@verbeth/sdk 0.1.4

package/dist/esm/src/utils/x25519.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"x25519.d.ts","sourceRoot":"","sources":["../../../../src/utils/x25519.ts"],"names":[],"mappings":"AAEA;;;GAGG;AACH,wBAAgB,wBAAwB,CAAC,UAAU,EAAE,UAAU,GAAG,UAAU,CAO3E"}

package/dist/esm/src/utils/x25519.js

@@ -0,0 +1,12 @@
+import { sha256 } from '@noble/hashes/sha2';
+/**
+ * Converts a 64-byte raw secp256k1 public key into a 32-byte x25519-compatible public key.
+ * This is done by hashing it and using the first 32 bytes.
+ */
+export function convertPublicKeyToX25519(secpPubKey) {
+    if (secpPubKey.length !== 64) {
+        throw new Error('Expected raw 64-byte secp256k1 public key (uncompressed, no prefix)');
+    }
+    const hash = sha256(secpPubKey);
+    return Uint8Array.from(hash.slice(0, 32));
+}

package/dist/esm/src/utils.d.ts

@@ -0,0 +1,29 @@
+import { JsonRpcProvider } from "ethers";
+import { type PublicClient } from "viem";
+import { DuplexTopics } from "./types.js";
+export declare function parseBindingMessage(message: string): {
+    header?: string;
+    address?: string;
+    pkEd25519?: `0x${string}`;
+    pkX25519?: `0x${string}`;
+    context?: string;
+    version?: string;
+    chainId?: number;
+    rpId?: string;
+};
+export type Rpcish = import("ethers").JsonRpcProvider | import("ethers").BrowserProvider | {
+    request: (args: {
+        method: string;
+        params?: any[];
+    }) => Promise<any>;
+};
+export declare function makeViemPublicClient(provider: Rpcish): Promise<PublicClient>;
+export declare const ERC6492_SUFFIX = "0x6492649264926492649264926492649264926492649264926492649264926492";
+export declare function hasERC6492Suffix(sigHex: string): boolean;
+/**
+ * Checks if an address is a smart contract that supports EIP-1271 signature verification
+ * Returns true if the address has deployed code AND implements isValidSignature function
+ */
+export declare function isSmartContract1271(address: string, provider: JsonRpcProvider): Promise<boolean>;
+export declare function pickOutboundTopic(isInitiator: boolean, t: DuplexTopics): `0x${string}`;
+//# sourceMappingURL=utils.d.ts.map

package/dist/esm/src/utils.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../../../src/utils.ts"],"names":[],"mappings":"AAEA,OAAO,EAEL,eAAe,EAGhB,MAAM,QAAQ,CAAC;AAGhB,OAAO,EAIL,KAAK,YAAY,EAClB,MAAM,MAAM,CAAC;AACd,OAAO,EAAE,YAAY,EAAE,MAAM,YAAY,CAAC;AAG1C,wBAAgB,mBAAmB,CAAC,OAAO,EAAE,MAAM,GAAG;IACpD,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,SAAS,CAAC,EAAE,KAAK,MAAM,EAAE,CAAC;IAC1B,QAAQ,CAAC,EAAE,KAAK,MAAM,EAAE,CAAC;IACzB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,IAAI,CAAC,EAAE,MAAM,CAAC;CACf,CAyBA;AAED,MAAM,MAAM,MAAM,GACd,OAAO,QAAQ,EAAE,eAAe,GAChC,OAAO,QAAQ,EAAE,eAAe,GAChC;IAAE,OAAO,EAAE,CAAC,IAAI,EAAE;QAAE,MAAM,EAAE,MAAM,CAAC;QAAC,MAAM,CAAC,EAAE,GAAG,EAAE,CAAA;KAAE,KAAK,OAAO,CAAC,GAAG,CAAC,CAAA;CAAE,CAAC;AAe5E,wBAAsB,oBAAoB,CACxC,QAAQ,EAAE,MAAM,GACf,OAAO,CAAC,YAAY,CAAC,CAmBvB;AAED,eAAO,MAAM,cAAc,uEAC2C,CAAC;AAEvE,wBAAgB,gBAAgB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAIxD;AAED;;;GAGG;AACH,wBAAsB,mBAAmB,CACvC,OAAO,EAAE,MAAM,EACf,QAAQ,EAAE,eAAe,GACxB,OAAO,CAAC,OAAO,CAAC,CA+DlB;AAGD,wBAAgB,iBAAiB,CAAC,WAAW,EAAE,OAAO,EAAE,CAAC,EAAE,YAAY,GAAG,KAAK,MAAM,EAAE,CAEtF"}

