@usesigil/kit 0.16.0 → 0.18.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +56 -0
- package/dist/advanced-analytics.d.ts +3 -2
- package/dist/advanced-analytics.d.ts.map +1 -1
- package/dist/advanced-analytics.js +9 -42
- package/dist/advanced-analytics.js.map +1 -1
- package/dist/agent-bootstrap.d.ts +1 -2
- package/dist/agent-bootstrap.d.ts.map +1 -1
- package/dist/agent-bootstrap.js.map +1 -1
- package/dist/agent-errors.d.ts +20 -4
- package/dist/agent-errors.d.ts.map +1 -1
- package/dist/agent-errors.js +864 -367
- package/dist/agent-errors.js.map +1 -1
- package/dist/audit-log.d.ts +101 -0
- package/dist/audit-log.d.ts.map +1 -0
- package/dist/audit-log.js +145 -0
- package/dist/audit-log.js.map +1 -0
- package/dist/caip2-network.d.ts +171 -0
- package/dist/caip2-network.d.ts.map +1 -0
- package/dist/caip2-network.js +202 -0
- package/dist/caip2-network.js.map +1 -0
- package/dist/canonical-encode.d.ts +59 -0
- package/dist/canonical-encode.d.ts.map +1 -0
- package/dist/canonical-encode.js +141 -0
- package/dist/canonical-encode.js.map +1 -0
- package/dist/cosign-helper.d.ts +264 -0
- package/dist/cosign-helper.d.ts.map +1 -0
- package/dist/cosign-helper.js +147 -0
- package/dist/cosign-helper.js.map +1 -0
- package/dist/create-vault.d.ts +92 -0
- package/dist/create-vault.d.ts.map +1 -1
- package/dist/create-vault.js +108 -7
- package/dist/create-vault.js.map +1 -1
- package/dist/dashboard/close-vault.d.ts +110 -0
- package/dist/dashboard/close-vault.d.ts.map +1 -0
- package/dist/dashboard/close-vault.js +165 -0
- package/dist/dashboard/close-vault.js.map +1 -0
- package/dist/dashboard/errors.d.ts +2 -2
- package/dist/dashboard/errors.d.ts.map +1 -1
- package/dist/dashboard/errors.js +11 -7
- package/dist/dashboard/errors.js.map +1 -1
- package/dist/dashboard/index.d.ts +190 -34
- package/dist/dashboard/index.d.ts.map +1 -1
- package/dist/dashboard/index.js +282 -52
- package/dist/dashboard/index.js.map +1 -1
- package/dist/dashboard/mutations.d.ts +153 -24
- package/dist/dashboard/mutations.d.ts.map +1 -1
- package/dist/dashboard/mutations.js +680 -114
- package/dist/dashboard/mutations.js.map +1 -1
- package/dist/dashboard/post-assertion-validation.d.ts +1 -1
- package/dist/dashboard/post-assertion-validation.d.ts.map +1 -1
- package/dist/dashboard/post-assertion-validation.js +169 -48
- package/dist/dashboard/post-assertion-validation.js.map +1 -1
- package/dist/dashboard/reads.d.ts +3 -4
- package/dist/dashboard/reads.d.ts.map +1 -1
- package/dist/dashboard/reads.js +11 -22
- package/dist/dashboard/reads.js.map +1 -1
- package/dist/dashboard/types.d.ts +56 -19
- package/dist/dashboard/types.d.ts.map +1 -1
- package/dist/errors/agent-errors.generated.d.ts +21 -0
- package/dist/errors/agent-errors.generated.d.ts.map +1 -0
- package/dist/errors/agent-errors.generated.js +134 -0
- package/dist/errors/agent-errors.generated.js.map +1 -0
- package/dist/errors/codes.d.ts +21 -2
- package/dist/errors/codes.d.ts.map +1 -1
- package/dist/errors/codes.js +19 -0
- package/dist/errors/codes.js.map +1 -1
- package/dist/errors/context.d.ts +9 -1
- package/dist/errors/context.d.ts.map +1 -1
- package/dist/event-analytics.d.ts +1 -3
- package/dist/event-analytics.d.ts.map +1 -1
- package/dist/event-analytics.js +28 -81
- package/dist/event-analytics.js.map +1 -1
- package/dist/events.d.ts.map +1 -1
- package/dist/events.js +23 -14
- package/dist/events.js.map +1 -1
- package/dist/generated/accounts/agentSpendOverlay.d.ts +60 -0
- package/dist/generated/accounts/agentSpendOverlay.d.ts.map +1 -1
- package/dist/generated/accounts/agentSpendOverlay.js +6 -2
- package/dist/generated/accounts/agentSpendOverlay.js.map +1 -1
- package/dist/generated/accounts/agentVault.d.ts +168 -4
- package/dist/generated/accounts/agentVault.d.ts.map +1 -1
- package/dist/generated/accounts/agentVault.js +11 -3
- package/dist/generated/accounts/agentVault.js.map +1 -1
- package/dist/generated/accounts/auditLogRejected.d.ts +66 -0
- package/dist/generated/accounts/auditLogRejected.d.ts.map +1 -0
- package/dist/generated/accounts/auditLogRejected.js +68 -0
- package/dist/generated/accounts/auditLogRejected.js.map +1 -0
- package/dist/generated/accounts/auditLogSuccess.d.ts +78 -0
- package/dist/generated/accounts/auditLogSuccess.d.ts.map +1 -0
- package/dist/generated/accounts/auditLogSuccess.js +68 -0
- package/dist/generated/accounts/auditLogSuccess.js.map +1 -0
- package/dist/generated/accounts/index.d.ts +4 -4
- package/dist/generated/accounts/index.d.ts.map +1 -1
- package/dist/generated/accounts/index.js +4 -4
- package/dist/generated/accounts/index.js.map +1 -1
- package/dist/generated/accounts/pendingAgentGrant.d.ts +199 -0
- package/dist/generated/accounts/pendingAgentGrant.d.ts.map +1 -0
- package/dist/generated/accounts/pendingAgentGrant.js +75 -0
- package/dist/generated/accounts/pendingAgentGrant.js.map +1 -0
- package/dist/generated/accounts/pendingAgentPermissionsUpdate.d.ts +64 -0
- package/dist/generated/accounts/pendingAgentPermissionsUpdate.d.ts.map +1 -1
- package/dist/generated/accounts/pendingAgentPermissionsUpdate.js +7 -1
- package/dist/generated/accounts/pendingAgentPermissionsUpdate.js.map +1 -1
- package/dist/generated/accounts/pendingOwnershipTransfer.d.ts +131 -0
- package/dist/generated/accounts/pendingOwnershipTransfer.d.ts.map +1 -0
- package/dist/generated/accounts/pendingOwnershipTransfer.js +76 -0
- package/dist/generated/accounts/pendingOwnershipTransfer.js.map +1 -0
- package/dist/generated/accounts/pendingPolicyUpdate.d.ts +200 -4
- package/dist/generated/accounts/pendingPolicyUpdate.d.ts.map +1 -1
- package/dist/generated/accounts/pendingPolicyUpdate.js +19 -1
- package/dist/generated/accounts/pendingPolicyUpdate.js.map +1 -1
- package/dist/generated/accounts/policyConfig.d.ts +479 -36
- package/dist/generated/accounts/policyConfig.d.ts.map +1 -1
- package/dist/generated/accounts/policyConfig.js +30 -3
- package/dist/generated/accounts/policyConfig.js.map +1 -1
- package/dist/generated/accounts/postExecutionAssertions.d.ts +2 -2
- package/dist/generated/accounts/postExecutionAssertions.d.ts.map +1 -1
- package/dist/generated/accounts/postExecutionAssertions.js +3 -3
- package/dist/generated/accounts/sessionAuthority.d.ts +140 -12
- package/dist/generated/accounts/sessionAuthority.d.ts.map +1 -1
- package/dist/generated/accounts/sessionAuthority.js +9 -7
- package/dist/generated/accounts/sessionAuthority.js.map +1 -1
- package/dist/generated/accounts/spendTracker.d.ts +83 -3
- package/dist/generated/accounts/spendTracker.d.ts.map +1 -1
- package/dist/generated/accounts/spendTracker.js +14 -2
- package/dist/generated/accounts/spendTracker.js.map +1 -1
- package/dist/generated/errors/sigil.d.ts +131 -83
- package/dist/generated/errors/sigil.d.ts.map +1 -1
- package/dist/generated/errors/sigil.js +178 -106
- package/dist/generated/errors/sigil.js.map +1 -1
- package/dist/generated/event-discriminators.d.ts.map +1 -1
- package/dist/generated/event-discriminators.js +11 -14
- package/dist/generated/event-discriminators.js.map +1 -1
- package/dist/generated/instructions/acceptOwnershipTransfer.d.ts +142 -0
- package/dist/generated/instructions/acceptOwnershipTransfer.d.ts.map +1 -0
- package/dist/generated/instructions/acceptOwnershipTransfer.js +171 -0
- package/dist/generated/instructions/acceptOwnershipTransfer.js.map +1 -0
- package/dist/generated/instructions/acceptOwnershipTransferMultisig.d.ts +85 -0
- package/dist/generated/instructions/acceptOwnershipTransferMultisig.d.ts.map +1 -0
- package/dist/generated/instructions/acceptOwnershipTransferMultisig.js +171 -0
- package/dist/generated/instructions/acceptOwnershipTransferMultisig.js.map +1 -0
- package/dist/generated/instructions/applyAgentGrant.d.ts +100 -0
- package/dist/generated/instructions/applyAgentGrant.d.ts.map +1 -0
- package/dist/generated/instructions/{applyConstraintsUpdate.js → applyAgentGrant.js} +66 -42
- package/dist/generated/instructions/applyAgentGrant.js.map +1 -0
- package/dist/generated/instructions/applyAgentPermissionsUpdate.d.ts +31 -8
- package/dist/generated/instructions/applyAgentPermissionsUpdate.d.ts.map +1 -1
- package/dist/generated/instructions/applyAgentPermissionsUpdate.js +38 -2
- package/dist/generated/instructions/applyAgentPermissionsUpdate.js.map +1 -1
- package/dist/generated/instructions/applyPendingPolicy.d.ts +18 -7
- package/dist/generated/instructions/applyPendingPolicy.d.ts.map +1 -1
- package/dist/generated/instructions/applyPendingPolicy.js +38 -2
- package/dist/generated/instructions/applyPendingPolicy.js.map +1 -1
- package/dist/generated/instructions/cancelAgentGrant.d.ts +106 -0
- package/dist/generated/instructions/cancelAgentGrant.d.ts.map +1 -0
- package/dist/generated/instructions/{allocatePendingConstraintsPda.js → cancelAgentGrant.js} +54 -42
- package/dist/generated/instructions/cancelAgentGrant.js.map +1 -0
- package/dist/generated/instructions/cancelOwnershipTransfer.d.ts +121 -0
- package/dist/generated/instructions/cancelOwnershipTransfer.d.ts.map +1 -0
- package/dist/generated/instructions/{queueCloseConstraints.js → cancelOwnershipTransfer.js} +58 -44
- package/dist/generated/instructions/cancelOwnershipTransfer.js.map +1 -0
- package/dist/generated/instructions/closePostAssertions.d.ts +6 -1
- package/dist/generated/instructions/closePostAssertions.d.ts.map +1 -1
- package/dist/generated/instructions/closePostAssertions.js +11 -3
- package/dist/generated/instructions/closePostAssertions.js.map +1 -1
- package/dist/generated/instructions/closeVault.d.ts +40 -8
- package/dist/generated/instructions/closeVault.d.ts.map +1 -1
- package/dist/generated/instructions/closeVault.js +40 -2
- package/dist/generated/instructions/closeVault.js.map +1 -1
- package/dist/generated/instructions/createPostAssertions.d.ts +4 -0
- package/dist/generated/instructions/createPostAssertions.d.ts.map +1 -1
- package/dist/generated/instructions/createPostAssertions.js +2 -0
- package/dist/generated/instructions/createPostAssertions.js.map +1 -1
- package/dist/generated/instructions/depositFunds.d.ts +21 -10
- package/dist/generated/instructions/depositFunds.d.ts.map +1 -1
- package/dist/generated/instructions/depositFunds.js +37 -2
- package/dist/generated/instructions/depositFunds.js.map +1 -1
- package/dist/generated/instructions/finalizeSession.d.ts +49 -7
- package/dist/generated/instructions/finalizeSession.d.ts.map +1 -1
- package/dist/generated/instructions/finalizeSession.js +59 -2
- package/dist/generated/instructions/finalizeSession.js.map +1 -1
- package/dist/generated/instructions/freezeVault.d.ts +36 -5
