@verbeth/sdk 0.1.4

package/dist/esm/src/crypto.js

@@ -0,0 +1,137 @@
+// packages/sdk/src/crypto.ts
+import nacl from 'tweetnacl';
+import { keccak256, toUtf8Bytes, dataSlice } from 'ethers';
+import { sha256 } from '@noble/hashes/sha2';
+import { hkdf } from '@noble/hashes/hkdf';
+import { encodePayload, decodePayload, encodeStructuredContent, decodeStructuredContent, extractKeysFromHandshakeResponse } from './payload.js';
+/**
+ * Encrypts a structured payload (JSON-serializable objects)
+ */
+export function encryptStructuredPayload(payload, recipientPublicKey, ephemeralSecretKey, ephemeralPublicKey, staticSigningSecretKey, staticSigningPublicKey) {
+    // encode payload as binary JSON
+    const plaintext = encodeStructuredContent(payload);
+    const nonce = nacl.randomBytes(nacl.box.nonceLength);
+    const box = nacl.box(plaintext, nonce, recipientPublicKey, ephemeralSecretKey);
+    let sig;
+    if (staticSigningSecretKey && staticSigningPublicKey) {
+        const dataToSign = Buffer.concat([ephemeralPublicKey, nonce, box]);
+        sig = nacl.sign.detached(dataToSign, staticSigningSecretKey);
+    }
+    return encodePayload(ephemeralPublicKey, nonce, box, sig);
+}
+/**
+ * Decrypts a structured payload with converter function
+ */
+export function decryptStructuredPayload(payloadJson, recipientSecretKey, converter, staticSigningPublicKey) {
+    const { epk, nonce, ciphertext, sig } = decodePayload(payloadJson);
+    if (sig && staticSigningPublicKey) {
+        const dataToVerify = Buffer.concat([epk, nonce, ciphertext]);
+        const valid = nacl.sign.detached.verify(dataToVerify, sig, staticSigningPublicKey);
+        if (!valid)
+            return null;
+    }
+    const box = nacl.box.open(ciphertext, nonce, epk, recipientSecretKey);
+    if (!box)
+        return null;
+    return decodeStructuredContent(box, converter);
+}
+//  wrappers for encrypting and decrypting messages
+export function encryptMessage(message, recipientPublicKey, ephemeralSecretKey, ephemeralPublicKey, staticSigningSecretKey, staticSigningPublicKey) {
+    const payload = { content: message };
+    return encryptStructuredPayload(payload, recipientPublicKey, ephemeralSecretKey, ephemeralPublicKey, staticSigningSecretKey, staticSigningPublicKey);
+}
+export function decryptMessage(payloadJson, recipientSecretKey, staticSigningPublicKey) {
+    const result = decryptStructuredPayload(payloadJson, recipientSecretKey, (obj) => obj, staticSigningPublicKey);
+    return result ? result.content : null;
+}
+/**
+ * Decrypts handshake response and extracts individual keys from unified format
+ */
+export function decryptHandshakeResponse(payloadJson, initiatorEphemeralSecretKey) {
+    return decryptStructuredPayload(payloadJson, initiatorEphemeralSecretKey, (obj) => {
+        if (!obj.identityProof) {
+            throw new Error("Invalid handshake response: missing identityProof");
+        }
+        return {
+            unifiedPubKeys: Uint8Array.from(Buffer.from(obj.unifiedPubKeys, 'base64')),
+            ephemeralPubKey: Uint8Array.from(Buffer.from(obj.ephemeralPubKey, 'base64')),
+            note: obj.note,
+            identityProof: obj.identityProof
+        };
+    });
+}
+/**
+ * helper to decrypt handshake response and extract individual keys
+ */
+export function decryptAndExtractHandshakeKeys(payloadJson, initiatorEphemeralSecretKey) {
+    const decrypted = decryptHandshakeResponse(payloadJson, initiatorEphemeralSecretKey);
+    if (!decrypted)
+        return null;
+    const extracted = extractKeysFromHandshakeResponse(decrypted);
+    if (!extracted)
+        return null;
+    return {
+        identityPubKey: extracted.identityPubKey,
+        signingPubKey: extracted.signingPubKey,
+        ephemeralPubKey: extracted.ephemeralPubKey,
+        note: decrypted.note,
+        identityProof: decrypted.identityProof
+    };
+}
+/**
+ * HKDF(sha256) on shared secret, info="verbeth:hsr", then Keccak-256 -> bytes32 (0x...)
+ */
+function finalizeHsrTag(shared) {
+    const okm = hkdf(sha256, shared, new Uint8Array(0), toUtf8Bytes("verbeth:hsr"), 32);
+    return keccak256(okm);
+}
+/**
+ * Responder: tag = H( KDF( ECDH(r, viewPubA), "verbeth:hsr"))
+ */
+export function computeTagFromResponder(rSecretKey, viewPubA) {
+    const shared = nacl.scalarMult(rSecretKey, viewPubA);
+    return finalizeHsrTag(shared);
+}
+/**
+ * Initiator: tag = H( KDF( ECDH(viewPrivA, R), "verbeth:hsr"))
+ */
+export function computeTagFromInitiator(viewPrivA, R) {
+    const shared = nacl.scalarMult(viewPrivA, R);
+    return finalizeHsrTag(shared);
+}
+/**
+ * Derives a bytes32 topic from the shared secret via HKDF(SHA256) + Keccak-256.
