@zkproofport-ai/sdk 0.1.1 → 0.1.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +127 -21
- package/dist/cdp.d.ts +114 -16
- package/dist/cdp.d.ts.map +1 -1
- package/dist/cdp.js +64 -75
- package/dist/cdp.js.map +1 -1
- package/dist/constants.d.ts +4 -4
- package/dist/constants.d.ts.map +1 -1
- package/dist/constants.js +4 -0
- package/dist/constants.js.map +1 -1
- package/dist/flow.d.ts.map +1 -1
- package/dist/flow.js +46 -24
- package/dist/flow.js.map +1 -1
- package/dist/index.d.ts +6 -9
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +6 -12
- package/dist/index.js.map +1 -1
- package/dist/oidc-inputs.d.ts +60 -0
- package/dist/oidc-inputs.d.ts.map +1 -0
- package/dist/oidc-inputs.js +296 -0
- package/dist/oidc-inputs.js.map +1 -0
- package/dist/payment.d.ts +3 -1
- package/dist/payment.d.ts.map +1 -1
- package/dist/payment.js +7 -4
- package/dist/payment.js.map +1 -1
- package/dist/prove.d.ts +2 -2
- package/dist/prove.d.ts.map +1 -1
- package/dist/types.d.ts +14 -3
- package/dist/types.d.ts.map +1 -1
- package/dist/types.js +2 -0
- package/dist/types.js.map +1 -1
- package/package.json +1 -1
package/dist/flow.js
CHANGED
|
@@ -4,7 +4,7 @@ import { requestChallenge } from './session.js';
|
|
|
4
4
|
import { prepareInputs, computeSignalHash } from './inputs.js';
|
|
5
5
|
import { makePayment } from './payment.js';
|
|
6
6
|
import { submitProof, submitEncryptedProof } from './prove.js';
|
|
7
|
-
import { USDC_ADDRESSES } from './constants.js';
|
|
7
|
+
import { CIRCUITS, USDC_ADDRESSES } from './constants.js';
|
|
8
8
|
import { encryptForTee } from './tee.js';
|
|
9
9
|
import { buildProverToml } from './toml.js';
|
|
10
10
|
/**
|
|
@@ -25,6 +25,7 @@ export async function generateProof(config, signers, params, callbacks) {
|
|
|
25
25
|
const circuitId = CIRCUIT_NAME_MAP[params.circuit];
|
|
26
26
|
const scope = params.scope || 'proofport';
|
|
27
27
|
const paymentSigner = signers.payment || signers.attestation;
|
|
28
|
+
const isOidc = CIRCUITS[circuitId]?.inputType === 'oidc';
|
|
28
29
|
const steps = [];
|
|
29
30
|
function recordStep(step, name, data, startTime) {
|
|
30
31
|
const result = { step, name, data, durationMs: Date.now() - startTime };
|
|
@@ -32,27 +33,37 @@ export async function generateProof(config, signers, params, callbacks) {
|
|
|
32
33
|
callbacks?.onStep?.(result);
|
|
33
34
|
return data;
|
|
34
35
|
}
|
|
35
|
-
//
|
|
36
|
-
let
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
36
|
+
// Steps 1-2: EAS attestation path (skipped for OIDC circuits)
|
|
37
|
+
let easInputs;
|
|
38
|
+
let proverToml;
|
|
39
|
+
if (!isOidc) {
|
|
40
|
+
// Step 1: Sign signal hash
|
|
41
|
+
let t = Date.now();
|
|
42
|
+
const attestationAddress = await signers.attestation.getAddress();
|
|
43
|
+
const signalHash = computeSignalHash(attestationAddress, scope, circuitId);
|
|
44
|
+
const signalHashHex = ethers.hexlify(signalHash);
|
|
45
|
+
const signature = await signers.attestation.signMessage(signalHash);
|
|
46
|
+
recordStep(1, 'Sign Signal Hash', { signalHash: signalHashHex, signature }, t);
|
|
47
|
+
// Step 2: Prepare inputs + build proverToml locally
|
|
48
|
+
t = Date.now();
|
|
49
|
+
easInputs = await prepareInputs(config, {
|
|
50
|
+
circuitId,
|
|
51
|
+
userAddress: attestationAddress,
|
|
52
|
+
userSignature: signature,
|
|
53
|
+
scope,
|
|
54
|
+
countryList: params.countryList,
|
|
55
|
+
isIncluded: params.isIncluded,
|
|
56
|
+
});
|
|
57
|
+
proverToml = buildProverToml(circuitId, easInputs);
|
|
58
|
+
recordStep(2, 'Prepare Inputs', { inputFields: Object.keys(easInputs).length, tomlLength: proverToml.length }, t);
|
|
59
|
+
}
|
|
60
|
+
else {
|
|
61
|
+
// OIDC path: skip EAS attestation steps; server handles all input computation
|
|
62
|
+
recordStep(1, 'Sign Signal Hash', { skipped: true, reason: 'oidc' }, Date.now());
|
|
63
|
+
recordStep(2, 'Prepare Inputs', { skipped: true, reason: 'oidc' }, Date.now());
|
|
64
|
+
}
|
|
54
65
|
// Step 3: Request 402 challenge (without inputs — server only needs circuit)
|
|
55
|
-
t = Date.now();
|
|
66
|
+
let t = Date.now();
|
|
56
67
|
const challenge = await requestChallenge(config, params.circuit);
|
|
57
68
|
const isE2E = !!challenge.teePublicKey;
|
|
58
69
|
recordStep(3, 'Request Challenge', { nonce: challenge.nonce, e2e: isE2E, keyId: challenge.teePublicKey?.keyId ?? null }, t);
|
|
@@ -67,12 +78,23 @@ export async function generateProof(config, signers, params, callbacks) {
|
|
|
67
78
|
network: challenge.payment.network,
|
|
68
79
|
instruction: challenge.payment.description,
|
|
69
80
|
};
|
|
70
|
-
const paymentTxHash = await makePayment(paymentSigner, paymentInfo);
|
|
81
|
+
const paymentTxHash = await makePayment(paymentSigner, paymentInfo, config.facilitatorUrl || challenge.facilitatorUrl, config.facilitatorHeaders);
|
|
71
82
|
recordStep(4, 'Make Payment', { txHash: paymentTxHash }, t);
|
|
72
83
|
// Step 5: Submit proof (encrypted or plaintext based on TEE availability)
|
|
73
84
|
t = Date.now();
|
|
74
85
|
let proveResponse;
|
|
75
|
-
if (
|
|
86
|
+
if (isOidc) {
|
|
87
|
+
// OIDC path: pass JWT and scope directly; server calls prepareOidcInputs internally
|
|
88
|
+
const oidcInputs = { jwt: params.jwt, scope_string: scope };
|
|
89
|
+
proveResponse = await submitProof(config, {
|
|
90
|
+
circuit: params.circuit,
|
|
91
|
+
inputs: oidcInputs,
|
|
92
|
+
paymentTxHash,
|
|
93
|
+
paymentNonce: challenge.nonce,
|
|
94
|
+
});
|
|
95
|
+
recordStep(5, 'Generate Proof (OIDC)', proveResponse, t);
|
|
96
|
+
}
|
|
97
|
+
else if (isE2E) {
|
|
76
98
|
// E2E path: encrypt inputs with TEE's attested public key
|
|
77
99
|
const encryptedPayload = encryptForTee(JSON.stringify({ circuitId, proverToml }), challenge.teePublicKey.publicKey);
|
|
78
100
|
proveResponse = await submitEncryptedProof(config, {
|
|
@@ -87,7 +109,7 @@ export async function generateProof(config, signers, params, callbacks) {
|
|
|
87
109
|
// Standard path: send plaintext inputs (TEE disabled / local dev)
|
|
88
110
