@winbit32/wallet-kit 0.1.0

package/dist/cosign/orchardFrost.js

@@ -0,0 +1,227 @@
+"use strict";
+/**
+ * @fileoverview Orchard (RedPallas) FROST engine bridge.
+ *
+ * A framework-agnostic port of WINBIT32's `orchardFrostBridge` trimmed to
+ * the pieces an initiator needs: load the WASM, derive a UFVK / unified
+ * address from a FROST share, and (for tests / local 2-of-2) split a key
+ * with a trusted dealer. The two-round signing ceremony wrappers live here
+ * so their wire shapes stay matched to the relay protocol.
+ *
+ * Design for reuse: there is no module-global "current WASM" the way the
+ * original bridge keeps one. The loaded module is returned and passed
+ * explicitly into each function (dependency injection), so a host can run
+ * more than one engine instance and nothing leaks across React renders.
+ * The only internal state is a load cache keyed by asset URL.
+ *
+ * The underlying WASM is `orchard-frost-wasm` (built from frosty-lib /
+ * orchard-frost-wasm), served as static assets. See {@link CosignConfig}.
+ */
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
+    __setModuleDefault(result, mod);
+    return result;
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.orchardGroupVerifyingKey = exports.orchardGenerateRandomizer = exports.orchardAggregate = exports.orchardSignWithNonces = exports.orchardCommitNonces = exports.deriveOrchardAddressFromBundle = exports.orchardKeygenWithCompatibleExtras = exports.isOrchardCompatibleGroupPublicHex = exports.generateOrchardExtras = exports.orchardKeygenWithDealer = exports.loadOrchardFrostWasm = exports.DEFAULT_KEYGEN_RETRY_LIMIT = void 0;
+/** Attempts before giving up on producing an Orchard-compatible `ak`. */
+exports.DEFAULT_KEYGEN_RETRY_LIMIT = 32;
+// ─── WASM loader (config-injected, cached per asset URL) ────────────
+const wasmCache = new Map();
+const cacheBustSuffix = (config) => config.assetCacheBustToken ? `?v=${encodeURIComponent(config.assetCacheBustToken)}` : '';
+/**
+ * Load + initialise the Orchard FROST WASM.
+ *
+ * Uses `config.loadOrchardFrostWasm` when provided (hosts that bundle the WASM
+ * themselves). Otherwise lazily fetches the artefacts from `config.wasmBaseUrl`
+ * — the dynamic `import()` is deliberate: it keeps the ~500 KB engine off the
+ * critical path until a co-signing flow actually needs it.
+ */
+const loadOrchardFrostWasm = (config) => {
+    if (config.loadOrchardFrostWasm) {
+        return config.loadOrchardFrostWasm();
+    }
+    const jsUrl = `${config.wasmBaseUrl}/orchard_frost_wasm.js${cacheBustSuffix(config)}`;
+    const wasmUrl = `${config.wasmBaseUrl}/orchard_frost_wasm_bg.wasm${cacheBustSuffix(config)}`;
+    const cached = wasmCache.get(jsUrl);
+    if (cached)
+        return cached;
+    const loading = (async () => {
+        var _a;
+        try {
+            const glue = (await (_a = jsUrl, Promise.resolve().then(() => __importStar(require(_a)))));
+            const bytes = await config.fetchImpl(wasmUrl).then((r) => r.arrayBuffer());
+            await glue.default(bytes);
+            return glue;
+        }
+        catch (err) {
+            wasmCache.delete(jsUrl);
+            throw new Error(`Failed to initialise orchard-frost WASM from ${config.wasmBaseUrl}: ${err.message}`);
+        }
+    })();
+    wasmCache.set(jsUrl, loading);
+    return loading;
+};
+exports.loadOrchardFrostWasm = loadOrchardFrostWasm;
+// ─── Engine operations (WASM module injected) ───────────────────────
+/** Trusted-dealer t-of-n split (used by tests and local 2-of-2 setups). */
+const orchardKeygenWithDealer = (wasm, maxSigners, minSigners) => {
+    const result = JSON.parse(wasm.keygen_with_dealer(maxSigners, minSigners));
+    const shares = {};
+    for (const [idHex, share] of Object.entries(result.shares)) {
+        shares[idHex] = {
+            id: share.id,
+            secretShare: share.secret_share,
+            publicKey: share.public,
+            groupPublic: share.group_public,
+        };
+    }
+    return {
+        shares,
+        publicKeyPackage: {
+            signerPubkeys: result.public_key_package.signer_pubkeys,
+            groupPublic: result.public_key_package.group_public,
+        },
+    };
+};
+exports.orchardKeygenWithDealer = orchardKeygenWithDealer;
+/** Generate random 64-byte nk‖rivk extras compatible with `groupPublicHex`. */
+const generateOrchardExtras = (wasm, groupPublicHex) => {
+    if (!wasm.orchard_random_extras) {
+        throw new Error('orchard-frost WASM lacks orchard_random_extras — rebuild/redeploy the WASM bundle.');
+    }
+    return wasm.orchard_random_extras(groupPublicHex);
+};
+exports.generateOrchardExtras = generateOrchardExtras;
+/**
+ * Whether a 32-byte serialised group_public is a usable Orchard `ak`.
