@waiaas/daemon 2.11.0-rc.8 → 2.11.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (414) hide show
  1. package/README.md +5 -5
  2. package/dist/api/middleware/address-validation.d.ts +6 -33
  3. package/dist/api/middleware/address-validation.d.ts.map +1 -1
  4. package/dist/api/middleware/address-validation.js +5 -129
  5. package/dist/api/middleware/address-validation.js.map +1 -1
  6. package/dist/api/middleware/host-guard.d.ts +1 -1
  7. package/dist/api/middleware/host-guard.js +2 -2
  8. package/dist/api/middleware/host-guard.js.map +1 -1
  9. package/dist/api/middleware/index.d.ts +1 -0
  10. package/dist/api/middleware/index.d.ts.map +1 -1
  11. package/dist/api/middleware/index.js +1 -0
  12. package/dist/api/middleware/index.js.map +1 -1
  13. package/dist/api/middleware/master-auth.d.ts +2 -5
  14. package/dist/api/middleware/master-auth.d.ts.map +1 -1
  15. package/dist/api/middleware/master-auth.js.map +1 -1
  16. package/dist/api/middleware/rate-limiter.d.ts +51 -0
  17. package/dist/api/middleware/rate-limiter.d.ts.map +1 -0
  18. package/dist/api/middleware/rate-limiter.js +146 -0
  19. package/dist/api/middleware/rate-limiter.js.map +1 -0
  20. package/dist/api/middleware/siwe-verify.d.ts +6 -26
  21. package/dist/api/middleware/siwe-verify.d.ts.map +1 -1
  22. package/dist/api/middleware/siwe-verify.js +5 -50
  23. package/dist/api/middleware/siwe-verify.js.map +1 -1
  24. package/dist/api/routes/actions.d.ts +1 -0
  25. package/dist/api/routes/actions.d.ts.map +1 -1
  26. package/dist/api/routes/actions.js +52 -4
  27. package/dist/api/routes/actions.js.map +1 -1
  28. package/dist/api/routes/admin-actions.d.ts +1 -0
  29. package/dist/api/routes/admin-actions.d.ts.map +1 -1
  30. package/dist/api/routes/admin-actions.js +3 -3
  31. package/dist/api/routes/admin-actions.js.map +1 -1
  32. package/dist/api/routes/admin-auth.d.ts.map +1 -1
  33. package/dist/api/routes/admin-auth.js +12 -7
  34. package/dist/api/routes/admin-auth.js.map +1 -1
  35. package/dist/api/routes/admin-credentials.js +2 -2
  36. package/dist/api/routes/admin-credentials.js.map +1 -1
  37. package/dist/api/routes/admin-monitoring.d.ts +10 -0
  38. package/dist/api/routes/admin-monitoring.d.ts.map +1 -1
  39. package/dist/api/routes/admin-monitoring.js +59 -14
  40. package/dist/api/routes/admin-monitoring.js.map +1 -1
  41. package/dist/api/routes/admin-notifications.d.ts.map +1 -1
  42. package/dist/api/routes/admin-notifications.js +2 -15
  43. package/dist/api/routes/admin-notifications.js.map +1 -1
  44. package/dist/api/routes/admin-settings.d.ts.map +1 -1
  45. package/dist/api/routes/admin-settings.js +90 -1
  46. package/dist/api/routes/admin-settings.js.map +1 -1
  47. package/dist/api/routes/admin-wallets.d.ts +16 -1
  48. package/dist/api/routes/admin-wallets.d.ts.map +1 -1
  49. package/dist/api/routes/admin-wallets.js +64 -75
  50. package/dist/api/routes/admin-wallets.js.map +1 -1
  51. package/dist/api/routes/admin.d.ts +1 -0
  52. package/dist/api/routes/admin.d.ts.map +1 -1
  53. package/dist/api/routes/admin.js.map +1 -1
  54. package/dist/api/routes/credentials.js +2 -2
  55. package/dist/api/routes/credentials.js.map +1 -1
  56. package/dist/api/routes/defi-positions.js.map +1 -1
  57. package/dist/api/routes/nfts.js.map +1 -1
  58. package/dist/api/routes/openapi-schemas.d.ts +412 -12
  59. package/dist/api/routes/openapi-schemas.d.ts.map +1 -1
  60. package/dist/api/routes/openapi-schemas.js +38 -5
  61. package/dist/api/routes/openapi-schemas.js.map +1 -1
  62. package/dist/api/routes/policies.d.ts +2 -0
  63. package/dist/api/routes/policies.d.ts.map +1 -1
  64. package/dist/api/routes/policies.js +55 -6
  65. package/dist/api/routes/policies.js.map +1 -1
  66. package/dist/api/routes/rpc-proxy.js.map +1 -1
  67. package/dist/api/routes/sessions.d.ts.map +1 -1
  68. package/dist/api/routes/sessions.js +47 -28
  69. package/dist/api/routes/sessions.js.map +1 -1
  70. package/dist/api/routes/staking.d.ts.map +1 -1
  71. package/dist/api/routes/staking.js +4 -76
  72. package/dist/api/routes/staking.js.map +1 -1
  73. package/dist/api/routes/tokens.d.ts.map +1 -1
  74. package/dist/api/routes/tokens.js.map +1 -1
  75. package/dist/api/routes/transactions.d.ts +1 -0
  76. package/dist/api/routes/transactions.d.ts.map +1 -1
  77. package/dist/api/routes/transactions.js +8 -2
  78. package/dist/api/routes/transactions.js.map +1 -1
  79. package/dist/api/routes/userop.d.ts.map +1 -1
  80. package/dist/api/routes/userop.js +0 -2
  81. package/dist/api/routes/userop.js.map +1 -1
  82. package/dist/api/routes/wallet-apps.d.ts.map +1 -1
  83. package/dist/api/routes/wallet-apps.js +20 -13
  84. package/dist/api/routes/wallet-apps.js.map +1 -1
  85. package/dist/api/routes/wallet.js.map +1 -1
  86. package/dist/api/routes/wallets.d.ts.map +1 -1
  87. package/dist/api/routes/wallets.js +3 -0
  88. package/dist/api/routes/wallets.js.map +1 -1
  89. package/dist/api/routes/wc.d.ts.map +1 -1
  90. package/dist/api/routes/wc.js +13 -8
  91. package/dist/api/routes/wc.js.map +1 -1
  92. package/dist/api/routes/x402.d.ts.map +1 -1
  93. package/dist/api/routes/x402.js +1 -2
  94. package/dist/api/routes/x402.js.map +1 -1
  95. package/dist/api/server.d.ts +8 -4
  96. package/dist/api/server.d.ts.map +1 -1
  97. package/dist/api/server.js +46 -5
  98. package/dist/api/server.js.map +1 -1
  99. package/dist/constants.d.ts +1 -1
  100. package/dist/constants.d.ts.map +1 -1
  101. package/dist/constants.js +1 -1
  102. package/dist/constants.js.map +1 -1
  103. package/dist/infrastructure/action/action-provider-registry.d.ts.map +1 -1
  104. package/dist/infrastructure/action/action-provider-registry.js +2 -3
  105. package/dist/infrastructure/action/action-provider-registry.js.map +1 -1
  106. package/dist/infrastructure/action/builtin-metadata.d.ts +22 -0
  107. package/dist/infrastructure/action/builtin-metadata.d.ts.map +1 -0
  108. package/dist/infrastructure/action/builtin-metadata.js +29 -0
  109. package/dist/infrastructure/action/builtin-metadata.js.map +1 -0
  110. package/dist/infrastructure/adapter-pool.d.ts +2 -1
  111. package/dist/infrastructure/adapter-pool.d.ts.map +1 -1
  112. package/dist/infrastructure/adapter-pool.js.map +1 -1
  113. package/dist/infrastructure/auth/address-validation.d.ts +38 -0
  114. package/dist/infrastructure/auth/address-validation.d.ts.map +1 -0
  115. package/dist/infrastructure/auth/address-validation.js +134 -0
  116. package/dist/infrastructure/auth/address-validation.js.map +1 -0
  117. package/dist/infrastructure/auth/siwe-verify.d.ts +34 -0
  118. package/dist/infrastructure/auth/siwe-verify.d.ts.map +1 -0
  119. package/dist/infrastructure/auth/siwe-verify.js +58 -0
  120. package/dist/infrastructure/auth/siwe-verify.js.map +1 -0
  121. package/dist/infrastructure/auth/types.d.ts +12 -0
  122. package/dist/infrastructure/auth/types.d.ts.map +1 -0
  123. package/dist/infrastructure/auth/types.js +8 -0
  124. package/dist/infrastructure/auth/types.js.map +1 -0
  125. package/dist/infrastructure/config/loader.d.ts +1 -10
  126. package/dist/infrastructure/config/loader.d.ts.map +1 -1
  127. package/dist/infrastructure/config/loader.js +0 -2
  128. package/dist/infrastructure/config/loader.js.map +1 -1
  129. package/dist/infrastructure/database/migrate.d.ts +6 -18
  130. package/dist/infrastructure/database/migrate.d.ts.map +1 -1
  131. package/dist/infrastructure/database/migrate.js +25 -2856
  132. package/dist/infrastructure/database/migrate.js.map +1 -1
  133. package/dist/infrastructure/database/migrations/v11-v20.d.ts +17 -0
  134. package/dist/infrastructure/database/migrations/v11-v20.d.ts.map +1 -0
  135. package/dist/infrastructure/database/migrations/v11-v20.js +295 -0
  136. package/dist/infrastructure/database/migrations/v11-v20.js.map +1 -0
  137. package/dist/infrastructure/database/migrations/v2-v10.d.ts +16 -0
  138. package/dist/infrastructure/database/migrations/v2-v10.d.ts.map +1 -0
  139. package/dist/infrastructure/database/migrations/v2-v10.js +539 -0
  140. package/dist/infrastructure/database/migrations/v2-v10.js.map +1 -0
  141. package/dist/infrastructure/database/migrations/v21-v30.d.ts +17 -0
  142. package/dist/infrastructure/database/migrations/v21-v30.d.ts.map +1 -0
  143. package/dist/infrastructure/database/migrations/v21-v30.js +507 -0
  144. package/dist/infrastructure/database/migrations/v21-v30.js.map +1 -0
  145. package/dist/infrastructure/database/migrations/v31-v40.d.ts +17 -0
  146. package/dist/infrastructure/database/migrations/v31-v40.d.ts.map +1 -0
  147. package/dist/infrastructure/database/migrations/v31-v40.js +203 -0
  148. package/dist/infrastructure/database/migrations/v31-v40.js.map +1 -0
  149. package/dist/infrastructure/database/migrations/v41-v50.d.ts +17 -0
  150. package/dist/infrastructure/database/migrations/v41-v50.d.ts.map +1 -0
  151. package/dist/infrastructure/database/migrations/v41-v50.js +188 -0
  152. package/dist/infrastructure/database/migrations/v41-v50.js.map +1 -0
