@zkproofport-ai/sdk 0.1.0

package/dist/attestation.js

@@ -0,0 +1,220 @@
+import { ethers } from 'ethers';
+import { CIRCUITS, COINBASE_ATTESTER_CONTRACT, DEFAULT_EAS_GRAPHQL, DEFAULT_EAS_RPC } from './constants.js';
+// ─── GraphQL query ──────────────────────────────────────────────────────
+const EAS_ATTESTATIONS_QUERY = `
+  query GetAttestations($schemaId: String!, $recipient: String!) {
+    attestations(
+      where: {
+        schemaId: { equals: $schemaId }
+        recipient: { equals: $recipient }
+        revoked: { equals: false }
+      }
+      orderBy: [{ time: desc }]
+      take: 1
+    ) {
+      id
+      txid
+      recipient
+      attester
+      time
+      expirationTime
+      schemaId
+    }
+  }
+`;
+// ─── Retry constants ────────────────────────────────────────────────────
+const MAX_RETRIES = 3;
+const RETRY_DELAY_MS = 1000;
+const RETRYABLE_STATUS = new Set([429, 500, 502, 503, 504]);
+// ─── EAS GraphQL fetch ──────────────────────────────────────────────────
+/**
+ * Query EAS GraphQL for the latest attestation matching schemaId + recipient.
+ */
+export async function fetchAttestationFromEAS(easGraphqlUrl, circuitId, recipientAddress) {
+    const circuit = CIRCUITS[circuitId];
+    const schemaId = circuit.easSchemaId;
+    const response = await fetch(easGraphqlUrl, {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/json' },
+        body: JSON.stringify({
+            query: EAS_ATTESTATIONS_QUERY,
+            variables: {
+                schemaId,
+                recipient: recipientAddress.toLowerCase(),
+            },
+        }),
+    });
+    if (!response.ok) {
+        throw new Error(`EAS GraphQL request failed: HTTP ${response.status}`);
+    }
+    const data = await response.json();
+    if (data.errors && data.errors.length > 0) {
+        throw new Error(`EAS GraphQL error: ${data.errors[0].message}`);
+    }
+    const attestations = data.data?.attestations;
+    if (!attestations || attestations.length === 0) {
+        throw new Error(`No attestation found for schema ${schemaId} and recipient ${recipientAddress}`);
+    }
+    return attestations[0];
+}
+// ─── Raw transaction fetch ──────────────────────────────────────────────
+/**
+ * Fetch raw transaction via eth_getTransactionByHash from an RPC endpoint.
+ * Includes retry logic for 429/5xx responses with exponential backoff.
+ */
+export async function fetchRawTransaction(rpcUrl, txHash) {
+    let lastError;
+    for (let attempt = 0; attempt < MAX_RETRIES; attempt++) {
+        try {
+            const response = await fetch(rpcUrl, {
+                method: 'POST',
+                headers: { 'Content-Type': 'application/json' },
+                body: JSON.stringify({
+                    jsonrpc: '2.0',
+                    id: 1,
+                    method: 'eth_getTransactionByHash',
+                    params: [txHash],
+                }),
+            });
+            if (!response.ok) {
+                if (RETRYABLE_STATUS.has(response.status) && attempt < MAX_RETRIES - 1) {
+                    lastError = new Error(`RPC request failed: HTTP ${response.status}`);
+                    await new Promise(r => setTimeout(r, RETRY_DELAY_MS * (attempt + 1)));
+                    continue;
+                }
+                throw new Error(`RPC request failed: HTTP ${response.status}`);
+            }
+            const data = await response.json();
+            if (data.error) {
+                throw new Error(`RPC error: ${data.error.message}`);
+            }
+            if (!data.result) {
+                throw new Error(`Transaction ${txHash} not found`);
+            }
+            return reconstructRawTransaction(data.result);
+        }
+        catch (err) {
+            lastError = err;
+            const cause = err?.cause?.code;
+            if (attempt < MAX_RETRIES - 1 && (cause === 'ECONNRESET' || cause === 'ETIMEDOUT')) {
+                await new Promise(r => setTimeout(r, RETRY_DELAY_MS * (attempt + 1)));
+                continue;
+            }
+            throw err;
+        }
+    }
+    throw lastError || new Error(`RPC request failed after ${MAX_RETRIES} retries`);
+}
+// ─── Transaction reconstruction ─────────────────────────────────────────
+/**
+ * Reconstruct a raw signed transaction hex from RPC response fields.
+ * Uses ethers v6 Transaction class. Returns tx.serialized (SIGNED).
+ */
+export function reconstructRawTransaction(txData) {
+    const txType = parseInt(txData.type, 16);
+    const tx = ethers.Transaction.from({
+        to: txData.to,
+        nonce: parseInt(txData.nonce, 16),
+        gasLimit: BigInt(txData.gas),
+        maxFeePerGas: txData.maxFeePerGas ? BigInt(txData.maxFeePerGas) : undefined,
+        maxPriorityFeePerGas: txData.maxPriorityFeePerGas ? BigInt(txData.maxPriorityFeePerGas) : undefined,
+        gasPrice: txData.gasPrice ? BigInt(txData.gasPrice) : undefined,
+        data: txData.input,
+        value: BigInt(txData.value),
+        chainId: BigInt(txData.chainId),
+        type: txType,
+        signature: {
+            r: txData.r,
+            s: txData.s,
+            v: parseInt(txData.v, 16),
+        },
+        accessList: txData.accessList || [],
+    });
+    return tx.serialized;
+}
+// ─── Validation ─────────────────────────────────────────────────────────
+/**
+ * Validate the attestation transaction:
+ * - tx.to matches COINBASE_ATTESTER_CONTRACT
+ * - function selector matches the circuit's expected selector
+ */
+export function validateAttestationTx(rawTransaction, circuitId) {
+    const tx = ethers.Transaction.from(rawTransaction);
+    // Check destination
+    if (!tx.to || tx.to.toLowerCase() !== COINBASE_ATTESTER_CONTRACT.toLowerCase()) {
+        return {
+            valid: false,
+            error: `Transaction destination ${tx.to} does not match Coinbase Attester Contract ${COINBASE_ATTESTER_CONTRACT}`,
+        };
+    }
+    // Check function selector
+    const expectedSelector = CIRCUITS[circuitId].functionSelector;
+    const actualSelector = tx.data.slice(0, 10);
+    if (actualSelector !== expectedSelector) {
+        return {
+            valid: false,
+            error: `Function selector ${actualSelector} does not match expected ${expectedSelector} for ${circuitId}`,
+        };
+    }
+    return { valid: true };
+}
+// ─── Public key recovery ────────────────────────────────────────────────
+/**
+ * Recover the Coinbase attester's uncompressed public key from the transaction signature.
+ * Returns "0x04..." (130 hex chars).
+ */
+export function recoverAttesterPubkey(rawTransaction) {
+    const tx = ethers.Transaction.from(rawTransaction);
+    // Reconstruct unsigned tx to get the hash that was signed
+    const unsignedTx = ethers.Transaction.from({
+        to: tx.to,
+        nonce: tx.nonce,
+        gasLimit: tx.gasLimit,
+        maxFeePerGas: tx.maxFeePerGas,
+        maxPriorityFeePerGas: tx.maxPriorityFeePerGas,
+        gasPrice: tx.gasPrice,
+        data: tx.data,
+        value: tx.value,
+        chainId: tx.chainId,
+        type: tx.type,
+        accessList: tx.accessList,
+    });
+    const unsignedTxHash = ethers.keccak256(unsignedTx.unsignedSerialized);
+    if (!tx.signature) {
+        throw new Error('Transaction has no signature');
+    }
+    const pubkey = ethers.SigningKey.recoverPublicKey(unsignedTxHash, tx.signature);
+    return pubkey;
+}
+/**
+ * Get the signer address from a recovered public key.
+ */
+export function getSignerAddress(pubkey) {
+    return ethers.computeAddress(pubkey);
+}
+// ─── Full pipeline ──────────────────────────────────────────────────────
+/**
+ * Full attestation fetch pipeline:
+ * 1. Query EAS GraphQL for the latest attestation
+ * 2. Fetch the raw transaction from RPC
+ * 3. Validate transaction fields
+ * 4. Return attestation + raw transaction
+ */
+export async function fetchAttestation(config, circuitId, recipientAddress) {
+    const easGraphqlUrl = config.easGraphqlUrl || DEFAULT_EAS_GRAPHQL;
+    const easRpcUrl = config.easRpcUrl || DEFAULT_EAS_RPC;
+    // Step 1: Query EAS
+    const attestation = await fetchAttestationFromEAS(easGraphqlUrl, circuitId, recipientAddress);
+    // Step 2: Fetch raw TX
+    const rawTransaction = await fetchRawTransaction(easRpcUrl, attestation.txid);
+    // Step 3: Validate
+    const validation = validateAttestationTx(rawTransaction, circuitId);
+    if (!validation.valid) {
+        throw new Error(`Attestation TX validation failed: ${validation.error}`);
+    }
+    return {
+        attestation,
+        rawTransaction,
+    };
+}
+//# sourceMappingURL=attestation.js.map