+ * - info: domain separation (e.g., "verbeth:topic-out:v1")
+ * - salt: recommended to use a tag as salt (stable and shareable)
+ */
+function deriveTopic(shared, info, salt) {
+    const okm = hkdf(sha256, shared, salt ?? new Uint8Array(0), new TextEncoder().encode(info), 32);
+    return keccak256(okm);
+}
+export function deriveLongTermShared(myIdentitySecretKey, theirIdentityPublicKey) {
+    return nacl.scalarMult(myIdentitySecretKey, theirIdentityPublicKey);
+}
+/**
+ * Directional duplex topics (Initiator-Responder, Responder-Initiator).
+ * Recommended salt: tag (bytes)
+ */
+export function deriveDuplexTopics(myIdentitySecretKey, theirIdentityPublicKey, salt) {
+    const shared = deriveLongTermShared(myIdentitySecretKey, theirIdentityPublicKey);
+    const topicOut = deriveTopic(shared, "verbeth:topic-out:v1", salt);
+    const topicIn = deriveTopic(shared, "verbeth:topic-in:v1", salt);
+    const chkFull = keccak256(Buffer.concat([
+        toUtf8Bytes("verbeth:topic-chk:v1"),
+        Buffer.from(topicOut.slice(2), 'hex'),
+        Buffer.from(topicIn.slice(2), 'hex'),
+    ]));
+    const checksum = dataSlice(chkFull, 8);
+    return { topicOut, topicIn, checksum };
+}
+export function verifyDuplexTopicsChecksum(topicOut, topicIn, checksum) {
+    const chkFull = keccak256(Buffer.concat([
+        toUtf8Bytes("verbeth:topic-chk:v1"),
+        Buffer.from(topicOut.slice(2), 'hex'),
+        Buffer.from(topicIn.slice(2), 'hex'),
+    ]));
+    return dataSlice(chkFull, 8) === checksum;
+}

package/dist/esm/src/executor.d.ts

@@ -0,0 +1,73 @@
+import { Signer, Contract, BaseContract } from "ethers";
+import type { LogChainV1 } from "@verbeth/contracts/typechain-types";
+export declare function split128x128(word: bigint): readonly [bigint, bigint];
+export interface IExecutor {
+    sendMessage(ciphertext: Uint8Array, topic: string, timestamp: number, nonce: bigint): Promise<any>;
+    initiateHandshake(recipientHash: string, pubKeys: string, ephemeralPubKey: string, plaintextPayload: Uint8Array): Promise<any>;
+    respondToHandshake(inResponseTo: string, responderEphemeralR: string, ciphertext: Uint8Array): Promise<any>;
+}
+export declare class EOAExecutor implements IExecutor {
+    private contract;
+    constructor(contract: LogChainV1);
+    sendMessage(ciphertext: Uint8Array, topic: string, timestamp: number, nonce: bigint): Promise<any>;
+    initiateHandshake(recipientHash: string, pubKeys: string, ephemeralPubKey: string, plaintextPayload: Uint8Array): Promise<any>;
+    respondToHandshake(inResponseTo: string, responderEphemeralR: string, ciphertext: Uint8Array): Promise<any>;
+}
+export declare class BaseSmartAccountExecutor implements IExecutor {
+    private baseAccountProvider;
+    private logChainAddress;
+    private paymasterServiceUrl?;
+    private subAccountAddress?;
+    private logChainInterface;
+    private chainId;
+    constructor(baseAccountProvider: any, logChainAddress: string, chainId?: number, // Base mainnet by default
+    paymasterServiceUrl?: string | undefined, subAccountAddress?: string | undefined);
+    sendMessage(ciphertext: Uint8Array, topic: string, timestamp: number, nonce: bigint): Promise<any>;
+    initiateHandshake(recipientHash: string, pubKeys: string, ephemeralPubKey: string, plaintextPayload: Uint8Array): Promise<any>;
+    respondToHandshake(inResponseTo: string, responderEphemeralR: string, ciphertext: Uint8Array): Promise<any>;
+    private executeCalls;
+}
+export declare class UserOpExecutor implements IExecutor {
+    private smartAccountAddress;
+    private logChainAddress;
+    private bundlerClient;
+    private smartAccountClient;
+    private logChainInterface;
+    private smartAccountInterface;
+    constructor(smartAccountAddress: string, logChainAddress: string, bundlerClient: any, smartAccountClient: any);
+    sendMessage(ciphertext: Uint8Array, topic: string, timestamp: number, nonce: bigint): Promise<any>;
+    initiateHandshake(recipientHash: string, pubKeys: string, ephemeralPubKey: string, plaintextPayload: Uint8Array): Promise<any>;