  153. package/dist/infrastructure/database/migrations/v51-v59.d.ts +17 -0
  154. package/dist/infrastructure/database/migrations/v51-v59.d.ts.map +1 -0
  155. package/dist/infrastructure/database/migrations/v51-v59.js +420 -0
  156. package/dist/infrastructure/database/migrations/v51-v59.js.map +1 -0
  157. package/dist/infrastructure/database/schema-ddl.d.ts +24 -0
  158. package/dist/infrastructure/database/schema-ddl.d.ts.map +1 -0
  159. package/dist/infrastructure/database/schema-ddl.js +596 -0
  160. package/dist/infrastructure/database/schema-ddl.js.map +1 -0
  161. package/dist/infrastructure/database/schema.d.ts +38 -0
  162. package/dist/infrastructure/database/schema.d.ts.map +1 -1
  163. package/dist/infrastructure/database/schema.js +2 -0
  164. package/dist/infrastructure/database/schema.js.map +1 -1
  165. package/dist/infrastructure/jwt/jwt-secret-manager.d.ts.map +1 -1
  166. package/dist/infrastructure/jwt/jwt-secret-manager.js +16 -3
  167. package/dist/infrastructure/jwt/jwt-secret-manager.js.map +1 -1
  168. package/dist/infrastructure/nft/alchemy-nft-indexer.d.ts.map +1 -1
  169. package/dist/infrastructure/nft/alchemy-nft-indexer.js +0 -1
  170. package/dist/infrastructure/nft/alchemy-nft-indexer.js.map +1 -1
  171. package/dist/infrastructure/nft/helius-nft-indexer.d.ts.map +1 -1
  172. package/dist/infrastructure/nft/helius-nft-indexer.js +1 -2
  173. package/dist/infrastructure/nft/helius-nft-indexer.js.map +1 -1
  174. package/dist/infrastructure/nft/nft-indexer-client.d.ts.map +1 -1
  175. package/dist/infrastructure/nft/nft-indexer-client.js +0 -2
  176. package/dist/infrastructure/nft/nft-indexer-client.js.map +1 -1
  177. package/dist/infrastructure/security/ssrf-guard.d.ts +33 -0
  178. package/dist/infrastructure/security/ssrf-guard.d.ts.map +1 -0
  179. package/dist/infrastructure/security/ssrf-guard.js +244 -0
  180. package/dist/infrastructure/security/ssrf-guard.js.map +1 -0
  181. package/dist/infrastructure/settings/hot-reload.d.ts +1 -1
  182. package/dist/infrastructure/settings/hot-reload.d.ts.map +1 -1
  183. package/dist/infrastructure/settings/hot-reload.js +0 -2
  184. package/dist/infrastructure/settings/hot-reload.js.map +1 -1
  185. package/dist/infrastructure/settings/index.d.ts +2 -2
  186. package/dist/infrastructure/settings/index.d.ts.map +1 -1
  187. package/dist/infrastructure/settings/index.js +1 -1
  188. package/dist/infrastructure/settings/index.js.map +1 -1
  189. package/dist/infrastructure/settings/setting-keys.d.ts +14 -0
  190. package/dist/infrastructure/settings/setting-keys.d.ts.map +1 -1
  191. package/dist/infrastructure/settings/setting-keys.js +296 -214
  192. package/dist/infrastructure/settings/setting-keys.js.map +1 -1
  193. package/dist/infrastructure/settings/settings-service.d.ts +6 -1
  194. package/dist/infrastructure/settings/settings-service.d.ts.map +1 -1
  195. package/dist/infrastructure/settings/settings-service.js +15 -5
  196. package/dist/infrastructure/settings/settings-service.js.map +1 -1
  197. package/dist/infrastructure/telegram/telegram-bot-service.d.ts.map +1 -1
  198. package/dist/infrastructure/telegram/telegram-bot-service.js +3 -2
  199. package/dist/infrastructure/telegram/telegram-bot-service.js.map +1 -1
  200. package/dist/infrastructure/token-registry/builtin-tokens.d.ts.map +1 -1
  201. package/dist/infrastructure/token-registry/builtin-tokens.js +4 -7
  202. package/dist/infrastructure/token-registry/builtin-tokens.js.map +1 -1
  203. package/dist/lifecycle/daemon-pipeline.d.ts +49 -0
  204. package/dist/lifecycle/daemon-pipeline.d.ts.map +1 -0
  205. package/dist/lifecycle/daemon-pipeline.js +281 -0
  206. package/dist/lifecycle/daemon-pipeline.js.map +1 -0
  207. package/dist/lifecycle/daemon-shutdown.d.ts +14 -0
  208. package/dist/lifecycle/daemon-shutdown.d.ts.map +1 -0
  209. package/dist/lifecycle/daemon-shutdown.js +176 -0
  210. package/dist/lifecycle/daemon-shutdown.js.map +1 -0
  211. package/dist/lifecycle/daemon-startup.d.ts +15 -0
  212. package/dist/lifecycle/daemon-startup.d.ts.map +1 -0
  213. package/dist/lifecycle/daemon-startup.js +1527 -0
  214. package/dist/lifecycle/daemon-startup.js.map +1 -0
  215. package/dist/lifecycle/daemon.d.ts +171 -114
  216. package/dist/lifecycle/daemon.d.ts.map +1 -1
  217. package/dist/lifecycle/daemon.js +22 -1904
  218. package/dist/lifecycle/daemon.js.map +1 -1
  219. package/dist/notifications/channels/discord.d.ts.map +1 -1
  220. package/dist/notifications/channels/discord.js +1 -0
  221. package/dist/notifications/channels/discord.js.map +1 -1
  222. package/dist/notifications/channels/slack.d.ts.map +1 -1
  223. package/dist/notifications/channels/slack.js +1 -0
  224. package/dist/notifications/channels/slack.js.map +1 -1
  225. package/dist/notifications/index.d.ts +0 -1
  226. package/dist/notifications/index.d.ts.map +1 -1
  227. package/dist/notifications/index.js +0 -1
  228. package/dist/notifications/index.js.map +1 -1
  229. package/dist/notifications/notification-service.d.ts.map +1 -1
  230. package/dist/notifications/notification-service.js +8 -6
  231. package/dist/notifications/notification-service.js.map +1 -1
  232. package/dist/pipeline/database-policy-engine.d.ts +18 -438
  233. package/dist/pipeline/database-policy-engine.d.ts.map +1 -1
  234. package/dist/pipeline/database-policy-engine.js +154 -1321
  235. package/dist/pipeline/database-policy-engine.js.map +1 -1
  236. package/dist/pipeline/dry-run.d.ts +5 -2
  237. package/dist/pipeline/dry-run.d.ts.map +1 -1
  238. package/dist/pipeline/dry-run.js +102 -8
  239. package/dist/pipeline/dry-run.js.map +1 -1
  240. package/dist/pipeline/evaluators/allowed-tokens.d.ts +28 -0
  241. package/dist/pipeline/evaluators/allowed-tokens.d.ts.map +1 -0
  242. package/dist/pipeline/evaluators/allowed-tokens.js +129 -0
  243. package/dist/pipeline/evaluators/allowed-tokens.js.map +1 -0
  244. package/dist/pipeline/evaluators/approved-spenders.d.ts +26 -0
  245. package/dist/pipeline/evaluators/approved-spenders.d.ts.map +1 -0
  246. package/dist/pipeline/evaluators/approved-spenders.js +115 -0
  247. package/dist/pipeline/evaluators/approved-spenders.js.map +1 -0
  248. package/dist/pipeline/evaluators/contract-whitelist.d.ts +28 -0
  249. package/dist/pipeline/evaluators/contract-whitelist.d.ts.map +1 -0
  250. package/dist/pipeline/evaluators/contract-whitelist.js +168 -0
  251. package/dist/pipeline/evaluators/contract-whitelist.js.map +1 -0
  252. package/dist/pipeline/evaluators/helpers.d.ts +9 -0
  253. package/dist/pipeline/evaluators/helpers.d.ts.map +1 -0
  254. package/dist/pipeline/evaluators/helpers.js +13 -0
  255. package/dist/pipeline/evaluators/helpers.js.map +1 -0
  256. package/dist/pipeline/evaluators/lending-asset-whitelist.d.ts +18 -0
  257. package/dist/pipeline/evaluators/lending-asset-whitelist.d.ts.map +1 -0
  258. package/dist/pipeline/evaluators/lending-asset-whitelist.js +44 -0
  259. package/dist/pipeline/evaluators/lending-asset-whitelist.js.map +1 -0
  260. package/dist/pipeline/evaluators/lending-ltv-limit.d.ts +24 -0
  261. package/dist/pipeline/evaluators/lending-ltv-limit.d.ts.map +1 -0
  262. package/dist/pipeline/evaluators/lending-ltv-limit.js +130 -0
  263. package/dist/pipeline/evaluators/lending-ltv-limit.js.map +1 -0
  264. package/dist/pipeline/evaluators/spending-limit.d.ts +46 -0
  265. package/dist/pipeline/evaluators/spending-limit.d.ts.map +1 -0
  266. package/dist/pipeline/evaluators/spending-limit.js +241 -0
  267. package/dist/pipeline/evaluators/spending-limit.js.map +1 -0
  268. package/dist/pipeline/evaluators/types.d.ts +71 -0
  269. package/dist/pipeline/evaluators/types.d.ts.map +1 -0
  270. package/dist/pipeline/evaluators/types.js +7 -0
  271. package/dist/pipeline/evaluators/types.js.map +1 -0
  272. package/dist/pipeline/external-action-pipeline.js.map +1 -1
  273. package/dist/pipeline/gas-condition-tracker.d.ts +1 -1
  274. package/dist/pipeline/gas-condition-tracker.js +1 -1
  275. package/dist/pipeline/pipeline-helpers.d.ts +146 -0
  276. package/dist/pipeline/pipeline-helpers.d.ts.map +1 -0
  277. package/dist/pipeline/pipeline-helpers.js +260 -0
  278. package/dist/pipeline/pipeline-helpers.js.map +1 -0
  279. package/dist/pipeline/pipeline.d.ts +1 -0
  280. package/dist/pipeline/pipeline.d.ts.map +1 -1
  281. package/dist/pipeline/pipeline.js +3 -2
  282. package/dist/pipeline/pipeline.js.map +1 -1
  283. package/dist/pipeline/resolve-effective-amount-usd.d.ts.map +1 -1
  284. package/dist/pipeline/resolve-effective-amount-usd.js +4 -10
  285. package/dist/pipeline/resolve-effective-amount-usd.js.map +1 -1
  286. package/dist/pipeline/sign-message.js +1 -1
  287. package/dist/pipeline/sign-message.js.map +1 -1
  288. package/dist/pipeline/sleep.d.ts +1 -5
  289. package/dist/pipeline/sleep.d.ts.map +1 -1
  290. package/dist/pipeline/sleep.js +2 -7
  291. package/dist/pipeline/sleep.js.map +1 -1
  292. package/dist/pipeline/stage1-validate.d.ts +8 -0
  293. package/dist/pipeline/stage1-validate.d.ts.map +1 -0