package/dist/attestation.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"attestation.js","sourceRoot":"","sources":["../src/attestation.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAChC,OAAO,EAAE,QAAQ,EAAE,0BAA0B,EAAE,mBAAmB,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAC;AAG5G,2EAA2E;AAE3E,MAAM,sBAAsB,GAAG;;;;;;;;;;;;;;;;;;;;CAoB9B,CAAC;AAEF,2EAA2E;AAE3E,MAAM,WAAW,GAAG,CAAC,CAAC;AACtB,MAAM,cAAc,GAAG,IAAI,CAAC;AAC5B,MAAM,gBAAgB,GAAG,IAAI,GAAG,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC;AAE5D,2EAA2E;AAE3E;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,uBAAuB,CAC3C,aAAqB,EACrB,SAAoB,EACpB,gBAAwB;IAExB,MAAM,OAAO,GAAG,QAAQ,CAAC,SAAS,CAAC,CAAC;IACpC,MAAM,QAAQ,GAAG,OAAO,CAAC,WAAW,CAAC;IAErC,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,aAAa,EAAE;QAC1C,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;QAC/C,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;YACnB,KAAK,EAAE,sBAAsB;YAC7B,SAAS,EAAE;gBACT,QAAQ;gBACR,SAAS,EAAE,gBAAgB,CAAC,WAAW,EAAE;aAC1C;SACF,CAAC;KACH,CAAC,CAAC;IAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;QACjB,MAAM,IAAI,KAAK,CAAC,oCAAoC,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;IACzE,CAAC;IAED,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;IAEnC,IAAI,IAAI,CAAC,MAAM,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC1C,MAAM,IAAI,KAAK,CAAC,sBAAsB,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC;IAClE,CAAC;IAED,MAAM,YAAY,GAAG,IAAI,CAAC,IAAI,EAAE,YAAY,CAAC;IAC7C,IAAI,CAAC,YAAY,IAAI,YAAY,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC/C,MAAM,IAAI,KAAK,CACb,mCAAmC,QAAQ,kBAAkB,gBAAgB,EAAE,CAChF,CAAC;IACJ,CAAC;IAED,OAAO,YAAY,CAAC,CAAC,CAAC,CAAC;AACzB,CAAC;AAED,2EAA2E;AAE3E;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB,CACvC,MAAc,EACd,MAAc;IAEd,IAAI,SAA4B,CAAC;IAEjC,KAAK,IAAI,OAAO,GAAG,CAAC,EAAE,OAAO,GAAG,WAAW,EAAE,OAAO,EAAE,EAAE,CAAC;QACvD,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,MAAM,EAAE;gBACnC,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;gBAC/C,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;oBACnB,OAAO,EAAE,KAAK;oBACd,EAAE,EAAE,CAAC;oBACL,MAAM,EAAE,0BAA0B;oBAClC,MAAM,EAAE,CAAC,MAAM,CAAC;iBACjB,CAAC;aACH,CAAC,CAAC;YAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;gBACjB,IAAI,gBAAgB,CAAC,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,OAAO,GAAG,WAAW,GAAG,CAAC,EAAE,CAAC;oBACvE,SAAS,GAAG,IAAI,KAAK,CAAC,4BAA4B,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;oBACrE,MAAM,IAAI,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,UAAU,CAAC,CAAC,EAAE,cAAc,GAAG,CAAC,OAAO,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;oBACtE,SAAS;gBACX,CAAC;gBACD,MAAM,IAAI,KAAK,CAAC,4BAA4B,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;YACjE,CAAC;YAED,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YAEnC,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;gBACf,MAAM,IAAI,KAAK,CAAC,cAAc,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;YACtD,CAAC;YAED,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;gBACjB,MAAM,IAAI,KAAK,CAAC,eAAe,MAAM,YAAY,CAAC,CAAC;YACrD,CAAC;YAED,OAAO,yBAAyB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAChD,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,SAAS,GAAG,GAAY,CAAC;YACzB,MAAM,KAAK,GAAI,GAAW,EAAE,KAAK,EAAE,IAAI,CAAC;YACxC,IAAI,OAAO,GAAG,WAAW,GAAG,CAAC,IAAI,CAAC,KAAK,KAAK,YAAY,IAAI,KAAK,KAAK,WAAW,CAAC,EAAE,CAAC;gBACnF,MAAM,IAAI,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,UAAU,CAAC,CAAC,EAAE,cAAc,GAAG,CAAC,OAAO,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;gBACtE,SAAS;YACX,CAAC;YACD,MAAM,GAAG,CAAC;QACZ,CAAC;IACH,CAAC;IAED,MAAM,SAAS,IAAI,IAAI,KAAK,CAAC,4BAA4B,WAAW,UAAU,CAAC,CAAC;AAClF,CAAC;AAED,2EAA2E;AAE3E;;;GAGG;AACH,MAAM,UAAU,yBAAyB,CAAC,MAezC;IACC,MAAM,MAAM,GAAG,QAAQ,CAAC,MAAM,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;IAEzC,MAAM,EAAE,GAAG,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC;QACjC,EAAE,EAAE,MAAM,CAAC,EAAE;QACb,KAAK,EAAE,QAAQ,CAAC,MAAM,CAAC,KAAK,EAAE,EAAE,CAAC;QACjC,QAAQ,EAAE,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC;QAC5B,YAAY,EAAE,MAAM,CAAC,YAAY,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,SAAS;QAC3E,oBAAoB,EAAE,MAAM,CAAC,oBAAoB,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,oBAAoB,CAAC,CAAC,CAAC,CAAC,SAAS;QACnG,QAAQ,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,SAAS;QAC/D,IAAI,EAAE,MAAM,CAAC,KAAK;QAClB,KAAK,EAAE,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC;QAC3B,OAAO,EAAE,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC;QAC/B,IAAI,EAAE,MAAM;QACZ,SAAS,EAAE;YACT,CAAC,EAAE,MAAM,CAAC,CAAC;YACX,CAAC,EAAE,MAAM,CAAC,CAAC;YACX,CAAC,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC,EAAE,EAAE,CAAC;SAC1B;QACD,UAAU,EAAE,MAAM,CAAC,UAAU,IAAI,EAAE;KACpC,CAAC,CAAC;IAEH,OAAO,EAAE,CAAC,UAAU,CAAC;AACvB,CAAC;AAED,2EAA2E;AAE3E;;;;GAIG;AACH,MAAM,UAAU,qBAAqB,CACnC,cAAsB,EACtB,SAAoB;IAEpB,MAAM,EAAE,GAAG,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;IAEnD,oBAAoB;IACpB,IAAI,CAAC,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,CAAC,WAAW,EAAE,KAAK,0BAA0B,CAAC,WAAW,EAAE,EAAE,CAAC;QAC/E,OAAO;YACL,KAAK,EAAE,KAAK;YACZ,KAAK,EAAE,2BAA2B,EAAE,CAAC,EAAE,8CAA8C,0BAA0B,EAAE;SAClH,CAAC;IACJ,CAAC;IAED,0BAA0B;IAC1B,MAAM,gBAAgB,GAAG,QAAQ,CAAC,SAAS,CAAC,CAAC,gBAAgB,CAAC;IAC9D,MAAM,cAAc,GAAG,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IAC5C,IAAI,cAAc,KAAK,gBAAgB,EAAE,CAAC;QACxC,OAAO;YACL,KAAK,EAAE,KAAK;YACZ,KAAK,EAAE,qBAAqB,cAAc,4BAA4B,gBAAgB,QAAQ,SAAS,EAAE;SAC1G,CAAC;IACJ,CAAC;IAED,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC;AACzB,CAAC;AAED,2EAA2E;AAE3E;;;GAGG;AACH,MAAM,UAAU,qBAAqB,CAAC,cAAsB;IAC1D,MAAM,EAAE,GAAG,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;IAEnD,0DAA0D;IAC1D,MAAM,UAAU,GAAG,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC;QACzC,EAAE,EAAE,EAAE,CAAC,EAAE;QACT,KAAK,EAAE,EAAE,CAAC,KAAK;QACf,QAAQ,EAAE,EAAE,CAAC,QAAQ;QACrB,YAAY,EAAE,EAAE,CAAC,YAAY;QAC7B,oBAAoB,EAAE,EAAE,CAAC,oBAAoB;QAC7C,QAAQ,EAAE,EAAE,CAAC,QAAQ;QACrB,IAAI,EAAE,EAAE,CAAC,IAAI;QACb,KAAK,EAAE,EAAE,CAAC,KAAK;QACf,OAAO,EAAE,EAAE,CAAC,OAAO;QACnB,IAAI,EAAE,EAAE,CAAC,IAAI;QACb,UAAU,EAAE,EAAE,CAAC,UAAU;KAC1B,CAAC,CAAC;IAEH,MAAM,cAAc,GAAG,MAAM,CAAC,SAAS,CAAC,UAAU,CAAC,kBAAkB,CAAC,CAAC;IAEvE,IAAI,CAAC,EAAE,CAAC,SAAS,EAAE,CAAC;QAClB,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;IAClD,CAAC;IAED,MAAM,MAAM,GAAG,MAAM,CAAC,UAAU,CAAC,gBAAgB,CAAC,cAAc,EAAE,EAAE,CAAC,SAAS,CAAC,CAAC;IAChF,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,gBAAgB,CAAC,MAAc;IAC7C,OAAO,MAAM,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC;AACvC,CAAC;AAED,2EAA2E;AAE3E;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,gBAAgB,CACpC,MAAoB,EACpB,SAAoB,EACpB,gBAAwB;IAExB,MAAM,aAAa,GAAG,MAAM,CAAC,aAAa,IAAI,mBAAmB,CAAC;IAClE,MAAM,SAAS,GAAG,MAAM,CAAC,SAAS,IAAI,eAAe,CAAC;IAEtD,oBAAoB;IACpB,MAAM,WAAW,GAAG,MAAM,uBAAuB,CAC/C,aAAa,EACb,SAAS,EACT,gBAAgB,CACjB,CAAC;IAEF,uBAAuB;IACvB,MAAM,cAAc,GAAG,MAAM,mBAAmB,CAAC,SAAS,EAAE,WAAW,CAAC,IAAI,CAAC,CAAC;IAE9E,mBAAmB;IACnB,MAAM,UAAU,GAAG,qBAAqB,CAAC,cAAc,EAAE,SAAS,CAAC,CAAC;IACpE,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,CAAC;QACtB,MAAM,IAAI,KAAK,CAAC,qCAAqC,UAAU,CAAC,KAAK,EAAE,CAAC,CAAC;IAC3E,CAAC;IAED,OAAO;QACL,WAAW;QACX,cAAc;KACf,CAAC;AACJ,CAAC"}

