@veridex/sdk 1.0.0-beta.9 → 1.1.0

package/dist/types-FJL7j6gQ.d.mts

@@ -1,172 +0,0 @@
-/**
- * Veridex Protocol SDK - Session Key Management Types
- *
- * Type definitions for ephemeral session keys that enable
- * native L1-speed transactions after initial biometric auth.
- */
-/**
- * Ephemeral session key for fast software-backed signing
- *
- * Security model:
- * - Private key encrypted at rest (AES-GCM)
- * - Max 24-hour duration enforced on-chain
- * - Value limits prevent unlimited spending
- * - Chain scopes restrict cross-chain usage
- */
-interface SessionKey {
-    /** Public key of the session (secp256k1) */
-    publicKey: Uint8Array;
-    /** Private key (MUST be encrypted before storage) */
-    privateKey: Uint8Array;
-    /** Keccak256 hash of public key (on-chain identifier) */
-    keyHash: string;
-    /** Unix timestamp when session expires (milliseconds) */
-    expiry: number;
-    /** Maximum transaction value allowed (in token's base units) */
-    maxValue: bigint;
-    /** Wormhole chain IDs where this session is valid */
-    chainScopes: number[];
-    /** User's Passkey key hash (binds session to user) */
-    userKeyHash: string;
-}
-/**
- * Configuration for session creation and lifecycle
- */
-interface SessionConfig {
-    /** Session duration in seconds (default: 3600 = 1 hour, max: 86400 = 24 hours) */
-    duration: number;
-    /** Maximum transaction value in base units (0 = unlimited, but NOT RECOMMENDED) */
-    maxValue: bigint;
-    /** Auto-refresh session before expiry (default: true) */
-    autoRefresh: boolean;
-    /** Refresh buffer time in seconds (refresh this many seconds before expiry, default: 300 = 5 min) */
-    refreshBuffer?: number;
-    /** Chain scopes - which Wormhole chain IDs can use this session (empty = all chains) */
-    chainScopes?: number[];
-}
-/**
- * Signature produced by signing with a session key
- *
- * This is a lightweight software signature (secp256k1) that can be
- * validated on-chain via CCQ to Hub's isSessionActive() state.
- */
-interface SessionSignature {
-    /** ECDSA signature (r, s, v) from session private key */
-    signature: Uint8Array;
-    /** Session key hash (links signature to registered session) */
-    sessionKeyHash: string;
-    /** User's Passkey key hash (for Hub state query) */
-    userKeyHash: string;
-    /** Timestamp when signature was created (for replay prevention) */
-    timestamp: number;
-    /** Optional nonce for additional replay protection */
-    nonce?: number;
-}
-/**
- * Configuration for SessionManager initialization
- */
-interface SessionManagerConfig {
-    /** Default session configuration */
-    defaultSessionConfig: SessionConfig;
-    /** Storage backend ('indexeddb' or 'localstorage', default: 'indexeddb') */
-    storageBackend?: 'indexeddb' | 'localstorage';
-    /** Enable debug logging */
-    debug?: boolean;
-    /** Custom encryption key derivation (for testing only) */
-    encryptionKey?: CryptoKey;
-}
-/**
- * Events emitted during session lifecycle
- */
-type SessionEvent = {
-    type: 'session-created';
-    session: SessionKey;
-} | {
-    type: 'session-loaded';
-    session: SessionKey;
-} | {
-    type: 'session-expired';
-    keyHash: string;
-} | {
-    type: 'session-refreshed';
-    session: SessionKey;
-} | {
-    type: 'session-revoked';
-    keyHash: string;
-} | {
-    type: 'session-error';
-    error: Error;
-};
-type SessionEventCallback = (event: SessionEvent) => void;
-/**
- * Interface for session storage implementations
- *
- * Implementations MUST:
- * - Encrypt private keys before storage
- * - Use secure key derivation (e.g., PBKDF2 or similar)
- * - Provide atomic read/write/delete operations
- */
-interface SessionStorage {
-    /**
-     * Save a session (private key will be encrypted)
-     */
-    save(session: SessionKey): Promise<void>;
-    /**
-     * Load the active session (private key will be decrypted)
-     */
-    load(): Promise<SessionKey | null>;
-    /**
-     * Clear all stored sessions
-     */