  294. package/dist/pipeline/stage1-validate.js +69 -0
  295. package/dist/pipeline/stage1-validate.js.map +1 -0
  296. package/dist/pipeline/stage2-auth.d.ts +12 -0
  297. package/dist/pipeline/stage2-auth.d.ts.map +1 -0
  298. package/dist/pipeline/stage2-auth.js +18 -0
  299. package/dist/pipeline/stage2-auth.js.map +1 -0
  300. package/dist/pipeline/stage3-policy.d.ts +26 -0
  301. package/dist/pipeline/stage3-policy.d.ts.map +1 -0
  302. package/dist/pipeline/stage3-policy.js +384 -0
  303. package/dist/pipeline/stage3-policy.js.map +1 -0
  304. package/dist/pipeline/stage4-wait.d.ts +8 -0
  305. package/dist/pipeline/stage4-wait.d.ts.map +1 -0
  306. package/dist/pipeline/stage4-wait.js +87 -0
  307. package/dist/pipeline/stage4-wait.js.map +1 -0
  308. package/dist/pipeline/stage5-execute.d.ts +120 -0
  309. package/dist/pipeline/stage5-execute.d.ts.map +1 -0
  310. package/dist/pipeline/stage5-execute.js +1070 -0
  311. package/dist/pipeline/stage5-execute.js.map +1 -0
  312. package/dist/pipeline/stage6-confirm.d.ts +11 -0
  313. package/dist/pipeline/stage6-confirm.d.ts.map +1 -0
  314. package/dist/pipeline/stage6-confirm.js +110 -0
  315. package/dist/pipeline/stage6-confirm.js.map +1 -0
  316. package/dist/pipeline/stages.d.ts +11 -245
  317. package/dist/pipeline/stages.d.ts.map +1 -1
  318. package/dist/pipeline/stages.js +11 -1896
  319. package/dist/pipeline/stages.js.map +1 -1
  320. package/dist/rpc-proxy/sync-pipeline.js +2 -2
  321. package/dist/rpc-proxy/sync-pipeline.js.map +1 -1
  322. package/dist/services/autostop/autostop-service.d.ts +4 -1
  323. package/dist/services/autostop/autostop-service.d.ts.map +1 -1
  324. package/dist/services/autostop/autostop-service.js +27 -7
  325. package/dist/services/autostop/autostop-service.js.map +1 -1
  326. package/dist/services/defi/position-tracker.d.ts +5 -0
  327. package/dist/services/defi/position-tracker.d.ts.map +1 -1
  328. package/dist/services/defi/position-tracker.js +41 -6
  329. package/dist/services/defi/position-tracker.js.map +1 -1
  330. package/dist/services/defi/position-write-queue.d.ts.map +1 -1
  331. package/dist/services/defi/position-write-queue.js +3 -2
  332. package/dist/services/defi/position-write-queue.js.map +1 -1
  333. package/dist/services/incoming/__tests__/integration-wiring.test.js +58 -0
  334. package/dist/services/incoming/__tests__/integration-wiring.test.js.map +1 -1
  335. package/dist/services/incoming/incoming-tx-monitor-service.d.ts.map +1 -1
  336. package/dist/services/incoming/incoming-tx-monitor-service.js +11 -14
  337. package/dist/services/incoming/incoming-tx-monitor-service.js.map +1 -1
  338. package/dist/services/incoming/incoming-tx-workers.d.ts +2 -2
  339. package/dist/services/incoming/incoming-tx-workers.d.ts.map +1 -1
  340. package/dist/services/incoming/incoming-tx-workers.js +1 -1
  341. package/dist/services/incoming/incoming-tx-workers.js.map +1 -1
  342. package/dist/services/incoming/safety-rules.d.ts.map +1 -1
  343. package/dist/services/incoming/safety-rules.js +3 -2
  344. package/dist/services/incoming/safety-rules.js.map +1 -1
  345. package/dist/services/incoming/subscription-multiplexer.d.ts +2 -6
  346. package/dist/services/incoming/subscription-multiplexer.d.ts.map +1 -1
  347. package/dist/services/incoming/subscription-multiplexer.js +1 -3
  348. package/dist/services/incoming/subscription-multiplexer.js.map +1 -1
  349. package/dist/services/monitoring/balance-monitor-service.d.ts.map +1 -1
  350. package/dist/services/monitoring/balance-monitor-service.js +2 -2
  351. package/dist/services/monitoring/balance-monitor-service.js.map +1 -1
  352. package/dist/services/signing-sdk/approval-channel-router.d.ts +7 -7
  353. package/dist/services/signing-sdk/approval-channel-router.d.ts.map +1 -1
  354. package/dist/services/signing-sdk/approval-channel-router.js +13 -13
  355. package/dist/services/signing-sdk/approval-channel-router.js.map +1 -1
  356. package/dist/services/signing-sdk/channels/index.d.ts +2 -2
  357. package/dist/services/signing-sdk/channels/index.d.ts.map +1 -1
  358. package/dist/services/signing-sdk/channels/index.js +1 -1
  359. package/dist/services/signing-sdk/channels/index.js.map +1 -1
  360. package/dist/services/signing-sdk/channels/push-relay-signing-channel.d.ts +59 -0
  361. package/dist/services/signing-sdk/channels/push-relay-signing-channel.d.ts.map +1 -0
  362. package/dist/services/signing-sdk/channels/push-relay-signing-channel.js +190 -0
  363. package/dist/services/signing-sdk/channels/push-relay-signing-channel.js.map +1 -0
  364. package/dist/services/signing-sdk/channels/telegram-signing-channel.d.ts +1 -1
  365. package/dist/services/signing-sdk/channels/telegram-signing-channel.js +1 -1
  366. package/dist/services/signing-sdk/channels/wallet-notification-channel.d.ts +6 -7
  367. package/dist/services/signing-sdk/channels/wallet-notification-channel.d.ts.map +1 -1
  368. package/dist/services/signing-sdk/channels/wallet-notification-channel.js +38 -55
  369. package/dist/services/signing-sdk/channels/wallet-notification-channel.js.map +1 -1
  370. package/dist/services/signing-sdk/index.d.ts +3 -3
  371. package/dist/services/signing-sdk/index.d.ts.map +1 -1
  372. package/dist/services/signing-sdk/index.js +2 -2
  373. package/dist/services/signing-sdk/index.js.map +1 -1
  374. package/dist/services/signing-sdk/preset-auto-setup.js +2 -2
  375. package/dist/services/signing-sdk/preset-auto-setup.js.map +1 -1
  376. package/dist/services/signing-sdk/sign-request-builder.d.ts +2 -2
  377. package/dist/services/signing-sdk/sign-request-builder.d.ts.map +1 -1
  378. package/dist/services/signing-sdk/sign-request-builder.js +17 -25
  379. package/dist/services/signing-sdk/sign-request-builder.js.map +1 -1
  380. package/dist/services/signing-sdk/wallet-app-service.d.ts +4 -0
  381. package/dist/services/signing-sdk/wallet-app-service.d.ts.map +1 -1
  382. package/dist/services/signing-sdk/wallet-app-service.js +12 -5
  383. package/dist/services/signing-sdk/wallet-app-service.js.map +1 -1
  384. package/dist/services/staking/aggregate-staking-balance.d.ts +24 -0
  385. package/dist/services/staking/aggregate-staking-balance.d.ts.map +1 -0
  386. package/dist/services/staking/aggregate-staking-balance.js +82 -0
  387. package/dist/services/staking/aggregate-staking-balance.js.map +1 -0
  388. package/dist/services/wc-session-service.d.ts.map +1 -1
  389. package/dist/services/wc-session-service.js +2 -1
  390. package/dist/services/wc-session-service.js.map +1 -1
  391. package/dist/services/wc-signing-bridge.js +2 -2
  392. package/dist/services/wc-signing-bridge.js.map +1 -1
  393. package/dist/services/x402/payment-signer.d.ts.map +1 -1
  394. package/dist/services/x402/payment-signer.js +2 -5
  395. package/dist/services/x402/payment-signer.js.map +1 -1
  396. package/dist/services/x402/ssrf-guard.d.ts +4 -23
  397. package/dist/services/x402/ssrf-guard.d.ts.map +1 -1
  398. package/dist/services/x402/ssrf-guard.js +3 -232
  399. package/dist/services/x402/ssrf-guard.js.map +1 -1
  400. package/dist/signing/capabilities/eip712-signer.d.ts.map +1 -1
  401. package/dist/signing/capabilities/eip712-signer.js +2 -0
  402. package/dist/signing/capabilities/eip712-signer.js.map +1 -1
  403. package/package.json +5 -5
  404. package/public/admin/assets/index-CpFF2lCo.js +3 -0
  405. package/public/admin/index.html +1 -1
  406. package/dist/notifications/channels/ntfy.d.ts +0 -13
  407. package/dist/notifications/channels/ntfy.d.ts.map +0 -1
  408. package/dist/notifications/channels/ntfy.js +0 -74
  409. package/dist/notifications/channels/ntfy.js.map +0 -1
  410. package/dist/services/signing-sdk/channels/ntfy-signing-channel.d.ts +0 -66
  411. package/dist/services/signing-sdk/channels/ntfy-signing-channel.d.ts.map +0 -1
  412. package/dist/services/signing-sdk/channels/ntfy-signing-channel.js +0 -270
  413. package/dist/services/signing-sdk/channels/ntfy-signing-channel.js.map +0 -1
  414. package/public/admin/assets/index-CQ3i4P2U.js +0 -3
package/README.md CHANGED
@@ -133,7 +133,7 @@ waiaas quickset # Creates wallets + sessions automatically
133
133
  waiaas set-master # (Later) Harden password, then delete recovery.key
134
134
  ```
135
135
 
136
- The `--auto-provision` flag generates a cryptographically random master password and saves it to `~/.waiaas/recovery.key`. All subsequent CLI commands read it automatically. See the [Agent Self-Setup Guide](docs/guides/agent-self-setup.md) for the complete flow.
136
+ The `--auto-provision` flag generates a cryptographically random master password and saves it to `~/.waiaas/recovery.key`. All subsequent CLI commands read it automatically. See the [Agent Self-Setup Guide](docs/agent-guides/agent-self-setup.md) for the complete flow.
137
137
 
138
138
  For manual setup with human-guided password entry, install skills and follow `waiaas-setup/SKILL.md`:
139
139
 
@@ -215,10 +215,10 @@ Enabled by default (`admin_ui = true` in config.toml).