+    respondToHandshake(inResponseTo: string, responderEphemeralR: string, ciphertext: Uint8Array): Promise<any>;
+    private executeUserOp;
+}
+export declare class DirectEntryPointExecutor implements IExecutor {
+    private smartAccountAddress;
+    private logChainAddress;
+    private smartAccountClient;
+    private signer;
+    private logChainInterface;
+    private smartAccountInterface;
+    private entryPointContract;
+    private spec;
+    constructor(smartAccountAddress: string, entryPointContract: Contract | BaseContract, logChainAddress: string, smartAccountClient: any, signer: Signer);
+    sendMessage(ciphertext: Uint8Array, topic: string, timestamp: number, nonce: bigint): Promise<any>;
+    initiateHandshake(recipientHash: string, pubKeys: string, ephemeralPubKey: string, plaintextPayload: Uint8Array): Promise<any>;
+    respondToHandshake(inResponseTo: string, responderEphemeralR: string, ciphertext: Uint8Array): Promise<any>;
+    private executeDirectUserOp;
+}
+export declare class ExecutorFactory {
+    static createEOA(contract: LogChainV1): IExecutor;
+    static createBaseSmartAccount(baseAccountProvider: any, logChainAddress: string, chainId?: number, paymasterServiceUrl?: string, subAccountAddress?: string): IExecutor;
+    static createUserOp(smartAccountAddress: string, _entryPointAddress: string, logChainAddress: string, bundlerClient: any, smartAccountClient: any): IExecutor;
+    static createDirectEntryPoint(smartAccountAddress: string, entryPointContract: Contract | BaseContract, logChainAddress: string, smartAccountClient: any, signer: Signer): IExecutor;
+    static createAuto(signerOrAccount: any, contract: LogChainV1, options?: {
+        entryPointAddress?: string;
+        entryPointContract?: Contract | BaseContract;
+        logChainAddress?: string;
+        bundlerClient?: any;
+        baseAccountProvider?: any;
+        chainId?: number;
+        isTestEnvironment?: boolean;
+    }): Promise<IExecutor>;
+}
+//# sourceMappingURL=executor.d.ts.map

package/dist/esm/src/executor.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"executor.d.ts","sourceRoot":"","sources":["../../../src/executor.ts"],"names":[],"mappings":"AAEA,OAAO,EACL,MAAM,EACN,QAAQ,EAER,YAAY,EAGb,MAAM,QAAQ,CAAC;AAOhB,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,oCAAoC,CAAC;AAOrE,wBAAgB,YAAY,CAAC,IAAI,EAAE,MAAM,GAAG,SAAS,CAAC,MAAM,EAAE,MAAM,CAAC,CAGpE;AA0BD,MAAM,WAAW,SAAS;IACxB,WAAW,CACT,UAAU,EAAE,UAAU,EACtB,KAAK,EAAE,MAAM,EACb,SAAS,EAAE,MAAM,EACjB,KAAK,EAAE,MAAM,GACZ,OAAO,CAAC,GAAG,CAAC,CAAC;IAEhB,iBAAiB,CACf,aAAa,EAAE,MAAM,EACrB,OAAO,EAAE,MAAM,EACf,eAAe,EAAE,MAAM,EACvB,gBAAgB,EAAE,UAAU,GAC3B,OAAO,CAAC,GAAG,CAAC,CAAC;IAEhB,kBAAkB,CAChB,YAAY,EAAE,MAAM,EACpB,mBAAmB,EAAE,MAAM,EAC3B,UAAU,EAAE,UAAU,GACrB,OAAO,CAAC,GAAG,CAAC,CAAC;CACjB;AAGD,qBAAa,WAAY,YAAW,SAAS;IAC/B,OAAO,CAAC,QAAQ;gBAAR,QAAQ,EAAE,UAAU;IAElC,WAAW,CACf,UAAU,EAAE,UAAU,EACtB,KAAK,EAAE,MAAM,EACb,SAAS,EAAE,MAAM,EACjB,KAAK,EAAE,MAAM,GACZ,OAAO,CAAC,GAAG,CAAC;IAIT,iBAAiB,CACrB,aAAa,EAAE,MAAM,EACrB,OAAO,EAAE,MAAM,EACf,eAAe,EAAE,MAAM,EACvB,gBAAgB,EAAE,UAAU,GAC3B,OAAO,CAAC,GAAG,CAAC;IAST,kBAAkB,CACtB,YAAY,EAAE,MAAM,EACpB,mBAAmB,EAAE,MAAM,EAC3B,UAAU,EAAE,UAAU,GACrB,OAAO,CAAC,GAAG,CAAC;CAGhB;AAGD,qBAAa,wBAAyB,YAAW,SAAS;IAKtD,OAAO,CAAC,mBAAmB;IAC3B,OAAO,CAAC,eAAe;IAEvB,OAAO,CAAC,mBAAmB,CAAC;IAC5B,OAAO,CAAC,iBAAiB,CAAC;IAR5B,OAAO,CAAC,iBAAiB,CAAY;IACrC,OAAO,CAAC,OAAO,CAAS;gBAGd,mBAAmB,EAAE,GAAG,EACxB,eAAe,EAAE,MAAM,EAC/B,OAAO,SAAO,EAAE,0BAA0B;IAClC,mBAAmB,CAAC,EAAE,MAAM,YAAA,EAC5B,iBAAiB,CAAC,EAAE,MAAM,YAAA;IAiB9B,WAAW,CACf,UAAU,EAAE,UAAU,EACtB,KAAK,EAAE,MAAM,EACb,SAAS,EAAE,MAAM,EACjB,KAAK,EAAE,MAAM,GACZ,OAAO,CAAC,GAAG,CAAC;IAiBT,iBAAiB,CACrB,aAAa,EAAE,MAAM,EACrB,OAAO,EAAE,MAAM,EACf,eAAe,EAAE,MAAM,EACvB,gBAAgB,EAAE,UAAU,GAC3B,OAAO,CAAC,GAAG,CAAC;IAeT,kBAAkB,CACtB,YAAY,EAAE,MAAM,EACpB,mBAAmB,EAAE,MAAM,EAC3B,UAAU,EAAE,UAAU,GACrB,OAAO,CAAC,GAAG,CAAC;YAeD,YAAY;CAkD3B;AAGD,qBAAa,cAAe,YAAW,SAAS;IAK5C,OAAO,CAAC,mBAAmB;IAC3B,OAAO,CAAC,eAAe;IACvB,OAAO,CAAC,aAAa;IACrB,OAAO,CAAC,kBAAkB;IAP5B,OAAO,CAAC,iBAAiB,CAAY;IACrC,OAAO,CAAC,qBAAqB,CAAY;gBAG/B,mBAAmB,EAAE,MAAM,EAC3B,eAAe,EAAE,MAAM,EACvB,aAAa,EAAE,GAAG,EAClB,kBAAkB,EAAE,GAAG;IAc3B,WAAW,CACf,UAAU,EAAE,UAAU,EACtB,KAAK,EAAE,MAAM,EACb,SAAS,EAAE,MAAM,EACjB,KAAK,EAAE,MAAM,GACZ,OAAO,CAAC,GAAG,CAAC;IAkBT,iBAAiB,CACrB,aAAa,EAAE,MAAM,EACrB,OAAO,EAAE,MAAM,EACf,eAAe,EAAE,MAAM,EACvB,gBAAgB,EAAE,UAAU,GAC3B,OAAO,CAAC,GAAG,CAAC;IAkBT,kBAAkB,CACtB,YAAY,EAAE,MAAM,EACpB,mBAAmB,EAAE,MAAM,EAC3B,UAAU,EAAE,UAAU,GACrB,OAAO,CAAC,GAAG,CAAC;YAkBD,aAAa;CA8B5B;AAGD,qBAAa,wBAAyB,YAAW,SAAS;IAOtD,OAAO,CAAC,mBAAmB;IAE3B,OAAO,CAAC,eAAe;IACvB,OAAO,CAAC,kBAAkB;IAC1B,OAAO,CAAC,MAAM;IAVhB,OAAO,CAAC,iBAAiB,CAAY;IACrC,OAAO,CAAC,qBAAqB,CAAY;IACzC,OAAO,CAAC,kBAAkB,CAAW;IACrC,OAAO,CAAC,IAAI,CAAgB;gBAGlB,mBAAmB,EAAE,MAAM,EACnC,kBAAkB,EAAE,QAAQ,GAAG,YAAY,EACnC,eAAe,EAAE,MAAM,EACvB,kBAAkB,EAAE,GAAG,EACvB,MAAM,EAAE,MAAM;IAiBlB,WAAW,CACf,UAAU,EAAE,UAAU,EACtB,KAAK,EAAE,MAAM,EACb,SAAS,EAAE,MAAM,EACjB,KAAK,EAAE,MAAM,GACZ,OAAO,CAAC,GAAG,CAAC;IAkBT,iBAAiB,CACrB,aAAa,EAAE,MAAM,EACrB,OAAO,EAAE,MAAM,EACf,eAAe,EAAE,MAAM,EACvB,gBAAgB,EAAE,UAAU,GAC3B,OAAO,CAAC,GAAG,CAAC;IAkBT,kBAAkB,CACtB,YAAY,EAAE,MAAM,EACpB,mBAAmB,EAAE,MAAM,EAC3B,UAAU,EAAE,UAAU,GACrB,OAAO,CAAC,GAAG,CAAC;YAkBD,mBAAmB;CAoDlC;AAED,qBAAa,eAAe;IAC1B,MAAM,CAAC,SAAS,CAAC,QAAQ,EAAE,UAAU,GAAG,SAAS;IAIjD,MAAM,CAAC,sBAAsB,CAC3B,mBAAmB,EAAE,GAAG,EACxB,eAAe,EAAE,MAAM,EACvB,OAAO,SAAO,EACd,mBAAmB,CAAC,EAAE,MAAM,EAC5B,iBAAiB,CAAC,EAAE,MAAM,GACzB,SAAS;IAUZ,MAAM,CAAC,YAAY,CACjB,mBAAmB,EAAE,MAAM,EAC3B,kBAAkB,EAAE,MAAM,EAC1B,eAAe,EAAE,MAAM,EACvB,aAAa,EAAE,GAAG,EAClB,kBAAkB,EAAE,GAAG,GACtB,SAAS;IASZ,MAAM,CAAC,sBAAsB,CAC3B,mBAAmB,EAAE,MAAM,EAC3B,kBAAkB,EAAE,QAAQ,GAAG,YAAY,EAC3C,eAAe,EAAE,MAAM,EACvB,kBAAkB,EAAE,GAAG,EACvB,MAAM,EAAE,MAAM,GACb,SAAS;WAWC,UAAU,CACrB,eAAe,EAAE,GAAG,EACpB,QAAQ,EAAE,UAAU,EACpB,OAAO,CAAC,EAAE;QACR,iBAAiB,CAAC,EAAE,MAAM,CAAC;QAC3B,kBAAkB,CAAC,EAAE,QAAQ,GAAG,YAAY,CAAC;QAC7C,eAAe,CAAC,EAAE,MAAM,CAAC;QACzB,aAAa,CAAC,EAAE,GAAG,CAAC;QACpB,mBAAmB,CAAC,EAAE,GAAG,CAAC;QAC1B,OAAO,CAAC,EAAE,MAAM,CAAC;QACjB,iBAAiB,CAAC,EAAE,OAAO,CAAC;KAC7B,GACA,OAAO,CAAC,SAAS,CAAC;CAkEtB"}

package/dist/esm/src/executor.js

@@ -0,0 +1,353 @@
+// packages/sdk/src/executor.ts
+import { Interface, toBeHex, zeroPadValue, } from "ethers";
+function pack128x128(high, low) {
+    return (high << 128n) | (low & ((1n << 128n) - 1n));
+}
+// Unpack a packed 256-bit value into two 128-bit values
+export function split128x128(word) {
+    const lowMask = (1n << 128n) - 1n;
+    return [word >> 128n, word & lowMask];
+}
+/* -------------------------------------------------------------------------- */
+/*    Helpers for compatibility between AA spec v0.6 and v0.7                 */
+/* -------------------------------------------------------------------------- */
+const detectSpecVersion = (iface) => {
+    try {
+        iface.getFunction("getAccountGasLimits");
+        return "v0.7";
+    }
+    catch {
+        return "v0.6";
+    }
+};
+// transforms all bigints into padded bytes32 (uint256)
+const padBigints = (op) => {
+    const out = { ...op };
+    for (const [k, v] of Object.entries(out)) {
+        if (typeof v === "bigint") {
+            out[k] = zeroPadValue(toBeHex(v), 32);
+        }
+    }
+    return out;
+};
+// EOA Executor - Direct contract calls via wallet signer
+export class EOAExecutor {
+    constructor(contract) {
+        this.contract = contract;
+    }
+    async sendMessage(ciphertext, topic, timestamp, nonce) {
+        return this.contract.sendMessage(ciphertext, topic, timestamp, nonce);
+    }
+    async initiateHandshake(recipientHash, pubKeys, ephemeralPubKey, plaintextPayload) {
+        return this.contract.initiateHandshake(recipientHash, pubKeys, ephemeralPubKey, plaintextPayload);
+    }
+    async respondToHandshake(inResponseTo, responderEphemeralR, ciphertext) {
+        return this.contract.respondToHandshake(inResponseTo, responderEphemeralR, ciphertext);
+    }
+}
+// Base Smart Account Executor - Uses wallet_sendCalls for sponsored transactions
+export class BaseSmartAccountExecutor {
+    constructor(baseAccountProvider, logChainAddress, chainId = 8453, // Base mainnet by default
+    paymasterServiceUrl, subAccountAddress) {
+        this.baseAccountProvider = baseAccountProvider;
