@whistlex/sdk 0.1.0 → 0.1.2

package/README.md

@@ -36,6 +36,7 @@ const messageKit = await encryptWithTaco({
   poolAddress: "0xPoolAddressPlaceholder", // use actual pool address after createPool
   payload: keyBytes,
   privateKey: process.env.TACO_PRIVATE_KEY
+  // or: signer: walletSigner (MCP / injected signer)
 });
 
 // 3) On-chain create pool
@@ -53,6 +54,42 @@ await tx.wait();
 // 4) Store metadata via API (see /skill.md for API calls)
 ```
 
+## Dry Run (No On-chain Submission)
+
+```bash
+POOL_ADDRESS=0xYourPool TACO_PRIVATE_KEY=0xyourkey npm run dry-run
+```
+
+This will print:
+- `ciphertextHex` (ready for on-chain calldata)
+- `messageKit` (TACo wrapped DEK)
+
+### Using a Signer (MCP / Injected)
+
+If you have a signer (e.g., Phantom MCP), pass it directly:
+
+```ts
+const messageKit = await encryptWithTaco({
+  poolAddress,
+  payload: keyBytes,
+  signer // wallet signer
+});
+```
+
+### Decrypt Intel (TACo)
+
+```ts
+import { decryptIntelWithTaco } from "@whistlex/sdk";
+
+const plaintext = await decryptIntelWithTaco({
+  ciphertext,
+  messageKit,
+  contributorAddress,
+  privateKey: process.env.TACO_PRIVATE_KEY
+  // or signer
+});
+```
+
 ## Notes
 
 - **Intel is encrypted locally**. The SDK never sends plaintext to WhistleX.

package/dist/crypto.d.ts

@@ -20,6 +20,13 @@ export declare function decryptIntelWithKey(params: {
     ciphertext: string;
     keyBytes: Uint8Array;
 }): Promise<string>;
+export declare function decryptIntelWithTaco(params: {
+    ciphertext: string;
+    messageKit: string;
+    contributorAddress?: string;
+    privateKey?: string;
+    signer?: any;
+}): Promise<string>;
 export declare const symmetricEncoding: {
     bytesToHex: typeof bytesToHex;
     hexToBytes: typeof hexToBytes;

package/dist/crypto.js

@@ -89,4 +89,14 @@ export async function decryptIntelWithKey(params) {
     const plainBuffer = await subtle.decrypt({ name: "AES-GCM", iv: toArrayBuffer(ivBytes) }, aesKey, toArrayBuffer(cipherBytes));
     return new TextDecoder().decode(plainBuffer);
 }
+export async function decryptIntelWithTaco(params) {
+    const { decryptWithTaco } = await import("./taco.js");
+    const keyBytes = await decryptWithTaco({
+        messageKit: params.messageKit,
+        contributorAddress: params.contributorAddress,
+        privateKey: params.privateKey,
+        signer: params.signer
+    });
+    return decryptIntelWithKey({ ciphertext: params.ciphertext, keyBytes });
+}
 export const symmetricEncoding = { bytesToHex, hexToBytes };

package/dist/taco.d.ts

@@ -1,8 +1,10 @@
+import { providers, Wallet } from "ethers";
 export declare const DEFAULT_POLYGON_AMOY_RPC_URL = "https://polygon-amoy.drpc.org";
 export declare const DEFAULT_TACO_RITUAL_ID = 6;
 export declare const DEFAULT_CONDITION_CHAIN_ID = 80002;
 export interface TacoConfig {
     privateKey?: string;
+    signer?: providers.JsonRpcSigner | Wallet;
     dkgRpcUrl?: string;
     conditionRpcUrl?: string;
     conditionChainId?: number;
@@ -41,4 +43,4 @@ export declare function encryptWithTaco(params: EncryptWithTacoParams): Promise<
 export declare function decryptWithTaco(params: TacoConfig & {
     messageKit: string;
     contributorAddress?: string;
-}): Promise<string>;
+}): Promise<Uint8Array>;

package/dist/taco.js

@@ -6,21 +6,40 @@ export const DEFAULT_CONDITION_CHAIN_ID = 80002;
 function resolveTacoConfig(config) {
     return {
         key: config.privateKey,
+        signer: config.signer,
         dkg: config.dkgRpcUrl || process.env.TACO_DKG_RPC_URL || DEFAULT_POLYGON_AMOY_RPC_URL,
         condition: config.conditionRpcUrl || process.env.TACO_CONDITION_RPC_URL || DEFAULT_POLYGON_AMOY_RPC_URL,
         conditionChain: config.conditionChainId || DEFAULT_CONDITION_CHAIN_ID,
         ritual: config.ritualId || DEFAULT_TACO_RITUAL_ID
     };
 }
-async function resolveConditionSigner(provider, key) {
+async function resolveConditionSigner(provider, key, signer) {
+    if (signer)
+        return signer;
     if (!key) {
-        throw new Error("TACo private key is required in Node SDK (no injected wallet). ");
