npm - @verbeth/sdk - Versions diffs - 0.1.4 → 0.1.6 - Mend

@verbeth/sdk 0.1.4 → 0.1.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (190) hide show

package/README.md +20 -168
package/dist/esm/src/addresses.d.ts +20 -0
package/dist/esm/src/addresses.d.ts.map +1 -0
package/dist/esm/src/addresses.js +33 -0
package/dist/esm/src/client/HsrTagIndex.d.ts +77 -0
package/dist/esm/src/client/HsrTagIndex.d.ts.map +1 -0
package/dist/esm/src/client/HsrTagIndex.js +157 -0
package/dist/esm/src/client/PendingManager.d.ts +65 -0
package/dist/esm/src/client/PendingManager.d.ts.map +1 -0
package/dist/esm/src/client/PendingManager.js +84 -0
package/dist/esm/src/client/SessionManager.d.ts +65 -0
package/dist/esm/src/client/SessionManager.d.ts.map +1 -0
package/dist/esm/src/client/SessionManager.js +146 -0
package/dist/esm/src/client/VerbethClient.d.ts +153 -99
package/dist/esm/src/client/VerbethClient.d.ts.map +1 -1
package/dist/esm/src/client/VerbethClient.js +429 -123
package/dist/esm/src/client/VerbethClientBuilder.d.ts +105 -0
package/dist/esm/src/client/VerbethClientBuilder.d.ts.map +1 -0
package/dist/esm/src/client/VerbethClientBuilder.js +146 -0
package/dist/esm/src/client/hsrMatcher.d.ts +22 -0
package/dist/esm/src/client/hsrMatcher.d.ts.map +1 -0
package/dist/esm/src/client/hsrMatcher.js +31 -0
package/dist/esm/src/client/index.d.ts +6 -1
package/dist/esm/src/client/index.d.ts.map +1 -1
package/dist/esm/src/client/index.js +2 -0
package/dist/esm/src/client/types.d.ts +151 -10
package/dist/esm/src/client/types.d.ts.map +1 -1
package/dist/esm/src/crypto(old).d.ts +46 -0
package/dist/esm/src/crypto(old).d.ts.map +1 -0
package/dist/esm/src/crypto(old).js +137 -0
package/dist/esm/src/crypto.d.ts +7 -29
package/dist/esm/src/crypto.d.ts.map +1 -1
package/dist/esm/src/crypto.js +36 -72
package/dist/esm/src/executor.d.ts +17 -18
package/dist/esm/src/executor.d.ts.map +1 -1
package/dist/esm/src/executor.js +54 -70
package/dist/esm/src/handshake.d.ts +51 -0
package/dist/esm/src/handshake.d.ts.map +1 -0
package/dist/esm/src/handshake.js +105 -0
package/dist/esm/src/identity.d.ts +24 -18
package/dist/esm/src/identity.d.ts.map +1 -1
package/dist/esm/src/identity.js +126 -31
package/dist/esm/src/index.d.ts +11 -7
package/dist/esm/src/index.d.ts.map +1 -1
package/dist/esm/src/index.js +10 -7
package/dist/esm/src/payload.d.ts +3 -30
package/dist/esm/src/payload.d.ts.map +1 -1
package/dist/esm/src/payload.js +3 -77
package/dist/esm/src/pq/kem.d.ts +33 -0
package/dist/esm/src/pq/kem.d.ts.map +1 -0
package/dist/esm/src/pq/kem.js +40 -0
package/dist/esm/src/ratchet/auth.d.ts +34 -0
package/dist/esm/src/ratchet/auth.d.ts.map +1 -0
package/dist/esm/src/ratchet/auth.js +88 -0
package/dist/esm/src/ratchet/codec.d.ts +52 -0
package/dist/esm/src/ratchet/codec.d.ts.map +1 -0
package/dist/esm/src/ratchet/codec.js +127 -0
package/dist/esm/src/ratchet/decrypt.d.ts +28 -0
package/dist/esm/src/ratchet/decrypt.d.ts.map +1 -0
package/dist/esm/src/ratchet/decrypt.js +255 -0
package/dist/esm/src/ratchet/encrypt.d.ts +17 -0
package/dist/esm/src/ratchet/encrypt.d.ts.map +1 -0
package/dist/esm/src/ratchet/encrypt.js +78 -0
package/dist/esm/src/ratchet/index.d.ts +8 -0
package/dist/esm/src/ratchet/index.d.ts.map +1 -0
package/dist/esm/src/ratchet/index.js +8 -0
package/dist/esm/src/ratchet/kdf.d.ts +60 -0
package/dist/esm/src/ratchet/kdf.d.ts.map +1 -0
package/dist/esm/src/ratchet/kdf.js +91 -0
package/dist/esm/src/ratchet/session.d.ts +43 -0
package/dist/esm/src/ratchet/session.d.ts.map +1 -0
package/dist/esm/src/ratchet/session.js +139 -0
package/dist/esm/src/ratchet/types.d.ts +168 -0
package/dist/esm/src/ratchet/types.d.ts.map +1 -0
package/dist/esm/src/ratchet/types.js +27 -0
package/dist/esm/src/safeSessionSigner.d.ts +35 -0
package/dist/esm/src/safeSessionSigner.d.ts.map +1 -0
package/dist/esm/src/safeSessionSigner.js +59 -0
package/dist/esm/src/send.d.ts +32 -24
package/dist/esm/src/send.d.ts.map +1 -1
package/dist/esm/src/send.js +84 -39
package/dist/esm/src/types.d.ts +8 -13
package/dist/esm/src/types.d.ts.map +1 -1
package/dist/esm/src/utils/safeSessionSigner.d.ts +23 -0
package/dist/esm/src/utils/safeSessionSigner.d.ts.map +1 -0
package/dist/esm/src/utils/safeSessionSigner.js +59 -0
package/dist/esm/src/utils/txQueue.d.ts +12 -0
package/dist/esm/src/utils/txQueue.d.ts.map +1 -0