|
proveResponse = await submitProof(config, {
|
|
89
111
|
circuit: params.circuit,
|
|
90
|
-
inputs,
|
|
112
|
+
inputs: easInputs,
|
|
91
113
|
paymentTxHash,
|
|
92
114
|
paymentNonce: challenge.nonce,
|
|
93
115
|
});
|
package/dist/flow.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"flow.js","sourceRoot":"","sources":["../src/flow.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;
|
|
1
|
+
{"version":3,"file":"flow.js","sourceRoot":"","sources":["../src/flow.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAUhC,OAAO,EAAE,gBAAgB,EAAE,MAAM,YAAY,CAAC;AAC9C,OAAO,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAC;AAChD,OAAO,EAAE,aAAa,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAC;AAC/D,OAAO,EAAE,WAAW,EAAE,MAAM,cAAc,CAAC;AAC3C,OAAO,EAAE,WAAW,EAAE,oBAAoB,EAAE,MAAM,YAAY,CAAC;AAE/D,OAAO,EAAE,QAAQ,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAC;AAC1D,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AACzC,OAAO,EAAE,eAAe,EAAE,MAAM,WAAW,CAAC;AAM5C;;;;;;;;;;;;;GAaG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CACjC,MAAoB,EACpB,OAAoE,EACpE,MAAmB,EACnB,SAAyB;IAEzB,MAAM,SAAS,GAAc,gBAAgB,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IAC9D,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,IAAI,WAAW,CAAC;IAC1C,MAAM,aAAa,GAAG,OAAO,CAAC,OAAO,IAAI,OAAO,CAAC,WAAW,CAAC;IAC7D,MAAM,MAAM,GAAG,QAAQ,CAAC,SAAS,CAAC,EAAE,SAAS,KAAK,MAAM,CAAC;IAEzD,MAAM,KAAK,GAAiB,EAAE,CAAC;IAC/B,SAAS,UAAU,CAAI,IAAY,EAAE,IAAY,EAAE,IAAO,EAAE,SAAiB;QAC3E,MAAM,MAAM,GAAkB,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,EAAE,CAAC;QACvF,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACnB,SAAS,EAAE,MAAM,EAAE,CAAC,MAAM,CAAC,CAAC;QAC5B,OAAO,IAAI,CAAC;IACd,CAAC;IAED,8DAA8D;IAC9D,IAAI,SAAgE,CAAC;IACrE,IAAI,UAA8B,CAAC;IAEnC,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,2BAA2B;QAC3B,IAAI,CAAC,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACnB,MAAM,kBAAkB,GAAG,MAAM,OAAO,CAAC,WAAW,CAAC,UAAU,EAAE,CAAC;QAClE,MAAM,UAAU,GAAG,iBAAiB,CAAC,kBAAkB,EAAE,KAAK,EAAE,SAAS,CAAC,CAAC;QAC3E,MAAM,aAAa,GAAG,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;QACjD,MAAM,SAAS,GAAG,MAAM,OAAO,CAAC,WAAW,CAAC,WAAW,CAAC,UAAU,CAAC,CAAC;QACpE,UAAU,CAAC,CAAC,EAAE,kBAAkB,EAAE,EAAE,UAAU,EAAE,aAAa,EAAE,SAAS,EAAE,EAAE,CAAC,CAAC,CAAC;QAE/E,oDAAoD;QACpD,CAAC,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACf,SAAS,GAAG,MAAM,aAAa,CAAC,MAAM,EAAE;YACtC,SAAS;YACT,WAAW,EAAE,kBAAkB;YAC/B,aAAa,EAAE,SAAS;YACxB,KAAK;YACL,WAAW,EAAE,MAAM,CAAC,WAAW;YAC/B,UAAU,EAAE,MAAM,CAAC,UAAU;SAC9B,CAAC,CAAC;QACH,UAAU,GAAG,eAAe,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC;QACnD,UAAU,CAAC,CAAC,EAAE,gBAAgB,EAAE,EAAE,WAAW,EAAE,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,MAAM,EAAE,UAAU,EAAE,UAAU,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC,CAAC;IACpH,CAAC;SAAM,CAAC;QACN,8EAA8E;QAC9E,UAAU,CAAC,CAAC,EAAE,kBAAkB,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,EAAE,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;QACjF,UAAU,CAAC,CAAC,EAAE,gBAAgB,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,EAAE,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;IACjF,CAAC;IAED,6EAA6E;IAC7E,IAAI,CAAC,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IACnB,MAAM,SAAS,GAAG,MAAM,gBAAgB,CAAC,MAAM,EAAE,MAAM,CAAC,OAAO,CAAC,CAAC;IACjE,MAAM,KAAK,GAAG,CAAC,CAAC,SAAS,CAAC,YAAY,CAAC;IACvC,UAAU,CAAC,CAAC,EAAE,mBAAmB,EAAE,EAAE,KAAK,EAAE,SAAS,CAAC,KAAK,EAAE,GAAG,EAAE,KAAK,EAAE,KAAK,EAAE,SAAS,CAAC,YAAY,EAAE,KAAK,IAAI,IAAI,EAAE,EAAE,CAAC,CAAC,CAAC;IAE5H,uBAAuB;IACvB,CAAC,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IACf,MAAM,OAAO,GAAG,SAAS,CAAC,OAAO,CAAC,OAAiB,CAAC;IACpD,MAAM,WAAW,GAAgB;QAC/B,KAAK,EAAE,SAAS,CAAC,KAAK;QACtB,SAAS,EAAE,SAAS,CAAC,OAAO,CAAC,KAAK;QAClC,MAAM,EAAE,QAAQ,CAAC,SAAS,CAAC,OAAO,CAAC,iBAAiB,CAAC;QACrD,KAAK,EAAE,cAAc,CAAC,OAAsC,CAAC;QAC7D,OAAO,EAAE,SAAS,CAAC,OAAO,CAAC,OAAO;QAClC,WAAW,EAAE,SAAS,CAAC,OAAO,CAAC,WAAW;KAC3C,CAAC;IACF,MAAM,aAAa,GAAG,MAAM,WAAW,CACrC,aAAa,EACb,WAAW,EACX,MAAM,CAAC,cAAc,IAAI,SAAS,CAAC,cAAc,EACjD,MAAM,CAAC,kBAAkB,CAC1B,CAAC;IACF,UAAU,CAAC,CAAC,EAAE,cAAc,EAAE,EAAE,MAAM,EAAE,aAAa,EAAE,EAAE,CAAC,CAAC,CAAC;IAE5D,0EAA0E;IAC1E,CAAC,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IACf,IAAI,aAAa,CAAC;IAElB,IAAI,MAAM,EAAE,CAAC;QACX,oFAAoF;QACpF,MAAM,UAAU,GAAoB,EAAE,GAAG,EAAE,MAAM,CAAC,GAAG,EAAE,YAAY,EAAE,KAAK,EAAE,CAAC;QAC7E,aAAa,GAAG,MAAM,WAAW,CAAC,MAAM,EAAE;YACxC,OAAO,EAAE,MAAM,CAAC,OAAO;YACvB,MAAM,EAAE,UAAU;YAClB,aAAa;YACb,YAAY,EAAE,SAAS,CAAC,KAAK;SAC9B,CAAC,CAAC;QACH,UAAU,CAAC,CAAC,EAAE,uBAAuB,EAAE,aAAa,EAAE,CAAC,CAAC,CAAC;IAC3D,CAAC;SAAM,IAAI,KAAK,EAAE,CAAC;QACjB,0DAA0D;QAC1D,MAAM,gBAAgB,GAAG,aAAa,CACpC,IAAI,CAAC,SAAS,CAAC,EAAE,SAAS,EAAE,UAAU,EAAE,CAAC,EACzC,SAAS,CAAC,YAAa,CAAC,SAAS,CAClC,CAAC;QACF,aAAa,GAAG,MAAM,oBAAoB,CAAC,MAAM,EAAE;YACjD,OAAO,EAAE,MAAM,CAAC,OAAO;YACvB,gBAAgB;YAChB,aAAa;YACb,YAAY,EAAE,SAAS,CAAC,KAAK;SAC9B,CAAC,CAAC;QACH,UAAU,CAAC,CAAC,EAAE,gCAAgC,EAAE,aAAa,EAAE,CAAC,CAAC,CAAC;IACpE,CAAC;SAAM,CAAC;QACN,kEAAkE;QAClE,aAAa,GAAG,MAAM,WAAW,CAAC,MAAM,EAAE;YACxC,OAAO,EAAE,MAAM,CAAC,OAAO;YACvB,MAAM,EAAE,SAAU;YAClB,aAAa;YACb,YAAY,EAAE,SAAS,CAAC,KAAK;SAC9B,CAAC,CAAC;QACH,UAAU,CAAC,CAAC,EAAE,gBAAgB,EAAE,aAAa,EAAE,CAAC,CAAC,CAAC;IACpD,CAAC;IAED,OAAO;QACL,KAAK,EAAE,aAAa,CAAC,KAAK;QAC1B,YAAY,EAAE,aAAa,CAAC,YAAY;QACxC,eAAe,EAAE,aAAa,CAAC,eAAe;QAC9C,aAAa;QACb,WAAW,EAAE,aAAa,CAAC,WAAW;QACtC,MAAM,EAAE,aAAa,CAAC,MAAM;QAC5B,YAAY,EAAE,aAAa,CAAC,YAAY;KACzC,CAAC;AACJ,CAAC"}
|
package/dist/index.d.ts
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
export type { ClientConfig, CircuitName, CircuitId, PaymentInfo, PaymentRequirements, ChallengeResponse, ProveInputs, ProveRequest, ProveResponse, VerifyResult, EASAttestation, AttestationData, ProofParams, ProofResult, StepResult,
|
|
1
|
+
export type { ClientConfig, CircuitName, CircuitId, PaymentInfo, PaymentRequirements, ChallengeResponse, ProveInputs, OidcProveInputs, ProveRequest, ProveResponse, VerifyResult, EASAttestation, AttestationData, ProofParams, ProofResult, StepResult, } from './types.js';
|
|
2
2
|
