bsv-bap 0.1.24 → 0.2.0-alpha.0

package/dist/AccountID.d.ts

@@ -0,0 +1,15 @@
+import { PrivateKey } from "@bsv/sdk";
+import { BaseClass } from "./BaseClass";
+export declare class AccountID extends BaseClass {
+    private key;
+    constructor(key: PrivateKey);
+    getBapId(): string;
+    getRootAddress(): string;
+    getRootPublicKey(): string;
+    signMessage(message: number[]): {
+        address: string;
+        signature: string;
+    };
+    getInitialIdTransaction(firstSigningAddress: string): number[][];
+    getRevocationTransaction(): number[][];
+}

package/dist/BaseClass.d.ts

@@ -1,130 +1,15 @@
-import { PublicKey } from "@bsv/sdk";
 import type { PrivateKey } from "@bsv/sdk";
-import type { IdentityAttribute, IdentityAttributes } from "./interface";
 declare abstract class BaseClass {
-    protected identityAttributes: IdentityAttributes;
-    /**
-     * Abstract method that must be implemented by derived classes to sign messages
-     * @param message - The message to sign
-     * @param signingPath - Optional signing path for HD wallets
-     * @returns Object containing address and signature
-     */
-    abstract signMessage(message: number[], signingPath?: string): {
+    abstract signMessage(message: number[]): {
         address: string;
         signature: string;
     };
-    /**
-     * Abstract method that must be implemented by derived classes to get encryption key
-     */
-    abstract getEncryptionKey(): {
-        privKey: PrivateKey;
-        pubKey: PublicKey;
-    };
-    /**
-     * Low-level BSM signing helper - signs a message with the given private key
-     * This consolidates the BSM signing logic used across all signing methods
-     * @param message - The message to sign as number array
-     * @param signingKey - The private key to sign with
-     * @returns Object containing address and base64 signature
-     */
     protected signWithBSM(message: number[], signingKey: PrivateKey): {
         address: string;
         signature: string;
     };
-    /**
-     * Encrypt the given string data with the identity encryption key
-     * @param stringData
-     * @param counterPartyPublicKey Optional public key of the counterparty
-     * @return string Base64
-     */
-    encrypt(stringData: string, counterPartyPublicKey?: string): string;
-    /**
-     * Decrypt the given ciphertext with the identity encryption key
-     * @param ciphertext
-     * @param counterPartyPublicKey Optional public key of the counterparty
-     */
-    decrypt(ciphertext: string, counterPartyPublicKey?: string): string;
-    /**
-     * Sign an op_return hex array with AIP
-     * Each implementation must handle its own signing path logic
-     * @param opReturn {array}
-     * @param signingPath {string}
-     * @return {number[]}
-     */
-    signOpReturnWithAIP(opReturn: number[][], signingPath?: string): number[][];
-    /**
-     * Returns all the attributes in the identity
-     * @returns {IdentityAttributes}
-     */
-    getAttributes(): IdentityAttributes;
-    /**
-     * Get the value of the given attribute
-     * @param attributeName
-     * @returns {IdentityAttribute | null}
-     */
-    getAttribute(attributeName: string): IdentityAttribute | null;
-    /**
-     * Set the value of the given attribute
-     * If an empty value ('' || null || false) is given, the attribute is removed from the ID
-     * @param attributeName string
-     * @param attributeValue any
-     */
-    setAttribute(attributeName: string, attributeValue: string | Record<string, string>): void;
-    /**
-     * Unset the given attribute from the ID
-     * @param attributeName
-     */
-    unsetAttribute(attributeName: string): void;
-    /**
-     * Add an attribute to this identity
-     * @param attributeName
-     * @param value
-     * @param nonce
-     */
-    addAttribute(attributeName: string, value: string, nonce?: string): void;
-    /**
-     * Get all attribute URNs for this ID
-     * @returns {string}
-     */
-    getAttributeUrns(): string;
-    /**
-     * Create and return the attribute URN for the given attribute
-     * @param attributeName
-     * @returns {string|null}
-     */
-    getAttributeUrn(attributeName: string): string | null;
-    /**
-     * Parse a text of URN string into identity attributes
-     * @param urnIdentityAttributes
-     */
-    protected parseStringUrns(urnIdentityAttributes: string): IdentityAttributes;
-    /**
-     * Helper function to parse identity attributes
-     * @param identityAttributes
-     * @returns {IdentityAttributes}
-     */
-    protected parseAttributes(identityAttributes: IdentityAttributes | string): IdentityAttributes;
-    /**
-     * Helper method to update an existing attribute
-     */
-    protected updateExistingAttribute(attributeName: string, attributeValue: string | Record<string, string>): void;
-    /**
-     * Helper method to create a new attribute
-     */
-    protected createNewAttribute(attributeName: string, attributeValue: string | Record<string, string>): void;
-    /**
-     * Construct an AIP buffer from the op return data
-     * @param opReturn
-     * @returns {number[]} Array of numbers representing the buffer
-     */
+    signOpReturnWithAIP(opReturn: number[][]): number[][];
     protected getAIPMessageBuffer(opReturn: number[][], indicies?: number[]): number[][];
-    /**
-     * Helper method to format AIP output
-     * @param opReturn Original OP_RETURN data
-     * @param address Signing address
-     * @param signature Base64 signature
-     * @returns Formatted AIP output as number[]
-     */
     protected formatAIPOutput(opReturnBuffers: number[][], address: string, signature: string): number[][];
 }
 export { BaseClass };

