@waku/rln 0.1.5-76f86de.0 → 0.1.5-861a776.0

package/bundle/packages/rln/dist/rln_light.js

@@ -0,0 +1,149 @@
+import { hmac } from '../node_modules/@noble/hashes/esm/hmac.js';
+import { sha256 } from '../node_modules/@noble/hashes/esm/sha256.js';
+import '../../interfaces/dist/protocols.js';
+import '../../interfaces/dist/connection_manager.js';
+import '../../interfaces/dist/health_indicator.js';
+import '../../../node_modules/multiformats/dist/src/bases/base10.js';
+import '../../../node_modules/multiformats/dist/src/bases/base16.js';
+import '../../../node_modules/multiformats/dist/src/bases/base2.js';
+import '../../../node_modules/multiformats/dist/src/bases/base256emoji.js';
+import '../../../node_modules/multiformats/dist/src/bases/base32.js';
+import '../../../node_modules/multiformats/dist/src/bases/base36.js';
+import '../../../node_modules/multiformats/dist/src/bases/base58.js';
+import '../../../node_modules/multiformats/dist/src/bases/base64.js';
+import '../../../node_modules/multiformats/dist/src/bases/base8.js';
+import '../../../node_modules/multiformats/dist/src/bases/identity.js';
+import '../../../node_modules/multiformats/dist/src/codecs/json.js';
+import { Logger } from '../../utils/dist/logger/index.js';
+import { LINEA_CONTRACT } from './contract/constants.js';
+import { RLNLightContract } from './contract/rln_light_contract.js';
+import { IdentityCredential } from './identity.js';
+import { Keystore } from './keystore/keystore.js';
+import { extractMetaMaskSigner } from './utils/metamask.js';
+import { buildBigIntFromUint8Array } from './utils/bytes.js';
+import './utils/epoch.js';
+
+new Logger("waku:rln");
+class RLNLightInstance {
+    started = false;
+    starting = false;
+    _contract;
+    _signer;
+    keystore = Keystore.create();
+    _credentials;
+    constructor() { }
+    get contract() {
+        return this._contract;
+    }
+    get signer() {
+        return this._signer;
+    }
+    async start(options = {}) {
+        if (this.started || this.starting) {
+            return;
+        }
+        this.starting = true;
+        try {
+            const { credentials, keystore } = await RLNLightInstance.decryptCredentialsIfNeeded(options.credentials);
+            const { signer, address, rateLimit } = await this.determineStartOptions(options, credentials);
+            if (keystore) {
+                this.keystore = keystore;
+            }
+            this._credentials = credentials;
+            this._signer = signer;
+            this._contract = await RLNLightContract.init({
+                address: address,
+                signer: signer,
+                rateLimit: rateLimit
+            });
+            this.started = true;
+        }
+        finally {
+            this.starting = false;
+        }
+    }
+    get credentials() {
+        return this._credentials;
+    }
+    async determineStartOptions(options, credentials) {
+        let chainId = credentials?.membership.chainId;
+        const address = credentials?.membership.address ||
+            options.address ||
+            LINEA_CONTRACT.address;
+        if (address === LINEA_CONTRACT.address) {
+            chainId = LINEA_CONTRACT.chainId;
+        }
+        const signer = options.signer || (await extractMetaMaskSigner());
+        const currentChainId = (await signer.getChainId()).toString();
+        if (chainId && chainId !== currentChainId) {
+            throw Error(`Failed to start RLN contract, chain ID of contract is different from current one: contract-${chainId}, current network-${currentChainId}`);
+        }
+        return {
+            signer,
+            address
+        };
+    }
+    static async decryptCredentialsIfNeeded(credentials) {
+        if (!credentials) {
+            return {};
+        }
+        if ("identity" in credentials) {
+            return { credentials };
+        }
+        const keystore = Keystore.fromString(credentials.keystore);
+        if (!keystore) {
+            return {};
+        }
+        const decryptedCredentials = await keystore.readCredential(credentials.id, credentials.password);
+        return {
+            keystore,
+            credentials: decryptedCredentials
+        };
+    }
+    /**
+     * Generates an identity credential from a seed string
+     * This is a pure implementation that doesn't rely on Zerokit
+     * @param seed A string seed to generate the identity from
+     * @returns IdentityCredential
+     */
+    generateSeededIdentityCredential(seed) {
+        // Convert the seed to bytes
+        const encoder = new TextEncoder();
+        const seedBytes = encoder.encode(seed);
+        // Generate deterministic values using HMAC-SHA256
+        // We use different context strings for each component to ensure they're different
+        const idTrapdoor = hmac(sha256, seedBytes, encoder.encode("IDTrapdoor"));
+        const idNullifier = hmac(sha256, seedBytes, encoder.encode("IDNullifier"));
+        // Generate IDSecretHash as a hash of IDTrapdoor and IDNullifier
+        const combinedBytes = new Uint8Array([...idTrapdoor, ...idNullifier]);
+        const idSecretHash = sha256(combinedBytes);
+        // Generate IDCommitment as a hash of IDSecretHash
+        const idCommitment = sha256(idSecretHash);
+        // Convert IDCommitment to BigInt
+        const idCommitmentBigInt = buildBigIntFromUint8Array(idCommitment);
+        return new IdentityCredential(idTrapdoor, idNullifier, idSecretHash, idCommitment, idCommitmentBigInt);
+    }
+    async registerMembership(options) {
+        if (!this.contract) {
+            throw Error("RLN Contract is not initialized.");
+        }
+        let identity = "identity" in options && options.identity;
+        if ("signature" in options) {
+            identity = this.generateSeededIdentityCredential(options.signature);
+        }
+        if (!identity) {
+            throw Error("Missing signature or identity to register membership.");
+        }
+        return this.contract.registerWithIdentity(identity);
+    }
+    /**
+     * Changes credentials in use by relying on provided Keystore earlier in rln.start
+     * @param id: string, hash of credentials to select from Keystore
+     * @param password: string or bytes to use to decrypt credentials from Keystore
+     */
+    async useCredentials(id, password) {
+        this._credentials = await this.keystore?.readCredential(id, password);
+    }
+}
+
+export { RLNLightInstance };