export { CIRCUIT_NAME_MAP, CIRCUIT_ID_MAP } from './types.js';
|
|
3
3
|
export { CIRCUITS, COINBASE_ATTESTER_CONTRACT, AUTHORIZED_SIGNERS, USDC_ADDRESSES, } from './constants.js';
|
|
4
4
|
export { createConfig } from './config.js';
|
|
@@ -7,14 +7,11 @@ export type { FlowCallbacks } from './flow.js';
|
|
|
7
7
|
export { requestChallenge, createSession } from './session.js';
|
|
8
8
|
export { makePayment } from './payment.js';
|
|
9
9
|
export { submitProof, submitEncryptedProof } from './prove.js';
|
|
10
|
-
export {
|
|
11
|
-
export { prepareInputs, computeSignalHash, computeScope, computeNullifier,
|
|
12
|
-
export { buildProverToml } from './toml.js';
|
|
13
|
-
export { encryptForTee } from './tee.js';
|
|
14
|
-
export type { EncryptedEnvelope } from './tee.js';
|
|
10
|
+
export { verifyProof } from './verify.js';
|
|
11
|
+
export { prepareInputs, computeSignalHash, computeScope, computeNullifier, } from './inputs.js';
|
|
15
12
|
export type { ProofportSigner } from './signer.js';
|
|
16
13
|
export { EthersWalletSigner, fromEthersWallet, fromPrivateKey } from './signer.js';
|
|
17
|
-
export { CdpWalletSigner } from './cdp.js';
|
|
18
|
-
export {
|
|
19
|
-
export {
|
|
14
|
+
export { CdpWalletSigner, fromExternalWallet } from './cdp.js';
|
|
15
|
+
export type { ExternalWallet } from './cdp.js';
|
|
16
|
+
export { fetchAttestation, getSignerAddress, } from './attestation.js';
|
|
20
17
|
//# sourceMappingURL=index.d.ts.map
|
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AACA,YAAY,EACV,YAAY,EACZ,WAAW,EACX,SAAS,EACT,WAAW,EACX,mBAAmB,EACnB,iBAAiB,EACjB,WAAW,EACX,YAAY,EACZ,aAAa,EACb,YAAY,EACZ,cAAc,EACd,eAAe,EACf,WAAW,EACX,WAAW,EACX,UAAU,
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AACA,YAAY,EACV,YAAY,EACZ,WAAW,EACX,SAAS,EACT,WAAW,EACX,mBAAmB,EACnB,iBAAiB,EACjB,WAAW,EACX,eAAe,EACf,YAAY,EACZ,aAAa,EACb,YAAY,EACZ,cAAc,EACd,eAAe,EACf,WAAW,EACX,WAAW,EACX,UAAU,GACX,MAAM,YAAY,CAAC;AAEpB,OAAO,EAAE,gBAAgB,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AAG9D,OAAO,EACL,QAAQ,EACR,0BAA0B,EAC1B,kBAAkB,EAClB,cAAc,GACf,MAAM,gBAAgB,CAAC;AAGxB,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAG3C,OAAO,EAAE,aAAa,EAAE,MAAM,WAAW,CAAC;AAC1C,YAAY,EAAE,aAAa,EAAE,MAAM,WAAW,CAAC;AAG/C,OAAO,EAAE,gBAAgB,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAC/D,OAAO,EAAE,WAAW,EAAE,MAAM,cAAc,CAAC;AAC3C,OAAO,EAAE,WAAW,EAAE,oBAAoB,EAAE,MAAM,YAAY,CAAC;AAC/D,OAAO,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAG1C,OAAO,EACL,aAAa,EACb,iBAAiB,EACjB,YAAY,EACZ,gBAAgB,GACjB,MAAM,aAAa,CAAC;AAGrB,YAAY,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AACnD,OAAO,EAAE,kBAAkB,EAAE,gBAAgB,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAGnF,OAAO,EAAE,eAAe,EAAE,kBAAkB,EAAE,MAAM,UAAU,CAAC;AAC/D,YAAY,EAAE,cAAc,EAAE,MAAM,UAAU,CAAC;AAG/C,OAAO,EACL,gBAAgB,EAChB,gBAAgB,GACjB,MAAM,kBAAkB,CAAC"}
|
package/dist/index.js
CHANGED
|
@@ -9,18 +9,12 @@ export { generateProof } from './flow.js';
|
|
|
9
9
|
export { requestChallenge, createSession } from './session.js';
|
|
10
10
|
export { makePayment } from './payment.js';
|
|
11
11
|
export { submitProof, submitEncryptedProof } from './prove.js';
|
|
12
|
-
export {
|
|
13
|
-
// Input computation
|
|
14
|
-
export { prepareInputs, computeSignalHash, computeScope, computeNullifier,
|
|
15
|
-
// Prover.toml builder (for E2E encryption)
|
|
16
|
-
export { buildProverToml } from './toml.js';
|
|
17
|
-
// E2E Encryption
|
|
18
|
-
export { encryptForTee } from './tee.js';
|
|
12
|
+
export { verifyProof } from './verify.js';
|
|
13
|
+
// Input computation (customer-facing helpers)
|
|
14
|
+
export { prepareInputs, computeSignalHash, computeScope, computeNullifier, } from './inputs.js';
|
|
19
15
|
export { EthersWalletSigner, fromEthersWallet, fromPrivateKey } from './signer.js';
|
|
20
16
|
// CDP (Coinbase Developer Platform) signer
|
|
21
|
-
export { CdpWalletSigner } from './cdp.js';
|
|
22
|
-
// Attestation
|
|
23
|
-
export { fetchAttestation,
|
|
24
|
-
// Merkle
|
|
25
|
-
export { SimpleMerkleTree, findSignerIndex, buildSignerMerkleTree, } from './merkle.js';
|
|
17
|
+
export { CdpWalletSigner, fromExternalWallet } from './cdp.js';
|
|
18
|
+
// Attestation (customer-facing helpers)
|
|
19
|
+
export { fetchAttestation, getSignerAddress, } from './attestation.js';
|
|
26
20
|
//# sourceMappingURL=index.js.map
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAoBA,OAAO,EAAE,gBAAgB,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AAE9D,YAAY;AACZ,OAAO,EACL,QAAQ,EACR,0BAA0B,EAC1B,kBAAkB,EAClB,cAAc,GACf,MAAM,gBAAgB,CAAC;AAExB,gBAAgB;AAChB,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAE3C,0BAA0B;AAC1B,OAAO,EAAE,aAAa,EAAE,MAAM,WAAW,CAAC;AAG1C,4CAA4C;AAC5C,OAAO,EAAE,gBAAgB,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAC/D,OAAO,EAAE,WAAW,EAAE,MAAM,cAAc,CAAC;AAC3C,OAAO,EAAE,WAAW,EAAE,oBAAoB,EAAE,MAAM,YAAY,CAAC;AAC/D,OAAO,EAAE,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAoBA,OAAO,EAAE,gBAAgB,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AAE9D,YAAY;AACZ,OAAO,EACL,QAAQ,EACR,0BAA0B,EAC1B,kBAAkB,EAClB,cAAc,GACf,MAAM,gBAAgB,CAAC;AAExB,gBAAgB;AAChB,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAE3C,0BAA0B;AAC1B,OAAO,EAAE,aAAa,EAAE,MAAM,WAAW,CAAC;AAG1C,4CAA4C;AAC5C,OAAO,EAAE,gBAAgB,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAC/D,OAAO,EAAE,WAAW,EAAE,MAAM,cAAc,CAAC;AAC3C,OAAO,EAAE,WAAW,EAAE,oBAAoB,EAAE,MAAM,YAAY,CAAC;AAC/D,OAAO,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAE1C,8CAA8C;AAC9C,OAAO,EACL,aAAa,EACb,iBAAiB,EACjB,YAAY,EACZ,gBAAgB,GACjB,MAAM,aAAa,CAAC;AAIrB,OAAO,EAAE,kBAAkB,EAAE,gBAAgB,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAEnF,2CAA2C;AAC3C,OAAO,EAAE,eAAe,EAAE,kBAAkB,EAAE,MAAM,UAAU,CAAC;AAG/D,wCAAwC;AACxC,OAAO,EACL,gBAAgB,EAChB,gBAAgB,GACjB,MAAM,kBAAkB,CAAC"}
|
|
@@ -0,0 +1,60 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* OIDC Domain Attestation — Input builder.
|
|
3
|
+
*
|
|
4
|
+
* Takes a raw JWT token + scope string, and produces all circuit inputs
|
|
5
|
+
* needed for the oidc_domain_attestation circuit.