+ *
+ * Orchard's `SpendValidatingKey::from_bytes` rejects points whose y-sign bit
+ * (top bit of byte 31) is set, and the identity (all-zero) point. RedPallas
+ * keygen produces a random y-sign, so ~half of keygens are unusable as-is.
+ */
+const isOrchardCompatibleGroupPublicHex = (groupPublicHex) => {
+    if (typeof groupPublicHex !== 'string' || groupPublicHex.length !== 64)
+        return false;
+    const lastByte = parseInt(groupPublicHex.slice(62, 64), 16);
+    if (Number.isNaN(lastByte))
+        return false;
+    if ((lastByte & 0x80) !== 0)
+        return false;
+    if (/^0+$/.test(groupPublicHex))
+        return false;
+    return true;
+};
+exports.isOrchardCompatibleGroupPublicHex = isOrchardCompatibleGroupPublicHex;
+/**
+ * Trusted-dealer keygen that re-rolls until the group_public is an
+ * Orchard-compatible `ak`, then derives matching nk‖rivk extras. With
+ * p ≈ 0.5 per attempt, the default 32-attempt cap fails with probability
+ * ≈ 2^-32. Returns the keygen, the extras, and how many attempts it took.
+ */
+const orchardKeygenWithCompatibleExtras = (wasm, maxSigners, minSigners, options = {}) => {
+    if (!wasm.orchard_random_extras) {
+        throw new Error('orchard-frost WASM lacks orchard_random_extras — rebuild/redeploy the WASM bundle.');
+    }
+    const maxAttempts = Math.max(1, options.maxAttempts ?? exports.DEFAULT_KEYGEN_RETRY_LIMIT);
+    let lastError = null;
+    for (let attempt = 1; attempt <= maxAttempts; attempt++) {
+        const keygen = (0, exports.orchardKeygenWithDealer)(wasm, maxSigners, minSigners);
+        const groupPublic = keygen.publicKeyPackage.groupPublic;
+        if (!(0, exports.isOrchardCompatibleGroupPublicHex)(groupPublic)) {
+            lastError = new Error(`group_public has wrong y-sign (attempt ${attempt})`);
+            continue;
+        }
+        try {
+            return { keygen, orchardExtras: wasm.orchard_random_extras(groupPublic), keygenAttempts: attempt };
+        }
+        catch (err) {
+            lastError = err;
+        }
+    }
+    const detail = lastError instanceof Error ? lastError.message : String(lastError ?? 'unknown error');
+    throw new Error(`orchard-frost keygen could not produce an Orchard-compatible ak after ${maxAttempts} attempts: ${detail}`);
+};
+exports.orchardKeygenWithCompatibleExtras = orchardKeygenWithCompatibleExtras;
+/**
+ * Derive the Orchard UFVK + unified address for a FROST share bundle.
+ *
+ * The group_public is already the 32-byte serialised `ak`, so `ak‖nk‖rivk`
+ * trivially yields the Orchard FVK the PCZT will embed and verify against.