package/dist/MasterID.d.ts

@@ -1,297 +1,27 @@
-import { PublicKey, type PrivateKey, HD } from "@bsv/sdk";
-import { type APIFetcher } from "./api";
-import type { GetAttestationResponse, GetSigningKeysResponse } from "./apiTypes";
-import type { Identity, IdentityAttributes, OldIdentity, MemberIdentity } from "./interface";
-import { MemberID } from "./MemberID";
-import { BaseClass } from "./BaseClass";
+import { type PrivateKey, HD } from "@bsv/sdk";
+import type { Identity, OldIdentity } from "./interface";
 interface Type42KeySource {
     rootPk: PrivateKey;
 }
-/**
- * MasterID class
- *
- * This class should be used in conjunction with the BAP class
- * Supports both BIP32 (HD) and Type 42 key derivation
- *
- * @type {MasterID}
- */
-declare class MasterID extends BaseClass {
+declare class MasterID {
     #private;
-    idName: string;
-    description: string;
     rootAddress: string;
-    identityKey: string;
-    identityAttributes: IdentityAttributes;
-    getApiData: APIFetcher;
-    constructor(keySource: HD | Type42KeySource, identityAttributes?: IdentityAttributes, idSeed?: string);
-    set BAP_SERVER(bapServer: string);
-    get BAP_SERVER(): string;
-    set BAP_TOKEN(token: string);
-    get BAP_TOKEN(): string;
-    deriveIdentityKey(address: string): string;
+    bapId: string;
+    constructor(keySource: HD | Type42KeySource, idSeed?: string);
     /**
-     * Helper function to parse identity attributes
-     *
-     * @param identityAttributes
-     * @returns {{}}
-     */
-    parseAttributes(identityAttributes: IdentityAttributes | string): IdentityAttributes;
-    /**
-     * Parse a text of urn string into identity attributes
-     *
-     * urn:bap:id:name:John Doe:e2c6fb4063cc04af58935737eaffc938011dff546d47b7fbb18ed346f8c4d4fa
-     * urn:bap:id:birthday:1990-05-22:e61f23cbbb2284842d77965e2b0e32f0ca890b1894ca4ce652831347ee3596d9
-     * urn:bap:id:over18:1:480ca17ccaacd671b28dc811332525f2f2cd594d8e8e7825de515ce5d52d30e8
-     *
-     * @param urnIdentityAttributes
-     */
-    parseStringUrns(urnIdentityAttributes: string): IdentityAttributes;
-    /**
-     * Returns the identity key
-     *
-     * @returns {*|string}
-     */
-    getIdentityKey(): string;
-    /**
-     * This should be called with the last part of the signing path (/.../.../...)
-     * This library assumes the first part is m/424150'/0'/0' as defined at the top of this file
-     *
-     * @param path The second path of the signing path in the format [0-9]{0,9}/[0-9]{0,9}/[0-9]{0,9}
+     * Get the account key (root key) for this identity.
+     * This is the cold key used for BAP ID creation and revocation.
      */
+    getAccountKey(): PrivateKey;
+    private getPathDerivedKey;
     set rootPath(path: string);
     get rootPath(): string;
-    getRootPath(): string;
-    /**
-     * This should be called with the last part of the signing path (/.../.../...)
-     * This library assumes the first part is m/424150'/0'/0' as defined at the top of this file
-     *
-     * @param path The second path of the signing path in the format [0-9]{0,9}/[0-9]{0,9}/[0-9]{0,9}
-     */
     set currentPath(path: string);
     get currentPath(): string;
     get previousPath(): string;
-    /**
-     * This can be used to break the deterministic way child keys are created to make it harder for
-     * an attacker to steal the identites when the root key is compromised. This does however require
-     * the seeds to be stored at all times. If the seed is lost, the identity will not be recoverable.
-     */
     get idSeed(): string;
-    /**
-     * Increment current path to a new path
-     *
-     * @returns {*}
-     */
-    incrementPath(): void;
-    /**
-     * Check whether the given path is a valid path for use with this class
-     * The signing paths used here always have a length of 3
-     *
-     * @param path The last part of the signing path (example "/0/0/1")