-    clear(): Promise<void>;
-    /**
-     * Check if a session exists
-     */
-    exists(): Promise<boolean>;
-}
-/**
- * Parameters for an action to be signed with a session key
- */
-interface ActionParams {
-    /** Action type (transfer, execute, bridge, etc.) */
-    action: string;
-    /** Target chain (Wormhole chain ID) */
-    targetChain: number;
-    /** Transaction value in base units */
-    value: bigint;
-    /** Action-specific payload */
-    payload: Uint8Array;
-    /** Nonce for replay prevention */
-    nonce: number;
-    /** Optional deadline timestamp */
-    deadline?: number;
-}
-/**
- * Result of session-signed action
- */
-interface SessionSignedAction {
-    /** Original action parameters */
-    action: ActionParams;
-    /** Session signature */
-    signature: SessionSignature;
-    /** Ready to submit to relayer or on-chain */
-    readyToSubmit: boolean;
-}
-declare class SessionError extends Error {
-    code: SessionErrorCode;
-    details?: unknown | undefined;
-    constructor(message: string, code: SessionErrorCode, details?: unknown | undefined);
-}
-declare enum SessionErrorCode {
-    NO_ACTIVE_SESSION = "NO_ACTIVE_SESSION",
-    SESSION_EXPIRED = "SESSION_EXPIRED",
-    VALUE_EXCEEDS_LIMIT = "VALUE_EXCEEDS_LIMIT",
-    CHAIN_NOT_ALLOWED = "CHAIN_NOT_ALLOWED",
-    STORAGE_ERROR = "STORAGE_ERROR",
-    ENCRYPTION_ERROR = "ENCRYPTION_ERROR",
-    INVALID_CONFIG = "INVALID_CONFIG",
-    REGISTRATION_FAILED = "REGISTRATION_FAILED",
-    REVOCATION_FAILED = "REVOCATION_FAILED"
-}
-
-export { type ActionParams as A, type SessionKey as S, type SessionStorage as a, type SessionConfig as b, type SessionSignature as c, type SessionManagerConfig as d, type SessionEvent as e, type SessionEventCallback as f, type SessionSignedAction as g, SessionErrorCode as h, SessionError as i };

package/dist/types.d.ts

@@ -1,407 +0,0 @@
-/**
- * Veridex Protocol SDK - Type Definitions
- */
-interface VeridexConfig {
-    hubChainId: number;
-    hubRpcUrl: string;
-    hubContractAddress: string;
-    relayerUrl?: string;
-}
-interface ChainConfig {
-    name: string;
-    chainId: number;
-    wormholeChainId: number;
-    hubChainId?: number;
-    rpcUrl: string;
-    explorerUrl: string;
-    isEvm: boolean;
-    contracts: {
-        hub?: string;
-        vaultFactory?: string;
-        vaultImplementation?: string;
-        wormholeCoreBridge: string;
-        tokenBridge?: string;
-    };
-}
-interface PasskeyCredential {
-    credentialId: string;
-    publicKeyX: bigint;
-    publicKeyY: bigint;
-    keyHash: string;
-}
-interface WebAuthnSignature {
-    authenticatorData: string;
-    clientDataJSON: string;
-    challengeIndex: number;
-    typeIndex: number;
-    r: bigint;
-    s: bigint;
-}
-interface TransferParams {
-    targetChain: number;
-    token: string;
-    recipient: string;
-    amount: bigint;
-}
-interface ExecuteParams {
-    targetChain: number;
-    target: string;
-    value: bigint;
-    data: string;
-}
-interface BridgeParams {
-    sourceChain: number;
-    token: string;
-    amount: bigint;
-    destinationChain: number;
-    recipient: string;
-}
-interface DispatchResult {
-    transactionHash: string;
-    sequence: bigint;
-    userKeyHash: string;
-    targetChain: number;
-}
-interface TransferAction {
-    type: 'transfer';
-    token: string;
-    recipient: string;
-    amount: bigint;
-}
-interface BridgeAction {
-    type: 'bridge';
-    token: string;
-    amount: bigint;
-    targetChain: number;
-    recipient: string;
-}
-/**
- * Wormhole Query proof for optimistic execution
- * Allows ~5-7 second latency vs ~120+ seconds for VAA
- */
-interface QueryProof {
-    /** Raw query response bytes from Wormhole Guardians */
-    queryResponse: string;
-    /** Guardian signatures (13/19 quorum) */
-    signatures: string;
-}
-/**
- * User preference for execution path
- */
-type ExecutionPath = 'query' | 'vaa' | 'auto';
-/**
- * Result from query-based submission
- */
-interface QuerySubmissionResult {
-    /** Whether submission succeeded */
