accounts 0.14.6 → 0.14.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +23 -0
- package/dist/cli/Provider.d.ts.map +1 -1
- package/dist/cli/Provider.js +3 -2
- package/dist/cli/Provider.js.map +1 -1
- package/dist/cli/adapter.d.ts +0 -2
- package/dist/cli/adapter.d.ts.map +1 -1
- package/dist/cli/adapter.js +35 -153
- package/dist/cli/adapter.js.map +1 -1
- package/dist/cli/index.d.ts +1 -0
- package/dist/cli/index.d.ts.map +1 -1
- package/dist/cli/index.js +1 -0
- package/dist/cli/index.js.map +1 -1
- package/dist/cli/storage.d.ts +15 -0
- package/dist/cli/storage.d.ts.map +1 -0
- package/dist/cli/storage.js +127 -0
- package/dist/cli/storage.js.map +1 -0
- package/dist/core/AccessKey.d.ts +127 -23
- package/dist/core/AccessKey.d.ts.map +1 -1
- package/dist/core/AccessKey.js +192 -33
- package/dist/core/AccessKey.js.map +1 -1
- package/dist/core/Adapter.d.ts +94 -10
- package/dist/core/Adapter.d.ts.map +1 -1
- package/dist/core/Adapter.js.map +1 -1
- package/dist/core/Dialog.d.ts +13 -1
- package/dist/core/Dialog.d.ts.map +1 -1
- package/dist/core/Dialog.js +45 -101
- package/dist/core/Dialog.js.map +1 -1
- package/dist/core/ExecutionError.d.ts.map +1 -1
- package/dist/core/ExecutionError.js +6 -0
- package/dist/core/ExecutionError.js.map +1 -1
- package/dist/core/Messenger.d.ts +2 -8
- package/dist/core/Messenger.d.ts.map +1 -1
- package/dist/core/Messenger.js.map +1 -1
- package/dist/core/Provider.d.ts +14 -2
- package/dist/core/Provider.d.ts.map +1 -1
- package/dist/core/Provider.js +536 -45
- package/dist/core/Provider.js.map +1 -1
- package/dist/core/Remote.d.ts +39 -6
- package/dist/core/Remote.d.ts.map +1 -1
- package/dist/core/Remote.js.map +1 -1
- package/dist/core/Schema.d.ts +30 -2
- package/dist/core/Schema.d.ts.map +1 -1
- package/dist/core/Storage.d.ts +5 -1
- package/dist/core/Storage.d.ts.map +1 -1
- package/dist/core/Storage.js +19 -4
- package/dist/core/Storage.js.map +1 -1
- package/dist/core/Store.d.ts +12 -46
- package/dist/core/Store.d.ts.map +1 -1
- package/dist/core/Store.js +31 -7
- package/dist/core/Store.js.map +1 -1
- package/dist/core/WebAuthnCeremony.d.ts +0 -4
- package/dist/core/WebAuthnCeremony.d.ts.map +1 -1
- package/dist/core/WebAuthnCeremony.js.map +1 -1
- package/dist/core/adapters/dialog.d.ts +1 -1
- package/dist/core/adapters/dialog.d.ts.map +1 -1
- package/dist/core/adapters/dialog.js +33 -283
- package/dist/core/adapters/dialog.js.map +1 -1
- package/dist/core/adapters/local.d.ts.map +1 -1
- package/dist/core/adapters/local.js +117 -142
- package/dist/core/adapters/local.js.map +1 -1
- package/dist/core/adapters/privy.d.ts +21 -22
- package/dist/core/adapters/privy.d.ts.map +1 -1
- package/dist/core/adapters/privy.js +41 -49
- package/dist/core/adapters/privy.js.map +1 -1
- package/dist/core/adapters/turnkey.d.ts.map +1 -1
- package/dist/core/adapters/turnkey.js +13 -165
- package/dist/core/adapters/turnkey.js.map +1 -1
- package/dist/core/adapters/webAuthn.d.ts.map +1 -1
- package/dist/core/adapters/webAuthn.js +2 -4
- package/dist/core/adapters/webAuthn.js.map +1 -1
- package/dist/core/internal/AccessKeyTransaction.d.ts.map +1 -1
- package/dist/core/internal/AccessKeyTransaction.js +2 -5
- package/dist/core/internal/AccessKeyTransaction.js.map +1 -1
- package/dist/core/internal/RemoteRequests.d.ts +31 -0
- package/dist/core/internal/RemoteRequests.d.ts.map +1 -0
- package/dist/core/internal/RemoteRequests.js +141 -0
- package/dist/core/internal/RemoteRequests.js.map +1 -0
- package/dist/core/zod/rpc.d.ts +207 -2
- package/dist/core/zod/rpc.d.ts.map +1 -1
- package/dist/core/zod/rpc.js +55 -1
- package/dist/core/zod/rpc.js.map +1 -1
- package/dist/index.d.ts +0 -1
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +0 -1
- package/dist/index.js.map +1 -1
- package/dist/react/privy.d.ts +23 -0
- package/dist/react/privy.d.ts.map +1 -0
- package/dist/react/privy.js +221 -0
- package/dist/react/privy.js.map +1 -0
- package/dist/react-native/adapter.d.ts +1 -4
- package/dist/react-native/adapter.d.ts.map +1 -1
- package/dist/react-native/adapter.js +153 -318
- package/dist/react-native/adapter.js.map +1 -1
- package/dist/react-native/{storage.d.ts → asyncStorage.d.ts} +2 -6
- package/dist/react-native/asyncStorage.d.ts.map +1 -0
- package/dist/react-native/{storage.js → asyncStorage.js} +1 -26
- package/dist/react-native/asyncStorage.js.map +1 -0
- package/dist/react-native/index.d.ts +0 -2
- package/dist/react-native/index.d.ts.map +1 -1
- package/dist/react-native/index.js +0 -2
- package/dist/react-native/index.js.map +1 -1
- package/dist/react-native/secureStorage.d.ts +8 -0
- package/dist/react-native/secureStorage.d.ts.map +1 -0
- package/dist/react-native/secureStorage.js +28 -0
- package/dist/react-native/secureStorage.js.map +1 -0
- package/dist/server/Handler.d.ts +1 -0
- package/dist/server/Handler.d.ts.map +1 -1
- package/dist/server/Handler.js +1 -0
- package/dist/server/Handler.js.map +1 -1
- package/dist/server/Identity.d.ts +31 -0
- package/dist/server/Identity.d.ts.map +1 -0
- package/dist/server/Identity.js +47 -0
- package/dist/server/Identity.js.map +1 -0
- package/dist/server/index.d.ts +1 -0
- package/dist/server/index.d.ts.map +1 -1
- package/dist/server/index.js +1 -0
- package/dist/server/index.js.map +1 -1
- package/dist/server/internal/handlers/auth.d.ts +41 -0
- package/dist/server/internal/handlers/auth.d.ts.map +1 -1
- package/dist/server/internal/handlers/auth.js +77 -8
- package/dist/server/internal/handlers/auth.js.map +1 -1
- package/dist/server/internal/handlers/oidcProvider.d.ts +117 -0
- package/dist/server/internal/handlers/oidcProvider.d.ts.map +1 -0
- package/dist/server/internal/handlers/oidcProvider.js +147 -0
- package/dist/server/internal/handlers/oidcProvider.js.map +1 -0