215
215
  | [Security Model](docs/security-model.md) | Authentication, policy engine, Kill Switch, AutoStop |
216
216
  | [Deployment Guide](docs/deployment.md) | Docker, npm, configuration reference |
217
217
  | [API Reference](docs/api-reference.md) | REST API endpoints and authentication |
218
- | [Agent Self-Setup Guide](docs/guides/agent-self-setup.md) | Fully autonomous setup with auto-provision |
219
- | [Agent Skills Integration](docs/guides/agent-skills-integration.md) | Universal guide for 27+ AI agent platforms |
220
- | [Claude Code Integration](docs/guides/claude-code-integration.md) | Skill files + MCP server setup for Claude Code |
221
- | [OpenClaw Integration](docs/guides/openclaw-integration.md) | Quick setup for OpenClaw bot |
218
+ | [Agent Self-Setup Guide](docs/agent-guides/agent-self-setup.md) | Fully autonomous setup with auto-provision |
219
+ | [Agent Skills Integration](docs/agent-guides/agent-skills-integration.md) | Universal guide for 27+ AI agent platforms |
220
+ | [Claude Code Integration](docs/agent-guides/claude-code-integration.md) | Skill files + MCP server setup for Claude Code |
221
+ | [OpenClaw Integration](docs/agent-guides/openclaw-integration.md) | Quick setup for OpenClaw bot |
222
222
  | [Wallet SDK Integration](docs/wallet-sdk-integration.md) | Integration guide for wallet developers |
223
223
  | [Why WAIaaS?](docs/why-waiaas/) | Background on AI agent wallet security |
224
224
  | [Contributing](CONTRIBUTING.md) | Development setup, code style, testing, PR guidelines |
package/dist/api/middleware/address-validation.d.ts CHANGED
@@ -1,38 +1,11 @@
1
1
  /**
2
- * validateOwnerAddress: Chain-aware address validation utility.
2
+ * Re-export bridge: address validation canonical location is infrastructure/auth/address-validation.ts
3
3
  *
4
- * Validates and normalizes owner wallet addresses for both supported chains:
5
- * - **Solana**: Base58-encoded 32-byte Ed25519 public key
6
- * - **Ethereum**: 0x-prefixed EIP-55 checksum address (strict mode)
4
+ * This file exists for backward compatibility with existing api/ layer imports.
5
+ * New code should import directly from infrastructure/auth/address-validation.js.
7
6
  *
8
- * **EIP-55 strict mode**: All-lowercase and all-uppercase addresses are rejected.
9
- * This is intentional -- we require EIP-55 checksum format for security to prevent
10
- * address typos from going undetected.
11
- *
12
- * The `decodeBase58` function is extracted from owner-auth.ts and exported here
13
- * as the canonical location. owner-auth.ts will import from here in Plan 87-02.
14
- *
15
- * @see docs/52-auth-redesign.md
16
- */
17
- import type { ChainType } from '@waiaas/core';
18
- export interface AddressValidationResult {
19
- valid: boolean;
20
- /** Normalized address (EIP-55 checksum for Ethereum, unchanged for Solana) */
21
- normalized?: string;
22
- /** Reason on failure */
23
- error?: string;
24
- }
25
- /**
26
- * Decode a Base58-encoded string (Bitcoin alphabet) to a Buffer.
27
- * Characters not in the Base58 alphabet (0, O, I, l) cause an error.
28
- */
29
- export declare function decodeBase58(str: string): Buffer;
30
- /**
31
- * Validate and normalize an owner wallet address for the given chain.
32
- *
33
- * - Solana: Base58 32-byte Ed25519 public key
34
- * - Ethereum: 0x + EIP-55 checksum (strict -- all-lowercase rejected)
35
- * - Unknown chain: rejected
7
+ * @see packages/daemon/src/infrastructure/auth/address-validation.ts
36
8
  */
37
- export declare function validateOwnerAddress(chain: ChainType, address: string): AddressValidationResult;
9
+ export { decodeBase58, validateOwnerAddress } from '../../infrastructure/auth/address-validation.js';
10
+ export type { AddressValidationResult } from '../../infrastructure/auth/address-validation.js';
38
11
  //# sourceMappingURL=address-validation.d.ts.map
package/dist/api/middleware/address-validation.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"address-validation.d.ts","sourceRoot":"","sources":["../../../src/api/middleware/address-validation.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AAEH,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAO9C,MAAM,WAAW,uBAAuB;IACtC,KAAK,EAAE,OAAO,CAAC;IACf,8EAA8E;IAC9E,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,wBAAwB;IACxB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AASD;;;GAGG;AACH,wBAAgB,YAAY,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAyChD;AA8DD;;;;;;GAMG;AACH,wBAAgB,oBAAoB,CAAC,KAAK,EAAE,SAAS,EAAE,OAAO,EAAE,MAAM,GAAG,uBAAuB,CAS/F"}
1
+ {"version":3,"file":"address-validation.d.ts","sourceRoot":"","sources":["../../../src/api/middleware/address-validation.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AACH,OAAO,EAAE,YAAY,EAAE,oBAAoB,EAAE,MAAM,iDAAiD,CAAC;AACrG,YAAY,EAAE,uBAAuB,EAAE,MAAM,iDAAiD,CAAC"}
package/dist/api/middleware/address-validation.js CHANGED
@@ -1,134 +1,10 @@
1
1
  /**
2
- * validateOwnerAddress: Chain-aware address validation utility.
2
+ * Re-export bridge: address validation canonical location is infrastructure/auth/address-validation.ts
3
3
  *
4
- * Validates and normalizes owner wallet addresses for both supported chains:
5
- * - **Solana**: Base58-encoded 32-byte Ed25519 public key
6
- * - **Ethereum**: 0x-prefixed EIP-55 checksum address (strict mode)
4
+ * This file exists for backward compatibility with existing api/ layer imports.
5
+ * New code should import directly from infrastructure/auth/address-validation.js.
7
6
  *
8
- * **EIP-55 strict mode**: All-lowercase and all-uppercase addresses are rejected.
9
- * This is intentional -- we require EIP-55 checksum format for security to prevent
10
- * address typos from going undetected.
11
- *
12
- * The `decodeBase58` function is extracted from owner-auth.ts and exported here
13
- * as the canonical location. owner-auth.ts will import from here in Plan 87-02.
14
- *
15
- * @see docs/52-auth-redesign.md
16
- */
17
- import { isAddress, getAddress } from 'viem';
18
- // ---------------------------------------------------------------------------
19
- // Base58 decode (Bitcoin alphabet) -- canonical location
20
- // Extracted from owner-auth.ts for reuse across address validation.
21
- // ---------------------------------------------------------------------------
22
- const BASE58_ALPHABET = '123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz';
23
- /**
24
- * Decode a Base58-encoded string (Bitcoin alphabet) to a Buffer.
25
- * Characters not in the Base58 alphabet (0, O, I, l) cause an error.
26
- */
27
- export function decodeBase58(str) {
28
- // Count leading '1's (zero bytes)
29
- let zeroes = 0;
30
- for (let i = 0; i < str.length && str[i] === '1'; i++) {
31
- zeroes++;
32
- }
33
- // Allocate enough space in base256 representation
34
- const size = Math.ceil((str.length * 733) / 1000) + 1;
35
- const b256 = new Uint8Array(size);
36
- let length = 0;
37
- for (let i = zeroes; i < str.length; i++) {
38
- const charIndex = BASE58_ALPHABET.indexOf(str[i]);
39
- if (charIndex === -1) {
40
- throw new Error(`Invalid Base58 character: ${str[i]}`);
41
- }
42
- let carry = charIndex;
43
- let j = 0;
44
- for (let k = size - 1; k >= 0 && (carry !== 0 || j < length); k--, j++) {
45
- carry += 58 * (b256[k] ?? 0);
46
- b256[k] = carry % 256;
47
- carry = Math.floor(carry / 256);
48
- }
49
- length = j;
50
- }
51
- // Skip leading zeros in b256
52
- let start = 0;
53
- while (start < size && b256[start] === 0) {
54
- start++;
55
- }
56
- // Build result with leading zero bytes
57
- const result = Buffer.alloc(zeroes + (size - start));
58
- for (let i = start; i < size; i++) {
59
- result[zeroes + (i - start)] = b256[i];
60
- }
61
- return result;
62
- }
63
- // ---------------------------------------------------------------------------
64
- // Solana address validation
65
- // ---------------------------------------------------------------------------
66
- function validateSolanaAddress(address) {
67
- try {
68
- const decoded = decodeBase58(address);
69
- if (decoded.length !== 32) {
70
- return {
71
- valid: false,
72
- error: `Invalid Solana address: expected 32 bytes, got ${String(decoded.length)}`,
73
- };
74
- }
75
- return { valid: true, normalized: address };
76
- }
77
- catch (err) {
78
- const msg = err instanceof Error ? err.message : String(err);
79
- return { valid: false, error: `Invalid Solana address (Base58 decode failed): ${msg}` };
80
- }
81
- }
82
- // ---------------------------------------------------------------------------
83
- // Ethereum address validation
84
- // ---------------------------------------------------------------------------
85
- function validateEthereumAddress(address) {
86
- // Check basic format first (0x prefix + hex)
87
- if (!address.startsWith('0x')) {
88
- return { valid: false, error: 'Invalid Ethereum address format: missing 0x prefix' };
89
- }
90
- // isAddress with strict=false checks format only (0x + 40 hex chars)
91
- if (!isAddress(address, { strict: false })) {
92
- return { valid: false, error: 'Invalid Ethereum address format' };
93
- }
94
- // Require EIP-55 mixed-case checksum format.
95
- // viem isAddress(strict:true) still accepts all-lowercase/all-uppercase,
96
- // so we explicitly reject those -- we require the checksummed mixed-case form
97
- // for security (prevents undetected typos).
98
- const hex = address.slice(2);
99
- if (hex === hex.toLowerCase() || hex === hex.toUpperCase()) {
100
- return { valid: false, error: 'Invalid EIP-55 checksum: all-lowercase or all-uppercase addresses are not accepted, use checksummed format' };
101
- }
102
- // Verify the mixed-case matches EIP-55 checksum exactly
103
- try {
104
- const checksummed = getAddress(address);
105
- if (checksummed !== address) {
106
- return { valid: false, error: 'Invalid EIP-55 checksum' };
107
- }
108
- return { valid: true, normalized: checksummed };
109
- }
110
- catch {
111
- return { valid: false, error: 'Invalid EIP-55 checksum' };
112
- }
113
- }
114
- // ---------------------------------------------------------------------------
115
- // Public API
116
- // ---------------------------------------------------------------------------
117
- /**
118
- * Validate and normalize an owner wallet address for the given chain.