package/dist/esm/src/utils.js

@@ -0,0 +1,123 @@
+// packages/sdk/src/utils.ts
+import { Contract, getAddress, hexlify, } from "ethers";
+import { keccak256, toUtf8Bytes } from "ethers";
+import { AbiCoder } from "ethers";
+import { createPublicClient, custom, defineChain, } from "viem";
+export function parseBindingMessage(message) {
+    const lines = message.split("\n").map((l) => l.trim());
+    const out = {};
+    if (lines[0])
+        out.header = lines[0];
+    for (let i = 1; i < lines.length; i++) {
+        const line = lines[i];
+        const idx = line.indexOf(":");
+        if (idx === -1)
+            continue;
+        const key = line.slice(0, idx).trim().toLowerCase();
+        const val = line.slice(idx + 1).trim();
+        if (key === "address")
+            out.address = getAddress(val);
+        if (key === "pked25519") {
+            out.pkEd25519 = hexlify(val);
+        }
+        if (key === "pkx25519") {
+            out.pkX25519 = hexlify(val);
+        }
+        if (key === "context")
+            out.context = val;
+        if (key === "version")
+            out.version = val;
+        if (key === "chainid")
+            out.chainId = Number(val);
+        if (key === "rpid")
+            out.rpId = val;
+    }
+    return out;
+}
+function toEip1193(provider) {
+    if (provider.request)
+        return provider;
+    if (provider.send) {
+        return {
+            request: ({ method, params }) => provider.send(method, params ?? []),
+        };
+    }
+    throw new Error("Unsupported provider: cannot build EIP-1193 request");
+}
+export async function makeViemPublicClient(provider) {
+    const eip1193 = toEip1193(provider);
+    let chainId = 1;
+    try {
+        const hex = await eip1193.request({ method: "eth_chainId" });
+        chainId = Number(hex);
+    }
+    catch {
+    }
+    const chain = defineChain({
+        id: chainId,
+        name: `chain-${chainId}`,
+        nativeCurrency: { name: "Ether", symbol: "ETH", decimals: 18 },
+        rpcUrls: { default: { http: [] } },
+    });
+    return createPublicClient({ chain, transport: custom(eip1193) });
+}
+export const ERC6492_SUFFIX = "0x6492649264926492649264926492649264926492649264926492649264926492";
+export function hasERC6492Suffix(sigHex) {
+    if (!sigHex || typeof sigHex !== "string")
+        return false;
+    const s = sigHex.toLowerCase();
+    return s.endsWith(ERC6492_SUFFIX.slice(2).toLowerCase());
+}
+/**
+ * Checks if an address is a smart contract that supports EIP-1271 signature verification
+ * Returns true if the address has deployed code AND implements isValidSignature function
+ */
+export async function isSmartContract1271(address, provider) {
+    try {
+        const code = await provider.getCode(address);
+        if (code === "0x") {
+            return false;
+        }
+        const contract = new Contract(address, [
+            "function isValidSignature(bytes32, bytes) external view returns (bytes4)",
+        ], provider);
+        // ECDSA smart contracts
+        try {
+            await contract.isValidSignature.staticCall("0x0000000000000000000000000000000000000000000000000000000000000000", "0x");
+            return true;
+        }
+        catch (simpleErr) {
+            // WebAuthn format
+            try {
+                const authenticatorData = "0xdeadbeef";
+                const clientDataJSON = "0xbeefdead";
+                const rawSignature = "0x" + "11".repeat(64);
+                const abi = AbiCoder.defaultAbiCoder();
+                const webAuthnAuth = abi.encode(["bytes", "bytes", "bytes"], [authenticatorData, clientDataJSON, rawSignature]);
+                const ownerIndex = 0;
+                const signatureWrapper = abi.encode(["uint256", "bytes"], [ownerIndex, webAuthnAuth]);
+                const hash = keccak256(toUtf8Bytes("test message"));
+                const result = await contract.isValidSignature.staticCall(hash, signatureWrapper);
+                return result === "0x1626ba7e";
+            }
+            catch (webAuthnErr) {
+                // if it's a CALL_EXCEPTION without data then function exists
+                if (webAuthnErr.code === "CALL_EXCEPTION" &&
+                    (!webAuthnErr.data ||
+                        webAuthnErr.data === "0x" ||
+                        webAuthnErr.data === null)) {
+                    return true;
+                }
+                return false;
+            }
+        }
+    }
+    catch (err) {
+        console.error("Error checking if address is smart contract:", err);
+        return false;
+    }
+}
+// picks the correct outbound topic from a DuplexTopics structure
+export function pickOutboundTopic(isInitiator, t) {
+    return isInitiator ? t.topicOut : t.topicIn;
+}