package/dist/cdp.d.ts

@@ -0,0 +1,44 @@
+import type { ProofportSigner } from './signer.js';
+/**
+ * CDP MPC Wallet adapter implementing ProofportSigner.
+ * Uses Coinbase AgentKit's CdpEvmWalletProvider for key management.
+ * Private keys never leave Coinbase's TEE.
+ */
+export declare class CdpWalletSigner implements ProofportSigner {
+    private provider;
+    private constructor();
+    /**
+     * Create a CdpWalletSigner from environment variables.
+     * Requires: CDP_API_KEY_ID, CDP_API_KEY_SECRET, CDP_WALLET_SECRET
+     * Optional: CDP_WALLET_ADDRESS (to load existing wallet), CDP_NETWORK_ID (default: base-sepolia)
+     */
+    static create(opts?: {
+        apiKeyId?: string;
+        apiKeySecret?: string;
+        walletSecret?: string;
+        networkId?: string;
+        address?: string;
+    }): Promise<CdpWalletSigner>;
+    getAddress(): string;
+    signMessage(message: Uint8Array): Promise<string>;
+    signTypedData(domain: {
+        name: string;
+        version: string;
+        chainId: number;
+        verifyingContract: string;
+    }, types: Record<string, Array<{
+        name: string;
+        type: string;
+    }>>, message: Record<string, unknown>): Promise<string>;
+    sendTransaction(tx: {
+        to: string;
+        data: string;
+        value?: bigint;
+    }): Promise<{
+        hash: string;
+        wait(): Promise<{
+            status: number | null;
+        }>;
+    }>;
+}
+//# sourceMappingURL=cdp.d.ts.map

