@unicitylabs/sphere-sdk 0.5.6 → 0.5.8

package/dist/core/index.cjs

@@ -773,6 +773,7 @@ __export(core_exports, {
   CurrencyUtils: () => CurrencyUtils,
   DEFAULT_DERIVATION_PATH: () => DEFAULT_DERIVATION_PATH2,
   DEFAULT_TOKEN_DECIMALS: () => DEFAULT_TOKEN_DECIMALS,
+  SIGN_MESSAGE_PREFIX: () => SIGN_MESSAGE_PREFIX,
   Sphere: () => Sphere,
   SphereError: () => SphereError,
   base58Decode: () => base58Decode,
@@ -815,6 +816,7 @@ __export(core_exports, {
   getSphere: () => getSphere,
   hash160: () => hash160,
   hash160ToBytes: () => hash160ToBytes,
+  hashSignMessage: () => hashSignMessage,
   hexToBytes: () => hexToBytes,
   identityFromMnemonic: () => identityFromMnemonic,
   identityFromMnemonicSync: () => identityFromMnemonicSync,
@@ -839,11 +841,13 @@ __export(core_exports, {
   scanAddressesImpl: () => scanAddressesImpl,
   serializeEncrypted: () => serializeEncrypted,
   sha256: () => sha256,
+  signMessage: () => signMessage,
   sleep: () => sleep,
   sphereExists: () => sphereExists,
   toHumanReadable: () => toHumanReadable,
   toSmallestUnit: () => toSmallestUnit,
-  validateMnemonic: () => validateMnemonic2
+  validateMnemonic: () => validateMnemonic2,
+  verifySignedMessage: () => verifySignedMessage
 });
 module.exports = __toCommonJS(core_exports);
 
@@ -1053,6 +1057,73 @@ function generateAddressInfo(privateKey, index, path, prefix = "alpha") {
     index
   };
 }
+var SIGN_MESSAGE_PREFIX = "Sphere Signed Message:\n";
+function varint(n) {
+  if (n < 253) return new Uint8Array([n]);
+  const buf = new Uint8Array(3);
+  buf[0] = 253;
+  buf[1] = n & 255;
+  buf[2] = n >> 8 & 255;
+  return buf;
+}
+function hashSignMessage(message) {
+  const prefix = new TextEncoder().encode(SIGN_MESSAGE_PREFIX);
+  const msg = new TextEncoder().encode(message);
+  const prefixLen = varint(prefix.length);
+  const msgLen = varint(msg.length);
+  const full = new Uint8Array(prefixLen.length + prefix.length + msgLen.length + msg.length);
+  let off = 0;
+  full.set(prefixLen, off);
+  off += prefixLen.length;
+  full.set(prefix, off);
+  off += prefix.length;
+  full.set(msgLen, off);
+  off += msgLen.length;
+  full.set(msg, off);
+  const hex = Array.from(full).map((b) => b.toString(16).padStart(2, "0")).join("");
+  const h1 = import_crypto_js2.default.SHA256(import_crypto_js2.default.enc.Hex.parse(hex)).toString();
+  return import_crypto_js2.default.SHA256(import_crypto_js2.default.enc.Hex.parse(h1)).toString();
+}
+function signMessage(privateKeyHex, message) {
+  const keyPair = ec.keyFromPrivate(privateKeyHex, "hex");
+  const hashHex = hashSignMessage(message);
+  const hashBytes = Buffer.from(hashHex, "hex");
+  const sig = keyPair.sign(hashBytes, { canonical: true });
+  const pub = keyPair.getPublic();
+  let recoveryParam = -1;
+  for (let i = 0; i < 4; i++) {
+    try {
+      if (ec.recoverPubKey(hashBytes, sig, i).eq(pub)) {
+        recoveryParam = i;
+        break;
+      }
+    } catch {
+    }
+  }
+  if (recoveryParam === -1) {
+    throw new SphereError("Could not find recovery parameter", "SIGNING_ERROR");
+  }
+  const v = (31 + recoveryParam).toString(16).padStart(2, "0");
+  const r = sig.r.toString("hex").padStart(64, "0");
+  const s = sig.s.toString("hex").padStart(64, "0");
+  return v + r + s;
+}
+function verifySignedMessage(message, signature, expectedPubkey) {
+  if (signature.length !== 130) return false;
+  const v = parseInt(signature.slice(0, 2), 16) - 31;
+  const r = signature.slice(2, 66);
+  const s = signature.slice(66, 130);
+  if (v < 0 || v > 3) return false;
+  const hashHex = hashSignMessage(message);
+  const hashBytes = Buffer.from(hashHex, "hex");
+  try {
+    const recovered = ec.recoverPubKey(hashBytes, { r, s }, v);
+    const recoveredHex = recovered.encode("hex", true);
+    return recoveredHex === expectedPubkey;
+  } catch {
+    return false;
+  }
+}
 