package/dist/esm/src/verify.d.ts

@@ -0,0 +1,54 @@
+import { JsonRpcProvider } from "ethers";
+import { HandshakeLog, HandshakeResponseLog, IdentityProof, TopicInfoWire, DuplexTopics } from "./types.js";
+import { Rpcish } from "./utils.js";
+/**
+ * handshake verification with mandatory identity proof
+ */
+export declare function verifyHandshakeIdentity(handshakeEvent: HandshakeLog, provider: JsonRpcProvider): Promise<boolean>;
+/**
+ * handshake response verification with mandatory identity proof
+ */
+export declare function verifyHandshakeResponseIdentity(responseEvent: HandshakeResponseLog, responderIdentityPubKey: Uint8Array, initiatorEphemeralSecretKey: Uint8Array, provider: JsonRpcProvider): Promise<boolean>;
+/**
+ * Verify "IdentityProof" for EOAs and smart accounts.
+ * - Verifies the signature with viem (EOA / ERC-1271 / ERC-6492).
+ * - Parses and checks the expected address and public key against the message content.
+ */
+export declare function verifyIdentityProof(identityProof: IdentityProof, smartAccountAddress: string, expectedUnifiedKeys: {
+    identityPubKey: Uint8Array;
+    signingPubKey: Uint8Array;
+}, provider: Rpcish): Promise<boolean>;
+export declare function verifyAndExtractHandshakeKeys(handshakeEvent: HandshakeLog, provider: JsonRpcProvider): Promise<{
+    isValid: boolean;
+    keys?: {
+        identityPubKey: Uint8Array;
+        signingPubKey: Uint8Array;
+    };
+}>;
+export declare function verifyAndExtractHandshakeResponseKeys(responseEvent: HandshakeResponseLog, initiatorEphemeralSecretKey: Uint8Array, provider: JsonRpcProvider): Promise<{
+    isValid: boolean;
+    keys?: {
+        identityPubKey: Uint8Array;
+        signingPubKey: Uint8Array;
+        ephemeralPubKey: Uint8Array;
+        note?: string;
+    };
+}>;
+/**
+ * Verify and derive duplex topics from a long-term DH secret.
+ * - Accepts either `tag` (inResponseTo) or a raw salt as KDF input.
+ * - Recomputes topicOut/topicIn deterministically from the identity DH.
+ * - If topicInfo is provided (from HSR), also verify the checksum.
+ * - Used by the initiator after decrypting a HandshakeResponse to confirm responder’s topics.
+ */
+export declare function verifyDerivedDuplexTopics({ myIdentitySecretKey, theirIdentityPubKey, tag, salt, topicInfo }: {
+    myIdentitySecretKey: Uint8Array;
+    theirIdentityPubKey: Uint8Array;
+    tag?: `0x${string}`;
+    salt?: Uint8Array;
+    topicInfo?: TopicInfoWire;
+}): {
+    topics: DuplexTopics;
+    ok?: boolean;
+};
+//# sourceMappingURL=verify.d.ts.map