+ * Backfills missing `orchardExtras` (mutating the bundle so the caller can
+ * persist it) — without them the derived UFVK would not match the FROST
+ * signer's `ak` and every shielded send would fail.
+ *
+ * @returns the address pair, or null if extras can't be produced / the WASM
+ *   lacks the FROST-native helpers.
+ */
+const deriveOrchardAddressFromBundle = (wasm, bundle) => {
+    const groupPublicHex = bundle.publicKeyPackage.groupPublic;
+    if (!bundle.orchardExtras) {
+        try {
+            bundle.orchardExtras = (0, exports.generateOrchardExtras)(wasm, groupPublicHex);
+        }
+        catch (err) {
+            console.error('[cosign/orchard] could not backfill orchardExtras:', err.message);
+            return null;
+        }
+    }
+    if (!wasm.build_orchard_ufvk_from_frost || !wasm.build_orchard_unified_address_from_frost) {
+        console.error('[cosign/orchard] WASM lacks build_orchard_*_from_frost — rebuild/redeploy.');
+        return null;
+    }
+    try {
+        const ufvk = wasm.build_orchard_ufvk_from_frost(groupPublicHex, bundle.orchardExtras);
+        const unifiedAddress = wasm.build_orchard_unified_address_from_frost(groupPublicHex, bundle.orchardExtras);
+        return { unifiedAddress, ufvk };
+    }
+    catch (err) {
+        console.error('[cosign/orchard] FROST-native address derivation failed:', err.message);
+        return null;
+    }
+};
+exports.deriveOrchardAddressFromBundle = deriveOrchardAddressFromBundle;
+/** Round 1: produce this signer's nonces (opaque) + commitments (shareable). */
+const orchardCommitNonces = (wasm, secretShareHex) => {
+    const result = JSON.parse(wasm.commit_nonces(secretShareHex));
+    return { noncesOpaque: result.nonces_opaque, commitments: result.commitments };
+};
+exports.orchardCommitNonces = orchardCommitNonces;
+/**
+ * Round 2: produce this signer's signature share using its pre-committed
+ * nonces. Both parties MUST pass the same `allCommitmentsJson`, `messageHex`
+ * (sighash) and `randomizerHex` (the PCZT's per-action `alpha`).
+ */
+const orchardSignWithNonces = (wasm, identifierHex, secretShareHex, publicHex, groupPublicHex, noncesOpaqueHex, allCommitmentsJson, messageHex, randomizerHex) => wasm.sign_with_nonces(identifierHex, secretShareHex, publicHex, groupPublicHex, noncesOpaqueHex, allCommitmentsJson, messageHex, randomizerHex);