- package/dist/generated/instructions/freezeVault.d.ts.map +1 -1
- package/dist/generated/instructions/freezeVault.js +65 -4
- package/dist/generated/instructions/freezeVault.js.map +1 -1
- package/dist/generated/instructions/index.d.ts +10 -15
- package/dist/generated/instructions/index.d.ts.map +1 -1
- package/dist/generated/instructions/index.js +10 -15
- package/dist/generated/instructions/index.js.map +1 -1
- package/dist/generated/instructions/initializeVault.d.ts +79 -9
- package/dist/generated/instructions/initializeVault.d.ts.map +1 -1
- package/dist/generated/instructions/initializeVault.js +57 -3
- package/dist/generated/instructions/initializeVault.js.map +1 -1
- package/dist/generated/instructions/initiateOwnershipTransfer.d.ts +106 -0
- package/dist/generated/instructions/initiateOwnershipTransfer.d.ts.map +1 -0
- package/dist/generated/instructions/initiateOwnershipTransfer.js +181 -0
- package/dist/generated/instructions/initiateOwnershipTransfer.js.map +1 -0
- package/dist/generated/instructions/pauseAgent.d.ts +49 -5
- package/dist/generated/instructions/pauseAgent.d.ts.map +1 -1
- package/dist/generated/instructions/pauseAgent.js +80 -5
- package/dist/generated/instructions/pauseAgent.js.map +1 -1
- package/dist/generated/instructions/promoteGraylistDestination.d.ts +56 -0
- package/dist/generated/instructions/promoteGraylistDestination.d.ts.map +1 -0
- package/dist/generated/instructions/{createInstructionConstraints.js → promoteGraylistDestination.js} +23 -40
- package/dist/generated/instructions/promoteGraylistDestination.js.map +1 -0
- package/dist/generated/instructions/queueAgentGrant.d.ts +113 -0
- package/dist/generated/instructions/queueAgentGrant.d.ts.map +1 -0
- package/dist/generated/instructions/queueAgentGrant.js +181 -0
- package/dist/generated/instructions/queueAgentGrant.js.map +1 -0
- package/dist/generated/instructions/queueAgentPermissionsUpdate.d.ts +8 -0
- package/dist/generated/instructions/queueAgentPermissionsUpdate.d.ts.map +1 -1
- package/dist/generated/instructions/queueAgentPermissionsUpdate.js +4 -0
- package/dist/generated/instructions/queueAgentPermissionsUpdate.js.map +1 -1
- package/dist/generated/instructions/queuePolicyUpdate.d.ts +32 -0
- package/dist/generated/instructions/queuePolicyUpdate.d.ts.map +1 -1
- package/dist/generated/instructions/queuePolicyUpdate.js +17 -1
- package/dist/generated/instructions/queuePolicyUpdate.js.map +1 -1
- package/dist/generated/instructions/reactivateVault.d.ts +71 -5
- package/dist/generated/instructions/reactivateVault.d.ts.map +1 -1
- package/dist/generated/instructions/reactivateVault.js +80 -5
- package/dist/generated/instructions/reactivateVault.js.map +1 -1
- package/dist/generated/instructions/recordAgentViolation.d.ts +89 -0
- package/dist/generated/instructions/recordAgentViolation.d.ts.map +1 -0
- package/dist/generated/instructions/recordAgentViolation.js +152 -0
- package/dist/generated/instructions/recordAgentViolation.js.map +1 -0
- package/dist/generated/instructions/registerAgent.d.ts +84 -6
- package/dist/generated/instructions/registerAgent.d.ts.map +1 -1
- package/dist/generated/instructions/registerAgent.js +81 -4
- package/dist/generated/instructions/registerAgent.js.map +1 -1
- package/dist/generated/instructions/revokeAgent.d.ts +49 -6
- package/dist/generated/instructions/revokeAgent.d.ts.map +1 -1
- package/dist/generated/instructions/revokeAgent.js +81 -4
- package/dist/generated/instructions/revokeAgent.js.map +1 -1
- package/dist/generated/instructions/setObserveOnly.d.ts +56 -0
- package/dist/generated/instructions/setObserveOnly.d.ts.map +1 -0
- package/dist/generated/instructions/setObserveOnly.js +111 -0
- package/dist/generated/instructions/setObserveOnly.js.map +1 -0
- package/dist/generated/instructions/unpauseAgent.d.ts +46 -5
- package/dist/generated/instructions/unpauseAgent.d.ts.map +1 -1
- package/dist/generated/instructions/unpauseAgent.js +80 -5
- package/dist/generated/instructions/unpauseAgent.js.map +1 -1
- package/dist/generated/instructions/validateAndAuthorize.d.ts +29 -0
- package/dist/generated/instructions/validateAndAuthorize.d.ts.map +1 -1
- package/dist/generated/instructions/validateAndAuthorize.js +4 -0
- package/dist/generated/instructions/validateAndAuthorize.js.map +1 -1
- package/dist/generated/instructions/withdrawFunds.d.ts +53 -11
- package/dist/generated/instructions/withdrawFunds.d.ts.map +1 -1
- package/dist/generated/instructions/withdrawFunds.js +51 -2
- package/dist/generated/instructions/withdrawFunds.js.map +1 -1
- package/dist/generated/programs/sigil.d.ts +79 -99
- package/dist/generated/programs/sigil.d.ts.map +1 -1
- package/dist/generated/programs/sigil.js +139 -199
- package/dist/generated/programs/sigil.js.map +1 -1
- package/dist/generated/types/actionAuthorized.d.ts +0 -2
- package/dist/generated/types/actionAuthorized.d.ts.map +1 -1
- package/dist/generated/types/actionAuthorized.js +0 -2
- package/dist/generated/types/actionAuthorized.js.map +1 -1
- package/dist/generated/types/agentAutoRevoked.d.ts +31 -0
- package/dist/generated/types/agentAutoRevoked.d.ts.map +1 -0
- package/dist/generated/types/{orphanConstraintsPdaCleaned.js → agentAutoRevoked.js} +12 -8
- package/dist/generated/types/agentAutoRevoked.js.map +1 -0
- package/dist/generated/types/agentEntry.d.ts +48 -0
- package/dist/generated/types/agentEntry.d.ts.map +1 -1
- package/dist/generated/types/agentEntry.js +4 -2
- package/dist/generated/types/agentEntry.js.map +1 -1
- package/dist/generated/types/agentGrantApplied.d.ts +38 -0
- package/dist/generated/types/agentGrantApplied.d.ts.map +1 -0
- package/dist/generated/types/agentGrantApplied.js +34 -0
- package/dist/generated/types/agentGrantApplied.js.map +1 -0
- package/dist/generated/types/agentGrantCancelled.d.ts +33 -0
- package/dist/generated/types/agentGrantCancelled.d.ts.map +1 -0
- package/dist/generated/types/agentGrantCancelled.js +28 -0
- package/dist/generated/types/agentGrantCancelled.js.map +1 -0
- package/dist/generated/types/agentGrantQueued.d.ts +38 -0
- package/dist/generated/types/agentGrantQueued.d.ts.map +1 -0
- package/dist/generated/types/agentGrantQueued.js +32 -0
- package/dist/generated/types/agentGrantQueued.js.map +1 -0
- package/dist/generated/types/auditEntry.d.ts +120 -0
- package/dist/generated/types/auditEntry.d.ts.map +1 -0
- package/dist/generated/types/auditEntry.js +34 -0
- package/dist/generated/types/auditEntry.js.map +1 -0
- package/dist/generated/types/destinationGraylistEntry.d.ts +32 -0
- package/dist/generated/types/destinationGraylistEntry.d.ts.map +1 -0
- package/dist/generated/types/destinationGraylistEntry.js +24 -0
- package/dist/generated/types/destinationGraylistEntry.js.map +1 -0
- package/dist/generated/types/graylistEntered.d.ts +31 -0
- package/dist/generated/types/graylistEntered.d.ts.map +1 -0
- package/dist/generated/types/graylistEntered.js +30 -0
- package/dist/generated/types/graylistEntered.js.map +1 -0
- package/dist/generated/types/graylistPromoted.d.ts +29 -0
- package/dist/generated/types/graylistPromoted.d.ts.map +1 -0
- package/dist/generated/types/graylistPromoted.js +28 -0
- package/dist/generated/types/graylistPromoted.js.map +1 -0
- package/dist/generated/types/index.d.ts +13 -22
- package/dist/generated/types/index.d.ts.map +1 -1
- package/dist/generated/types/index.js +13 -22
- package/dist/generated/types/index.js.map +1 -1
- package/dist/generated/types/observeOnlyChanged.d.ts +33 -0
- package/dist/generated/types/observeOnlyChanged.d.ts.map +1 -0
- package/dist/generated/types/observeOnlyChanged.js +32 -0
- package/dist/generated/types/observeOnlyChanged.js.map +1 -0
- package/dist/generated/types/ownershipTransferAccepted.d.ts +32 -0
- package/dist/generated/types/ownershipTransferAccepted.d.ts.map +1 -0
- package/dist/generated/types/ownershipTransferAccepted.js +30 -0
- package/dist/generated/types/ownershipTransferAccepted.js.map +1 -0
- package/dist/generated/types/ownershipTransferCancelled.d.ts +29 -0
- package/dist/generated/types/ownershipTransferCancelled.d.ts.map +1 -0
- package/dist/generated/types/ownershipTransferCancelled.js +28 -0
- package/dist/generated/types/ownershipTransferCancelled.js.map +1 -0
- package/dist/generated/types/ownershipTransferInitiated.d.ts +33 -0
- package/dist/generated/types/ownershipTransferInitiated.d.ts.map +1 -0
- package/dist/generated/types/ownershipTransferInitiated.js +30 -0
- package/dist/generated/types/ownershipTransferInitiated.js.map +1 -0
- package/dist/generated/types/perRecipientCounter.d.ts +61 -0
- package/dist/generated/types/perRecipientCounter.d.ts.map +1 -0
- package/dist/generated/types/perRecipientCounter.js +26 -0
- package/dist/generated/types/perRecipientCounter.js.map +1 -0
- package/dist/generated/types/postAssertionEntry.d.ts +14 -7
- package/dist/generated/types/postAssertionEntry.d.ts.map +1 -1
- package/dist/generated/types/postAssertionEntry.js +5 -7
- package/dist/generated/types/postAssertionEntry.js.map +1 -1
- package/dist/generated/types/postAssertionEntryZC.d.ts +53 -22
- package/dist/generated/types/postAssertionEntryZC.d.ts.map +1 -1
- package/dist/generated/types/postAssertionEntryZC.js +4 -6
- package/dist/generated/types/postAssertionEntryZC.js.map +1 -1
- package/dist/generated/types/sessionFinalized.d.ts +0 -4
- package/dist/generated/types/sessionFinalized.d.ts.map +1 -1
- package/dist/generated/types/sessionFinalized.js +0 -2
- package/dist/generated/types/sessionFinalized.js.map +1 -1
- package/dist/generated/types/vaultFrozen.d.ts +14 -0
- package/dist/generated/types/vaultFrozen.d.ts.map +1 -1
- package/dist/generated/types/vaultFrozen.js +2 -0
- package/dist/generated/types/vaultFrozen.js.map +1 -1
- package/dist/index.d.ts +31 -9
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +67 -11
- package/dist/index.js.map +1 -1
- package/dist/inspector.d.ts +0 -23
- package/dist/inspector.d.ts.map +1 -1
- package/dist/inspector.js +0 -52
- package/dist/inspector.js.map +1 -1
- package/dist/kit-adapter.d.ts +1 -1
- package/dist/kit-adapter.d.ts.map +1 -1
- package/dist/kit-adapter.js +1 -1
- package/dist/kit-adapter.js.map +1 -1
- package/dist/multisig-detection.d.ts +83 -0
- package/dist/multisig-detection.d.ts.map +1 -0
- package/dist/multisig-detection.js +128 -0
- package/dist/multisig-detection.js.map +1 -0
- package/dist/ownership-transfer.d.ts +79 -0
- package/dist/ownership-transfer.d.ts.map +1 -0
- package/dist/ownership-transfer.js +66 -0
- package/dist/ownership-transfer.js.map +1 -0
- package/dist/policy/compute-agent-perms-cosign-digest.d.ts +51 -0