119
- *
120
- * - Solana: Base58 32-byte Ed25519 public key
121
- * - Ethereum: 0x + EIP-55 checksum (strict -- all-lowercase rejected)
122
- * - Unknown chain: rejected
7
+ * @see packages/daemon/src/infrastructure/auth/address-validation.ts
123
8
  */
124
- export function validateOwnerAddress(chain, address) {
125
- switch (chain) {
126
- case 'solana':
127
- return validateSolanaAddress(address);
128
- case 'ethereum':
129
- return validateEthereumAddress(address);
130
- default:
131
- return { valid: false, error: `Unsupported chain: ${chain}` };
132
- }
133
- }
9
+ export { decodeBase58, validateOwnerAddress } from '../../infrastructure/auth/address-validation.js';
134
10
  //# sourceMappingURL=address-validation.js.map
package/dist/api/middleware/address-validation.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"address-validation.js","sourceRoot":"","sources":["../../../src/api/middleware/address-validation.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AAGH,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,MAAM,MAAM,CAAC;AAc7C,8EAA8E;AAC9E,yDAAyD;AACzD,oEAAoE;AACpE,8EAA8E;AAE9E,MAAM,eAAe,GAAG,4DAA4D,CAAC;AAErF;;;GAGG;AACH,MAAM,UAAU,YAAY,CAAC,GAAW;IACtC,kCAAkC;IAClC,IAAI,MAAM,GAAG,CAAC,CAAC;IACf,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,IAAI,GAAG,CAAC,CAAC,CAAC,KAAK,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;QACtD,MAAM,EAAE,CAAC;IACX,CAAC;IAED,kDAAkD;IAClD,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,MAAM,GAAG,GAAG,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC;IACtD,MAAM,IAAI,GAAG,IAAI,UAAU,CAAC,IAAI,CAAC,CAAC;IAClC,IAAI,MAAM,GAAG,CAAC,CAAC;IAEf,KAAK,IAAI,CAAC,GAAG,MAAM,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACzC,MAAM,SAAS,GAAG,eAAe,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAE,CAAC,CAAC;QACnD,IAAI,SAAS,KAAK,CAAC,CAAC,EAAE,CAAC;YACrB,MAAM,IAAI,KAAK,CAAC,6BAA6B,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;QACzD,CAAC;QAED,IAAI,KAAK,GAAG,SAAS,CAAC;QACtB,IAAI,CAAC,GAAG,CAAC,CAAC;QACV,KAAK,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,KAAK,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC;YACvE,KAAK,IAAI,EAAE,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;YAC7B,IAAI,CAAC,CAAC,CAAC,GAAG,KAAK,GAAG,GAAG,CAAC;YACtB,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,GAAG,GAAG,CAAC,CAAC;QAClC,CAAC;QACD,MAAM,GAAG,CAAC,CAAC;IACb,CAAC;IAED,6BAA6B;IAC7B,IAAI,KAAK,GAAG,CAAC,CAAC;IACd,OAAO,KAAK,GAAG,IAAI,IAAI,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC;QACzC,KAAK,EAAE,CAAC;IACV,CAAC;IAED,uCAAuC;IACvC,MAAM,MAAM,GAAG,MAAM,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC;IACrD,KAAK,IAAI,CAAC,GAAG,KAAK,EAAE,CAAC,GAAG,IAAI,EAAE,CAAC,EAAE,EAAE,CAAC;QAClC,MAAM,CAAC,MAAM,GAAG,CAAC,CAAC,GAAG,KAAK,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAE,CAAC;IAC1C,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,8EAA8E;AAC9E,4BAA4B;AAC5B,8EAA8E;AAE9E,SAAS,qBAAqB,CAAC,OAAe;IAC5C,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,YAAY,CAAC,OAAO,CAAC,CAAC;QACtC,IAAI,OAAO,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;YAC1B,OAAO;gBACL,KAAK,EAAE,KAAK;gBACZ,KAAK,EAAE,kDAAkD,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE;aAClF,CAAC;QACJ,CAAC;QACD,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,UAAU,EAAE,OAAO,EAAE,CAAC;IAC9C,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,GAAG,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAC7D,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,kDAAkD,GAAG,EAAE,EAAE,CAAC;IAC1F,CAAC;AACH,CAAC;AAED,8EAA8E;AAC9E,8BAA8B;AAC9B,8EAA8E;AAE9E,SAAS,uBAAuB,CAAC,OAAe;IAC9C,6CAA6C;IAC7C,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;QAC9B,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,oDAAoD,EAAE,CAAC;IACvF,CAAC;IAED,qEAAqE;IACrE,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC;QAC3C,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,iCAAiC,EAAE,CAAC;IACpE,CAAC;IAED,6CAA6C;IAC7C,yEAAyE;IACzE,8EAA8E;IAC9E,4CAA4C;IAC5C,MAAM,GAAG,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAC7B,IAAI,GAAG,KAAK,GAAG,CAAC,WAAW,EAAE,IAAI,GAAG,KAAK,GAAG,CAAC,WAAW,EAAE,EAAE,CAAC;QAC3D,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,4GAA4G,EAAE,CAAC;IAC/I,CAAC;IAED,wDAAwD;IACxD,IAAI,CAAC;QACH,MAAM,WAAW,GAAG,UAAU,CAAC,OAAO,CAAC,CAAC;QACxC,IAAI,WAAW,KAAK,OAAO,EAAE,CAAC;YAC5B,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,yBAAyB,EAAE,CAAC;QAC5D,CAAC;QACD,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,UAAU,EAAE,WAAW,EAAE,CAAC;IAClD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,yBAAyB,EAAE,CAAC;IAC5D,CAAC;AACH,CAAC;AAED,8EAA8E;AAC9E,aAAa;AACb,8EAA8E;AAE9E;;;;;;GAMG;AACH,MAAM,UAAU,oBAAoB,CAAC,KAAgB,EAAE,OAAe;IACpE,QAAQ,KAAK,EAAE,CAAC;QACd,KAAK,QAAQ;YACX,OAAO,qBAAqB,CAAC,OAAO,CAAC,CAAC;QACxC,KAAK,UAAU;YACb,OAAO,uBAAuB,CAAC,OAAO,CAAC,CAAC;QAC1C;YACE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,sBAAsB,KAAe,EAAE,EAAE,CAAC;IAC5E,CAAC;AACH,CAAC"}
1
+ {"version":3,"file":"address-validation.js","sourceRoot":"","sources":["../../../src/api/middleware/address-validation.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AACH,OAAO,EAAE,YAAY,EAAE,oBAAoB,EAAE,MAAM,iDAAiD,CAAC"}
package/dist/api/middleware/host-guard.d.ts CHANGED
@@ -2,7 +2,7 @@
2
2
  * Host guard middleware: restricts requests to localhost only.
3
3
  *
4
4
  * Checks the Host header and only allows requests where the hostname
5
- * starts with 127.0.0.1, localhost, or [::1].
5
+ * exactly matches 127.0.0.1, localhost, or [::1].
6
6
  * Non-localhost requests are rejected with 403 SYSTEM_LOCKED.
7
7
  *
8
8
  * @see docs/29-api-framework-design.md
package/dist/api/middleware/host-guard.js CHANGED
@@ -2,7 +2,7 @@
2
2
  * Host guard middleware: restricts requests to localhost only.
3
3
  *
4
4
  * Checks the Host header and only allows requests where the hostname
5
- * starts with 127.0.0.1, localhost, or [::1].
5
+ * exactly matches 127.0.0.1, localhost, or [::1].
6
6
  * Non-localhost requests are rejected with 403 SYSTEM_LOCKED.
7
7
  *
8
8
  * @see docs/29-api-framework-design.md
@@ -14,7 +14,7 @@ export const hostGuard = createMiddleware(async (c, next) => {
14
14
  const host = c.req.header('Host') ?? '';
15
15
  // Extract hostname (strip port if present)
16
16
  const hostname = host.replace(/:\d+$/, '');
17
- const isLocalhost = LOCALHOST_PATTERNS.some((pattern) => hostname === pattern || hostname.startsWith(pattern));
17
+ const isLocalhost = LOCALHOST_PATTERNS.some((pattern) => hostname === pattern);
18
18
  if (!isLocalhost) {
19
19
  throw new WAIaaSError('SYSTEM_LOCKED', {
20
20
  message: 'Only localhost access allowed',
package/dist/api/middleware/host-guard.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"host-guard.js","sourceRoot":"","sources":["../../../src/api/middleware/host-guard.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAC;AAChD,OAAO,EAAE,WAAW,EAAE,MAAM,cAAc,CAAC;AAE3C,MAAM,kBAAkB,GAAG,CAAC,WAAW,EAAE,WAAW,EAAE,OAAO,CAAC,CAAC;AAE/D,MAAM,CAAC,MAAM,SAAS,GAAG,gBAAgB,CAAC,KAAK,EAAE,CAAC,EAAE,IAAI,EAAE,EAAE;IAC1D,MAAM,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;IACxC,2CAA2C;IAC3C,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;IAE3C,MAAM,WAAW,GAAG,kBAAkB,CAAC,IAAI,CACzC,CAAC,OAAO,EAAE,EAAE,CAAC,QAAQ,KAAK,OAAO,IAAI,QAAQ,CAAC,UAAU,CAAC,OAAO,CAAC,CAClE,CAAC;IAEF,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,MAAM,IAAI,WAAW,CAAC,eAAe,EAAE;YACrC,OAAO,EAAE,+BAA+B;SACzC,CAAC,CAAC;IACL,CAAC;IAED,MAAM,IAAI,EAAE,CAAC;AACf,CAAC,CAAC,CAAC"}
1
+ {"version":3,"file":"host-guard.js","sourceRoot":"","sources":["../../../src/api/middleware/host-guard.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAC;AAChD,OAAO,EAAE,WAAW,EAAE,MAAM,cAAc,CAAC;AAE3C,MAAM,kBAAkB,GAAG,CAAC,WAAW,EAAE,WAAW,EAAE,OAAO,CAAC,CAAC;AAE/D,MAAM,CAAC,MAAM,SAAS,GAAG,gBAAgB,CAAC,KAAK,EAAE,CAAC,EAAE,IAAI,EAAE,EAAE;IAC1D,MAAM,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;IACxC,2CAA2C;IAC3C,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;IAE3C,MAAM,WAAW,GAAG,kBAAkB,CAAC,IAAI,CACzC,CAAC,OAAO,EAAE,EAAE,CAAC,QAAQ,KAAK,OAAO,CAClC,CAAC;IAEF,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,MAAM,IAAI,WAAW,CAAC,eAAe,EAAE;YACrC,OAAO,EAAE,+BAA+B;SACzC,CAAC,CAAC;IACL,CAAC;IAED,MAAM,IAAI,EAAE,CAAC;AACf,CAAC,CAAC,CAAC"}
package/dist/api/middleware/index.d.ts CHANGED
@@ -10,4 +10,5 @@ export { createSessionAuth, type SessionAuthDeps } from './session-auth.js';
10
10
  export { createMasterAuth, type MasterAuthDeps } from './master-auth.js';
11
11
