@witnium-tech/witniumchain 0.6.2 → 0.7.0

package/dist/index.d.mts

@@ -10168,4 +10168,62 @@ declare class WitniumchainApiError extends Error {
     });
 }
 
-export { type AccountResponse, type AccountType, type paths$1 as AccountsPaths, type AddSigningKeyRequest$1 as AddSigningKeyRequest, type AddSigningKeyResponse, type AdjustCreditsRequest, type AdjustCreditsResponse, type BeginOAuthLoginArgs, type BeginOAuthLoginResult, type paths as ChainPaths, type CheckoutRequest, type CheckoutResponse, type CreateOrgRequest, type CreateOrgResponse, type CreateOrganizationRequest, type CreateOrganizationResponse, type CreateUserRequest, type CreateUserResponse, DelegatedKeys, type FinalizeWitnessResponse, type ForgotPasswordRequest, type ForgotPasswordResponse, type GetWitnessResponse, type HealthLiveResponse, type HealthReadyResponse, type LedgerResponse, type ListDelegatedKeysResponse, type ListOauthSessionsResponse, type ListUsersResponse, type LoginRequest, type LoginResponse, type LogoutResponse, MfaNamespace, MfaRecoveryCodes, MfaTotp, type OAuthTokenSnapshot, OauthNamespace, OauthSessions, OrgUsers, type OwnerSigner, type PauseRequest$1 as PauseRequest, type PauseResponse, type PkceVerifierStorage, type PortalResponse, type PrepareDelegatedKeyRequest, type PreparedDelegatedKeyResponse, type ProposeWitnessRequest, type ProposeWitnessResponse, type ProvisionContractRequest, type ProvisionContractResponse, type ProvisionDelegatedKeyArgs, type ProvisionDelegatedKeyResult, type PublicOrgResponse, type RecoveryCodesRegenerateResponse, type ResetAccountResponse, type ResetPasswordRequest, type ResetPasswordResponse, type RevokeDelegatedKeyResponse, type RevokeSigningKeyRequest$1 as RevokeSigningKeyRequest, type RevokeSigningKeyResponse, type RevokeWitnessRequest, type RevokeWitnessResponse, type RotateApiKeyResponse, type SetAccountTypeRequest, type SetAccountTypeResponse, type SignRequest, type SignResponse, type SignWitnessRequest, type SignWitnessResponse, type SignedRequestSigner, SigningKeys, type SignupRequest, type SignupResponse, type SubmitDelegatedKeyRequest, type SubmitDelegatedKeyResponse, Subscriptions, type TotpConfirmRequest, type TotpConfirmResponse, type TotpDisableResponse, type TotpEnrollResponse, type UnpauseRequest, type UnpauseResponse, type VerifyEmailResponse, type VerifyOrganizationResponse, WitniumchainAdminClient, type WitniumchainAdminClientConfig, WitniumchainApiError, WitniumchainChainAdminClient, type WitniumchainChainAdminClientConfig, WitniumchainClient, type WitniumchainClientConfig, WitniumchainOrgClient, type WitniumchainOrgClientConfig, defaultVerifierStorage };
+/**
+ * Canonical owner-operation messages.
+ *
+ * Owner ops (add/revoke a signing key, pause/unpause a contract) are
+ * authorized by an ed25519 signature from the contract OWNER key over a
+ * canonical message. chain-api re-builds the exact same string server-side
+ * and verifies the signature against the contract's stored owner key, so
+ * the bytes MUST match to the character.
+ *
+ * The canonical form is `JSON.stringify({ op, contract, nonce, ...payload })`
+ * with the contract address LOWER-CASED. (Verified against
+ * ContractsV5Service.executeOwnerOp + a live on-chain addSigningKey.)
+ *
+ * Do NOT hand-roll this as `op:contract:nonce` or any other shape — the
+ * signature will be silently rejected by chain-api ("Invalid owner
+ * signature"). Use these helpers so a future chain-spec change is a single
+ * SDK bump, not a silent break in every consumer.
+ */
+/** Owner-op type codes — mirror the contract constants (V3–V5). */
+declare const OWNER_OP: {
+    readonly addSigningKey: 1;
+    readonly revokeSigningKey: 2;
+    readonly pause: 3;