- package/package.json +24 -2
- package/src/cli/Provider.localnet.test.ts +78 -33
- package/src/cli/Provider.ts +3 -2
- package/src/cli/adapter.ts +44 -221
- package/src/cli/index.ts +1 -0
- package/src/cli/storage.test.ts +122 -0
- package/src/cli/storage.ts +159 -0
- package/src/core/AccessKey.test.ts +228 -54
- package/src/core/AccessKey.ts +345 -68
- package/src/core/Adapter.ts +127 -27
- package/src/core/Dialog.browser.test.ts +49 -18
- package/src/core/Dialog.test-d.ts +13 -1
- package/src/core/Dialog.ts +67 -115
- package/src/core/ExecutionError.ts +6 -0
- package/src/core/Messenger.ts +2 -6
- package/src/core/Provider.browser.test.ts +86 -0
- package/src/core/Provider.localnet.test.ts +250 -3
- package/src/core/Provider.test-d.ts +15 -0
- package/src/core/Provider.test.ts +182 -0
- package/src/core/Provider.ts +660 -51
- package/src/core/Remote.ts +43 -7
- package/src/core/Storage.ts +32 -10
- package/src/core/Store.test.ts +227 -447
- package/src/core/Store.ts +62 -38
- package/src/core/WebAuthnCeremony.ts +0 -4
- package/src/core/adapters/dialog.test.ts +350 -433
- package/src/core/adapters/dialog.ts +31 -318
- package/src/core/adapters/local.test.ts +49 -10
- package/src/core/adapters/local.ts +140 -145
- package/src/core/adapters/privy.test-d.ts +4 -0
- package/src/core/adapters/privy.test.ts +20 -20
- package/src/core/adapters/privy.ts +61 -61
- package/src/core/adapters/turnkey.test.ts +30 -400
- package/src/core/adapters/turnkey.ts +13 -170
- package/src/core/adapters/webAuthn.ts +2 -4
- package/src/core/internal/AccessKeyTransaction.ts +2 -5
- package/src/core/internal/RemoteRequests.ts +216 -0
- package/src/core/zod/rpc.test-d.ts +32 -0
- package/src/core/zod/rpc.test.ts +161 -0
- package/src/core/zod/rpc.ts +62 -1
- package/src/index.ts +0 -1
- package/src/react/privy.test-d.ts +22 -0
- package/src/react/privy.ts +278 -0
- package/src/react-native/Provider.localnet.test.ts +167 -62
- package/src/react-native/adapter.ts +180 -440
- package/src/react-native/{storage.ts → asyncStorage.ts} +1 -31
- package/src/react-native/index.ts +0 -2
- package/src/react-native/secureStorage.ts +35 -0
- package/src/server/Handler.test-d.ts +13 -0
- package/src/server/Handler.ts +1 -0
- package/src/server/Identity.test-d.ts +23 -0
- package/src/server/Identity.ts +74 -0
- package/src/server/index.ts +1 -0
- package/src/server/internal/handlers/auth.test.ts +308 -5
- package/src/server/internal/handlers/auth.ts +108 -7
- package/src/server/internal/handlers/oidcProvider.test-d.ts +34 -0
- package/src/server/internal/handlers/oidcProvider.test.ts +212 -0
- package/src/server/internal/handlers/oidcProvider.ts +247 -0
- package/dist/cli/keyring.d.ts +0 -56
- package/dist/cli/keyring.d.ts.map +0 -1
- package/dist/cli/keyring.js +0 -156
- package/dist/cli/keyring.js.map +0 -1
- package/dist/react-native/Provider.d.ts +0 -12
- package/dist/react-native/Provider.d.ts.map +0 -1
- package/dist/react-native/Provider.js +0 -24
- package/dist/react-native/Provider.js.map +0 -1
- package/dist/react-native/storage.d.ts.map +0 -1
- package/dist/react-native/storage.js.map +0 -1
- package/src/cli/keyring.test.ts +0 -118
- package/src/cli/keyring.ts +0 -214
- package/src/react-native/Provider.ts +0 -36
package/dist/core/AccessKey.d.ts
CHANGED
|
@@ -2,6 +2,7 @@ import { Address, Hex, WebCryptoP256 } from 'ox';
|
|
|
2
2
|
import { KeyAuthorization } from 'ox/tempo';
|
|
3
3
|
import { type Client, type Transport } from 'viem';
|
|
4
4
|
import { Account as TempoAccount } from 'viem/tempo';
|
|
5
|
+
import type { StoreApi } from 'zustand';
|
|
5
6
|
import type { OneOf } from '../internal/types.js';
|
|
6
7
|
import type * as Store from './Store.js';
|
|
7
8
|
declare const status: {
|
|
@@ -49,7 +50,7 @@ export type AccessKey = {
|
|
|
49
50
|
keyPair: Awaited<ReturnType<typeof WebCryptoP256.createKeyPair>>;
|
|
50
51
|
}>;
|
|
51
52
|
/** Calls used to match access key scopes. */
|
|
52
|
-
type Call = {
|
|
53
|
+
export type Call = {
|
|
53
54
|
/** Contract address being called. */
|
|
54
55
|
to?: Address.Address | undefined;
|
|
55
56
|
/** Calldata being sent. */
|
|
@@ -69,8 +70,8 @@ type StatusQuery = {
|
|
|
69
70
|
client: Client<Transport>;
|
|
70
71
|
/** Current Unix timestamp in seconds. Defaults to `Date.now() / 1000`. */
|
|
71
72
|
now?: number | undefined;
|
|
72
|
-
/**
|
|
73
|
-
store:
|
|
73
|
+
/** Access-key manager options. */
|
|
74
|
+
store: ManagerOptions;
|
|
74
75
|
};
|
|
75
76
|
/** Access key selection query. */
|
|
76
77
|
type SelectQuery = {
|
|
@@ -82,9 +83,58 @@ type SelectQuery = {
|
|
|
82
83
|
chainId: number;
|
|
83
84
|
/** Current Unix timestamp in seconds. Defaults to `Date.now() / 1000`. */
|
|
84
85
|
now?: number | undefined;
|
|
85
|
-
/**
|
|
86
|
-
store:
|
|
86
|
+
/** Access-key manager options. */
|
|
87
|
+
store: ManagerOptions;
|
|
87
88
|
};
|
|
89
|
+
/** Access key authorization reuse policy. */
|
|
90
|
+
export type ReusePolicy = {
|
|
91
|
+
/** Minimum Unix timestamp a reusable key must be valid through. */
|
|
92
|
+
minExpiry?: number | undefined;
|
|
93
|
+
/** Minimum spending limits a reusable key must satisfy. */
|
|
94
|
+
minLimits?: readonly KeyAuthorization.TokenLimit[] | undefined;
|
|
95
|
+
};
|
|
96
|
+
/** Access key authorization parameters plus SDK-only reuse policy. */
|
|
97
|
+
export type ReusableAuthorization = Omit<prepareAuthorization.Options, 'chainId'> & {
|
|
98
|
+
/** Chain ID the key authorization is scoped to. */
|
|
99
|
+
chainId?: bigint | number | undefined;
|
|
100
|
+
/** SDK-only reuse policy. Not sent over RPC. */
|
|
101
|
+
reuse?: ReusePolicy | undefined;
|
|
102
|
+
};
|
|
103
|
+
type ReusableQuery = {
|
|
104
|
+
/** Root account address. */
