@worldcoin/idkit-core 4.0.1 → 4.0.2-dev.6541a3e

package/dist/index.d.cts

@@ -1,3 +1,6 @@
+export { RpSignature, signRequest } from './signing.cjs';
+export { hashSignal } from './hashing.cjs';
+
 /**
  * Configuration types for IDKit
  *
@@ -80,20 +83,22 @@ type IDKitSessionConfig = {
     environment?: "production" | "staging";
 };
 
-type CredentialType = "orb" | "face" | "secure_document" | "document" | "device";
+interface OrbLegacyPreset {
+    type: "OrbLegacy";
+    signal?: string;
+}
 
-interface CredentialRequestType {
-    type: CredentialType;
-    /** Signal can be a string or raw bytes (Uint8Array) */
-    signal?: string | Uint8Array;
-    genesis_issued_at_min?: number;
-    expires_at_min?: number;
+interface SecureDocumentLegacyPreset {
+    type: "SecureDocumentLegacy";
+    signal?: string;
 }
 
-type ConstraintNode =
-    | CredentialRequestType
-    | { any: ConstraintNode[] }
-    | { all: ConstraintNode[] };
+interface DocumentLegacyPreset {
+    type: "DocumentLegacy";
+    signal?: string;
+}
+
+type Preset = OrbLegacyPreset | SecureDocumentLegacyPreset | DocumentLegacyPreset;
 
 
 
@@ -223,131 +228,21 @@ type Status$1 =
 
 
 
-interface OrbLegacyPreset {
-    type: "OrbLegacy";
-    signal?: string;
-}
-
-interface SecureDocumentLegacyPreset {
-    type: "SecureDocumentLegacy";
-    signal?: string;
-}
-
-interface DocumentLegacyPreset {
-    type: "DocumentLegacy";
-    signal?: string;
-}
-
-type Preset = OrbLegacyPreset | SecureDocumentLegacyPreset | DocumentLegacyPreset;
-/**
- * Unified builder for creating `IDKit` requests and sessions (WASM)
- */
-declare class IDKitBuilder$1 {
-  free(): void;
-  [Symbol.dispose](): void;
-  /**
-   * Creates a `BridgeConnection` with the given constraints
-   */
-  constraints(constraints_json: any): Promise<any>;
-  /**
-   * Creates a new builder for proving an existing session
-   */
-  static forProveSession(session_id: string, app_id: string, rp_context: RpContextWasm, action_description?: string | null, bridge_url?: string | null, override_connect_base_url?: string | null, environment?: string | null): IDKitBuilder$1;
-  /**
-   * Creates a new builder for creating a new session
-   */
-  static forCreateSession(app_id: string, rp_context: RpContextWasm, action_description?: string | null, bridge_url?: string | null, override_connect_base_url?: string | null, environment?: string | null): IDKitBuilder$1;
-  /**
-   * Creates a new builder for uniqueness requests
-   */
-  constructor(app_id: string, action: string, rp_context: RpContextWasm, action_description: string | null | undefined, bridge_url: string | null | undefined, allow_legacy_proofs: boolean, override_connect_base_url?: string | null, environment?: string | null);
-  /**
-   * Creates a `BridgeConnection` from a preset (works for all request types)
-   */
-  preset(preset_json: any): Promise<any>;
-}
-/**
- * RP Context for protocol-level proof requests (WASM binding)
- *
- * Contains RP-specific data needed to construct a `ProofRequest`.
- */
-declare class RpContextWasm {
-  free(): void;
-  [Symbol.dispose](): void;
-  /**
-   * Creates a new RP context
-   *
-   * # Arguments
-   * * `rp_id` - The registered RP ID (e.g., `"rp_123456789abcdef0"`)
-   * * `nonce` - Unique nonce for this proof request
-   * * `created_at` - Unix timestamp (seconds since epoch) when created
-   * * `expires_at` - Unix timestamp (seconds since epoch) when expires
-   * * `signature` - The RP's ECDSA signature of the `nonce` and `created_at` timestamp
-   *
-   * # Errors
-   *
-   * Returns an error if `rp_id` is not a valid RP ID (must start with `rp_`)
-   */
-  constructor(rp_id: string, nonce: string, created_at: bigint, expires_at: bigint, signature: string);
-}
-
-
+type CredentialType = "orb" | "face" | "secure_document" | "document" | "device";
 