  export { createOwnerAuth, type OwnerAuthDeps } from './owner-auth.js';
12
12
  export { cspMiddleware } from './csp.js';
13
+ export { createIpRateLimiter, createSessionRateLimiter, createTxRateLimiter, SlidingWindowRateLimiter } from './rate-limiter.js';
13
14
  //# sourceMappingURL=index.d.ts.map
package/dist/api/middleware/index.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/api/middleware/index.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAC5C,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAC5C,OAAO,EAAE,qBAAqB,EAAE,KAAK,kBAAkB,EAAE,MAAM,wBAAwB,CAAC;AACxF,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AACpD,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAAE,iBAAiB,EAAE,KAAK,eAAe,EAAE,MAAM,mBAAmB,CAAC;AAC5E,OAAO,EAAE,gBAAgB,EAAE,KAAK,cAAc,EAAE,MAAM,kBAAkB,CAAC;AACzE,OAAO,EAAE,eAAe,EAAE,KAAK,aAAa,EAAE,MAAM,iBAAiB,CAAC;AACtE,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC"}
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/api/middleware/index.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAC5C,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAC5C,OAAO,EAAE,qBAAqB,EAAE,KAAK,kBAAkB,EAAE,MAAM,wBAAwB,CAAC;AACxF,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AACpD,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAAE,iBAAiB,EAAE,KAAK,eAAe,EAAE,MAAM,mBAAmB,CAAC;AAC5E,OAAO,EAAE,gBAAgB,EAAE,KAAK,cAAc,EAAE,MAAM,kBAAkB,CAAC;AACzE,OAAO,EAAE,eAAe,EAAE,KAAK,aAAa,EAAE,MAAM,iBAAiB,CAAC;AACtE,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AACzC,OAAO,EAAE,mBAAmB,EAAE,wBAAwB,EAAE,mBAAmB,EAAE,wBAAwB,EAAE,MAAM,mBAAmB,CAAC"}
package/dist/api/middleware/index.js CHANGED
@@ -10,4 +10,5 @@ export { createSessionAuth } from './session-auth.js';
10
10
  export { createMasterAuth } from './master-auth.js';
11
11
  export { createOwnerAuth } from './owner-auth.js';
12
12
  export { cspMiddleware } from './csp.js';
13
+ export { createIpRateLimiter, createSessionRateLimiter, createTxRateLimiter, SlidingWindowRateLimiter } from './rate-limiter.js';
13
14
  //# sourceMappingURL=index.js.map
package/dist/api/middleware/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/api/middleware/index.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAC5C,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAC5C,OAAO,EAAE,qBAAqB,EAA2B,MAAM,wBAAwB,CAAC;AACxF,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AACpD,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAAE,iBAAiB,EAAwB,MAAM,mBAAmB,CAAC;AAC5E,OAAO,EAAE,gBAAgB,EAAuB,MAAM,kBAAkB,CAAC;AACzE,OAAO,EAAE,eAAe,EAAsB,MAAM,iBAAiB,CAAC;AACtE,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC"}
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/api/middleware/index.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAC5C,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAC5C,OAAO,EAAE,qBAAqB,EAA2B,MAAM,wBAAwB,CAAC;AACxF,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AACpD,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAAE,iBAAiB,EAAwB,MAAM,mBAAmB,CAAC;AAC5E,OAAO,EAAE,gBAAgB,EAAuB,MAAM,kBAAkB,CAAC;AACzE,OAAO,EAAE,eAAe,EAAsB,MAAM,iBAAiB,CAAC;AACtE,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AACzC,OAAO,EAAE,mBAAmB,EAAE,wBAAwB,EAAE,mBAAmB,EAAE,wBAAwB,EAAE,MAAM,mBAAmB,CAAC"}
package/dist/api/middleware/master-auth.d.ts CHANGED
@@ -9,11 +9,8 @@
9
9
  * @see docs/52-auth-redesign.md
10
10
  */
11
11
  import type { Database as SQLiteDatabase } from 'better-sqlite3';
12
- /** Mutable ref for in-memory master password + hash, enabling hot-swap on password change. */
13
- export interface MasterPasswordRef {
14
- password: string;
15
- hash: string;
16
- }
12
+ export type { MasterPasswordRef } from '../../infrastructure/auth/types.js';
13
+ import type { MasterPasswordRef } from '../../infrastructure/auth/types.js';
17
14
  export interface MasterAuthDeps {
18
15
  masterPasswordHash?: string;
19
16
  /** Mutable ref for live password/hash updates. Takes precedence over masterPasswordHash. */
package/dist/api/middleware/master-auth.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"master-auth.d.ts","sourceRoot":"","sources":["../../../src/api/middleware/master-auth.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAKH,OAAO,KAAK,EAAE,QAAQ,IAAI,cAAc,EAAE,MAAM,gBAAgB,CAAC;AAOjE,8FAA8F;AAC9F,MAAM,WAAW,iBAAiB;IAChC,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,EAAE,MAAM,CAAC;CACd;AAED,MAAM,WAAW,cAAc;IAC7B,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,4FAA4F;IAC5F,WAAW,CAAC,EAAE,iBAAiB,CAAC;IAChC,yDAAyD;IACzD,MAAM,CAAC,EAAE,cAAc,CAAC;CACzB;AAMD,wBAAgB,gBAAgB,CAAC,IAAI,EAAE,cAAc,+DA2CpD"}
1
+ {"version":3,"file":"master-auth.d.ts","sourceRoot":"","sources":["../../../src/api/middleware/master-auth.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAKH,OAAO,KAAK,EAAE,QAAQ,IAAI,cAAc,EAAE,MAAM,gBAAgB,CAAC;AAOjE,YAAY,EAAE,iBAAiB,EAAE,MAAM,oCAAoC,CAAC;AAC5E,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,oCAAoC,CAAC;AAE5E,MAAM,WAAW,cAAc;IAC7B,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,4FAA4F;IAC5F,WAAW,CAAC,EAAE,iBAAiB,CAAC;IAChC,yDAAyD;IACzD,MAAM,CAAC,EAAE,cAAc,CAAC;CACzB;AAMD,wBAAgB,gBAAgB,CAAC,IAAI,EAAE,cAAc,+DA2CpD"}
package/dist/api/middleware/master-auth.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"master-auth.js","sourceRoot":"","sources":["../../../src/api/middleware/master-auth.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAC;AAChD,OAAO,MAAM,MAAM,QAAQ,CAAC;AAC5B,OAAO,EAAE,WAAW,EAAE,MAAM,cAAc,CAAC;AAE3C,OAAO,EAAE,cAAc,EAAE,MAAM,+CAA+C,CAAC;AAoB/E,8EAA8E;AAC9E,qBAAqB;AACrB,8EAA8E;AAE9E,MAAM,UAAU,gBAAgB,CAAC,IAAoB;IACnD,OAAO,gBAAgB,CAAC,KAAK,EAAE,CAAC,EAAE,IAAI,EAAE,EAAE;QACxC,MAAM,QAAQ,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,mBAAmB,CAAC,CAAC;QAEnD,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,MAAM,IAAI,WAAW,CAAC,yBAAyB,EAAE;gBAC/C,OAAO,EAAE,sCAAsC;aAChD,CAAC,CAAC;QACL,CAAC;QAED,kEAAkE;QAClE,MAAM,IAAI,GAAG,IAAI,CAAC,WAAW,EAAE,IAAI,IAAI,IAAI,CAAC,kBAAkB,CAAC;QAC/D,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,MAAM,IAAI,WAAW,CAAC,yBAAyB,EAAE;gBAC/C,OAAO,EAAE,gCAAgC;aAC1C,CAAC,CAAC;QACL,CAAC;QAED,+CAA+C;QAC/C,MAAM,OAAO,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;QAEpD,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,8CAA8C;YAC9C,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;gBAChB,cAAc,CAAC,IAAI,CAAC,MAAM,EAAE;oBAC1B,SAAS,EAAE,oBAAoB;oBAC/B,KAAK,EAAE,SAAS;oBAChB,OAAO,EAAE;wBACP,MAAM,EAAE,yBAAyB;wBACjC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,iBAAiB,CAAC,IAAI,WAAW;qBACnD;oBACD,QAAQ,EAAE,UAAU;oBACpB,SAAS,EAAE,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,iBAAiB,CAAC,IAAI,SAAS;iBACxD,CAAC,CAAC;YACL,CAAC;YAED,MAAM,IAAI,WAAW,CAAC,yBAAyB,EAAE;gBAC/C,OAAO,EAAE,yBAAyB;aACnC,CAAC,CAAC;QACL,CAAC;QAED,MAAM,IAAI,EAAE,CAAC;IACf,CAAC,CAAC,CAAC;AACL,CAAC"}
1
+ {"version":3,"file":"master-auth.js","sourceRoot":"","sources":["../../../src/api/middleware/master-auth.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAC;AAChD,OAAO,MAAM,MAAM,QAAQ,CAAC;AAC5B,OAAO,EAAE,WAAW,EAAE,MAAM,cAAc,CAAC;AAE3C,OAAO,EAAE,cAAc,EAAE,MAAM,+CAA+C,CAAC;AAiB/E,8EAA8E;AAC9E,qBAAqB;AACrB,8EAA8E;AAE9E,MAAM,UAAU,gBAAgB,CAAC,IAAoB;IACnD,OAAO,gBAAgB,CAAC,KAAK,EAAE,CAAC,EAAE,IAAI,EAAE,EAAE;QACxC,MAAM,QAAQ,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,mBAAmB,CAAC,CAAC;QAEnD,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,MAAM,IAAI,WAAW,CAAC,yBAAyB,EAAE;gBAC/C,OAAO,EAAE,sCAAsC;aAChD,CAAC,CAAC;QACL,CAAC;QAED,kEAAkE;QAClE,MAAM,IAAI,GAAG,IAAI,CAAC,WAAW,EAAE,IAAI,IAAI,IAAI,CAAC,kBAAkB,CAAC;QAC/D,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,MAAM,IAAI,WAAW,CAAC,yBAAyB,EAAE;gBAC/C,OAAO,EAAE,gCAAgC;aAC1C,CAAC,CAAC;QACL,CAAC;QAED,+CAA+C;QAC/C,MAAM,OAAO,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;QAEpD,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,8CAA8C;YAC9C,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;gBAChB,cAAc,CAAC,IAAI,CAAC,MAAM,EAAE;oBAC1B,SAAS,EAAE,oBAAoB;oBAC/B,KAAK,EAAE,SAAS;oBAChB,OAAO,EAAE;wBACP,MAAM,EAAE,yBAAyB;wBACjC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,iBAAiB,CAAC,IAAI,WAAW;qBACnD;oBACD,QAAQ,EAAE,UAAU;oBACpB,SAAS,EAAE,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,iBAAiB,CAAC,IAAI,SAAS;iBACxD,CAAC,CAAC;YACL,CAAC;YAED,MAAM,IAAI,WAAW,CAAC,yBAAyB,EAAE;gBAC/C,OAAO,EAAE,yBAAyB;aACnC,CAAC,CAAC;QACL,CAAC;QAED,MAAM,IAAI,EAAE,CAAC;IACf,CAAC,CAAC,CAAC;AACL,CAAC"}
package/dist/api/middleware/rate-limiter.d.ts ADDED
@@ -0,0 +1,51 @@
1
+ /**
2
+ * In-memory sliding-window rate limiter with 3-tier Hono middleware factories.