+    readonly unpause: 4;
+};
+type OwnerOpName = keyof typeof OWNER_OP;
+/**
+ * Canonical message to sign for `pause`. `nonce` must be the contract's
+ * current `ownerNonce + 1`.
+ */
+declare function buildPausePayload(args: {
+    contractAddress: string;
+    nonce: number;
+}): string;
+/** Canonical message to sign for `unpause`. */
+declare function buildUnpausePayload(args: {
+    contractAddress: string;
+    nonce: number;
+}): string;
+/**
+ * Canonical message to sign for `addSigningKey`. `newKey` is the 64-hex-char
+ * ed25519 public key being added (no 0x).
+ */
+declare function buildAddSigningKeyPayload(args: {
+    contractAddress: string;
+    nonce: number;
+    newKey: string;
+}): string;
+/**
+ * Canonical message to sign for `revokeSigningKey`. `key` is the 64-hex-char
+ * ed25519 public key being revoked (no 0x).
+ */
+declare function buildRevokeSigningKeyPayload(args: {
+    contractAddress: string;
+    nonce: number;
+    key: string;
+}): string;
+
+export { type AccountResponse, type AccountType, type paths$1 as AccountsPaths, type AddSigningKeyRequest$1 as AddSigningKeyRequest, type AddSigningKeyResponse, type AdjustCreditsRequest, type AdjustCreditsResponse, type BeginOAuthLoginArgs, type BeginOAuthLoginResult, type paths as ChainPaths, type CheckoutRequest, type CheckoutResponse, type CreateOrgRequest, type CreateOrgResponse, type CreateOrganizationRequest, type CreateOrganizationResponse, type CreateUserRequest, type CreateUserResponse, DelegatedKeys, type FinalizeWitnessResponse, type ForgotPasswordRequest, type ForgotPasswordResponse, type GetWitnessResponse, type HealthLiveResponse, type HealthReadyResponse, type LedgerResponse, type ListDelegatedKeysResponse, type ListOauthSessionsResponse, type ListUsersResponse, type LoginRequest, type LoginResponse, type LogoutResponse, MfaNamespace, MfaRecoveryCodes, MfaTotp, type OAuthTokenSnapshot, OWNER_OP, OauthNamespace, OauthSessions, OrgUsers, type OwnerOpName, type OwnerSigner, type PauseRequest$1 as PauseRequest, type PauseResponse, type PkceVerifierStorage, type PortalResponse, type PrepareDelegatedKeyRequest, type PreparedDelegatedKeyResponse, type ProposeWitnessRequest, type ProposeWitnessResponse, type ProvisionContractRequest, type ProvisionContractResponse, type ProvisionDelegatedKeyArgs, type ProvisionDelegatedKeyResult, type PublicOrgResponse, type RecoveryCodesRegenerateResponse, type ResetAccountResponse, type ResetPasswordRequest, type ResetPasswordResponse, type RevokeDelegatedKeyResponse, type RevokeSigningKeyRequest$1 as RevokeSigningKeyRequest, type RevokeSigningKeyResponse, type RevokeWitnessRequest, type RevokeWitnessResponse, type RotateApiKeyResponse, type SetAccountTypeRequest, type SetAccountTypeResponse, type SignRequest, type SignResponse, type SignWitnessRequest, type SignWitnessResponse, type SignedRequestSigner, SigningKeys, type SignupRequest, type SignupResponse, type SubmitDelegatedKeyRequest, type SubmitDelegatedKeyResponse, Subscriptions, type TotpConfirmRequest, type TotpConfirmResponse, type TotpDisableResponse, type TotpEnrollResponse, type UnpauseRequest, type UnpauseResponse, type VerifyEmailResponse, type VerifyOrganizationResponse, WitniumchainAdminClient, type WitniumchainAdminClientConfig, WitniumchainApiError, WitniumchainChainAdminClient, type WitniumchainChainAdminClientConfig, WitniumchainClient, type WitniumchainClientConfig, WitniumchainOrgClient, type WitniumchainOrgClientConfig, buildAddSigningKeyPayload, buildPausePayload, buildRevokeSigningKeyPayload, buildUnpausePayload, defaultVerifierStorage };

package/dist/index.d.ts

@@ -10168,4 +10168,62 @@ declare class WitniumchainApiError extends Error {
     });
 }
 