-interface RpSignature {
-    sig: string;
-    nonce: string;
-    createdAt: number;
-    expiresAt: number;
-    toJSON(): { sig: string; nonce: string; createdAt: number; expiresAt: number };
-}
-declare class RpSignature {
-  private constructor();
-  free(): void;
-  [Symbol.dispose](): void;
-  /**
-   * Converts to JSON
-   *
-   * # Errors
-   *
-   * Returns an error if setting object properties fails
-   */
-  toJSON(): any;
-  /**
-   * Gets the creation timestamp
-   */
-  readonly createdAt: bigint;
-  /**
-   * Gets the expiration timestamp
-   */
-  readonly expiresAt: bigint;
-  /**
-   * Gets the signature as hex string (0x-prefixed, 65 bytes)
-   */
-  readonly sig: string;
-  /**
-   * Gets the nonce as hex string (0x-prefixed field element)
-   */
-  readonly nonce: string;
+interface CredentialRequestType {
+    type: CredentialType;
+    /** Signal can be a string or raw bytes (Uint8Array) */
+    signal?: string | Uint8Array;
+    genesis_issued_at_min?: number;
+    expires_at_min?: number;
 }
 
-/**
- * WASM initialization and management
- */
-
-/**
- * Initializes the WASM module for browser environments
- * Uses fetch-based loading (works with http/https URLs)
- * This must be called before using any WASM-powered functions
- * Safe to call multiple times - initialization only happens once
- */
-declare function initIDKit(): Promise<void>;
-/**
- * Initializes the WASM module for Node.js/server environments
- * Uses fs-based loading since Node.js fetch doesn't support file:// URLs
- * This must be called before using any WASM-powered functions
- * Safe to call multiple times - initialization only happens once
- */
-declare function initIDKitServer(): Promise<void>;
+type ConstraintNode =
+    | CredentialRequestType
+    | { any: ConstraintNode[] }
+    | { all: ConstraintNode[] }
+    | { enumerate: ConstraintNode[] };
 
 /**
  * Result types - re-exported from WASM bindings
@@ -377,6 +272,19 @@ declare enum IDKitErrorCodes {
     Cancelled = "cancelled"
 }
 
