kawasekit 0.2.0 → 0.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (36) hide show
  1. package/dist/{chunk-VXZHS74W.js → chunk-5TTOAVHE.js} +9 -3
  2. package/dist/chunk-5TTOAVHE.js.map +1 -0
  3. package/dist/chunk-FD6Q4NB2.js +293 -0
  4. package/dist/chunk-FD6Q4NB2.js.map +1 -0
  5. package/dist/{chunk-SMAZUZFO.js → chunk-G3UC6SME.js} +3 -3
  6. package/dist/{chunk-SMAZUZFO.js.map → chunk-G3UC6SME.js.map} +1 -1
  7. package/dist/{chunk-XRSZTZVZ.js → chunk-RJLDKDWL.js} +2 -2
  8. package/dist/{chunk-XRSZTZVZ.js.map → chunk-RJLDKDWL.js.map} +1 -1
  9. package/dist/cli/index.cjs +1 -1
  10. package/dist/cli/index.js +5 -5
  11. package/dist/{index-f-Xg86P9.d.ts → index-C9tbaHPF.d.ts} +1 -1
  12. package/dist/{index-Cn6kg7KH.d.cts → index-CAmTA8xR.d.cts} +1 -1
  13. package/dist/index.cjs +239 -4
  14. package/dist/index.cjs.map +1 -1
  15. package/dist/index.d.cts +4 -4
  16. package/dist/index.d.ts +4 -4
  17. package/dist/index.js +4 -4
  18. package/dist/policy/index.d.cts +2 -2
  19. package/dist/policy/index.d.ts +2 -2
  20. package/dist/signer/index.cjs +235 -0
  21. package/dist/signer/index.cjs.map +1 -1
  22. package/dist/signer/index.d.cts +240 -5
  23. package/dist/signer/index.d.ts +240 -5
  24. package/dist/signer/index.js +2 -2
  25. package/dist/{spending-policy-DKZN3Sg8.d.ts → spending-policy-BD2Mpm-L.d.ts} +1 -1
  26. package/dist/{spending-policy-DaajDg9B.d.cts → spending-policy-CGIaBpg-.d.cts} +1 -1
  27. package/dist/{types-IEl-iOIx.d.cts → types-BLJU67HZ.d.cts} +11 -3
  28. package/dist/{types-IEl-iOIx.d.ts → types-BLJU67HZ.d.ts} +11 -3
  29. package/dist/x402/index.cjs.map +1 -1
  30. package/dist/x402/index.d.cts +2 -2
  31. package/dist/x402/index.d.ts +2 -2
  32. package/dist/x402/index.js +2 -2
  33. package/package.json +1 -1
  34. package/dist/chunk-THTVJZ2Q.js +0 -71
  35. package/dist/chunk-THTVJZ2Q.js.map +0 -1
  36. package/dist/chunk-VXZHS74W.js.map +0 -1
package/dist/index.d.cts CHANGED
@@ -7,11 +7,11 @@ import { S as SupportedChainId } from './index-2fEOL83n.cjs';
7
7
  export { C as ChainNotSupportedError, g as getChain, i as isSupportedChainId, s as supportedChains } from './index-2fEOL83n.cjs';
8
8
  export { C as ConfiguredKernelClient, I as IssueSessionKeyParams, K as KAWASEKIT_SESSION_ENVELOPE_VERSION, a as KawasekitSessionEnvelope, b as KawasekitSessionEnvelopeVersion, c as KawasekitSessionPolicySummary, R as RestoreSessionAccountParams, d as RevokeSessionKeyParams, e as RevokeSessionKeyResult, f as RotateSessionKeyParams, g as RotateSessionKeyResult, S as SessionEnvelopeChainMismatchError, h as SessionEnvelopeParseError, i as SessionEnvelopeSignerMismatchError, j as SessionEnvelopeVersionError, T as TransferJpycInputError, k as TransferJpycParams, l as TransferJpycResult, m as issueSessionKey, p as parseSessionEnvelope, r as restoreSessionAccount, n as revokeSessionKey, o as rotateSessionKey, s as serializeSessionEnvelope, t as transferJpyc } from './index-DFChv_fT.cjs';
9
9
