@tinycloud/sdk-services 2.3.0-beta.2 → 2.3.0-beta.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (9) hide show
  1. package/dist/encryption/index.cjs +46 -3
  2. package/dist/encryption/index.cjs.map +1 -1
  3. package/dist/encryption/index.js +46 -3
  4. package/dist/encryption/index.js.map +1 -1
  5. package/dist/index.cjs +46 -3
  6. package/dist/index.cjs.map +1 -1
  7. package/dist/index.js +46 -3
  8. package/dist/index.js.map +1 -1
  9. package/package.json +2 -2
package/dist/index.js CHANGED
@@ -4410,6 +4410,7 @@ function canonicalHashHex(sha256, value) {
4410
4410
  // src/encryption/networkId.ts
4411
4411
  var URN_PREFIX = "urn:tinycloud:encryption:";
4412
4412
  var NETWORK_NAME_RE = /^[a-z0-9][a-z0-9-]*$/;
4413
+ var PKH_EIP155_DID_RE = /^did:pkh:eip155:(\d+):(0x[a-fA-F0-9]{40})$/;
4413
4414
  var NetworkIdError = class extends Error {
4414
4415
  constructor(message) {
4415
4416
  super(message);
@@ -4476,6 +4477,22 @@ function isNetworkId(networkId) {
4476
4477
  return false;
4477
4478
  }
4478
4479
  }
4480
+ function parsePkhOwnerDid(ownerDid) {
4481
+ const match = ownerDid.match(PKH_EIP155_DID_RE);
4482
+ if (!match) return null;
4483
+ return {
4484
+ chainId: match[1],
4485
+ address: match[2].toLowerCase()
4486
+ };
4487
+ }
4488
+ function ownerDidMatches(a, b) {
4489
+ const aPkh = parsePkhOwnerDid(a);
4490
+ const bPkh = parsePkhOwnerDid(b);
4491
+ if (aPkh && bPkh) {
4492
+ return aPkh.chainId === bPkh.chainId && aPkh.address === bPkh.address;
4493
+ }
4494
+ return a === b;
4495
+ }
4479
4496
  function networkDiscoveryKey(name) {
4480
4497
  if (!NETWORK_NAME_RE.test(name)) {
4481
4498
  throw new NetworkIdError(
@@ -4611,7 +4628,19 @@ async function discoverNetwork(input) {
4611
4628
  };
4612
4629
  }
4613
4630
  function validateDescriptor(descriptor, networkId, ownerDid, name) {
4614
- if (descriptor.networkId !== networkId) {
4631
+ let descriptorNetwork;
4632
+ try {
4633
+ descriptorNetwork = parseNetworkId(descriptor.networkId);
4634
+ } catch (err3) {
4635
+ return {
4636
+ ok: false,
4637
+ error: encryptionError({
4638
+ code: "INVALID_NETWORK_ID",
4639
+ message: `descriptor networkId is malformed: ${err3 instanceof Error ? err3.message : String(err3)}`
4640
+ })
4641
+ };
4642
+ }
4643
+ if (descriptorNetwork.name !== name || !ownerDidMatches(descriptorNetwork.ownerDid, ownerDid)) {
4615
4644
  return {
4616
4645
  ok: false,
4617
4646
  error: encryptionError({
@@ -4620,7 +4649,8 @@ function validateDescriptor(descriptor, networkId, ownerDid, name) {
4620
4649
  })
4621
4650
  };
4622
4651
  }
4623
- if (descriptor.ownerDid !== ownerDid) {
4652
+ const descriptorOwnerDid = descriptorOwner(descriptor);
4653
+ if (descriptorOwnerDid === void 0 || !ownerDidMatches(descriptorOwnerDid, ownerDid) || !ownerDidMatches(descriptorOwnerDid, descriptorNetwork.ownerDid)) {
4624
4654
  return {
4625
4655
  ok: false,
4626
4656
  error: encryptionError({
@@ -4647,7 +4677,20 @@ function validateDescriptor(descriptor, networkId, ownerDid, name) {
4647
4677
  })
4648
4678
  };
4649
4679
  }
4650
- return { ok: true, data: descriptor };
4680
+ return {
4681
+ ok: true,
4682
+ data: {
4683
+ ...descriptor,
4684
+ ownerDid: descriptorOwnerDid
4685
+ }
4686
+ };
4687
+ }
4688
+ function descriptorOwner(descriptor) {
4689
+ if (typeof descriptor.ownerDid === "string" && descriptor.ownerDid.length > 0) {
4690
+ return descriptor.ownerDid;
4691
+ }
4692
+ const legacyDescriptor = descriptor;
4693
+ return typeof legacyDescriptor.principal === "string" && legacyDescriptor.principal.length > 0 ? legacyDescriptor.principal : void 0;
4651
4694
  }
4652
4695
  function ensureNetworkUsableForDecrypt(descriptor) {
4653
4696
  if (descriptor.state === "active" || descriptor.state === "rotating") {