+interface BuilderConfig {
+    type: "request" | "session" | "proveSession";
+    app_id: string;
+    action?: string;
+    session_id?: string;
+    rp_context?: RpContext;
+    action_description?: string;
+    bridge_url?: string;
+    allow_legacy_proofs?: boolean;
+    override_connect_base_url?: string;
+    environment?: string;
+}
+
 /**
  * IDKit Request
  * Pure functional API for World ID verification - no dependencies
@@ -422,55 +330,6 @@ interface IDKitRequest {
     /** Poll continuously until completion or timeout */
     pollUntilCompletion(options?: WaitOptions): Promise<IDKitCompletionResult>;
 }
-/**
- * Creates a CredentialRequest for a credential type
- *
- * @param credential_type - The type of credential to request (e.g., 'orb', 'face')
- * @param options - Optional signal, genesis_issued_at_min, and expires_at_min
- * @returns A CredentialRequest object
- *
- * @example
- * ```typescript
- * const orb = CredentialRequest('orb', { signal: 'user-123' })
- * const face = CredentialRequest('face')
- * // Require credential to be valid for at least one year
- * const withExpiry = CredentialRequest('orb', { expires_at_min: Date.now() / 1000 + 60 * 60 * 60 * 24 * 365 })
- * ```
- */
-declare function CredentialRequest(credential_type: CredentialType, options?: {
-    signal?: string;
-    genesis_issued_at_min?: number;
-    expires_at_min?: number;
-}): CredentialRequestType;
-/**
- * Creates an OR constraint - at least one child must be satisfied
- *
- * @param nodes - Constraint nodes (CredentialRequests or nested constraints)
- * @returns An "any" constraint node
- *
- * @example
- * ```typescript
- * const constraint = any(CredentialRequest('orb'), CredentialRequest('face'))
- * ```
- */
-declare function any(...nodes: ConstraintNode[]): {
-    any: ConstraintNode[];
-};
-/**
- * Creates an AND constraint - all children must be satisfied
- *
- * @param nodes - Constraint nodes (CredentialRequests or nested constraints)
- * @returns An "all" constraint node
- *
- * @example
- * ```typescript
- * const constraint = all(CredentialRequest('orb'), any(CredentialRequest('document'), CredentialRequest('secure_document')))
- * ```
- */
-declare function all(...nodes: ConstraintNode[]): {
-    all: ConstraintNode[];
-};
-
 /**
  * Creates an OrbLegacy preset for World ID 3.0 legacy support
  *
@@ -482,7 +341,7 @@ declare function all(...nodes: ConstraintNode[]): {
  *
  * @example
  * ```typescript
- * const request = await IDKit.request({ app_id, action, rp_context })
+ * const request = await IDKit.request({ app_id, action, rp_context, allow_legacy_proofs: true })
  *   .preset(orbLegacy({ signal: 'user-123' }))
  * ```
  */
@@ -500,7 +359,7 @@ declare function orbLegacy(opts?: {
  *
  * @example
  * ```typescript
- * const request = await IDKit.request({ app_id, action, rp_context })
+ * const request = await IDKit.request({ app_id, action, rp_context, allow_legacy_proofs: true })
  *   .preset(secureDocumentLegacy({ signal: 'user-123' }))
  * ```
  */
@@ -518,7 +377,7 @@ declare function secureDocumentLegacy(opts?: {
  *
  * @example
  * ```typescript
- * const request = await IDKit.request({ app_id, action, rp_context })
+ * const request = await IDKit.request({ app_id, action, rp_context, allow_legacy_proofs: true })
  *   .preset(documentLegacy({ signal: 'user-123' }))
  * ```
  */
@@ -526,175 +385,108 @@ declare function documentLegacy(opts?: {
     signal?: string;
 }): DocumentLegacyPreset;
 /**
- * Merged builder for IDKit requests
+ * Builder for IDKit requests
+ *
+ * Stores configuration and defers transport selection to `.preset()` / `.constraints()`.
+ * In World App: uses native postMessage transport (no WASM needed).
+ * On web: uses WASM bridge transport (QR code + polling).
  */
 declare class IDKitBuilder {
-    private wasmBuilder;
-    constructor(wasmBuilder: IDKitBuilder$1);
+    private config;
+    constructor(config: BuilderConfig);
     /**
      * Creates an IDKit request with the given constraints
      *
-     * @param constraints - Constraint tree (CredentialRequest or any/all combinators)
+     * @param constraints - Constraint tree (CredentialRequest or any/all/enumerate combinators)
      * @returns A new IDKitRequest instance
      *
      * @example
      * ```typescript
-     * const builder = await IDKit.request({ app_id, action, rp_context });
-     * const request = await builder.constraints(any(CredentialRequest('orb'), CredentialRequest('face')));
+     * const request = await IDKit.request({ app_id, action, rp_context, allow_legacy_proofs: false })
+     *   .constraints(any(CredentialRequest('orb'), CredentialRequest('face')));
      * ```
      */
+    constraints(constraints: ConstraintNode): Promise<IDKitRequest>;
     /**
      * Creates an IDKit request from a preset (works for all request types)
      *
      * Presets provide a simplified way to create requests with predefined
      * credential configurations.
      *
-     * @param preset - A preset object from orbLegacy()
+     * @param preset - A preset object from orbLegacy(), secureDocumentLegacy(), or documentLegacy()
      * @returns A new IDKitRequest instance
      *
      * @example
      * ```typescript
-     * const builder = await IDKit.request({ app_id, action, rp_context });
-     * const request = await builder.preset(orbLegacy({ signal: 'user-123' }));
+     * const request = await IDKit.request({ app_id, action, rp_context, allow_legacy_proofs: true })
+     *   .preset(orbLegacy({ signal: 'user-123' }));
      * ```
      */
     preset(preset: Preset): Promise<IDKitRequest>;
 }
 /**
- * Creates an IDKit request builder
+ * Creates an IDKit verification request builder
  *
  * This is the main entry point for creating World ID verification requests.
- * Use the builder pattern with constraints to specify which credentials to accept.
+ * Use the builder pattern with `.preset()` or `.constraints()` to specify
+ * which credentials to accept.
  *
  * @param config - Request configuration
  * @returns IDKitBuilder - A builder instance