package/bundle/packages/rln/node_modules/@noble/hashes/esm/_assert.js

@@ -0,0 +1,43 @@
+function number(n) {
+    if (!Number.isSafeInteger(n) || n < 0)
+        throw new Error(`Wrong positive integer: ${n}`);
+}
+function bool(b) {
+    if (typeof b !== 'boolean')
+        throw new Error(`Expected boolean, not ${b}`);
+}
+function bytes(b, ...lengths) {
+    if (!(b instanceof Uint8Array))
+        throw new TypeError('Expected Uint8Array');
+    if (lengths.length > 0 && !lengths.includes(b.length))
+        throw new TypeError(`Expected Uint8Array of length ${lengths}, not of length=${b.length}`);
+}
+function hash(hash) {
+    if (typeof hash !== 'function' || typeof hash.create !== 'function')
+        throw new Error('Hash should be wrapped by utils.wrapConstructor');
+    number(hash.outputLen);
+    number(hash.blockLen);
+}
+function exists(instance, checkFinished = true) {
+    if (instance.destroyed)
+        throw new Error('Hash instance has been destroyed');
+    if (checkFinished && instance.finished)
+        throw new Error('Hash#digest() has already been called');
+}
+function output(out, instance) {
+    bytes(out);
+    const min = instance.outputLen;
+    if (out.length < min) {
+        throw new Error(`digestInto() expects output buffer of length at least ${min}`);
+    }
+}
+const assert = {
+    number,
+    bool,
+    bytes,
+    hash,
+    exists,
+    output,
+};
+
+export { bool, bytes, assert as default, exists, hash, number, output };