-     * @returns {boolean}
-     */
     validatePath(path: string): boolean;
-    /**
-     * Get the OP_RETURN for the initial ID transaction (signed with root address)
-     *
-     * @returns {[]}
-     */
-    getInitialIdTransaction(): number[][];
-    /**
-     * Get the OP_RETURN for the ID transaction of the current address / path
-     *
-     * @returns {[]}
-     */
-    getIdTransaction(previousPath?: string): number[][];
-    /**
-     * Get the path-derived private key before identity signing derivation.
-     *
-     * At rootPath this is the stable member key that defines the BAP ID.
-     * At currentPath this is the active wallet root used for signing/wallet operations.
-     */
-    private getPathDerivedKey;
-    /**
-     * Get the identity signing key for a given path
-     * This is derived from the path key using the BAP protocol pattern
-     */
-    private getIdentitySigningKeyForPath;
-    /**
-     * Get the stable member key's public key for this identity.
-     * This always resolves from rootPath and must not follow currentPath rotations.
-     */
-    getMemberKey(): string;
-    /**
-     * Get the active wallet root private key for the given path.
-     * Defaults to currentPath, which follows key rotation.
-     */
-    getWalletRoot(path?: string): PrivateKey;
-    /**
-     * Get the active wallet root public key for the given path.
-     * Defaults to currentPath, which follows key rotation.
-     */
-    getWalletPubkey(path?: string): string;
-    /**
-     * Get the legacy (pre-signing-key-derivation) address for a path
-     * This is the address without the extra "1-sigma-identity" derivation
-     */
-    getLegacyAddress(path?: string): string;
-    /**
-     * Check if the on-chain signing address uses legacy derivation
-     * @param registeredAddress The address registered on-chain (optional, defaults to rootAddress)
-     * @returns true if the registered address matches legacy derivation
-     */
-    needsRotation(registeredAddress?: string): boolean;
-    /**
-     * Get OP_RETURN for migrating from legacy to new signing address derivation
-     * Signs with the LEGACY key to prove ownership of the old address
-     * Caller handles funding and broadcast
-     * @returns OP_RETURN data as number[][]
-     */
-    getLegacyRotationTransaction(): number[][];
-    /**
-     * Get address for given path
-     * Returns the identity signing address (derived from member key)
-     *
-     * @param path
-     * @returns {*}
-     */
-    getAddress(path: string): string;
-    /**
-     * Get current signing address
-     *
-     * @returns {*}
-     */
-    getCurrentAddress(): string;
-    /**
-     * Get the encryption key pair for this identity
-     */
-    getEncryptionKey(): {
-        privKey: PrivateKey;
-        pubKey: PublicKey;
-    };
-    /**
-     * Get the encryption key using type 42 (different key / incompatible with above)
-     * @deprecated Use getEncryptionKey() which now handles both BIP32 and Type 42
-     */
-    getEncryptionKeyType42(): {
-        privKey: PrivateKey;
-        pubKey: PublicKey;
-    };
-    /**
-     * Get the public key for encrypting data for this identity
-     */
-    getEncryptionPublicKey(): string;
-    /**
-     * Get the public key for encrypting data for this identity, using a seed for the encryption
-     */
-    getEncryptionPublicKeyWithSeed(seed: string): string;
-    /**
-     * Encrypt the given string data with the identity encryption key
-     * @param stringData
-     * @param counterPartyPublicKey Optional public key of the counterparty
-     * @return string Base64
-     */
-    encrypt(stringData: string, counterPartyPublicKey?: string): string;
-    /**
-     * Decrypt the given ciphertext with the identity encryption key
-     * @param ciphertext
-     */
-    decrypt(ciphertext: string, counterPartyPublicKey?: string): string;