+exports.orchardSignWithNonces = orchardSignWithNonces;
+/**
+ * Aggregate signature shares into a 64-byte RedPallas signature.
+ * Returns the raw WASM JSON (`{ signature, ... }`); callers read `.signature`.
+ */
+const orchardAggregate = (wasm, commitmentsJson, messageHex, sigSharesJson, signerPubkeysJson, groupPublicHex, randomizerHex) => wasm.aggregate(commitmentsJson, messageHex, sigSharesJson, signerPubkeysJson, groupPublicHex, randomizerHex);
+exports.orchardAggregate = orchardAggregate;
+/** Generate a random 32-byte scalar usable as a FROST randomizer (tests only — the live path uses the PCZT's alpha). */
+const orchardGenerateRandomizer = (wasm) => wasm.generate_randomizer();
+exports.orchardGenerateRandomizer = orchardGenerateRandomizer;
+/** Derive the (un-randomized) group verifying key from a group_public. */
+const orchardGroupVerifyingKey = (wasm, groupPublicHex) => wasm.get_group_verifying_key(groupPublicHex);
+exports.orchardGroupVerifyingKey = orchardGroupVerifyingKey;
+//# sourceMappingURL=orchardFrost.js.map

package/dist/cosign/orchardFrost.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"orchardFrost.js","sourceRoot":"","sources":["../../src/cosign/orchardFrost.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;;;;GAiBG;;;;;;;;;;;;;;;;;;;;;;;;;;AAmFH,yEAAyE;AAC5D,QAAA,0BAA0B,GAAG,EAAE,CAAC;AAE7C,uEAAuE;AAEvE,MAAM,SAAS,GAAG,IAAI,GAAG,EAA2C,CAAC;AAErE,MAAM,eAAe,GAAG,CAAC,MAAoB,EAAU,EAAE,CACxD,MAAM,CAAC,mBAAmB,CAAC,CAAC,CAAC,MAAM,kBAAkB,CAAC,MAAM,CAAC,mBAAmB,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;AAE1F;;;;;;;GAOG;AACI,MAAM,oBAAoB,GAAG,CAAC,MAAoB,EAAmC,EAAE;IAC7F,IAAI,MAAM,CAAC,oBAAoB,EAAE;QAChC,OAAO,MAAM,CAAC,oBAAoB,EAAE,CAAC;KACrC;IAED,MAAM,KAAK,GAAG,GAAG,MAAM,CAAC,WAAW,yBAAyB,eAAe,CAAC,MAAM,CAAC,EAAE,CAAC;IACtF,MAAM,OAAO,GAAG,GAAG,MAAM,CAAC,WAAW,8BAA8B,eAAe,CAAC,MAAM,CAAC,EAAE,CAAC;IAE7F,MAAM,MAAM,GAAG,SAAS,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;IACpC,IAAI,MAAM;QAAE,OAAO,MAAM,CAAC;IAE1B,MAAM,OAAO,GAAG,CAAC,KAAK,IAAqC,EAAE;;QAC5D,IAAI;YACH,MAAM,IAAI,GAAG,CAAC,YAAgC,KAAK,0DAAC,CAAsC,CAAC;YAC3F,MAAM,KAAK,GAAG,MAAM,MAAM,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC;YAC3E,MAAM,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;YAC1B,OAAO,IAAI,CAAC;SACZ;QAAC,OAAO,GAAG,EAAE;YACb,SAAS,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YACxB,MAAM,IAAI,KAAK,CACd,gDAAgD,MAAM,CAAC,WAAW,KAAM,GAAa,CAAC,OAAO,EAAE,CAC/F,CAAC;SACF;IACF,CAAC,CAAC,EAAE,CAAC;IAEL,SAAS,CAAC,GAAG,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;IAC9B,OAAO,OAAO,CAAC;AAChB,CAAC,CAAC;AA3BW,QAAA,oBAAoB,wBA2B/B;AAEF,uEAAuE;AAEvE,2EAA2E;AACpE,MAAM,uBAAuB,GAAG,CACtC,IAA4B,EAC5B,UAAkB,EAClB,UAAkB,EACI,EAAE;IACxB,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,kBAAkB,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC,CAAC;IAC3E,MAAM,MAAM,GAAoC,EAAE,CAAC;IACnD,KAAK,MAAM,CAAC,KAAK,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,MAA6B,CAAC,EAAE;QAClF,MAAM,CAAC,KAAK,CAAC,GAAG;YACf,EAAE,EAAE,KAAK,CAAC,EAAE;YACZ,WAAW,EAAE,KAAK,CAAC,YAAY;YAC/B,SAAS,EAAE,KAAK,CAAC,MAAM;YACvB,WAAW,EAAE,KAAK,CAAC,YAAY;SAC/B,CAAC;KACF;IACD,OAAO;QACN,MAAM;QACN,gBAAgB,EAAE;YACjB,aAAa,EAAE,MAAM,CAAC,kBAAkB,CAAC,cAAc;YACvD,WAAW,EAAE,MAAM,CAAC,kBAAkB,CAAC,YAAY;SACnD;KACD,CAAC;AACH,CAAC,CAAC;AAtBW,QAAA,uBAAuB,2BAsBlC;AAEF,+EAA+E;AACxE,MAAM,qBAAqB,GAAG,CAAC,IAA4B,EAAE,cAAsB,EAAU,EAAE;IACrG,IAAI,CAAC,IAAI,CAAC,qBAAqB,EAAE;QAChC,MAAM,IAAI,KAAK,CAAC,oFAAoF,CAAC,CAAC;KACtG;IACD,OAAO,IAAI,CAAC,qBAAqB,CAAC,cAAc,CAAC,CAAC;AACnD,CAAC,CAAC;AALW,QAAA,qBAAqB,yBAKhC;AAEF;;;;;;GAMG;AACI,MAAM,iCAAiC,GAAG,CAAC,cAAsB,EAAW,EAAE;IACpF,IAAI,OAAO,cAAc,KAAK,QAAQ,IAAI,cAAc,CAAC,MAAM,KAAK,EAAE;QAAE,OAAO,KAAK,CAAC;IACrF,MAAM,QAAQ,GAAG,QAAQ,CAAC,cAAc,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC;IAC5D,IAAI,MAAM,CAAC,KAAK,CAAC,QAAQ,CAAC;QAAE,OAAO,KAAK,CAAC;IACzC,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC;QAAE,OAAO,KAAK,CAAC;IAC1C,IAAI,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC;QAAE,OAAO,KAAK,CAAC;IAC9C,OAAO,IAAI,CAAC;AACb,CAAC,CAAC;AAPW,QAAA,iCAAiC,qCAO5C;AAEF;;;;;GAKG;AACI,MAAM,iCAAiC,GAAG,CAChD,IAA4B,EAC5B,UAAkB,EAClB,UAAkB,EAClB,UAAoC,EAAE,EACZ,EAAE;IAC5B,IAAI,CAAC,IAAI,CAAC,qBAAqB,EAAE;QAChC,MAAM,IAAI,KAAK,CAAC,oFAAoF,CAAC,CAAC;KACtG;IACD,MAAM,WAAW,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,OAAO,CAAC,WAAW,IAAI,kCAA0B,CAAC,CAAC;IACnF,IAAI,SAAS,GAAY,IAAI,CAAC;IAC9B,KAAK,IAAI,OAAO,GAAG,CAAC,EAAE,OAAO,IAAI,WAAW,EAAE,OAAO,EAAE,EAAE;QACxD,MAAM,MAAM,GAAG,IAAA,+BAAuB,EAAC,IAAI,EAAE,UAAU,EAAE,UAAU,CAAC,CAAC;QACrE,MAAM,WAAW,GAAG,MAAM,CAAC,gBAAgB,CAAC,WAAW,CAAC;QACxD,IAAI,CAAC,IAAA,yCAAiC,EAAC,WAAW,CAAC,EAAE;YACpD,SAAS,GAAG,IAAI,KAAK,CAAC,0CAA0C,OAAO,GAAG,CAAC,CAAC;YAC5E,SAAS;SACT;QACD,IAAI;YACH,OAAO,EAAE,MAAM,EAAE,aAAa,EAAE,IAAI,CAAC,qBAAqB,CAAC,WAAW,CAAC,EAAE,cAAc,EAAE,OAAO,EAAE,CAAC;SACnG;QAAC,OAAO,GAAG,EAAE;YACb,SAAS,GAAG,GAAG,CAAC;SAChB;KACD;IACD,MAAM,MAAM,GAAG,SAAS,YAAY,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,SAAS,IAAI,eAAe,CAAC,CAAC;IACrG,MAAM,IAAI,KAAK,CAAC,yEAAyE,WAAW,cAAc,MAAM,EAAE,CAAC,CAAC;AAC7H,CAAC,CAAC;AA1BW,QAAA,iCAAiC,qCA0B5C;AAEF;;;;;;;;;;;GAWG;AACI,MAAM,8BAA8B,GAAG,CAC7C,IAA4B,EAC5B,MAAwB,EACM,EAAE;IAChC,MAAM,cAAc,GAAG,MAAM,CAAC,gBAAgB,CAAC,WAAW,CAAC;IAE3D,IAAI,CAAC,MAAM,CAAC,aAAa,EAAE;QAC1B,IAAI;YACH,MAAM,CAAC,aAAa,GAAG,IAAA,6BAAqB,EAAC,IAAI,EAAE,cAAc,CAAC,CAAC;SACnE;QAAC,OAAO,GAAG,EAAE;YACb,OAAO,CAAC,KAAK,CAAC,oDAAoD,EAAG,GAAa,CAAC,OAAO,CAAC,CAAC;YAC5F,OAAO,IAAI,CAAC;SACZ;KACD;IAED,IAAI,CAAC,IAAI,CAAC,6BAA6B,IAAI,CAAC,IAAI,CAAC,wCAAwC,EAAE;QAC1F,OAAO,CAAC,KAAK,CAAC,4EAA4E,CAAC,CAAC;QAC5F,OAAO,IAAI,CAAC;KACZ;IAED,IAAI;QACH,MAAM,IAAI,GAAG,IAAI,CAAC,6BAA6B,CAAC,cAAc,EAAE,MAAM,CAAC,aAAa,CAAC,CAAC;QACtF,MAAM,cAAc,GAAG,IAAI,CAAC,wCAAwC,CAAC,cAAc,EAAE,MAAM,CAAC,aAAa,CAAC,CAAC;QAC3G,OAAO,EAAE,cAAc,EAAE,IAAI,EAAE,CAAC;KAChC;IAAC,OAAO,GAAG,EAAE;QACb,OAAO,CAAC,KAAK,CAAC,0DAA0D,EAAG,GAAa,CAAC,OAAO,CAAC,CAAC;QAClG,OAAO,IAAI,CAAC;KACZ;AACF,CAAC,CAAC;AA5BW,QAAA,8BAA8B,kCA4BzC;AAcF,gFAAgF;AACzE,MAAM,mBAAmB,GAAG,CAAC,IAA4B,EAAE,cAAsB,EAAmB,EAAE;IAC5G,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,aAAa,CAAC,cAAc,CAAC,CAAC,CAAC;IAC9D,OAAO,EAAE,YAAY,EAAE,MAAM,CAAC,aAAa,EAAE,WAAW,EAAE,MAAM,CAAC,WAAW,EAAE,CAAC;AAChF,CAAC,CAAC;AAHW,QAAA,mBAAmB,uBAG9B;AAEF;;;;GAIG;AACI,MAAM,qBAAqB,GAAG,CACpC,IAA4B,EAC5B,aAAqB,EACrB,cAAsB,EACtB,SAAiB,EACjB,cAAsB,EACtB,eAAuB,EACvB,kBAA0B,EAC1B,UAAkB,EAClB,aAAqB,EACZ,EAAE,CACX,IAAI,CAAC,gBAAgB,CACpB,aAAa,EACb,cAAc,EACd,SAAS,EACT,cAAc,EACd,eAAe,EACf,kBAAkB,EAClB,UAAU,EACV,aAAa,CACb,CAAC;AApBU,QAAA,qBAAqB,yBAoB/B;AAEH;;;GAGG;AACI,MAAM,gBAAgB,GAAG,CAC/B,IAA4B,EAC5B,eAAuB,EACvB,UAAkB,EAClB,aAAqB,EACrB,iBAAyB,EACzB,cAAsB,EACtB,aAAqB,EACZ,EAAE,CACX,IAAI,CAAC,SAAS,CAAC,eAAe,EAAE,UAAU,EAAE,aAAa,EAAE,iBAAiB,EAAE,cAAc,EAAE,aAAa,CAAC,CAAC;AATjG,QAAA,gBAAgB,oBASiF;AAE9G,wHAAwH;AACjH,MAAM,yBAAyB,GAAG,CAAC,IAA4B,EAAU,EAAE,CAAC,IAAI,CAAC,mBAAmB,EAAE,CAAC;AAAjG,QAAA,yBAAyB,6BAAwE;AAE9G,0EAA0E;AACnE,MAAM,wBAAwB,GAAG,CAAC,IAA4B,EAAE,cAAsB,EAAU,EAAE,CACxG,IAAI,CAAC,uBAAuB,CAAC,cAAc,CAAC,CAAC;AADjC,QAAA,wBAAwB,4BACS"}

package/dist/cosign/relay.d.ts

@@ -0,0 +1,100 @@
+/**
+ * @fileoverview WB32COSIGN relay client + Orchard FROST initiator ceremony.
