npm - emblem-vault-ai-signers - Versions diffs - 0.1.7 → 0.1.8-experimental.0 - Mend

emblem-vault-ai-signers 0.1.7 → 0.1.8-experimental.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/dist/http.d.ts CHANGED Viewed

@@ -1,3 +1,3 @@
 import type { EmblemRemoteConfig } from "./types.js";
-export declare function emblemPost<T = any>(path: string, body: any, { apiKey, baseUrl }: EmblemRemoteConfig): Promise<T>;
-export declare function emblemGet<T = any>(path: string, { apiKey, baseUrl }: EmblemRemoteConfig): Promise<T>;
+export declare function emblemPost<T = any>(path: string, body: any, config: EmblemRemoteConfig): Promise<T>;
+export declare function emblemGet<T = any>(path: string, config: EmblemRemoteConfig): Promise<T>;

package/dist/http.js CHANGED Viewed

@@ -19,12 +19,30 @@ function sanitizeErrorMessage(status, text) {
     }
     return errorMessage;
 }
-export async function emblemPost(path, body, { apiKey, baseUrl = "https://api.emblemvault.ai" }) {
+async function resolveAuthHeaders(config) {
+    // Priority: custom headers -> apiKey -> jwt/getJwt/sdk
+    if (typeof config.getAuthHeaders === 'function') {
+        const h = await config.getAuthHeaders();
+        if (h && typeof h === 'object')
+            return h;
+    }
+    if (config.apiKey) {
+        return { 'x-api-key': config.apiKey };
+    }
+    const tok = config.jwt ?? (typeof config.getJwt === 'function' ? await config.getJwt() : undefined) ?? (config.sdk?.getSession()?.authToken ?? undefined);
+    if (tok) {
+        return { 'Authorization': `Bearer ${tok}` };
+    }
+    throw new Error('No authentication available: provide apiKey, jwt, getJwt(), getAuthHeaders(), or sdk');
+}
+export async function emblemPost(path, body, config) {
+    const baseUrl = config.baseUrl ?? "https://api.emblemvault.ai";
+    const authHeaders = await resolveAuthHeaders(config);
     const res = await fetch(`${baseUrl}${path}`, {
         method: "POST",
         headers: {
             "content-type": "application/json",
-            "x-api-key": apiKey,
+            ...authHeaders,
         },
         body: JSON.stringify(body, (key, value) => typeof value === "bigint" ? value.toString() : value),
     });
@@ -34,12 +52,12 @@ export async function emblemPost(path, body, { apiKey, baseUrl = "https://api.em
     }
     return res.json();
 }
-export async function emblemGet(path, { apiKey, baseUrl = "https://api.emblemvault.ai" }) {
+export async function emblemGet(path, config) {
+    const baseUrl = config.baseUrl ?? "https://api.emblemvault.ai";
+    const authHeaders = await resolveAuthHeaders(config);
     const res = await fetch(`${baseUrl}${path}`, {
         method: "GET",
-        headers: {
-            "x-api-key": apiKey,
-        },
+        headers: authHeaders,
     });
     if (!res.ok) {
         const text = await res.text().catch(() => "");

package/dist/types.d.ts CHANGED Viewed

@@ -1,8 +1,23 @@
 export type Hex = `0x${string}`;
+/** Optional auth providers */
+export type EmblemAuthProvider = {
+    /** Static JWT to send as Authorization: Bearer */
+    jwt?: string;
+    /** Lazy JWT provider */
+    getJwt?: () => Promise<string | null | undefined> | string | null | undefined;
+    /** Custom headers provider (e.g., Authorization) */
+    getAuthHeaders?: () => Promise<Record<string, string>> | Record<string, string>;
+    /** SDK-like object exposing getSession() that returns { authToken? } */
+    sdk?: {
+        getSession: () => {
+            authToken?: string | null | undefined;
+        } | null | undefined;
+    };
+};
 /** Config for Emblem remote signer */
-export type EmblemRemoteConfig = {
-    /** x-api-key for your authenticate middleware */
-    apiKey: string;
+export type EmblemRemoteConfig = EmblemAuthProvider & {
+    /** x-api-key for your authenticate middleware (optional when JWT provided) */
+    apiKey?: string;
     /** Base URL for the Emblem signer API */
     baseUrl?: string;
 };

package/dist/validation.d.ts CHANGED Viewed

@@ -13,7 +13,7 @@ export declare function isNodeEnvironment(): boolean;
 /**
  * Validate API key format and warn about potential security issues
  */
-export declare function validateApiKey(apiKey: string, options?: {
+export declare function validateApiKey(apiKey?: string, options?: {
     warnOnBrowser?: boolean;
 }): void;
 /**