|
|
105
|
+
account: Address.Address;
|
|
106
|
+
/** Calls the access key must be able to sign. */
|
|
107
|
+
calls?: readonly Call[] | undefined;
|
|
108
|
+
/** Chain ID the access key must be authorized on. */
|
|
109
|
+
chainId: number;
|
|
110
|
+
/** Current Unix timestamp in seconds. Defaults to `Date.now() / 1000`. */
|
|
111
|
+
now?: number | undefined;
|
|
112
|
+
/** Access key authorization parameters with optional reuse policy. */
|
|
113
|
+
parameters: ReusableAuthorization;
|
|
114
|
+
/** Access-key manager options. */
|
|
115
|
+
store: ManagerOptions;
|
|
116
|
+
};
|
|
117
|
+
type CallsQuery = {
|
|
118
|
+
/** Calls the authorization must be able to sign. */
|
|
119
|
+
calls?: readonly Call[] | undefined;
|
|
120
|
+
/** Access key authorization parameters. */
|
|
121
|
+
parameters: Pick<ReusableAuthorization, 'scopes'>;
|
|
122
|
+
};
|
|
123
|
+
type ListQuery = {
|
|
124
|
+
/** Root account address. */
|
|
125
|
+
account: Address.Address;
|
|
126
|
+
/** Specific access key address to match. */
|
|
127
|
+
accessKey?: Address.Address | undefined;
|
|
128
|
+
/** Chain ID the access key is scoped to. */
|
|
129
|
+
chainId: number;
|
|
130
|
+
/** Access-key manager dependencies. */
|
|
131
|
+
store: ManagerOptions;
|
|
132
|
+
};
|
|
133
|
+
type ManagerOptions = {
|
|
134
|
+
/** Zustand store containing access-key metadata. */
|
|
135
|
+
state: Pick<StoreApi<Store.State>, 'getState' | 'setState'>;
|
|
136
|
+
};
|
|
137
|
+
/** Access-key identity. */
|
|
88
138
|
type Key = {
|
|
89
139
|
/** Root account address. */
|
|
90
140
|
account: Address.Address;
|
|
@@ -92,22 +142,33 @@ type Key = {
|
|
|
92
142
|
accessKey: Address.Address;
|
|
93
143
|
/** Chain ID the access key is scoped to. */
|
|
94
144
|
chainId: number;
|
|
95
|
-
/** Reactive state store. */
|
|
96
|
-
store: Store.Store;
|
|
97
145
|
};
|
|
98
|
-
/**
|
|
99
|
-
|
|
100
|
-
|
|
101
|
-
|
|
102
|
-
|
|
103
|
-
|
|
104
|
-
|
|
105
|
-
|
|
106
|
-
|
|
107
|
-
|
|
108
|
-
|
|
109
|
-
|
|
110
|
-
|
|
146
|
+
/** Store-bound access-key operations. */
|
|
147
|
+
type Manager = {
|
|
148
|
+
/** Adds a signed access-key authorization. */
|
|
149
|
+
add: (options: Omit<add.Options, 'store'>) => add.ReturnType;
|
|
150
|
+
/** Prepares, signs, and saves an access key authorization. */
|
|
151
|
+
authorize: (options: Omit<authorize.Options, 'store'>) => Promise<authorize.ReturnType>;
|
|
152
|
+
/** Clears all access-key records. */
|
|
153
|
+
clear: () => void;
|
|
154
|
+
/** Returns publication status for a stored or on-chain access key. */
|
|
155
|
+
getStatus: (options: Omit<StatusQuery, 'store'>) => Promise<Status>;
|
|
156
|
+
/** Returns a locally-signable access key account by exact address. */
|
|
157
|
+
get: (options: Omit<get.Options, 'store'>) => Promise<get.ReturnType>;
|
|
158
|
+
/** Returns access-key metadata matching a query. */
|
|
159
|
+
list: (options: Omit<ListQuery, 'store'>) => readonly AccessKey[];
|
|
160
|
+
/** Removes an access-key record. */
|
|
161
|
+
remove: (options: Omit<remove.Options, 'store'>) => void;
|
|
162
|
+
/** Selects a locally-signable access key account for an intent. */
|
|
163
|
+
select: (options: Omit<SelectQuery, 'store'>) => Promise<TempoAccount.AccessKeyAccount | undefined>;
|
|
164
|
+
/** Updates stored authorization metadata for an existing access key. */
|
|
165
|
+
updateAuthorization: (options: Omit<updateAuthorization.Options, 'store'>) => void;
|
|
166
|
+
};
|
|
167
|
+
/** Creates store-bound access-key operations. */
|
|
168
|
+
export declare function createManager(options: createManager.Options): Manager;
|
|
169
|
+
export declare namespace createManager {
|
|
170
|
+
/** Options for {@link createManager}. */
|
|
171
|
+
type Options = ManagerOptions;
|
|
111
172
|
}
|
|
112
173
|
/** Prepares an unsigned key authorization and local key material when needed. */
|
|
113
174
|
export declare function prepareAuthorization(options: prepareAuthorization.Options): Promise<prepareAuthorization.ReturnType>;
|
|
@@ -124,10 +185,18 @@ export declare namespace prepareAuthorization {
|
|
|
124
185
|
keyType?: 'secp256k1' | 'p256' | 'webAuthn' | undefined;
|
|
125
186
|
/** TIP-20 spending limits for this key. */
|
|
126
187
|
limits?: readonly KeyAuthorization.TokenLimit[] | undefined;
|
|
188
|
+
/** Exported private key backing the access key. */
|
|
189
|
+
privateKey?: Hex.Hex | undefined;
|
|
127
190
|
/** External public key to derive the access key address from. */
|
|
128
191
|
publicKey?: Hex.Hex | undefined;
|
|
129
192
|
/** Call scopes restricting which contracts/selectors this key can call. */
|
|
130
193
|
scopes?: readonly KeyAuthorization.Scope[] | undefined;
|
|
194
|
+
/**
|
|
195
|
+
* TIP-1053 witness (32 bytes) to bind into the key authorization. Set to
|
|
196
|
+
* `hashMessage(message)` to fuse a Sign-In-with-Tempo proof into the
|
|
197
|
+
* access-key authorization so both are covered by a single signature.
|
|
198
|
+
*/
|
|
199
|
+
witness?: Hex.Hex | undefined;
|
|
131
200
|
};
|
|
132
201
|
/** Prepared unsigned key authorization and optional local key material. */
|
|
133
202
|
type ReturnType = {
|
|
@@ -135,6 +204,8 @@ export declare namespace prepareAuthorization {
|
|
|
135
204
|
keyAuthorization: KeyAuthorization.KeyAuthorization<false>;
|
|
136
205
|
/** Generated WebCrypto key pair for local access keys. */
|
|
137
206
|
keyPair?: Awaited<globalThis.ReturnType<typeof WebCryptoP256.createKeyPair>> | undefined;
|
|
207
|
+
/** Exported private key backing an external access key. */
|
|
208
|
+
privateKey?: Hex.Hex | undefined;
|
|
138
209
|
};
|
|
139
210
|
}
|
|
140
211
|
/** Prepares, signs, and saves an access key authorization. */
