@tinycloud/sdk-services 2.3.0-beta.2 → 2.3.0-beta.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (9) hide show
  1. package/dist/encryption/index.cjs +46 -3
  2. package/dist/encryption/index.cjs.map +1 -1
  3. package/dist/encryption/index.js +46 -3
  4. package/dist/encryption/index.js.map +1 -1
  5. package/dist/index.cjs +46 -3
  6. package/dist/index.cjs.map +1 -1
  7. package/dist/index.js +46 -3
  8. package/dist/index.js.map +1 -1
  9. package/package.json +2 -2
package/dist/encryption/index.js CHANGED
@@ -387,6 +387,7 @@ function canonicalHashHex(sha256, value) {
387
387
  // src/encryption/networkId.ts
388
388
  var URN_PREFIX = "urn:tinycloud:encryption:";
389
389
  var NETWORK_NAME_RE = /^[a-z0-9][a-z0-9-]*$/;
390
+ var PKH_EIP155_DID_RE = /^did:pkh:eip155:(\d+):(0x[a-fA-F0-9]{40})$/;
390
391
  var NetworkIdError = class extends Error {
391
392
  constructor(message) {
392
393
  super(message);
@@ -453,6 +454,22 @@ function isNetworkId(networkId) {
453
454
  return false;
454
455
  }
455
456
  }
457
+ function parsePkhOwnerDid(ownerDid) {
458
+ const match = ownerDid.match(PKH_EIP155_DID_RE);
459
+ if (!match) return null;
460
+ return {
461
+ chainId: match[1],
462
+ address: match[2].toLowerCase()
463
+ };
464
+ }
465
+ function ownerDidMatches(a, b) {
466
+ const aPkh = parsePkhOwnerDid(a);
467
+ const bPkh = parsePkhOwnerDid(b);
468
+ if (aPkh && bPkh) {
469
+ return aPkh.chainId === bPkh.chainId && aPkh.address === bPkh.address;
470
+ }
471
+ return a === b;
472
+ }
456
473
  function networkDiscoveryKey(name) {
457
474
  if (!NETWORK_NAME_RE.test(name)) {
458
475
  throw new NetworkIdError(
@@ -588,7 +605,19 @@ async function discoverNetwork(input) {
588
605
  };
589
606
  }
590
607
  function validateDescriptor(descriptor, networkId, ownerDid, name) {
591
- if (descriptor.networkId !== networkId) {
608
+ let descriptorNetwork;
609
+ try {
610
+ descriptorNetwork = parseNetworkId(descriptor.networkId);
611
+ } catch (err2) {
612
+ return {
613
+ ok: false,
614
+ error: encryptionError({
615
+ code: "INVALID_NETWORK_ID",
616
+ message: `descriptor networkId is malformed: ${err2 instanceof Error ? err2.message : String(err2)}`
617
+ })
618
+ };
619
+ }
620
+ if (descriptorNetwork.name !== name || !ownerDidMatches(descriptorNetwork.ownerDid, ownerDid)) {
592
621
  return {
593
622
  ok: false,
594
623
  error: encryptionError({
@@ -597,7 +626,8 @@ function validateDescriptor(descriptor, networkId, ownerDid, name) {
597
626
  })
598
627
  };
599
628
  }
600
- if (descriptor.ownerDid !== ownerDid) {
629
+ const descriptorOwnerDid = descriptorOwner(descriptor);
630
+ if (descriptorOwnerDid === void 0 || !ownerDidMatches(descriptorOwnerDid, ownerDid) || !ownerDidMatches(descriptorOwnerDid, descriptorNetwork.ownerDid)) {
601
631
  return {
602
632
  ok: false,
603
633
  error: encryptionError({
@@ -624,7 +654,20 @@ function validateDescriptor(descriptor, networkId, ownerDid, name) {
624
654
  })
625
655
  };
626
656
  }
627
- return { ok: true, data: descriptor };
657
+ return {
658
+ ok: true,
659
+ data: {
660
+ ...descriptor,
661
+ ownerDid: descriptorOwnerDid
662
+ }
663
+ };
664
+ }
665
+ function descriptorOwner(descriptor) {
666
+ if (typeof descriptor.ownerDid === "string" && descriptor.ownerDid.length > 0) {
667
+ return descriptor.ownerDid;
668
+ }
669
+ const legacyDescriptor = descriptor;
670
+ return typeof legacyDescriptor.principal === "string" && legacyDescriptor.principal.length > 0 ? legacyDescriptor.principal : void 0;
628
671
  }
629
672
  function ensureNetworkUsableForDecrypt(descriptor) {
630
673
  if (descriptor.state === "active" || descriptor.state === "rotating") {