package/dist/validation.js CHANGED Viewed

@@ -19,24 +19,20 @@ export function isNodeEnvironment() {
  * Validate API key format and warn about potential security issues
  */
 export function validateApiKey(apiKey, options = {}) {
-    if (!apiKey || typeof apiKey !== 'string') {
-        throw new Error('apiKey is required and must be a string');
+    if (apiKey == null)
+        return; // optional
+    if (typeof apiKey !== 'string') {
+        throw new Error('apiKey must be a string when provided');
     }
     if (apiKey.trim() === '') {
         throw new Error('apiKey cannot be empty or whitespace');
     }
-    // Warn if API key looks like it might be exposed in client-side code
     if (options.warnOnBrowser !== false && isBrowserEnvironment()) {
-        console.warn('[Emblem Security Warning] API key is being used in a browser environment. ' +
-            'API keys should only be used server-side (Node.js). ' +
-            'Client-side usage exposes your API key to anyone who can view the page source. ' +
-            'To suppress this warning, pass { warnOnBrowser: false } to createEmblemClient().');
+        console.warn('[Emblem Security Warning] API key is being used in a browser environment. '
+            + 'Prefer JWT or a secure server-side usage. '
+            + 'To suppress this warning, pass { warnOnBrowser: false } to createEmblemClient().');
     }
-    // Check for common mistakes
-    if (apiKey.startsWith('pk_') || apiKey.startsWith('sk_')) {
-        // Looks like a typical API key format - good
-    }
-    else if (apiKey.length < 16) {
+    if (!apiKey.startsWith('pk_') && !apiKey.startsWith('sk_') && apiKey.length < 16) {
         console.warn('[Emblem Security Warning] API key seems unusually short. Is this correct?');
     }
 }
@@ -93,7 +89,16 @@ export function toSafeNumber(value, fieldName) {
  * Comprehensive configuration validation
  */
 export function validateConfig(config) {
-    // Validate API key
+    // Validate auth: require at least one method (apiKey, jwt, getJwt, getAuthHeaders, sdk)
+    const hasApiKey = !!config.apiKey;
+    const hasJwt = !!config.jwt;
+    const hasGetJwt = typeof config.getJwt === 'function';
+    const hasHeaders = typeof config.getAuthHeaders === 'function';
+    const hasSdk = !!config.sdk && typeof config.sdk.getSession === 'function';
+    if (!hasApiKey && !hasJwt && !hasGetJwt && !hasHeaders && !hasSdk) {
+        throw new Error('Authentication required: provide apiKey, jwt, getJwt(), getAuthHeaders(), or sdk');
+    }
+    // Validate API key if present
     validateApiKey(config.apiKey, { warnOnBrowser: config.warnOnBrowser });
     // Validate baseUrl if provided
     if (config.baseUrl) {
@@ -104,7 +109,7 @@ export function validateConfig(config) {
         console.log('[Emblem Security Debug]', {
             environment: isBrowserEnvironment() ? 'browser' : 'node',
             hasBaseUrl: !!config.baseUrl,
-            apiKeyLength: config.apiKey.length,
+            apiKeyLength: config.apiKey ? config.apiKey.length : 0,
             timestamp: new Date().toISOString(),
         });
     }

package/dist/vault.js CHANGED Viewed

@@ -3,17 +3,17 @@ export async function fetchVaultInfo(config) {
     // Note: The server only supports POST for /vault/info
     // No need to try GET first, just use POST directly
     const data = await emblemPost("/vault/info", {}, config);
-    // Validate response data
-    if (!data.vaultId || !data.address || !data.evmAddress) {
+    // Validate required response data (vaultId + evmAddress are required for EVM)
+    if (!data || !data.vaultId || !data.evmAddress) {
         throw new Error('Invalid vault info response: missing required fields');
     }
-    if (!data.evmAddress.startsWith('0x')) {
+    if (!String(data.evmAddress).startsWith('0x')) {
         throw new Error('Invalid evmAddress format in response');
     }
     return {
         vaultId: data.vaultId,
         tokenId: data.vaultId,
-        address: data.address,
+        address: data.address || '', // Solana address may be absent; keep optional
         evmAddress: data.evmAddress,
         created_by: data.created_by,
     };

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "emblem-vault-ai-signers",
-  "version": "0.1.7",
+  "version": "0.1.8-experimental.0",
   "description": "Emblem Vault remote signer adapters for viem and ethers",
   "type": "module",
   "main": "dist/index.js",
@@ -25,7 +25,8 @@
     "test:ci": "vitest run --reporter=default",
     "test:integration": "vitest -c vitest.int.config.ts run --reporter=verbose",
     "test:all": "npm test && npm run test:integration",
-    "release:patch": "npm version patch && npm run build && npm run test:all && npm publish"
+    "release:patch": "npm version patch && npm run build && npm run test:all && npm publish",
+    "release:experimental": "npm version prerelease --preid=experimental && npm run build && npm run test:all && npm publish --tag experimental"
   },
   "keywords": [
     "emblem",