-    success: boolean;
-    /** Transaction hash on spoke chain */
-    txHash?: string;
-    /** Execution path used ('query' or 'vaa') */
-    path: ExecutionPath;
-    /** Latency in milliseconds */
-    latencyMs?: number;
-    /** Error message if failed */
-    error?: string;
-    /** Whether fallback to VAA was triggered */
-    fellBack?: boolean;
-}
-/**
- * Session key structure for temporary authentication
- * Enables native L1 speed for repeat transactions without biometric auth
- */
-interface SessionKey {
-    /** Hash of the temporary session public key */
-    sessionKeyHash: string;
-    /** Unix timestamp when session expires */
-    expiry: number;
-    /** Maximum transaction value for this session (0 = unlimited) */
-    maxValue: bigint;
-    /** Whether session was manually revoked */
-    revoked: boolean;
-}
-/**
- * Result from session validation query
- */
-interface SessionValidationResult {
-    /** Whether session is currently active */
-    active: boolean;
-    /** Session expiry timestamp (0 if inactive) */
-    expiry: number;
-    /** Maximum transaction value (0 if inactive) */
-    maxValue: bigint;
-    /** Index in sessions array */
-    sessionIndex: number;
-}
-/**
- * Parameters for registering a new session
- */
-interface RegisterSessionParams {
-    /** Signature for Passkey authentication */
-    signature: WebAuthnSignature;
-    /** User's Passkey public key X coordinate */
-    publicKeyX: bigint;
-    /** User's Passkey public key Y coordinate */
-    publicKeyY: bigint;
-    /** Hash of the temporary session public key */
-    sessionKeyHash: string;
-    /** Session duration in seconds (max 24 hours) */
-    duration: number;
-    /** Maximum transaction value (0 = unlimited) */
-    maxValue: bigint;
-    /** Whether to require user verification */
-    requireUV: boolean;
-}
-/**
- * Parameters for revoking a session
- */
-interface RevokeSessionParams {
-    /** Signature for Passkey authentication */
-    signature: WebAuthnSignature;
-    /** User's Passkey public key X coordinate */
-    publicKeyX: bigint;
-    /** User's Passkey public key Y coordinate */
-    publicKeyY: bigint;
-    /** Hash of the session key to revoke */
-    sessionKeyHash: string;
-    /** Whether to require user verification */
-    requireUV: boolean;
-}
-/**
- * Identity state for multi-key management
- * First passkey registered becomes the immutable identity root
- */
-interface IdentityState {
-    /** Identity key hash (first passkey's keyHash) */
-    identity: string;
-    /** Number of authorized keys */
-    keyCount: number;
-    /** Maximum allowed keys per identity */
-    maxKeys: number;
-    /** Whether the specified key is the root identity */
-    isRoot: boolean;
-}
-/**
- * Result from registering a backup passkey
- */
-interface AddBackupKeyResult {
-    /** Transaction hash on Hub chain */
-    transactionHash: string;
-    /** Wormhole sequence number for cross-chain sync */
-    sequence: bigint;
-    /** The identity the key was added to */
-    identity: string;
-    /** The new key hash that was added */
-    newKeyHash: string;
-    /** Total number of keys after addition */
-    keyCount: number;
-}
-/**
- * Result from removing a passkey
- */
-interface RemoveKeyResult {
-    /** Transaction hash on Hub chain */
-    transactionHash: string;
-    /** Wormhole sequence number for cross-chain sync */
-    sequence: bigint;
-    /** The identity the key was removed from */
-    identity: string;
-    /** The key hash that was removed */
-    removedKeyHash: string;
-    /** Remaining number of keys after removal */
-    keyCount: number;
-}
-/**
- * Authorized key information
- */
-interface AuthorizedKey {
-    /** Key hash of the authorized passkey */
-    keyHash: string;
-    /** Whether this key is the root identity key */
-    isRoot: boolean;
-}
-/**
- * Guardian configuration for an identity
- */
-interface GuardianConfig {
-    /** Array of guardian key hashes */
-    guardians: string[];
-    /** Required approvals for recovery (M-of-N) */