|
|
@@ -152,15 +223,36 @@ export declare namespace authorize {
|
|
|
152
223
|
chainId?: bigint | number | undefined;
|
|
153
224
|
};
|
|
154
225
|
/** Reactive state store. */
|
|
155
|
-
store:
|
|
226
|
+
store: ManagerOptions;
|
|
156
227
|
};
|
|
157
228
|
/** Signed key authorization in RPC form. */
|
|
158
229
|
type ReturnType = KeyAuthorization.Rpc;
|
|
159
230
|
}
|
|
231
|
+
/** Returns whether a local access key satisfies reusable authorization parameters. */
|
|
232
|
+
export declare function hasReusableAuthorization(options: ReusableQuery): Promise<boolean>;
|
|
233
|
+
/** Returns whether an authorization request could sign the provided calls. */
|
|
234
|
+
export declare function canAuthorizeCalls(options: CallsQuery): boolean;
|
|
160
235
|
/** Returns publication status for a stored or on-chain access key. */
|
|
161
236
|
export declare function getStatus(options: StatusQuery): Promise<Status>;
|
|
162
237
|
/** Selects a locally-signable access key account for an intent. */
|
|
163
238
|
export declare function select(options: SelectQuery): Promise<TempoAccount.AccessKeyAccount | undefined>;
|
|
239
|
+
/** Returns a locally-signable access key account by exact address. */
|
|
240
|
+
export declare function get(options: get.Options): Promise<get.ReturnType>;
|
|
241
|
+
export declare namespace get {
|
|
242
|
+
type Options = {
|
|
243
|
+
/** Root account address. */
|
|
244
|
+
account: Address.Address;
|
|
245
|
+
/** Specific access key address to match. */
|
|
246
|
+
accessKey: Address.Address;
|
|
247
|
+
/** Chain ID the access key must be authorized on. */
|
|
248
|
+
chainId: number;
|
|
249
|
+
/** Current Unix timestamp in seconds. Defaults to `Date.now() / 1000`. */
|
|
250
|
+
now?: number | undefined;
|
|
251
|
+
/** Reactive state store. */
|
|
252
|
+
store: ManagerOptions;
|
|
253
|
+
};
|
|
254
|
+
type ReturnType = TempoAccount.AccessKeyAccount | undefined;
|
|
255
|
+
}
|
|
164
256
|
/** Adds a signed access key authorization. */
|
|
165
257
|
export declare function add(options: add.Options): add.ReturnType;
|
|
166
258
|
export declare namespace add {
|
|
@@ -175,16 +267,28 @@ export declare namespace add {
|
|
|
175
267
|
/** The WebCrypto key pair backing the access key. */
|
|
176
268
|
keyPair?: Awaited<globalThis.ReturnType<typeof WebCryptoP256.createKeyPair>> | undefined;
|
|
177
269
|
/** Reactive state store. */
|
|
178
|
-
store:
|
|
270
|
+
store: ManagerOptions;
|
|
179
271
|
};
|
|
180
272
|
/** Stored access key record. */
|
|
181
273
|
type ReturnType = AccessKey;
|
|
182
274
|
}
|
|
275
|
+
declare function updateAuthorization(options: updateAuthorization.Options): void;
|
|
276
|
+
declare namespace updateAuthorization {
|
|
277
|
+
type Options = Key & {
|
|
278
|
+
/** Signed key authorization for the access key. */
|
|
279
|
+
authorization: KeyAuthorization.Signed;
|
|
280
|
+
/** Reactive state store. */
|
|
281
|
+
store: ManagerOptions;
|
|
282
|
+
};
|
|
283
|
+
}
|
|
183
284
|
/** Removes an access key record. */
|
|
184
285
|
export declare function remove(options: remove.Options): void;
|
|
185
286
|
export declare namespace remove {
|
|
186
287
|
/** Options for {@link remove}. */
|
|
187
|
-
type Options = Key
|
|
288
|
+
type Options = Key & {
|
|
289
|
+
/** Reactive state store. */
|
|
290
|
+
store: ManagerOptions;
|
|
291
|
+
};
|
|
188
292
|
}
|
|
189
293
|
/** Returns whether an error means an access key is already unavailable on-chain. */
|
|
190
294
|
export declare function isUnavailableError(error: unknown): boolean;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"AccessKey.d.ts","sourceRoot":"","sources":["../../src/core/AccessKey.ts"],"names":[],"mappings":"AAAA,OAAO,EAAe,OAAO,EAAE,GAAG,EAA0B,aAAa,EAAE,MAAM,IAAI,CAAA;AACrF,OAAO,EAAE,gBAAgB,EAAqB,MAAM,UAAU,CAAA;AAC9D,OAAO,EAAa,KAAK,MAAM,EAAE,KAAK,SAAS,EAAE,MAAM,MAAM,CAAA;AAC7D,OAAO,EACL,OAAO,IAAI,YAAY,EAGxB,MAAM,YAAY,CAAA;
|
|
1
|
+
{"version":3,"file":"AccessKey.d.ts","sourceRoot":"","sources":["../../src/core/AccessKey.ts"],"names":[],"mappings":"AAAA,OAAO,EAAe,OAAO,EAAE,GAAG,EAA0B,aAAa,EAAE,MAAM,IAAI,CAAA;AACrF,OAAO,EAAE,gBAAgB,EAAqB,MAAM,UAAU,CAAA;AAC9D,OAAO,EAAa,KAAK,MAAM,EAAE,KAAK,SAAS,EAAE,MAAM,MAAM,CAAA;AAC7D,OAAO,EACL,OAAO,IAAI,YAAY,EAGxB,MAAM,YAAY,CAAA;AACnB,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAA;AAEvC,OAAO,KAAK,EAAE,KAAK,EAAE,MAAM,sBAAsB,CAAA;AAEjD,OAAO,KAAK,KAAK,KAAK,MAAM,YAAY,CAAA;AAExC,QAAA,MAAM,MAAM;IACV,+CAA+C;;IAE/C,yFAAyF;;IAEzF,sDAAsD;;IAEtD,oDAAoD;;CAE5C,CAAA;AAIV,KAAK,MAAM,GAAG,CAAC,OAAO,MAAM,CAAC,CAAC,MAAM,OAAO,MAAM,CAAC,CAAA;AAElD,kDAAkD;AAClD,MAAM,MAAM,SAAS,GAAG;IACtB,0BAA0B;IAC1B,OAAO,EAAE,OAAO,CAAC,OAAO,CAAA;IACxB,+BAA+B;IAC/B,MAAM,EAAE,OAAO,CAAC,OAAO,CAAA;IACvB,2DAA2D;IAC3D,OAAO,EAAE,MAAM,CAAA;IACf,kDAAkD;IAClD,MAAM,CAAC,EAAE,MAAM,GAAG,SAAS,CAAA;IAC3B,mFAAmF;IACnF,gBAAgB,CAAC,EAAE,gBAAgB,CAAC,MAAM,GAAG,SAAS,CAAA;IACtD,gBAAgB;IAChB,OAAO,EAAE,WAAW,GAAG,MAAM,GAAG,UAAU,GAAG,WAAW,CAAA;IACxD,iDAAiD;IACjD,MAAM,CAAC,EAAE;QAAE,KAAK,EAAE,OAAO,CAAC,OAAO,CAAC;QAAC,KAAK,EAAE,MAAM,CAAC;QAAC,MAAM,CAAC,EAAE,MAAM,GAAG,SAAS,CAAA;KAAE,EAAE,GAAG,SAAS,CAAA;IAC7F,2EAA2E;IAC3E,MAAM,CAAC,EACH;QACE,OAAO,EAAE,OAAO,CAAC,OAAO,CAAA;QACxB,QAAQ,CAAC,EAAE,GAAG,CAAC,GAAG,GAAG,MAAM,GAAG,SAAS,CAAA;QACvC,UAAU,CAAC,EAAE,SAAS,OAAO,CAAC,OAAO,EAAE,GAAG,SAAS,CAAA;KACpD,EAAE,GACH,SAAS,CAAA;CACd,GAAG,KAAK,CACL,EAAE,GACF;IACE,uDAAuD;IACvD,UAAU,EAAE,GAAG,CAAC,GAAG,CAAA;CACpB,GACD;IACE,qDAAqD;IACrD,OAAO,EAAE,OAAO,CAAC,UAAU,CAAC,OAAO,aAAa,CAAC,aAAa,CAAC,CAAC,CAAA;CACjE,CACJ,CAAA;AAED,6CAA6C;AAC7C,MAAM,MAAM,IAAI,GAAG;IACjB,qCAAqC;IACrC,EAAE,CAAC,EAAE,OAAO,CAAC,OAAO,GAAG,SAAS,CAAA;IAChC,2BAA2B;IAC3B,IAAI,CAAC,EAAE,GAAG,CAAC,GAAG,GAAG,SAAS,CAAA;CAC3B,CAAA;AAED,+BAA+B;AAC/B,KAAK,WAAW,GAAG;IACjB,4BAA4B