- package/dist/policy/compute-agent-perms-cosign-digest.d.ts.map +1 -0
- package/dist/policy/compute-agent-perms-cosign-digest.js +55 -0
- package/dist/policy/compute-agent-perms-cosign-digest.js.map +1 -0
- package/dist/policy/compute-cosign-digest.d.ts +193 -0
- package/dist/policy/compute-cosign-digest.d.ts.map +1 -0
- package/dist/policy/compute-cosign-digest.js +318 -0
- package/dist/policy/compute-cosign-digest.js.map +1 -0
- package/dist/policy/compute-policy-preview-digest.d.ts +279 -0
- package/dist/policy/compute-policy-preview-digest.d.ts.map +1 -0
- package/dist/policy/compute-policy-preview-digest.js +373 -0
- package/dist/policy/compute-policy-preview-digest.js.map +1 -0
- package/dist/policy-attestation.d.ts +51 -0
- package/dist/policy-attestation.d.ts.map +1 -0
- package/dist/policy-attestation.js +43 -0
- package/dist/policy-attestation.js.map +1 -0
- package/dist/preview-create-vault.d.ts.map +1 -1
- package/dist/preview-create-vault.js +37 -16
- package/dist/preview-create-vault.js.map +1 -1
- package/dist/resolve-accounts.d.ts +75 -10
- package/dist/resolve-accounts.d.ts.map +1 -1
- package/dist/resolve-accounts.js +68 -32
- package/dist/resolve-accounts.js.map +1 -1
- package/dist/rpc-helpers.d.ts +29 -3
- package/dist/rpc-helpers.d.ts.map +1 -1
- package/dist/rpc-helpers.js +51 -12
- package/dist/rpc-helpers.js.map +1 -1
- package/dist/seal/intent-digest.d.ts +195 -0
- package/dist/seal/intent-digest.d.ts.map +1 -0
- package/dist/seal/intent-digest.js +372 -0
- package/dist/seal/intent-digest.js.map +1 -0
- package/dist/seal.d.ts +166 -3
- package/dist/seal.d.ts.map +1 -1
- package/dist/seal.js +428 -32
- package/dist/seal.js.map +1 -1
- package/dist/security-analytics.d.ts +3 -3
- package/dist/security-analytics.d.ts.map +1 -1
- package/dist/security-analytics.js +13 -128
- package/dist/security-analytics.js.map +1 -1
- package/dist/session-mint.d.ts +72 -0
- package/dist/session-mint.d.ts.map +1 -0
- package/dist/session-mint.js +59 -0
- package/dist/session-mint.js.map +1 -0
- package/dist/simulation.d.ts +19 -0
- package/dist/simulation.d.ts.map +1 -1
- package/dist/simulation.js +187 -95
- package/dist/simulation.js.map +1 -1
- package/dist/squads-detection.d.ts +135 -0
- package/dist/squads-detection.d.ts.map +1 -0
- package/dist/squads-detection.js +124 -0
- package/dist/squads-detection.js.map +1 -0
- package/dist/state-resolver.d.ts +0 -16
- package/dist/state-resolver.d.ts.map +1 -1
- package/dist/state-resolver.js +162 -97
- package/dist/state-resolver.js.map +1 -1
- package/dist/testing/devnet.d.ts +40 -1
- package/dist/testing/devnet.d.ts.map +1 -1
- package/dist/testing/devnet.js +333 -44
- package/dist/testing/devnet.js.map +1 -1
- package/dist/testing/errors/expect.d.ts +1 -1
- package/dist/testing/errors/expect.js +1 -1
- package/dist/testing/errors/names.generated.d.ts +82 -58
- package/dist/testing/errors/names.generated.d.ts.map +1 -1
- package/dist/testing/errors/names.generated.js +83 -59
- package/dist/testing/errors/names.generated.js.map +1 -1
- package/dist/testing/mock-rpc.d.ts +8 -0
- package/dist/testing/mock-rpc.d.ts.map +1 -1
- package/dist/testing/mock-rpc.js +13 -0
- package/dist/testing/mock-rpc.js.map +1 -1
- package/dist/testing/mock-state.d.ts +2 -0
- package/dist/testing/mock-state.d.ts.map +1 -1
- package/dist/testing/mock-state.js +43 -4
- package/dist/testing/mock-state.js.map +1 -1
- package/dist/types.d.ts +5 -15
- package/dist/types.d.ts.map +1 -1
- package/dist/types.js +11 -69
- package/dist/types.js.map +1 -1
- package/dist/vault-analytics.d.ts +0 -2
- package/dist/vault-analytics.d.ts.map +1 -1
- package/dist/vault-analytics.js +1 -9
- package/dist/vault-analytics.js.map +1 -1
- package/package.json +7 -12
- package/dist/constraints/index.d.ts +0 -23
- package/dist/constraints/index.d.ts.map +0 -1
- package/dist/constraints/index.js +0 -24
- package/dist/constraints/index.js.map +0 -1
- package/dist/dashboard/constraint-builders.d.ts +0 -82
- package/dist/dashboard/constraint-builders.d.ts.map +0 -1
- package/dist/dashboard/constraint-builders.js +0 -204
- package/dist/dashboard/constraint-builders.js.map +0 -1
- package/dist/dashboard/constraint-reads.d.ts +0 -50
- package/dist/dashboard/constraint-reads.d.ts.map +0 -1
- package/dist/dashboard/constraint-reads.js +0 -119
- package/dist/dashboard/constraint-reads.js.map +0 -1
- package/dist/generated/accounts/escrowDeposit.d.ts +0 -50
- package/dist/generated/accounts/escrowDeposit.d.ts.map +0 -1
- package/dist/generated/accounts/escrowDeposit.js +0 -76
- package/dist/generated/accounts/escrowDeposit.js.map +0 -1
- package/dist/generated/accounts/instructionConstraints.d.ts +0 -46
- package/dist/generated/accounts/instructionConstraints.d.ts.map +0 -1
- package/dist/generated/accounts/instructionConstraints.js +0 -73
- package/dist/generated/accounts/instructionConstraints.js.map +0 -1
- package/dist/generated/accounts/pendingCloseConstraints.d.ts +0 -49
- package/dist/generated/accounts/pendingCloseConstraints.d.ts.map +0 -1
- package/dist/generated/accounts/pendingCloseConstraints.js +0 -68
- package/dist/generated/accounts/pendingCloseConstraints.js.map +0 -1
- package/dist/generated/accounts/pendingConstraintsUpdate.d.ts +0 -76
- package/dist/generated/accounts/pendingConstraintsUpdate.d.ts.map +0 -1
- package/dist/generated/accounts/pendingConstraintsUpdate.js +0 -77
- package/dist/generated/accounts/pendingConstraintsUpdate.js.map +0 -1
- package/dist/generated/instructions/allocateConstraintsPda.d.ts +0 -62
- package/dist/generated/instructions/allocateConstraintsPda.d.ts.map +0 -1
- package/dist/generated/instructions/allocateConstraintsPda.js +0 -134
- package/dist/generated/instructions/allocateConstraintsPda.js.map +0 -1
- package/dist/generated/instructions/allocatePendingConstraintsPda.d.ts +0 -66
- package/dist/generated/instructions/allocatePendingConstraintsPda.d.ts.map +0 -1
- package/dist/generated/instructions/allocatePendingConstraintsPda.js.map +0 -1
- package/dist/generated/instructions/applyCloseConstraints.d.ts +0 -59
- package/dist/generated/instructions/applyCloseConstraints.d.ts.map +0 -1
- package/dist/generated/instructions/applyCloseConstraints.js +0 -143
- package/dist/generated/instructions/applyCloseConstraints.js.map +0 -1
- package/dist/generated/instructions/applyConstraintsUpdate.d.ts +0 -62
- package/dist/generated/instructions/applyConstraintsUpdate.d.ts.map +0 -1
- package/dist/generated/instructions/applyConstraintsUpdate.js.map +0 -1
- package/dist/generated/instructions/cancelCloseConstraints.d.ts +0 -51
- package/dist/generated/instructions/cancelCloseConstraints.d.ts.map +0 -1
- package/dist/generated/instructions/cancelCloseConstraints.js +0 -115
- package/dist/generated/instructions/cancelCloseConstraints.js.map +0 -1
- package/dist/generated/instructions/cancelConstraintsUpdate.d.ts +0 -51
- package/dist/generated/instructions/cancelConstraintsUpdate.d.ts.map +0 -1
- package/dist/generated/instructions/cancelConstraintsUpdate.js +0 -115
- package/dist/generated/instructions/cancelConstraintsUpdate.js.map +0 -1
- package/dist/generated/instructions/cleanupOrphanConstraintsPda.d.ts +0 -67
- package/dist/generated/instructions/cleanupOrphanConstraintsPda.d.ts.map +0 -1
- package/dist/generated/instructions/cleanupOrphanConstraintsPda.js +0 -120
- package/dist/generated/instructions/cleanupOrphanConstraintsPda.js.map +0 -1
- package/dist/generated/instructions/closeSettledEscrow.d.ts +0 -72
- package/dist/generated/instructions/closeSettledEscrow.d.ts.map +0 -1
- package/dist/generated/instructions/closeSettledEscrow.js +0 -127
- package/dist/generated/instructions/closeSettledEscrow.js.map +0 -1
- package/dist/generated/instructions/createEscrow.d.ts +0 -131
- package/dist/generated/instructions/createEscrow.d.ts.map +0 -1
- package/dist/generated/instructions/createEscrow.js +0 -272
- package/dist/generated/instructions/createEscrow.js.map +0 -1
- package/dist/generated/instructions/createInstructionConstraints.d.ts +0 -68
- package/dist/generated/instructions/createInstructionConstraints.d.ts.map +0 -1
- package/dist/generated/instructions/createInstructionConstraints.js.map +0 -1
- package/dist/generated/instructions/extendPda.d.ts +0 -52
- package/dist/generated/instructions/extendPda.d.ts.map +0 -1
- package/dist/generated/instructions/extendPda.js +0 -86
- package/dist/generated/instructions/extendPda.js.map +0 -1
- package/dist/generated/instructions/queueCloseConstraints.d.ts +0 -66
- package/dist/generated/instructions/queueCloseConstraints.d.ts.map +0 -1
- package/dist/generated/instructions/queueCloseConstraints.js.map +0 -1
- package/dist/generated/instructions/queueConstraintsUpdate.d.ts +0 -75
- package/dist/generated/instructions/queueConstraintsUpdate.d.ts.map +0 -1
- package/dist/generated/instructions/queueConstraintsUpdate.js +0 -154
- package/dist/generated/instructions/queueConstraintsUpdate.js.map +0 -1
- package/dist/generated/instructions/refundEscrow.d.ts +0 -74
- package/dist/generated/instructions/refundEscrow.d.ts.map +0 -1
- package/dist/generated/instructions/refundEscrow.js +0 -142
- package/dist/generated/instructions/refundEscrow.js.map +0 -1
- package/dist/generated/instructions/settleEscrow.d.ts +0 -80
- package/dist/generated/instructions/settleEscrow.d.ts.map +0 -1
- package/dist/generated/instructions/settleEscrow.js +0 -173
- package/dist/generated/instructions/settleEscrow.js.map +0 -1
- package/dist/generated/types/accountConstraint.d.ts +0 -33
- package/dist/generated/types/accountConstraint.d.ts.map +0 -1
- package/dist/generated/types/accountConstraint.js +0 -26
- package/dist/generated/types/accountConstraint.js.map +0 -1
- package/dist/generated/types/accountConstraintZC.d.ts +0 -25
- package/dist/generated/types/accountConstraintZC.d.ts.map +0 -1
- package/dist/generated/types/accountConstraintZC.js +0 -28
- package/dist/generated/types/accountConstraintZC.js.map +0 -1
- package/dist/generated/types/closeConstraintsApplied.d.ts +0 -20
- package/dist/generated/types/closeConstraintsApplied.d.ts.map +0 -1
- package/dist/generated/types/closeConstraintsApplied.js +0 -24
- package/dist/generated/types/closeConstraintsApplied.js.map +0 -1
- package/dist/generated/types/closeConstraintsCancelled.d.ts +0 -16
- package/dist/generated/types/closeConstraintsCancelled.d.ts.map +0 -1
- package/dist/generated/types/closeConstraintsCancelled.js +0 -18
- package/dist/generated/types/closeConstraintsCancelled.js.map +0 -1
- package/dist/generated/types/closeConstraintsQueued.d.ts +0 -20
- package/dist/generated/types/closeConstraintsQueued.d.ts.map +0 -1