package/dist/esm/src/utils/txQueue.js +25 -0
package/dist/esm/src/utils.d.ts +2 -3
package/dist/esm/src/utils.d.ts.map +1 -1
package/dist/esm/src/utils.js +5 -5
package/dist/esm/src/verify.d.ts +9 -25
package/dist/esm/src/verify.d.ts.map +1 -1
package/dist/esm/src/verify.js +49 -50
package/dist/src/addresses.d.ts +20 -0
package/dist/src/addresses.d.ts.map +1 -0
package/dist/src/addresses.js +33 -0
package/dist/src/client/HsrTagIndex.d.ts +77 -0
package/dist/src/client/HsrTagIndex.d.ts.map +1 -0
package/dist/src/client/HsrTagIndex.js +157 -0
package/dist/src/client/PendingManager.d.ts +65 -0
package/dist/src/client/PendingManager.d.ts.map +1 -0
package/dist/src/client/PendingManager.js +84 -0
package/dist/src/client/SessionManager.d.ts +65 -0
package/dist/src/client/SessionManager.d.ts.map +1 -0
package/dist/src/client/SessionManager.js +146 -0
package/dist/src/client/VerbethClient.d.ts +153 -99
package/dist/src/client/VerbethClient.d.ts.map +1 -1
package/dist/src/client/VerbethClient.js +429 -123
package/dist/src/client/VerbethClientBuilder.d.ts +105 -0
package/dist/src/client/VerbethClientBuilder.d.ts.map +1 -0
package/dist/src/client/VerbethClientBuilder.js +146 -0
package/dist/src/client/hsrMatcher.d.ts +22 -0
package/dist/src/client/hsrMatcher.d.ts.map +1 -0
package/dist/src/client/hsrMatcher.js +31 -0
package/dist/src/client/index.d.ts +6 -1
package/dist/src/client/index.d.ts.map +1 -1
package/dist/src/client/index.js +2 -0
package/dist/src/client/types.d.ts +151 -10
package/dist/src/client/types.d.ts.map +1 -1
package/dist/src/crypto(old).d.ts +46 -0
package/dist/src/crypto(old).d.ts.map +1 -0
package/dist/src/crypto(old).js +137 -0
package/dist/src/crypto.d.ts +7 -29
package/dist/src/crypto.d.ts.map +1 -1
package/dist/src/crypto.js +36 -72
package/dist/src/executor.d.ts +17 -18
package/dist/src/executor.d.ts.map +1 -1
package/dist/src/executor.js +54 -70
package/dist/src/handshake.d.ts +51 -0
package/dist/src/handshake.d.ts.map +1 -0
package/dist/src/handshake.js +105 -0
package/dist/src/identity.d.ts +24 -18
package/dist/src/identity.d.ts.map +1 -1
package/dist/src/identity.js +126 -31
package/dist/src/index.d.ts +11 -7
package/dist/src/index.d.ts.map +1 -1
package/dist/src/index.js +10 -7
package/dist/src/payload.d.ts +3 -30
package/dist/src/payload.d.ts.map +1 -1
package/dist/src/payload.js +3 -77
package/dist/src/pq/kem.d.ts +33 -0
package/dist/src/pq/kem.d.ts.map +1 -0
package/dist/src/pq/kem.js +40 -0
package/dist/src/ratchet/auth.d.ts +34 -0
package/dist/src/ratchet/auth.d.ts.map +1 -0
package/dist/src/ratchet/auth.js +88 -0
package/dist/src/ratchet/codec.d.ts +52 -0
package/dist/src/ratchet/codec.d.ts.map +1 -0
package/dist/src/ratchet/codec.js +127 -0
package/dist/src/ratchet/decrypt.d.ts +28 -0
package/dist/src/ratchet/decrypt.d.ts.map +1 -0
package/dist/src/ratchet/decrypt.js +255 -0
package/dist/src/ratchet/encrypt.d.ts +17 -0
package/dist/src/ratchet/encrypt.d.ts.map +1 -0
package/dist/src/ratchet/encrypt.js +78 -0
package/dist/src/ratchet/index.d.ts +8 -0
package/dist/src/ratchet/index.d.ts.map +1 -0
package/dist/src/ratchet/index.js +8 -0
package/dist/src/ratchet/kdf.d.ts +60 -0
package/dist/src/ratchet/kdf.d.ts.map +1 -0
package/dist/src/ratchet/kdf.js +91 -0
package/dist/src/ratchet/session.d.ts +43 -0
package/dist/src/ratchet/session.d.ts.map +1 -0
package/dist/src/ratchet/session.js +139 -0
package/dist/src/ratchet/types.d.ts +168 -0
package/dist/src/ratchet/types.d.ts.map +1 -0
package/dist/src/ratchet/types.js +27 -0
package/dist/src/safeSessionSigner.d.ts +35 -0
package/dist/src/safeSessionSigner.d.ts.map +1 -0
package/dist/src/safeSessionSigner.js +59 -0
package/dist/src/send.d.ts +32 -24
package/dist/src/send.d.ts.map +1 -1
package/dist/src/send.js +84 -39
package/dist/src/types.d.ts +8 -13
package/dist/src/types.d.ts.map +1 -1
package/dist/src/utils/safeSessionSigner.d.ts +23 -0
package/dist/src/utils/safeSessionSigner.d.ts.map +1 -0
package/dist/src/utils/safeSessionSigner.js +59 -0
package/dist/src/utils/txQueue.d.ts +12 -0
package/dist/src/utils/txQueue.d.ts.map +1 -0
package/dist/src/utils/txQueue.js +25 -0
package/dist/src/utils.d.ts +2 -3
package/dist/src/utils.d.ts.map +1 -1
package/dist/src/utils.js +5 -5
package/dist/src/verify.d.ts +9 -25
package/dist/src/verify.d.ts.map +1 -1
package/dist/src/verify.js +49 -50
package/package.json +2 -1