  export { CreateJpycDailyLimitPoliciesParams, ONE_DAY_SECONDS, createJpycDailyLimitPolicies } from './policy/index.cjs';
10
- export { C as CreateSpendingPolicyParams, P as PolicyDecision, S as SpendState, a as SpendingPolicy, b as SpendingPolicyConfigError, T as TokenLimit, c as createSpendingPolicy, e as evaluateSpendingPolicy, m as mergeSpendState } from './spending-policy-DaajDg9B.cjs';
11
- export { CreateLocalPolicyGatedSignerParams, PolicyGatedSignerConfigError, assertNonBypassable, createLocalPolicyGatedSigner, requireNonBypassable } from './signer/index.cjs';
12
- export { E as EnforcementLevel, N as NonBypassableEnforcement, P as PaymentIntent, a as PolicyGatedSigner, b as PolicyRejection, S as SignResult, c as SignerDescription } from './types-IEl-iOIx.cjs';
10
+ export { C as CreateSpendingPolicyParams, P as PolicyDecision, S as SpendState, a as SpendingPolicy, b as SpendingPolicyConfigError, T as TokenLimit, c as createSpendingPolicy, e as evaluateSpendingPolicy, m as mergeSpendState } from './spending-policy-CGIaBpg-.cjs';
11
+ export { CoSignConnection, CoSignFrame, CoSignRequestAuthenticator, CoSignRequestEnvelope, CoSignTransport, CoSignUnavailableError, CreateLocalPolicyGatedSignerParams, Mpc2pCoSignAgent, Mpc2pSignerParams, Mpc2pStepOutcome, PolicyGatedSignerConfigError, WIRE_VERSION, WireIntent, assertNonBypassable, canonicalRequestBytes, createLocalPolicyGatedSigner, createMpc2pPolicyGatedSigner, requireNonBypassable, toWireIntent } from './signer/index.cjs';
12
+ export { E as EnforcementLevel, N as NonBypassableEnforcement, P as PaymentIntent, a as PolicyGatedSigner, b as PolicyRejection, S as SignResult, c as SignerDescription } from './types-BLJU67HZ.cjs';
13
13
  export { C as CancelAuthorizationMessage, E as Eip3009Domain, K as KnownAssetDomain, a as KnownAssetId, R as ReceiveWithAuthorizationMessage, b as ResolvedAsset, S as SignedAuthorization, T as TransferWithAuthorizationMessage, X as X402AssetParam, c as X402TokenDomain, d as authorizationDeadlineFromNow, e as cancelAuthorizationTypes, f as deriveAuthorizationNonce, g as generateAuthorizationNonce, h as getKnownAssetDomain, l as listKnownAssetIds, r as receiveWithAuthorizationTypes, i as resolvedAssetToEip3009Domain, s as signCancelAuthorization, j as signReceiveWithAuthorization, k as signTransferWithAuthorization, t as transferWithAuthorizationTypes } from './asset-domain-4Ioxqn28.cjs';
14
- export { B as BuildPaymentRequiredResponseParams, a as BuildPaymentRequirementsParams, C as CreateCoinbaseFacilitatorParams, b as CreateHttpFacilitatorParams, c as CreateSelfFacilitatorParams, d as CreateX402PaymentSignerParams, K as KawaseChain, S as SignX402PaymentParams, W as WrapFetchParams, X as X402Fetch, e as X402InvalidConfigError, f as X402InvalidPayloadError, g as X402PaymentSigner, h as X402PolicyRejectedError, i as X402_DEFAULT_AUTHORIZATION_LIFETIME_SECONDS, j as X402_DEFAULT_MAX_TIMEOUT_SECONDS, k as X402_FACILITATOR_ERROR_CODES, l as X402_HEADER_IDEMPOTENCY_KEY, m as