-    threshold: bigint;
-    /** Whether guardians have been configured */
-    isConfigured: boolean;
-}
-/**
- * Recovery status for an identity
- */
-interface RecoveryStatus {
-    /** Whether a recovery is currently active */
-    isActive: boolean;
-    /** Proposed new owner key hash */
-    newOwnerKeyHash: string;
-    /** Timestamp when recovery was initiated */
-    initiatedAt: bigint;
-    /** Current number of guardian approvals */
-    approvalCount: bigint;
-    /** Required approvals for recovery */
-    threshold: bigint;
-    /** Timestamp when recovery can be executed (after timelock) */
-    canExecuteAt: bigint;
-    /** Timestamp when recovery expires */
-    expiresAt: bigint;
-}
-/**
- * Result from setting up guardians
- */
-interface SetupGuardiansResult {
-    /** Transaction hash on Hub chain */
-    transactionHash: string;
-    /** Wormhole sequence number for cross-chain sync */
-    sequence: bigint;
-    /** The identity guardians were set up for */
-    identity: string;
-    /** Array of guardian key hashes */
-    guardians: string[];
-    /** Required approvals for recovery */
-    threshold: bigint;
-}
-/**
- * Result from adding a guardian
- */
-interface AddGuardianResult {
-    /** Transaction hash on Hub chain */
-    transactionHash: string;
-    /** Wormhole sequence number for cross-chain sync */
-    sequence: bigint;
-    /** The identity the guardian was added to */
-    identity: string;
-    /** The guardian key hash that was added */
-    guardianKeyHash: string;
-}
-/**
- * Result from removing a guardian
- */
-interface RemoveGuardianResult {
-    /** Transaction hash on Hub chain */
-    transactionHash: string;
-    /** Wormhole sequence number for cross-chain sync */
-    sequence: bigint;
-    /** The identity the guardian was removed from */
-    identity: string;
-    /** The guardian key hash that was removed */
-    guardianKeyHash: string;
-}
-/**
- * Result from initiating recovery
- */
-interface InitiateRecoveryResult {
-    /** Transaction hash on Hub chain */
-    transactionHash: string;
-    /** Wormhole sequence number for cross-chain sync */
-    sequence: bigint;
-    /** The identity being recovered */
-    identity: string;
-    /** Proposed new owner key hash */
-    newOwnerKeyHash: string;
-    /** Timestamp when recovery can be executed */
-    canExecuteAt: bigint;
-}
-/**
- * Result from approving recovery
- */
-interface ApproveRecoveryResult {
-    /** Transaction hash on Hub chain */
-    transactionHash: string;
-    /** Wormhole sequence number for cross-chain sync */
-    sequence: bigint;
-    /** The identity being recovered */
-    identity: string;
-    /** The guardian who approved */
-    guardianKeyHash: string;
-    /** Current approval count */
-    approvalCount: bigint;
-    /** Required approvals */
-    threshold: bigint;
-}
-/**
- * Result from executing recovery
- */
-interface ExecuteRecoveryResult {
-    /** Transaction hash on Hub chain */
-    transactionHash: string;
-    /** Wormhole sequence number for cross-chain sync */
-    sequence: bigint;
-    /** The identity that was recovered */
-    identity: string;
-    /** The new owner key hash */
-    newOwnerKeyHash: string;
-}
-/**
- * Result from cancelling recovery
- */
-interface CancelRecoveryResult {
-    /** Transaction hash on Hub chain */
-    transactionHash: string;
-    /** Wormhole sequence number for cross-chain sync */
-    sequence: bigint;
-    /** The identity whose recovery was cancelled */
-    identity: string;
-}
-interface ExecuteAction {
-    type: 'execute';
-    target: string;
-    value: bigint;
-    data: string;
-}
-interface ConfigAction {
-    type: 'config';
-    configType: number;
-    configData: string;
-}
-type ActionPayload = TransferAction | BridgeAction | ExecuteAction | ConfigAction | {
-    type: string;
-    raw: string;
-};
-interface VAA {
-    version: number;
-    guardianSetIndex: number;
-    signatures: VAASignature[];
-    timestamp: number;
-    nonce: number;