package/dist/esm/src/verify.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"verify.d.ts","sourceRoot":"","sources":["../../../src/verify.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,eAAe,EAAiC,MAAM,QAAQ,CAAC;AAExE,OAAO,EAAE,YAAY,EAAE,oBAAoB,EAAE,aAAa,EAAE,aAAa,EAAE,YAAY,EAAE,MAAM,YAAY,CAAC;AAE5G,OAAO,EACL,MAAM,EAGP,MAAM,YAAY,CAAC;AAIpB;;GAEG;AACH,wBAAsB,uBAAuB,CAC3C,cAAc,EAAE,YAAY,EAC5B,QAAQ,EAAE,eAAe,GACxB,OAAO,CAAC,OAAO,CAAC,CA6ClB;AAID;;GAEG;AACH,wBAAsB,+BAA+B,CACnD,aAAa,EAAE,oBAAoB,EACnC,uBAAuB,EAAE,UAAU,EACnC,2BAA2B,EAAE,UAAU,EACvC,QAAQ,EAAE,eAAe,GACxB,OAAO,CAAC,OAAO,CAAC,CAgDlB;AAED;;;;GAIG;AACH,wBAAsB,mBAAmB,CACvC,aAAa,EAAE,aAAa,EAC5B,mBAAmB,EAAE,MAAM,EAC3B,mBAAmB,EAAE;IACnB,cAAc,EAAE,UAAU,CAAC;IAC3B,aAAa,EAAE,UAAU,CAAC;CAC3B,EACD,QAAQ,EAAE,MAAM,GACf,OAAO,CAAC,OAAO,CAAC,CA+DlB;AAID,wBAAsB,6BAA6B,CACjD,cAAc,EAAE,YAAY,EAC5B,QAAQ,EAAE,eAAe,GACxB,OAAO,CAAC;IACT,OAAO,EAAE,OAAO,CAAC;IACjB,IAAI,CAAC,EAAE;QACL,cAAc,EAAE,UAAU,CAAC;QAC3B,aAAa,EAAE,UAAU,CAAC;KAC3B,CAAC;CACH,CAAC,CAgBD;AAED,wBAAsB,qCAAqC,CACzD,aAAa,EAAE,oBAAoB,EACnC,2BAA2B,EAAE,UAAU,EACvC,QAAQ,EAAE,eAAe,GACxB,OAAO,CAAC;IACT,OAAO,EAAE,OAAO,CAAC;IACjB,IAAI,CAAC,EAAE;QACL,cAAc,EAAE,UAAU,CAAC;QAC3B,aAAa,EAAE,UAAU,CAAC;QAC1B,eAAe,EAAE,UAAU,CAAC;QAC5B,IAAI,CAAC,EAAE,MAAM,CAAC;KACf,CAAC;CACH,CAAC,CAwCD;AAED;;;;;;GAMG;AACH,wBAAgB,yBAAyB,CAAC,EACxC,mBAAmB,EACnB,mBAAmB,EACnB,GAAG,EACH,IAAI,EACJ,SAAS,EACV,EAAE;IACD,mBAAmB,EAAE,UAAU,CAAC;IAChC,mBAAmB,EAAE,UAAU,CAAC;IAChC,GAAG,CAAC,EAAE,KAAK,MAAM,EAAE,CAAC;IACpB,IAAI,CAAC,EAAE,UAAU,CAAC;IAClB,SAAS,CAAC,EAAE,aAAa,CAAC;CAC3B,GAAG;IAAE,MAAM,EAAE,YAAY,CAAC;IAAC,EAAE,CAAC,EAAE,OAAO,CAAA;CAAE,CAYzC"}