package/dist/src/identity.js CHANGED Viewed

@@ -1,22 +1,87 @@
+// packages/sdk/src/utils/identity.ts
 import { sha256 } from "@noble/hashes/sha2";
 import { hkdf } from "@noble/hashes/hkdf";
-import { concat, hexlify } from "ethers";
+import { Wallet, concat, hexlify, getBytes } from "ethers";
 import nacl from "tweetnacl";
 import { encodeUnifiedPubKeys } from "./payload.js";
+const SECP256K1_N = BigInt("0xfffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141");
+const SECP256K1_HALF_N = SECP256K1_N >> 1n;
+function bytesToBigIntBE(bytes) {
+    let hex = "";
+    for (const b of bytes)
+        hex += b.toString(16).padStart(2, "0");
+    return hex.length ? BigInt("0x" + hex) : 0n;
+}
+function bigIntTo32BytesBE(x) {
+    let hex = x.toString(16);
+    if (hex.length > 64)
+        hex = hex.slice(hex.length - 64);
+    hex = hex.padStart(64, "0");
+    const out = new Uint8Array(32);
+    for (let i = 0; i < 32; i++) {
+        out[i] = parseInt(hex.slice(i * 2, i * 2 + 2), 16);
+    }
+    return out;
+}
 /**
- * HKDF (RFC 5869) identity key derivation.
- * Returns a proof binding the derived keypair to the wallet address.
+ * Canonicalize an Ethereum ECDSA signature (65 bytes) to low-s form (only used as KDF input)
  */
-export async function deriveIdentityKeyPairWithProof(signer, address) {
-    // 1) Local secret seed (32B CSPRNG), domain-separated by address
-    const r = nacl.randomBytes(32);
+function canonicalizeEcdsaSig65(sig) {
+    if (sig.length !== 65)
+        return sig;
+    const r = sig.slice(0, 32);
+    const s = sig.slice(32, 64);
+    const v = sig[64];
+    const sBig = bytesToBigIntBE(s);
+    if (sBig <= SECP256K1_HALF_N)
+        return sig;
+    const sLow = SECP256K1_N - sBig;
+    const out = new Uint8Array(65);
+    out.set(r, 0);
+    out.set(bigIntTo32BytesBE(sLow), 32);
+    out[64] = v;
+    return out;
+}
+function buildSeedMessage(addrLower) {
+    const lines = [
+        "VerbEth Identity Seed v1",
+        `Address: ${addrLower}`,
+        "Context: verbeth",
+    ];
+    return lines.join("\n");
+}
+function buildBindingMessage(addrLower, pkEd25519Hex, pkX25519Hex, executorSafeAddress, ctx) {
+    const lines = [
+        "VerbEth Key Binding v1",
+        `Address: ${addrLower}`,
+        `PkEd25519: ${pkEd25519Hex}`,
+        `PkX25519: ${pkX25519Hex}`,
+        `ExecutorSafeAddress: ${executorSafeAddress ?? ""}`,
+    ];
+    if (typeof ctx?.chainId === "number")
+        lines.push(`ChainId: ${ctx.chainId}`);
+    if (ctx?.rpId)
+        lines.push(`RpId: ${ctx.rpId}`);
+    return lines.join("\n");
+}
+// ============================================================================
+// Derive all keys from seed signature
+// ============================================================================
+/**
+ * Derive all identity keys and session key from a single seed signature.
+ */
+export async function deriveIdentityKeys(signer, address) {
     const enc = new TextEncoder();
     const addrLower = address.toLowerCase();
-    // IKM = HKDF(r || "verbeth/addr:" || address_lower)
-    // salt/info are public domain labels
-    const seedSalt = enc.encode("verbeth/seed-v1");
+    const seedMessage = buildSeedMessage(addrLower);
+    let seedSignature = await signer.signMessage(seedMessage);
+    const seedSigBytes = canonicalizeEcdsaSig65(getBytes(seedSignature));
+    seedSignature = "";
+    // IKM = HKDF( canonicalSig || H(seedMessage) || "verbeth/addr:" || address_lower )
+    const seedSalt = enc.encode("verbeth/seed-sig-v1");
     const seedInfo = enc.encode("verbeth/ikm");
-    const ikmInput = concat([r, enc.encode("verbeth/addr:" + addrLower)]);
+    const seedMsgHash = sha256(enc.encode(seedMessage));
+    const ikmInput = getBytes(concat([seedSigBytes, seedMsgHash, enc.encode("verbeth/addr:" + addrLower)]));
     const ikm = hkdf(sha256, ikmInput, seedSalt, seedInfo, 32);
     // Derive X25519 (encryption)
     const info_x25519 = enc.encode("verbeth-x25519-v1");
@@ -26,6 +91,22 @@ export async function deriveIdentityKeyPairWithProof(signer, address) {
     const info_ed25519 = enc.encode("verbeth-ed25519-v1");
     const ed25519_seed = hkdf(sha256, ikm, new Uint8Array(0), info_ed25519, 32);
     const signKeyPair = nacl.sign.keyPair.fromSeed(ed25519_seed);
+    // Derive secp256k1 session key for txs via Safe module
+    const info_session = enc.encode("verbeth-session-secp256k1-v1");
+    const sessionSeed = hkdf(sha256, ikm, new Uint8Array(0), info_session, 32);
+    const sessionPrivateKey = hexlify(sessionSeed);
+    const sessionWallet = new Wallet(sessionPrivateKey);
+    const sessionAddress = sessionWallet.address;
+    try {
+        seedSigBytes.fill(0);
+        seedMsgHash.fill(0);
+        ikmInput.fill(0);
+        ikm.fill(0);
+        ed25519_seed.fill(0);
+        x25519_sk.fill(0);
+        sessionSeed.fill(0);
+    }
+    catch { }
     const pkX25519Hex = hexlify(boxKeyPair.publicKey);
     const pkEd25519Hex = hexlify(signKeyPair.publicKey);
     const keyPair = {
@@ -34,37 +115,51 @@ export async function deriveIdentityKeyPairWithProof(signer, address) {
         signingPublicKey: signKeyPair.publicKey,
         signingSecretKey: signKeyPair.secretKey,
     };
-    // 2) Single signature binding both public keys
-    const bindingMsgLines = [
-        "VerbEth Key Binding v1",
-        `Address: ${addrLower}`,
-        `PkEd25519: ${pkEd25519Hex}`,
-        `PkX25519: ${pkX25519Hex}`,
-        `Context: verbeth`,
-        `Version: 1`,
-    ];
-    const message = bindingMsgLines.join("\n");
+    return {
+        keyPair,
+        sessionPrivateKey,
+        sessionAddress,
+        pkX25519Hex,
+        pkEd25519Hex,
+    };
+}
+// ============================================================================
+// Create binding proof with Safe address
+// ============================================================================
+/**
+ * Create the binding proof that ties the derived keys to the Safe address.
+ */
+export async function createBindingProof(signer, address, derivedKeys, executorSafeAddress, ctx) {
+    const addrLower = address.toLowerCase();
+    const executorSafeAddressLower = executorSafeAddress.toLowerCase();
+    const message = buildBindingMessage(addrLower, derivedKeys.pkEd25519Hex, derivedKeys.pkX25519Hex, executorSafeAddressLower, ctx);
     const signature = await signer.signMessage(message);
     const messageRawHex = ("0x" +
         Buffer.from(message, "utf-8").toString("hex"));
     return {
-        keyPair,
-        identityProof: {
-            message,
-            signature,
-            messageRawHex,
-        },
+        message,
+        signature,
+        messageRawHex,
+    };
+}
+// this is when the Safe address is known upfront
+export async function deriveIdentityKeyPairWithProof(signer, address, executorSafeAddress, ctx) {
+    const derivedKeys = await deriveIdentityKeys(signer, address);
+    const identityProof = await createBindingProof(signer, address, derivedKeys, executorSafeAddress ?? "", ctx);
+    return {
+        ...derivedKeys,
+        identityProof,
     };
 }
-export async function deriveIdentityWithUnifiedKeys(signer, address) {
-    const result = await deriveIdentityKeyPairWithProof(signer, address);
-    const unifiedPubKeys = encodeUnifiedPubKeys(result.keyPair.publicKey, // X25519
-    result.keyPair.signingPublicKey // Ed25519
-    );
+export async function deriveIdentityWithUnifiedKeys(signer, address, executorSafeAddress, ctx) {
+    const result = await deriveIdentityKeyPairWithProof(signer, address, executorSafeAddress, ctx);
+    const unifiedPubKeys = encodeUnifiedPubKeys(result.keyPair.publicKey, result.keyPair.signingPublicKey);
     return {
         identityProof: result.identityProof,
         identityPubKey: result.keyPair.publicKey,
         signingPubKey: result.keyPair.signingPublicKey,
         unifiedPubKeys,
+        sessionPrivateKey: result.sessionPrivateKey,
+        sessionAddress: result.sessionAddress,
     };
 }