package/dist/cdp.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"cdp.d.ts","sourceRoot":"","sources":["../src/cdp.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAEnD;;;;GAIG;AACH,qBAAa,eAAgB,YAAW,eAAe;IAErD,OAAO,CAAC,QAAQ,CAAM;IAEtB,OAAO;IAIP;;;;OAIG;WACU,MAAM,CAAC,IAAI,CAAC,EAAE;QACzB,QAAQ,CAAC,EAAE,MAAM,CAAC;QAClB,YAAY,CAAC,EAAE,MAAM,CAAC;QACtB,YAAY,CAAC,EAAE,MAAM,CAAC;QACtB,SAAS,CAAC,EAAE,MAAM,CAAC;QACnB,OAAO,CAAC,EAAE,MAAM,CAAC;KAClB,GAAG,OAAO,CAAC,eAAe,CAAC;IA4B5B,UAAU,IAAI,MAAM;IAId,WAAW,CAAC,OAAO,EAAE,UAAU,GAAG,OAAO,CAAC,MAAM,CAAC;IAIjD,aAAa,CACjB,MAAM,EAAE;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,MAAM,CAAC;QAAC,iBAAiB,EAAE,MAAM,CAAA;KAAE,EACrF,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,KAAK,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC,EAC5D,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAC/B,OAAO,CAAC,MAAM,CAAC;IAsBZ,eAAe,CAAC,EAAE,EAAE;QACxB,EAAE,EAAE,MAAM,CAAC;QACX,IAAI,EAAE,MAAM,CAAC;QACb,KAAK,CAAC,EAAE,MAAM,CAAC;KAChB,GAAG,OAAO,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,IAAI,IAAI,OAAO,CAAC;YAAE,MAAM,EAAE,MAAM,GAAG,IAAI,CAAA;SAAE,CAAC,CAAA;KAAE,CAAC;CAsB1E"}

package/dist/cdp.js

@@ -0,0 +1,89 @@
+/**
+ * CDP MPC Wallet adapter implementing ProofportSigner.
+ * Uses Coinbase AgentKit's CdpEvmWalletProvider for key management.
+ * Private keys never leave Coinbase's TEE.
+ */
+export class CdpWalletSigner {
+    // Store the wallet provider as `any` to avoid hard dependency on @coinbase/agentkit types
+    provider;
+    constructor(provider) {
+        this.provider = provider;
+    }
+    /**
+     * Create a CdpWalletSigner from environment variables.
+     * Requires: CDP_API_KEY_ID, CDP_API_KEY_SECRET, CDP_WALLET_SECRET
+     * Optional: CDP_WALLET_ADDRESS (to load existing wallet), CDP_NETWORK_ID (default: base-sepolia)
+     */
+    static async create(opts) {
+        let CdpEvmWalletProvider;
+        try {
+            // @ts-ignore — optional peer dependency, may not be installed
+            const mod = await import('@coinbase/agentkit');
+            CdpEvmWalletProvider = mod.CdpEvmWalletProvider;
+        }
+        catch {
+            throw new Error('CDP wallet requires @coinbase/agentkit. Install it: npm install @coinbase/agentkit @coinbase/cdp-sdk');
+        }
+        const config = {
+            apiKeyId: opts?.apiKeyId || process.env.CDP_API_KEY_ID,
+            apiKeySecret: opts?.apiKeySecret || process.env.CDP_API_KEY_SECRET,
+            walletSecret: opts?.walletSecret || process.env.CDP_WALLET_SECRET,
+            networkId: opts?.networkId || process.env.CDP_NETWORK_ID || 'base-sepolia',
+        };
+        const address = opts?.address || process.env.CDP_WALLET_ADDRESS;
+        if (address) {
+            config.address = address;
+        }
+        const provider = await CdpEvmWalletProvider.configureWithWallet(config);
+        return new CdpWalletSigner(provider);
+    }
+    getAddress() {
+        return this.provider.getAddress();
+    }
+    async signMessage(message) {
+        return this.provider.signMessage(message);
+    }
+    async signTypedData(domain, types, message) {
+        // Bridge ethers 3-arg style → viem single-object style
+        // AgentKit's signTypedData expects { domain, types, primaryType, message }
+        // Determine primaryType: it's the first key in types that isn't EIP712Domain
+        const primaryType = Object.keys(types).find(k => k !== 'EIP712Domain') || Object.keys(types)[0];
+        return this.provider.signTypedData({
+            domain,
+            types: {
+                ...types,
+                EIP712Domain: [
+                    { name: 'name', type: 'string' },
+                    { name: 'version', type: 'string' },
+                    { name: 'chainId', type: 'uint256' },
+                    { name: 'verifyingContract', type: 'address' },
+                ],
+            },
+            primaryType,
+            message,
+        });
+    }
+    async sendTransaction(tx) {
+        // AgentKit's sendTransaction returns just the tx hash
+        const hash = await this.provider.sendTransaction({
+            to: tx.to,
+            data: tx.data,
+            value: tx.value ?? 0n,
+        });
+        return {
+            hash,
+            wait: async () => {
+                // Use AgentKit's waitForTransactionReceipt if available
+                try {
+                    const receipt = await this.provider.waitForTransactionReceipt(hash);
+                    return { status: receipt?.status === 'success' ? 1 : 0 };
+                }
+                catch {
+                    // Unknown status if receipt method unavailable
+                    return { status: null };
+                }
+            },
+        };
+    }
+}
+//# sourceMappingURL=cdp.js.map