package/bundle/packages/rln/node_modules/@noble/hashes/esm/_sha2.js

@@ -0,0 +1,116 @@
+import assert from './_assert.js';
+import { Hash, createView, toBytes } from './utils.js';
+
+// Polyfill for Safari 14
+function setBigUint64(view, byteOffset, value, isLE) {
+    if (typeof view.setBigUint64 === 'function')
+        return view.setBigUint64(byteOffset, value, isLE);
+    const _32n = BigInt(32);
+    const _u32_max = BigInt(0xffffffff);
+    const wh = Number((value >> _32n) & _u32_max);
+    const wl = Number(value & _u32_max);
+    const h = isLE ? 4 : 0;
+    const l = isLE ? 0 : 4;
+    view.setUint32(byteOffset + h, wh, isLE);
+    view.setUint32(byteOffset + l, wl, isLE);
+}
+// Base SHA2 class (RFC 6234)
+class SHA2 extends Hash {
+    constructor(blockLen, outputLen, padOffset, isLE) {
+        super();
+        this.blockLen = blockLen;
+        this.outputLen = outputLen;
+        this.padOffset = padOffset;
+        this.isLE = isLE;
+        this.finished = false;
+        this.length = 0;
+        this.pos = 0;
+        this.destroyed = false;
+        this.buffer = new Uint8Array(blockLen);
+        this.view = createView(this.buffer);
+    }
+    update(data) {
+        assert.exists(this);
+        const { view, buffer, blockLen } = this;
+        data = toBytes(data);
+        const len = data.length;
+        for (let pos = 0; pos < len;) {
+            const take = Math.min(blockLen - this.pos, len - pos);
+            // Fast path: we have at least one block in input, cast it to view and process
+            if (take === blockLen) {
+                const dataView = createView(data);
+                for (; blockLen <= len - pos; pos += blockLen)
+                    this.process(dataView, pos);
+                continue;
+            }
+            buffer.set(data.subarray(pos, pos + take), this.pos);
+            this.pos += take;
+            pos += take;
+            if (this.pos === blockLen) {
+                this.process(view, 0);
+                this.pos = 0;
+            }
+        }
+        this.length += data.length;
+        this.roundClean();
+        return this;
+    }
+    digestInto(out) {
+        assert.exists(this);
+        assert.output(out, this);
+        this.finished = true;
+        // Padding
+        // We can avoid allocation of buffer for padding completely if it
+        // was previously not allocated here. But it won't change performance.
+        const { buffer, view, blockLen, isLE } = this;
+        let { pos } = this;
+        // append the bit '1' to the message
+        buffer[pos++] = 0b10000000;
+        this.buffer.subarray(pos).fill(0);
+        // we have less than padOffset left in buffer, so we cannot put length in current block, need process it and pad again
+        if (this.padOffset > blockLen - pos) {
+            this.process(view, 0);
+            pos = 0;
+        }
+        // Pad until full block byte with zeros
+        for (let i = pos; i < blockLen; i++)
+            buffer[i] = 0;
+        // Note: sha512 requires length to be 128bit integer, but length in JS will overflow before that
+        // You need to write around 2 exabytes (u64_max / 8 / (1024**6)) for this to happen.
+        // So we just write lowest 64 bits of that value.
+        setBigUint64(view, blockLen - 8, BigInt(this.length * 8), isLE);
+        this.process(view, 0);
+        const oview = createView(out);
+        const len = this.outputLen;
+        // NOTE: we do division by 4 later, which should be fused in single op with modulo by JIT
+        if (len % 4)
+            throw new Error('_sha2: outputLen should be aligned to 32bit');
+        const outLen = len / 4;
+        const state = this.get();
+        if (outLen > state.length)
+            throw new Error('_sha2: outputLen bigger than state');
+        for (let i = 0; i < outLen; i++)
+            oview.setUint32(4 * i, state[i], isLE);
+    }
+    digest() {
+        const { buffer, outputLen } = this;
+        this.digestInto(buffer);
+        const res = buffer.slice(0, outputLen);
+        this.destroy();
+        return res;
+    }
+    _cloneInto(to) {
+        to || (to = new this.constructor());
+        to.set(...this.get());
+        const { blockLen, buffer, length, finished, destroyed, pos } = this;
+        to.length = length;
+        to.pos = pos;
+        to.finished = finished;
+        to.destroyed = destroyed;
+        if (length % blockLen)
+            to.buffer.set(buffer);
+        return to;
+    }
+}
+
+export { SHA2 };