|
|
6
|
+
*
|
|
7
|
+
* Steps:
|
|
8
|
+
* 1. Decode JWT header → kid, iss
|
|
9
|
+
* 2. Fetch JWKS via OIDC Discovery → find matching RSA public key
|
|
10
|
+
* 3. Compute RSA limbs (modulus, redc_params, signature) — 18 × 120-bit
|
|
11
|
+
* 4. Compute partial SHA-256 (precompute up to "email" key)
|
|
12
|
+
* 5. Extract email → derive domain
|
|
13
|
+
* 6. Compute scope = keccak256(scope_string)
|
|
14
|
+
* 7. Compute nullifier = keccak256(keccak256(email) ++ scope)
|
|
15
|
+
*/
|
|
16
|
+
export declare const OIDC_MAX_PARTIAL_DATA_LENGTH = 640;
|
|
17
|
+
export declare const OIDC_MAX_DOMAIN_LENGTH = 64;
|
|
18
|
+
export declare const OIDC_MAX_EMAIL_LENGTH = 128;
|
|
19
|
+
export interface OidcCircuitInputs {
|
|
20
|
+
pubkey_modulus_limbs: string[];
|
|
21
|
+
domain: {
|
|
22
|
+
storage: number[];
|
|
23
|
+
len: number;
|
|
24
|
+
};
|
|
25
|
+
scope: number[];
|
|
26
|
+
nullifier: number[];
|
|
27
|
+
partial_data: {
|
|
28
|
+
storage: number[];
|
|
29
|
+
len: number;
|
|
30
|
+
};
|
|
31
|
+
partial_hash: number[];
|
|
32
|
+
full_data_length: number;
|
|
33
|
+
base64_decode_offset: number;
|
|
34
|
+
redc_params_limbs: string[];
|
|
35
|
+
signature_limbs: string[];
|
|
36
|
+
}
|
|
37
|
+
export interface PrepareOidcParams {
|
|
38
|
+
/** Raw JWT string (header.payload.signature) */
|
|
39
|
+
jwt: string;
|
|
40
|
+
/** Scope string for nullifier (e.g. "openstoa:topic:test") */
|
|
41
|
+
scope: string;
|
|
42
|
+
/** Domain to prove. If omitted, auto-extracted from email claim. */
|
|
43
|
+
domain?: string;
|
|
44
|
+
/** Override JWKS URL instead of using OIDC Discovery */
|
|
45
|
+
jwksUrl?: string;
|
|
46
|
+
}
|
|
47
|
+
/**
|
|
48
|
+
* Prepare all circuit inputs for oidc_domain_attestation from a raw JWT.
|
|
49
|
+
*
|
|
50
|
+
* @param params.jwt - Raw JWT string from OIDC provider (e.g. Google id_token)
|
|
51
|
+
* @param params.scope - Scope string for nullifier derivation
|
|
52
|
+
* @param params.domain - Domain to prove (auto-extracted from email if omitted)
|
|
53
|
+
* @param params.jwksUrl - Override JWKS URL (skips OIDC Discovery)
|
|
54
|
+
*/
|
|
55
|
+
export declare function prepareOidcInputs(params: PrepareOidcParams): Promise<OidcCircuitInputs>;
|
|
56
|
+
/**
|
|
57
|
+
* Build a Prover.toml string from OidcCircuitInputs.
|
|
58
|
+
*/
|
|
59
|
+
export declare function buildOidcProverToml(inputs: OidcCircuitInputs): string;
|
|
60
|
+
//# sourceMappingURL=oidc-inputs.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"oidc-inputs.d.ts","sourceRoot":"","sources":["../src/oidc-inputs.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AAMH,eAAO,MAAM,4BAA4B,MAAM,CAAC;AAChD,eAAO,MAAM,sBAAsB,KAAK,CAAC;AACzC,eAAO,MAAM,qBAAqB,MAAM,CAAC;AAIzC,MAAM,WAAW,iBAAiB;IAEhC,oBAAoB,EAAE,MAAM,EAAE,CAAC;IAC/B,MAAM,EAAE;QAAE,OAAO,EAAE,MAAM,EAAE,CAAC;QAAC,GAAG,EAAE,MAAM,CAAA;KAAE,CAAC;IAC3C,KAAK,EAAE,MAAM,EAAE,CAAC;IAChB,SAAS,EAAE,MAAM,EAAE,CAAC;IAGpB,YAAY,EAAE;QAAE,OAAO,EAAE,MAAM,EAAE,CAAC;QAAC,GAAG,EAAE,MAAM,CAAA;KAAE,CAAC;IACjD,YAAY,EAAE,MAAM,EAAE,CAAC;IACvB,gBAAgB,EAAE,MAAM,CAAC;IACzB,oBAAoB,EAAE,MAAM,CAAC;IAC7B,iBAAiB,EAAE,MAAM,EAAE,CAAC;IAC5B,eAAe,EAAE,MAAM,EAAE,CAAC;CAC3B;AAED,MAAM,WAAW,iBAAiB;IAChC,gDAAgD;IAChD,GAAG,EAAE,MAAM,CAAC;IACZ,8DAA8D;IAC9D,KAAK,EAAE,MAAM,CAAC;IACd,oEAAoE;IACpE,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,wDAAwD;IACxD,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAoJD;;;;;;;GAOG;AACH,wBAAsB,iBAAiB,CAAC,MAAM,EAAE,iBAAiB,GAAG,OAAO,CAAC,iBAAiB,CAAC,CA4G7F;AA2BD;;GAEG;AACH,wBAAgB,mBAAmB,CAAC,MAAM,EAAE,iBAAiB,GAAG,MAAM,CAyBrE"}
|
|
@@ -0,0 +1,296 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* OIDC Domain Attestation — Input builder.
|
|
3
|
+
*
|
|
4
|
+
* Takes a raw JWT token + scope string, and produces all circuit inputs
|
|
5
|
+
* needed for the oidc_domain_attestation circuit.
|
|
6
|
+
*
|
|
7
|
+
* Steps:
|
|
8
|
+
* 1. Decode JWT header → kid, iss
|
|
9
|
+
* 2. Fetch JWKS via OIDC Discovery → find matching RSA public key
|
|
10
|
+
* 3. Compute RSA limbs (modulus, redc_params, signature) — 18 × 120-bit
|
|
11
|
+
* 4. Compute partial SHA-256 (precompute up to "email" key)
|
|
12
|
+
* 5. Extract email → derive domain
|
|
13
|
+
* 6. Compute scope = keccak256(scope_string)
|
|
14
|
+
* 7. Compute nullifier = keccak256(keccak256(email) ++ scope)
|
|
15
|
+
*/
|
|
16
|
+
import { ethers } from 'ethers';
|
|
17
|
+
// ─── Circuit constants (must match main.nr) ─────────────────────────────
|
|
18
|
+
export const OIDC_MAX_PARTIAL_DATA_LENGTH = 640;
|
|
19
|
+
export const OIDC_MAX_DOMAIN_LENGTH = 64;
|
|
20
|
+
export const OIDC_MAX_EMAIL_LENGTH = 128;
|
|
21
|
+
// ─── BigInt helpers ─────────────────────────────────────────────────────
|
|
22
|
+
function base64urlToBytes(b64url) {
|
|
23
|
+
const b64 = b64url.replace(/-/g, '+').replace(/_/g, '/');
|
|
24
|
+
const pad = (4 - (b64.length % 4)) % 4;
|
|
25
|
+
const padded = b64 + '='.repeat(pad);
|
|
26
|
+
const binary = atob(padded);
|
|
27
|
+
const bytes = new Uint8Array(binary.length);
|
|
28
|
+
for (let i = 0; i < binary.length; i++) {
|
|
29
|
+
bytes[i] = binary.charCodeAt(i);
|
|
30
|
+
}
|
|
31
|
+
return bytes;
|
|
32
|
+
}
|
|
33
|
+
function bytesToBigInt(bytes) {
|
|
34
|
+
let hex = '0x';
|
|
35
|
+
for (const b of bytes) {
|
|
36
|
+
hex += b.toString(16).padStart(2, '0');
|
|
37
|
+
}
|
|
38
|
+
return BigInt(hex);
|
|
39
|
+
}
|
|
40
|
+
function splitBigIntToChunks(value, chunkSize, numChunks) {
|
|
41
|
+
const mask = (1n << BigInt(chunkSize)) - 1n;
|
|
42
|
+
const chunks = [];
|
|
43
|
+
for (let i = 0; i < numChunks; i++) {
|
|
44
|
+
chunks.push((value >> (BigInt(i) * BigInt(chunkSize))) & mask);
|
|
45
|
+
}
|
|
46
|
+
return chunks;
|
|
47
|
+
}
|
|
48
|
+
// ─── Partial SHA-256 ────────────────────────────────────────────────────
|
|
49
|
+
const SHA256_K = [
|
|
50
|
+
0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1,
|
|
51
|
+
0x923f82a4, 0xab1c5ed5, 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3,
|
|
52
|
+
0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, 0xe49b69c1, 0xefbe4786,
|
|
53
|
+
0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
|
|
54
|
+
0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147,
|
|
55
|
+
0x06ca6351, 0x14292967, 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13,
|
|
56
|
+
0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85, 0xa2bfe8a1, 0xa81a664b,
|
|
57
|
+
0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
|
|
58
|
+
0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a,
|
|
59
|
+
0x5b9cca4f, 0x682e6ff3, 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208,
|
|
60
|
+
0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2,
|
|
61
|
+
];
|
|
62
|
+
function rotr(n, x) {
|
|
63
|
+
return (x >>> n) | (x << (32 - n));
|
|
64
|
+
}
|
|
65
|
+
function sha256Block(H, block) {
|
|
66
|
+