;IAC5B,OAAO,EAAE,OAAO,CAAC,OAAO,CAAA;IACxB,4CAA4C;IAC5C,SAAS,CAAC,EAAE,OAAO,CAAC,OAAO,GAAG,SAAS,CAAA;IACvC,gDAAgD;IAChD,KAAK,CAAC,EAAE,SAAS,IAAI,EAAE,GAAG,SAAS,CAAA;IACnC,qDAAqD;IACrD,OAAO,EAAE,MAAM,CAAA;IACf,wDAAwD;IACxD,MAAM,EAAE,MAAM,CAAC,SAAS,CAAC,CAAA;IACzB,0EAA0E;IAC1E,GAAG,CAAC,EAAE,MAAM,GAAG,SAAS,CAAA;IACxB,kCAAkC;IAClC,KAAK,EAAE,cAAc,CAAA;CACtB,CAAA;AAED,kCAAkC;AAClC,KAAK,WAAW,GAAG;IACjB,4BAA4B;IAC5B,OAAO,EAAE,OAAO,CAAC,OAAO,CAAA;IACxB,gDAAgD;IAChD,KAAK,CAAC,EAAE,SAAS,IAAI,EAAE,GAAG,SAAS,CAAA;IACnC,qDAAqD;IACrD,OAAO,EAAE,MAAM,CAAA;IACf,0EAA0E;IAC1E,GAAG,CAAC,EAAE,MAAM,GAAG,SAAS,CAAA;IACxB,kCAAkC;IAClC,KAAK,EAAE,cAAc,CAAA;CACtB,CAAA;AAED,6CAA6C;AAC7C,MAAM,MAAM,WAAW,GAAG;IACxB,mEAAmE;IACnE,SAAS,CAAC,EAAE,MAAM,GAAG,SAAS,CAAA;IAC9B,2DAA2D;IAC3D,SAAS,CAAC,EAAE,SAAS,gBAAgB,CAAC,UAAU,EAAE,GAAG,SAAS,CAAA;CAC/D,CAAA;AAED,sEAAsE;AACtE,MAAM,MAAM,qBAAqB,GAAG,IAAI,CAAC,oBAAoB,CAAC,OAAO,EAAE,SAAS,CAAC,GAAG;IAClF,mDAAmD;IACnD,OAAO,CAAC,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS,CAAA;IACrC,gDAAgD;IAChD,KAAK,CAAC,EAAE,WAAW,GAAG,SAAS,CAAA;CAChC,CAAA;AAED,KAAK,aAAa,GAAG;IACnB,4BAA4B;IAC5B,OAAO,EAAE,OAAO,CAAC,OAAO,CAAA;IACxB,iDAAiD;IACjD,KAAK,CAAC,EAAE,SAAS,IAAI,EAAE,GAAG,SAAS,CAAA;IACnC,qDAAqD;IACrD,OAAO,EAAE,MAAM,CAAA;IACf,0EAA0E;IAC1E,GAAG,CAAC,EAAE,MAAM,GAAG,SAAS,CAAA;IACxB,sEAAsE;IACtE,UAAU,EAAE,qBAAqB,CAAA;IACjC,kCAAkC;IAClC,KAAK,EAAE,cAAc,CAAA;CACtB,CAAA;AAED,KAAK,UAAU,GAAG;IAChB,oDAAoD;IACpD,KAAK,CAAC,EAAE,SAAS,IAAI,EAAE,GAAG,SAAS,CAAA;IACnC,2CAA2C;IAC3C,UAAU,EAAE,IAAI,CAAC,qBAAqB,EAAE,QAAQ,CAAC,CAAA;CAClD,CAAA;AAED,KAAK,SAAS,GAAG;IACf,4BAA4B;IAC5B,OAAO,EAAE,OAAO,CAAC,OAAO,CAAA;IACxB,4CAA4C;IAC5C,SAAS,CAAC,EAAE,OAAO,CAAC,OAAO,GAAG,SAAS,CAAA;IACvC,4CAA4C;IAC5C,OAAO,EAAE,MAAM,CAAA;IACf,uCAAuC;IACvC,KAAK,EAAE,cAAc,CAAA;CACtB,CAAA;AAED,KAAK,cAAc,GAAG;IACpB,oDAAoD;IACpD,KAAK,EAAE,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,KAAK,CAAC,EAAE,UAAU,GAAG,UAAU,CAAC,CAAA;CAC5D,CAAA;AAED,2BAA2B;AAC3B,KAAK,GAAG,GAAG;IACT,4BAA4B;IAC5B,OAAO,EAAE,OAAO,CAAC,OAAO,CAAA;IACxB,0BAA0B;IAC1B,SAAS,EAAE,OAAO,CAAC,OAAO,CAAA;IAC1B,4CAA4C;IAC5C,OAAO,EAAE,MAAM,CAAA;CAChB,CAAA;AAED,yCAAyC;AACzC,KAAK,OAAO,GAAG;IACb,8CAA8C;IAC9C,GAAG,EAAE,CAAC,OAAO,EAAE,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,OAAO,CAAC,KAAK,GAAG,CAAC,UAAU,CAAA;IAC5D,8DAA8D;IAC9D,SAAS,EAAE,CAAC,OAAO,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,OAAO,CAAC,KAAK,OAAO,CAAC,SAAS,CAAC,UAAU,CAAC,CAAA;IACvF,qCAAqC;IACrC,KAAK,EAAE,MAAM,IAAI,CAAA;IACjB,sEAAsE;IACtE,SAAS,EAAE,CAAC,OAAO,EAAE,IAAI,CAAC,WAAW,EAAE,OAAO,CAAC,KAAK,OAAO,CAAC,MAAM,CAAC,CAAA;IACnE,sEAAsE;IACtE,GAAG,EAAE,CAAC,OAAO,EAAE,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,OAAO,CAAC,KAAK,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,CAAA;IACrE,oDAAoD;IACpD,IAAI,EAAE,CAAC,OAAO,EAAE,IAAI,CAAC,SAAS,EAAE,OAAO,CAAC,KAAK,SAAS,SAAS,EAAE,CAAA;IACjE,oCAAoC;IACpC,MAAM,EAAE,CAAC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,OAAO,CAAC,KAAK,IAAI,CAAA;IACxD,mEAAmE;IACnE,MAAM,EAAE,CACN,OAAO,EAAE,IAAI,CAAC,WAAW,EAAE,OAAO,CAAC,KAChC,OAAO,CAAC,YAAY,CAAC,gBAAgB,GAAG,SAAS,CAAC,CAAA;IACvD,wEAAwE;IACxE,mBAAmB,EAAE,CAAC,OAAO,EAAE,IAAI,CAAC,mBAAmB,CAAC,OAAO,EAAE,OAAO,CAAC,KAAK,IAAI,CAAA;CACnF,CAAA;AAED,iDAAiD;AACjD,wBAAgB,aAAa,CAAC,OAAO,EAAE,aAAa,CAAC,OAAO,GAAG,OAAO,CAYrE;AAED,MAAM,CAAC,OAAO,WAAW,aAAa,CAAC;IACrC,yCAAyC;IACzC,KAAK,OAAO,GAAG,cAAc,CAAA;CAC9B;AAED,iFAAiF;AACjF,wBAAsB,oBAAoB,CACxC,OAAO,EAAE,oBAAoB,CAAC,OAAO,GACpC,OAAO,CAAC,oBAAoB,CAAC,UAAU,CAAC,CA+D1C;AAED,MAAM,CAAC,OAAO,WAAW,oBAAoB,CAAC;IAC5C,gDAAgD;IAChD,KAAK,OAAO,GAAG;QACb,+DAA+D;QAC/D,OAAO,CAAC,EAAE,OAAO,CAAC,OAAO,GAAG,SAAS,CAAA;QACrC,mDAAmD;QACnD,OAAO,EAAE,MAAM,GAAG,MAAM,CAAA;QACxB,2CAA2C;QAC3C,MAAM,EAAE,MAAM,CAAA;QACd,oEAAoE;QACpE,OAAO,CAAC,EAAE,WAAW,GAAG,MAAM,GAAG,UAAU,GAAG,SAAS,CAAA;QACvD,2CAA2C;QAC3C,MAAM,CAAC,EAAE,SAAS,gBAAgB,CAAC,UAAU,EAAE,GAAG,SAAS,CAAA;QAC3D,mDAAmD;QACnD,UAAU,CAAC,EAAE,GAAG,CAAC,GAAG,GAAG,SAAS,CAAA;QAChC,iEAAiE;QACjE,SAAS,CAAC,EAAE,GAAG,CAAC,GAAG,GAAG,SAAS,CAAA;QAC/B,2EAA2E;QAC3E,MAAM,CAAC,EAAE,SAAS,gBAAgB,CAAC,KAAK,EAAE,GAAG,SAAS,CAAA;QACtD;;;;WAIG;QACH,OAAO,CAAC,EAAE,GAAG,CAAC,GAAG,GAAG,SAAS,CAAA;KAC9B,CAAA;IAED,2EAA2E;IAC3E,KAAK,UAAU,GAAG;QAChB,gEAAgE;QAChE,gBAAgB,EAAE,gBAAgB,CAAC,gBAAgB,CAAC,KAAK,CAAC,CAAA;QAC1D,0DAA0D;QAC1D,OAAO,CAAC,EAAE,OAAO,CAAC,UAAU,CAAC,UAAU,CAAC,OAAO,aAAa,CAAC,aAAa,CAAC,CAAC,GAAG,SAAS,CAAA;QACxF,2DAA2D;QAC3D,UAAU,CAAC,EAAE,GAAG,CAAC,GAAG,GAAG,SAAS,CAAA;KACjC,CAAA;CACF;AAED,8DAA8D;AAC9D,wBAAsB,SAAS,CAAC,OAAO,EAAE,SAAS,CAAC,OAAO,GAAG,OAAO,CAAC,SAAS,CAAC,UAAU,CAAC,CAsBzF;AAED,MAAM,CAAC,OAAO,WAAW,SAAS,CAAC;IACjC,qCAAqC;IACrC,KAAK,OAAO,GAAG;QACb,0EAA0E;QAC1E,OAAO,EAAE,IAAI,CAAC,YAAY,CAAC,OAAO,EAAE,SAAS,GAAG,MAAM,CAAC,CAAA;QACvD,mFAAmF;QACnF,OAAO,EAAE,MAAM,GAAG,MAAM,CAAA;QACxB,2CAA2C;QAC3C,UAAU,EAAE,IAAI,CAAC,oBAAoB,CAAC,OAAO,EAAE,SAAS,CAAC,GAAG;YAC1D,mDAAmD;YACnD,OAAO,CAAC,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS,CAAA;SACtC,CAAA;QACD,4BAA4B;QAC5B,KAAK,EAAE,cAAc,CAAA;KACtB,CAAA;IAED,4CAA4C;IAC5C,KAAK,UAAU,GAAG,gBAAgB,CAAC,GAAG,CAAA;CACvC;AAED,sFAAsF;AACtF,wBAAsB,wBAAwB,CAAC,OAAO,EAAE,aAAa,GAAG,OAAO,CAAC,OAAO,CAAC,CAavF;AAED,8EAA8E;AAC9E,wBAAgB,iBAAiB,CAAC,OAAO,EAAE,UAAU,GAAG,OAAO,CAE9D;AAED,sEAAsE;AACtE,wBAAsB,SAAS,CAAC,OAAO,EAAE,WAAW,GAAG,OAAO,CAAC,MAAM,CAAC,CA8BrE;AAED,mEAAmE;AACnE,wBAAsB,MAAM,CAC1B,OAAO,EAAE,WAAW,GACnB,OAAO,CAAC,YAAY,CAAC,gBAAgB,GAAG,SAAS,CAAC,CAsBpD;AAED,sEAAsE;AACtE,wBAAsB,GAAG,CAAC,OAAO,EAAE,GAAG,CAAC,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,CAgBvE;AAED,MAAM,CAAC,OAAO,WAAW,GAAG,CAAC;IAC3B,KAAK,OAAO,GAAG;QACb,4BAA4B;QAC5B,OAAO,EAAE,OAAO,CAAC,OAAO,CAAA;QACxB,4CAA4C;QAC5C,SAAS,EAAE,OAAO,CAAC,OAAO,CAAA;QAC1B,qDAAqD;QACrD,OAAO,EAAE,MAAM,CAAA;QACf,0EAA0E;QAC1E,GAAG,CAAC,EAAE,MAAM,GAAG,SAAS,CAAA;QACxB,4BAA4B;QAC5B,KAAK,EAAE,cAAc,CAAA;KACtB,CAAA;IAED,KAAK,UAAU,GAAG,YAAY,CAAC,gBAAgB,GAAG,SAAS,CAAA;CAC5D;AAkCD,8CAA8C;AAC9C,wBAAgB,GAAG,CAAC,OAAO,EAAE,GAAG,CAAC,OAAO,GAAG,GAAG,CAAC,UAAU,CA8BxD;AAED,MAAM,CAAC,OAAO,WAAW,GAAG,CAAC;IAC3B,+BAA+B;IAC/B,KAAK,OAAO,GAAG;QACb,sDAAsD;QACtD,OAAO,EAAE,OAAO,CAAC,OAAO,CAAA;QACxB,mDAAmD;QACnD,aAAa,EAAE,gBAAgB,CAAC,MAAM,CAAA;QACtC,uDAAuD;QACvD,UAAU,CAAC,EAAE,GAAG,CAAC,GAAG,GAAG,SAAS,CAAA;QAChC,qDAAqD;QACrD,OAAO,CAAC,EAAE,OAAO,CAAC,UAAU,CAAC,UAAU,CAAC,OAAO,aAAa,CAAC,aAAa,CAAC,CAAC,GAAG,SAAS,CAAA;QACxF,4BAA4B;QAC5B,KAAK,EAAE,cAAc,CAAA;KACtB,CAAA;IAED,gCAAgC;IAChC,KAAK,UAAU,GAAG,SAAS,CAAA;CAC5B;AAWD,iBAAS,mBAAmB,CAAC,OAAO,EAAE,mBAAmB,CAAC,OAAO,GAAG,IAAI,CAYvE;AAED,OAAO,WAAW,mBAAmB,CAAC;IACpC,KAAK,OAAO,GAAG,GAAG,GAAG;QACnB,mDAAmD;QACnD,aAAa,EAAE,gBAAgB,CAAC,MAAM,CAAA;QACtC,4BAA4B;QAC5B,KAAK,EAAE,cAAc,CAAA;KACtB,CAAA;CACF;AAED,oCAAoC;AACpC,wBAAgB,MAAM,CAAC,OAAO,EAAE,MAAM,CAAC,OAAO,GAAG,IAAI,CAKpD;AAED,MAAM,CAAC,OAAO,WAAW,MAAM,CAAC;IAC9B,kCAAkC;IAClC,KAAK,OAAO,GAAG,GAAG,GAAG;QACnB,4BAA4B;QAC5B,KAAK,EAAE,cAAc,CAAA;KACtB,CAAA;CACF;AAQD,oFAAoF;AACpF,wBAAgB,kBAAkB,CAAC,KAAK,EAAE,OAAO,GAAG,OAAO,CAW1D"}
|
package/dist/core/AccessKey.js
CHANGED
|
@@ -14,16 +14,48 @@ const status = {
|
|
|
14
14
|
expired: 'expired',
|
|
15
15
|
};
|
|
16
16
|
const unavailableErrorNames = new Set(['KeyAlreadyRevoked', 'KeyNotFound']);
|
|
17
|
-
/**
|
|
18
|
-
export
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
17
|
+
/** Creates store-bound access-key operations. */
|
|
18
|
+
export function createManager(options) {
|
|
19
|
+
return {
|
|
20
|
+
add: (parameters) => add({ ...parameters, store: options }),
|
|
21
|
+
authorize: (parameters) => authorize({ ...parameters, store: options }),
|
|
22
|
+
clear: () => clear({ store: options }),
|
|
23
|
+
get: (parameters) => get({ ...parameters, store: options }),
|
|
24
|
+
getStatus: (parameters) => getStatus({ ...parameters, store: options }),
|
|
25
|
+
list: (parameters) => list({ ...parameters, store: options }),
|
|
26
|
+
remove: (parameters) => remove({ ...parameters, store: options }),
|
|
27
|
+
select: (parameters) => select({ ...parameters, store: options }),
|
|
28
|
+
updateAuthorization: (parameters) => updateAuthorization({ ...parameters, store: options }),
|
|
29
|
+
};
|
|
23
30
|
}
|
|
24
31
|
/** Prepares an unsigned key authorization and local key material when needed. */
|
|
25
32
|
export async function prepareAuthorization(options) {
|
|
26
|
-
const { address, chainId, expiry, keyType, limits, publicKey, scopes } = options;
|
|
33
|
+
const { address, chainId, expiry, keyType, limits, privateKey, publicKey, scopes, witness } = options;
|
|
34
|
+
if (privateKey) {
|
|
35
|
+
const type = keyType ?? 'secp256k1';
|
|
36
|
+
const accessKey = (() => {
|
|
37
|
+
switch (type) {
|
|
38
|
+
case 'secp256k1':
|
|
39
|
+
return TempoAccount.fromSecp256k1(privateKey);
|
|
40
|
+
case 'p256':
|
|
41
|
+
return TempoAccount.fromP256(privateKey);
|
|
42
|
+
case 'webAuthn':
|
|
43
|
+
throw new RpcResponse.InvalidParamsError({
|
|
44
|
+
message: '`privateKey` cannot be used with `keyType: "webAuthn"`.',
|
|
45
|
+
});
|
|
46
|
+
}
|
|
47
|
+
})();
|
|
48
|
+
const keyAuthorization = KeyAuthorization.from({
|
|
49
|
+
address: accessKey.address,
|
|
50
|
+
chainId: BigInt(chainId),
|
|
51
|
+
expiry,
|
|
52
|
+
limits,
|
|
53
|
+
scopes,
|
|
54
|
+
type,
|
|
55
|
+
...(witness ? { witness } : {}),
|
|
56
|
+
});
|
|
57
|
+
return { keyAuthorization, privateKey };
|
|
58
|
+
}
|
|
27
59
|
if (address || publicKey) {
|
|
28
60
|
const keyAuthorization = KeyAuthorization.from({
|
|
29
61
|
address: address ?? Address.fromPublicKey(PublicKey.from(publicKey)),
|
|
@@ -32,6 +64,7 @@ export async function prepareAuthorization(options) {
|
|
|
32
64
|
limits,
|
|
33
65
|
scopes,
|
|
34
66
|
type: keyType ?? 'secp256k1',
|
|
67
|
+
...(witness ? { witness } : {}),
|
|
35
68
|
});
|
|
36
69
|
return { keyAuthorization };
|
|
37
70
|
}
|
|
@@ -39,6 +72,10 @@ export async function prepareAuthorization(options) {
|
|
|
39
72
|
throw new RpcResponse.InvalidParamsError({
|
|
40
73
|
message: `\`keyType: "${keyType}"\` requires externally generated key material; provide \`publicKey\` or \`address\`.`,
|
|
41
74
|
});
|
|
75
|
+
if (!globalThis.crypto?.subtle)
|
|
76
|
+
throw new RpcResponse.InvalidParamsError({
|
|
77
|
+
message: 'Generated P256 access keys require WebCrypto support; provide `publicKey` or `address` instead.',
|
|
78
|
+
});
|
|
42
79
|
const keyPair = await WebCryptoP256.createKeyPair();
|
|
43
80
|
const keyAuthorization = KeyAuthorization.from({
|
|
44
81
|
address: Address.fromPublicKey(PublicKey.from(keyPair.publicKey)),
|
|
@@ -47,12 +84,14 @@ export async function prepareAuthorization(options) {
|
|
|
47
84
|
limits,
|
|
48
85
|
scopes,
|
|
49
86
|
type: 'p256',
|
|
87
|
+
...(witness ? { witness } : {}),
|
|
50
88
|
});
|
|
51
89
|
return { keyAuthorization, keyPair };
|
|
52
90
|
}
|
|
53
91
|
/** Prepares, signs, and saves an access key authorization. */
|
|
54
92
|
export async function authorize(options) {
|
|
55
|
-
const { account, chainId, parameters
|
|
93
|
+
const { account, chainId, parameters } = options;
|
|
94
|
+
const { store } = options;
|
|
56
95
|
const prepared = await prepareAuthorization({
|
|
57
96
|
...parameters,
|
|
58
97
|
chainId: parameters.chainId ?? chainId,
|
|
@@ -66,15 +105,39 @@ export async function authorize(options) {
|
|
|
66
105
|
account: account.address,
|
|
67
106
|
authorization: keyAuthorization,
|
|
68
107
|
...(prepared.keyPair ? { keyPair: prepared.keyPair } : {}),
|
|
108
|
+
...(prepared.privateKey ? { privateKey: prepared.privateKey } : {}),
|
|
69
109
|
store,
|
|
70
110
|
});
|
|
71
111
|
return KeyAuthorization.toRpc(keyAuthorization);
|
|
72
112
|
}
|
|
113
|
+