package/dist/src/index.d.ts CHANGED Viewed

@@ -1,18 +1,22 @@
 export * from './crypto.js';
 export * from './payload.js';
-export * from './send.js';
+export * from './handshake.js';
 export * from './verify.js';
 export * from './types.js';
 export * from './utils.js';
 export * from './identity.js';
 export * from './executor.js';
-export { decryptMessage as decryptLog } from './crypto.js';
-export { getNextNonce } from './utils/nonce.js';
-export { encodeUnifiedPubKeys, decodeUnifiedPubKeys, createHandshakePayload, createHandshakeResponseContent, extractKeysFromHandshakePayload, extractKeysFromHandshakeResponse, parseHandshakeKeys } from './payload.js';
-export { decryptAndExtractHandshakeKeys, decryptMessage, decryptHandshakeResponse } from './crypto.js';
+export { encodeUnifiedPubKeys, decodeUnifiedPubKeys, createHandshakeResponseContent, extractKeysFromHandshakeResponse, parseHandshakeKeys } from './payload.js';
+export { decryptAndExtractHandshakeKeys, decryptHandshakeResponse } from './crypto.js';
 export { verifyIdentityProof, verifyAndExtractHandshakeKeys, verifyAndExtractHandshakeResponseKeys } from './verify.js';
 export { deriveIdentityKeyPairWithProof, deriveIdentityWithUnifiedKeys } from './identity.js';
 export { IExecutor, EOAExecutor, UserOpExecutor, DirectEntryPointExecutor, ExecutorFactory } from './executor.js';
-export { VerbethClient } from './client/index.js';
-export type { VerbethClientConfig, HandshakeResult, HandshakeResponseResult } from './client/index.js';
+export { SafeSessionSigner } from "./utils/safeSessionSigner.js";
+export type { SafeSessionSignerOptions } from "./utils/safeSessionSigner.js";
+export { VerbethClient, VerbethClientBuilder, createVerbethClient, matchHsrToContact, } from './client/index.js';
+export type { VerbethClientConfig, VerbethClientCallbacks, TopicRatchetEvent, MessageDecryptedEvent, HandshakeResult, HandshakeResponseResult, SessionStore, PendingStore, PreparedMessage, DecryptedMessage, PendingMessage, PendingStatus, SendResult, ConfirmResult, SerializedSessionInfo, HsrEventData, CreateInitiatorSessionFromHsrParams, CreateVerbethClientOptions, PendingContactEntry, } from './client/index.js';
+export * from './ratchet/index.js';
+export { dh, deriveTopic, hybridInitialSecret } from './ratchet/kdf.js';
+export { kem } from './pq/kem.js';
+export * from './addresses.js';
 //# sourceMappingURL=index.d.ts.map

package/dist/src/index.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"~~AAAA~~,cAAc,aAAa,CAAC;AAC5B,cAAc,cAAc,CAAC;AAC7B,cAAc,~~WAAW~~,CAAC;~~AAC1B~~,cAAc,aAAa,CAAC;AAC5B,cAAc,YAAY,CAAC;AAC3B,cAAc,YAAY,CAAC;AAC3B,cAAc,eAAe,CAAC;AAC9B,cAAc,eAAe,CAAC;AAE9B,OAAO,~~EAAE,cAAc,IAAI,UAAU,EAAE,MAAM,aAAa,CAAC;AAE3D,OAAO,EAAE,YAAY,EAAE,MAAM,kBAAkB,CAAC;AAEhD,OAAO,~~EACL,oBAAoB,EACpB,oBAAoB,EACpB,~~sBAAsB,EACtB,~~8BAA8B,EAC9B~~,+BAA+B~~,~~EAC/B,~~gCAAgC,EAChC,kBAAkB,EACnB,MAAM,cAAc,CAAC;AAEtB,OAAO,EACL,8BAA8B,EAC9B,~~cAAc,EACd,~~wBAAwB,EACzB,MAAM,aAAa,CAAC;AAErB,OAAO,EACL,mBAAmB,EACnB,6BAA6B,EAC7B,qCAAqC,EACtC,MAAM,aAAa,CAAC;AAErB,OAAO,EACL,8BAA8B,EAC9B,6BAA6B,EAC9B,MAAM,eAAe,CAAC;AAEvB,OAAO,EACL,SAAS,EACT,WAAW,EACX,cAAc,EACd,wBAAwB,EACxB,eAAe,EAChB,MAAM,eAAe,CAAC;AAGvB,OAAO,EAAE,~~aAAa~~,EAAE,MAAM,mBAAmB,CAAC;~~AAClD~~,YAAY,EACV,mBAAmB,EACnB,eAAe,EACf,uBAAuB,~~EACxB~~,MAAM,mBAAmB,CAAC"}
1	+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAEA,cAAc,aAAa,CAAC;AAC5B,cAAc,cAAc,CAAC;AAC7B,cAAc,gBAAgB,CAAC;AAC/B,cAAc,aAAa,CAAC;AAC5B,cAAc,YAAY,CAAC;AAC3B,cAAc,YAAY,CAAC;AAC3B,cAAc,eAAe,CAAC;AAC9B,cAAc,eAAe,CAAC;AAE9B,OAAO,EACL,oBAAoB,EACpB,oBAAoB,EACpB,8BAA8B,EAC9B,gCAAgC,EAChC,kBAAkB,EACnB,MAAM,cAAc,CAAC;AAEtB,OAAO,EACL,8BAA8B,EAC9B,wBAAwB,EACzB,MAAM,aAAa,CAAC;AAErB,OAAO,EACL,mBAAmB,EACnB,6BAA6B,EAC7B,qCAAqC,EACtC,MAAM,aAAa,CAAC;AAErB,OAAO,EACL,8BAA8B,EAC9B,6BAA6B,EAC9B,MAAM,eAAe,CAAC;AAEvB,OAAO,EACL,SAAS,EACT,WAAW,EACX,cAAc,EACd,wBAAwB,EACxB,eAAe,EAChB,MAAM,eAAe,CAAC;AAGvB,OAAO,EAAE,iBAAiB,EAAE,MAAM,8BAA8B,CAAC;AACjE,YAAY,EAAE,wBAAwB,EAAE,MAAM,8BAA8B,CAAC;AAE7E,OAAO,EACL,aAAa,EACb,oBAAoB,EACpB,mBAAmB,EACnB,iBAAiB,GAClB,MAAM,mBAAmB,CAAC;AAE3B,YAAY,EACV,mBAAmB,EACnB,sBAAsB,EACtB,iBAAiB,EACjB,qBAAqB,EACrB,eAAe,EACf,uBAAuB,EAEvB,YAAY,EACZ,YAAY,EAEZ,eAAe,EACf,gBAAgB,EAChB,cAAc,EACd,aAAa,EAEb,UAAU,EACV,aAAa,EAEb,qBAAqB,EACrB,YAAY,EACZ,mCAAmC,EACnC,0BAA0B,EAC1B,mBAAmB,GACpB,MAAM,mBAAmB,CAAC;AAE3B,cAAc,oBAAoB,CAAC;AACnC,OAAO,EAAE,EAAE,EAAE,WAAW,EAAE,mBAAmB,EAAE,MAAM,kBAAkB,CAAC;AAExE,OAAO,EAAE,GAAG,EAAE,MAAM,aAAa,CAAC;AAElC,cAAc,gBAAgB,CAAC"}