const w = new Uint32Array(64);
|
|
67
|
+
let a = H[0], b = H[1], c = H[2], d = H[3];
|
|
68
|
+
let e = H[4], f = H[5], g = H[6], h = H[7];
|
|
69
|
+
for (let i = 0; i < 16; i++) {
|
|
70
|
+
w[i] = (block[i * 4] << 24) | (block[i * 4 + 1] << 16) | (block[i * 4 + 2] << 8) | block[i * 4 + 3];
|
|
71
|
+
}
|
|
72
|
+
for (let i = 16; i < 64; i++) {
|
|
73
|
+
const s0 = rotr(7, w[i - 15]) ^ rotr(18, w[i - 15]) ^ (w[i - 15] >>> 3);
|
|
74
|
+
const s1 = rotr(17, w[i - 2]) ^ rotr(19, w[i - 2]) ^ (w[i - 2] >>> 10);
|
|
75
|
+
w[i] = (w[i - 16] + s0 + w[i - 7] + s1) >>> 0;
|
|
76
|
+
}
|
|
77
|
+
for (let i = 0; i < 64; i++) {
|
|
78
|
+
const S1 = rotr(6, e) ^ rotr(11, e) ^ rotr(25, e);
|
|
79
|
+
const ch = (e & f) ^ (~e & g);
|
|
80
|
+
const temp1 = (h + S1 + ch + SHA256_K[i] + w[i]) >>> 0;
|
|
81
|
+
const S0 = rotr(2, a) ^ rotr(13, a) ^ rotr(22, a);
|
|
82
|
+
const maj = (a & b) ^ (a & c) ^ (b & c);
|
|
83
|
+
const temp2 = (S0 + maj) >>> 0;
|
|
84
|
+
h = g;
|
|
85
|
+
g = f;
|
|
86
|
+
f = e;
|
|
87
|
+
e = (d + temp1) >>> 0;
|
|
88
|
+
d = c;
|
|
89
|
+
c = b;
|
|
90
|
+
b = a;
|
|
91
|
+
a = (temp1 + temp2) >>> 0;
|
|
92
|
+
}
|
|
93
|
+
H[0] = (H[0] + a) >>> 0;
|
|
94
|
+
H[1] = (H[1] + b) >>> 0;
|
|
95
|
+
H[2] = (H[2] + c) >>> 0;
|
|
96
|
+
H[3] = (H[3] + d) >>> 0;
|
|
97
|
+
H[4] = (H[4] + e) >>> 0;
|
|
98
|
+
H[5] = (H[5] + f) >>> 0;
|
|
99
|
+
H[6] = (H[6] + g) >>> 0;
|
|
100
|
+
H[7] = (H[7] + h) >>> 0;
|
|
101
|
+
}
|
|
102
|
+
function generatePartialSHA256(data, hashUntilIndex) {
|
|
103
|
+
const blockSize = 64;
|
|
104
|
+
const blockIndex = Math.floor(hashUntilIndex / blockSize);
|
|
105
|
+
const H = new Uint32Array([
|
|
106
|
+
0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a,
|
|
107
|
+
0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19,
|
|
108
|
+
]);
|
|
109
|
+
for (let i = 0; i < blockIndex; i++) {
|
|
110
|
+
const block = new Uint8Array(blockSize);
|
|
111
|
+
block.set(data.slice(i * blockSize, (i + 1) * blockSize));
|
|
112
|
+
sha256Block(H, block);
|
|
113
|
+
}
|
|
114
|
+
return { partialHash: H, remainingData: data.slice(blockIndex * blockSize) };
|
|
115
|
+
}
|
|
116
|
+
async function fetchJwksUrl(issuer) {
|
|
117
|
+
const discoveryUrl = issuer.endsWith('/')
|
|
118
|
+
? `${issuer}.well-known/openid-configuration`
|
|
119
|
+
: `${issuer}/.well-known/openid-configuration`;
|
|
120
|
+
const resp = await fetch(discoveryUrl);
|
|
121
|
+
if (!resp.ok) {
|
|
122
|
+
throw new Error(`OIDC Discovery failed for ${discoveryUrl}: ${resp.status}`);
|
|
123
|
+
}
|
|
124
|
+
const config = await resp.json();
|
|
125
|
+
if (!config.jwks_uri) {
|
|
126
|
+
throw new Error(`No jwks_uri in OIDC Discovery response from ${discoveryUrl}`);
|
|
127
|
+
}
|
|
128
|
+
return config.jwks_uri;
|
|
129
|
+
}
|
|
130
|
+
async function fetchMatchingKey(jwksUrl, kid) {
|
|
131
|
+
const resp = await fetch(jwksUrl);
|
|
132
|
+
if (!resp.ok) {
|
|
133
|
+
throw new Error(`JWKS fetch failed: ${resp.status}`);
|
|
134
|
+
}
|
|
135
|
+
const jwks = await resp.json();
|
|
136
|
+
const key = jwks.keys.find(k => k.kid === kid);
|
|
137
|
+
if (!key) {
|
|
138
|
+
throw new Error(`No JWKS key matching kid="${kid}". Available: ${jwks.keys.map(k => k.kid).join(', ')}`);
|
|
139
|
+
}
|
|
140
|
+
if (key.kty !== 'RSA') {
|
|
141
|
+
throw new Error(`Expected RSA key, got ${key.kty}`);
|
|
142
|
+
}
|
|
143
|
+
return key;
|
|
144
|
+
}
|
|
145
|
+
// ─── Keccak-256 helpers ─────────────────────────────────────────────────
|
|
146
|
+
function keccak256Bytes(data) {
|
|
147
|
+
return ethers.getBytes(ethers.keccak256(data));
|
|
148
|
+
}
|
|
149
|
+
// ─── Main export ────────────────────────────────────────────────────────
|
|
150
|
+
/**
|
|
151
|
+
* Prepare all circuit inputs for oidc_domain_attestation from a raw JWT.
|
|
152
|
+
*
|
|
153
|
+
* @param params.jwt - Raw JWT string from OIDC provider (e.g. Google id_token)
|
|
154
|
+
* @param params.scope - Scope string for nullifier derivation
|
|
155
|
+
* @param params.domain - Domain to prove (auto-extracted from email if omitted)
|
|
156
|
+
* @param params.jwksUrl - Override JWKS URL (skips OIDC Discovery)
|
|
157
|
+
*/
|
|
158
|
+
export async function prepareOidcInputs(params) {
|
|
159
|
+
const { jwt, scope } = params;
|
|
160
|
+
// 1. Decode JWT
|
|
161
|
+
const [headerB64, payloadB64, signatureB64url] = jwt.split('.');
|
|
162
|
+
if (!headerB64 || !payloadB64 || !signatureB64url) {
|
|
163
|
+
throw new Error('Invalid JWT format: expected 3 dot-separated parts');
|
|
164
|
+
}
|
|
165
|
+
const header = JSON.parse(new TextDecoder().decode(base64urlToBytes(headerB64)));
|
|
166
|
+
const payload = JSON.parse(new TextDecoder().decode(base64urlToBytes(payloadB64)));
|
|
167
|
+
if (header.alg !== 'RS256') {
|
|
168
|
+
throw new Error(`Unsupported JWT algorithm: ${header.alg}. Only RS256 is supported.`);
|
|
169
|
+
}
|
|
170
|
+
if (!header.kid) {
|
|
171
|
+
throw new Error('JWT header missing kid');
|
|
172
|
+
}
|
|
173
|
+
if (!payload.email) {
|
|
174
|
+
throw new Error('JWT payload missing email claim');
|
|
175
|
+
}
|
|
176
|
+
if (!payload.email_verified) {
|
|
177
|
+
throw new Error('JWT email_verified is not true');
|
|
178
|
+
}
|
|
179
|
+
const email = payload.email;
|
|
180
|
+
const atIndex = email.indexOf('@');
|
|
181
|
+
if (atIndex === -1) {
|
|
182
|
+
throw new Error(`Invalid email format: ${email}`);
|
|
183
|
+
}
|
|
184
|
+
const domain = params.domain || email.substring(atIndex + 1);
|
|
185
|
+
// 2. Fetch JWKS and find matching key
|
|
186
|
+
const jwksUrl = params.jwksUrl || await fetchJwksUrl(payload.iss);
|
|
187
|
+
const jwk = await fetchMatchingKey(jwksUrl, header.kid);
|
|
188
|
+
// 3. Compute RSA limbs
|
|
189
|
+
const signedData = new TextEncoder().encode(`${headerB64}.${payloadB64}`);
|
|
190
|
+
const signatureBytes = base64urlToBytes(signatureB64url);
|
|
191
|
+
const signatureBigInt = bytesToBigInt(signatureBytes);
|
|
192
|
+
const modulusBytes = base64urlToBytes(jwk.n);
|
|
193
|
+
const modulusBigInt = bytesToBigInt(modulusBytes);
|
|
194
|
+
const redcParam = (1n << (2n * 2048n + 4n)) / modulusBigInt;
|
|
195
|
+
const pubkeyLimbs = splitBigIntToChunks(modulusBigInt, 120, 18).map(v => v.toString());
|
|
196
|
+
const redcLimbs = splitBigIntToChunks(redcParam, 120, 18).map(v => v.toString());
|
|
197
|
+
const sigLimbs = splitBigIntToChunks(signatureBigInt, 120, 18).map(v => v.toString());
|
|
198
|
+
// 4. Partial SHA-256 (precompute up to "email" key)
|
|
199
|
+
const payloadJson = new TextDecoder().decode(base64urlToBytes(payloadB64));
|
|
200
|
+
const emailKeyIndex = payloadJson.indexOf('"email"');
|
|
201
|
+
if (emailKeyIndex === -1) {
|
|
202
|
+
throw new Error('Could not find "email" key in JWT payload');
|
|
203
|
+
}
|
|
204
|
+
// Align to the base64 group boundary that contains the email key start.