/** Returns whether a local access key satisfies reusable authorization parameters. */
|
|
114
|
+
export async function hasReusableAuthorization(options) {
|
|
115
|
+
const { account, calls, chainId, parameters, store } = options;
|
|
116
|
+
const now = options.now ?? Date.now() / 1000;
|
|
117
|
+
const records = list({ account, chainId, store });
|
|
118
|
+
for (const record of records) {
|
|
119
|
+
if (isExpired(record.expiry, now))
|
|
120
|
+
continue;
|
|
121
|
+
if (!authorizationMatches(record, parameters))
|
|
122
|
+
continue;
|
|
123
|
+
if (calls && !recordScopesMatch(record, { calls }))
|
|
124
|
+
continue;
|
|
125
|
+
if (!(await hydrate(record, store)))
|
|
126
|
+
continue;
|
|
127
|
+
return true;
|
|
128
|
+
}
|
|
129
|
+
return false;
|
|
130
|
+
}
|
|
131
|
+
/** Returns whether an authorization request could sign the provided calls. */
|
|
132
|
+
export function canAuthorizeCalls(options) {
|
|
133
|
+
return scopesMatch(options.parameters.scopes, { calls: options.calls });
|
|
134
|
+
}
|
|
73
135
|
/** Returns publication status for a stored or on-chain access key. */
|
|
74
136
|
export async function getStatus(options) {
|
|
75
|
-
const { accessKey, account, calls, chainId, client
|
|
137
|
+
const { accessKey, account, calls, chainId, client } = options;
|
|
138
|
+
const { store } = options;
|
|
76
139
|
const now = options.now ?? Date.now() / 1000;
|
|
77
|
-
const local = list({ account, accessKey, chainId, store }).find((key) =>
|
|
140
|
+
const local = list({ account, accessKey, chainId, store }).find((key) => recordScopesMatch(key, { calls }));
|
|
78
141
|
if (local) {
|
|
79
142
|
if (isExpired(local.expiry, now))
|
|
80
143
|
return status.expired;
|
|
@@ -105,18 +168,42 @@ export async function select(options) {
|
|
|
105
168
|
const now = options.now ?? Date.now() / 1000;
|
|
106
169
|
const records = list({ account, chainId, store });
|
|
107
170
|
for (const record of records) {
|
|
108
|
-
if (!
|
|
171
|
+
if (!recordScopesMatch(record, { calls }))
|
|
109
172
|
continue;
|
|
110
173
|
if (isExpired(record.expiry, now)) {
|
|
111
|
-
remove({
|
|
174
|
+
await remove({
|
|
175
|
+
accessKey: record.address,
|
|
176
|
+
account: record.access,
|
|
177
|
+
chainId: record.chainId,
|
|
178
|
+
store,
|
|
179
|
+
});
|
|
112
180
|
continue;
|
|
113
181
|
}
|
|
114
|
-
const account_accessKey = hydrate(record, store);
|
|
182
|
+
const account_accessKey = await hydrate(record, store);
|
|
115
183
|
if (!account_accessKey)
|
|
116
184
|
continue;
|
|
117
185
|
return account_accessKey;
|
|
118
186
|
}
|
|
119
187
|
}
|
|
188
|
+
/** Returns a locally-signable access key account by exact address. */
|
|
189
|
+
export async function get(options) {
|
|
190
|
+
const { accessKey, account, chainId } = options;
|
|
191
|
+
const { store } = options;
|
|
192
|
+
const now = options.now ?? Date.now() / 1000;
|
|
193
|
+
const record = list({ account, accessKey, chainId, store })[0];
|
|
194
|
+
if (!record)
|
|
195
|
+
return undefined;
|
|
196
|
+
if (isExpired(record.expiry, now)) {
|
|
197
|
+
await remove({
|
|
198
|
+
accessKey: record.address,
|
|
199
|
+
account: record.access,
|
|
200
|
+
chainId: record.chainId,
|
|
201
|
+
store,
|
|
202
|
+
});
|
|
203
|
+
return undefined;
|
|
204
|
+
}
|
|
205
|
+
return await hydrate(record, store);
|
|
206
|
+
}
|
|
120
207
|
function createKeyAuthorizationManager(store) {
|
|
121
208
|
return TempoKeyAuthorizationManager.from({
|
|
122
209
|
source: {
|
|
@@ -137,11 +224,11 @@ function createKeyAuthorizationManager(store) {
|
|
|
137
224
|
});
|
|
138
225
|
},
|
|
139
226
|
set(key, keyAuthorization) {
|
|
140
|
-
|
|
227
|
+
updateAuthorization({
|
|
141
228
|
account: key.address,
|
|
142
229
|
accessKey: key.accessKey,
|
|
230
|
+
authorization: keyAuthorization,
|
|
143
231
|
chainId: key.chainId,
|
|
144
|
-
patch: { keyAuthorization },
|
|
145
232
|
store,
|
|
146
233
|
});
|
|
147
234
|
},
|
|
@@ -150,7 +237,8 @@ function createKeyAuthorizationManager(store) {
|
|
|
150
237
|
}
|
|
151
238
|
/** Adds a signed access key authorization. */
|
|
152
239
|
export function add(options) {
|
|
153
|
-
const { account, authorization, keyPair, privateKey
|
|
240
|
+
const { account, authorization, keyPair, privateKey } = options;
|
|
241
|
+
const { store } = options;
|
|
154
242
|
const base = {
|
|
155
243
|
address: authorization.address,
|
|
156
244
|
access: account,
|
|
@@ -162,7 +250,7 @@ export function add(options) {
|
|
|
162
250
|
scopes: authorization.scopes,
|
|
163
251
|
};
|
|
164
252
|
const record = (privateKey ? { ...base, privateKey } : keyPair ? { ...base, keyPair } : base);
|
|
165
|
-
store.setState((state) => ({
|
|
253
|
+
store.state.setState((state) => ({
|
|
166
254
|
accessKeys: [
|
|
167
255
|
record,
|
|
168
256
|
...state.accessKeys.filter((entry) => !matches(entry, {
|
|
@@ -182,13 +270,31 @@ function clearAuthorization(options) {
|
|
|
182
270
|
store,
|
|
183
271
|
});
|
|
184
272
|
}
|
|
273
|
+
function updateAuthorization(options) {
|
|
274
|
+
const { authorization, store, ...key } = options;
|
|
275
|
+
patch({
|
|
276
|
+
...key,
|
|
277
|
+
patch: {
|
|
278
|
+
expiry: authorization.expiry ?? undefined,
|
|
279
|
+
keyAuthorization: authorization,
|
|
280
|
+
limits: authorization.limits,
|
|
281
|
+
scopes: authorization.scopes,
|
|
282
|
+
},
|
|
283
|
+
store,
|
|
284
|
+
});
|
|
285
|
+
}
|
|
185
286
|
/** Removes an access key record. */
|
|
186
287
|
export function remove(options) {
|
|
187
288
|
const { store, ...key } = options;
|
|
188
|
-
store.setState((state) => ({
|
|
289
|
+
store.state.setState((state) => ({
|
|
189
290
|
accessKeys: state.accessKeys.filter((record) => !matches(record, key)),
|
|
190
291