+        throw new Error("TACo signer is required. Provide privateKey or signer.");
     }
     return new Wallet(key, provider);
 }
 function toHexString(bytes) {
     return Buffer.from(bytes).toString("hex");
 }
+function parseMessageKitBytes(serialized) {
+    const normalized = serialized.trim();
+    const hex = normalized.startsWith("0x") ? normalized.slice(2) : normalized;
+    try {
+        return Uint8Array.from(Buffer.from(hex, "hex"));
+    }
+    catch {
+        // fallthrough to base64
+    }
+    try {
+        return Uint8Array.from(Buffer.from(normalized, "base64"));
+    }
+    catch {
+        throw new Error("Unsupported messageKit encoding; expected hex or base64");
+    }
+}
 function encodePayload(data) {
     const normalized = data.trim();
     const hexMatch = normalized.match(/^0x[0-9a-fA-F]+$/);
@@ -65,11 +84,11 @@ export async function encryptWithTaco(params) {
     if (!ContractCondition) {
         throw new Error("encryptWithTaco: ContractCondition not available");
     }
-    const { key, dkg, condition, conditionChain, ritual } = resolveTacoConfig(params);
+    const { key, signer, dkg, condition, conditionChain, ritual } = resolveTacoConfig(params);
     await initialize();
     const dkgProvider = new providers.JsonRpcProvider(dkg);
     const conditionProvider = new providers.JsonRpcProvider(condition);
-    const encryptorSigner = await resolveConditionSigner(conditionProvider, key);
+    const encryptorSigner = await resolveConditionSigner(conditionProvider, key, signer);
     const conditionInstance = new ContractCondition({
         method: "canDecrypt",
         parameters: [":contributor"],
@@ -83,7 +102,7 @@ export async function encryptWithTaco(params) {
     if (typeof kit === "string")
         return kit;
     if (kit?.toBytes)
-        return toHexString(kit.toBytes());
+        return `0x${toHexString(kit.toBytes())}`;
     if (kit?.toString)
         return kit.toString();
     return JSON.stringify(kit);
@@ -101,17 +120,17 @@ export async function decryptWithTaco(params) {
     const ConditionContext = conditions?.context?.ConditionContext;
     if (!ConditionContext)
         throw new Error("decryptWithTaco: ConditionContext missing");
-    const { key, condition, conditionChain, ritual, dkg } = resolveTacoConfig(params);
+    const { key, signer, condition, conditionChain, ritual, dkg } = resolveTacoConfig(params);
     await initialize();
     const conditionProvider = new providers.JsonRpcProvider(condition);
-    const decryptorSigner = await resolveConditionSigner(conditionProvider, key);
+    const decryptorSigner = await resolveConditionSigner(conditionProvider, key, signer);
     const decryptorAddress = await decryptorSigner.getAddress();
-    const kitBytes = Buffer.from(messageKit.replace(/^0x/, ""), "hex");
-    const kit = ThresholdMessageKit.fromBytes(Uint8Array.from(kitBytes));
+    const kitBytes = parseMessageKitBytes(messageKit);
+    const kit = ThresholdMessageKit.fromBytes(kitBytes);
     const context = ConditionContext.fromMessageKit(kit);
     context.addCustomContextParameterValues({
         ":contributor": contributorAddress ? utils.getAddress(contributorAddress) : decryptorAddress
     });
     const decryptedBytes = await decrypt(conditionProvider, domains.TESTNET || domains.tapir, kit, context, domains.TESTNET?.porterUris);
-    return new TextDecoder().decode(decryptedBytes);
+    return decryptedBytes;
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@whistlex/sdk",
-  "version": "0.1.0",
+  "version": "0.1.2",
   "description": "WhistleX SDK for local encryption, TACo wrapping, and on-chain pool calldata",
   "type": "module",
   "main": "dist/index.js",
@@ -11,10 +11,13 @@
       "types": "./dist/index.d.ts"
     }
   },
-  "files": ["dist"],
+  "files": [
+    "dist"
+  ],
   "scripts": {
     "build": "tsc -p tsconfig.json",
-    "clean": "rm -rf dist"
+    "clean": "rm -rf dist",
+    "dry-run": "node ./scripts/dry-run.mjs"
   },
   "dependencies": {
     "@nucypher/taco": "0.6.0",