3
+ *
4
+ * Architecture:
5
+ * - SlidingWindowRateLimiter: generic sliding-window counter with TTL auto-cleanup
6
+ * - createIpRateLimiter: IP-based global rate limit (all endpoints)
7
+ * - createSessionRateLimiter: session-based rate limit (sessionAuth endpoints)
8
+ * - createTxRateLimiter: transaction-specific rate limit (POST /v1/transactions, /v1/actions)
9
+ *
10
+ * All three read limit values from SettingsService on each request (hot-reload).
11
+ * Expired window entries are automatically cleaned every 60 seconds.
12
+ *
13
+ * @see packages/daemon/src/infrastructure/settings/setting-keys.ts for rate_limit_* keys
14
+ */
15
+ import type { SettingsService } from '../../infrastructure/settings/index.js';
16
+ interface SlidingWindowOpts {
17
+ /** Cleanup interval in ms (default 60_000) */
18
+ cleanupIntervalMs?: number;
19
+ }
20
+ interface CheckResult {
21
+ allowed: boolean;
22
+ remaining: number;
23
+ retryAfterSec: number;
24
+ }
25
+ export declare class SlidingWindowRateLimiter {
26
+ private buckets;
27
+ private cleanupTimer;
28
+ constructor(opts?: SlidingWindowOpts);
29
+ /**
30
+ * Check if a request is allowed under the sliding window.
31
+ *
32
+ * @param key - Rate limit key (IP, session ID, etc.)
33
+ * @param limit - Max requests per window
34
+ * @param windowMs - Window duration in ms (default 60_000 = 1 minute)
35
+ */
36
+ check(key: string, limit: number, windowMs?: number): CheckResult;
37
+ /** Remove buckets whose ALL timestamps are expired. */
38
+ cleanup(): void;
39
+ /** Stop the cleanup timer. */
40
+ destroy(): void;
41
+ /** Number of active keys (for testing). */
42
+ get size(): number;
43
+ }
44
+ interface RateLimiterDeps {
45
+ settingsService: SettingsService;
46
+ }
47
+ export declare function createIpRateLimiter(deps: RateLimiterDeps): import("hono").MiddlewareHandler<any, string, {}, Response>;
48
+ export declare function createSessionRateLimiter(deps: RateLimiterDeps): import("hono").MiddlewareHandler<any, string, {}, Response>;
49
+ export declare function createTxRateLimiter(deps: RateLimiterDeps): import("hono").MiddlewareHandler<any, string, {}, Response>;
50
+ export {};
51
+ //# sourceMappingURL=rate-limiter.d.ts.map
package/dist/api/middleware/rate-limiter.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"rate-limiter.d.ts","sourceRoot":"","sources":["../../../src/api/middleware/rate-limiter.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAGH,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,wCAAwC,CAAC;AAM9E,UAAU,iBAAiB;IACzB,8CAA8C;IAC9C,iBAAiB,CAAC,EAAE,MAAM,CAAC;CAC5B;AAED,UAAU,WAAW;IACnB,OAAO,EAAE,OAAO,CAAC;IACjB,SAAS,EAAE,MAAM,CAAC;IAClB,aAAa,EAAE,MAAM,CAAC;CACvB;AAED,qBAAa,wBAAwB;IACnC,OAAO,CAAC,OAAO,CAA+C;IAC9D,OAAO,CAAC,YAAY,CAAiC;gBAEzC,IAAI,GAAE,iBAAsB;IASxC;;;;;;OAMG;IACH,KAAK,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,QAAQ,SAAS,GAAG,WAAW;IAgCjE,uDAAuD;IACvD,OAAO,IAAI,IAAI;IAUf,8BAA8B;IAC9B,OAAO,IAAI,IAAI;IAIf,2CAA2C;IAC3C,IAAI,IAAI,IAAI,MAAM,CAEjB;CACF;AAMD,UAAU,eAAe;IACvB,eAAe,EAAE,eAAe,CAAC;CAClC;AAsBD,wBAAgB,mBAAmB,CAAC,IAAI,EAAE,eAAe,+DAkBxD;AAMD,wBAAgB,wBAAwB,CAAC,IAAI,EAAE,eAAe,+DAmB7D;AAMD,wBAAgB,mBAAmB,CAAC,IAAI,EAAE,eAAe,+DAmBxD"}
package/dist/api/middleware/rate-limiter.js ADDED
@@ -0,0 +1,146 @@
1
+ /**
2
+ * In-memory sliding-window rate limiter with 3-tier Hono middleware factories.
3
+ *
4
+ * Architecture:
5
+ * - SlidingWindowRateLimiter: generic sliding-window counter with TTL auto-cleanup
6
+ * - createIpRateLimiter: IP-based global rate limit (all endpoints)
7
+ * - createSessionRateLimiter: session-based rate limit (sessionAuth endpoints)
8
+ * - createTxRateLimiter: transaction-specific rate limit (POST /v1/transactions, /v1/actions)
9
+ *
10
+ * All three read limit values from SettingsService on each request (hot-reload).
11
+ * Expired window entries are automatically cleaned every 60 seconds.
12
+ *
13
+ * @see packages/daemon/src/infrastructure/settings/setting-keys.ts for rate_limit_* keys
14
+ */
15
+ import { createMiddleware } from 'hono/factory';
16
+ export class SlidingWindowRateLimiter {
17
+ buckets = new Map();
18
+ cleanupTimer;
19
+ constructor(opts = {}) {
20
+ const interval = opts.cleanupIntervalMs ?? 60_000;
21
+ this.cleanupTimer = setInterval(() => this.cleanup(), interval);
22
+ // Unref so the timer doesn't keep the process alive
23
+ if (typeof this.cleanupTimer === 'object' && 'unref' in this.cleanupTimer) {
24
+ this.cleanupTimer.unref();
25
+ }
26
+ }
27
+ /**
28
+ * Check if a request is allowed under the sliding window.
29
+ *
30
+ * @param key - Rate limit key (IP, session ID, etc.)
31
+ * @param limit - Max requests per window
32
+ * @param windowMs - Window duration in ms (default 60_000 = 1 minute)
33
+ */
34
+ check(key, limit, windowMs = 60_000) {
35
+ const now = Date.now();
36
+ const cutoff = now - windowMs;
37
+ let bucket = this.buckets.get(key);
38
+ if (!bucket) {
39
+ bucket = { timestamps: [] };
40
+ this.buckets.set(key, bucket);
41
+ }
42
+ // Remove timestamps outside the window
43
+ bucket.timestamps = bucket.timestamps.filter((t) => t > cutoff);
44
+ if (bucket.timestamps.length < limit) {
45
+ bucket.timestamps.push(now);
46
+ return {
47
+ allowed: true,
48
+ remaining: limit - bucket.timestamps.length,
49
+ retryAfterSec: 0,
50
+ };
51
+ }
52
+ // Rate limited: calculate when the oldest entry in the window will expire
53
+ const oldest = bucket.timestamps[0];
54
+ const retryAfterMs = oldest + windowMs - now;
55
+ return {
56
+ allowed: false,
57
+ remaining: 0,
58
+ retryAfterSec: Math.ceil(retryAfterMs / 1000),
59
+ };
60
+ }
61
+ /** Remove buckets whose ALL timestamps are expired. */
62
+ cleanup() {
63
+ const cutoff = Date.now() - 60_000;
64
+ for (const [key, bucket] of this.buckets) {
65
+ bucket.timestamps = bucket.timestamps.filter((t) => t > cutoff);
66
+ if (bucket.timestamps.length === 0) {
67
+ this.buckets.delete(key);
68
+ }
69
+ }
70
+ }
71
+ /** Stop the cleanup timer. */
72
+ destroy() {
73
+ clearInterval(this.cleanupTimer);
74
+ }
75
+ /** Number of active keys (for testing). */
76
+ get size() {
77
+ return this.buckets.size;
78
+ }
79
+ }
80
+ // ---------------------------------------------------------------------------
81
+ // Helper: return 429 JSON response with Retry-After header
82
+ // ---------------------------------------------------------------------------
83
+ function rateLimit429(c, retryAfterSec, message) {
84
+ c.header('Retry-After', String(retryAfterSec));
85
+ return c.json({
86
+ code: 'RATE_LIMITED',
87
+ message,
88
+ retryable: true,
89
+ }, 429);
90
+ }
91
+ // ---------------------------------------------------------------------------
92
+ // IP rate limiter (global, all endpoints)
93
+ // ---------------------------------------------------------------------------
94
+ export function createIpRateLimiter(deps) {
95
+ const limiter = new SlidingWindowRateLimiter();
96
+ return createMiddleware(async (c, next) => {
97
+ const ip = c.req.header('x-forwarded-for')?.split(',')[0]?.trim() ||
98
+ c.req.header('x-real-ip') ||
99
+ 'unknown';
100
+ const limit = parseInt(deps.settingsService.get('security.rate_limit_global_ip_rpm'), 10) || 1000;
101
+ const result = limiter.check(ip, limit);
102
+ if (!result.allowed) {
103
+ return rateLimit429(c, result.retryAfterSec, 'IP rate limit exceeded');
104
+ }
105
+ await next();
106
+ });
107
+ }
108
+ // ---------------------------------------------------------------------------
109
+ // Session rate limiter (session-authed endpoints)
110
+ // ---------------------------------------------------------------------------
111
+ export function createSessionRateLimiter(deps) {
112
+ const limiter = new SlidingWindowRateLimiter();
113
+ return createMiddleware(async (c, next) => {
114
+ const sessionId = c.get('sessionId');
115
+ if (!sessionId) {
116
+ await next();
117
+ return;
118
+ }
119
+ const limit = parseInt(deps.settingsService.get('security.rate_limit_session_rpm'), 10) || 300;
120
+ const result = limiter.check(sessionId, limit);
121
+ if (!result.allowed) {
122
+ return rateLimit429(c, result.retryAfterSec, 'Session rate limit exceeded');
123
+ }
124
+ await next();
125
+ });
126
+ }
127
+ // ---------------------------------------------------------------------------
128
+ // TX rate limiter (transaction submission endpoints)