-export { type AccountResponse, type AccountType, type paths$1 as AccountsPaths, type AddSigningKeyRequest$1 as AddSigningKeyRequest, type AddSigningKeyResponse, type AdjustCreditsRequest, type AdjustCreditsResponse, type BeginOAuthLoginArgs, type BeginOAuthLoginResult, type paths as ChainPaths, type CheckoutRequest, type CheckoutResponse, type CreateOrgRequest, type CreateOrgResponse, type CreateOrganizationRequest, type CreateOrganizationResponse, type CreateUserRequest, type CreateUserResponse, DelegatedKeys, type FinalizeWitnessResponse, type ForgotPasswordRequest, type ForgotPasswordResponse, type GetWitnessResponse, type HealthLiveResponse, type HealthReadyResponse, type LedgerResponse, type ListDelegatedKeysResponse, type ListOauthSessionsResponse, type ListUsersResponse, type LoginRequest, type LoginResponse, type LogoutResponse, MfaNamespace, MfaRecoveryCodes, MfaTotp, type OAuthTokenSnapshot, OauthNamespace, OauthSessions, OrgUsers, type OwnerSigner, type PauseRequest$1 as PauseRequest, type PauseResponse, type PkceVerifierStorage, type PortalResponse, type PrepareDelegatedKeyRequest, type PreparedDelegatedKeyResponse, type ProposeWitnessRequest, type ProposeWitnessResponse, type ProvisionContractRequest, type ProvisionContractResponse, type ProvisionDelegatedKeyArgs, type ProvisionDelegatedKeyResult, type PublicOrgResponse, type RecoveryCodesRegenerateResponse, type ResetAccountResponse, type ResetPasswordRequest, type ResetPasswordResponse, type RevokeDelegatedKeyResponse, type RevokeSigningKeyRequest$1 as RevokeSigningKeyRequest, type RevokeSigningKeyResponse, type RevokeWitnessRequest, type RevokeWitnessResponse, type RotateApiKeyResponse, type SetAccountTypeRequest, type SetAccountTypeResponse, type SignRequest, type SignResponse, type SignWitnessRequest, type SignWitnessResponse, type SignedRequestSigner, SigningKeys, type SignupRequest, type SignupResponse, type SubmitDelegatedKeyRequest, type SubmitDelegatedKeyResponse, Subscriptions, type TotpConfirmRequest, type TotpConfirmResponse, type TotpDisableResponse, type TotpEnrollResponse, type UnpauseRequest, type UnpauseResponse, type VerifyEmailResponse, type VerifyOrganizationResponse, WitniumchainAdminClient, type WitniumchainAdminClientConfig, WitniumchainApiError, WitniumchainChainAdminClient, type WitniumchainChainAdminClientConfig, WitniumchainClient, type WitniumchainClientConfig, WitniumchainOrgClient, type WitniumchainOrgClientConfig, defaultVerifierStorage };
+/**
+ * Canonical owner-operation messages.
+ *
+ * Owner ops (add/revoke a signing key, pause/unpause a contract) are
+ * authorized by an ed25519 signature from the contract OWNER key over a
+ * canonical message. chain-api re-builds the exact same string server-side
+ * and verifies the signature against the contract's stored owner key, so
+ * the bytes MUST match to the character.
+ *
+ * The canonical form is `JSON.stringify({ op, contract, nonce, ...payload })`
+ * with the contract address LOWER-CASED. (Verified against
+ * ContractsV5Service.executeOwnerOp + a live on-chain addSigningKey.)
+ *
+ * Do NOT hand-roll this as `op:contract:nonce` or any other shape — the
+ * signature will be silently rejected by chain-api ("Invalid owner
+ * signature"). Use these helpers so a future chain-spec change is a single
+ * SDK bump, not a silent break in every consumer.
+ */
+/** Owner-op type codes — mirror the contract constants (V3–V5). */
+declare const OWNER_OP: {
+    readonly addSigningKey: 1;
+    readonly revokeSigningKey: 2;
+    readonly pause: 3;
+    readonly unpause: 4;