|
|
205
|
+
// Base64 maps 3 decoded bytes → 4 base64 chars. Floor to group start ensures
|
|
206
|
+
// the full "email" key is included in partial_data after base64 decoding.
|
|
207
|
+
const emailKeyIndexB64 = Math.floor(emailKeyIndex / 3) * 4;
|
|
208
|
+
const sliceStart = headerB64.length + 1 + emailKeyIndexB64;
|
|
209
|
+
const { partialHash, remainingData } = generatePartialSHA256(signedData, sliceStart);
|
|
210
|
+
if (remainingData.length > OIDC_MAX_PARTIAL_DATA_LENGTH) {
|
|
211
|
+
throw new Error(`Remaining data after partial SHA (${remainingData.length} bytes) exceeds ` +
|
|
212
|
+
`MAX_PARTIAL_DATA_LENGTH (${OIDC_MAX_PARTIAL_DATA_LENGTH}). JWT payload is too large.`);
|
|
213
|
+
}
|
|
214
|
+
const partialDataPadded = new Uint8Array(OIDC_MAX_PARTIAL_DATA_LENGTH);
|
|
215
|
+
partialDataPadded.set(remainingData);
|
|
216
|
+
const shaCutoffIndex = signedData.length - remainingData.length;
|
|
217
|
+
const payloadBytesInShaPrecompute = shaCutoffIndex - (headerB64.length + 1);
|
|
218
|
+
const base64DecodeOffset = (4 - (payloadBytesInShaPrecompute % 4)) % 4;
|
|
219
|
+
// 5. Domain BoundedVec
|
|
220
|
+
const domainBytes = new TextEncoder().encode(domain);
|
|
221
|
+
if (domainBytes.length > OIDC_MAX_DOMAIN_LENGTH) {
|
|
222
|
+
throw new Error(`Domain "${domain}" exceeds max length ${OIDC_MAX_DOMAIN_LENGTH}`);
|
|
223
|
+
}
|
|
224
|
+
const domainStorage = new Uint8Array(OIDC_MAX_DOMAIN_LENGTH);
|
|
225
|
+
domainStorage.set(domainBytes);
|
|
226
|
+
// 6. Scope = keccak256(scope_string)
|
|
227
|
+
const scopeBytes = keccak256Bytes(new TextEncoder().encode(scope));
|
|
228
|
+
// 7. Nullifier = keccak256(keccak256(email) ++ scope)
|
|
229
|
+
const emailBytes = new TextEncoder().encode(email);
|
|
230
|
+
const emailHash = keccak256Bytes(emailBytes);
|
|
231
|
+
const preimage = new Uint8Array(64);
|
|
232
|
+
preimage.set(emailHash, 0);
|
|
233
|
+
preimage.set(scopeBytes, 32);
|
|
234
|
+
const nullifierBytes = keccak256Bytes(preimage);
|
|
235
|
+
return {
|
|
236
|
+
pubkey_modulus_limbs: pubkeyLimbs,
|
|
237
|
+
domain: { storage: Array.from(domainStorage), len: domainBytes.length },
|
|
238
|
+
scope: Array.from(scopeBytes),
|
|
239
|
+
nullifier: Array.from(nullifierBytes),
|
|
240
|
+
partial_data: { storage: Array.from(partialDataPadded), len: remainingData.length },
|
|
241
|
+
partial_hash: Array.from(partialHash),
|
|
242
|
+
full_data_length: signedData.length,
|
|
243
|
+
base64_decode_offset: base64DecodeOffset,
|
|
244
|
+
redc_params_limbs: redcLimbs,
|
|
245
|
+
signature_limbs: sigLimbs,
|
|
246
|
+
};
|
|
247
|
+
}
|
|
248
|
+
// ─── Prover.toml builder ────────────────────────────────────────────────
|
|
249
|
+
function toHexArray(bytes) {
|
|
250
|
+
const lines = [];
|
|
251
|
+
for (let i = 0; i < bytes.length; i += 16) {
|
|
252
|
+
const chunk = bytes.slice(i, i + 16);
|
|
253
|
+
lines.push(' ' + chunk.map(b => '0x' + b.toString(16).padStart(2, '0')).join(', '));
|
|
254
|
+
}
|
|
255
|
+
return '[\n' + lines.join(',\n') + '\n]';
|
|
256
|
+
}
|
|
257
|
+
function toDecimalArray(values) {
|
|
258
|
+
return '[\n' + values.map((v, i) => {
|
|
259
|
+
const comma = i < values.length - 1 ? ',' : '';
|
|
260
|
+
return ` "${v}"${comma}`;
|
|
261
|
+
}).join('\n') + '\n]';
|
|
262
|
+
}
|
|
263
|
+
function toU32Array(values) {
|
|
264
|
+
return '[\n' + values.map((v, i) => {
|
|
265
|
+
const comma = i < values.length - 1 ? ',' : '';
|
|
266
|
+
return ` ${v >>> 0}${comma}`;
|
|
267
|
+
}).join('\n') + '\n]';
|
|
268
|
+
}
|
|
269
|
+
/**
|
|
270
|
+
* Build a Prover.toml string from OidcCircuitInputs.
|
|
271
|
+
*/
|
|
272
|
+
export function buildOidcProverToml(inputs) {
|
|
273
|
+
const lines = [];
|
|
274
|
+
lines.push('# Public Inputs');
|
|
275
|
+
lines.push(`pubkey_modulus_limbs = ${toDecimalArray(inputs.pubkey_modulus_limbs)}`);
|
|
276
|
+
lines.push(`scope = ${toHexArray(inputs.scope)}`);
|
|
277
|
+
lines.push(`nullifier = ${toHexArray(inputs.nullifier)}`);
|
|
278
|
+
lines.push('');
|
|
279
|
+
lines.push('# Private Inputs');
|
|
280
|
+
lines.push(`partial_hash = ${toU32Array(inputs.partial_hash)}`);
|
|
281
|
+
lines.push(`full_data_length = ${inputs.full_data_length}`);
|
|
282
|
+
lines.push(`base64_decode_offset = ${inputs.base64_decode_offset}`);
|
|
283
|
+
lines.push(`redc_params_limbs = ${toDecimalArray(inputs.redc_params_limbs)}`);
|
|
284
|
+
lines.push(`signature_limbs = ${toDecimalArray(inputs.signature_limbs)}`);
|
|
285
|
+
lines.push('');
|
|
286
|
+
lines.push('# BoundedVec tables (must be last in TOML)');
|
|
287
|
+
lines.push('[domain]');
|
|
288
|
+
lines.push(`storage = ${toHexArray(inputs.domain.storage)}`);
|
|
289
|
+
lines.push(`len = ${inputs.domain.len}`);
|
|
290
|
+
lines.push('');
|
|
291
|
+
lines.push('[partial_data]');
|
|
292
|
+
lines.push(`storage = ${toHexArray(inputs.partial_data.storage)}`);
|
|
293
|
+
lines.push(`len = ${inputs.partial_data.len}`);
|
|
294
|
+
return lines.join('\n') + '\n';
|
|
295
|
+
}
|
|
296
|
+
//# sourceMappingURL=oidc-inputs.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"oidc-inputs.js","sourceRoot":"","sources":["../src/oidc-inputs.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AAEH,OAAO,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAEhC,2EAA2E;AAE3E,MAAM,CAAC,MAAM,4BAA4B,GAAG,GAAG,CAAC;AAChD,MAAM,CAAC,MAAM,sBAAsB,GAAG,EAAE,CAAC;AACzC,MAAM,CAAC,MAAM,qBAAqB,GAAG,GAAG,CAAC;AA+BzC,2EAA2E;AAE3E,SAAS,gBAAgB,CAAC,MAAc;IACtC,MAAM,GAAG,GAAG,MAAM,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;IACzD,MAAM,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;IACvC,MAAM,MAAM,GAAG,GAAG,GAAG,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;IACrC,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC;IAC5B,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IAC5C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACvC,KAAK,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;IAClC,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,SAAS,aAAa,CAAC,KAAiB;IACtC,IAAI,GAAG,GAAG,IAAI,CAAC;IACf,KAAK,MAAM,CAAC,IAAI,KAAK,EAAE,CAAC;QACtB,GAAG,IAAI,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;IACzC,CAAC;IACD,OAAO,MAAM,CAAC,GAAG,CAAC,CAAC;AACrB,CAAC;AAED,SAAS,mBAAmB,CAAC,KAAa,EAAE,SAAiB,EAAE,SAAiB;IAC9E,MAAM,IAAI,GAAG,CAAC,EAAE,IAAI,MAAM,CAAC,SAAS,CAAC,CAAC,GAAG,EAAE,CAAC;IAC5C,MAAM,MAAM,GAAa,EAAE,CAAC;IAC5B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,SAAS,EAAE,CAAC,EAAE,EAAE,CAAC;QACnC,MAAM,CAAC,IAAI,CAAC,CAAC,KAAK,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;IACjE,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,2EAA2E;AAE3E,MAAM,QAAQ,GAAG;IACf,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;IACtE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;IACtE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;IACtE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;IACtE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;IACtE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;IACtE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;IACtE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;IACtE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;IACtE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;IACtE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;CAC/C,CAAC;AAEF,SAAS,IAAI,CAAC,CAAS,EAAE,CAAS;IAChC,OAAO,CAAC,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;AACrC,CAAC;AAED,SAAS,WAAW,CAAC,CAAc,EAAE,KAAiB;IACpD,MAAM,CAAC,GAAG,IAAI,WAAW,CAAC,EAAE,CAAC,CAAC;IAC9B,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IAC3C,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IAC3C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC;QAC5B,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,KAAK,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC;IACtG,CAAC;IACD,KAAK,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC;QAC7B,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC;QACxE,MAAM,EAAE,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC;QACvE,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,KAAK,CAAC,CAAC;IAChD,CAAC;IACD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC;QAC5B,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC;QAClD,MAAM,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QAC9B,MAAM,KAAK,GAAG,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC;QACvD,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC;QAClD,MAAM,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QACxC,MAAM,KAAK,GAAG,CAAC,EAAE,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC;QAC/B,CAAC,GAAG,CAAC,CAAC;QAAC,CAAC,GAAG,CAAC,CAAC;QAAC,CAAC,GAAG,CAAC,CAAC;QAAC,CAAC,GAAG,CAAC,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC;QAC3C,CAAC,GAAG,CAAC,CAAC;QAAC,CAAC,GAAG,CAAC,CAAC;QAAC,CAAC,GAAG,CAAC,CAAC;QAAC,CAAC,GAAG,CAAC,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC;IACjD,CAAC;IACD,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC;IAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC;IACjD,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC;IAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC;IACjD,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC;IAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC;IACjD,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC;IAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC;AACnD,CAAC;AAED,SAAS,qBAAqB,CAC5B,IAAgB,EAChB,cAAsB;IAEtB,MAAM,SAAS,GAAG,EAAE,CAAC;IACrB,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,cAAc,GAAG,SAAS,CAAC,CAAC;IAC1D,MAAM,CAAC,GAAG,IAAI,WAAW,CAAC;QACxB,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;QAC9C,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;KAC/C,CAAC,CAAC;IACH,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,UAAU,EAAE,CAAC,EAAE,EAAE,CAAC;QACpC,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,SAAS,CAAC,CAAC;QACxC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,GAAG,SAAS,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,SAAS,CAAC,CAAC,CAAC;QAC1D,WAAW,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;IACxB,CAAC;IACD,OAAO,EAAE,WAAW,EAAE,CAAC,EAAE,aAAa,EAAE,IAAI,CAAC,KAAK,CAAC,UAAU,GAAG,SAAS,CAAC,EAAE,CAAC;AAC/E,CAAC;AAYD,KAAK,UAAU,YAAY,CAAC,MAAc;IACxC,MAAM,YAAY,GAAG,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC;QACvC,CAAC,CAAC,GAAG,MAAM,kCAAkC;QAC7C,CAAC,CAAC,GAAG,MAAM,mCAAmC,CAAC;IACjD,MAAM,IAAI,GAAG,MAAM,KAAK,CAAC,YAAY,CAAC,CAAC;IACvC,IAAI,CAAC,IAAI,CAAC,EAAE,EAAE,CAAC;QACb,MAAM,IAAI,KAAK,CAAC,6BAA6B,YAAY,KAAK,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;IAC/E,CAAC;IACD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,IAAI,EAA0B,CAAC;IACzD,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC;QACrB,MAAM,IAAI,KAAK,CAAC,+CAA+C,YAAY,EAAE,CAAC,CAAC;IACjF,CAAC;IACD,OAAO,MAAM,CAAC,QAAQ,CAAC;AACzB,CAAC;AAED,KAAK,UAAU,gBAAgB,CAAC,OAAe,EAAE,GAAW;IAC1D,MAAM,IAAI,GAAG,MAAM,KAAK,CAAC,OAAO,CAAC,CAAC;IAClC,IAAI,CAAC,IAAI,CAAC,EAAE,EAAE,CAAC;QACb,MAAM,IAAI,KAAK,CAAC,sBAAsB,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;IACvD,CAAC;IACD,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,IAAI,EAAqB,CAAC;IAClD,MAAM,GAAG,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,KAAK,GAAG,CAAC,CAAC;IAC/C,IAAI,CAAC,GAAG,EAAE,CAAC;QACT,MAAM,IAAI,KAAK,CAAC,6BAA6B,GAAG,iBAAiB,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAC3G,CAAC;IACD,IAAI,GAAG,CAAC,GAAG,KAAK,KAAK,EAAE,CAAC;QACtB,MAAM,IAAI,KAAK,CAAC,yBAAyB,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC;IACtD,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,2EAA2E;AAE3E,SAAS,cAAc,CAAC,IAAgB;IACtC,OAAO,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC;AACjD,CAAC;AAED,2EAA2E;AAE3E;;;;;;;GAOG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CAAC,MAAyB;IAC/D,MAAM,EAAE,GAAG,EAAE,KAAK,EAAE,GAAG,MAAM,CAAC;IAE9B,gBAAgB;IAChB,MAAM,CAAC,SAAS,EAAE,UAAU,EAAE,eAAe,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAChE,IAAI,CAAC,SAAS,IAAI,CAAC,UAAU,IAAI,CAAC,eAAe,EAAE,CAAC;QAClD,MAAM,IAAI,KAAK,CAAC,oDAAoD,CAAC,CAAC;IACxE,CAAC;IAED,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,gBAAgB,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;IACjF,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,gBAAgB,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;IAEnF,IAAI,MAAM,CAAC,GAAG,KAAK,OAAO,EAAE,CAAC;QAC3B,MAAM,IAAI,KAAK,CAAC,8BAA8B,MAAM,CAAC,GAAG,4BAA4B,CAAC,CAAC;IACxF,CAAC;IACD,IAAI,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC;QAChB,MAAM,IAAI,KAAK,CAAC,wBAAwB,CAAC,CAAC;IAC5C,CAAC;IACD,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QACnB,MAAM,IAAI,KAAK,CAAC,iCAAiC,CAAC,CAAC;IACrD,CAAC;IACD,IAAI,CAAC,OAAO,CAAC,cAAc,EAAE,CAAC;QAC5B,MAAM,IAAI,KAAK,CAAC,gCAAgC,CAAC,CAAC;IACpD,CAAC;IAED,MAAM,KAAK,GAAG,OAAO,CAAC,KAAe,CAAC;IACtC,MAAM,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IACnC,IAAI,OAAO,KAAK,CAAC,CAAC,EAAE,CAAC;QACnB,MAAM,IAAI,KAAK,CAAC,yBAAyB,KAAK,EAAE,CAAC,CAAC;IACpD,CAAC;IACD,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,IAAI,KAAK,CAAC,SAAS,CAAC,OAAO,GAAG,CAAC,CAAC,CAAC;IAE7D,sCAAsC;IACtC,MAAM,OAAO,GAAG,MAAM,CAAC,OAAO,IAAI,MAAM,YAAY,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IAClE,MAAM,GAAG,GAAG,MAAM,gBAAgB,CAAC,OAAO,EAAE,MAAM,CAAC,GAAG,CAAC,CAAC;IAExD,uBAAuB;IACvB,MAAM,UAAU,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,GAAG,SAAS,IAAI,UAAU,EAAE,CAAC,CAAC;IAC1E,MAAM,cAAc,GAAG,gBAAgB,CAAC,eAAe,CAAC,CAAC;IACzD,MAAM,eAAe,GAAG,aAAa,CAAC,cAAc,CAAC,CAAC;IACtD,MAAM,YAAY,GAAG,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;IAC7C,MAAM,aAAa,GAAG,aAAa,CAAC,YAAY,CAAC,CAAC;IAClD,MAAM,SAAS,GAAG,CAAC,EAAE,IAAI,CAAC,EAAE,GAAG,KAAK,GAAG,EAAE,CAAC,CAAC,GAAG,aAAa,CAAC;IAE5D,MAAM,WAAW,GAAG