package/dist/src/index.js CHANGED Viewed

@@ -1,17 +1,20 @@
+// packages/sdk/src/index.ts
 export * from './crypto.js';
 export * from './payload.js';
-export * from './send.js';
+export * from './handshake.js';
 export * from './verify.js';
 export * from './types.js';
 export * from './utils.js';
 export * from './identity.js';
 export * from './executor.js';
-export { decryptMessage as decryptLog } from './crypto.js';
-export { getNextNonce } from './utils/nonce.js';
-export { encodeUnifiedPubKeys, decodeUnifiedPubKeys, createHandshakePayload, createHandshakeResponseContent, extractKeysFromHandshakePayload, extractKeysFromHandshakeResponse, parseHandshakeKeys } from './payload.js';
-export { decryptAndExtractHandshakeKeys, decryptMessage, decryptHandshakeResponse } from './crypto.js';
+export { encodeUnifiedPubKeys, decodeUnifiedPubKeys, createHandshakeResponseContent, extractKeysFromHandshakeResponse, parseHandshakeKeys } from './payload.js';
+export { decryptAndExtractHandshakeKeys, decryptHandshakeResponse } from './crypto.js';
 export { verifyIdentityProof, verifyAndExtractHandshakeKeys, verifyAndExtractHandshakeResponseKeys } from './verify.js';
 export { deriveIdentityKeyPairWithProof, deriveIdentityWithUnifiedKeys } from './identity.js';
 export { EOAExecutor, UserOpExecutor, DirectEntryPointExecutor, ExecutorFactory } from './executor.js';
-// high-level client API
-export { VerbethClient } from './client/index.js';
+export { SafeSessionSigner } from "./utils/safeSessionSigner.js";
+export { VerbethClient, VerbethClientBuilder, createVerbethClient, matchHsrToContact, } from './client/index.js';
+export * from './ratchet/index.js';
+export { dh, deriveTopic, hybridInitialSecret } from './ratchet/kdf.js';
+export { kem } from './pq/kem.js';
+export * from './addresses.js';

package/dist/src/payload.d.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { IdentityProof, TopicInfoWire } from './types.js';
+import { IdentityProof } from './types.js';
 export interface EncryptedPayload {
     v: number;
     epk: string;
@@ -6,14 +6,6 @@ export interface EncryptedPayload {
     ct: string;
     sig?: string;
 }
-export interface MessagePayload {
-    content: string;
-    timestamp?: number;
-    messageType?: 'text' | 'file' | 'media';
-    metadata?: Record<string, any>;
-}
-export interface HandshakeResponsePayload extends EncryptedPayload {
-}
 export interface HandshakeContent {
     plaintextPayload: string;
     identityProof: IdentityProof;
@@ -50,30 +42,11 @@ export interface HandshakePayload {
 export interface HandshakeResponseContent {
     unifiedPubKeys: Uint8Array;
     ephemeralPubKey: Uint8Array;
+    kemCiphertext?: Uint8Array;
     note?: string;
     identityProof: IdentityProof;
-    topicInfo?: TopicInfoWire;
 }
-export declare function encodeHandshakePayload(payload: HandshakePayload): Uint8Array;
-export declare function decodeHandshakePayload(encoded: Uint8Array): HandshakePayload;
-export declare function encodeHandshakeResponseContent(content: HandshakeResponseContent): Uint8Array;
-export declare function decodeHandshakeResponseContent(encoded: Uint8Array): HandshakeResponseContent;
-/**
- * Creates HandshakePayload from separate identity keys
- */
-export declare function createHandshakePayload(identityPubKey: Uint8Array, signingPubKey: Uint8Array, ephemeralPubKey: Uint8Array, plaintextPayload: string): HandshakePayload;
-/**
- * Creates HandshakeResponseContent from separate identity keys
- */
-export declare function createHandshakeResponseContent(identityPubKey: Uint8Array, signingPubKey: Uint8Array, ephemeralPubKey: Uint8Array, note?: string, identityProof?: IdentityProof, topicInfo?: TopicInfoWire): HandshakeResponseContent;
-/**
- * Extracts individual keys from HandshakePayload
- */
-export declare function extractKeysFromHandshakePayload(payload: HandshakePayload): {
-    identityPubKey: Uint8Array;
-    signingPubKey: Uint8Array;
-    ephemeralPubKey: Uint8Array;
-} | null;
+export declare function createHandshakeResponseContent(identityPubKey: Uint8Array, signingPubKey: Uint8Array, ephemeralPubKey: Uint8Array, note?: string, identityProof?: IdentityProof, kemCiphertext?: Uint8Array): HandshakeResponseContent;
 /**
  * Extracts individual keys from HandshakeResponseContent
  */