+        this.logChainAddress = logChainAddress;
+        this.paymasterServiceUrl = paymasterServiceUrl;
+        this.subAccountAddress = subAccountAddress;
+        this.logChainInterface = new Interface([
+            "function sendMessage(bytes calldata ciphertext, bytes32 topic, uint256 timestamp, uint256 nonce)",
+            "function initiateHandshake(bytes32 recipientHash, bytes pubKeys, bytes ephemeralPubKey, bytes plaintextPayload)",
+            "function respondToHandshake(bytes32 inResponseTo, bytes32 responderEphemeralR, bytes ciphertext)",
+        ]);
+        // Convert chainId to hex
+        this.chainId =
+            chainId === 8453
+                ? "0x2105" // Base mainnet
+                : chainId === 84532
+                    ? "0x14a34" // Base Sepolia
+                    : `0x${chainId.toString(16)}`;
+    }
+    async sendMessage(ciphertext, topic, timestamp, nonce) {
+        const callData = this.logChainInterface.encodeFunctionData("sendMessage", [
+            ciphertext,
+            topic,
+            timestamp,
+            nonce,
+        ]);
+        return this.executeCalls([
+            {
+                to: this.logChainAddress,
+                value: "0x0",
+                data: callData,
+            },
+        ]);
+    }
+    async initiateHandshake(recipientHash, pubKeys, ephemeralPubKey, plaintextPayload) {
+        const callData = this.logChainInterface.encodeFunctionData("initiateHandshake", [recipientHash, pubKeys, ephemeralPubKey, plaintextPayload]);
+        return this.executeCalls([
+            {
+                to: this.logChainAddress,
+                value: "0x0",
+                data: callData,
+            },
+        ]);
+    }
+    async respondToHandshake(inResponseTo, responderEphemeralR, ciphertext) {
+        const callData = this.logChainInterface.encodeFunctionData("respondToHandshake", [inResponseTo, responderEphemeralR, ciphertext]);
+        return this.executeCalls([
+            {
+                to: this.logChainAddress,
+                value: "0x0",
+                data: callData,
+            },
+        ]);
+    }
+    async executeCalls(calls) {
+        try {
+            //console.log("DEBUG: Sub account address:", this.subAccountAddress);
+            const requestParams = {
+                version: "1.0",
+                chainId: this.chainId,
+                calls,
+            };
+            //** WORK IN PROGRESS */
+            if (this.subAccountAddress) {
+                requestParams.from = this.subAccountAddress;
+                //console.log("DEBUG: Using sub account for transaction");
+            }
+            if (this.paymasterServiceUrl) {
+                requestParams.capabilities = {
+                    paymasterService: {
+                        url: this.paymasterServiceUrl,
+                    },
+                };
+                //console.log("DEBUG: Using paymaster for gas sponsorship");
+            }
+            //console.log("DEBUG: Request params:", requestParams);
+            const result = await this.baseAccountProvider.request({
+                method: "wallet_sendCalls",
+                params: [requestParams],
+            });
+            // first 32 bytes are the actual userop hash
+            if (typeof result === "string" &&
+                result.startsWith("0x") &&
+                result.length > 66) {
+                const actualTxHash = "0x" + result.slice(2, 66); // Extract first 32 bytes
+                //console.log("DEBUG: extracted tx hash:", actualTxHash);
+                return { hash: actualTxHash };
+            }
+            return result;
+        }
+        catch (error) {
+            console.error("Base Smart Account transaction failed:", error);
+            throw error;
+        }
+    }
+}
+// UserOp Executor - Account Abstraction via bundler
+export class UserOpExecutor {
+    constructor(smartAccountAddress, logChainAddress, bundlerClient, smartAccountClient) {
+        this.smartAccountAddress = smartAccountAddress;
+        this.logChainAddress = logChainAddress;