-    emitterChain: number;
-    emitterAddress: string;
-    sequence: bigint;
-    consistencyLevel: number;
-    payload: string;
-    hash: string;
-}
-interface VAASignature {
-    guardianIndex: number;
-    signature: string;
-}
-interface VeridexPayload {
-    version: number;
-    userKeyHash: string;
-    targetChain: number;
-    nonce: bigint;
-    publicKeyX: bigint;
-    publicKeyY: bigint;
-    actionPayload: string;
-}
-interface VaultInfo {
-    address: string;
-    ownerKeyHash: string;
-    chain: string;
-    wormholeChainId: number;
-}
-interface TestResult {
-    success: boolean;
-    sourceChain: string;
-    targetChain: string;
-    txHash?: string;
-    vaaSequence?: bigint;
-    error?: string;
-    duration?: number;
-}
-
-export type { ActionPayload, AddBackupKeyResult, AddGuardianResult, ApproveRecoveryResult, AuthorizedKey, BridgeAction, BridgeParams, CancelRecoveryResult, ChainConfig, ConfigAction, DispatchResult, ExecuteAction, ExecuteParams, ExecuteRecoveryResult, ExecutionPath, GuardianConfig, IdentityState, InitiateRecoveryResult, PasskeyCredential, QueryProof, QuerySubmissionResult, RecoveryStatus, RegisterSessionParams, RemoveGuardianResult, RemoveKeyResult, RevokeSessionParams, SessionKey, SessionValidationResult, SetupGuardiansResult, TestResult, TransferAction, TransferParams, VAA, VAASignature, VaultInfo, VeridexConfig, VeridexPayload, WebAuthnSignature };

package/dist/utils.d.ts

@@ -1,81 +0,0 @@
-import { ChainConfig } from './types.js';
-
-/**
- * Veridex Protocol SDK - Utility Functions
- */
-
-/**
- * Base64URL encode a buffer
- */
-declare function base64URLEncode(buffer: Uint8Array): string;
-/**
- * Base64URL decode a string
- */
-declare function base64URLDecode(str: string): Uint8Array;
-/**
- * Parse DER-encoded ECDSA signature to r and s values
- */
-declare function parseDERSignature(signature: Uint8Array): {
-    r: Uint8Array;
-    s: Uint8Array;
-};
-/**
- * Encode signature for Solidity verification
- */
-declare function encodeSignatureForSolidity(r: bigint, s: bigint): string;
-/**
- * Compute key hash from public key coordinates
- */
-declare function computeKeyHash(publicKeyX: bigint, publicKeyY: bigint): string;
-/**
- * Get chain config by name
- */
-declare function getChainConfig(chainName: string, testnet?: boolean): ChainConfig | undefined;
-/**
- * Get chain config by Wormhole chain ID
- */
-declare function getChainByWormholeId(wormholeChainId: number, testnet?: boolean): ChainConfig | undefined;
-/**
- * Get chain config by EVM chain ID
- */
-declare function getChainByEvmId(evmChainId: number, testnet?: boolean): ChainConfig | undefined;
-/**
- * Check if a chain is EVM-compatible
- */
-declare function isEvmChain(wormholeChainId: number): boolean;
-/**
- * Get all supported chains
- */
-declare function getSupportedChains(testnet?: boolean): ChainConfig[];
-/**
- * Get transaction explorer URL
- */
-declare function getTxExplorerUrl(chain: ChainConfig, txHash: string): string;
-/**
- * Get address explorer URL
- */
-declare function getAddressExplorerUrl(chain: ChainConfig, address: string): string;
-/**
- * Validate an EVM address
- */
-declare function isValidEvmAddress(address: string): boolean;
-/**
- * Validate a bytes32 hex string
- */
-declare function isValidBytes32(hex: string): boolean;
-/**
- * Validate a Wormhole chain ID
- */
-declare function isValidWormholeChainId(chainId: number): boolean;
-/**
- * Retry a function with exponential backoff
- */
-declare function retryWithBackoff<T>(fn: () => Promise<T>, options?: {
-    maxRetries?: number;
-    initialDelayMs?: number;
-    maxDelayMs?: number;
-    backoffMultiplier?: number;
-    onRetry?: (attempt: number, error: Error) => void;
-}): Promise<T>;
-
-export { base64URLDecode, base64URLEncode, computeKeyHash, encodeSignatureForSolidity, getAddressExplorerUrl, getChainByEvmId, getChainByWormholeId, getChainConfig, getSupportedChains, getTxExplorerUrl, isEvmChain, isValidBytes32, isValidEvmAddress, isValidWormholeChainId, parseDERSignature, retryWithBackoff };