package/dist/src/payload.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"payload.d.ts","sourceRoot":"","sources":["../../src/payload.ts"],"names":[],"mappings":"~~AACA~~,OAAO,EAAE,aAAa,EAAE,~~aAAa,EAAE,~~MAAM,YAAY,CAAC;~~AAG1D~~,MAAM,WAAW,gBAAgB;IAC/B,CAAC,EAAE,MAAM,CAAC;IACV,GAAG,EAAE,MAAM,CAAC;IACZ,CAAC,EAAE,MAAM,CAAC;IACV,EAAE,EAAE,MAAM,CAAC;IACX,GAAG,CAAC,EAAE,MAAM,CAAC;CACd;~~AAGD,MAAM,WAAW,cAAc;IAC7B,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,WAAW,CAAC,EAAE,MAAM,GAAG,MAAM,GAAG,OAAO,CAAC;IACxC,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;CAChC;~~AAED,MAAM,WAAW,~~wBAAyB,SAAQ,~~gBAAgB;~~CACjE;AAED,MAAM,WAAW,gBAAgB;~~IAC/B,gBAAgB,EAAE,MAAM,CAAC;IACzB,aAAa,EAAE,aAAa,CAAC;CAC9B;AAED,wBAAgB,qBAAqB,CAAC,gBAAgB,EAAE,MAAM,GAAG,gBAAgB,CAUhF;AAED,wBAAgB,yBAAyB,CAAC,OAAO,EAAE,gBAAgB,GAAG,MAAM,CAE3E;AAED,wBAAgB,aAAa,CAAC,eAAe,EAAE,UAAU,EAAE,KAAK,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,GAAG,CAAC,EAAE,UAAU,GAAG,MAAM,CAS9H;AAED,wBAAgB,aAAa,CAAC,IAAI,EAAE,MAAM,GAAG;IAC3C,GAAG,EAAE,UAAU,CAAC;IAChB,KAAK,EAAE,UAAU,CAAC;IAClB,UAAU,EAAE,UAAU,CAAC;IACvB,GAAG,CAAC,EAAE,UAAU,CAAA;CACjB,CAyBA;AAID,wBAAgB,uBAAuB,CAAC,CAAC,EAAE,OAAO,EAAE,CAAC,GAAG,UAAU,CAQjE;AAGD,wBAAgB,uBAAuB,CAAC,CAAC,EACvC,OAAO,EAAE,UAAU,EACnB,SAAS,EAAE,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC,GACzB,CAAC,CAGH;AAID;;GAEG;AACH,wBAAgB,oBAAoB,CAClC,cAAc,EAAE,UAAU,EAAG,oBAAoB;AACjD,aAAa,EAAE,UAAU,GACxB,UAAU,CAOZ;AAED;;GAEG;AACH,wBAAgB,oBAAoB,CAAC,OAAO,EAAE,UAAU,GAAG;IACzD,OAAO,EAAE,MAAM,CAAC;IAChB,cAAc,EAAE,UAAU,CAAC;IAC3B,aAAa,EAAE,UAAU,CAAC;CAC3B,GAAG,IAAI,~~CAoBP~~;AAED,MAAM,WAAW,gBAAgB;IAC/B,cAAc,EAAE,UAAU,CAAC;IAC3B,eAAe,EAAE,UAAU,CAAC;IAC5B,gBAAgB,EAAE,MAAM,CAAC;CAC1B;AAED,MAAM,WAAW,wBAAwB;IACvC,cAAc,EAAE,UAAU,CAAC;IAC3B,eAAe,EAAE,UAAU,CAAC;IAC5B,~~IAAI,CAAC,EAAE,MAAM,CAAC;IACd,~~aAAa,~~EAAE,aAAa,~~CAAC~~;IAC7B~~,~~SAAS,CAAC,~~EAAE,~~aAAa~~,CAAC;~~CAC3B;AAED~~,~~wBAAgB~~,~~sBAAsB,~~CAAC,~~OAAO,~~EAAE,~~gBAAgB~~,~~GAAG,UAAU,CAM5E;AAED,wBAAgB,sBAAsB,~~CAAC~~,OAAO,EAAE,UAAU,GAAG,gBAAgB,CAQ5E~~;~~AAED~~,~~wBAAgB~~,~~8BAA8B,CAAC,OAAO,~~EAAE,~~wBAAwB~~,~~GAAG,UAAU,CAY1F;AAEH,wBAAgB,8BAA8B,~~CAAC~~,OAAO,EAAE,UAAU,GAAG,wBAAwB,CAmB5F~~;~~AAED;;GAEG~~;~~AACH,wBAAgB,sBAAsB,CACpC,cAAc,EAAE,UAAU,EAC1B,aAAa,EAAE,UAAU,EACzB,eAAe,EAAE,UAAU,EAC3B,gBAAgB,EAAE,MAAM,GACvB,gBAAgB,CAMlB;~~AAED~~;;GAEG;AACH~~,wBAAgB,8BAA8B,CAC5C,cAAc,EAAE,UAAU,EAC1B,aAAa,EAAE,UAAU,EACzB,eAAe,EAAE,UAAU,EAC3B,IAAI,CAAC,EAAE,MAAM,EACb,aAAa,CAAC,EAAE,aAAa,EAC7B,~~SAAS~~,CAAC,EAAE,~~aAAa~~,~~GACxB~~,wBAAwB,CAY1B;AAED;;GAEG;AACH,wBAAgB~~,+BAA+B~~,~~CAAC,OAAO,EAAE,gBAAgB,GAAG;IAC1E,cAAc,EAAE,UAAU,CAAC;IAC3B,aAAa,EAAE,UAAU,CAAC;IAC1B,eAAe,EAAE,UAAU,CAAC;CAC7B,GAAG,IAAI,CASP;AAED;;GAEG;AACH,wBAAgB,~~gCAAgC,CAAC,OAAO,EAAE,wBAAwB,GAAG;IACnF,cAAc,EAAE,UAAU,CAAC;IAC3B,aAAa,EAAE,UAAU,CAAC;IAC1B,eAAe,EAAE,UAAU,CAAC;CAC7B,GAAG,IAAI,CASP;AAGD;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,KAAK,EAAE;IAAE,OAAO,EAAE,MAAM,CAAA;CAAE,GAAG;IAC9D,cAAc,EAAE,UAAU,CAAC;IAC3B,aAAa,EAAE,UAAU,CAAC;CAC3B,GAAG,IAAI,CAkBP"}
1	+ {"version":3,"file":"payload.d.ts","sourceRoot":"","sources":["../../src/payload.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAE3C,MAAM,WAAW,gBAAgB;IAC/B,CAAC,EAAE,MAAM,CAAC;IACV,GAAG,EAAE,MAAM,CAAC;IACZ,CAAC,EAAE,MAAM,CAAC;IACV,EAAE,EAAE,MAAM,CAAC;IACX,GAAG,CAAC,EAAE,MAAM,CAAC;CACd;AAED,MAAM,WAAW,gBAAgB;IAC/B,gBAAgB,EAAE,MAAM,CAAC;IACzB,aAAa,EAAE,aAAa,CAAC;CAC9B;AAED,wBAAgB,qBAAqB,CAAC,gBAAgB,EAAE,MAAM,GAAG,gBAAgB,CAUhF;AAED,wBAAgB,yBAAyB,CAAC,OAAO,EAAE,gBAAgB,GAAG,MAAM,CAE3E;AAED,wBAAgB,aAAa,CAAC,eAAe,EAAE,UAAU,EAAE,KAAK,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,GAAG,CAAC,EAAE,UAAU,GAAG,MAAM,CAS9H;AAED,wBAAgB,aAAa,CAAC,IAAI,EAAE,MAAM,GAAG;IAC3C,GAAG,EAAE,UAAU,CAAC;IAChB,KAAK,EAAE,UAAU,CAAC;IAClB,UAAU,EAAE,UAAU,CAAC;IACvB,GAAG,CAAC,EAAE,UAAU,CAAA;CACjB,CAyBA;AAID,wBAAgB,uBAAuB,CAAC,CAAC,EAAE,OAAO,EAAE,CAAC,GAAG,UAAU,CAQjE;AAGD,wBAAgB,uBAAuB,CAAC,CAAC,EACvC,OAAO,EAAE,UAAU,EACnB,SAAS,EAAE,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC,GACzB,CAAC,CAGH;AAID;;GAEG;AACH,wBAAgB,oBAAoB,CAClC,cAAc,EAAE,UAAU,EAAG,oBAAoB;AACjD,aAAa,EAAE,UAAU,GACxB,UAAU,CAOZ;AAED;;GAEG;AACH,wBAAgB,oBAAoB,CAAC,OAAO,EAAE,UAAU,GAAG;IACzD,OAAO,EAAE,MAAM,CAAC;IAChB,cAAc,EAAE,UAAU,CAAC;IAC3B,aAAa,EAAE,UAAU,CAAC;CAC3B,GAAG,IAAI,CAkBP;AAED,MAAM,WAAW,gBAAgB;IAC/B,cAAc,EAAE,UAAU,CAAC;IAC3B,eAAe,EAAE,UAAU,CAAC;IAC5B,gBAAgB,EAAE,MAAM,CAAC;CAC1B;AAED,MAAM,WAAW,wBAAwB;IACvC,cAAc,EAAE,UAAU,CAAC;IAC3B,eAAe,EAAE,UAAU,CAAC;IAC5B,aAAa,CAAC,EAAE,UAAU,CAAC;IAC3B,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,aAAa,EAAE,aAAa,CAAC;CAC9B;AAED,wBAAgB,8BAA8B,CAC5C,cAAc,EAAE,UAAU,EAC1B,aAAa,EAAE,UAAU,EACzB,eAAe,EAAE,UAAU,EAC3B,IAAI,CAAC,EAAE,MAAM,EACb,aAAa,CAAC,EAAE,aAAa,EAC7B,aAAa,CAAC,EAAE,UAAU,GACzB,wBAAwB,CAY1B;AAED;;GAEG;AACH,wBAAgB,gCAAgC,CAAC,OAAO,EAAE,wBAAwB,GAAG;IACnF,cAAc,EAAE,UAAU,CAAC;IAC3B,aAAa,EAAE,UAAU,CAAC;IAC1B,eAAe,EAAE,UAAU,CAAC;CAC7B,GAAG,IAAI,CASP;AAGD;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,KAAK,EAAE;IAAE,OAAO,EAAE,MAAM,CAAA;CAAE,GAAG;IAC9D,cAAc,EAAE,UAAU,CAAC;IAC3B,aAAa,EAAE,UAAU,CAAC;CAC3B,GAAG,IAAI,CAkBP"}