+};
+type OwnerOpName = keyof typeof OWNER_OP;
+/**
+ * Canonical message to sign for `pause`. `nonce` must be the contract's
+ * current `ownerNonce + 1`.
+ */
+declare function buildPausePayload(args: {
+    contractAddress: string;
+    nonce: number;
+}): string;
+/** Canonical message to sign for `unpause`. */
+declare function buildUnpausePayload(args: {
+    contractAddress: string;
+    nonce: number;
+}): string;
+/**
+ * Canonical message to sign for `addSigningKey`. `newKey` is the 64-hex-char
+ * ed25519 public key being added (no 0x).
+ */
+declare function buildAddSigningKeyPayload(args: {
+    contractAddress: string;
+    nonce: number;
+    newKey: string;
+}): string;
+/**
+ * Canonical message to sign for `revokeSigningKey`. `key` is the 64-hex-char
+ * ed25519 public key being revoked (no 0x).
+ */
+declare function buildRevokeSigningKeyPayload(args: {
+    contractAddress: string;
+    nonce: number;
+    key: string;
+}): string;
+
+export { type AccountResponse, type AccountType, type paths$1 as AccountsPaths, type AddSigningKeyRequest$1 as AddSigningKeyRequest, type AddSigningKeyResponse, type AdjustCreditsRequest, type AdjustCreditsResponse, type BeginOAuthLoginArgs, type BeginOAuthLoginResult, type paths as ChainPaths, type CheckoutRequest, type CheckoutResponse, type CreateOrgRequest, type CreateOrgResponse, type CreateOrganizationRequest, type CreateOrganizationResponse, type CreateUserRequest, type CreateUserResponse, DelegatedKeys, type FinalizeWitnessResponse, type ForgotPasswordRequest, type ForgotPasswordResponse, type GetWitnessResponse, type HealthLiveResponse, type HealthReadyResponse, type LedgerResponse, type ListDelegatedKeysResponse, type ListOauthSessionsResponse, type ListUsersResponse, type LoginRequest, type LoginResponse, type LogoutResponse, MfaNamespace, MfaRecoveryCodes, MfaTotp, type OAuthTokenSnapshot, OWNER_OP, OauthNamespace, OauthSessions, OrgUsers, type OwnerOpName, type OwnerSigner, type PauseRequest$1 as PauseRequest, type PauseResponse, type PkceVerifierStorage, type PortalResponse, type PrepareDelegatedKeyRequest, type PreparedDelegatedKeyResponse, type ProposeWitnessRequest, type ProposeWitnessResponse, type ProvisionContractRequest, type ProvisionContractResponse, type ProvisionDelegatedKeyArgs, type ProvisionDelegatedKeyResult, type PublicOrgResponse, type RecoveryCodesRegenerateResponse, type ResetAccountResponse, type ResetPasswordRequest, type ResetPasswordResponse, type RevokeDelegatedKeyResponse, type RevokeSigningKeyRequest$1 as RevokeSigningKeyRequest, type RevokeSigningKeyResponse, type RevokeWitnessRequest, type RevokeWitnessResponse, type RotateApiKeyResponse, type SetAccountTypeRequest, type SetAccountTypeResponse, type SignRequest, type SignResponse, type SignWitnessRequest, type SignWitnessResponse, type SignedRequestSigner, SigningKeys, type SignupRequest, type SignupResponse, type SubmitDelegatedKeyRequest, type SubmitDelegatedKeyResponse, Subscriptions, type TotpConfirmRequest, type TotpConfirmResponse, type TotpDisableResponse, type TotpEnrollResponse, type UnpauseRequest, type UnpauseResponse, type VerifyEmailResponse, type VerifyOrganizationResponse, WitniumchainAdminClient, type WitniumchainAdminClientConfig, WitniumchainApiError, WitniumchainChainAdminClient, type WitniumchainChainAdminClientConfig, WitniumchainClient, type WitniumchainClientConfig, WitniumchainOrgClient, type WitniumchainOrgClientConfig, buildAddSigningKeyPayload, buildPausePayload, buildRevokeSigningKeyPayload, buildUnpausePayload, defaultVerifierStorage };

