@zkpassport/sdk 0.1.1 → 0.2.0

package/dist/esm/json-rpc.d.ts

@@ -0,0 +1,6 @@
+import type { JsonRpcRequest, JsonRpcResponse } from '@zkpassport/utils';
+import { WebSocketClient } from './websocket';
+export declare function createJsonRpcRequest(method: string, params: any): JsonRpcRequest;
+export declare function createEncryptedJsonRpcRequest(method: string, params: any, sharedSecret: Uint8Array, topic: string): Promise<JsonRpcRequest>;
+export declare function sendEncryptedJsonRpcRequest(method: string, params: any, sharedSecret: Uint8Array, topic: string, wsClient: WebSocketClient): Promise<boolean>;
+export declare function createJsonRpcResponse(id: string, result: any): JsonRpcResponse;

package/dist/esm/json-rpc.js

@@ -0,0 +1,41 @@
+import { randomBytes } from 'crypto';
+import { encrypt } from './encryption';
+import logger from './logger';
+export function createJsonRpcRequest(method, params) {
+    return {
+        jsonrpc: '2.0',
+        id: randomBytes(16).toString('hex'),
+        method,
+        params,
+    };
+}
+export async function createEncryptedJsonRpcRequest(method, params, sharedSecret, topic) {
+    const encryptedMessage = await encrypt(JSON.stringify({ method, params: params || {} }), sharedSecret, topic);
+    return createJsonRpcRequest('encryptedMessage', {
+        payload: Buffer.from(encryptedMessage).toString('base64'),
+    });
+}
+export async function sendEncryptedJsonRpcRequest(method, params, sharedSecret, topic, wsClient) {
+    try {
+        const message = { method, params: params || {} };
+        const encryptedMessage = await encrypt(JSON.stringify(message), sharedSecret, topic);
+        const request = createJsonRpcRequest('encryptedMessage', {
+            payload: Buffer.from(encryptedMessage).toString('base64'),
+        });
+        logger.debug('Sending encrypted message (original):', message);
+        logger.debug('Sending encrypted message (encrypted):', request);
+        wsClient.send(JSON.stringify(request));
+        return true;
+    }
+    catch (error) {
+        logger.error('Error sending encrypted message:', error);
+        return false;
+    }
+}
+export function createJsonRpcResponse(id, result) {
+    return {
+        jsonrpc: '2.0',
+        id,
+        result,
+    };
+}

package/dist/esm/logger.d.ts

@@ -0,0 +1,7 @@
+declare const customLogger: {
+    debug: (message: string, ...args: any[]) => void;
+    info: (message: string, ...args: any[]) => void;
+    warn: (message: string, ...args: any[]) => void;
+    error: (message: string, ...args: any[]) => void;
+};
+export default customLogger;

package/dist/esm/logger.js

@@ -0,0 +1,37 @@
+// import { createLogger, transports, format } from 'winston'
+// import colors from 'colors/safe'
+// import util from 'util'
+// const logger = createLogger({
+//   level: 'debug',
+//   format: format.combine(
+//     format.timestamp({ format: 'HH:mm' }),
+//     format.printf(({ timestamp, level, message, additionalInfo }) => {
+//       const colorMap = {
+//         debug: colors.cyan,
+//         info: colors.green,
+//         warn: colors.yellow,
+//         error: colors.red,
+//       } as const
+//       const coloredLevel = (colorMap[level as keyof typeof colorMap] || colors.white)(level.toUpperCase())
+//       let logMessage = `${timestamp} [${coloredLevel}] ${message}`
+//       if (additionalInfo && additionalInfo.length > 0) {
+//         logMessage += ' ' + util.inspect(additionalInfo, { depth: null, colors: true })
+//       }
+//       return logMessage
+//     }),
+//   ),
+//   transports: [new transports.Console()],
+// })
+// const customLogger = {
+//   debug: (message: string, ...args: any[]) => logger.debug(message, { additionalInfo: args }),
+//   info: (message: string, ...args: any[]) => logger.info(message, { additionalInfo: args }),
+//   warn: (message: string, ...args: any[]) => logger.warn(message, { additionalInfo: args }),
+//   error: (message: string, ...args: any[]) => logger.error(message, { additionalInfo: args }),
+// }
+const customLogger = {
+    debug: (message, ...args) => console.debug(message, ...args),
+    info: (message, ...args) => console.info(message, ...args),
+    warn: (message, ...args) => console.warn(message, ...args),
+    error: (message, ...args) => console.error(message, ...args),
+};
+export default customLogger;