- package/dist/generated/types/closeConstraintsQueued.js +0 -24
- package/dist/generated/types/closeConstraintsQueued.js.map +0 -1
- package/dist/generated/types/constraintEntry.d.ts +0 -35
- package/dist/generated/types/constraintEntry.d.ts.map +0 -1
- package/dist/generated/types/constraintEntry.js +0 -29
- package/dist/generated/types/constraintEntry.js.map +0 -1
- package/dist/generated/types/constraintEntryZC.d.ts +0 -73
- package/dist/generated/types/constraintEntryZC.d.ts.map +0 -1
- package/dist/generated/types/constraintEntryZC.js +0 -49
- package/dist/generated/types/constraintEntryZC.js.map +0 -1
- package/dist/generated/types/constraintOperator.d.ts +0 -22
- package/dist/generated/types/constraintOperator.d.ts.map +0 -1
- package/dist/generated/types/constraintOperator.js +0 -28
- package/dist/generated/types/constraintOperator.js.map +0 -1
- package/dist/generated/types/constraintsChangeApplied.d.ts +0 -30
- package/dist/generated/types/constraintsChangeApplied.d.ts.map +0 -1
- package/dist/generated/types/constraintsChangeApplied.js +0 -32
- package/dist/generated/types/constraintsChangeApplied.js.map +0 -1
- package/dist/generated/types/constraintsChangeCancelled.d.ts +0 -16
- package/dist/generated/types/constraintsChangeCancelled.d.ts.map +0 -1
- package/dist/generated/types/constraintsChangeCancelled.js +0 -18
- package/dist/generated/types/constraintsChangeCancelled.js.map +0 -1
- package/dist/generated/types/constraintsChangeQueued.d.ts +0 -30
- package/dist/generated/types/constraintsChangeQueued.d.ts.map +0 -1
- package/dist/generated/types/constraintsChangeQueued.js +0 -32
- package/dist/generated/types/constraintsChangeQueued.js.map +0 -1
- package/dist/generated/types/dataConstraint.d.ts +0 -23
- package/dist/generated/types/dataConstraint.d.ts.map +0 -1
- package/dist/generated/types/dataConstraint.js +0 -27
- package/dist/generated/types/dataConstraint.js.map +0 -1
- package/dist/generated/types/dataConstraintZC.d.ts +0 -20
- package/dist/generated/types/dataConstraintZC.d.ts.map +0 -1
- package/dist/generated/types/dataConstraintZC.js +0 -30
- package/dist/generated/types/dataConstraintZC.js.map +0 -1
- package/dist/generated/types/discriminatorFormat.d.ts +0 -25
- package/dist/generated/types/discriminatorFormat.d.ts.map +0 -1
- package/dist/generated/types/discriminatorFormat.js +0 -31
- package/dist/generated/types/discriminatorFormat.js.map +0 -1
- package/dist/generated/types/escrowCreated.d.ts +0 -30
- package/dist/generated/types/escrowCreated.d.ts.map +0 -1
- package/dist/generated/types/escrowCreated.js +0 -34
- package/dist/generated/types/escrowCreated.js.map +0 -1
- package/dist/generated/types/escrowRefunded.d.ts +0 -26
- package/dist/generated/types/escrowRefunded.d.ts.map +0 -1
- package/dist/generated/types/escrowRefunded.js +0 -30
- package/dist/generated/types/escrowRefunded.js.map +0 -1
- package/dist/generated/types/escrowSettled.d.ts +0 -26
- package/dist/generated/types/escrowSettled.d.ts.map +0 -1
- package/dist/generated/types/escrowSettled.js +0 -30
- package/dist/generated/types/escrowSettled.js.map +0 -1
- package/dist/generated/types/escrowStatus.d.ts +0 -18
- package/dist/generated/types/escrowStatus.d.ts.map +0 -1
- package/dist/generated/types/escrowStatus.js +0 -24
- package/dist/generated/types/escrowStatus.js.map +0 -1
- package/dist/generated/types/instructionConstraintsCreated.d.ts +0 -34
- package/dist/generated/types/instructionConstraintsCreated.d.ts.map +0 -1
- package/dist/generated/types/instructionConstraintsCreated.js +0 -36
- package/dist/generated/types/instructionConstraintsCreated.js.map +0 -1
- package/dist/generated/types/orphanConstraintsPdaCleaned.d.ts +0 -22
- package/dist/generated/types/orphanConstraintsPdaCleaned.d.ts.map +0 -1
- package/dist/generated/types/orphanConstraintsPdaCleaned.js.map +0 -1
- package/dist/generated/types/pdaAllocated.d.ts +0 -24
- package/dist/generated/types/pdaAllocated.d.ts.map +0 -1
- package/dist/generated/types/pdaAllocated.js +0 -28
- package/dist/generated/types/pdaAllocated.js.map +0 -1
- package/dist/generated/types/pdaExtended.d.ts +0 -24
- package/dist/generated/types/pdaExtended.d.ts.map +0 -1
- package/dist/generated/types/pdaExtended.js +0 -28
- package/dist/generated/types/pdaExtended.js.map +0 -1
- package/dist/post-assertions/cross-field-lte.d.ts +0 -134
- package/dist/post-assertions/cross-field-lte.d.ts.map +0 -1
- package/dist/post-assertions/cross-field-lte.js +0 -129
- package/dist/post-assertions/cross-field-lte.js.map +0 -1
- package/dist/post-assertions/index.d.ts +0 -28
- package/dist/post-assertions/index.d.ts.map +0 -1
- package/dist/post-assertions/index.js +0 -28
- package/dist/post-assertions/index.js.map +0 -1
- package/dist/post-assertions/presets/flash-trade.d.ts +0 -139
- package/dist/post-assertions/presets/flash-trade.d.ts.map +0 -1
- package/dist/post-assertions/presets/flash-trade.js +0 -154
- package/dist/post-assertions/presets/flash-trade.js.map +0 -1
- package/dist/protocol-registry/annotations/drift.json +0 -7
- package/dist/protocol-registry/annotations/flash-trade.json +0 -7
- package/dist/protocol-registry/annotations/jupiter-borrow.json +0 -7
- package/dist/protocol-registry/annotations/jupiter-earn.json +0 -7
- package/dist/protocol-registry/annotations/jupiter-lend.json +0 -7
- package/dist/protocol-registry/annotations/jupiter.json +0 -7
- package/dist/protocol-registry/annotations/kamino.json +0 -7
- package/dist/protocol-registry/index.d.ts +0 -45
- package/dist/protocol-registry/index.d.ts.map +0 -1
- package/dist/protocol-registry/index.js +0 -76
- package/dist/protocol-registry/index.js.map +0 -1
- package/dist/protocol-tier.d.ts +0 -157
- package/dist/protocol-tier.d.ts.map +0 -1
- package/dist/protocol-tier.js +0 -104
- package/dist/protocol-tier.js.map +0 -1
|
@@ -0,0 +1,128 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Multisig detection — Phase 9 Batch E (ISC-12..15, ISC-149).
|
|
3
|
+
*
|
|
4
|
+
* Public-surface alias for `detectSquadsV4Owner` (in `squads-detection.ts`)
|
|
5
|
+
* that ALSO performs the Squads V4 `Multisig` account discriminator check
|
|
6
|
+
* called for in the 2026-05-19 Council ISC review (ISC-149).
|
|
7
|
+
*
|
|
8
|
+
* Background: the existing `detectSquadsV4Owner` only verifies the program
|
|
9
|
+
* ID — sufficient for the dashboard UI banner today, but a Squads V4 vault
|
|
10
|
+
* is technically any account owned by the Squads program, including
|
|
11
|
+
* "Multisig" / "VaultTransaction" / "ProposalAccount" types. Council ISC-149
|
|
12
|
+
* tightened the bar to "program ID match AND Anchor discriminator matches
|
|
13
|
+
* the canonical `Multisig` account layout."
|
|
14
|
+
*
|
|
15
|
+
* `isSquadsV4Owned()` is the recommended public entry for AC-2 detection;
|
|
16
|
+
* `detectSquadsV4Owner` remains exported for callers that only need the
|
|
17
|
+
* cheaper program-owner check.
|
|
18
|
+
*
|
|
19
|
+
* Anchor discriminator convention: `sha256("account:<Name>")[0..8]`. The
|
|
20
|
+
* Squads V4 multisig program declares the `Multisig` struct via Anchor,
|
|
21
|
+
* so the discriminator is reproducible without depending on `@sqds/multisig`
|
|
22
|
+
* (which would pull in a tree of web3.js peers — a firewall violation per
|
|
23
|
+
* tests/firewall-invariant.test.ts).
|
|
24
|
+
*/
|
|
25
|
+
import { SQUADS_V4_PROGRAM_ID, detectSquadsV4Owner, } from "./squads-detection.js";
|
|
26
|
+
import { sha256 } from "./canonical-encode.js";
|
|
27
|
+
/**
|
|
28
|
+
* Canonical Anchor discriminator for the Squads V4 `Multisig` account
|
|
29
|
+
* struct. Computed at module load as `sha256("account:Multisig")[0..8]`.
|
|
30
|
+
*
|
|
31
|
+
* Verified at module load (via the assertion below) that the 8-byte
|
|
32
|
+
* sequence matches the public Squads V4 SDK's hard-coded discriminator
|
|
33
|
+
* for the `Multisig` account type as of 2026-05-20. Replicating it here
|
|
34
|
+
* keeps `@usesigil/kit` free of the `@sqds/multisig` peer dep tree.
|
|
35
|
+
*/
|
|
36
|
+
export const SQUADS_V4_MULTISIG_DISCRIMINATOR = (() => {
|
|
37
|
+
const tag = new TextEncoder().encode("account:Multisig");
|
|
38
|
+
return sha256(tag).slice(0, 8);
|
|
39
|
+
})();
|
|
40
|
+
/**
|
|
41
|
+
* Strict Squads V4 Multisig detection. Verifies BOTH the program owner
|
|
42
|
+
* (cheap, one RPC call) AND the Anchor discriminator on the account data
|
|
43
|
+
* (one additional `getAccountInfo` call to read the first 8 bytes).
|
|
44
|
+
*
|
|
45
|
+
* @example
|
|
46
|
+
* ```ts
|
|
47
|
+
* const detection = await isSquadsV4Owned(rpc, vault.owner);
|
|
48
|
+
* if (detection.isSquadsV4Multisig) {
|
|
49
|
+
* // AC-2 mode 3: real Squads V4 multisig vault. Solana-layer protection.
|
|
50
|
+
* } else if (detection.isSquadsMultisig) {
|
|
51
|
+
* // Squads program, but not a Multisig account (could be a
|
|
52
|
+
* // VaultTransaction or ProposalAccount). Treat as solo-key for AC-2.
|
|
53
|
+
* } else {
|
|
54
|
+
* // Not Squads at all. Standard solo-key flow.
|
|
55
|
+
* }
|
|
56
|
+
* ```
|
|
57
|
+
*
|
|
58
|
+
* @param rpc Kit RPC client (any cluster).
|
|
59
|
+
* @param ownerPubkey The vault owner pubkey to inspect.
|
|
60
|
+
* @returns Detection result with both signals; never rejects.
|
|
61
|
+
* @throws Never — RPC failures resolve with `isSquadsV4Multisig: false`.
|
|
62
|
+
*/
|
|
63
|
+
export async function isSquadsV4Owned(rpc, ownerPubkey) {
|
|
64
|
+
const base = await detectSquadsV4Owner(rpc, ownerPubkey);
|
|
65
|
+
if (!base.isSquadsMultisig) {
|
|
66
|
+
return {
|
|
67
|
+
...base,
|
|
68
|
+
hasMultisigDiscriminator: false,
|
|
69
|
+
isSquadsV4Multisig: false,
|
|
70
|
+
};
|
|
71
|
+
}
|
|
72
|
+
// Program owner matched. Fetch the first 8 bytes of data to verify the
|
|
73
|
+
// discriminator. We re-fetch (rather than passing through the earlier
|
|
74
|
+
// response) because `detectSquadsV4Owner` doesn't expose the data
|
|
75
|
+
// payload — that abstraction is intentional (it's the cheap check).
|
|
76
|
+
try {
|
|
77
|
+
const response = await rpc
|
|
78
|
+
.getAccountInfo(ownerPubkey, { encoding: "base64" })
|
|
79
|
+
.send();
|
|
80
|
+
const data = response.value?.data;
|
|
81
|
+
if (!data || !Array.isArray(data) || typeof data[0] !== "string") {
|
|
82
|
+
return {
|
|
83
|
+
...base,
|
|
84
|
+
hasMultisigDiscriminator: false,
|
|
85
|
+
isSquadsV4Multisig: false,
|
|
86
|
+
};
|
|
87
|
+
}
|
|
88
|
+
// §RP Batch M H-1 fix: use browser-safe base64 decode instead of
|
|
89
|
+
// Node-only Buffer.from. canonical-encode.ts is the SDK's
|
|
90
|
+
// cross-runtime contract; this helper must honor it.
