@worldcoin/idkit-core 4.0.1-dev.fe98789 → 4.0.2-dev.a907be3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (15) hide show
  1. package/README.md +18 -8
  2. package/dist/hashing.cjs +28 -0
  3. package/dist/hashing.d.cts +9 -0
  4. package/dist/hashing.d.ts +9 -0
  5. package/dist/hashing.js +26 -0
  6. package/dist/idkit_wasm_bg.wasm +0 -0
  7. package/dist/index.cjs +450 -114
  8. package/dist/index.d.cts +58 -190
  9. package/dist/index.d.ts +58 -190
  10. package/dist/index.js +450 -114
  11. package/dist/signing.cjs +76 -0
  12. package/dist/signing.d.cts +36 -0
  13. package/dist/signing.d.ts +36 -0
  14. package/dist/signing.js +73 -0
  15. package/package.json +15 -1
package/README.md CHANGED
@@ -10,12 +10,10 @@ npm install @worldcoin/idkit-core
10
10
 
11
11
  ## Backend: Generate RP Signature
12
12
 
13
- The RP signature authenticates your verification requests. Generate it server-side:
13
+ The RP signature authenticates your verification requests. Generate it server-side using the `/signing` subpath (pure JS, no WASM init needed):
14
14
 
15
15
  ```typescript
16
- import { IDKit, signRequest } from "@worldcoin/idkit-core";
17
-
18
- await IDKit.initServer();
16
+ import { signRequest } from "@worldcoin/idkit-core/signing";
19
17
 
20
18
  // Never expose RP_SIGNING_KEY to clients
21
19
  const sig = signRequest("my-action", process.env.RP_SIGNING_KEY);
@@ -24,8 +22,8 @@ const sig = signRequest("my-action", process.env.RP_SIGNING_KEY);
24
22
  res.json({
25
23
  sig: sig.sig,
26
24
  nonce: sig.nonce,
27
- created_at: Number(sig.createdAt),
28
- expires_at: Number(sig.expiresAt),
25
+ created_at: sig.createdAt,
26
+ expires_at: sig.expiresAt,
29
27
  });
30
28
  ```
31
29
 
@@ -38,8 +36,6 @@ For common verification scenarios with World ID 3.0 backward compatibility:
38
36
  ```typescript
39
37
  import { IDKit, orbLegacy } from "@worldcoin/idkit-core";
40
38
 
41
- await IDKit.init();
42
-
43
39
  // Fetch signature from your backend
44
40
  const rpSig = await fetch("/api/rp-signature").then((r) => r.json());
45
41
 
@@ -100,3 +96,17 @@ const response = await fetch(
100
96
 
101
97
  const { success } = await response.json();
102
98
  ```
99
+
100
+ ## Subpath Exports
101
+
102
+ Pure JS subpath exports are available for server-side use without WASM initialization:
103
+
104
+ | Subpath | Exports |
105
+ | ---------- | ---------------------------------------------------------------- |
106
+ | `/signing` | `signRequest`, `computeRpSignatureMessage`, `RpSignature` (type) |
107
+ | `/hashing` | `hashSignal` |
108
+
109
+ ```typescript
110
+ import { signRequest } from "@worldcoin/idkit-core/signing";
111
+ import { hashSignal } from "@worldcoin/idkit-core/hashing";
112
+ ```
package/dist/hashing.cjs ADDED
@@ -0,0 +1,28 @@
1
+ 'use strict';
2
+
3
+ var sha3 = require('@noble/hashes/sha3');
4
+ var utils = require('@noble/hashes/utils');
5
+
6
+ // src/lib/hashing.ts
7
+ function hashToField(input) {
8
+ const hash = BigInt("0x" + utils.bytesToHex(sha3.keccak_256(input))) >> 8n;
9
+ return utils.hexToBytes(hash.toString(16).padStart(64, "0"));
10
+ }
11
+ function hashSignal(signal) {
12
+ let input;
13
+ if (signal instanceof Uint8Array) {
14
+ input = signal;
15
+ } else if (signal.startsWith("0x") && isValidHex(signal.slice(2))) {
16
+ input = utils.hexToBytes(signal.slice(2));
17
+ } else {
18
+ input = new TextEncoder().encode(signal);
19
+ }
20
+ return "0x" + utils.bytesToHex(hashToField(input));
21
+ }
22
+ function isValidHex(s) {
23
+ if (s.length === 0) return false;
24
+ if (s.length % 2 !== 0) return false;
25
+ return /^[0-9a-fA-F]+$/.test(s);
26
+ }
27
+
28
+ exports.hashSignal = hashSignal;
package/dist/hashing.d.cts ADDED
@@ -0,0 +1,9 @@
1
+ /**
2
+ * Hashes a signal to its field element hex representation.
3
+ *
4
+ * @param signal - The signal to hash (string or Uint8Array)
5
+ * @returns 0x-prefixed hex string representing the signal hash
6
+ */
7
+ declare function hashSignal(signal: string | Uint8Array): string;
8
+
9
+ export { hashSignal };
package/dist/hashing.d.ts ADDED
@@ -0,0 +1,9 @@
1
+ /**
2
+ * Hashes a signal to its field element hex representation.
3
+ *
4
+ * @param signal - The signal to hash (string or Uint8Array)
5
+ * @returns 0x-prefixed hex string representing the signal hash
6
+ */
7
+ declare function hashSignal(signal: string | Uint8Array): string;
8
+
9
+ export { hashSignal };
package/dist/hashing.js ADDED
@@ -0,0 +1,26 @@
1
+ import { keccak_256 } from '@noble/hashes/sha3';
2
+ import { hexToBytes, bytesToHex } from '@noble/hashes/utils';
3
+
4
+ // src/lib/hashing.ts
5
+ function hashToField(input) {
6
+ const hash = BigInt("0x" + bytesToHex(keccak_256(input))) >> 8n;
7
+ return hexToBytes(hash.toString(16).padStart(64, "0"));
8
+ }
9
+ function hashSignal(signal) {
10
+ let input;
11
+ if (signal instanceof Uint8Array) {
12
+ input = signal;
13
+ } else if (signal.startsWith("0x") && isValidHex(signal.slice(2))) {
14
+ input = hexToBytes(signal.slice(2));
15
+ } else {
16
+ input = new TextEncoder().encode(signal);
17
+ }
18
+ return "0x" + bytesToHex(hashToField(input));
19
+ }
20
+ function isValidHex(s) {
21
+ if (s.length === 0) return false;
22
+ if (s.length % 2 !== 0) return false;
23
+ return /^[0-9a-fA-F]+$/.test(s);
24
+ }
25
+
26
+ export { hashSignal };
package/dist/idkit_wasm_bg.wasm CHANGED
Binary file