package/dist/esm/mobile.d.ts

@@ -0,0 +1,39 @@
+export declare class ZkPassportProver {
+    private domain?;
+    private topicToKeyPair;
+    private topicToWebSocketClient;
+    private topicToRemoteDomainVerified;
+    private topicToSharedSecret;
+    private topicToRemotePublicKey;
+    private onDomainVerifiedCallbacks;
+    private onBridgeConnectCallbacks;
+    private onWebsiteDomainVerifyFailureCallbacks;
+    constructor();
+    /**
+     * @notice Handle an encrypted message.
+     * @param request The request.
+     * @param outerRequest The outer request.
+     */
+    private handleEncryptedMessage;
+    /**
+     * @notice Scan a credentirequest QR code.
+     * @returns
+     */
+    scan(url: string, { keyPairOverride, }?: {
+        keyPairOverride?: {
+            privateKey: Uint8Array;
+            publicKey: Uint8Array;
+        };
+    }): Promise<{
+        domain: string;
+        requestId: string;
+        isBridgeConnected: () => boolean;
+        isDomainVerified: () => boolean;
+        onDomainVerified: (callback: () => void) => number;
+        onBridgeConnect: (callback: () => void) => number;
+        notifyReject: () => Promise<void>;
+        notifyAccept: () => Promise<void>;
+        notifyDone: (proof: any) => Promise<void>;
+        notifyError: (error: string) => Promise<void>;
+    }>;
+}

package/dist/esm/mobile.js

@@ -0,0 +1,126 @@
+import { bytesToHex } from '@noble/ciphers/utils';
+import { getWebSocketClient } from './websocket';
+import { sendEncryptedJsonRpcRequest } from './json-rpc';
+import { decrypt, generateECDHKeyPair, getSharedSecret } from './encryption';
+import logger from './logger';
+export class ZkPassportProver {
+    constructor() {
+        this.topicToKeyPair = {};
+        this.topicToWebSocketClient = {};
+        this.topicToRemoteDomainVerified = {};
+        this.topicToSharedSecret = {};
+        this.topicToRemotePublicKey = {};
+        this.onDomainVerifiedCallbacks = {};
+        this.onBridgeConnectCallbacks = {};
+        this.onWebsiteDomainVerifyFailureCallbacks = {};
+    }
+    /**
+     * @notice Handle an encrypted message.
+     * @param request The request.
+     * @param outerRequest The outer request.
+     */
+    async handleEncryptedMessage(topic, request, outerRequest) {
+        logger.debug('Received encrypted message:', request);
+        if (request.method === 'hello') {
+            logger.info(`Successfully verified origin domain name: ${outerRequest.origin}`);
+            this.topicToRemoteDomainVerified[topic] = true;
+            await Promise.all(this.onDomainVerifiedCallbacks[topic].map((callback) => callback()));
+        }
+        else if (request.method === 'closed_page') {
+            // TODO: Implement
+        }
+    }
+    /**
+     * @notice Scan a credentirequest QR code.
+     * @returns
+     */
+    async scan(url, { keyPairOverride, } = {}) {
+        const parsedUrl = new URL(url);
+        const domain = parsedUrl.searchParams.get('d');
+        const topic = parsedUrl.searchParams.get('t');
+        const pubkeyHex = parsedUrl.searchParams.get('p');
+        if (!domain || !topic || !pubkeyHex) {
+            throw new Error('Invalid URL: missing required parameters');
+        }
+        const pubkey = new Uint8Array(Buffer.from(pubkeyHex, 'hex'));
+        this.domain = domain;
+        const keyPair = keyPairOverride || (await generateECDHKeyPair());
+        this.topicToKeyPair[topic] = {
+            privateKey: keyPair.privateKey,
+            publicKey: keyPair.publicKey,
+        };
+        this.topicToRemotePublicKey[topic] = pubkey;
+        this.topicToSharedSecret[topic] = await getSharedSecret(bytesToHex(keyPair.privateKey), bytesToHex(pubkey));
+        this.topicToRemoteDomainVerified[topic] = false;
+        this.onDomainVerifiedCallbacks[topic] = [];
+        this.onBridgeConnectCallbacks[topic] = [];
+        // Set up WebSocket connection
+        const wsClient = getWebSocketClient(`wss://bridge.zkpassport.id?topic=${topic}&pubkey=${bytesToHex(keyPair.publicKey)}`);
+        this.topicToWebSocketClient[topic] = wsClient;
+        wsClient.onopen = async () => {
+            logger.info('[mobile] WebSocket connection established');
+            await Promise.all(this.onBridgeConnectCallbacks[topic].map((callback) => callback()));
+            // Server sends handshake automatically (when it sees a pubkey in websocket URI)
+            // wsClient.send(
+            //   JSON.stringify(
+            //     createJsonRpcRequest('handshake', {
+            //       pubkey: bytesToHex(keyPair.publicKey),
+            //     }),
+            //   ),
+            // )
+        };
+        wsClient.addEventListener('message', async (event) => {
+            logger.info('[mobile] Received message:', event.data);
+            try {
+                const data = JSON.parse(event.data);
+                const originDomain = data.origin ? new URL(data.origin).hostname : undefined;
+                // Origin domain must match domain in QR code
+                if (originDomain !== this.domain) {
+                    logger.warn(`[mobile] Origin does not match domain in QR code. Expected ${this.domain} but got ${originDomain}`);
+                    return;
+                }
+                if (data.method === 'encryptedMessage') {
+                    // Decode the payload from base64 to Uint8Array
+                    const payload = new Uint8Array(atob(data.params.payload)
+                        .split('')
+                        .map((c) => c.charCodeAt(0)));
+                    try {
+                        // Decrypt the payload using the shared secret
+                        const decrypted = await decrypt(payload, this.topicToSharedSecret[topic], topic);
+                        const decryptedJson = JSON.parse(decrypted);
+                        await this.handleEncryptedMessage(topic, decryptedJson, data);
+                    }
+                    catch (error) {
+                        logger.error('[mobile] Error decrypting message:', error);
+                    }
+                }
+            }
+            catch (error) {
+                logger.error('[mobile] Error:', error);
+            }
+        });
+        wsClient.onerror = (error) => {
+            logger.error('[mobile] WebSocket error:', error);
+        };
+        return {
+            domain: this.domain,
+            requestId: topic,
+            isBridgeConnected: () => this.topicToWebSocketClient[topic].readyState === WebSocket.OPEN,
+            isDomainVerified: () => this.topicToRemoteDomainVerified[topic] === true,
+            onDomainVerified: (callback) => this.onDomainVerifiedCallbacks[topic].push(callback),
+            onBridgeConnect: (callback) => this.onBridgeConnectCallbacks[topic].push(callback),
+            notifyReject: async () => {
+                await sendEncryptedJsonRpcRequest('reject', null, this.topicToSharedSecret[topic], topic, this.topicToWebSocketClient[topic]);
+            },
+            notifyAccept: async () => {
+                await sendEncryptedJsonRpcRequest('accept', null, this.topicToSharedSecret[topic], topic, this.topicToWebSocketClient[topic]);
+            },
+            notifyDone: async (proof) => {
+                await sendEncryptedJsonRpcRequest('done', { proof }, this.topicToSharedSecret[topic], topic, this.topicToWebSocketClient[topic]);
+            },
+            notifyError: async (error) => {
+                await sendEncryptedJsonRpcRequest('error', { error }, this.topicToSharedSecret[topic], topic, this.topicToWebSocketClient[topic]);
+            },
+        };
+    }
+}