|
|
91
|
+
const base64 = data[0];
|
|
92
|
+
const binStr = atob(base64);
|
|
93
|
+
const bytes = new Uint8Array(binStr.length);
|
|
94
|
+
for (let i = 0; i < binStr.length; i++) {
|
|
95
|
+
bytes[i] = binStr.charCodeAt(i);
|
|
96
|
+
}
|
|
97
|
+
if (bytes.length < 8) {
|
|
98
|
+
return {
|
|
99
|
+
...base,
|
|
100
|
+
hasMultisigDiscriminator: false,
|
|
101
|
+
isSquadsV4Multisig: false,
|
|
102
|
+
};
|
|
103
|
+
}
|
|
104
|
+
let matches = true;
|
|
105
|
+
for (let i = 0; i < 8; i++) {
|
|
106
|
+
if (bytes[i] !== SQUADS_V4_MULTISIG_DISCRIMINATOR[i]) {
|
|
107
|
+
matches = false;
|
|
108
|
+
break;
|
|
109
|
+
}
|
|
110
|
+
}
|
|
111
|
+
return {
|
|
112
|
+
...base,
|
|
113
|
+
hasMultisigDiscriminator: matches,
|
|
114
|
+
isSquadsV4Multisig: matches,
|
|
115
|
+
};
|
|
116
|
+
}
|
|
117
|
+
catch {
|
|
118
|
+
return {
|
|
119
|
+
...base,
|
|
120
|
+
hasMultisigDiscriminator: false,
|
|
121
|
+
isSquadsV4Multisig: false,
|
|
122
|
+
};
|
|
123
|
+
}
|
|
124
|
+
}
|
|
125
|
+
// Re-export the underlying primitive for callers that only need the
|
|
126
|
+
// program-owner check (no extra RPC roundtrip).
|
|
127
|
+
export { SQUADS_V4_PROGRAM_ID, detectSquadsV4Owner, };
|
|
128
|
+
//# sourceMappingURL=multisig-detection.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"multisig-detection.js","sourceRoot":"","sources":["../src/multisig-detection.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AAIH,OAAO,EACL,oBAAoB,EACpB,mBAAmB,GAEpB,MAAM,uBAAuB,CAAC;AAC/B,OAAO,EAAE,MAAM,EAAE,MAAM,uBAAuB,CAAC;AAE/C;;;;;;;;GAQG;AACH,MAAM,CAAC,MAAM,gCAAgC,GAAe,CAAC,GAAG,EAAE;IAChE,MAAM,GAAG,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,kBAAkB,CAAC,CAAC;IACzD,OAAO,MAAM,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;AACjC,CAAC,CAAC,EAAE,CAAC;AAwBL;;;;;;;;;;;;;;;;;;;;;;GAsBG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CACnC,GAAsB,EACtB,WAAoB;IAEpB,MAAM,IAAI,GAAG,MAAM,mBAAmB,CAAC,GAAG,EAAE,WAAW,CAAC,CAAC;IACzD,IAAI,CAAC,IAAI,CAAC,gBAAgB,EAAE,CAAC;QAC3B,OAAO;YACL,GAAG,IAAI;YACP,wBAAwB,EAAE,KAAK;YAC/B,kBAAkB,EAAE,KAAK;SAC1B,CAAC;IACJ,CAAC;IAED,uEAAuE;IACvE,sEAAsE;IACtE,kEAAkE;IAClE,oEAAoE;IACpE,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,MAAM,GAAG;aACvB,cAAc,CAAC,WAAW,EAAE,EAAE,QAAQ,EAAE,QAAQ,EAAE,CAAC;aACnD,IAAI,EAAE,CAAC;QACV,MAAM,IAAI,GAAG,QAAQ,CAAC,KAAK,EAAE,IAAI,CAAC;QAClC,IAAI,CAAC,IAAI,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,OAAO,IAAI,CAAC,CAAC,CAAC,KAAK,QAAQ,EAAE,CAAC;YACjE,OAAO;gBACL,GAAG,IAAI;gBACP,wBAAwB,EAAE,KAAK;gBAC/B,kBAAkB,EAAE,KAAK;aAC1B,CAAC;QACJ,CAAC;QACD,iEAAiE;QACjE,0DAA0D;QAC1D,qDAAqD;QACrD,MAAM,MAAM,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;QACvB,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC;QAC5B,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QAC5C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACvC,KAAK,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;QAClC,CAAC;QACD,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACrB,OAAO;gBACL,GAAG,IAAI;gBACP,wBAAwB,EAAE,KAAK;gBAC/B,kBAAkB,EAAE,KAAK;aAC1B,CAAC;QACJ,CAAC;QACD,IAAI,OAAO,GAAG,IAAI,CAAC;QACnB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;YAC3B,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,gCAAgC,CAAC,CAAC,CAAC,EAAE,CAAC;gBACrD,OAAO,GAAG,KAAK,CAAC;gBAChB,MAAM;YACR,CAAC;QACH,CAAC;QACD,OAAO;YACL,GAAG,IAAI;YACP,wBAAwB,EAAE,OAAO;YACjC,kBAAkB,EAAE,OAAO;SAC5B,CAAC;IACJ,CAAC;IAAC,MAAM,CAAC;QACP,OAAO;YACL,GAAG,IAAI;YACP,wBAAwB,EAAE,KAAK;YAC/B,kBAAkB,EAAE,KAAK;SAC1B,CAAC;IACJ,CAAC;AACH,CAAC;AAED,oEAAoE;AACpE,gDAAgD;AAChD,OAAO,EACL,oBAAoB,EACpB,mBAAmB,GAEpB,CAAC"}
|
|
@@ -0,0 +1,79 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Ownership-transfer helpers — Phase 9 Batch E (ISC-25..29).
|
|
3
|
+
*
|
|
4
|
+
* Thin wrappers around the four generated ownership-transfer instruction
|
|
5
|
+
* builders. Sigil V2 (Phase 8) shipped three on-chain instructions for
|
|
6
|
+
* ownership rotation:
|
|
7
|
+
*
|
|
8
|
+
* 1. `initiate_ownership_transfer` — owner queues a `PendingOwnershipTransfer`
|
|
9
|
+
* PDA with a 48h default timelock. The `is_multisig_target` flag tells
|
|
10
|
+
* the apply handler to demand the Squads V4 multisig acceptance
|
|
11
|
+
* variant (closes the "frozen funds via wrong multisig" footgun).
|
|
12
|
+
* 2. `accept_ownership_transfer` — the new owner (a wallet signer)
|
|
13
|
+
* finalises the rotation after the timelock elapses.
|
|
14
|
+
* 3. `accept_ownership_transfer_multisig` — same finaliser, but routed
|
|
15
|
+
* through the Squads V4 multisig program-derived PDA path. Caller
|
|
16
|
+
* passes the multisig PDA in place of the new-owner signer.
|
|
17
|
+
* 4. `cancel_ownership_transfer` — owner aborts during the timelock.
|
|
18
|
+
*
|
|
19
|
+
* These four functions are intentionally tiny — they exist to (a) give
|
|
20
|
+
* callers a single import path, (b) keep the public type names readable
|
|
21
|
+
* (`buildXxxIx` vs the verbose `getXxxInstruction`), and (c) provide a
|
|
22
|
+
* stable surface that survives future Codama regenerations.
|
|
23
|
+
*/
|
|
24
|
+
import type { Address, TransactionSigner } from "@solana/kit";
|
|
25
|
+
import { type InitiateOwnershipTransferInstruction } from "./generated/instructions/initiateOwnershipTransfer.js";
|
|
26
|
+
import { type AcceptOwnershipTransferInstruction } from "./generated/instructions/acceptOwnershipTransfer.js";
|
|
27
|
+
import { type AcceptOwnershipTransferMultisigInstruction } from "./generated/instructions/acceptOwnershipTransferMultisig.js";
|
|
28
|
+
import { type CancelOwnershipTransferInstruction } from "./generated/instructions/cancelOwnershipTransfer.js";
|
|
29
|
+
export type { InitiateOwnershipTransferInstruction, AcceptOwnershipTransferInstruction, AcceptOwnershipTransferMultisigInstruction, CancelOwnershipTransferInstruction, };
|
|
30
|
+
export interface BuildInitiateOwnershipTransferInputs {
|
|
31
|
+
owner: TransactionSigner;
|
|
32
|
+
vault: Address;
|
|
33
|
+
policy: Address;
|
|
34
|
+
pending: Address;
|
|
35
|
+
auditLogSuccess: Address;
|
|
36
|
+
newOwner: Address;
|
|
37
|
+
/**
|
|
38
|
+
* `true` when `newOwner` is a Squads V4 multisig PDA. The on-chain
|
|
39
|
+
* accept handler validates the multisig path matches this flag.
|
|
40
|
+
* `false` for wallet-keypair owners.
|
|
41
|
+
*/
|
|
42
|
+
isMultisigTarget: boolean;
|
|
43
|
+
}
|
|
44
|
+
export declare function buildInitiateOwnershipTransferIx(inputs: BuildInitiateOwnershipTransferInputs): InitiateOwnershipTransferInstruction;
|
|
45
|
+
export interface BuildAcceptOwnershipTransferInputs {
|
|
46
|
+
newOwner: TransactionSigner;
|
|
47
|
+
vault: Address;
|
|
48
|
+
policy: Address;
|
|
49
|
+
pending: Address;
|
|
50
|
+
auditLogSuccess: Address;
|
|
51
|
+
}
|
|
52
|
+
export declare function buildAcceptOwnershipTransferIx(inputs: BuildAcceptOwnershipTransferInputs): AcceptOwnershipTransferInstruction;
|
|
53
|
+
export interface BuildAcceptOwnershipTransferMultisigInputs {
|
|
54
|
+
/**
|
|
55
|
+
* The Squads V4 multisig program-derived address that becomes the new
|
|
56
|
+
* vault owner. The on-chain handler verifies this account's `owner`
|
|
57
|
+
* field equals the Squads V4 program ID. Not a signer — the Squads
|
|
58
|
+
* program is the caller via CPI.
|
|
59
|
+
*/
|
|
60
|
+
multisigPda: Address;
|
|
61
|
+
vault: Address;
|
|
62
|
+
policy: Address;
|
|
63
|
+
pending: Address;
|
|
64
|
+
auditLogSuccess: Address;
|
|
65
|
+
}
|
|
66
|
+
export declare function buildAcceptOwnershipTransferMultisigIx(inputs: BuildAcceptOwnershipTransferMultisigInputs): AcceptOwnershipTransferMultisigInstruction;
|
|
67
|
+
export interface BuildCancelOwnershipTransferInputs {
|
|
68
|
+
/**
|
|
69
|
+
* The vault's CURRENT owner (the one who initiated the transfer).
|
|
70
|
+
* The on-chain handler enforces `current_owner.key() == pending.current_owner`.