package/dist/esm/src/verify.js

@@ -0,0 +1,186 @@
+// packages/sdk/src/verify.ts
+import { getBytes, hexlify, getAddress } from "ethers";
+import { decryptAndExtractHandshakeKeys, computeTagFromInitiator, verifyDuplexTopicsChecksum, deriveDuplexTopics } from "./crypto.js";
+import { parseHandshakePayload, parseHandshakeKeys } from "./payload.js";
+import { makeViemPublicClient, parseBindingMessage, } from "./utils.js";
+// ============= Handshake Verification =============
+/**
+ * handshake verification with mandatory identity proof
+ */
+export async function verifyHandshakeIdentity(handshakeEvent, provider) {
+    try {
+        let plaintextPayload = handshakeEvent.plaintextPayload;
+        if (typeof plaintextPayload === "string" &&
+            plaintextPayload.startsWith("0x")) {
+            try {
+                const bytes = new Uint8Array(Buffer.from(plaintextPayload.slice(2), "hex"));
+                plaintextPayload = new TextDecoder().decode(bytes);
+            }
+            catch (err) {
+                console.error("Failed to decode hex payload:", err);
+                return false;
+            }
+        }
+        const content = parseHandshakePayload(plaintextPayload);
+        const parsedKeys = parseHandshakeKeys(handshakeEvent);
+        if (!parsedKeys) {
+            console.error("Failed to parse unified pubKeys from handshake event");
+            return false;
+        }
+        // // 6492 awareness
+        // const dp: any = content.identityProof;
+        // const sigPrimary: string = dp.signature;
+        // const sig6492: string | undefined = dp.signature6492 ?? dp.erc6492;
+        // const uses6492 = hasERC6492Suffix(sigPrimary) || !!sig6492;
+        // const isContract1271 = await isSmartContract1271(handshakeEvent.sender, provider);
+        return await verifyIdentityProof(content.identityProof, handshakeEvent.sender, parsedKeys, provider);
+    }
+    catch (err) {
+        console.error("verifyHandshakeIdentity error:", err);
+        return false;
+    }
+}
+// ============= HandshakeResponse Verification =============
+/**
+ * handshake response verification with mandatory identity proof
+ */
+export async function verifyHandshakeResponseIdentity(responseEvent, responderIdentityPubKey, initiatorEphemeralSecretKey, provider) {
+    try {
+        const extractedResponse = decryptAndExtractHandshakeKeys(responseEvent.ciphertext, initiatorEphemeralSecretKey);
+        if (!extractedResponse) {
+            console.error("Failed to decrypt handshake response");
+            return false;
+        }
+        if (!Buffer.from(extractedResponse.identityPubKey).equals(Buffer.from(responderIdentityPubKey))) {
+            console.error("Identity public key mismatch in handshake response");
+            return false;
+        }
+        // 6492 awareness
+        const dpAny = extractedResponse.identityProof;
+        if (!dpAny) {
+            console.error("Missing identityProof in handshake response payload");
+            return false;
+        }
+        // const sigPrimary: string = dpAny.signature;
+        // const sig6492: string | undefined = dpAny.signature6492 ?? dpAny.erc6492;
+        // const uses6492 = hasERC6492Suffix(sigPrimary) || !!sig6492;
+        // const isContract1271 = await isSmartContract1271(responseEvent.responder,provider);
+        const expectedKeys = {
+            identityPubKey: extractedResponse.identityPubKey,
+            signingPubKey: extractedResponse.signingPubKey,
+        };
+        return await verifyIdentityProof(extractedResponse.identityProof, responseEvent.responder, expectedKeys, provider);
+    }
+    catch (err) {
+        console.error("verifyHandshakeResponseIdentity error:", err);
+        return false;
+    }
+}
+/**
+ * Verify "IdentityProof" for EOAs and smart accounts.
+ * - Verifies the signature with viem (EOA / ERC-1271 / ERC-6492).
+ * - Parses and checks the expected address and public key against the message content.
+ */
+export async function verifyIdentityProof(identityProof, smartAccountAddress, expectedUnifiedKeys, provider) {
+    try {
+        const client = await makeViemPublicClient(provider);
+        const address = smartAccountAddress;
+        const okSig = await client.verifyMessage({