package/dist/src/payload.js CHANGED Viewed

@@ -1,3 +1,4 @@
+// packages/sdk/src/payload.ts
 export function parseHandshakePayload(plaintextPayload) {
     try {
         const parsed = JSON.parse(plaintextPayload);
@@ -80,7 +81,6 @@ signingPubKey // Ed25519 - 32 bytes
  */
 export function decodeUnifiedPubKeys(pubKeys) {
     if (pubKeys.length === 64) {
-        // Legacy
         return {
             version: 0,
             identityPubKey: pubKeys.slice(0, 32),
@@ -88,7 +88,6 @@ export function decodeUnifiedPubKeys(pubKeys) {
         };
     }
     if (pubKeys.length === 65 && pubKeys[0] === 0x01) {
-        // V1: with versioning
         return {
             version: 1,
             identityPubKey: pubKeys.slice(1, 33),
@@ -97,89 +96,16 @@ export function decodeUnifiedPubKeys(pubKeys) {
     }
     return null;
 }
-export function encodeHandshakePayload(payload) {
-    return new TextEncoder().encode(JSON.stringify({
-        unifiedPubKeys: Buffer.from(payload.unifiedPubKeys).toString('base64'),
-        ephemeralPubKey: Buffer.from(payload.ephemeralPubKey).toString('base64'),
-        plaintextPayload: payload.plaintextPayload
-    }));
-}
-export function decodeHandshakePayload(encoded) {
-    const json = new TextDecoder().decode(encoded);
-    const parsed = JSON.parse(json);
-    return {
-        unifiedPubKeys: Uint8Array.from(Buffer.from(parsed.unifiedPubKeys, 'base64')),
-        ephemeralPubKey: Uint8Array.from(Buffer.from(parsed.ephemeralPubKey, 'base64')),
-        plaintextPayload: parsed.plaintextPayload
-    };
-}
-export function encodeHandshakeResponseContent(content) {
-    return new TextEncoder().encode(JSON.stringify({
-        unifiedPubKeys: Buffer.from(content.unifiedPubKeys).toString('base64'),
-        ephemeralPubKey: Buffer.from(content.ephemeralPubKey).toString('base64'),
-        note: content.note,
-        identityProof: content.identityProof,
-        topicInfo: content.topicInfo ? {
-            out: content.topicInfo.out,
-            in: content.topicInfo.in,
-            chk: content.topicInfo.chk
-        } : undefined
-    }));
-}
-export function decodeHandshakeResponseContent(encoded) {
-    const json = new TextDecoder().decode(encoded);
-    const obj = JSON.parse(json);
-    if (!obj.identityProof) {
-        throw new Error("Invalid handshake response: missing identityProof");
-    }
-    return {
-        unifiedPubKeys: Uint8Array.from(Buffer.from(obj.unifiedPubKeys, 'base64')),
-        ephemeralPubKey: Uint8Array.from(Buffer.from(obj.ephemeralPubKey, 'base64')),
-        note: obj.note,
-        identityProof: obj.identityProof,
-        topicInfo: obj.topicInfo ? {
-            out: obj.topicInfo.out,
-            in: obj.topicInfo.in,
-            chk: obj.topicInfo.chk
-        } : undefined
-    };
-}
-/**
- * Creates HandshakePayload from separate identity keys
- */
-export function createHandshakePayload(identityPubKey, signingPubKey, ephemeralPubKey, plaintextPayload) {
-    return {
-        unifiedPubKeys: encodeUnifiedPubKeys(identityPubKey, signingPubKey),
-        ephemeralPubKey,
-        plaintextPayload
-    };
-}
-/**
- * Creates HandshakeResponseContent from separate identity keys
- */
-export function createHandshakeResponseContent(identityPubKey, signingPubKey, ephemeralPubKey, note, identityProof, topicInfo) {
+export function createHandshakeResponseContent(identityPubKey, signingPubKey, ephemeralPubKey, note, identityProof, kemCiphertext) {
     if (!identityProof) {
         throw new Error("Identity proof is now mandatory for handshake responses");
     }
     return {
         unifiedPubKeys: encodeUnifiedPubKeys(identityPubKey, signingPubKey),
         ephemeralPubKey,
+        ...(kemCiphertext && { kemCiphertext }),
         note,
         identityProof,
-        topicInfo
-    };
-}
-/**
- * Extracts individual keys from HandshakePayload
- */
-export function extractKeysFromHandshakePayload(payload) {
-    const decoded = decodeUnifiedPubKeys(payload.unifiedPubKeys);
-    if (!decoded)
-        return null;
-    return {
-        identityPubKey: decoded.identityPubKey,
-        signingPubKey: decoded.signingPubKey,
-        ephemeralPubKey: payload.ephemeralPubKey
     };
 }
 /**

package/dist/src/pq/kem.d.ts ADDED Viewed

@@ -0,0 +1,33 @@
+export declare const kem: {
+    publicKeyBytes: number;
+    ciphertextBytes: number;
+    sharedSecretBytes: number;
+    /**
+     * Generate a new ML-KEM-768 keypair.
+     *
+     * @returns Object containing publicKey and secretKey
+     */
+    generateKeyPair(): {
+        publicKey: Uint8Array;
+        secretKey: Uint8Array;
+    };
+    /**
+     * Encapsulate a shared secret using the recipient's public key.
+     *
+     * @param publicKey - Recipient's ML-KEM-768 public key
+     * @returns Object containing ciphertext and sharedSecret
+     */
+    encapsulate(publicKey: Uint8Array): {
+        ciphertext: Uint8Array;
+        sharedSecret: Uint8Array;
+    };
+    /**
+     * Decapsulate a ciphertext using the secret key to recover the shared secret.
+     *
+     * @param ciphertext - KEM ciphertext
+     * @param secretKey - Recipient's ML-KEM-768 secret key
+     * @returns Shared secret
+     */
+    decapsulate(ciphertext: Uint8Array, secretKey: Uint8Array): Uint8Array;
+};
+//# sourceMappingURL=kem.d.ts.map

package/dist/src/pq/kem.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"kem.d.ts","sourceRoot":"","sources":["../../../src/pq/kem.ts"],"names":[],"mappings":"AAUA,eAAO,MAAM,GAAG;;;;IAKd;;;;OAIG;uBACgB;QAAE,SAAS,EAAE,UAAU,CAAC;QAAC,SAAS,EAAE,UAAU,CAAA;KAAE;IAInE;;;;;OAKG;2BACoB,UAAU,GAAG;QAAE,UAAU,EAAE,UAAU,CAAC;QAAC,YAAY,EAAE,UAAU,CAAA;KAAE;IAKxF;;;;;;OAMG;4BACqB,UAAU,aAAa,UAAU,GAAG,UAAU;CAGvE,CAAC"}