package/dist/cdp.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"cdp.js","sourceRoot":"","sources":["../src/cdp.ts"],"names":[],"mappings":"AAEA;;;;GAIG;AACH,MAAM,OAAO,eAAe;IAC1B,0FAA0F;IAClF,QAAQ,CAAM;IAEtB,YAAoB,QAAa;QAC/B,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;IAC3B,CAAC;IAED;;;;OAIG;IACH,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,IAMnB;QACC,IAAI,oBAAyB,CAAC;QAC9B,IAAI,CAAC;YACH,8DAA8D;YAC9D,MAAM,GAAG,GAAG,MAAM,MAAM,CAAC,oBAAoB,CAAC,CAAC;YAC/C,oBAAoB,GAAG,GAAG,CAAC,oBAAoB,CAAC;QAClD,CAAC;QAAC,MAAM,CAAC;YACP,MAAM,IAAI,KAAK,CACb,sGAAsG,CACvG,CAAC;QACJ,CAAC;QAED,MAAM,MAAM,GAAQ;YAClB,QAAQ,EAAE,IAAI,EAAE,QAAQ,IAAI,OAAO,CAAC,GAAG,CAAC,cAAc;YACtD,YAAY,EAAE,IAAI,EAAE,YAAY,IAAI,OAAO,CAAC,GAAG,CAAC,kBAAkB;YAClE,YAAY,EAAE,IAAI,EAAE,YAAY,IAAI,OAAO,CAAC,GAAG,CAAC,iBAAiB;YACjE,SAAS,EAAE,IAAI,EAAE,SAAS,IAAI,OAAO,CAAC,GAAG,CAAC,cAAc,IAAI,cAAc;SAC3E,CAAC;QAEF,MAAM,OAAO,GAAG,IAAI,EAAE,OAAO,IAAI,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC;QAChE,IAAI,OAAO,EAAE,CAAC;YACZ,MAAM,CAAC,OAAO,GAAG,OAAO,CAAC;QAC3B,CAAC;QAED,MAAM,QAAQ,GAAG,MAAM,oBAAoB,CAAC,mBAAmB,CAAC,MAAM,CAAC,CAAC;QACxE,OAAO,IAAI,eAAe,CAAC,QAAQ,CAAC,CAAC;IACvC,CAAC;IAED,UAAU;QACR,OAAO,IAAI,CAAC,QAAQ,CAAC,UAAU,EAAE,CAAC;IACpC,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,OAAmB;QACnC,OAAO,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;IAC5C,CAAC;IAED,KAAK,CAAC,aAAa,CACjB,MAAqF,EACrF,KAA4D,EAC5D,OAAgC;QAEhC,uDAAuD;QACvD,2EAA2E;QAC3E,6EAA6E;QAC7E,MAAM,WAAW,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,KAAK,cAAc,CAAC,IAAI,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;QAEhG,OAAO,IAAI,CAAC,QAAQ,CAAC,aAAa,CAAC;YACjC,MAAM;YACN,KAAK,EAAE;gBACL,GAAG,KAAK;gBACR,YAAY,EAAE;oBACZ,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE;oBAChC,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE,QAAQ,EAAE;oBACnC,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE,SAAS,EAAE;oBACpC,EAAE,IAAI,EAAE,mBAAmB,EAAE,IAAI,EAAE,SAAS,EAAE;iBAC/C;aACF;YACD,WAAW;YACX,OAAO;SACR,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,eAAe,CAAC,EAIrB;QACC,sDAAsD;QACtD,MAAM,IAAI,GAAW,MAAM,IAAI,CAAC,QAAQ,CAAC,eAAe,CAAC;YACvD,EAAE,EAAE,EAAE,CAAC,EAAmB;YAC1B,IAAI,EAAE,EAAE,CAAC,IAAqB;YAC9B,KAAK,EAAE,EAAE,CAAC,KAAK,IAAI,EAAE;SACtB,CAAC,CAAC;QAEH,OAAO;YACL,IAAI;YACJ,IAAI,EAAE,KAAK,IAAI,EAAE;gBACf,wDAAwD;gBACxD,IAAI,CAAC;oBACH,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,yBAAyB,CAAC,IAAI,CAAC,CAAC;oBACpE,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,KAAK,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;gBAC3D,CAAC;gBAAC,MAAM,CAAC;oBACP,+CAA+C;oBAC/C,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC;gBAC1B,CAAC;YACH,CAAC;SACF,CAAC;IACJ,CAAC;CACF"}

package/dist/config.d.ts

@@ -0,0 +1,19 @@
+import type { ClientConfig } from './types.js';
+/**
+ * Create a client configuration with sensible defaults.
+ * Defaults to mainnet (production) settings.
+ *
+ * @param overrides - Optional overrides for any config field
+ * @returns Complete ClientConfig
+ *
+ * @example
+ * ```typescript
+ * // Mainnet (default)
+ * const config = createConfig();
+ *
+ * // Custom server URL
+ * const config = createConfig({ baseUrl: 'https://custom-server.example.com' });
+ * ```
+ */
+export declare function createConfig(overrides?: Partial<ClientConfig>): ClientConfig;
+//# sourceMappingURL=config.d.ts.map

package/dist/config.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,YAAY,CAAC;AAE/C;;;;;;;;;;;;;;;GAeG;AACH,wBAAgB,YAAY,CAAC,SAAS,CAAC,EAAE,OAAO,CAAC,YAAY,CAAC,GAAG,YAAY,CAO5E"}

package/dist/config.js

@@ -0,0 +1,25 @@
+/**
+ * Create a client configuration with sensible defaults.
+ * Defaults to mainnet (production) settings.
+ *
+ * @param overrides - Optional overrides for any config field
+ * @returns Complete ClientConfig
+ *
+ * @example
+ * ```typescript
+ * // Mainnet (default)
+ * const config = createConfig();
+ *
+ * // Custom server URL
+ * const config = createConfig({ baseUrl: 'https://custom-server.example.com' });
+ * ```
+ */
+export function createConfig(overrides) {
+    return {
+        baseUrl: 'https://ai.zkproofport.app',
+        easRpcUrl: 'https://mainnet.base.org',
+        easGraphqlUrl: 'https://base.easscan.org/graphql',
+        ...overrides,
+    };
+}
+//# sourceMappingURL=config.js.map

package/dist/config.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"config.js","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":"AAEA;;;;;;;;;;;;;;;GAeG;AACH,MAAM,UAAU,YAAY,CAAC,SAAiC;IAC5D,OAAO;QACL,OAAO,EAAE,4BAA4B;QACrC,SAAS,EAAE,0BAA0B;QACrC,aAAa,EAAE,kCAAkC;QACjD,GAAG,SAAS;KACb,CAAC;AACJ,CAAC"}

package/dist/constants.d.ts

@@ -0,0 +1,18 @@
+import type { CircuitId } from './types.js';
+export declare const CIRCUITS: Record<CircuitId, {
+    displayName: string;
+    easSchemaId: string;
+    functionSelector: string;
+}>;
+export declare const COINBASE_ATTESTER_CONTRACT = "0x357458739F90461b99789350868CD7CF330Dd7EE";
+export declare const AUTHORIZED_SIGNERS: string[];
+export declare const USDC_ADDRESSES: {
+    readonly 'base-sepolia': "0x036CbD53842c5426634e7929541eC2318f3dCF7e";
+    readonly base: "0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913";
+};
+export declare const DEFAULT_EAS_GRAPHQL = "https://base.easscan.org/graphql";
+export declare const DEFAULT_EAS_RPC = "https://mainnet.base.org";
+export declare const RAW_TX_PADDED_LENGTH = 300;
+export declare const MERKLE_PROOF_MAX_DEPTH = 8;
+export declare const COUNTRY_LIST_MAX_LENGTH = 10;
+//# sourceMappingURL=constants.d.ts.map

