@tinycloud/sdk-services 2.3.0-beta.2 → 2.3.0-beta.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (9) hide show
  1. package/dist/encryption/index.cjs +46 -3
  2. package/dist/encryption/index.cjs.map +1 -1
  3. package/dist/encryption/index.js +46 -3
  4. package/dist/encryption/index.js.map +1 -1
  5. package/dist/index.cjs +46 -3
  6. package/dist/index.cjs.map +1 -1
  7. package/dist/index.js +46 -3
  8. package/dist/index.js.map +1 -1
  9. package/package.json +2 -2
package/dist/index.cjs CHANGED
@@ -4538,6 +4538,7 @@ function canonicalHashHex(sha256, value) {
4538
4538
  // src/encryption/networkId.ts
4539
4539
  var URN_PREFIX = "urn:tinycloud:encryption:";
4540
4540
  var NETWORK_NAME_RE = /^[a-z0-9][a-z0-9-]*$/;
4541
+ var PKH_EIP155_DID_RE = /^did:pkh:eip155:(\d+):(0x[a-fA-F0-9]{40})$/;
4541
4542
  var NetworkIdError = class extends Error {
4542
4543
  constructor(message) {
4543
4544
  super(message);
@@ -4604,6 +4605,22 @@ function isNetworkId(networkId) {
4604
4605
  return false;
4605
4606
  }
4606
4607
  }
4608
+ function parsePkhOwnerDid(ownerDid) {
4609
+ const match = ownerDid.match(PKH_EIP155_DID_RE);
4610
+ if (!match) return null;
4611
+ return {
4612
+ chainId: match[1],
4613
+ address: match[2].toLowerCase()
4614
+ };
4615
+ }
4616
+ function ownerDidMatches(a, b) {
4617
+ const aPkh = parsePkhOwnerDid(a);
4618
+ const bPkh = parsePkhOwnerDid(b);
4619
+ if (aPkh && bPkh) {
4620
+ return aPkh.chainId === bPkh.chainId && aPkh.address === bPkh.address;
4621
+ }
4622
+ return a === b;
4623
+ }
4607
4624
  function networkDiscoveryKey(name) {
4608
4625
  if (!NETWORK_NAME_RE.test(name)) {
4609
4626
  throw new NetworkIdError(
@@ -4739,7 +4756,19 @@ async function discoverNetwork(input) {
4739
4756
  };
4740
4757
  }
4741
4758
  function validateDescriptor(descriptor, networkId, ownerDid, name) {
4742
- if (descriptor.networkId !== networkId) {
4759
+ let descriptorNetwork;
4760
+ try {
4761
+ descriptorNetwork = parseNetworkId(descriptor.networkId);
4762
+ } catch (err3) {
4763
+ return {
4764
+ ok: false,
4765
+ error: encryptionError({
4766
+ code: "INVALID_NETWORK_ID",
4767
+ message: `descriptor networkId is malformed: ${err3 instanceof Error ? err3.message : String(err3)}`
4768
+ })
4769
+ };
4770
+ }
4771
+ if (descriptorNetwork.name !== name || !ownerDidMatches(descriptorNetwork.ownerDid, ownerDid)) {
4743
4772
  return {
4744
4773
  ok: false,
4745
4774
  error: encryptionError({
@@ -4748,7 +4777,8 @@ function validateDescriptor(descriptor, networkId, ownerDid, name) {
4748
4777
  })
4749
4778
  };
4750
4779
  }
4751
- if (descriptor.ownerDid !== ownerDid) {
4780
+ const descriptorOwnerDid = descriptorOwner(descriptor);
4781
+ if (descriptorOwnerDid === void 0 || !ownerDidMatches(descriptorOwnerDid, ownerDid) || !ownerDidMatches(descriptorOwnerDid, descriptorNetwork.ownerDid)) {
4752
4782
  return {
4753
4783
  ok: false,
4754
4784
  error: encryptionError({
@@ -4775,7 +4805,20 @@ function validateDescriptor(descriptor, networkId, ownerDid, name) {
4775
4805
  })
4776
4806
  };
4777
4807
  }
4778
- return { ok: true, data: descriptor };
4808
+ return {
4809
+ ok: true,
4810
+ data: {
4811
+ ...descriptor,
4812
+ ownerDid: descriptorOwnerDid
4813
+ }
4814
+ };
4815
+ }
4816
+ function descriptorOwner(descriptor) {
4817
+ if (typeof descriptor.ownerDid === "string" && descriptor.ownerDid.length > 0) {
4818
+ return descriptor.ownerDid;
4819
+ }
4820
+ const legacyDescriptor = descriptor;
4821
+ return typeof legacyDescriptor.principal === "string" && legacyDescriptor.principal.length > 0 ? legacyDescriptor.principal : void 0;
4779
4822
  }
4780
4823
  function ensureNetworkUsableForDecrypt(descriptor) {
4781
4824
  if (descriptor.state === "active" || descriptor.state === "rotating") {