_NAME_RE.test(name)) {
523
540
  throw new NetworkIdError(
@@ -653,7 +670,19 @@ async function discoverNetwork(input) {
653
670
  };
654
671
  }
655
672
  function validateDescriptor(descriptor, networkId, ownerDid, name) {
656
- if (descriptor.networkId !== networkId) {
673
+ let descriptorNetwork;
674
+ try {
675
+ descriptorNetwork = parseNetworkId(descriptor.networkId);
676
+ } catch (err2) {
677
+ return {
678
+ ok: false,
679
+ error: encryptionError({
680
+ code: "INVALID_NETWORK_ID",
681
+ message: `descriptor networkId is malformed: ${err2 instanceof Error ? err2.message : String(err2)}`
682
+ })
683
+ };
684
+ }
685
+ if (descriptorNetwork.name !== name || !ownerDidMatches(descriptorNetwork.ownerDid, ownerDid)) {
657
686
  return {
658
687
  ok: false,
659
688
  error: encryptionError({
@@ -662,7 +691,8 @@ function validateDescriptor(descriptor, networkId, ownerDid, name) {
662
691
  })
663
692
  };
664
693
  }
665
- if (descriptor.ownerDid !== ownerDid) {
694
+ const descriptorOwnerDid = descriptorOwner(descriptor);
695
+ if (descriptorOwnerDid === void 0 || !ownerDidMatches(descriptorOwnerDid, ownerDid) || !ownerDidMatches(descriptorOwnerDid, descriptorNetwork.ownerDid)) {
666
696
  return {
667
697
  ok: false,
668
698
  error: encryptionError({
@@ -689,7 +719,20 @@ function validateDescriptor(descriptor, networkId, ownerDid, name) {
689
719
  })
690
720
  };
691
721
  }
692
- return { ok: true, data: descriptor };
722
+ return {
723
+ ok: true,
724
+ data: {
725
+ ...descriptor,
726
+ ownerDid: descriptorOwnerDid
727
+ }
728
+ };
729
+ }
730
+ function descriptorOwner(descriptor) {
731
+ if (typeof descriptor.ownerDid === "string" && descriptor.ownerDid.length > 0) {
732
+ return descriptor.ownerDid;
733
+ }
734
+ const legacyDescriptor = descriptor;
735
+ return typeof legacyDescriptor.principal === "string" && legacyDescriptor.principal.length > 0 ? legacyDescriptor.principal : void 0;
693
736
  }
694
737
  function ensureNetworkUsableForDecrypt(descriptor) {
695
738
  if (descriptor.state === "active" || descriptor.state === "rotating") {