+ *
+ * A framework-agnostic port of the initiator half of WINBIT32's
+ * `cosignerRelay`, scoped to the `frost-orchard` protocol. Wire format, QR
+ * payload, AES-256-GCM envelopes and the two-round message protocol are
+ * byte-compatible with WINBIT32, so the existing `cosign.exe` cosigner
+ * interoperates unchanged. (Canonical home — ported from Secresea's
+ * `services/cosign/relay.ts`.)
+ *
+ * Reuse-oriented: the WASM engine is injected (no module-global), encryption
+ * uses standard Web Crypto, and message delivery goes through any
+ * {@link CosignTransport}. The DKLS / Schnorr / Sapling protocols and the
+ * trusted-dealer DKG regen path are intentionally omitted — Secresea
+ * co-signs an *existing* Orchard vault share, never creates one.
+ */
+import type { CosignTransport } from './transports';
+import { type OrchardFrostWasmModule } from './orchardFrost';
+export interface SigningDisplay {
+    chain: string;
+    amount?: string;
+    toAddress?: string;
+    ticker?: string;
+    memo?: string;
+}
+export interface CosignSessionParams {
+    sessionId: string;
+    encKeyHex: string;
+    /** Relay URL embedded in the QR (informational; transport may override). */
+    relayUrl: string;
+}
+export interface FrostOrchardSetup {
+    /** Per-action Orchard sighash (hex). */
+    sighash: string;
+    /** Per-action `alpha` randomiser the PCZT pre-committed to (64 hex chars). */
+    randomizer: string;
+    pubKeyPackage: {
+        signerPubkeys: Record<string, string>;
+        groupPublic: string;
+    };
+}
+export interface OrchardKeyShareForCosign {
+    id: string;
+    secretShare: string;
+    publicKey: string;
+    groupPublic: string;
+}
+export interface CosignCallbacks {
+    onProgress?: (phase: string) => void;
+    onCosignerJoined?: (partyId: string) => void;
+    signal?: AbortSignal;
+}
+export interface MPCSignatureResult {
+    /** 64-byte RedPallas signature (hex). */
+    signature: string;
+    rawSignatureBytes: Uint8Array;
+}
+/** Thrown when the cosigner asks to (re)derive keys — Secresea won't do that. */
+export declare class OrchardShareMismatchError extends Error {
+    readonly code = "ORCHARD_SHARE_MISMATCH";
+    constructor();
+}
+export declare const generateCosignQR: (params: CosignSessionParams) => string;
+export declare const parseCosignQR: (qr: string) => CosignSessionParams | null;
+/** Create a fresh session (random id + AES-256 key) and its QR payload. */
+export declare const createCosignSession: (relayUrl?: string) => {
+    params: CosignSessionParams;
+    qrPayload: string;
+};
+/** Tell the cosigner the session is finished so it stops polling. */
+export declare const endCosignSession: (encKeyHex: string, transport: CosignTransport) => Promise<void>;
+export interface WaitForCosignerParams {
+    encKeyHex: string;
+    transport: CosignTransport;
+    /** Vultisig localPartyIds permitted to join this vault's session. */
+    validSignerIds: string[];
+    callbacks?: CosignCallbacks;
+}
+/** Block until a valid cosigner scans the QR and joins; returns its partyId. */
+export declare const waitForCosignerJoin: (p: WaitForCosignerParams) => Promise<string>;
+export interface RunOrchardInitiatorParams {
+    /** Loaded Orchard FROST WASM engine. */
+    wasm: OrchardFrostWasmModule;
+    encKeyHex: string;
+    transport: CosignTransport;
+    myPartyId: string;
+    orchardKeyShare: OrchardKeyShareForCosign;
+    frostOrchardData: FrostOrchardSetup;
+    display: SigningDisplay;
+    callbacks?: CosignCallbacks;
+    /** Keep the cosigner connected for a subsequent action (multi-action PCZTs). */
+    keepAlive?: boolean;
+}
+/**
+ * Run the two-round FROST-Orchard ceremony for a single Orchard action and
+ * return its aggregated 64-byte signature. Mirrors WINBIT32's
+ * `runInitiatorFrostOrchard` (minus the DKG regen branch).