|
|
71
|
+
*/
|
|
72
|
+
currentOwner: TransactionSigner;
|
|
73
|
+
vault: Address;
|
|
74
|
+
policy: Address;
|
|
75
|
+
pending: Address;
|
|
76
|
+
auditLogSuccess: Address;
|
|
77
|
+
}
|
|
78
|
+
export declare function buildCancelOwnershipTransferIx(inputs: BuildCancelOwnershipTransferInputs): CancelOwnershipTransferInstruction;
|
|
79
|
+
//# sourceMappingURL=ownership-transfer.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"ownership-transfer.d.ts","sourceRoot":"","sources":["../src/ownership-transfer.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;GAsBG;AAEH,OAAO,KAAK,EAAE,OAAO,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAC;AAC9D,OAAO,EAEL,KAAK,oCAAoC,EAC1C,MAAM,uDAAuD,CAAC;AAC/D,OAAO,EAEL,KAAK,kCAAkC,EACxC,MAAM,qDAAqD,CAAC;AAC7D,OAAO,EAEL,KAAK,0CAA0C,EAChD,MAAM,6DAA6D,CAAC;AACrE,OAAO,EAEL,KAAK,kCAAkC,EACxC,MAAM,qDAAqD,CAAC;AAM7D,YAAY,EACV,oCAAoC,EACpC,kCAAkC,EAClC,0CAA0C,EAC1C,kCAAkC,GACnC,CAAC;AAIF,MAAM,WAAW,oCAAoC;IACnD,KAAK,EAAE,iBAAiB,CAAC;IACzB,KAAK,EAAE,OAAO,CAAC;IACf,MAAM,EAAE,OAAO,CAAC;IAChB,OAAO,EAAE,OAAO,CAAC;IACjB,eAAe,EAAE,OAAO,CAAC;IACzB,QAAQ,EAAE,OAAO,CAAC;IAClB;;;;OAIG;IACH,gBAAgB,EAAE,OAAO,CAAC;CAC3B;AAED,wBAAgB,gCAAgC,CAC9C,MAAM,EAAE,oCAAoC,GAC3C,oCAAoC,CAYtC;AAID,MAAM,WAAW,kCAAkC;IACjD,QAAQ,EAAE,iBAAiB,CAAC;IAC5B,KAAK,EAAE,OAAO,CAAC;IACf,MAAM,EAAE,OAAO,CAAC;IAChB,OAAO,EAAE,OAAO,CAAC;IACjB,eAAe,EAAE,OAAO,CAAC;CAC1B;AAED,wBAAgB,8BAA8B,CAC5C,MAAM,EAAE,kCAAkC,GACzC,kCAAkC,CAUpC;AAID,MAAM,WAAW,0CAA0C;IACzD;;;;;OAKG;IACH,WAAW,EAAE,OAAO,CAAC;IACrB,KAAK,EAAE,OAAO,CAAC;IACf,MAAM,EAAE,OAAO,CAAC;IAChB,OAAO,EAAE,OAAO,CAAC;IACjB,eAAe,EAAE,OAAO,CAAC;CAC1B;AAED,wBAAgB,sCAAsC,CACpD,MAAM,EAAE,0CAA0C,GACjD,0CAA0C,CAU5C;AAID,MAAM,WAAW,kCAAkC;IACjD;;;OAGG;IACH,YAAY,EAAE,iBAAiB,CAAC;IAChC,KAAK,EAAE,OAAO,CAAC;IACf,MAAM,EAAE,OAAO,CAAC;IAChB,OAAO,EAAE,OAAO,CAAC;IACjB,eAAe,EAAE,OAAO,CAAC;CAC1B;AAED,wBAAgB,8BAA8B,CAC5C,MAAM,EAAE,kCAAkC,GACzC,kCAAkC,CAUpC"}
|
|
@@ -0,0 +1,66 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Ownership-transfer helpers — Phase 9 Batch E (ISC-25..29).
|
|
3
|
+
*
|
|
4
|
+
* Thin wrappers around the four generated ownership-transfer instruction
|
|
5
|
+
* builders. Sigil V2 (Phase 8) shipped three on-chain instructions for
|
|
6
|
+
* ownership rotation:
|
|
7
|
+
*
|
|
8
|
+
* 1. `initiate_ownership_transfer` — owner queues a `PendingOwnershipTransfer`
|
|
9
|
+
* PDA with a 48h default timelock. The `is_multisig_target` flag tells
|
|
10
|
+
* the apply handler to demand the Squads V4 multisig acceptance
|
|
11
|
+
* variant (closes the "frozen funds via wrong multisig" footgun).
|
|
12
|
+
* 2. `accept_ownership_transfer` — the new owner (a wallet signer)
|
|
13
|
+
* finalises the rotation after the timelock elapses.
|
|
14
|
+
* 3. `accept_ownership_transfer_multisig` — same finaliser, but routed
|
|
15
|
+
* through the Squads V4 multisig program-derived PDA path. Caller
|
|
16
|
+
* passes the multisig PDA in place of the new-owner signer.
|
|
17
|
+
* 4. `cancel_ownership_transfer` — owner aborts during the timelock.
|
|
18
|
+
*
|
|
19
|
+
* These four functions are intentionally tiny — they exist to (a) give
|
|
20
|
+
* callers a single import path, (b) keep the public type names readable
|
|
21
|
+
* (`buildXxxIx` vs the verbose `getXxxInstruction`), and (c) provide a
|
|
22
|
+
* stable surface that survives future Codama regenerations.
|
|
23
|
+
*/
|
|
24
|
+
import { getInitiateOwnershipTransferInstruction, } from "./generated/instructions/initiateOwnershipTransfer.js";
|
|
25
|
+
import { getAcceptOwnershipTransferInstruction, } from "./generated/instructions/acceptOwnershipTransfer.js";
|
|
26
|
+
import { getAcceptOwnershipTransferMultisigInstruction, } from "./generated/instructions/acceptOwnershipTransferMultisig.js";
|
|
27
|
+
import { getCancelOwnershipTransferInstruction, } from "./generated/instructions/cancelOwnershipTransfer.js";
|
|
28
|
+
export function buildInitiateOwnershipTransferIx(inputs) {
|
|
29
|
+
return getInitiateOwnershipTransferInstruction({
|
|
30
|
+
owner: inputs.owner,
|
|
31
|
+
vault: inputs.vault,
|
|
32
|
+
policy: inputs.policy,
|
|
33
|
+
pending: inputs.pending,
|
|
34
|
+
auditLogSuccess: inputs.auditLogSuccess,
|
|
35
|
+
newOwner: inputs.newOwner,
|
|
36
|
+
isMultisigTarget: inputs.isMultisigTarget,
|
|
37
|
+
});
|
|
38
|
+
}
|
|
39
|
+
export function buildAcceptOwnershipTransferIx(inputs) {
|
|
40
|
+
return getAcceptOwnershipTransferInstruction({
|
|
41
|
+
newOwner: inputs.newOwner,
|
|
42
|
+
vault: inputs.vault,
|
|
43
|
+
policy: inputs.policy,
|
|
44
|
+
pending: inputs.pending,
|
|
45
|
+
auditLogSuccess: inputs.auditLogSuccess,
|
|
46
|
+
});
|
|
47
|
+
}
|
|
48
|
+
export function buildAcceptOwnershipTransferMultisigIx(inputs) {
|
|
49
|
+
return getAcceptOwnershipTransferMultisigInstruction({
|
|
50
|
+
multisigPda: inputs.multisigPda,
|
|
51
|
+
vault: inputs.vault,
|
|
52
|
+
policy: inputs.policy,
|
|
53
|
+
pending: inputs.pending,
|
|
54
|
+
auditLogSuccess: inputs.auditLogSuccess,
|
|
55
|
+
});
|
|
56
|
+
}
|
|
57
|
+
export function buildCancelOwnershipTransferIx(inputs) {
|
|
58
|
+
return getCancelOwnershipTransferInstruction({
|
|
59
|
+
currentOwner: inputs.currentOwner,
|
|
60
|
+
vault: inputs.vault,
|
|
61
|
+
policy: inputs.policy,
|
|
62
|
+
pending: inputs.pending,
|
|
63
|
+
auditLogSuccess: inputs.auditLogSuccess,
|
|
64
|
+
});
|
|
65
|
+
}
|
|
66
|
+
//# sourceMappingURL=ownership-transfer.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"ownership-transfer.js","sourceRoot":"","sources":["../src/ownership-transfer.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;GAsBG;AAGH,OAAO,EACL,uCAAuC,GAExC,MAAM,uDAAuD,CAAC;AAC/D,OAAO,EACL,qCAAqC,GAEtC,MAAM,qDAAqD,CAAC;AAC7D,OAAO,EACL,6CAA6C,GAE9C,MAAM,6DAA6D,CAAC;AACrE,OAAO,EACL,qCAAqC,GAEtC,MAAM,qDAAqD,CAAC;AA8B7D,MAAM,UAAU,gCAAgC,CAC9C,MAA4C;IAE5C,OAAO,uCAAuC,CAAC;QAC7C,KAAK,EAAE,MAAM,CAAC,KAAK;QACnB,KAAK,EAAE,MAAM,CAAC,KAAK;QACnB,MAAM,EAAE,MAAM,CAAC,MAAM;QACrB,OAAO,EAAE,MAAM,CAAC,OAAO;QACvB,eAAe,EAAE,MAAM,CAAC,eAAe;QACvC,QAAQ,EAAE,MAAM,CAAC,QAAQ;QACzB,gBAAgB,EAAE,MAAM,CAAC,gBAAgB;KAGvC,CAAyC,CAAC;AAChD,CAAC;AAYD,MAAM,UAAU,8BAA8B,CAC5C,MAA0C;IAE1C,OAAO,qCAAqC,CAAC;QAC3C,QAAQ,EAAE,MAAM,CAAC,QAAQ;QACzB,KAAK,EAAE,MAAM,CAAC,KAAK;QACnB,MAAM,EAAE,MAAM,CAAC,MAAM;QACrB,OAAO,EAAE,MAAM,CAAC,OAAO;QACvB,eAAe,EAAE,MAAM,CAAC,eAAe;KAGrC,CAAuC,CAAC;AAC9C,CAAC;AAkBD,MAAM,UAAU,sCAAsC,CACpD,MAAkD;IAElD,OAAO,6CAA6C,CAAC;QACnD,WAAW,EAAE,MAAM,CAAC,WAAW;QAC/B,KAAK,EAAE,MAAM,CAAC,KAAK;QACnB,MAAM,EAAE,MAAM,CAAC,MAAM;QACrB,OAAO,EAAE,MAAM,CAAC,OAAO;QACvB,eAAe,EAAE,MAAM,CAAC,eAAe;KAGrC,CAA+C,CAAC;AACtD,CAAC;AAgBD,MAAM,UAAU,8BAA8B,CAC5C,MAA0C;IAE1C,OAAO,qCAAqC,CAAC;QAC3C,YAAY,EAAE,MAAM,CAAC,YAAY;QACjC,KAAK,EAAE,MAAM,CAAC,KAAK;QACnB,MAAM,EAAE,MAAM,CAAC,MAAM;QACrB,OAAO,EAAE,MAAM,CAAC,OAAO;QACvB,eAAe,EAAE,MAAM,CAAC,eAAe;KAGrC,CAAuC,CAAC;AAC9C,CAAC"}
|
|
@@ -0,0 +1,51 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* TA-09 (agent-perms) — Canonical agent-permissions cosign digest (SDK side).
|
|
3
|
+
*
|
|
4
|
+
* Mirrors `programs/sigil/src/utils/cosign_digest.rs::compute_agent_perms_cosign_digest`
|
|
5
|
+
* byte-for-byte. Separate from the policy `computeCosignDigest` by design: the
|
|
6
|
+
* policy digest binds policy fields; this one binds per-agent permission fields.
|
|
7
|
+
*
|
|
8
|
+
* Flow: on a `cosign_required` vault, raising an agent's capability or spending
|
|
9
|
+
* limit (or setting a non-zero cooldown) is an ELEVATED mutation. The owner +
|
|
10
|
+
* cosigner co-sign `queue_agent_permissions_update`; the handler recomputes this
|
|
11
|
+
* digest from the pending args + cosign-session pubkey and stores it, then
|
|
12
|
+
* `apply_agent_permissions_update` recomputes and asserts byte-equality
|
|
13
|
+
* (`ErrCosignRequired` on mismatch). This SDK helper produces the value an
|
|
14
|
+
* elevated transaction builder must reproduce.
|
|
15
|
+
*
|
|
16
|
+
* CANONICAL ENCODING (APPEND-ONLY — 81 bytes, NO Option tags / length prefixes /
|
|
17
|
+
* domain separator; mirrors cosign_digest.rs:110-117):
|
|
18
|
+
* 1. cosign_session : Pubkey (32 bytes raw)
|
|
19
|
+
* 2. agent : Pubkey (32 bytes raw) — binds the digest to a specific
|
|
20
|
+
* agent (prevents queue-on-A / apply-on-B replay)
|
|
21
|
+
* 3. new_capability : u8 (1 byte)
|
|
22
|
+
* 4. spending_limit_usd : u64 LE (8 bytes)
|
|
23
|
+
* 5. cooldown_seconds : u64 LE (8 bytes)
|
|
24
|
+
*/
|
|
25
|
+
import type { Address } from "../kit-adapter.js";
|
|
26
|
+
/**
|
|
27
|
+
* Canonical agent-perms cosign-digest input shape. Matches the on-chain
|
|
28
|
+
* `AgentPermsCosignDigestFields` struct exactly. Unlike the policy cosign
|
|
29
|
+
* digest, every field is unconditional fixed-width — there are NO `Option`
|
|
30
|
+
* discriminator bytes here (do not copy the policy-digest pattern).