,mBAAmB,CAAC,aAAa,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC;IACvF,MAAM,SAAS,GAAG,mBAAmB,CAAC,SAAS,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC;IACjF,MAAM,QAAQ,GAAG,mBAAmB,CAAC,eAAe,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC;IAEtF,oDAAoD;IACpD,MAAM,WAAW,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,gBAAgB,CAAC,UAAU,CAAC,CAAC,CAAC;IAC3E,MAAM,aAAa,GAAG,WAAW,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;IACrD,IAAI,aAAa,KAAK,CAAC,CAAC,EAAE,CAAC;QACzB,MAAM,IAAI,KAAK,CAAC,2CAA2C,CAAC,CAAC;IAC/D,CAAC;IAED,wEAAwE;IACxE,6EAA6E;IAC7E,0EAA0E;IAC1E,MAAM,gBAAgB,GAAG,IAAI,CAAC,KAAK,CAAC,aAAa,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;IAC3D,MAAM,UAAU,GAAG,SAAS,CAAC,MAAM,GAAG,CAAC,GAAG,gBAAgB,CAAC;IAE3D,MAAM,EAAE,WAAW,EAAE,aAAa,EAAE,GAAG,qBAAqB,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC;IAErF,IAAI,aAAa,CAAC,MAAM,GAAG,4BAA4B,EAAE,CAAC;QACxD,MAAM,IAAI,KAAK,CACb,qCAAqC,aAAa,CAAC,MAAM,kBAAkB;YAC3E,4BAA4B,4BAA4B,8BAA8B,CACvF,CAAC;IACJ,CAAC;IAED,MAAM,iBAAiB,GAAG,IAAI,UAAU,CAAC,4BAA4B,CAAC,CAAC;IACvE,iBAAiB,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;IAErC,MAAM,cAAc,GAAG,UAAU,CAAC,MAAM,GAAG,aAAa,CAAC,MAAM,CAAC;IAChE,MAAM,2BAA2B,GAAG,cAAc,GAAG,CAAC,SAAS,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IAC5E,MAAM,kBAAkB,GAAG,CAAC,CAAC,GAAG,CAAC,2BAA2B,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;IAEvE,uBAAuB;IACvB,MAAM,WAAW,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IACrD,IAAI,WAAW,CAAC,MAAM,GAAG,sBAAsB,EAAE,CAAC;QAChD,MAAM,IAAI,KAAK,CAAC,WAAW,MAAM,wBAAwB,sBAAsB,EAAE,CAAC,CAAC;IACrF,CAAC;IACD,MAAM,aAAa,GAAG,IAAI,UAAU,CAAC,sBAAsB,CAAC,CAAC;IAC7D,aAAa,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;IAE/B,qCAAqC;IACrC,MAAM,UAAU,GAAG,cAAc,CAAC,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC;IAEnE,sDAAsD;IACtD,MAAM,UAAU,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IACnD,MAAM,SAAS,GAAG,cAAc,CAAC,UAAU,CAAC,CAAC;IAC7C,MAAM,QAAQ,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;IACpC,QAAQ,CAAC,GAAG,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC;IAC3B,QAAQ,CAAC,GAAG,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC;IAC7B,MAAM,cAAc,GAAG,cAAc,CAAC,QAAQ,CAAC,CAAC;IAEhD,OAAO;QACL,oBAAoB,EAAE,WAAW;QACjC,MAAM,EAAE,EAAE,OAAO,EAAE,KAAK,CAAC,IAAI,CAAC,aAAa,CAAC,EAAE,GAAG,EAAE,WAAW,CAAC,MAAM,EAAE;QACvE,KAAK,EAAE,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC;QAC7B,SAAS,EAAE,KAAK,CAAC,IAAI,CAAC,cAAc,CAAC;QACrC,YAAY,EAAE,EAAE,OAAO,EAAE,KAAK,CAAC,IAAI,CAAC,iBAAiB,CAAC,EAAE,GAAG,EAAE,aAAa,CAAC,MAAM,EAAE;QACnF,YAAY,EAAE,KAAK,CAAC,IAAI,CAAC,WAAW,CAAC;QACrC,gBAAgB,EAAE,UAAU,CAAC,MAAM;QACnC,oBAAoB,EAAE,kBAAkB;QACxC,iBAAiB,EAAE,SAAS;QAC5B,eAAe,EAAE,QAAQ;KAC1B,CAAC;AACJ,CAAC;AAED,2EAA2E;AAE3E,SAAS,UAAU,CAAC,KAAe;IACjC,MAAM,KAAK,GAAa,EAAE,CAAC;IAC3B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC;QAC1C,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC;QACrC,KAAK,CAAC,IAAI,CAAC,MAAM,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,GAAG,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;IACzF,CAAC;IACD,OAAO,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,KAAK,CAAC;AAC3C,CAAC;AAED,SAAS,cAAc,CAAC,MAAgB;IACtC,OAAO,KAAK,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;QACjC,MAAM,KAAK,GAAG,CAAC,GAAG,MAAM,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;QAC/C,OAAO,QAAQ,CAAC,IAAI,KAAK,EAAE,CAAC;IAC9B,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,KAAK,CAAC;AACxB,CAAC;AAED,SAAS,UAAU,CAAC,MAAgB;IAClC,OAAO,KAAK,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;QACjC,MAAM,KAAK,GAAG,CAAC,GAAG,MAAM,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;QAC/C,OAAO,OAAO,CAAC,KAAK,CAAC,GAAG,KAAK,EAAE,CAAC;IAClC,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,KAAK,CAAC;AACxB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,mBAAmB,CAAC,MAAyB;IAC3D,MAAM,KAAK,GAAa,EAAE,CAAC;IAE3B,KAAK,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;IAC9B,KAAK,CAAC,IAAI,CAAC,0BAA0B,cAAc,CAAC,MAAM,CAAC,oBAAoB,CAAC,EAAE,CAAC,CAAC;IACpF,KAAK,CAAC,IAAI,CAAC,WAAW,UAAU,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;IAClD,KAAK,CAAC,IAAI,CAAC,eAAe,UAAU,CAAC,MAAM,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC;IAC1D,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;IAC/B,KAAK,CAAC,IAAI,CAAC,kBAAkB,UAAU,CAAC,MAAM,CAAC,YAAY,CAAC,EAAE,CAAC,CAAC;IAChE,KAAK,CAAC,IAAI,CAAC,sBAAsB,MAAM,CAAC,gBAAgB,EAAE,CAAC,CAAC;IAC5D,KAAK,CAAC,IAAI,CAAC,0BAA0B,MAAM,CAAC,oBAAoB,EAAE,CAAC,CAAC;IACpE,KAAK,CAAC,IAAI,CAAC,uBAAuB,cAAc,CAAC,MAAM,CAAC,iBAAiB,CAAC,EAAE,CAAC,CAAC;IAC9E,KAAK,CAAC,IAAI,CAAC,qBAAqB,cAAc,CAAC,MAAM,CAAC,eAAe,CAAC,EAAE,CAAC,CAAC;IAC1E,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,4CAA4C,CAAC,CAAC;IACzD,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IACvB,KAAK,CAAC,IAAI,CAAC,aAAa,UAAU,CAAC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;IAC7D,KAAK,CAAC,IAAI,CAAC,SAAS,MAAM,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC,CAAC;IACzC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;IAC7B,KAAK,CAAC,IAAI,CAAC,aAAa,UAAU,CAAC,MAAM,CAAC,YAAY,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;IACnE,KAAK,CAAC,IAAI,CAAC,SAAS,MAAM,CAAC,YAAY,CAAC,GAAG,EAAE,CAAC,CAAC;IAE/C,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC;AACjC,CAAC"}
|
package/dist/payment.d.ts
CHANGED
|
@@ -9,7 +9,9 @@ import type { ProofportSigner } from './signer.js';
|
|
|
9
9
|
*
|
|
10
10
|
* @param signer - ProofportSigner (ethers, CDP MPC, or any implementation)
|
|
11
11
|
* @param payment - PaymentInfo from session or 402 response
|
|
12
|
+
* @param facilitatorUrl - Optional x402 facilitator URL (defaults to https://x402.dexter.cash)
|
|
13
|
+
* @param facilitatorHeaders - Optional headers for facilitator auth (e.g., CDP Bearer token)
|
|
12
14
|
* @returns Transaction hash
|
|
13
15
|
*/
|
|
14
|
-
export declare function makePayment(signer: ProofportSigner, payment: PaymentInfo): Promise<string>;
|
|
16
|
+
export declare function makePayment(signer: ProofportSigner, payment: PaymentInfo, facilitatorUrl?: string, facilitatorHeaders?: Record<string, string>): Promise<string>;
|
|
15
17
|
//# sourceMappingURL=payment.d.ts.map
|
package/dist/payment.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"payment.d.ts","sourceRoot":"","sources":["../src/payment.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAC9C,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAenD
|
|
1
|
+
{"version":3,"file":"payment.d.ts","sourceRoot":"","sources":["../src/payment.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAC9C,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAenD;;;;;;;;;;;;GAYG;AACH,wBAAsB,WAAW,CAC/B,MAAM,EAAE,eAAe,EACvB,OAAO,EAAE,WAAW,EACpB,cAAc,CAAC,EAAE,MAAM,EACvB,kBAAkB,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,GAC1C,OAAO,CAAC,MAAM,CAAC,CAuGjB"}
|