 // l1/crypto.ts
 var import_crypto_js3 = __toESM(require("crypto-js"), 1);
@@ -8983,13 +9054,16 @@ var GroupChatModule = class {
       logger.error("GroupChat", "Max reconnection attempts reached");
       return;
     }
+    const maxDelay = this.config.reconnectDelayMs * 16;
+    const delay = Math.min(this.config.reconnectDelayMs * Math.pow(2, this.reconnectAttempts), maxDelay);
     this.reconnectAttempts++;
+    logger.debug("GroupChat", `Reconnecting in ${delay}ms (attempt ${this.reconnectAttempts}/${this.config.maxReconnectAttempts})`);
     this.reconnectTimer = setTimeout(() => {
       this.reconnectTimer = null;
       if (this.deps) {
         this.connect().catch((err) => logger.error("GroupChat", "Reconnect failed:", err));
       }
-    }, this.config.reconnectDelayMs);
+    }, delay);
   }
   // ===========================================================================
   // Subscription Management
@@ -12326,6 +12400,7 @@ var secp256k1 = /* @__PURE__ */ ecdsa(Pointk1, sha2564);
 
 // modules/market/MarketModule.ts
 init_errors();
+init_logger();
 var DEFAULT_MARKET_API_URL = "https://market-api.unicity.network";
 function hexToBytes3(hex) {
   const len = hex.length >> 1;
@@ -12498,16 +12573,54 @@ var MarketModule = class {
    */
   subscribeFeed(listener) {
     const wsUrl = this.apiUrl.replace(/^http/, "ws") + "/ws/feed";
-    const ws2 = new WebSocket(wsUrl);
-    ws2.onmessage = (event) => {
-      try {
-        const raw = JSON.parse(typeof event.data === "string" ? event.data : event.data.toString());
-        listener(mapFeedMessage(raw));
-      } catch {
+    const BASE_DELAY2 = 2e3;
+    const MAX_DELAY2 = 3e4;
+    const MAX_ATTEMPTS = 10;
+    let ws2 = null;
+    let reconnectAttempts2 = 0;
+    let reconnectTimer = null;
+    let destroyed = false;
+    function connect2() {
+      if (destroyed) return;
+      ws2 = new WebSocket(wsUrl);
+      ws2.onopen = () => {
+        reconnectAttempts2 = 0;
+        logger.debug("Market", "Feed WebSocket connected");
+      };
+      ws2.onmessage = (event) => {
+        try {
+          const raw = JSON.parse(typeof event.data === "string" ? event.data : event.data.toString());
+          listener(mapFeedMessage(raw));
+        } catch {
+        }
+      };
+      ws2.onclose = () => {
+        if (destroyed) return;
+        scheduleReconnect();
+      };
+      ws2.onerror = () => {
+      };
+    }
+    function scheduleReconnect() {
+      if (destroyed) return;
+      if (reconnectAttempts2 >= MAX_ATTEMPTS) {
+        logger.warn("Market", `Feed WebSocket: gave up after ${MAX_ATTEMPTS} reconnect attempts`);
+        return;
       }
-    };
+      const delay = Math.min(BASE_DELAY2 * Math.pow(2, reconnectAttempts2), MAX_DELAY2);
+      reconnectAttempts2++;
+      logger.debug("Market", `Feed WebSocket reconnecting in ${delay}ms (attempt ${reconnectAttempts2}/${MAX_ATTEMPTS})`);
+      reconnectTimer = setTimeout(connect2, delay);
+    }
+    connect2();
     return () => {
-      ws2.close();
+      destroyed = true;
+      if (reconnectTimer) {
+        clearTimeout(reconnectTimer);
+        reconnectTimer = null;
+      }
+      ws2?.close();
+      ws2 = null;
     };
   }
   // ---------------------------------------------------------------------------
@@ -14136,6 +14249,23 @@ var Sphere = class _Sphere {
     return this._initialized;
   }
   // ===========================================================================
+  // Public Methods - Signing
+  // ===========================================================================
+  /**
+   * Sign a plaintext message with the wallet's secp256k1 private key.
+   *
+   * Returns a 130-character hex string: v (2) + r (64) + s (64).
+   * The private key never leaves the SDK boundary.
+   *
+   * @throws SphereError if the wallet is not initialized or identity is missing
+   */
+  signMessage(message) {
+    if (!this._identity?.privateKey) {
+      throw new SphereError("Wallet not initialized \u2014 cannot sign", "NOT_INITIALIZED");
+    }
+    return signMessage(this._identity.privateKey, message);
+  }
+  // ===========================================================================
   // Public Methods - Providers Access
   // ===========================================================================
   getStorage() {
@@ -16500,6 +16630,7 @@ async function runCustomCheck(name, checkFn, timeoutMs) {
   CurrencyUtils,
   DEFAULT_DERIVATION_PATH,
   DEFAULT_TOKEN_DECIMALS,
+  SIGN_MESSAGE_PREFIX,
   Sphere,
   SphereError,
   base58Decode,
@@ -16542,6 +16673,7 @@ async function runCustomCheck(name, checkFn, timeoutMs) {
   getSphere,
   hash160,
   hash160ToBytes,
+  hashSignMessage,
   hexToBytes,
   identityFromMnemonic,
   identityFromMnemonicSync,
@@ -16566,11 +16698,13 @@ async function runCustomCheck(name, checkFn, timeoutMs) {
   scanAddressesImpl,
   serializeEncrypted,
   sha256,
+  signMessage,
   sleep,
   sphereExists,
   toHumanReadable,
   toSmallestUnit,
-  validateMnemonic
+  validateMnemonic,
+  verifySignedMessage
 });
 /*! Bundled license information: