@velumdotcash/sdk 2.0.0

package/dist/test_paylink_logic.test.js

@@ -0,0 +1,114 @@
+import { describe, it, expect, beforeAll } from 'vitest';
+import { Keypair } from '@solana/web3.js';
+import { EncryptionService } from './utils/encryption.js';
+import { WasmFactory } from '@lightprotocol/hasher.rs';
+import { LocalStorage } from 'node-localstorage';
+import { Utxo } from './models/utxo.js';
+import { Keypair as UtxoKeypair } from './models/keypair.js';
+// Mock storage
+const storage = new LocalStorage('./test-storage');
+describe('Paylink Logic (Third-Party Deposit)', () => {
+    let connection;
+    let senderKeypair;
+    let receiverKeypair;
+    let encryptionServiceSender;
+    let encryptionServiceReceiver;
+    let lightWasm;
+    beforeAll(async () => {
+        // Use a local validator or devnet. For unit testing logic we might mock connection,
+        // but here we want to test the flow.
+        // If no local validator, we might fail network calls.
+        // Let's assume we are testing the *logic* of key derivation and encryption first,
+        // and mocking the actual transaction submission if possible, or just checking the function arguments.
+        // Actually, we can't easily mock the whole deposit flow without a real RPC.
+        // But we can test the critical parts:
+        // 1. Recipient Key Derivation
+        // 2. Encryption (Asymmetric)
+        // 3. Decryption (by Recipient)
+        lightWasm = await WasmFactory.getInstance();
+        senderKeypair = Keypair.generate();
+        receiverKeypair = Keypair.generate();
+        encryptionServiceSender = new EncryptionService();
+        encryptionServiceSender.deriveEncryptionKeyFromWallet(senderKeypair);
+        encryptionServiceReceiver = new EncryptionService();
+        encryptionServiceReceiver.deriveEncryptionKeyFromWallet(receiverKeypair);
+    });
+    it('should correctly derive keys for the recipient', () => {
+        // 1. Get Recipient's UTXO Public Key (Poseidon Hash of Private Key)
+        const recipientUtxoPrivateKey = encryptionServiceReceiver.getUtxoPrivateKeyV2();
+        // We need to simulate how the frontend would get this.
+        // The frontend would have access to the recipient's wallet signature to derive this.
+        // This is the key the recipient publishes
+        const recipientUtxoPubkey = encryptionServiceReceiver.getUtxoPrivateKeyV2();
+        // WAIT: getUtxoPrivateKeyV2 returns the PRIVATE key.
+        // We need the PUBLIC key corresponding to this.
+        // Let's check how UtxoKeypair works.
+        // It takes the privkey and derives the pubkey.
+        // We need to instantiate it to get the pubkey.
+        const recipientUtxoKeypair = new UtxoKeypair(recipientUtxoPrivateKey, lightWasm);
+        const recipientPublicUtxoKey = recipientUtxoKeypair.pubkey;
+        console.log('Recipient UTXO Public Key:', recipientPublicUtxoKey.toString());
+        expect(recipientPublicUtxoKey).toBeDefined();
+        // 2. Get Recipient's Encryption Public Key (X25519)
+        const recipientAsymmetricPubKey = encryptionServiceReceiver.getAsymmetricPublicKey();
+        console.log('Recipient Asymmetric Public Key:', Buffer.from(recipientAsymmetricPubKey).toString('hex'));
+        expect(recipientAsymmetricPubKey).toBeDefined();
+        expect(recipientAsymmetricPubKey.length).toBe(32);
+    });
+    it('should encrypt a message sender -> recipient using UTXO format', async () => {
+        // Create a proper UTXO for encryption (not raw string)
+        const recipientAsymmetricPubKey = encryptionServiceReceiver.getAsymmetricPublicKey();
+        const recipientUtxoPrivateKey = encryptionServiceReceiver.getUtxoPrivateKeyV2();
+        const recipientUtxoKeypair = new UtxoKeypair(recipientUtxoPrivateKey, lightWasm);
+        const recipientPublicUtxoKey = recipientUtxoKeypair.pubkey;
+        // Create a test UTXO
+        const testUtxo = new Utxo({
+            lightWasm,
+            amount: '5000',
+            publicKey: recipientPublicUtxoKey,
+            index: 5
+        });
+        // Sender encrypts for Recipient using V3 (asymmetric)
+        const encrypted = encryptionServiceSender.encryptUtxo(testUtxo, recipientAsymmetricPubKey);
+        // Verify it's V3 format
+        expect(encryptionServiceSender.getEncryptionKeyVersion(encrypted)).toBe('v3');
+        // Recipient decrypts
+        const decrypted = await encryptionServiceReceiver.decryptUtxo(encrypted, lightWasm);
+        expect(decrypted).not.toBeNull();
+        expect(decrypted.amount.toString()).toBe('5000');
+    });
+    it('should encrypt and decrypt a UTXO for a third party', async () => {
+        // Recipient Setup
+        const recipientUtxoPrivateKey = encryptionServiceReceiver.getUtxoPrivateKeyV2();
+        const recipientUtxoKeypair = new UtxoKeypair(recipientUtxoPrivateKey, lightWasm);
+        const recipientPublicUtxoKey = recipientUtxoKeypair.pubkey;
+        const recipientAsymmetricPubKey = encryptionServiceReceiver.getAsymmetricPublicKey();
+        // Sender creates a UTXO destined for Recipient
+        // Sender DOES NOT have recipientUtxoPrivateKey.
+        // Sender only has recipientPublicUtxoKey.
+        const utxoForRecipient = new Utxo({
+            lightWasm,
+            amount: '1000',
+            publicKey: recipientPublicUtxoKey, // Using the new functionality we added
+            index: 10
+        });
+        // Verify Utxo was created correctly
+        expect(utxoForRecipient.pubkey.toString()).toBe(recipientPublicUtxoKey.toString());
+        expect(utxoForRecipient.keypair).toBeUndefined(); // Should not have private key
+        // Sender Encrypts UTXO for Recipient
+        const encryptedUtxo = encryptionServiceSender.encryptUtxo(utxoForRecipient, recipientAsymmetricPubKey);
+        // Verify it's V3
+        expect(encryptionServiceReceiver.getEncryptionKeyVersion(encryptedUtxo)).toBe('v3');
+        // Recipient Decrypts
+        const decryptedUtxo = await encryptionServiceReceiver.decryptUtxo(encryptedUtxo, lightWasm);
+        // Verification - decryptUtxo can return null for schema version mismatch, but should succeed here
+        expect(decryptedUtxo).not.toBeNull();
+        expect(decryptedUtxo.amount.toString()).toBe('1000');
+        expect(decryptedUtxo.index).toBe(10);
+        // Important: Decrypted UTXO should have the private key derived from the receiver's service!
+        // The `decryptUtxo` function uses `this.getUtxoPrivateKeyWithVersion('v2')` internally.
+        expect(decryptedUtxo.keypair).toBeDefined();
+        expect(decryptedUtxo.keypair.pubkey.toString()).toBe(recipientPublicUtxoKey.toString());
+        console.log("Third-party UTXO encryption/decryption cycle successful!");
+    });
+});

package/dist/utils/address_lookup_table.d.ts

@@ -0,0 +1,9 @@
+import { Connection, PublicKey } from '@solana/web3.js';
+/**
+ * Helper function to use an existing ALT (recommended for production)
+ * Use create_alt.ts to create the ALT once, then hardcode the address and use this function
+ */
+export declare function useExistingALT(connection: Connection, altAddress: PublicKey): Promise<{
+    value: any;
+} | null>;
+export declare function getProtocolAddressesWithMint(programId: PublicKey, authority: PublicKey, treeAta: PublicKey, feeRecipient: PublicKey, feeRecipientAta: PublicKey): PublicKey[];

package/dist/utils/address_lookup_table.js

@@ -0,0 +1,45 @@
+import { PublicKey, SystemProgram, ComputeBudgetProgram } from '@solana/web3.js';
+import { ASSOCIATED_TOKEN_PROGRAM_ID, TOKEN_PROGRAM_ID } from '@solana/spl-token';
+import { logger } from './logger.js';
+/**
+ * Helper function to use an existing ALT (recommended for production)
+ * Use create_alt.ts to create the ALT once, then hardcode the address and use this function
+ */
+export async function useExistingALT(connection, altAddress) {
+    try {
+        logger.debug(`Using existing ALT: ${altAddress.toString()}`);
+        const altAccount = await connection.getAddressLookupTable(altAddress);
+        if (altAccount.value) {
+            logger.debug(`✅ ALT found with ${altAccount.value.state.addresses.length} addresses`);
+        }
+        else {
+            logger.error('❌ ALT not found');
+        }
+        return altAccount;
+    }
+    catch (error) {
+        console.error('Error getting existing ALT:', error);
+        return null;
+    }
+}
+export function getProtocolAddressesWithMint(programId, authority, treeAta, feeRecipient, feeRecipientAta) {
+    // Derive global config PDA
+    const [globalConfigAccount] = PublicKey.findProgramAddressSync([Buffer.from('global_config')], programId);
+    // Derive tree accounts
+    const [treeAccount] = PublicKey.findProgramAddressSync([Buffer.from('merkle_tree')], programId);
+    return [
+        // Core program accounts (constant)
+        programId,
+        treeAccount,
+        treeAta,
+        globalConfigAccount,
+        authority,
+        feeRecipient,
+        feeRecipientAta,
+        // System programs (constant)
+        SystemProgram.programId,
+        ComputeBudgetProgram.programId,
+        ASSOCIATED_TOKEN_PROGRAM_ID,
+        TOKEN_PROGRAM_ID,
+    ];
+}

package/dist/utils/constants.d.ts

@@ -0,0 +1,27 @@
+import { PublicKey } from '@solana/web3.js';
+import BN from 'bn.js';
+export declare const FIELD_SIZE: BN;
+export declare const PROGRAM_ID: PublicKey;
+export declare const FEE_RECIPIENT: PublicKey;
+export declare const FETCH_UTXOS_GROUP_SIZE = 20000;
+export declare const TRANSACT_IX_DISCRIMINATOR: Buffer<ArrayBuffer>;
+export declare const TRANSACT_SPL_IX_DISCRIMINATOR: Buffer<ArrayBuffer>;
+export declare const MERKLE_TREE_DEPTH = 26;
+export declare const ALT_ADDRESS: PublicKey;
+export declare const RELAYER_API_URL: string;
+export declare const SIGN_MESSAGE = "Privacy Money account sign in";
+export declare const LSK_FETCH_OFFSET = "fetch_offset";
+export declare const LSK_ENCRYPTED_OUTPUTS = "encrypted_outputs";
+export declare const USDC_MINT: PublicKey;
+declare const tokenList: readonly ["sol", "usdc", "usdt", "zec", "ore", "store"];
+export type TokenList = typeof tokenList[number];
+declare const splList: readonly ["usdc", "usdt", "zec", "ore", "store"];
+export type SplList = typeof splList[number];
+export type Token = {
+    name: TokenList;
+    prefix: string;
+    units_per_token: number;
+    pubkey: PublicKey;
+};
+export declare const tokens: Token[];
+export {};

package/dist/utils/constants.js

@@ -0,0 +1,56 @@
+import { PublicKey } from '@solana/web3.js';
+import BN from 'bn.js';
+export const FIELD_SIZE = new BN('21888242871839275222246405745257275088548364400416034343698204186575808495617');
+export const PROGRAM_ID = process.env.NEXT_PUBLIC_PROGRAM_ID ? new PublicKey(process.env.NEXT_PUBLIC_PROGRAM_ID) : new PublicKey('9fhQBbumKEFuXtMBDw8AaQyAjCorLGJQiS3skWZdQyQD');
+export const FEE_RECIPIENT = new PublicKey('AWexibGxNFKTa1b5R5MN4PJr9HWnWRwf8EW9g8cLx3dM');
+export const FETCH_UTXOS_GROUP_SIZE = 20_000;
+export const TRANSACT_IX_DISCRIMINATOR = Buffer.from([217, 149, 130, 143, 221, 52, 252, 119]);
+export const TRANSACT_SPL_IX_DISCRIMINATOR = Buffer.from([154, 66, 244, 204, 78, 225, 163, 151]);
+export const MERKLE_TREE_DEPTH = 26;
+export const ALT_ADDRESS = process.env.NEXT_PUBLIC_ALT_ADDRESS ? new PublicKey(process.env.NEXT_PUBLIC_ALT_ADDRESS) : new PublicKey('HEN49U2ySJ85Vc78qprSW9y6mFDhs1NczRxyppNHjofe');
+export const RELAYER_API_URL = process.env.NEXT_PUBLIC_RELAYER_API_URL ?? 'https://api3.privacycash.org';
+export const SIGN_MESSAGE = `Privacy Money account sign in`;
+// localStorage cache keys
+export const LSK_FETCH_OFFSET = 'fetch_offset';
+export const LSK_ENCRYPTED_OUTPUTS = 'encrypted_outputs';
+export const USDC_MINT = process.env.NEXT_PUBLIC_USDC_MINT ? new PublicKey(process.env.NEXT_PUBLIC_USDC_MINT) : new PublicKey('EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v');
+const tokenList = ['sol', 'usdc', 'usdt', 'zec', 'ore', 'store'];
+const splList = ['usdc', 'usdt', 'zec', 'ore', 'store'];
+export const tokens = [
+    {
+        name: 'sol',
+        pubkey: new PublicKey('So11111111111111111111111111111111111111112'),
+        prefix: '',
+        units_per_token: 1e9
+    },
+    {
+        name: 'usdc',
+        pubkey: process.env.NEXT_PUBLIC_USDC_MINT ? new PublicKey(process.env.NEXT_PUBLIC_USDC_MINT) : new PublicKey('EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v'),
+        prefix: 'usdc_',
+        units_per_token: 1e6
+    },
+    {
+        name: 'usdt',
+        pubkey: process.env.NEXT_PUBLIC_USDT_MINT ? new PublicKey(process.env.NEXT_PUBLIC_USDT_MINT) : new PublicKey('Es9vMFrzaCERmJfrF4H2FYD4KCoNkY11McCe8BenwNYB'),
+        prefix: 'usdt_',
+        units_per_token: 1e6
+    },
+    {
+        name: 'zec',
+        pubkey: process.env.NEXT_PUBLIC_ZEC_MINT ? new PublicKey(process.env.NEXT_PUBLIC_ZEC_MINT) : new PublicKey('A7bdiYdS5GjqGFtxf17ppRHtDKPkkRqbKtR27dxvQXaS'),
+        prefix: 'zec_',
+        units_per_token: 1e8
+    },
+    {
+        name: 'ore',
+        pubkey: process.env.NEXT_PUBLIC_ORE_MINT ? new PublicKey(process.env.NEXT_PUBLIC_ORE_MINT) : new PublicKey('oreoU2P8bN6jkk3jbaiVxYnG1dCXcYxwhwyK9jSybcp'),
+        prefix: 'ore_',
+        units_per_token: 1e11
+    },
+    {
+        name: 'store',
+        pubkey: process.env.NEXT_PUBLIC_STORE_MINT ? new PublicKey(process.env.NEXT_PUBLIC_STORE_MINT) : new PublicKey('sTorERYB6xAZ1SSbwpK3zoK2EEwbBrc7TZAzg1uCGiH'),
+        prefix: 'store_',
+        units_per_token: 1e11
+    },
+];

package/dist/utils/debug-logger.d.ts

@@ -0,0 +1,250 @@
+/**
+ * Debug logging utility for privacy-cash SDK
+ *
+ * Provides detailed diagnostic logging for V3 asymmetric encryption decryption
+ * to help identify failure points without exposing sensitive key material.
+ */
+export type DebugLogLevel = 'trace' | 'debug' | 'info' | 'warn' | 'error';
+/**
+ * Error categories for decryption failures
+ */
+export type DecryptionErrorCategory = 'key_mismatch' | 'malformed_data' | 'version_error' | 'missing_key' | 'unknown';
+/**
+ * Detailed decryption failure record
+ */
+export interface DecryptionFailureRecord {
+    category: DecryptionErrorCategory;
+    errorMessage: string;
+    stackTrace?: string;
+    encryptedDataHash: string;
+    encryptedDataLength: number;
+    attemptedVersions?: string[];
+    timestamp: string;
+}
+/**
+ * Summary of decryption failures for a balance fetch operation
+ */
+export interface DecryptionFailureSummary {
+    totalAttempted: number;
+    totalDecrypted: number;
+    totalFailed: number;
+    totalSkipped: number;
+    totalSchemaMismatch: number;
+    failuresByCategory: Record<DecryptionErrorCategory, number>;
+    failures: DecryptionFailureRecord[];
+}
+export interface DebugLogEntry {
+    timestamp: string;
+    level: DebugLogLevel;
+    category: string;
+    message: string;
+    data?: Record<string, unknown>;
+}
+export type DebugLoggerFn = (entry: DebugLogEntry) => void;
+/**
+ * Enable debug logging programmatically
+ * @param customLogger Optional custom logger function
+ * @param verbose Enable verbose/trace mode for individual UTXO logs (default: false)
+ */
+export declare function enableDebugLogging(customLogger?: DebugLoggerFn, verbose?: boolean): void;
+/**
+ * Enable verbose mode for individual UTXO logs
+ */
+export declare function enableVerboseLogging(): void;
+/**
+ * Disable verbose mode
+ */
+export declare function disableVerboseLogging(): void;
+/**
+ * Check if verbose logging is enabled
+ */
+export declare function isVerboseEnabled(): boolean;
+/**
+ * Disable debug logging
+ */
+export declare function disableDebugLogging(): void;
+/**
+ * Install debug commands on the window object for production debugging
+ * Call this from browser console: window.privacyCashDebug.enable()
+ */
+export declare function installDebugCommands(): void;
+/**
+ * Check if debug logging is enabled
+ *
+ * Debug logging is enabled if any of the following conditions are met:
+ * 1. Explicitly enabled via enableDebugLogging()
+ * 2. PRIVACY_CASH_DEBUG environment variable is set to 'true' or '1'
+ * 3. window.PRIVACY_CASH_DEBUG is set to true, 'true', or '1'
+ * 4. Running in development mode (NODE_ENV=development or localhost)
+ * 5. URL contains ?privacy_cash_debug=true or ?privacy_cash_debug=1 (production feature)
+ */
+export declare function isDebugEnabled(): boolean;
+/**
+ * Set a custom debug logger function
+ */
+export declare function setDebugLogger(fn: DebugLoggerFn): void;
+/**
+ * Hash sensitive data for safe logging (first 8 chars of hex)
+ */
+export declare function hashForLog(data: Uint8Array | string | null | undefined): string;
+/**
+ * Format bytes length for logging
+ */
+export declare function bytesInfo(data: Uint8Array | Buffer | string | null | undefined): string;
+/**
+ * Debug logger for encryption-related operations
+ */
+export declare const debugLogger: {
+    /**
+     * Log the first 8 bytes (version prefix) of encrypted data
+     */
+    versionPrefixBytes(prefixHex: string, dataLength: number): void;
+    /**
+     * Log encryption version detection
+     */
+    versionDetected(encryptedDataHash: string, version: "v1" | "v2" | "v3", dataLength: number): void;
+    /**
+     * Log when version detection falls back to legacy V1 mode
+     */
+    versionFallbackToLegacy(prefixHex: string, reason: string): void;
+    /**
+     * Log key derivation steps (with hashed keys for privacy)
+     */
+    keyDerivation(step: string, keyHash: string, keyType: string): void;
+    /**
+     * Log asymmetric key pair generation
+     */
+    asymmetricKeyGenerated(publicKeyHash: string, secretKeyHash: string): void;
+    /**
+     * Log decryption attempt start
+     */
+    decryptionAttemptStart(version: string, encryptedDataHash: string, dataLength: number): void;
+    /**
+     * Log schema version mismatch for early termination
+     * Individual UTXO logs are verbose-only; tracking is always updated
+     * @param foundVersion The schema version byte found in the encrypted data
+     * @param expectedVersion The expected schema version byte
+     * @param encryptedDataHash Hash of the encrypted data for identification
+     */
+    schemaVersionMismatch(foundVersion: number, expectedVersion: number, encryptedDataHash: string): void;
+    /**
+     * Log recipient ID hash mismatch (O(1) early termination)
+     * This is the fastest way to skip UTXOs that don't belong to this wallet