|
|
31
|
+
*/
|
|
32
|
+
export interface AgentPermsCosignDigestFields {
|
|
33
|
+
/** The cosigning session pubkey (matches pending_agent_perms.cosign_session). */
|
|
34
|
+
cosignSession: Address | string;
|
|
35
|
+
/** The target agent's pubkey. */
|
|
36
|
+
agent: Address | string;
|
|
37
|
+
/** Proposed new capability: 0=Disabled, 1=Observer, 2=Operator. */
|
|
38
|
+
newCapability: number;
|
|
39
|
+
/** Proposed per-agent spending limit ($ × 1e6). */
|
|
40
|
+
spendingLimitUsd: bigint;
|
|
41
|
+
/** Proposed cooldown in seconds (0 = none). */
|
|
42
|
+
cooldownSeconds: bigint;
|
|
43
|
+
}
|
|
44
|
+
/**
|
|
45
|
+
* Compute the canonical SHA-256 agent-perms cosign digest. Returns a 32-byte
|
|
46
|
+
* Uint8Array, byte-identical to the on-chain helper for the same input.
|
|
47
|
+
*
|
|
48
|
+
* @throws if either pubkey doesn't base58-decode to exactly 32 bytes
|
|
49
|
+
*/
|
|
50
|
+
export declare function computeAgentPermsCosignDigest(fields: AgentPermsCosignDigestFields): Uint8Array;
|
|
51
|
+
//# sourceMappingURL=compute-agent-perms-cosign-digest.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"compute-agent-perms-cosign-digest.d.ts","sourceRoot":"","sources":["../../src/policy/compute-agent-perms-cosign-digest.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AAEH,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,mBAAmB,CAAC;AAMjD;;;;;GAKG;AACH,MAAM,WAAW,4BAA4B;IAC3C,iFAAiF;IACjF,aAAa,EAAE,OAAO,GAAG,MAAM,CAAC;IAChC,iCAAiC;IACjC,KAAK,EAAE,OAAO,GAAG,MAAM,CAAC;IACxB,mEAAmE;IACnE,aAAa,EAAE,MAAM,CAAC;IACtB,mDAAmD;IACnD,gBAAgB,EAAE,MAAM,CAAC;IACzB,+CAA+C;IAC/C,eAAe,EAAE,MAAM,CAAC;CACzB;AAED;;;;;GAKG;AACH,wBAAgB,6BAA6B,CAC3C,MAAM,EAAE,4BAA4B,GACnC,UAAU,CAwBZ"}
|
|
@@ -0,0 +1,55 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* TA-09 (agent-perms) — Canonical agent-permissions cosign digest (SDK side).
|
|
3
|
+
*
|
|
4
|
+
* Mirrors `programs/sigil/src/utils/cosign_digest.rs::compute_agent_perms_cosign_digest`
|
|
5
|
+
* byte-for-byte. Separate from the policy `computeCosignDigest` by design: the
|
|
6
|
+
* policy digest binds policy fields; this one binds per-agent permission fields.
|
|
7
|
+
*
|
|
8
|
+
* Flow: on a `cosign_required` vault, raising an agent's capability or spending
|
|
9
|
+
* limit (or setting a non-zero cooldown) is an ELEVATED mutation. The owner +
|
|
10
|
+
* cosigner co-sign `queue_agent_permissions_update`; the handler recomputes this
|
|
11
|
+
* digest from the pending args + cosign-session pubkey and stores it, then
|
|
12
|
+
* `apply_agent_permissions_update` recomputes and asserts byte-equality
|
|
13
|
+
* (`ErrCosignRequired` on mismatch). This SDK helper produces the value an
|
|
14
|
+
* elevated transaction builder must reproduce.
|
|
15
|
+
*
|
|
16
|
+
* CANONICAL ENCODING (APPEND-ONLY — 81 bytes, NO Option tags / length prefixes /
|
|
17
|
+
* domain separator; mirrors cosign_digest.rs:110-117):
|
|
18
|
+
* 1. cosign_session : Pubkey (32 bytes raw)
|
|
19
|
+
* 2. agent : Pubkey (32 bytes raw) — binds the digest to a specific
|
|
20
|
+
* agent (prevents queue-on-A / apply-on-B replay)
|
|
21
|
+
* 3. new_capability : u8 (1 byte)
|
|
22
|
+
* 4. spending_limit_usd : u64 LE (8 bytes)
|
|
23
|
+
* 5. cooldown_seconds : u64 LE (8 bytes)
|
|
24
|
+
*/
|
|
25
|
+
import { base58Decode32, sha256, writeU64Le } from "../canonical-encode.js";
|
|
26
|
+
/** 32 (session) + 32 (agent) + 1 (capability) + 8 (limit) + 8 (cooldown). */
|
|
27
|
+
const AGENT_PERMS_COSIGN_DIGEST_SIZE = 81;
|
|
28
|
+
/**
|
|
29
|
+
* Compute the canonical SHA-256 agent-perms cosign digest. Returns a 32-byte
|
|
30
|
+
* Uint8Array, byte-identical to the on-chain helper for the same input.
|
|
31
|
+
*
|
|
32
|
+
* @throws if either pubkey doesn't base58-decode to exactly 32 bytes
|
|
33
|
+
*/
|
|
34
|
+
export function computeAgentPermsCosignDigest(fields) {
|
|
35
|
+
const buf = new Uint8Array(AGENT_PERMS_COSIGN_DIGEST_SIZE);
|
|
36
|
+
const view = new DataView(buf.buffer, buf.byteOffset, buf.byteLength);
|
|
37
|
+
let off = 0;
|
|
38
|
+
// 1. cosign_session (32 bytes raw)
|
|
39
|
+
buf.set(base58Decode32(fields.cosignSession), off);
|
|
40
|
+
off += 32;
|
|
41
|
+
// 2. agent (32 bytes raw)
|
|
42
|
+
buf.set(base58Decode32(fields.agent), off);
|
|
43
|
+
off += 32;
|
|
44
|
+
// 3. new_capability (u8)
|
|
45
|
+
buf[off++] = fields.newCapability & 0xff;
|
|
46
|
+
// 4. spending_limit_usd (u64 LE)
|
|
47
|
+
off = writeU64Le(view, off, fields.spendingLimitUsd);
|
|
48
|
+
// 5. cooldown_seconds (u64 LE)
|
|
49
|
+
off = writeU64Le(view, off, fields.cooldownSeconds);
|
|
50
|
+
if (off !== buf.length) {
|
|
51
|
+
throw new Error(`computeAgentPermsCosignDigest: encoded ${off} bytes, expected ${buf.length}`);
|
|
52
|
+
}
|
|
53
|
+
return sha256(buf);
|
|
54
|
+
}
|
|
55
|
+
//# sourceMappingURL=compute-agent-perms-cosign-digest.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"compute-agent-perms-cosign-digest.js","sourceRoot":"","sources":["../../src/policy/compute-agent-perms-cosign-digest.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AAGH,OAAO,EAAE,cAAc,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAC;AAE5E,6EAA6E;AAC7E,MAAM,8BAA8B,GAAG,EAAE,CAAC;AAqB1C;;;;;GAKG;AACH,MAAM,UAAU,6BAA6B,CAC3C,MAAoC;IAEpC,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,8BAA8B,CAAC,CAAC;IAC3D,MAAM,IAAI,GAAG,IAAI,QAAQ,CAAC,GAAG,CAAC,MAAM,EAAE,GAAG,CAAC,UAAU,EAAE,GAAG,CAAC,UAAU,CAAC,CAAC;IAEtE,IAAI,GAAG,GAAG,CAAC,CAAC;IACZ,mCAAmC;IACnC,GAAG,CAAC,GAAG,CAAC,cAAc,CAAC,MAAM,CAAC,aAAuB,CAAC,EAAE,GAAG,CAAC,CAAC;IAC7D,GAAG,IAAI,EAAE,CAAC;IACV,0BAA0B;IAC1B,GAAG,CAAC,GAAG,CAAC,cAAc,CAAC,MAAM,CAAC,KAAe,CAAC,EAAE,GAAG,CAAC,CAAC;IACrD,GAAG,IAAI,EAAE,CAAC;IACV,yBAAyB;IACzB,GAAG,CAAC,GAAG,EAAE,CAAC,GAAG,MAAM,CAAC,aAAa,GAAG,IAAI,CAAC;IACzC,iCAAiC;IACjC,GAAG,GAAG,UAAU,CAAC,IAAI,EAAE,GAAG,EAAE,MAAM,CAAC,gBAAgB,CAAC,CAAC;IACrD,+BAA+B;IAC/B,GAAG,GAAG,UAAU,CAAC,IAAI,EAAE,GAAG,EAAE,MAAM,CAAC,eAAe,CAAC,CAAC;IAEpD,IAAI,GAAG,KAAK,GAAG,CAAC,MAAM,EAAE,CAAC;QACvB,MAAM,IAAI,KAAK,CACb,0CAA0C,GAAG,oBAAoB,GAAG,CAAC,MAAM,EAAE,CAC9E,CAAC;IACJ,CAAC;IACD,OAAO,MAAM,CAAC,GAAG,CAAC,CAAC;AACrB,CAAC"}
|
|
@@ -0,0 +1,193 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* TA-09 — Canonical cosign digest (SDK side).
|
|
3
|
+
*
|
|
4
|
+
* Mirrors `programs/sigil/src/utils/cosign_digest.rs` exactly. The SDK
|
|
5
|
+
* computes this off-chain, the owner+cosigner sign `queue_policy_update` with
|
|
6
|
+
* the cosign session pubkey as an arg. The on-chain handler:
|
|
7
|
+
* 1. At queue time, recomputes the digest from the resulting pending args +
|
|
8
|
+
* the cosign session pubkey and stores it on `PendingPolicyUpdate`.
|
|
9
|
+
* 2. At apply time, recomputes it AGAIN from the persisted pending args and
|
|
10
|
+
* asserts byte-equality. Any tamper of pending args between queue and
|
|
11
|
+
* apply (e.g. a future discriminator-collision attack on the pending PDA)
|
|
12
|
+
* produces a digest mismatch and a hard reject (`ErrCosignRequired`,
|
|
13
|
+
* 6089).
|
|
14
|
+
*
|
|
15
|
+
* The cosign digest is INTENTIONALLY narrower than TA-19 `policy_preview_digest`:
|
|
16
|
+
* only the FIELDS that participate in "elevated mutation" detection are in
|
|
17
|
+
* scope. Non-elevated fields (developer_fee_rate, max_slippage_bps,
|
|
18
|
+
* session_expiry_seconds, timelock_duration narrowing, protocol_mode,
|
|
19
|
+
* destination_mode, operating_hours, etc.) do NOT require cosign and are NOT
|
|
20
|
+
* bound by THIS digest — they are still bound by TA-19
|
|
21
|
+
* `policy_preview_digest` at queue time.
|
|
22
|
+
*
|
|
23
|
+
* Round 2 B4 F-1 fix (audit 2026-05-19): the cosign-digest binding now
|
|
24
|
+
* extends to all G3 + G6 elevation triggers that were previously NOT bound:
|
|
25
|
+
* - `stable_balance_floor` (G3) — LOWERING weakens custody
|
|
26
|
+
* - `per_recipient_daily_cap_usd` (G3) — RAISING widens spend
|
|
27
|
+
* - `has_protocol_caps` (G3) — disabling protocol caps
|
|
28
|
+
* - `protocol_caps` (G3) — shrinking individual caps
|
|
29
|
+
* - `cosign_required` (G6) — disabling cosign one-way
|
|
30
|
+
* Without this binding, a tampered SDK or discriminator-collision attack
|
|
31
|
+
* could mutate the pending PDA between queue and apply on those triggers
|
|
32
|
+
* without producing a cosign-digest mismatch (TA-19's policy_preview_digest
|
|
33
|
+
* binds them at the *policy* level but the cosign-binding promise is "the
|
|
34
|
+
* session signature covers the SAME pending args the owner signed").