129
+ // ---------------------------------------------------------------------------
130
+ export function createTxRateLimiter(deps) {
131
+ const limiter = new SlidingWindowRateLimiter();
132
+ return createMiddleware(async (c, next) => {
133
+ const sessionId = c.get('sessionId');
134
+ if (!sessionId) {
135
+ await next();
136
+ return;
137
+ }
138
+ const limit = parseInt(deps.settingsService.get('security.rate_limit_tx_rpm'), 10) || 10;
139
+ const result = limiter.check(sessionId, limit);
140
+ if (!result.allowed) {
141
+ return rateLimit429(c, result.retryAfterSec, 'Transaction rate limit exceeded');
142
+ }
143
+ await next();
144
+ });
145
+ }
146
+ //# sourceMappingURL=rate-limiter.js.map
package/dist/api/middleware/rate-limiter.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"rate-limiter.js","sourceRoot":"","sources":["../../../src/api/middleware/rate-limiter.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAEH,OAAO,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAC;AAkBhD,MAAM,OAAO,wBAAwB;IAC3B,OAAO,GAAG,IAAI,GAAG,EAAoC,CAAC;IACtD,YAAY,CAAiC;IAErD,YAAY,OAA0B,EAAE;QACtC,MAAM,QAAQ,GAAG,IAAI,CAAC,iBAAiB,IAAI,MAAM,CAAC;QAClD,IAAI,CAAC,YAAY,GAAG,WAAW,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,OAAO,EAAE,EAAE,QAAQ,CAAC,CAAC;QAChE,oDAAoD;QACpD,IAAI,OAAO,IAAI,CAAC,YAAY,KAAK,QAAQ,IAAI,OAAO,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;YAC1E,IAAI,CAAC,YAAY,CAAC,KAAK,EAAE,CAAC;QAC5B,CAAC;IACH,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,GAAW,EAAE,KAAa,EAAE,QAAQ,GAAG,MAAM;QACjD,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,MAAM,MAAM,GAAG,GAAG,GAAG,QAAQ,CAAC;QAE9B,IAAI,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACnC,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,GAAG,EAAE,UAAU,EAAE,EAAE,EAAE,CAAC;YAC5B,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;QAChC,CAAC;QAED,uCAAuC;QACvC,MAAM,CAAC,UAAU,GAAG,MAAM,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC;QAEhE,IAAI,MAAM,CAAC,UAAU,CAAC,MAAM,GAAG,KAAK,EAAE,CAAC;YACrC,MAAM,CAAC,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;YAC5B,OAAO;gBACL,OAAO,EAAE,IAAI;gBACb,SAAS,EAAE,KAAK,GAAG,MAAM,CAAC,UAAU,CAAC,MAAM;gBAC3C,aAAa,EAAE,CAAC;aACjB,CAAC;QACJ,CAAC;QAED,0EAA0E;QAC1E,MAAM,MAAM,GAAG,MAAM,CAAC,UAAU,CAAC,CAAC,CAAE,CAAC;QACrC,MAAM,YAAY,GAAG,MAAM,GAAG,QAAQ,GAAG,GAAG,CAAC;QAC7C,OAAO;YACL,OAAO,EAAE,KAAK;YACd,SAAS,EAAE,CAAC;YACZ,aAAa,EAAE,IAAI,CAAC,IAAI,CAAC,YAAY,GAAG,IAAI,CAAC;SAC9C,CAAC;IACJ,CAAC;IAED,uDAAuD;IACvD,OAAO;QACL,MAAM,MAAM,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,MAAM,CAAC;QACnC,KAAK,MAAM,CAAC,GAAG,EAAE,MAAM,CAAC,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;YACzC,MAAM,CAAC,UAAU,GAAG,MAAM,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC;YAChE,IAAI,MAAM,CAAC,UAAU,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACnC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YAC3B,CAAC;QACH,CAAC;IACH,CAAC;IAED,8BAA8B;IAC9B,OAAO;QACL,aAAa,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;IACnC,CAAC;IAED,2CAA2C;IAC3C,IAAI,IAAI;QACN,OAAO,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC;IAC3B,CAAC;CACF;AAUD,8EAA8E;AAC9E,2DAA2D;AAC3D,8EAA8E;AAE9E,SAAS,YAAY,CAAC,CAAuG,EAAE,aAAqB,EAAE,OAAe;IACnK,CAAC,CAAC,MAAM,CAAC,aAAa,EAAE,MAAM,CAAC,aAAa,CAAC,CAAC,CAAC;IAC/C,OAAO,CAAC,CAAC,IAAI,CACX;QACE,IAAI,EAAE,cAAc;QACpB,OAAO;QACP,SAAS,EAAE,IAAI;KAChB,EACD,GAAG,CACJ,CAAC;AACJ,CAAC;AAED,8EAA8E;AAC9E,0CAA0C;AAC1C,8EAA8E;AAE9E,MAAM,UAAU,mBAAmB,CAAC,IAAqB;IACvD,MAAM,OAAO,GAAG,IAAI,wBAAwB,EAAE,CAAC;IAE/C,OAAO,gBAAgB,CAAC,KAAK,EAAE,CAAC,EAAE,IAAI,EAAE,EAAE;QACxC,MAAM,EAAE,GACN,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,iBAAiB,CAAC,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE;YACtD,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,WAAW,CAAC;YACzB,SAAS,CAAC;QAEZ,MAAM,KAAK,GAAG,QAAQ,CAAC,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,mCAAmC,CAAC,EAAE,EAAE,CAAC,IAAI,IAAI,CAAC;QAClG,MAAM,MAAM,GAAG,OAAO,CAAC,KAAK,CAAC,EAAE,EAAE,KAAK,CAAC,CAAC;QAExC,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YACpB,OAAO,YAAY,CAAC,CAAC,EAAE,MAAM,CAAC,aAAa,EAAE,wBAAwB,CAAC,CAAC;QACzE,CAAC;QAED,MAAM,IAAI,EAAE,CAAC;IACf,CAAC,CAAC,CAAC;AACL,CAAC;AAED,8EAA8E;AAC9E,kDAAkD;AAClD,8EAA8E;AAE9E,MAAM,UAAU,wBAAwB,CAAC,IAAqB;IAC5D,MAAM,OAAO,GAAG,IAAI,wBAAwB,EAAE,CAAC;IAE/C,OAAO,gBAAgB,CAAC,KAAK,EAAE,CAAC,EAAE,IAAI,EAAE,EAAE;QACxC,MAAM,SAAS,GAAI,CAAC,CAAC,GAA2C,CAAC,WAAW,CAAC,CAAC;QAC9E,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,MAAM,IAAI,EAAE,CAAC;YACb,OAAO;QACT,CAAC;QAED,MAAM,KAAK,GAAG,QAAQ,CAAC,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,iCAAiC,CAAC,EAAE,EAAE,CAAC,IAAI,GAAG,CAAC;QAC/F,MAAM,MAAM,GAAG,OAAO,CAAC,KAAK,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC;QAE/C,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YACpB,OAAO,YAAY,CAAC,CAAC,EAAE,MAAM,CAAC,aAAa,EAAE,6BAA6B,CAAC,CAAC;QAC9E,CAAC;QAED,MAAM,IAAI,EAAE,CAAC;IACf,CAAC,CAAC,CAAC;AACL,CAAC;AAED,8EAA8E;AAC9E,qDAAqD;AACrD,8EAA8E;AAE9E,MAAM,UAAU,mBAAmB,CAAC,IAAqB;IACvD,MAAM,OAAO,GAAG,IAAI,wBAAwB,EAAE,CAAC;IAE/C,OAAO,gBAAgB,CAAC,KAAK,EAAE,CAAC,EAAE,IAAI,EAAE,EAAE;QACxC,MAAM,SAAS,GAAI,CAAC,CAAC,GAA2C,CAAC,WAAW,CAAC,CAAC;QAC9E,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,MAAM,IAAI,EAAE,CAAC;YACb,OAAO;QACT,CAAC;QAED,MAAM,KAAK,GAAG,QAAQ,CAAC,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,4BAA4B,CAAC,EAAE,EAAE,CAAC,IAAI,EAAE,CAAC;QACzF,MAAM,MAAM,GAAG,OAAO,CAAC,KAAK,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC;QAE/C,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YACpB,OAAO,YAAY,CAAC,CAAC,EAAE,MAAM,CAAC,aAAa,EAAE,iCAAiC,CAAC,CAAC;QAClF,CAAC;QAED,MAAM,IAAI,EAAE,CAAC;IACf,CAAC,CAAC,CAAC;AACL,CAAC"}
package/dist/api/middleware/siwe-verify.d.ts CHANGED
@@ -1,31 +1,11 @@
1
1
  /**
2
- * verifySIWE: Pure function for SIWE (EIP-4361) message verification.
2
+ * Re-export bridge: verifySIWE canonical location is infrastructure/auth/siwe-verify.ts
3
3
  *
4
- * Verifies that:
5
- * 1. The message is a valid EIP-4361 SIWE message (parseable, not expired, not before notBefore)
6
- * 2. The EIP-191 personal_sign signature matches the expectedAddress
4
+ * This file exists for backward compatibility with existing api/ layer imports.
5
+ * New code should import directly from infrastructure/auth/siwe-verify.js.
7
6
  *
8
- * Per design decision [v1.4.1]: nonce is NOT validated server-side
9
- * (consistency with Solana owner-auth which has no server-side nonce check;
10
- * security relies on expirationTime).
11
- *
12
- * @see docs/52-auth-redesign.md
13
- * @see docs/28-daemon.md (owner-auth SIWE)
7
+ * @see packages/daemon/src/infrastructure/auth/siwe-verify.ts
14
8
  */
15
- export interface VerifySIWEParams {
16
- /** EIP-4361 formatted message string */
17
- message: string;
18
- /** Hex-encoded 0x-prefixed EIP-191 signature */
19
- signature: string;
20
- /** 0x EIP-55 checksum address to match */
21
- expectedAddress: string;
22
- }
23
- export interface VerifySIWEResult {
24
- valid: boolean;
25
- /** Recovered address on success */
26
- address?: string;
27
- /** Reason on failure */
28
- error?: string;
29
- }
30
- export declare function verifySIWE(params: VerifySIWEParams): Promise<VerifySIWEResult>;
9
+ export { verifySIWE } from '../../infrastructure/auth/siwe-verify.js';
10
+ export type { VerifySIWEParams, VerifySIWEResult } from '../../infrastructure/auth/siwe-verify.js';
31
11
  //# sourceMappingURL=siwe-verify.d.ts.map
package/dist/api/middleware/siwe-verify.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"siwe-verify.d.ts","sourceRoot":"","sources":["../../../src/api/middleware/siwe-verify.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AASH,MAAM,WAAW,gBAAgB;IAC/B,wCAAwC;IACxC,OAAO,EAAE,MAAM,CAAC;IAChB,gDAAgD;IAChD,SAAS,EAAE,MAAM,CAAC;IAClB,0CAA0C;IAC1C,eAAe,EAAE,MAAM,CAAC;CACzB;AAED,MAAM,WAAW,gBAAgB;IAC/B,KAAK,EAAE,OAAO,CAAC;IACf,mCAAmC;IACnC,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,wBAAwB;IACxB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAMD,wBAAsB,UAAU,CAAC,MAAM,EAAE,gBAAgB,GAAG,OAAO,CAAC,gBAAgB,CAAC,CAuCpF"}
1
+ {"version":3,"file":"siwe-verify.d.ts","sourceRoot":"","sources":["../../../src/api/middleware/siwe-verify.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AACH,OAAO,EAAE,UAAU,EAAE,MAAM,0CAA0C,CAAC;AACtE,YAAY,EAAE,gBAAgB,EAAE,gBAAgB,EAAE,MAAM,0CAA0C,CAAC"}