package/bundle/packages/rln/node_modules/@noble/hashes/esm/hmac.js

@@ -0,0 +1,79 @@
+import assert from './_assert.js';
+import { Hash, toBytes } from './utils.js';
+
+// HMAC (RFC 2104)
+class HMAC extends Hash {
+    constructor(hash, _key) {
+        super();
+        this.finished = false;
+        this.destroyed = false;
+        assert.hash(hash);
+        const key = toBytes(_key);
+        this.iHash = hash.create();
+        if (typeof this.iHash.update !== 'function')
+            throw new TypeError('Expected instance of class which extends utils.Hash');
+        this.blockLen = this.iHash.blockLen;
+        this.outputLen = this.iHash.outputLen;
+        const blockLen = this.blockLen;
+        const pad = new Uint8Array(blockLen);
+        // blockLen can be bigger than outputLen
+        pad.set(key.length > blockLen ? hash.create().update(key).digest() : key);
+        for (let i = 0; i < pad.length; i++)
+            pad[i] ^= 0x36;
+        this.iHash.update(pad);
+        // By doing update (processing of first block) of outer hash here we can re-use it between multiple calls via clone
+        this.oHash = hash.create();
+        // Undo internal XOR && apply outer XOR
+        for (let i = 0; i < pad.length; i++)
+            pad[i] ^= 0x36 ^ 0x5c;
+        this.oHash.update(pad);
+        pad.fill(0);
+    }
+    update(buf) {
+        assert.exists(this);
+        this.iHash.update(buf);
+        return this;
+    }
+    digestInto(out) {
+        assert.exists(this);
+        assert.bytes(out, this.outputLen);
+        this.finished = true;
+        this.iHash.digestInto(out);
+        this.oHash.update(out);
+        this.oHash.digestInto(out);
+        this.destroy();
+    }
+    digest() {
+        const out = new Uint8Array(this.oHash.outputLen);
+        this.digestInto(out);
+        return out;
+    }
+    _cloneInto(to) {
+        // Create new instance without calling constructor since key already in state and we don't know it.
+        to || (to = Object.create(Object.getPrototypeOf(this), {}));
+        const { oHash, iHash, finished, destroyed, blockLen, outputLen } = this;
+        to = to;
+        to.finished = finished;
+        to.destroyed = destroyed;
+        to.blockLen = blockLen;
+        to.outputLen = outputLen;
+        to.oHash = oHash._cloneInto(to.oHash);
+        to.iHash = iHash._cloneInto(to.iHash);
+        return to;
+    }
+    destroy() {
+        this.destroyed = true;
+        this.oHash.destroy();
+        this.iHash.destroy();
+    }
+}
+/**
+ * HMAC: RFC2104 message authentication code.
+ * @param hash - function that would be used e.g. sha256
+ * @param key - message key
+ * @param message - message data
+ */
+const hmac = (hash, key, message) => new HMAC(hash, key).update(message).digest();
+hmac.create = (hash, key) => new HMAC(hash, key);
+
+export { hmac };

package/bundle/packages/rln/node_modules/@noble/hashes/esm/sha256.js

@@ -0,0 +1,126 @@
+import { SHA2 } from './_sha2.js';
+import { wrapConstructor, rotr } from './utils.js';
+
+// Choice: a ? b : c
+const Chi = (a, b, c) => (a & b) ^ (~a & c);
+// Majority function, true if any two inpust is true
+const Maj = (a, b, c) => (a & b) ^ (a & c) ^ (b & c);
+// Round constants:
+// first 32 bits of the fractional parts of the cube roots of the first 64 primes 2..311)
+// prettier-ignore
+const SHA256_K = new Uint32Array([
+    0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
+    0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
+    0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
+    0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
+    0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
+    0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
+    0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
+    0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
+]);
+// Initial state (first 32 bits of the fractional parts of the square roots of the first 8 primes 2..19):
+// prettier-ignore
+const IV = new Uint32Array([
+    0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a, 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19
+]);
+// Temporary buffer, not used to store anything between runs
+// Named this way because it matches specification.
+const SHA256_W = new Uint32Array(64);
+class SHA256 extends SHA2 {
+    constructor() {
+        super(64, 32, 8, false);
+        // We cannot use array here since array allows indexing by variable
+        // which means optimizer/compiler cannot use registers.
+        this.A = IV[0] | 0;
+        this.B = IV[1] | 0;
+        this.C = IV[2] | 0;
+        this.D = IV[3] | 0;
+        this.E = IV[4] | 0;
+        this.F = IV[5] | 0;
+        this.G = IV[6] | 0;
+        this.H = IV[7] | 0;
+    }
+    get() {
+        const { A, B, C, D, E, F, G, H } = this;
+        return [A, B, C, D, E, F, G, H];
+    }
+    // prettier-ignore
+    set(A, B, C, D, E, F, G, H) {
+        this.A = A | 0;
+        this.B = B | 0;
+        this.C = C | 0;
+        this.D = D | 0;
+        this.E = E | 0;
+        this.F = F | 0;
+        this.G = G | 0;
+        this.H = H | 0;
+    }
+    process(view, offset) {
+        // Extend the first 16 words into the remaining 48 words w[16..63] of the message schedule array
+        for (let i = 0; i < 16; i++, offset += 4)
+            SHA256_W[i] = view.getUint32(offset, false);
+        for (let i = 16; i < 64; i++) {
+            const W15 = SHA256_W[i - 15];
+            const W2 = SHA256_W[i - 2];
+            const s0 = rotr(W15, 7) ^ rotr(W15, 18) ^ (W15 >>> 3);
+            const s1 = rotr(W2, 17) ^ rotr(W2, 19) ^ (W2 >>> 10);
+            SHA256_W[i] = (s1 + SHA256_W[i - 7] + s0 + SHA256_W[i - 16]) | 0;
+        }
+        // Compression function main loop, 64 rounds
+        let { A, B, C, D, E, F, G, H } = this;
+        for (let i = 0; i < 64; i++) {
+            const sigma1 = rotr(E, 6) ^ rotr(E, 11) ^ rotr(E, 25);
+            const T1 = (H + sigma1 + Chi(E, F, G) + SHA256_K[i] + SHA256_W[i]) | 0;
+            const sigma0 = rotr(A, 2) ^ rotr(A, 13) ^ rotr(A, 22);
+            const T2 = (sigma0 + Maj(A, B, C)) | 0;
+            H = G;
+            G = F;
+            F = E;
+            E = (D + T1) | 0;
+            D = C;
+            C = B;
+            B = A;
+            A = (T1 + T2) | 0;
+        }
+        // Add the compressed chunk to the current hash value
+        A = (A + this.A) | 0;
+        B = (B + this.B) | 0;
+        C = (C + this.C) | 0;
+        D = (D + this.D) | 0;
+        E = (E + this.E) | 0;
+        F = (F + this.F) | 0;
+        G = (G + this.G) | 0;
+        H = (H + this.H) | 0;
+        this.set(A, B, C, D, E, F, G, H);
+    }
+    roundClean() {
+        SHA256_W.fill(0);
+    }
+    destroy() {
+        this.set(0, 0, 0, 0, 0, 0, 0, 0);
+        this.buffer.fill(0);
+    }
+}
+// Constants from https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.180-4.pdf
+class SHA224 extends SHA256 {
+    constructor() {
+        super();
+        this.A = 0xc1059ed8 | 0;
+        this.B = 0x367cd507 | 0;
+        this.C = 0x3070dd17 | 0;
+        this.D = 0xf70e5939 | 0;
+        this.E = 0xffc00b31 | 0;
+        this.F = 0x68581511 | 0;
+        this.G = 0x64f98fa7 | 0;
+        this.H = 0xbefa4fa4 | 0;
+        this.outputLen = 28;
+    }
+}
+/**
+ * SHA2-256 hash function
+ * @param message - data that would be hashed
+ */
+const sha256 = wrapConstructor(() => new SHA256());
+wrapConstructor(() => new SHA224());
+
+export { sha256 };