+ */
+export declare const runOrchardInitiatorAction: (p: RunOrchardInitiatorParams) => Promise<MPCSignatureResult>;
+//# sourceMappingURL=relay.d.ts.map

package/dist/cosign/relay.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"relay.d.ts","sourceRoot":"","sources":["../../src/cosign/relay.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AAGH,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,cAAc,CAAC;AACpD,OAAO,EAIN,KAAK,sBAAsB,EAC3B,MAAM,gBAAgB,CAAC;AAgBxB,MAAM,WAAW,cAAc;IAC9B,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,IAAI,CAAC,EAAE,MAAM,CAAC;CACd;AAED,MAAM,WAAW,mBAAmB;IACnC,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;IAClB,4EAA4E;IAC5E,QAAQ,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,iBAAiB;IACjC,wCAAwC;IACxC,OAAO,EAAE,MAAM,CAAC;IAChB,8EAA8E;IAC9E,UAAU,EAAE,MAAM,CAAC;IACnB,aAAa,EAAE;QAAE,aAAa,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QAAC,WAAW,EAAE,MAAM,CAAA;KAAE,CAAC;CAC9E;AAED,MAAM,WAAW,wBAAwB;IACxC,EAAE,EAAE,MAAM,CAAC;IACX,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,EAAE,MAAM,CAAC;IAClB,WAAW,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,eAAe;IAC/B,UAAU,CAAC,EAAE,CAAC,KAAK,EAAE,MAAM,KAAK,IAAI,CAAC;IACrC,gBAAgB,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,KAAK,IAAI,CAAC;IAC7C,MAAM,CAAC,EAAE,WAAW,CAAC;CACrB;AAED,MAAM,WAAW,kBAAkB;IAClC,yCAAyC;IACzC,SAAS,EAAE,MAAM,CAAC;IAClB,iBAAiB,EAAE,UAAU,CAAC;CAC9B;AAED,iFAAiF;AACjF,qBAAa,yBAA0B,SAAQ,KAAK;IACnD,QAAQ,CAAC,IAAI,4BAA4B;;CAOzC;AA6JD,eAAO,MAAM,gBAAgB,WAAY,mBAAmB,KAAG,MAG9D,CAAC;AAEF,eAAO,MAAM,aAAa,OAAQ,MAAM,KAAG,mBAAmB,GAAG,IAUhE,CAAC;AAEF,2EAA2E;AAC3E,eAAO,MAAM,mBAAmB,cAAe,MAAM;YAAa,mBAAmB;eAAa,MAAM;CAKvG,CAAC;AAEF,qEAAqE;AACrE,eAAO,MAAM,gBAAgB,cAAqB,MAAM,aAAa,eAAe,KAAG,QAAQ,IAAI,CAOlG,CAAC;AAIF,MAAM,WAAW,qBAAqB;IACrC,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,eAAe,CAAC;IAC3B,qEAAqE;IACrE,cAAc,EAAE,MAAM,EAAE,CAAC;IACzB,SAAS,CAAC,EAAE,eAAe,CAAC;CAC5B;AAED,gFAAgF;AAChF,eAAO,MAAM,mBAAmB,MAAa,qBAAqB,KAAG,QAAQ,MAAM,CAsBlF,CAAC;AAIF,MAAM,WAAW,yBAAyB;IACzC,wCAAwC;IACxC,IAAI,EAAE,sBAAsB,CAAC;IAC7B,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,eAAe,CAAC;IAC3B,SAAS,EAAE,MAAM,CAAC;IAClB,eAAe,EAAE,wBAAwB,CAAC;IAC1C,gBAAgB,EAAE,iBAAiB,CAAC;IACpC,OAAO,EAAE,cAAc,CAAC;IACxB,SAAS,CAAC,EAAE,eAAe,CAAC;IAC5B,gFAAgF;IAChF,SAAS,CAAC,EAAE,OAAO,CAAC;CACpB;AAED;;;;GAIG;AACH,eAAO,MAAM,yBAAyB,MAAa,yBAAyB,KAAG,QAAQ,kBAAkB,CAsIxG,CAAC"}