|
|
35
|
+
*
|
|
36
|
+
* CANONICAL ENCODING (FIXED — DO NOT REORDER, APPEND-ONLY):
|
|
37
|
+
* 1. cosign_session: Pubkey (32 bytes raw)
|
|
38
|
+
* 2. daily_spending_cap_usd: Option<u64>
|
|
39
|
+
* - tag: 1 byte (0=None, 1=Some)
|
|
40
|
+
* - payload (if Some): u64 LE (8 bytes)
|
|
41
|
+
* 3. max_transaction_amount_usd: Option<u64>
|
|
42
|
+
* - same shape as #2
|
|
43
|
+
* 4. allowed_destinations: Option<Vec<Pubkey>>
|
|
44
|
+
* - tag: 1 byte (0=None, 1=Some)
|
|
45
|
+
* - payload (if Some): u32 LE length (4 bytes) ++ each Pubkey 32 bytes
|
|
46
|
+
* 5. protocols: Option<Vec<Pubkey>>
|
|
47
|
+
* - same shape as #4
|
|
48
|
+
* 6. stable_balance_floor: Option<u64> (B4 F-1)
|
|
49
|
+
* - same shape as #2
|
|
50
|
+
* 7. per_recipient_daily_cap_usd: Option<u64> (B4 F-1)
|
|
51
|
+
* - same shape as #2
|
|
52
|
+
* 8. has_protocol_caps: Option<bool> (B4 F-1)
|
|
53
|
+
* - tag: 1 byte (0=None, 1=Some)
|
|
54
|
+
* - payload (if Some): 1 byte (0/1)
|
|
55
|
+
* 9. protocol_caps: Option<Vec<u64>> (B4 F-1)
|
|
56
|
+
* - tag: 1 byte (0=None, 1=Some)
|
|
57
|
+
* - payload (if Some): u32 LE length (4 bytes) ++ each u64 8 bytes LE
|
|
58
|
+
* 10. cosign_required: Option<bool> (B4 F-1)
|
|
59
|
+
* - same shape as #8
|
|
60
|
+
*
|
|
61
|
+
* Total bounded by MAX_ALLOWED_PROTOCOLS=10 + MAX_ALLOWED_DESTINATIONS=10 at
|
|
62
|
+
* 32 bytes each + MAX_PROTOCOL_CAPS=10 * 8 + fixed scalars ≈ 805 bytes worst
|
|
63
|
+
* case.
|
|
64
|
+
*
|
|
65
|
+
* Forward-compat note: per the on-chain comment, the canonical encoding here
|
|
66
|
+
* is APPEND-ONLY — new fields land at the END to preserve replayable digests
|
|
67
|
+
* for in-flight pending PDAs across upgrades.
|
|
68
|
+
*/
|
|
69
|
+
import type { Address } from "../kit-adapter.js";
|
|
70
|
+
/**
|
|
71
|
+
* Canonical cosign-digest input shape. Matches the on-chain
|
|
72
|
+
* `CosignDigestFields` struct in `programs/sigil/src/utils/cosign_digest.rs`
|
|
73
|
+
* exactly.
|
|
74
|
+
*
|
|
75
|
+
* Optional fields:
|
|
76
|
+
* - `null` or `undefined` → Option::None on-chain (tag byte = 0, no payload).
|
|
77
|
+
* - non-null value → Option::Some on-chain (tag byte = 1 + payload).
|
|
78
|
+
*
|
|
79
|
+
* Note that the discriminator is load-bearing: `None` vs `Some(0)` produce
|
|
80
|
+
* DIFFERENT digests. The on-chain handler's "is_elevated" detection relies on
|
|
81
|
+
* `Option::is_some_and(|new| new > live)` — a None pass-through never
|
|
82
|
+
* elevates, but a Some(0) lower DOES elevate (and the digest reflects that
|
|
83
|
+
* choice).
|
|
84
|
+
*/
|
|
85
|
+
export interface CosignDigestFields {
|
|
86
|
+
/**
|
|
87
|
+
* The cosigning session pubkey. 32 bytes raw at position 1.
|
|
88
|
+
*
|
|
89
|
+
* NON-Codama-generated SDK consumers passing the digest-encoded
|
|
90
|
+
* `cosign_session` arg to a queue handler MUST observe the canonical
|
|
91
|
+
* arg contract (Round 2 §RP-2 B4 F-3, 2026-05-19):
|
|
92
|
+
* - Non-elevated queue: pass `Pubkey::default()`
|
|
93
|
+
* (`11111111111111111111111111111111`) — and OMIT the cosigner from
|
|
94
|
+
* `remaining_accounts`.
|
|
95
|
+
* - Elevated queue (raising daily_cap, expanding destinations,
|
|
96
|
+
* lowering stable_balance_floor, raising per_recipient_daily_cap,
|
|
97
|
+
* disabling protocol_caps, mutating protocol_caps, or disabling
|
|
98
|
+
* cosign): pass a REAL session pubkey AND include it in
|
|
99
|
+
* `remaining_accounts` with `is_signer == true`. Use
|
|
100
|
+
* `buildCosignBundle()` in `sdk/kit/src/cosign-helper.ts` to mirror
|
|
101
|
+
* the on-chain digest the handler will store on
|
|
102
|
+
* `PendingPolicyUpdate`.
|
|
103
|
+
* - Reject path: passing a non-default `cosign_session` on a
|
|
104
|
+
* non-elevated queue surfaces `InvalidPermissions` (6088).
|
|
105
|
+
* INTENTIONAL — the on-chain handler refuses to silently downgrade
|
|
106
|
+
* a caller's declared intent.
|
|
107
|
+
*
|
|
108
|
+
* @see sdk/kit/src/cosign-helper.ts — full contract in the "CANONICAL
|
|
109
|
+
* `cosign_session` ARG CONTRACT" block.
|
|
110
|
+
*/
|
|
111
|
+
cosignSession: Address | string;
|
|
112
|
+
/**
|
|
113
|
+
* Pending `daily_spending_cap_usd` arg. `null`/`undefined` = pass-through
|
|
114
|
+
* (Option::None). Bound at position 2.
|
|
115
|
+
*/
|
|
116
|
+
dailySpendingCapUsd?: bigint | null;
|
|
117
|
+
/**
|
|
118
|
+
* Pending `max_transaction_amount_usd` arg. Bound at position 3.
|
|
119
|
+
*/
|
|
120
|
+
maxTransactionAmountUsd?: bigint | null;
|
|
121
|
+
/**
|
|
122
|
+
* Pending `allowed_destinations` arg. `null`/`undefined` = pass-through
|
|
123
|
+
* (Option::None); empty array = Some([]) (NOT the same as None — load-bearing
|
|
124
|
+
* discriminator). Bound at position 4.
|
|
125
|
+
*/
|
|
126
|
+
allowedDestinations?: readonly (Address | string)[] | null;
|
|
127
|
+
/**
|
|
128
|
+
* Pending `protocols` arg. Same shape as #4. Bound at position 5.
|
|
129
|
+
*/
|
|
130
|
+
protocols?: readonly (Address | string)[] | null;
|
|
131
|
+
/**
|
|
132
|
+
* Round 2 B4 F-1 (2026-05-19): pending `stable_balance_floor` arg
|
|
133
|
+
* (6-decimal USDC face value). G3 elevation trigger — LOWERING the
|
|
134
|
+
* floor weakens custody safety. Bound at position 6. Same Option<u64>
|
|
135
|
+
* shape as #2.
|
|
136
|
+
*/
|
|
137
|
+
stableBalanceFloor?: bigint | null;
|
|
138
|
+
/**
|
|
139
|
+
* Round 2 B4 F-1: pending `per_recipient_daily_cap_usd` arg (6-decimal
|
|
140
|
+
* USDC face value). G3 elevation trigger — RAISING / DISABLING widens
|
|
141
|
+
* spend per recipient. Bound at position 7. Same Option<u64> shape as
|
|
142
|
+
* #2.
|
|
143
|
+
*/
|
|
144
|
+
perRecipientDailyCapUsd?: bigint | null;
|
|
145
|
+
/**
|
|
146
|
+
* Round 2 B4 F-1: pending `has_protocol_caps` flag. G3 elevation
|
|
147
|
+
* trigger — disabling protocol caps entirely. Bound at position 8.
|
|
148
|
+
* Option<bool>: `null`/`undefined` = Option::None (tag 0), boolean =
|
|
149
|
+
* Option::Some (tag 1 + 1 byte payload, 0/1).
|
|
150
|
+
*/
|
|
151
|
+
hasProtocolCaps?: boolean | null;
|
|
152
|
+
/**
|
|
153
|
+
* Round 2 B4 F-1: pending `protocol_caps` Vec<u64> arg (6-decimal USDC
|
|
154
|
+
* face values, parallel to `protocols`). G3 elevation trigger —
|
|
155
|
+
* shrinking individual caps to zero or raising them. Bound at position
|
|
156
|
+
* 9. Option<Vec<u64>>: `null`/`undefined` = Option::None (tag 0); empty
|
|
157
|
+
* array = Some([]) (NOT the same as None — load-bearing discriminator).
|
|
158
|
+
* Order matters (parallel-array semantics).
|
|
159
|
+
*/
|
|
160
|
+
protocolCaps?: readonly bigint[] | null;
|
|
161
|
+
/**
|
|
162
|
+
* Round 2 B4 F-1: pending `cosign_required` flag. G6 elevation trigger
|
|
163
|
+
* — disabling cosign on a cosign-opted-in vault is a one-way ratchet
|
|
164
|
+
* (disabling cosign requires cosign). Bound at position 10. Same
|
|
165
|
+
* Option<bool> shape as #8.
|
|
166
|
+
*/
|
|
167
|
+
cosignRequired?: boolean | null;
|
|
168
|
+
}
|
|
169
|
+
/**
|
|
170
|
+
* Compute the canonical SHA-256 of the cosign digest fields.
|
|
171
|
+
*
|
|
172
|
+
* Returns a 32-byte `Uint8Array`. Identical to the on-chain helper
|
|
173
|
+
* `compute_cosign_digest` for the same input.
|
|
174
|
+
*
|
|
175
|
+
* Used by `cosign-helper.buildCosignBundle()` to produce the digest the
|
|
176
|
+
* on-chain handler will re-validate at queue + apply time.
|
|
177
|
+
*
|
|
178
|
+
* @throws if any pubkey doesn't base58-decode to exactly 32 bytes
|
|
179
|
+
* @throws if a u64 is negative or out of range
|
|
180
|
+
*/
|
|
181
|
+
export declare function computeCosignDigest(fields: CosignDigestFields): Uint8Array;
|
|
182
|
+
/** Equivalent of `Buffer.equals` for two `Uint8Array` digests.
|
|
183
|
+
*
|
|
184
|
+
* M-8 audit fix (2026-05-19): constant-time comparison. Previously this
|
|
185
|
+
* helper early-returned on the first mismatched byte, which leaks
|
|
186
|
+
* length-prefix information about the matching prefix via timing
|
|
187
|
+
* channels. Cosign digests are not classically time-attack-sensitive
|
|
188
|
+
* (they're produced and consumed locally), but constant-time is the
|
|
189
|
+
* defensive default. Both equal-length and unequal-length paths now run
|
|
190
|
+
* to completion before returning.
|
|
191
|
+
*/
|
|
192
|
+
export declare function cosignDigestsEqual(a: Uint8Array, b: Uint8Array): boolean;
|
|
193
|
+
//# sourceMappingURL=compute-cosign-digest.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"compute-cosign-digest.d.ts","sourceRoot":"","sources":["../../src/policy/compute-cosign-digest.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAmEG;AAGH,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,mBAAmB,CAAC;AAEjD;;;;;;;;;;;;;;GAcG;AACH,MAAM,WAAW,kBAAkB;IACjC;;;;;;;;;;;;;;;;;;;;;;;;OAwBG;IACH,aAAa,EAAE,OAAO,GAAG,MAAM,CAAC;IAChC;;;OAGG;IACH,mBAAmB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACpC;;OAEG;IACH,uBAAuB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACxC;;;;OAIG;IACH,mBAAmB,CAAC,EAAE,SAAS,CAAC,OAAO,GAAG,MAAM,CAAC,EAAE,GAAG,IAAI,CAAC;IAC3D;;OAEG;IACH,SAAS,CAAC,EAAE,SAAS,CAAC,OAAO,GAAG,MAAM,CAAC,EAAE,GAAG,IAAI,CAAC;IACjD;;;;;OAKG;IACH,kBAAkB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACnC;;;;;OAKG;IACH,uBAAuB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACxC;;;;;OAKG;IACH,eAAe,CAAC,EAAE,OAAO,GAAG,IAAI,CAAC;IACjC;;;;;;;OAOG;IACH,YAAY,CAAC,EAAE,SAAS,MAAM,EAAE,GAAG,IAAI,CAAC;IACxC;;;;;OAKG;IACH,cAAc,CAAC,EAAE,OAAO,GAAG,IAAI,CAAC;CACjC;AAoED;;;;;;;;;;;GAWG;AACH,wBAAgB,mBAAmB,CAAC,MAAM,EAAE,kBAAkB,GAAG,UAAU,CA4K1E;AAED;;;;;;;;;GASG;AACH,wBAAgB,kBAAkB,CAAC,CAAC,EAAE,UAAU,EAAE,CAAC,EAAE,UAAU,GAAG,OAAO,CAexE"}
|