package/dist/index.js

@@ -129,12 +129,13 @@ var WitniumchainClient = class {
     this.baseUrl = config.baseUrl.replace(/\/$/, "");
     this.chainBaseUrl = config.chainBaseUrl?.replace(/\/$/, "");
     this.timeout = config.timeout ?? 3e4;
-    this.fetchImpl = config.fetch ?? globalThis.fetch;
-    if (!this.fetchImpl) {
+    const resolvedFetch = config.fetch ?? (globalThis.fetch ? globalThis.fetch.bind(globalThis) : void 0);
+    if (!resolvedFetch) {
       throw new Error(
         "WitniumchainClient: no fetch implementation available. Pass `config.fetch`."
       );
     }
+    this.fetchImpl = resolvedFetch;
     this.accessToken = config.accessToken;
     this.oauthClientId = config.oauthClientId;
     this.verifierStorage = config.verifierStorage;
@@ -1394,7 +1395,7 @@ var WitniumchainChainAdminClient = class {
     this.adminToken = config.adminToken;
     this.adminTokenProvider = config.adminTokenProvider;
     this.timeout = config.timeout ?? 3e4;
-    this.fetchImpl = config.fetch ?? globalThis.fetch;
+    this.fetchImpl = config.fetch ?? globalThis.fetch.bind(globalThis);
   }
   async deployContract(body) {
     return this.req("POST", "/v5/contracts/deploy", body);
@@ -1515,10 +1516,55 @@ var OrgUsers = class {
   }
 };
 
+// src/owner-ops.ts
+var OWNER_OP = {
+  addSigningKey: 1,
+  revokeSigningKey: 2,
+  pause: 3,
+  unpause: 4
+};
+function build(op, contractAddress, nonce, payload = {}) {
+  if (!/^0x[0-9a-fA-F]{40}$/.test(contractAddress)) {
+    throw new Error("contractAddress must be 0x + 40 hex chars");
+  }
+  if (!Number.isInteger(nonce) || nonce < 0) {
+    throw new Error("nonce must be a non-negative integer");
+  }
+  return JSON.stringify({
+    op,
+    contract: contractAddress.toLowerCase(),
+    nonce,
+    ...payload
+  });
+}
+function buildPausePayload(args) {
+  return build(OWNER_OP.pause, args.contractAddress, args.nonce);
+}
+function buildUnpausePayload(args) {
+  return build(OWNER_OP.unpause, args.contractAddress, args.nonce);
+}
+function buildAddSigningKeyPayload(args) {
+  if (!/^[0-9a-fA-F]{64}$/.test(args.newKey)) {
+    throw new Error("newKey must be 64 hex chars (no 0x)");
+  }
+  return build(OWNER_OP.addSigningKey, args.contractAddress, args.nonce, {
+    newKey: args.newKey
+  });
+}
+function buildRevokeSigningKeyPayload(args) {
+  if (!/^[0-9a-fA-F]{64}$/.test(args.key)) {
+    throw new Error("key must be 64 hex chars (no 0x)");
+  }
+  return build(OWNER_OP.revokeSigningKey, args.contractAddress, args.nonce, {
+    key: args.key
+  });
+}
+
 exports.DelegatedKeys = DelegatedKeys;
 exports.MfaNamespace = MfaNamespace;
 exports.MfaRecoveryCodes = MfaRecoveryCodes;
 exports.MfaTotp = MfaTotp;
+exports.OWNER_OP = OWNER_OP;
 exports.OauthNamespace = OauthNamespace;
 exports.OauthSessions = OauthSessions;
 exports.OrgUsers = OrgUsers;
@@ -1529,6 +1575,10 @@ exports.WitniumchainApiError = WitniumchainApiError;
 exports.WitniumchainChainAdminClient = WitniumchainChainAdminClient;
 exports.WitniumchainClient = WitniumchainClient;
 exports.WitniumchainOrgClient = WitniumchainOrgClient;
+exports.buildAddSigningKeyPayload = buildAddSigningKeyPayload;
+exports.buildPausePayload = buildPausePayload;
+exports.buildRevokeSigningKeyPayload = buildRevokeSigningKeyPayload;
+exports.buildUnpausePayload = buildUnpausePayload;
 exports.defaultVerifierStorage = defaultVerifierStorage;
 //# sourceMappingURL=index.js.map
 //# sourceMappingURL=index.js.map