package/dist/esm/websocket.d.ts

@@ -0,0 +1,2 @@
+export declare function getWebSocketClient(url: string, origin?: string): WebSocket | import("ws").WebSocket;
+export type WebSocketClient = ReturnType<typeof getWebSocketClient>;

package/dist/esm/websocket.js

@@ -0,0 +1,15 @@
+export function getWebSocketClient(url, origin) {
+    if (typeof window !== 'undefined' && window.WebSocket) {
+        // Browser environment
+        return new WebSocket(url);
+    }
+    else {
+        // Node.js environment
+        const WebSocket = require('ws');
+        return new WebSocket(url, {
+            headers: {
+                Origin: origin || 'nodejs',
+            },
+        });
+    }
+}

package/package.json

@@ -1,31 +1,39 @@
 {
   "name": "@zkpassport/sdk",
-  "version": "0.1.1",
-  "description": "",
-  "main": "./dist/index.js",
-  "types": "./dist/index.d.ts",
+  "version": "0.2.0",
+  "description": "ZKPassport SDK",
+  "main": "./dist/cjs/index.js",
+  "module": "./dist/esm/index.js",
+  "types": "./dist/esm/index.d.ts",
   "files": [
     "src/",
-    "dist/",
+    "dist/**",
     "tsconfig.json",
     "README.md"
   ],
   "scripts": {
     "prepare": "npm i --save-dev @types/node && npm run build",
-    "build": "tsc"
+    "build": "npm run build:esm && npm run build:cjs",
+    "build:esm": "tsc -p tsconfig.json",
+    "build:cjs": "tsc -p tsconfig.cjs.json"
   },
   "keywords": [],
   "author": "",
   "license": "Apache-2.0",
   "devDependencies": {
-    "@types/node": "^22.10.5",
+    "@types/node": "^22.10.9",
+    "@types/node-gzip": "^1.1.3",
     "@types/ws": "^8.5.12",
     "typescript": "^5.6.2"
   },
   "dependencies": {
+    "@aztec/bb.js": "^0.67.0",
     "@noble/ciphers": "^1.0.0",
     "@noble/secp256k1": "^2.1.0",
+    "@zkpassport/utils": "^0.2.12",
     "i18n-iso-countries": "^7.12.0",
+    "node-gzip": "^1.1.2",
+    "tslib": "^2.8.1",
     "ws": "^8.18.0"
   }
 }