package/dist/constants.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"constants.d.ts","sourceRoot":"","sources":["../src/constants.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AAE5C,eAAO,MAAM,QAAQ,EAAE,MAAM,CAAC,SAAS,EAAE;IACvC,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IACpB,gBAAgB,EAAE,MAAM,CAAC;CAC1B,CAWA,CAAC;AAEF,eAAO,MAAM,0BAA0B,+CAA+C,CAAC;AAEvF,eAAO,MAAM,kBAAkB,UAK9B,CAAC;AAEF,eAAO,MAAM,cAAc;;;CAGjB,CAAC;AAEX,eAAO,MAAM,mBAAmB,qCAAqC,CAAC;AACtE,eAAO,MAAM,eAAe,6BAA6B,CAAC;AAE1D,eAAO,MAAM,oBAAoB,MAAM,CAAC;AACxC,eAAO,MAAM,sBAAsB,IAAI,CAAC;AACxC,eAAO,MAAM,uBAAuB,KAAK,CAAC"}

package/dist/constants.js

@@ -0,0 +1,29 @@
+export const CIRCUITS = {
+    coinbase_attestation: {
+        displayName: 'Coinbase KYC',
+        easSchemaId: '0xf8b05c79f090979bf4a80270aba232dff11a10d9ca55c4f88de95317970f0de9',
+        functionSelector: '0x56feed5e',
+    },
+    coinbase_country_attestation: {
+        displayName: 'Coinbase Country',
+        easSchemaId: '0x1801901fabd0e6189356b4fb52bb0ab855276d84f7ec140839fbd1f6801ca065',
+        functionSelector: '0x0a225248',
+    },
+};
+export const COINBASE_ATTESTER_CONTRACT = '0x357458739F90461b99789350868CD7CF330Dd7EE';
+export const AUTHORIZED_SIGNERS = [
+    '0x952f32128AF084422539C4Ff96df5C525322E564',
+    '0x8844591D47F17bcA6F5dF8f6B64F4a739F1C0080',
+    '0x88fe64ea2e121f49bb77abea6c0a45e93638c3c5',
+    '0x44ace9abb148e8412ac4492e9a1ae6bd88226803',
+];
+export const USDC_ADDRESSES = {
+    'base-sepolia': '0x036CbD53842c5426634e7929541eC2318f3dCF7e',
+    'base': '0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913',
+};
+export const DEFAULT_EAS_GRAPHQL = 'https://base.easscan.org/graphql';
+export const DEFAULT_EAS_RPC = 'https://mainnet.base.org';
+export const RAW_TX_PADDED_LENGTH = 300;
+export const MERKLE_PROOF_MAX_DEPTH = 8;
+export const COUNTRY_LIST_MAX_LENGTH = 10;
+//# sourceMappingURL=constants.js.map

package/dist/constants.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"constants.js","sourceRoot":"","sources":["../src/constants.ts"],"names":[],"mappings":"AAEA,MAAM,CAAC,MAAM,QAAQ,GAIhB;IACH,oBAAoB,EAAE;QACpB,WAAW,EAAE,cAAc;QAC3B,WAAW,EAAE,oEAAoE;QACjF,gBAAgB,EAAE,YAAY;KAC/B;IACD,4BAA4B,EAAE;QAC5B,WAAW,EAAE,kBAAkB;QAC/B,WAAW,EAAE,oEAAoE;QACjF,gBAAgB,EAAE,YAAY;KAC/B;CACF,CAAC;AAEF,MAAM,CAAC,MAAM,0BAA0B,GAAG,4CAA4C,CAAC;AAEvF,MAAM,CAAC,MAAM,kBAAkB,GAAG;IAChC,4CAA4C;IAC5C,4CAA4C;IAC5C,4CAA4C;IAC5C,4CAA4C;CAC7C,CAAC;AAEF,MAAM,CAAC,MAAM,cAAc,GAAG;IAC5B,cAAc,EAAE,4CAA4C;IAC5D,MAAM,EAAE,4CAA4C;CAC5C,CAAC;AAEX,MAAM,CAAC,MAAM,mBAAmB,GAAG,kCAAkC,CAAC;AACtE,MAAM,CAAC,MAAM,eAAe,GAAG,0BAA0B,CAAC;AAE1D,MAAM,CAAC,MAAM,oBAAoB,GAAG,GAAG,CAAC;AACxC,MAAM,CAAC,MAAM,sBAAsB,GAAG,CAAC,CAAC;AACxC,MAAM,CAAC,MAAM,uBAAuB,GAAG,EAAE,CAAC"}

package/dist/flow.d.ts

@@ -0,0 +1,19 @@
+import type { ClientConfig, ProofParams, ProofResult, StepResult } from './types.js';
+import type { ProofportSigner } from './signer.js';
+export interface FlowCallbacks {
+    onStep?: (step: StepResult) => void;
+}
+/**
+ * Generate a ZK proof end-to-end using x402 single-step flow.
+ *
+ * @param config - Server URL and RPC endpoints
+ * @param signers - ProofportSigner for attestation (required) and payment (optional, defaults to attestation)
+ * @param params - Circuit name, scope, and optional country params
+ * @param callbacks - Optional callbacks for step progress
+ * @returns ProofResult with proof, publicInputs, payment info
+ */
+export declare function generateProof(config: ClientConfig, signers: {
+    attestation: ProofportSigner;
+    payment?: ProofportSigner;
+}, params: ProofParams, callbacks?: FlowCallbacks): Promise<ProofResult>;
+//# sourceMappingURL=flow.d.ts.map

package/dist/flow.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"flow.d.ts","sourceRoot":"","sources":["../src/flow.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EACV,YAAY,EAEZ,WAAW,EACX,WAAW,EACX,UAAU,EAEX,MAAM,YAAY,CAAC;AAMpB,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAGnD,MAAM,WAAW,aAAa;IAC5B,MAAM,CAAC,EAAE,CAAC,IAAI,EAAE,UAAU,KAAK,IAAI,CAAC;CACrC;AAED;;;;;;;;GAQG;AACH,wBAAsB,aAAa,CACjC,MAAM,EAAE,YAAY,EACpB,OAAO,EAAE;IAAE,WAAW,EAAE,eAAe,CAAC;IAAC,OAAO,CAAC,EAAE,eAAe,CAAA;CAAE,EACpE,MAAM,EAAE,WAAW,EACnB,SAAS,CAAC,EAAE,aAAa,GACxB,OAAO,CAAC,WAAW,CAAC,CA0EtB"}