  *
  * @example
  * ```typescript
- * import { IDKit, CredentialRequest, any } from '@worldcoin/idkit-core'
- *
- * // Initialize WASM (only needed once)
- * await IDKit.init()
+ * import { IDKit, CredentialRequest, any, enumerate, orbLegacy } from '@worldcoin/idkit-core'
  *
- * // Create request items
- * const orb = CredentialRequest('orb', { signal: 'user-123' })
- * const face = CredentialRequest('face')
- *
- * // Create a verification request with constraints
+ * // With preset (legacy support)
  * const request = await IDKit.request({
  *   app_id: 'app_staging_xxxxx',
  *   action: 'my-action',
- *   rp_context: {
- *     rp_id: 'rp_123456789abcdef0',
- *     nonce: 'unique-nonce',
- *     created_at: Math.floor(Date.now() / 1000),
- *     expires_at: Math.floor(Date.now() / 1000) + 3600,
- *     signature: 'ecdsa-signature-from-backend',
- *   },
- *   allow_legacy_proofs: false,
- * }).constraints(any(orb, face));
- *
- * // Display QR code
- * console.log('Scan this:', request.connectorURI)
- *
- * // Wait for proof
- * const proof = await request.pollUntilCompletion()
- * console.log('Success:', proof)
- * ```
- */
-declare function createRequest(config: IDKitRequestConfig): IDKitBuilder;
-/**
- * Creates a new session builder (no action, no existing session_id)
- *
- * Use this when creating a new session for a user who doesn't have one yet.
- * The response will include a `session_id` that should be saved for future
- * session proofs with `proveSession()`.
- *
- * @param config - Session configuration (no action field)
- * @returns IDKitBuilder - A builder instance
- *
- * @example
- * ```typescript
- * import { IDKit, CredentialRequest, any } from '@worldcoin/idkit-core'
- *
- * // Create a new session (user doesn't have session_id yet)
- * const request = await IDKit.createSession({
- *   app_id: 'app_staging_xxxxx',
  *   rp_context: { ... },
- * }).constraints(any(CredentialRequest('orb'), CredentialRequest('face')));
- *
- * // Display QR, wait for proof
- * const result = await request.pollUntilCompletion();
- * // result.session_id -> save this for future sessions
- * // result.responses[0].session_nullifier -> for session tracking
- * ```
- */
-declare function createSession(config: IDKitSessionConfig): IDKitBuilder;
-/**
- * Creates a builder for proving an existing session (no action, has session_id)
+ *   allow_legacy_proofs: true,
+ * }).preset(orbLegacy({ signal: 'user-123' }));
  *
- * Use this when a returning user needs to prove they own an existing session.
- * The `sessionId` should be a value previously returned from `createSession()`.
- *
- * @param sessionId - The session ID from a previous session creation
- * @param config - Session configuration (no action field)
- * @returns IDKitBuilder - A builder instance
- *
- * @example
- * ```typescript
- * import { IDKit, CredentialRequest, any } from '@worldcoin/idkit-core'
- *
- * // Prove an existing session (user returns)
- * const request = await IDKit.proveSession(savedSessionId, {
+ * // With constraints (v4 only)
+ * const request = await IDKit.request({
  *   app_id: 'app_staging_xxxxx',
+ *   action: 'my-action',
  *   rp_context: { ... },
- * }).constraints(any(CredentialRequest('orb'), CredentialRequest('face')));
+ *   allow_legacy_proofs: false,
+ * }).constraints(enumerate(CredentialRequest('orb'), CredentialRequest('face')));
  *
- * const result = await request.pollUntilCompletion();
- * // result.session_id -> same session
- * // result.responses[0].session_nullifier -> should match for same user
+ * // In World App: connectorURI is empty, result comes via postMessage
+ * // On web: connectorURI is the QR URL to display
+ * console.log(request.connectorURI);
+ *
+ * // Wait for result — same interface in both environments
+ * const proof = await request.pollUntilCompletion();
  * ```
  */
-declare function proveSession(sessionId: string, config: IDKitSessionConfig): IDKitBuilder;
+declare function createRequest(config: IDKitRequestConfig): IDKitBuilder;
 /**
  * IDKit namespace providing the main API entry points
  *
  * @example
  * ```typescript
- * import { IDKit, CredentialRequest, any } from '@worldcoin/idkit-core'
- *
- * // Initialize (only needed once)
- * await IDKit.init()
+ * import { IDKit, CredentialRequest, any, enumerate, orbLegacy } from '@worldcoin/idkit-core'
  *
- * // Create a request
+ * // Create a verification request
  * const request = await IDKit.request({
  *   app_id: 'app_staging_xxxxx',
  *   action: 'my-action',
  *   rp_context: { ... },
- * }).constraints(any(CredentialRequest('orb'), CredentialRequest('face')))
+ *   allow_legacy_proofs: true,
+ * }).preset(orbLegacy({ signal: 'user-123' }))
  *
- * // Display QR and wait for proof
+ * // In World App: result comes via postMessage (no QR needed)
+ * // On web: display QR code and wait for proof
  * console.log(request.connectorURI)
  * const proof = await request.pollUntilCompletion()
  * ```
  */
 declare const IDKit: {
-    /** Initialize WASM for browser environments */
-    init: typeof initIDKit;
-    /** Initialize WASM for Node.js/server environments */
-    initServer: typeof initIDKitServer;
     /** Create a new verification request */
     request: typeof createRequest;
-    /** Create a new session (no action, no existing session_id) */
-    createSession: typeof createSession;
-    /** Prove an existing session (no action, has session_id) */
-    proveSession: typeof proveSession;
-    /** Create a CredentialRequest for a credential type */
-    CredentialRequest: typeof CredentialRequest;
-    /** Create an OR constraint - at least one child must be satisfied */
-    any: typeof any;
-    /** Create an AND constraint - all children must be satisfied */
-    all: typeof all;
     /** Create an OrbLegacy preset for World ID 3.0 legacy support */
     orbLegacy: typeof orbLegacy;
     /** Create a SecureDocumentLegacy preset for World ID 3.0 legacy support */
@@ -725,39 +517,4 @@ declare const isWeb: () => boolean;
  */
 declare const isNode: () => boolean;
 
-/**
- * Signs an RP request for World ID proof verification
- *
- * **Backend-only**: This function should ONLY be used in Node.js/server environments.
- * Never use this in browser/client-side code as it requires access to your signing key.
- *
- * This function generates a cryptographic signature that authenticates your proof request.
- * The returned signature, nonce, and timestamps should be passed as `rp_context` to the client.
- *
- * @param action - The action tied to the proof request
- * @param signingKeyHex - The ECDSA private key as hex (0x-prefixed or not, 32 bytes)
- * @param ttlSeconds - Optional time-to-live in seconds (defaults to 300 = 5 minutes)
- * @returns RpSignature object with sig, nonce, createdAt, expiresAt to use as rp_context
- * @throws Error if called in non-Node.js environment or if parameters are invalid
- *
- * @example
- * ```typescript
- * import { signRequest } from '@worldcoin/idkit-core'
- *
- * const signingKey = process.env.RP_SIGNING_KEY // Load from secure env var
- * const signature = signRequest('my-action', signingKey)
- * console.log(signature.sig, signature.nonce, signature.createdAt, signature.expiresAt)
- * ```
- */
-declare function signRequest(action: string, signingKeyHex: string, ttlSeconds?: number): RpSignature;
-
-/**
- * Hashes a Signal (string or Uint8Array) to its hash representation.
- * This is the same hashing used internally when constructing proof requests.
- *
- * @param signal - The signal to hash (string or Uint8Array)
- * @returns 0x-prefixed hex string representing the signal hash
- */
-declare function hashSignal(signal: string | Uint8Array): string;
-
-export { type AbiEncodedValue, type ConstraintNode, CredentialRequest, type CredentialRequestType, type CredentialType, type DocumentLegacyPreset, IDKit, type IDKitCompletionResult, type IDKitErrorCode, IDKitErrorCodes, type IDKitRequest, type IDKitRequestConfig, type IDKitResult, type IDKitResultSession, type IDKitSessionConfig, type OrbLegacyPreset, type Preset, type ResponseItemSession, type ResponseItemV3, type ResponseItemV4, type RpContext, RpSignature, type SecureDocumentLegacyPreset, type Status$1 as Status, type WaitOptions, all, any, documentLegacy, hashSignal, isNode, isReactNative, isWeb, orbLegacy, secureDocumentLegacy, signRequest };
+export { type AbiEncodedValue, type ConstraintNode, type CredentialRequestType, type CredentialType, type DocumentLegacyPreset, IDKit, type IDKitCompletionResult, type IDKitErrorCode, IDKitErrorCodes, type IDKitRequest, type IDKitRequestConfig, type IDKitResult, type IDKitResultSession, type IDKitSessionConfig, type OrbLegacyPreset, type Preset, type ResponseItemSession, type ResponseItemV3, type ResponseItemV4, type RpContext, type SecureDocumentLegacyPreset, type Status$1 as Status, type WaitOptions, documentLegacy, isNode, isReactNative, isWeb, orbLegacy, secureDocumentLegacy };