+        this.bundlerClient = bundlerClient;
+        this.smartAccountClient = smartAccountClient;
+        this.logChainInterface = new Interface([
+            "function sendMessage(bytes calldata ciphertext, bytes32 topic, uint256 timestamp, uint256 nonce)",
+            "function initiateHandshake(bytes32 recipientHash, bytes pubKeys, bytes ephemeralPubKey, bytes plaintextPayload)",
+            "function respondToHandshake(bytes32 inResponseTo, bytes32 responderEphemeralR, bytes ciphertext)",
+        ]);
+        // Smart account interface for executing calls to other contracts
+        this.smartAccountInterface = new Interface([
+            "function execute(address target, uint256 value, bytes calldata data) returns (bytes)",
+        ]);
+    }
+    async sendMessage(ciphertext, topic, timestamp, nonce) {
+        const logChainCallData = this.logChainInterface.encodeFunctionData("sendMessage", [ciphertext, topic, timestamp, nonce]);
+        const smartAccountCallData = this.smartAccountInterface.encodeFunctionData("execute", [
+            this.logChainAddress,
+            0, // value
+            logChainCallData,
+        ]);
+        return this.executeUserOp(smartAccountCallData);
+    }
+    async initiateHandshake(recipientHash, pubKeys, ephemeralPubKey, plaintextPayload) {
+        const logChainCallData = this.logChainInterface.encodeFunctionData("initiateHandshake", [recipientHash, pubKeys, ephemeralPubKey, plaintextPayload]);
+        const smartAccountCallData = this.smartAccountInterface.encodeFunctionData("execute", [
+            this.logChainAddress,
+            0, // value
+            logChainCallData,
+        ]);
+        return this.executeUserOp(smartAccountCallData);
+    }
+    async respondToHandshake(inResponseTo, responderEphemeralR, ciphertext) {
+        const logChainCallData = this.logChainInterface.encodeFunctionData("respondToHandshake", [inResponseTo, responderEphemeralR, ciphertext]);
+        const smartAccountCallData = this.smartAccountInterface.encodeFunctionData("execute", [
+            this.logChainAddress,
+            0, // value
+            logChainCallData,
+        ]);
+        return this.executeUserOp(smartAccountCallData);
+    }
+    async executeUserOp(callData) {
+        const callGasLimit = 1000000n;
+        const verificationGasLimit = 1000000n;
+        const maxFeePerGas = 1000000000n;
+        const maxPriorityFeePerGas = 1000000000n;
+        const userOp = {
+            sender: this.smartAccountAddress,
+            nonce: await this.smartAccountClient.getNonce(),
+            initCode: "0x", // No init code for existing accounts
+            callData,
+            accountGasLimits: pack128x128(verificationGasLimit, callGasLimit),
+            preVerificationGas: 100000n,
+            gasFees: pack128x128(maxFeePerGas, maxPriorityFeePerGas),
+            paymasterAndData: "0x",
+            signature: "0x",
+        };
+        const signedUserOp = await this.smartAccountClient.signUserOperation(userOp);
+        const userOpHash = await this.bundlerClient.sendUserOperation(signedUserOp);
+        const receipt = await this.bundlerClient.waitForUserOperationReceipt(userOpHash);
+        return receipt;
+    }
+}
+// Direct EntryPoint Executor - for local testing (bypasses bundler)
+export class DirectEntryPointExecutor {
+    constructor(smartAccountAddress, entryPointContract, logChainAddress, smartAccountClient, signer) {
+        this.smartAccountAddress = smartAccountAddress;
+        this.logChainAddress = logChainAddress;
+        this.smartAccountClient = smartAccountClient;
+        this.signer = signer;
+        this.logChainInterface = new Interface([
+            "function sendMessage(bytes calldata ciphertext, bytes32 topic, uint256 timestamp, uint256 nonce)",
+            "function initiateHandshake(bytes32 recipientHash, bytes pubKeys, bytes ephemeralPubKey, bytes plaintextPayload)",
+            "function respondToHandshake(bytes32 inResponseTo, bytes32 responderEphemeralR, bytes ciphertext)",
+        ]);
+        // Smart account interface for executing calls to other contracts