package/dist/flow.js

@@ -0,0 +1,82 @@
+import { ethers } from 'ethers';
+import { CIRCUIT_NAME_MAP } from './types.js';
+import { requestChallenge } from './session.js';
+import { prepareInputs, computeSignalHash } from './inputs.js';
+import { makePayment } from './payment.js';
+import { submitProof } from './prove.js';
+import { USDC_ADDRESSES } from './constants.js';
+/**
+ * Generate a ZK proof end-to-end using x402 single-step flow.
+ *
+ * @param config - Server URL and RPC endpoints
+ * @param signers - ProofportSigner for attestation (required) and payment (optional, defaults to attestation)
+ * @param params - Circuit name, scope, and optional country params
+ * @param callbacks - Optional callbacks for step progress
+ * @returns ProofResult with proof, publicInputs, payment info
+ */
+export async function generateProof(config, signers, params, callbacks) {
+    const circuitId = CIRCUIT_NAME_MAP[params.circuit];
+    const scope = params.scope || 'proofport';
+    const paymentSigner = signers.payment || signers.attestation;
+    const steps = [];
+    function recordStep(step, name, data, startTime) {
+        const result = { step, name, data, durationMs: Date.now() - startTime };
+        steps.push(result);
+        callbacks?.onStep?.(result);
+        return data;
+    }
+    // Step 1: Sign signal hash with attestation signer
+    let t = Date.now();
+    const attestationAddress = await signers.attestation.getAddress();
+    const signalHash = computeSignalHash(attestationAddress, scope, circuitId);
+    const signalHashHex = ethers.hexlify(signalHash);
+    const signature = await signers.attestation.signMessage(signalHash);
+    recordStep(1, 'Sign Signal Hash', { signalHash: signalHashHex, signature }, t);
+    // Step 2: Prepare circuit inputs
+    t = Date.now();
+    const inputs = await prepareInputs(config, {
+        circuitId,
+        userAddress: attestationAddress,
+        userSignature: signature,
+        scope,
+        countryList: params.countryList,
+        isIncluded: params.isIncluded,
+    });
+    recordStep(2, 'Prepare Inputs', inputs, t);
+    // Step 3: Request 402 challenge (POST /prove without payment headers)
+    t = Date.now();
+    const challenge = await requestChallenge(config, params.circuit, inputs);
+    recordStep(3, 'Request Challenge', challenge, t);
+    // Step 4: Make payment
+    t = Date.now();
+    const network = challenge.payment.network;
+    const paymentInfo = {
+        nonce: challenge.nonce,
+        recipient: challenge.payment.payTo,
+        amount: parseInt(challenge.payment.maxAmountRequired),
+        asset: USDC_ADDRESSES[network],
+        network: challenge.payment.network,
+        instruction: challenge.payment.description,
+    };
+    const paymentTxHash = await makePayment(paymentSigner, paymentInfo);
+    recordStep(4, 'Make Payment', { txHash: paymentTxHash }, t);
+    // Step 5: Submit proof with payment headers
+    t = Date.now();
+    const proveResponse = await submitProof(config, {
+        circuit: params.circuit,
+        inputs,
+        paymentTxHash,
+        paymentNonce: challenge.nonce,
+    });
+    recordStep(5, 'Generate Proof', proveResponse, t);
+    return {
+        proof: proveResponse.proof,
+        publicInputs: proveResponse.publicInputs,
+        proofWithInputs: proveResponse.proofWithInputs,
+        paymentTxHash,
+        attestation: proveResponse.attestation,
+        timing: proveResponse.timing,
+        verification: proveResponse.verification,
+    };
+}
+//# sourceMappingURL=flow.js.map

package/dist/flow.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"flow.js","sourceRoot":"","sources":["../src/flow.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAShC,OAAO,EAAE,gBAAgB,EAAE,MAAM,YAAY,CAAC;AAC9C,OAAO,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAC;AAChD,OAAO,EAAE,aAAa,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAC;AAC/D,OAAO,EAAE,WAAW,EAAE,MAAM,cAAc,CAAC;AAC3C,OAAO,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAEzC,OAAO,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAC;AAMhD;;;;;;;;GAQG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CACjC,MAAoB,EACpB,OAAoE,EACpE,MAAmB,EACnB,SAAyB;IAEzB,MAAM,SAAS,GAAc,gBAAgB,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IAC9D,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,IAAI,WAAW,CAAC;IAE1C,MAAM,aAAa,GAAG,OAAO,CAAC,OAAO,IAAI,OAAO,CAAC,WAAW,CAAC;IAE7D,MAAM,KAAK,GAAiB,EAAE,CAAC;IAC/B,SAAS,UAAU,CAAI,IAAY,EAAE,IAAY,EAAE,IAAO,EAAE,SAAiB;QAC3E,MAAM,MAAM,GAAkB,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,EAAE,CAAC;QACvF,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACnB,SAAS,EAAE,MAAM,EAAE,CAAC,MAAM,CAAC,CAAC;QAC5B,OAAO,IAAI,CAAC;IACd,CAAC;IAED,mDAAmD;IACnD,IAAI,CAAC,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IACnB,MAAM,kBAAkB,GAAG,MAAM,OAAO,CAAC,WAAW,CAAC,UAAU,EAAE,CAAC;IAClE,MAAM,UAAU,GAAG,iBAAiB,CAAC,kBAAkB,EAAE,KAAK,EAAE,SAAS,CAAC,CAAC;IAC3E,MAAM,aAAa,GAAG,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IACjD,MAAM,SAAS,GAAG,MAAM,OAAO,CAAC,WAAW,CAAC,WAAW,CAAC,UAAU,CAAC,CAAC;IACpE,UAAU,CAAC,CAAC,EAAE,kBAAkB,EAAE,EAAE,UAAU,EAAE,aAAa,EAAE,SAAS,EAAE,EAAE,CAAC,CAAC,CAAC;IAE/E,iCAAiC;IACjC,CAAC,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IACf,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,MAAM,EAAE;QACzC,SAAS;QACT,WAAW,EAAE,kBAAkB;QAC/B,aAAa,EAAE,SAAS;QACxB,KAAK;QACL,WAAW,EAAE,MAAM,CAAC,WAAW;QAC/B,UAAU,EAAE,MAAM,CAAC,UAAU;KAC9B,CAAC,CAAC;IACH,UAAU,CAAC,CAAC,EAAE,gBAAgB,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC;IAE3C,sEAAsE;IACtE,CAAC,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IACf,MAAM,SAAS,GAAG,MAAM,gBAAgB,CAAC,MAAM,EAAE,MAAM,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;IACzE,UAAU,CAAC,CAAC,EAAE,mBAAmB,EAAE,SAAS,EAAE,CAAC,CAAC,CAAC;IAEjD,uBAAuB;IACvB,CAAC,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IACf,MAAM,OAAO,GAAG,SAAS,CAAC,OAAO,CAAC,OAAiB,CAAC;IAEpD,MAAM,WAAW,GAAgB;QAC/B,KAAK,EAAE,SAAS,CAAC,KAAK;QACtB,SAAS,EAAE,SAAS,CAAC,OAAO,CAAC,KAAK;QAClC,MAAM,EAAE,QAAQ,CAAC,SAAS,CAAC,OAAO,CAAC,iBAAiB,CAAC;QACrD,KAAK,EAAE,cAAc,CAAC,OAAsC,CAAC;QAC7D,OAAO,EAAE,SAAS,CAAC,OAAO,CAAC,OAAO;QAClC,WAAW,EAAE,SAAS,CAAC,OAAO,CAAC,WAAW;KAC3C,CAAC;IAEF,MAAM,aAAa,GAAG,MAAM,WAAW,CAAC,aAAa,EAAE,WAAW,CAAC,CAAC;IACpE,UAAU,CAAC,CAAC,EAAE,cAAc,EAAE,EAAE,MAAM,EAAE,aAAa,EAAE,EAAE,CAAC,CAAC,CAAC;IAE5D,4CAA4C;IAC5C,CAAC,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IACf,MAAM,aAAa,GAAG,MAAM,WAAW,CAAC,MAAM,EAAE;QAC9C,OAAO,EAAE,MAAM,CAAC,OAAO;QACvB,MAAM;QACN,aAAa;QACb,YAAY,EAAE,SAAS,CAAC,KAAK;KAC9B,CAAC,CAAC;IACH,UAAU,CAAC,CAAC,EAAE,gBAAgB,EAAE,aAAa,EAAE,CAAC,CAAC,CAAC;IAElD,OAAO;QACL,KAAK,EAAE,aAAa,CAAC,KAAK;QAC1B,YAAY,EAAE,aAAa,CAAC,YAAY;QACxC,eAAe,EAAE,aAAa,CAAC,eAAe;QAC9C,aAAa;QACb,WAAW,EAAE,aAAa,CAAC,WAAW;QACtC,MAAM,EAAE,aAAa,CAAC,MAAM;QAC5B,YAAY,EAAE,aAAa,CAAC,YAAY;KACzC,CAAC;AACJ,CAAC"}