|
}));
|
|
191
292
|
}
|
|
293
|
+
/** Clears all access-key records. */
|
|
294
|
+
function clear(options) {
|
|
295
|
+
const { store } = options;
|
|
296
|
+
store.state.setState({ accessKeys: [] });
|
|
297
|
+
}
|
|
192
298
|
/** Returns whether an error means an access key is already unavailable on-chain. */
|
|
193
299
|
export function isUnavailableError(error) {
|
|
194
300
|
if (error instanceof BaseError) {
|
|
@@ -203,8 +309,10 @@ export function isUnavailableError(error) {
|
|
|
203
309
|
return false;
|
|
204
310
|
return unavailableErrorNames.has(ExecutionError.parse(error).errorName);
|
|
205
311
|
}
|
|
206
|
-
function
|
|
207
|
-
|
|
312
|
+
function recordScopesMatch(key, options) {
|
|
313
|
+
return scopesMatch(key.scopes, options);
|
|
314
|
+
}
|
|
315
|
+
function scopesMatch(scopes, options) {
|
|
208
316
|
if (typeof scopes === 'undefined')
|
|
209
317
|
return true;
|
|
210
318
|
if (!Array.isArray(scopes))
|
|
@@ -224,16 +332,7 @@ function scopesMatch(key, options) {
|
|
|
224
332
|
const selector = scope.selector;
|
|
225
333
|
if (!selector)
|
|
226
334
|
return scope.recipients ? scope.recipients.length === 0 : true;
|
|
227
|
-
const scopeSelector = (
|
|
228
|
-
try {
|
|
229
|
-
return (selector.startsWith('0x') && selector.length === 10
|
|
230
|
-
? selector
|
|
231
|
-
: AbiFunction.getSelector(selector)).toLowerCase();
|
|
232
|
-
}
|
|
233
|
-
catch {
|
|
234
|
-
return undefined;
|
|
235
|
-
}
|
|
236
|
-
})();
|
|
335
|
+
const scopeSelector = normalizeSelector(selector);
|
|
237
336
|
if (!scopeSelector || callSelector !== scopeSelector)
|
|
238
337
|
return false;
|
|
239
338
|
if (!scope.recipients || scope.recipients.length === 0)
|
|
@@ -247,6 +346,66 @@ function scopesMatch(key, options) {
|
|
|
247
346
|
});
|
|
248
347
|
});
|
|
249
348
|
}
|
|
349
|
+
function authorizationMatches(key, parameters) {
|
|
350
|
+
if (!scopesCover(key.scopes, parameters.scopes))
|
|
351
|
+
return false;
|
|
352
|
+
if (typeof parameters.reuse?.minExpiry === 'number' &&
|
|
353
|
+
key.expiry &&
|
|
354
|
+
key.expiry < parameters.reuse.minExpiry)
|
|
355
|
+
return false;
|
|
356
|
+
if (!limitsCover(key.limits, parameters.reuse?.minLimits))
|
|
357
|
+
return false;
|
|
358
|
+
return true;
|
|
359
|
+
}
|
|
360
|
+
function scopesCover(existing, requested) {
|
|
361
|
+
if (!requested)
|
|
362
|
+
return true;
|
|
363
|
+
if (!existing)
|
|
364
|
+
return true;
|
|
365
|
+
return requested.every((scope) => existing.some((candidate) => scopeCovers(candidate, scope)));
|
|
366
|
+
}
|
|
367
|
+
function scopeCovers(existing, requested) {
|
|
368
|
+
if (!isScope(existing) || !isScope(requested))
|
|
369
|
+
return false;
|
|
370
|
+
if (existing.address.toLowerCase() !== requested.address.toLowerCase())
|
|
371
|
+
return false;
|
|
372
|
+
if (!selectorCovers(existing.selector, requested.selector))
|
|
373
|
+
return false;
|
|
374
|
+
return recipientsCover(existing.recipients, requested.recipients);
|
|
375
|
+
}
|
|
376
|
+
function selectorCovers(existing, requested) {
|
|
377
|
+
if (!existing)
|
|
378
|
+
return true;
|
|
379
|
+
if (!requested)
|
|
380
|
+
return false;
|
|
381
|
+
const selector_existing = normalizeSelector(existing);
|
|
382
|
+
const selector_requested = normalizeSelector(requested);
|
|
383
|
+
return !!selector_existing && selector_existing === selector_requested;
|
|
384
|
+
}
|
|
385
|
+
function normalizeSelector(value) {
|
|
386
|
+
try {
|
|
387
|
+
return (value.startsWith('0x') && value.length === 10 ? value : AbiFunction.getSelector(value)).toLowerCase();
|
|
388
|
+
}
|
|
389
|
+
catch {
|
|
390
|
+
return undefined;
|
|
391
|
+
}
|
|
392
|
+
}
|
|
393
|
+
function recipientsCover(existing, requested) {
|
|
394
|
+
if (!existing || existing.length === 0)
|
|
395
|
+
return true;
|
|
396
|
+
if (!requested || requested.length === 0)
|
|
397
|
+
return false;
|
|
398
|
+
return requested.every((address) => existing.some((candidate) => candidate.toLowerCase() === address.toLowerCase()));
|
|
399
|
+
}
|
|
400
|
+
function limitsCover(existing, requested) {
|
|
401
|
+
if (!requested)
|
|
402
|
+
return true;
|
|
403
|
+
if (!existing)
|
|
404
|
+
return true;
|
|
405
|
+
return requested.every((limit) => existing.some((candidate) => candidate.token.toLowerCase() === limit.token.toLowerCase() &&
|
|
406
|
+
Number(candidate.period ?? 0) === Number(limit.period ?? 0) &&
|
|
407
|
+
BigInt(candidate.limit) >= BigInt(limit.limit)));
|
|
408
|
+
}
|
|
250
409
|
function isScope(scope) {
|
|
251
410
|
if (!scope || typeof scope !== 'object')
|
|
252
411
|
return false;
|
|
@@ -265,7 +424,7 @@ function isScope(scope) {
|
|
|
265
424
|
}
|
|
266
425
|
return true;
|
|
267
426
|
}
|
|
268
|
-
function hydrate(accessKey, store) {
|
|
427
|
+
async function hydrate(accessKey, store) {
|
|
269
428
|
const keyAuthorizationManager = createKeyAuthorizationManager(store);
|
|
270
429
|
if ('keyPair' in accessKey && accessKey.keyPair)
|
|
271
430
|
return TempoAccount.fromWebCryptoP256(accessKey.keyPair, {
|
|
@@ -314,11 +473,11 @@ async function getPublishedStatus(client, options) {
|
|
|
314
473
|
}
|
|
315
474
|
function list(options) {
|
|
316
475
|
const { store, ...query } = options;
|
|
317
|
-
return store.getState().accessKeys.filter((key) => matches(key, query));
|
|
476
|
+
return store.state.getState().accessKeys.filter((key) => matches(key, query));
|
|
318
477
|
}
|
|
319
478
|
function patch(options) {
|
|
320
479
|
const { patch, store, ...key } = options;
|
|
321
|
-
store.setState((state) => ({
|
|
480
|
+
store.state.setState((state) => ({
|
|
322
481
|
accessKeys: state.accessKeys.map((record) => {
|
|
323
482
|
if (!matches(record, key))
|
|
324
483
|
return record;
|