+        this.smartAccountInterface = new Interface([
+            "function execute(address target, uint256 value, bytes calldata data) returns (bytes)",
+        ]);
+        this.entryPointContract = entryPointContract.connect(signer);
+        this.spec = detectSpecVersion(this.entryPointContract.interface);
+    }
+    async sendMessage(ciphertext, topic, timestamp, nonce) {
+        const logChainCallData = this.logChainInterface.encodeFunctionData("sendMessage", [ciphertext, topic, timestamp, nonce]);
+        const smartAccountCallData = this.smartAccountInterface.encodeFunctionData("execute", [
+            this.logChainAddress,
+            0, // value
+            logChainCallData,
+        ]);
+        return this.executeDirectUserOp(smartAccountCallData);
+    }
+    async initiateHandshake(recipientHash, pubKeys, ephemeralPubKey, plaintextPayload) {
+        const logChainCallData = this.logChainInterface.encodeFunctionData("initiateHandshake", [recipientHash, pubKeys, ephemeralPubKey, plaintextPayload]);
+        const smartAccountCallData = this.smartAccountInterface.encodeFunctionData("execute", [
+            this.logChainAddress,
+            0, // value
+            logChainCallData,
+        ]);
+        return this.executeDirectUserOp(smartAccountCallData);
+    }
+    async respondToHandshake(inResponseTo, responderEphemeralR, ciphertext) {
+        const logChainCallData = this.logChainInterface.encodeFunctionData("respondToHandshake", [inResponseTo, responderEphemeralR, ciphertext]);
+        const smartAccountCallData = this.smartAccountInterface.encodeFunctionData("execute", [
+            this.logChainAddress,
+            0, // value
+            logChainCallData,
+        ]);
+        return this.executeDirectUserOp(smartAccountCallData);
+    }
+    async executeDirectUserOp(callData) {
+        const callGasLimit = 1000000n;
+        const verificationGasLimit = 1000000n;
+        const maxFeePerGas = 1000000000n;
+        const maxPriorityFeePerGas = 1000000000n;
+        // Build UserOperation
+        let userOp;
+        if (this.spec === "v0.6") {
+            userOp = {
+                sender: this.smartAccountAddress,
+                nonce: await this.smartAccountClient.getNonce(),
+                initCode: "0x",
+                callData,
+                callGasLimit,
+                verificationGasLimit,
+                preVerificationGas: 100000n,
+                maxFeePerGas,
+                maxPriorityFeePerGas,
+                paymasterAndData: "0x",
+                signature: "0x",
+            };
+        }
+        else {
+            userOp = {
+                sender: this.smartAccountAddress,
+                nonce: await this.smartAccountClient.getNonce(),
+                initCode: "0x",
+                callData,
+                accountGasLimits: pack128x128(verificationGasLimit, callGasLimit),
+                preVerificationGas: 100000n,
+                gasFees: pack128x128(maxFeePerGas, maxPriorityFeePerGas),
+                paymasterAndData: "0x",
+                signature: "0x",
+            };
+        }
+        // Pad bigints, bytes32 before signing
+        const paddedUserOp = padBigints(userOp);
+        //console.log("Padded UserOp:", paddedUserOp);
+        const signed = await this.smartAccountClient.signUserOperation(paddedUserOp);
+        // Direct submit to EntryPoint
+        const tx = await this.entryPointContract.handleOps([signed], await this.signer.getAddress());
+        return tx;
+    }
+}
+export class ExecutorFactory {
+    static createEOA(contract) {
+        return new EOAExecutor(contract);
+    }
+    static createBaseSmartAccount(baseAccountProvider, logChainAddress, chainId = 8453, paymasterServiceUrl, subAccountAddress) {
+        return new BaseSmartAccountExecutor(baseAccountProvider, logChainAddress, chainId, paymasterServiceUrl, subAccountAddress);
+    }
+    static createUserOp(smartAccountAddress, _entryPointAddress, logChainAddress, bundlerClient, smartAccountClient) {
+        return new UserOpExecutor(smartAccountAddress, logChainAddress, bundlerClient, smartAccountClient);