package/dist/src/pq/kem.js ADDED Viewed

@@ -0,0 +1,40 @@
+// packages/sdk/src/pq/kem.ts
+/**
+ * ML-KEM-768 Key Encapsulation Mechanism wrapper.
+ *
+ * Provides post-quantum key encapsulation for hybrid handshakes.
+ */
+import { ml_kem768 } from '@noble/post-quantum/ml-kem.js';
+export const kem = {
+    publicKeyBytes: 1184, // in bytes
+    ciphertextBytes: 1088,
+    sharedSecretBytes: 32,
+    /**
+     * Generate a new ML-KEM-768 keypair.
+     *
+     * @returns Object containing publicKey and secretKey
+     */
+    generateKeyPair() {
+        return ml_kem768.keygen();
+    },
+    /**
+     * Encapsulate a shared secret using the recipient's public key.
+     *
+     * @param publicKey - Recipient's ML-KEM-768 public key
+     * @returns Object containing ciphertext and sharedSecret
+     */
+    encapsulate(publicKey) {
+        const result = ml_kem768.encapsulate(publicKey);
+        return { ciphertext: result.cipherText, sharedSecret: result.sharedSecret };
+    },
+    /**
+     * Decapsulate a ciphertext using the secret key to recover the shared secret.
+     *
+     * @param ciphertext - KEM ciphertext
+     * @param secretKey - Recipient's ML-KEM-768 secret key
+     * @returns Shared secret
+     */
+    decapsulate(ciphertext, secretKey) {
+        return ml_kem768.decapsulate(ciphertext, secretKey);
+    }
+};

package/dist/src/ratchet/auth.d.ts ADDED Viewed

@@ -0,0 +1,34 @@
+import { MessageHeader } from './types.js';
+/**
+ * Verify message signature before any ratchet operations.
+ * This is the primary DoS protection layer.
+ *
+ * The signature covers (header || ciphertext), where header is the 40-byte
+ * binary encoding of (dh, pn, n).
+ *
+ * @param signature - Ed25519 signature (64 bytes)
+ * @param header - Message header
+ * @param ciphertext - Encrypted payload
+ * @param signingPublicKey - Contact's Ed25519 public key (32 bytes)
+ * @returns true if signature is valid
+ */
+export declare function verifyMessageSignature(signature: Uint8Array, header: MessageHeader, ciphertext: Uint8Array, signingPublicKey: Uint8Array): boolean;
+/**
+ * Create Ed25519 signature for a message.
+ *
+ * @param header - Message header
+ * @param ciphertext - Encrypted payload
+ * @param signingSecretKey - Ed25519 secret key (64 bytes)
+ * @returns Ed25519 signature (64 bytes)
+ */
+export declare function signMessage(header: MessageHeader, ciphertext: Uint8Array, signingSecretKey: Uint8Array): Uint8Array;
+/**
+ * Validate that a parsed payload has a well-formed signature and header.
+ * Does NOT verify the signature - just checks lengths and format.
+ *
+ * @param signature - Signature bytes
+ * @param header - Parsed header
+ * @returns true if format is valid
+ */
+export declare function isValidPayloadFormat(signature: Uint8Array, header: MessageHeader): boolean;
+//# sourceMappingURL=auth.d.ts.map

package/dist/src/ratchet/auth.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../../src/ratchet/auth.ts"],"names":[],"mappings":"AAOA,OAAO,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAM3C;;;;;;;;;;;;GAYG;AACH,wBAAgB,sBAAsB,CACpC,SAAS,EAAE,UAAU,EACrB,MAAM,EAAE,aAAa,EACrB,UAAU,EAAE,UAAU,EACtB,gBAAgB,EAAE,UAAU,GAC3B,OAAO,CAmBT;AAkBD;;;;;;;GAOG;AACH,wBAAgB,WAAW,CACzB,MAAM,EAAE,aAAa,EACrB,UAAU,EAAE,UAAU,EACtB,gBAAgB,EAAE,UAAU,GAC3B,UAAU,CAOZ;AAMD;;;;;;;GAOG;AACH,wBAAgB,oBAAoB,CAClC,SAAS,EAAE,UAAU,EACrB,MAAM,EAAE,aAAa,GACpB,OAAO,CAST"}

package/dist/src/ratchet/auth.js ADDED Viewed

@@ -0,0 +1,88 @@
+// packages/sdk/src/ratchet/auth.ts
+/**
+ * Message Authentication for Ratchet Protocol.
+ */
+import nacl from 'tweetnacl';
+// =============================================================================
+// Signature Verification
+// =============================================================================
+/**
+ * Verify message signature before any ratchet operations.
+ * This is the primary DoS protection layer.
+ *
+ * The signature covers (header || ciphertext), where header is the 40-byte
+ * binary encoding of (dh, pn, n).
+ *
+ * @param signature - Ed25519 signature (64 bytes)
+ * @param header - Message header
+ * @param ciphertext - Encrypted payload
+ * @param signingPublicKey - Contact's Ed25519 public key (32 bytes)
+ * @returns true if signature is valid
+ */
+export function verifyMessageSignature(signature, header, ciphertext, signingPublicKey) {
+    if (signature.length !== 64) {
+        return false;
+    }
+    if (signingPublicKey.length !== 32) {
+        return false;
+    }
+    // Reconstruct signed data: header || ciphertext
+    const headerBytes = encodeHeaderForSigning(header);
+    const dataToVerify = new Uint8Array(headerBytes.length + ciphertext.length);
+    dataToVerify.set(headerBytes, 0);
+    dataToVerify.set(ciphertext, headerBytes.length);
+    try {
+        return nacl.sign.detached.verify(dataToVerify, signature, signingPublicKey);
+    }
+    catch {
+        return false;
+    }
+}
+/**
+ * Encode header as 40 bytes for signature verification.
+ * Format: dh (32) + pn (4, BE) + n (4, BE)
+ */
+function encodeHeaderForSigning(header) {
+    const buf = new Uint8Array(40);
+    buf.set(header.dh, 0);
+    new DataView(buf.buffer).setUint32(32, header.pn, false); // big-endian
+    new DataView(buf.buffer).setUint32(36, header.n, false);
+    return buf;
+}
+// =============================================================================
+// Signature Creation
+// =============================================================================
+/**
+ * Create Ed25519 signature for a message.
+ *
+ * @param header - Message header
+ * @param ciphertext - Encrypted payload
+ * @param signingSecretKey - Ed25519 secret key (64 bytes)
+ * @returns Ed25519 signature (64 bytes)
+ */
+export function signMessage(header, ciphertext, signingSecretKey) {
+    const headerBytes = encodeHeaderForSigning(header);
+    const dataToSign = new Uint8Array(headerBytes.length + ciphertext.length);
+    dataToSign.set(headerBytes, 0);
+    dataToSign.set(ciphertext, headerBytes.length);
+    return nacl.sign.detached(dataToSign, signingSecretKey);
+}
+// =============================================================================
+// Validation Helpers
+// =============================================================================
+/**
+ * Validate that a parsed payload has a well-formed signature and header.
+ * Does NOT verify the signature - just checks lengths and format.
+ *
+ * @param signature - Signature bytes
+ * @param header - Parsed header
+ * @returns true if format is valid
+ */
+export function isValidPayloadFormat(signature, header) {
+    return (signature.length === 64 &&
+        header.dh.length === 32 &&
+        header.pn >= 0 &&
+        header.n >= 0 &&
+        Number.isInteger(header.pn) &&
+        Number.isInteger(header.n));
+}