-    /**
-     * Encrypt the given string data with the identity encryption key
-     * @param stringData
-     * @param seed String seed
-     * @param counterPartyPublicKey Optional public key of the counterparty
-     * @return string Base64
-     */
-    encryptWithSeed(stringData: string, seed: string, counterPartyPublicKey?: string): string;
-    /**
-     * Decrypt the given ciphertext with the identity encryption key
-     * @param ciphertext
-     * @param seed String seed
-    //  * @param counterPartyPublicKey Public key of the counterparty
-     */
-    decryptWithSeed(ciphertext: string, seed: string, counterPartyPublicKey?: string): string;
-    private getEncryptionPrivateKeyWithSeed;
-    /**
-     * Get an attestation string for the given urn for this identity
-     *
-     * @param urn
-     * @returns {string}
-     */
-    getAttestation(urn: string): string;
-    /**
-     * Generate and return the attestation hash for the given attribute of this identity
-     *
-     * @param attribute Attribute name (name, email etc.)
-     * @returns {string}
-     */
-    getAttestationHash(attribute: string): string | null;
-    /**
-     * Sign a message with the current signing address of this identity
-     * Uses the derived identity signing key
-     *
-     * @param message
-     * @param signingPath
-     * @returns {{address: string, signature: string}}
-     */
-    signMessage(message: number[], signingPath?: string): {
-        address: string;
-        signature: string;
-    };
-    /**
-     * Sign a message using a key based on the given string seed
-     *
-     * This works by creating a private key from the root key of this identity. It will always
-     * work with the rootPath / rootKey, to be deterministic. It will not change even if the keys
-     * are rotated for this ID.
-     *
-     * This is used in for instance deterministic login systems, that do not support BAP.
-     * The signing address is derived from the seed-derived key.
-     *
-     * @param message
-     * @param seed {string} String seed that will be used to generate a path
-     */
-    signMessageWithSeed(message: string, seed: string): {
-        address: string;
-        signature: string;
-    };
-    /**
-     * Sign an op_return hex array with AIP
-     * @param opReturn {array}
-     * @param signingPath {string}
-     * @return {number[]}
-     */
-    signOpReturnWithAIP(opReturn: number[][], signingPath?: string): number[][];
-    /**
-     * Get all signing keys for this identity
-     */
-    getIdSigningKeys(): Promise<GetSigningKeysResponse>;
-    /**
-     * Get all attestations for the given attribute
-     *
-     * @param attribute
-     */
-    getAttributeAttestations(attribute: string): Promise<GetAttestationResponse>;
-    /**
-     * Import an identity from a JSON object
-     *
-     * @param identity{{}}
-     */
     import(identity: Identity | OldIdentity): void;
-    /**
-     * Export this identity to a JSON object
-     * @returns {{}}
-     */
     export(): Identity;
-    exportMemberBackup(): MemberIdentity;
-    newId(): MemberID;
-    /**
-     * Export member data in bitcoin-backup compatible format
-     * @returns Object with wif and encrypted member data
-     */
-    exportMember(): {
-        wif: string;
-        encryptedData: string;
-    };
 }
 export { MasterID };

package/dist/constants.d.ts

@@ -6,8 +6,3 @@ export declare const BAP_SERVER = "https://api.sigmaidentity.com/v1";
 export declare const MAX_INT: number;
 export declare const SIGNING_PATH_PREFIX = "m/424150'/0'/0'";
 export declare const ENCRYPTION_PATH = "m/424150'/2147483647'/2147483647'";
-export declare const BAP_PROTOCOL_ID: [1, string];
-export declare const BAP_KEY_ID = "identity";
-export declare const BAP_INVOICE_NUMBER = "1-sigma-identity";
-export declare const FRIEND_SECURITY_LEVEL = 2;
-export declare const FRIEND_PROTOCOL = "friend";