+            address,
+            message: identityProof.message,
+            signature: identityProof.signature,
+        });
+        if (!okSig) {
+            console.error("Binding signature invalid for address");
+            return false;
+        }
+        const parsed = parseBindingMessage(identityProof.message);
+        if (parsed.header && parsed.header !== "VerbEth Key Binding v1") {
+            console.error("Unexpected binding header:", parsed.header);
+            return false;
+        }
+        if (!parsed.address ||
+            getAddress(parsed.address) !== getAddress(smartAccountAddress)) {
+            console.error("Binding message address mismatch");
+            return false;
+        }
+        const expectedPkX = hexlify(expectedUnifiedKeys.identityPubKey);
+        const expectedPkEd = hexlify(expectedUnifiedKeys.signingPubKey);
+        if (!parsed.pkX25519 || hexlify(parsed.pkX25519) !== expectedPkX) {
+            console.error("PkX25519 mismatch");
+            return false;
+        }
+        if (!parsed.pkEd25519 || hexlify(parsed.pkEd25519) !== expectedPkEd) {
+            console.error("PkEd25519 mismatch");
+            return false;
+        }
+        if (parsed.context && parsed.context !== "verbeth") {
+            console.error("Unexpected context:", parsed.context);
+            return false;
+        }
+        if (parsed.version && parsed.version !== "1") {
+            console.error("Unexpected version:", parsed.version);
+            return false;
+        }
+        // if (typeof parsed.chainId === 'number' && parsed.chainId !== currentChainId) return false;
+        return true;
+    }
+    catch (err) {
+        console.error("verifyIdentityProof error:", err);
+        return false;
+    }
+}
+// ============= Utility Functions =============
+export async function verifyAndExtractHandshakeKeys(handshakeEvent, provider) {
+    const isValid = await verifyHandshakeIdentity(handshakeEvent, provider);
+    if (!isValid) {
+        return { isValid: false };
+    }
+    const parsedKeys = parseHandshakeKeys(handshakeEvent);
+    if (!parsedKeys) {
+        return { isValid: false };
+    }
+    return {
+        isValid: true,
+        keys: parsedKeys,
+    };
+}
+export async function verifyAndExtractHandshakeResponseKeys(responseEvent, initiatorEphemeralSecretKey, provider) {
+    const Rbytes = getBytes(responseEvent.responderEphemeralR); // hex -> Uint8Array
+    const expectedTag = computeTagFromInitiator(initiatorEphemeralSecretKey, Rbytes);
+    if (expectedTag !== responseEvent.inResponseTo) {
+        return { isValid: false };
+    }
+    const extractedResponse = decryptAndExtractHandshakeKeys(responseEvent.ciphertext, initiatorEphemeralSecretKey);
+    if (!extractedResponse) {
+        return { isValid: false };
+    }
+    const isValid = await verifyHandshakeResponseIdentity(responseEvent, extractedResponse.identityPubKey, initiatorEphemeralSecretKey, provider);
+    if (!isValid) {
+        return { isValid: false };
+    }
+    return {
+        isValid: true,
+        keys: {
+            identityPubKey: extractedResponse.identityPubKey,
+            signingPubKey: extractedResponse.signingPubKey,
+            ephemeralPubKey: extractedResponse.ephemeralPubKey,
+            note: extractedResponse.note,
+        },
+    };
+}
+/**
+ * Verify and derive duplex topics from a long-term DH secret.
+ * - Accepts either `tag` (inResponseTo) or a raw salt as KDF input.
+ * - Recomputes topicOut/topicIn deterministically from the identity DH.
+ * - If topicInfo is provided (from HSR), also verify the checksum.
+ * - Used by the initiator after decrypting a HandshakeResponse to confirm responder’s topics.
+ */
+export function verifyDerivedDuplexTopics({ myIdentitySecretKey, theirIdentityPubKey, tag, salt, topicInfo }) {
+    const s = salt ?? (tag ? getBytes(tag) : undefined);
+    if (!s)
+        throw new Error("Provide either salt or inResponseTo");
+    const { topicOut, topicIn, checksum } = deriveDuplexTopics(myIdentitySecretKey, theirIdentityPubKey, s);
+    const ok = topicInfo ? verifyDuplexTopicsChecksum(topicOut, topicIn, topicInfo.chk) : undefined;
+    return { topics: { topicOut, topicIn }, ok };
+}