package/dist/index.d.ts

@@ -0,0 +1,17 @@
+export type { ClientConfig, CircuitName, CircuitId, PaymentInfo, PaymentRequirements, ChallengeResponse, ProveInputs, ProveRequest, ProveResponse, VerifyResult, EASAttestation, AttestationData, ProofParams, ProofResult, StepResult, } from './types.js';
+export { CIRCUIT_NAME_MAP, CIRCUIT_ID_MAP } from './types.js';
+export { CIRCUITS, COINBASE_ATTESTER_CONTRACT, AUTHORIZED_SIGNERS, USDC_ADDRESSES, } from './constants.js';
+export { createConfig } from './config.js';
+export { generateProof } from './flow.js';
+export type { FlowCallbacks } from './flow.js';
+export { requestChallenge, createSession } from './session.js';
+export { makePayment } from './payment.js';
+export { submitProof } from './prove.js';
+export { verifyOnChain, verifyProof } from './verify.js';
+export { prepareInputs, computeSignalHash, computeScope, computeNullifier, recoverUserPubkey, hexToBytes, extractPubkeyCoordinates, } from './inputs.js';
+export type { ProofportSigner } from './signer.js';
+export { EthersWalletSigner, fromEthersWallet, fromPrivateKey } from './signer.js';
+export { CdpWalletSigner } from './cdp.js';
+export { fetchAttestation, fetchAttestationFromEAS, fetchRawTransaction, recoverAttesterPubkey, getSignerAddress, } from './attestation.js';
+export { SimpleMerkleTree, findSignerIndex, buildSignerMerkleTree, } from './merkle.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AACA,YAAY,EACV,YAAY,EACZ,WAAW,EACX,SAAS,EACT,WAAW,EACX,mBAAmB,EACnB,iBAAiB,EACjB,WAAW,EACX,YAAY,EACZ,aAAa,EACb,YAAY,EACZ,cAAc,EACd,eAAe,EACf,WAAW,EACX,WAAW,EACX,UAAU,GACX,MAAM,YAAY,CAAC;AAEpB,OAAO,EAAE,gBAAgB,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AAG9D,OAAO,EACL,QAAQ,EACR,0BAA0B,EAC1B,kBAAkB,EAClB,cAAc,GACf,MAAM,gBAAgB,CAAC;AAGxB,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAG3C,OAAO,EAAE,aAAa,EAAE,MAAM,WAAW,CAAC;AAC1C,YAAY,EAAE,aAAa,EAAE,MAAM,WAAW,CAAC;AAG/C,OAAO,EAAE,gBAAgB,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAC/D,OAAO,EAAE,WAAW,EAAE,MAAM,cAAc,CAAC;AAC3C,OAAO,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AACzC,OAAO,EAAE,aAAa,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAGzD,OAAO,EACL,aAAa,EACb,iBAAiB,EACjB,YAAY,EACZ,gBAAgB,EAChB,iBAAiB,EACjB,UAAU,EACV,wBAAwB,GACzB,MAAM,aAAa,CAAC;AAGrB,YAAY,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AACnD,OAAO,EAAE,kBAAkB,EAAE,gBAAgB,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAGnF,OAAO,EAAE,eAAe,EAAE,MAAM,UAAU,CAAC;AAG3C,OAAO,EACL,gBAAgB,EAChB,uBAAuB,EACvB,mBAAmB,EACnB,qBAAqB,EACrB,gBAAgB,GACjB,MAAM,kBAAkB,CAAC;AAG1B,OAAO,EACL,gBAAgB,EAChB,eAAe,EACf,qBAAqB,GACtB,MAAM,aAAa,CAAC"}

package/dist/index.js

@@ -0,0 +1,22 @@
+export { CIRCUIT_NAME_MAP, CIRCUIT_ID_MAP } from './types.js';
+// Constants
+export { CIRCUITS, COINBASE_ATTESTER_CONTRACT, AUTHORIZED_SIGNERS, USDC_ADDRESSES, } from './constants.js';
+// Configuration
+export { createConfig } from './config.js';
+// Flow (main entry point)
+export { generateProof } from './flow.js';
+// Individual steps (for step-by-step usage)
+export { requestChallenge, createSession } from './session.js';
+export { makePayment } from './payment.js';
+export { submitProof } from './prove.js';
+export { verifyOnChain, verifyProof } from './verify.js';
+// Input computation
+export { prepareInputs, computeSignalHash, computeScope, computeNullifier, recoverUserPubkey, hexToBytes, extractPubkeyCoordinates, } from './inputs.js';
+export { EthersWalletSigner, fromEthersWallet, fromPrivateKey } from './signer.js';
+// CDP (Coinbase Developer Platform) signer
+export { CdpWalletSigner } from './cdp.js';
+// Attestation
+export { fetchAttestation, fetchAttestationFromEAS, fetchRawTransaction, recoverAttesterPubkey, getSignerAddress, } from './attestation.js';
+// Merkle
+export { SimpleMerkleTree, findSignerIndex, buildSignerMerkleTree, } from './merkle.js';
+//# sourceMappingURL=index.js.map