package/bundle/packages/rln/node_modules/@noble/hashes/esm/utils.js

@@ -0,0 +1,43 @@
+/*! noble-hashes - MIT License (c) 2022 Paul Miller (paulmillr.com) */
+// The import here is via the package name. This is to ensure
+// that exports mapping/resolution does fall into place.
+// Cast array to view
+const createView = (arr) => new DataView(arr.buffer, arr.byteOffset, arr.byteLength);
+// The rotate right (circular right shift) operation for uint32
+const rotr = (word, shift) => (word << (32 - shift)) | (word >>> shift);
+const isLE = new Uint8Array(new Uint32Array([0x11223344]).buffer)[0] === 0x44;
+// There is almost no big endian hardware, but js typed arrays uses platform specific endianness.
+// So, just to be sure not to corrupt anything.
+if (!isLE)
+    throw new Error('Non little-endian hardware is not supported');
+Array.from({ length: 256 }, (v, i) => i.toString(16).padStart(2, '0'));
+function utf8ToBytes(str) {
+    if (typeof str !== 'string') {
+        throw new TypeError(`utf8ToBytes expected string, got ${typeof str}`);
+    }
+    return new TextEncoder().encode(str);
+}
+function toBytes(data) {
+    if (typeof data === 'string')
+        data = utf8ToBytes(data);
+    if (!(data instanceof Uint8Array))
+        throw new TypeError(`Expected input type is Uint8Array (got ${typeof data})`);
+    return data;
+}
+// For runtime check if class implements interface
+class Hash {
+    // Safe version that clones internal state
+    clone() {
+        return this._cloneInto();
+    }
+}
+function wrapConstructor(hashConstructor) {
+    const hashC = (message) => hashConstructor().update(toBytes(message)).digest();
+    const tmp = hashConstructor();
+    hashC.outputLen = tmp.outputLen;
+    hashC.blockLen = tmp.blockLen;
+    hashC.create = () => hashConstructor();
+    return hashC;
+}
+
+export { Hash, createView, isLE, rotr, toBytes, utf8ToBytes, wrapConstructor };