package/dist/src/client/VerbethClient.d.ts

@@ -0,0 +1,134 @@
+import type { VerbethClientConfig, HandshakeResult, HandshakeResponseResult } from './types.js';
+import type { IExecutor } from '../executor.js';
+import type { IdentityKeyPair } from '../types.js';
+import * as crypto from '../crypto.js';
+import * as payload from '../payload.js';
+import * as verify from '../verify.js';
+import * as utils from '../utils.js';
+import * as identity from '../identity.js';
+/**
+ * High-level client for Verbeth E2EE messaging
+ *
+ * VerbethClient provides a simplified API for common operations while
+ * maintaining access to all low-level functions.
+ *
+ * @example
+ * ```typescript
+ * const client = new VerbethClient({
+ *   executor,
+ *   identityKeyPair,
+ *   identityProof,
+ *   signer,
+ *   address: '0x...'
+ * });
+ *
+ * // Send a handshake
+ * const { tx, ephemeralKeyPair } = await client.sendHandshake(
+ *   '0xBob...',
+ *   'Hello Bob!'
+ * );
+ *
+ * // Send a message
+ * await client.sendMessage(
+ *   contact.topicOutbound,
+ *   contact.identityPubKey,
+ *   'Hello again!'
+ * );
+ * ```
+ */
+export declare class VerbethClient {
+    private readonly executor;
+    private readonly identityKeyPair;
+    private readonly identityProof;
+    private readonly signer;
+    private readonly address;
+    /**
+     * creates a new VerbethClient instance
+     *
+     * @param config - Client configuration with session-level parameters
+     */
+    constructor(config: VerbethClientConfig);
+    /**
+     * Initiates a handshake with a recipient
+     *
+     * generates an ephemeral keypair for this handshake.
+     * the ephemeralKeyPair must be stored to decrypt the response later.
+     *
+     * @param recipientAddress - Blockchain address of the recipient
+     * @param message - Plaintext message to include in the handshake
+     * @returns Transaction response and the ephemeral keypair (must be stored!)
+     *
+     * @example
+     * ```typescript
+     * const { tx, ephemeralKeyPair } = await client.sendHandshake(
+     *   '0xBob...',
+     *   'Hi Bob!'
+     * );
+     *
+     * // Store ephemeralKeyPair.secretKey to decrypt Bob's response
+     * await storage.saveContact({
+     *   address: '0xBob...',
+     *   ephemeralKey: ephemeralKeyPair.secretKey,
+     *   // ...
+     * });
+     * ```
+     */
+    sendHandshake(recipientAddress: string, message: string): Promise<HandshakeResult>;
+    /**
+     * Accepts a handshake from an initiator
+     *
+     * derives duplex topics for the conversation and returns them.
+     *
+     * @param initiatorEphemeralPubKey - initiator's ephemeral public key from handshake event
+     * @param initiatorIdentityPubKey - initiator's long-term X25519 identity key
+     * @param note - response message to send back
+     * @returns transaction, derived duplex topics, and response tag
+     *
+     * @example
+     * ```typescript
+     * const { tx, duplexTopics } = await client.acceptHandshake(
+     *   handshake.ephemeralPubKey,
+     *   handshake.identityPubKey,
+     *   'Hello Alice!'
+     * );
+     *
+     * // Store the topics for future messaging
+     * await storage.saveContact({
+     *   address: handshake.sender,
+     *   topicOutbound: duplexTopics.topicIn,  // Responder writes to topicIn
+     *   topicInbound: duplexTopics.topicOut,  // Responder reads from topicOut
+     *   // ...
+     * });
+     * ```
+     */
+    acceptHandshake(initiatorEphemeralPubKey: Uint8Array, initiatorIdentityPubKey: Uint8Array, note: string): Promise<HandshakeResponseResult>;
+    /**
+     * Sends an encrypted message to a contact
+     *
+     * handles timestamp, signing keys, and sender address.
+     *
+     * @param topicOutbound - The outbound topic for this conversation
+     * @param recipientPubKey - Recipient's X25519 public key (from handshake)
+     * @param message - Plaintext message to encrypt and send
+     * @returns Transaction response
+     *
+     * @example
+     * ```typescript
+     * await client.sendMessage(
+     *   contact.topicOutbound,
+     *   contact.identityPubKey,
+     *   'Hello again!'
+     * );
+     * ```
+     */
+    sendMessage(topicOutbound: string, recipientPubKey: Uint8Array, message: string): Promise<any>;
+    get crypto(): typeof crypto;
+    get payload(): typeof payload;
+    get verify(): typeof verify;
+    get utils(): typeof utils;
+    get identity(): typeof identity;
+    get executorInstance(): IExecutor;
+    get identityKeyPairInstance(): IdentityKeyPair;
+    get userAddress(): string;
+}
+//# sourceMappingURL=VerbethClient.d.ts.map