+     */
+    recipientIdMismatch(encryptedDataHash: string): void;
+    /**
+     * Log decryption success
+     */
+    decryptionSuccess(version: string, decryptedLength: number): void;
+    /**
+     * Log decryption failure with detailed error info
+     */
+    decryptionFailure(version: string, errorType: string, errorMessage: string, context?: Record<string, unknown>): void;
+    /**
+     * Log V3 asymmetric decryption details
+     */
+    v3DecryptionDetails(ephemeralPubKeyHash: string, nonceHash: string, boxLength: number, recipientSecretKeyHash: string): void;
+    /**
+     * Log UTXO metadata after successful decryption
+     */
+    utxoDecrypted(commitmentHash: string, tokenMint: string, encryptedLength: number, utxoIndex: number | string, version: string): void;
+    /**
+     * Log UTXO decryption batch summary
+     */
+    utxoBatchSummary(total: number, decrypted: number, skipped: number, failed: number): void;
+    /**
+     * Log encryption service initialization
+     */
+    serviceInitialized(hasV1Key: boolean, hasV2Key: boolean, hasAsymmetricKey: boolean): void;
+    /**
+     * Log when attempting decryption without required key
+     */
+    missingKey(keyType: string, operation: string): void;
+    /**
+     * Generic debug log
+     */
+    debug(category: string, message: string, data?: Record<string, unknown>): void;
+    /**
+     * Generic info log
+     */
+    info(category: string, message: string, data?: Record<string, unknown>): void;
+    /**
+     * Generic warning log
+     */
+    warn(category: string, message: string, data?: Record<string, unknown>): void;
+    /**
+     * Generic error log
+     */
+    error(category: string, message: string, data?: Record<string, unknown>): void;
+    /**
+     * Log X25519 public key derivation for sender-side verification
+     * @param publicKeyHash Hash of the derived X25519 public key
+     * @param walletAddress The wallet address used for key derivation
+     * @param context Whether this is sender or recipient side
+     */
+    x25519KeyDerived(publicKeyHash: string, walletAddress: string, context: "sender" | "recipient"): void;
+    /**
+     * Log X25519 public key used during encryption (sender side)
+     * @param recipientPublicKeyHash Hash of the recipient's X25519 public key being encrypted to
+     * @param walletAddress Sender's wallet address
+     */
+    x25519EncryptionKey(recipientPublicKeyHash: string, walletAddress?: string): void;
+    /**
+     * Log X25519 public key used during decryption (recipient side)
+     * @param derivedPublicKeyHash Hash of the recipient's derived X25519 public key
+     * @param walletAddress Recipient's wallet address
+     */
+    x25519DecryptionKey(derivedPublicKeyHash: string, walletAddress?: string): void;
+    /**
+     * Log key mismatch comparison when decryption fails
+     * @param expectedKeyHash Hash of the expected public key (from encrypted data)
+     * @param derivedKeyHash Hash of the derived public key (from wallet signature)
+     * @param walletAddress The wallet address used for derivation
+     */
+    x25519KeyMismatch(expectedKeyHash: string, derivedKeyHash: string, walletAddress?: string): void;
+    /**
+     * Log wallet address association with key derivation
+     * @param walletAddress The wallet address being used
+     * @param operation The operation being performed (encryption/decryption)
+     */
+    walletKeyDerivation(walletAddress: string, operation: "encrypt" | "decrypt" | "derive"): void;
+    /**
+     * Initialize failure tracking for a new balance fetch operation
+     */
+    startFailureTracking(): void;
+    /**
+     * Categorize an error based on its message and type
+     */
+    categorizeError(error: Error | unknown): DecryptionErrorCategory;
+    /**
+     * Record a decryption failure with full context
+     * Individual failure logs are only shown in verbose mode to avoid console spam
+     */
+    recordDecryptionFailure(error: Error | unknown, encryptedDataHex: string, attemptedVersions?: string[]): void;
+    /**
+     * Record a schema version mismatch (early termination)
+     * These are tracked separately since they're expected behavior for UTXOs not belonging to the user
+     */
+    recordSchemaMismatch(): void;
+    /**
+     * Record a successful decryption
+     */
+    recordDecryptionSuccess(): void;
+    /**
+     * Record a skipped UTXO (empty/null encrypted data)
+     */
+    recordDecryptionSkipped(): void;
+    /**
+     * Increment the total attempted counter
+     */
+    recordDecryptionAttempt(): void;
+    /**
+     * Get the current failure summary and log it
+     * Logs a single summary line per balance fetch (not per-UTXO)
+     */
+    endFailureTracking(): DecryptionFailureSummary | null;
+    /**
+     * Get the current failure summary without ending tracking
+     */
+    getCurrentFailureSummary(): DecryptionFailureSummary | null;
+};