+    }
+    static createDirectEntryPoint(smartAccountAddress, entryPointContract, logChainAddress, smartAccountClient, signer) {
+        return new DirectEntryPointExecutor(smartAccountAddress, entryPointContract, logChainAddress, smartAccountClient, signer);
+    }
+    // Auto-detect executor based on environment and signer type
+    static async createAuto(signerOrAccount, contract, options) {
+        if (options?.baseAccountProvider && options?.logChainAddress) {
+            return new BaseSmartAccountExecutor(options.baseAccountProvider, options.logChainAddress, options.chainId || 8453);
+        }
+        try {
+            const provider = signerOrAccount?.provider || signerOrAccount;
+            if (provider && typeof provider.request === "function") {
+                // test if provider supports wallet_sendCalls
+                const capabilities = await provider
+                    .request({
+                    method: "wallet_getCapabilities",
+                    params: [],
+                })
+                    .catch(() => null);
+                if (capabilities && options?.logChainAddress) {
+                    // if wallet supports capabilities, it's likely a Base Smart Account
+                    return new BaseSmartAccountExecutor(provider, options.logChainAddress, options.chainId || 8453);
+                }
+            }
+        }
+        catch (error) { }
+        if (signerOrAccount.address &&
+            (options?.bundlerClient || options?.entryPointContract)) {
+            if (options.isTestEnvironment &&
+                options.entryPointContract &&
+                options.logChainAddress) {
+                return new DirectEntryPointExecutor(signerOrAccount.address, options.entryPointContract, options.logChainAddress, signerOrAccount, signerOrAccount.signer || signerOrAccount);
+            }
+            if (options.bundlerClient &&
+                options.entryPointAddress &&
+                options.logChainAddress) {
+                return new UserOpExecutor(signerOrAccount.address, options.logChainAddress, options.bundlerClient, signerOrAccount);
+            }
+        }
+        // default to EOA executor
+        return new EOAExecutor(contract);
+    }
+}

package/dist/esm/src/identity.d.ts

@@ -0,0 +1,28 @@
+import { Signer } from "ethers";
+import { IdentityProof } from "./types.js";
+interface IdentityKeyPair {
+    publicKey: Uint8Array;
+    secretKey: Uint8Array;
+    signingPublicKey: Uint8Array;
+    signingSecretKey: Uint8Array;
+}
+/**
+ * HKDF (RFC 5869) identity key derivation.
+ * Returns a proof binding the derived keypair to the wallet address.
+ */
+export declare function deriveIdentityKeyPairWithProof(signer: any, address: string): Promise<{
+    keyPair: IdentityKeyPair;
+    identityProof: {
+        message: string;
+        signature: string;
+        messageRawHex?: `0x${string}`;
+    };
+}>;
+export declare function deriveIdentityWithUnifiedKeys(signer: Signer, address: string): Promise<{
+    identityProof: IdentityProof;
+    identityPubKey: Uint8Array;
+    signingPubKey: Uint8Array;
+    unifiedPubKeys: Uint8Array;
+}>;
+export {};
+//# sourceMappingURL=identity.d.ts.map

package/dist/esm/src/identity.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"identity.d.ts","sourceRoot":"","sources":["../../../src/identity.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,MAAM,EAAmB,MAAM,QAAQ,CAAC;AAGjD,OAAO,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAE3C,UAAU,eAAe;IAEvB,SAAS,EAAE,UAAU,CAAC;IACtB,SAAS,EAAE,UAAU,CAAC;IAEtB,gBAAgB,EAAE,UAAU,CAAC;IAC7B,gBAAgB,EAAE,UAAU,CAAC;CAC9B;AAED;;;GAGG;AACH,wBAAsB,8BAA8B,CAClD,MAAM,EAAE,GAAG,EACX,OAAO,EAAE,MAAM,GACd,OAAO,CAAC;IACT,OAAO,EAAE,eAAe,CAAC;IACzB,aAAa,EAAE;QACb,OAAO,EAAE,MAAM,CAAC;QAChB,SAAS,EAAE,MAAM,CAAC;QAClB,aAAa,CAAC,EAAE,KAAK,MAAM,EAAE,CAAC;KAC/B,CAAC;CACH,CAAC,CAyDD;AAED,wBAAsB,6BAA6B,CACjD,MAAM,EAAE,MAAM,EACd,OAAO,EAAE,MAAM,GACd,OAAO,CAAC;IACT,aAAa,EAAE,aAAa,CAAC;IAC7B,cAAc,EAAE,UAAU,CAAC;IAC3B,aAAa,EAAE,UAAU,CAAC;IAC1B,cAAc,EAAE,UAAU,CAAC;CAC5B,CAAC,CAcD"}