package/dist/src/client/VerbethClient.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"VerbethClient.d.ts","sourceRoot":"","sources":["../../../src/client/VerbethClient.ts"],"names":[],"mappings":"AAKA,OAAO,KAAK,EAAE,mBAAmB,EAAE,eAAe,EAAE,uBAAuB,EAAE,MAAM,YAAY,CAAC;AAChG,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAC;AAChD,OAAO,KAAK,EAAE,eAAe,EAAiB,MAAM,aAAa,CAAC;AAGlE,OAAO,KAAK,MAAM,MAAM,cAAc,CAAC;AACvC,OAAO,KAAK,OAAO,MAAM,eAAe,CAAC;AACzC,OAAO,KAAK,MAAM,MAAM,cAAc,CAAC;AACvC,OAAO,KAAK,KAAK,MAAM,aAAa,CAAC;AACrC,OAAO,KAAK,QAAQ,MAAM,gBAAgB,CAAC;AAE3C;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA6BG;AACH,qBAAa,aAAa;IACxB,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAY;IACrC,OAAO,CAAC,QAAQ,CAAC,eAAe,CAAkB;IAClD,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAgB;IAC9C,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAS;IAChC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAS;IAEjC;;;;OAIG;gBACS,MAAM,EAAE,mBAAmB;IAQvC;;;;;;;;;;;;;;;;;;;;;;;;OAwBG;IACG,aAAa,CACjB,gBAAgB,EAAE,MAAM,EACxB,OAAO,EAAE,MAAM,GACd,OAAO,CAAC,eAAe,CAAC;IAgB3B;;;;;;;;;;;;;;;;;;;;;;;;;;OA0BG;IACG,eAAe,CACnB,wBAAwB,EAAE,UAAU,EACpC,uBAAuB,EAAE,UAAU,EACnC,IAAI,EAAE,MAAM,GACX,OAAO,CAAC,uBAAuB,CAAC;IAoBnC;;;;;;;;;;;;;;;;;;OAkBG;IACG,WAAW,CACf,aAAa,EAAE,MAAM,EACrB,eAAe,EAAE,UAAU,EAC3B,OAAO,EAAE,MAAM,GACd,OAAO,CAAC,GAAG,CAAC;IAqBf,IAAI,MAAM,kBAET;IAED,IAAI,OAAO,mBAEV;IAED,IAAI,MAAM,kBAET;IAED,IAAI,KAAK,iBAER;IAED,IAAI,QAAQ,oBAEX;IAED,IAAI,gBAAgB,IAAI,SAAS,CAEhC;IAGD,IAAI,uBAAuB,IAAI,eAAe,CAE7C;IAED,IAAI,WAAW,IAAI,MAAM,CAExB;CACF"}