X402_HEADER_PAYMENT_REQUIRED, n as X402_HEADER_PAYMENT_RESPONSE, o as X402_HEADER_PAYMENT_SIGNATURE, p as buildPaymentRequiredResponse, q as buildPaymentRequirements, r as createCoinbaseFacilitator, s as createHttpFacilitator, t as createSelfFacilitator, u as createX402PaymentSigner, v as decodePaymentRequiredHeader, w as decodePaymentResponseHeader, x as decodePaymentSignatureHeader, y as deriveReceiptTimeoutMs, z as encodePaymentRequiredHeader, A as encodePaymentResponseHeader, D as encodePaymentSignatureHeader, E as wrapFetch, F as zerodevRpcUrl } from './index-Cn6kg7KH.cjs';
14
+ export { B as BuildPaymentRequiredResponseParams, a as BuildPaymentRequirementsParams, C as CreateCoinbaseFacilitatorParams, b as CreateHttpFacilitatorParams, c as CreateSelfFacilitatorParams, d as CreateX402PaymentSignerParams, K as KawaseChain, S as SignX402PaymentParams, W as WrapFetchParams, X as X402Fetch, e as X402InvalidConfigError, f as X402InvalidPayloadError, g as X402PaymentSigner, h as X402PolicyRejectedError, i as X402_DEFAULT_AUTHORIZATION_LIFETIME_SECONDS, j as X402_DEFAULT_MAX_TIMEOUT_SECONDS, k as X402_FACILITATOR_ERROR_CODES, l as X402_HEADER_IDEMPOTENCY_KEY, m as X402_HEADER_PAYMENT_REQUIRED, n as X402_HEADER_PAYMENT_RESPONSE, o as X402_HEADER_PAYMENT_SIGNATURE, p as buildPaymentRequiredResponse, q as buildPaymentRequirements, r as createCoinbaseFacilitator, s as createHttpFacilitator, t as createSelfFacilitator, u as createX402PaymentSigner, v as decodePaymentRequiredHeader, w as decodePaymentResponseHeader, x as decodePaymentSignatureHeader, y as deriveReceiptTimeoutMs, z as encodePaymentRequiredHeader, A as encodePaymentResponseHeader, D as encodePaymentSignatureHeader, E as wrapFetch, F as zerodevRpcUrl } from './index-CAmTA8xR.cjs';
15
15
  export { C as CreateX402HandlerParams, I as IdempotencyServerConfig, X as X402HandlerContext, a as X402InnerHandler, b as X402RequestHandler, c as createX402Handler } from './server-ov8YstNS.cjs';
16
16
  export { F as Facilitator, X as X402AssetTransferMethod, a as X402ExactEvmAuthorization, b as X402ExactEvmExtra, c as X402ExactEvmPayload, d as X402Network, e as X402PaymentPayload, f as X402PaymentRequiredResponse, g as X402PaymentRequirements, h as X402ResourceInfo, i as X402Scheme, j as X402SettleRequest, k as X402SettleResponse, l as X402SettlementResponse, m as X402SupportedKind, n as X402SupportedResponse, o as X402VerifyRequest, p as X402VerifyResponse, q as X402Version, r as X402_VERSION, s as chainIdToX402Network, t as isX402Network, x as x402NetworkToChainId } from './types-TpS_8ztt.cjs';
17
17
  export { ClientPaymentEvent, HookCallback, ObservabilityEvent, ObservabilityEventBase, ObservabilityHooks, PaymentAcceptedEvent, PaymentRequiredEvent, SettleEvent, VerifyEvent, extractAcceptedNetworks, invokeHookSafely } from './observability/index.cjs';
package/dist/index.d.ts CHANGED
@@ -7,11 +7,11 @@ import { S as SupportedChainId } from './index-2fEOL83n.js';
7
7
  export { C as ChainNotSupportedError, g as getChain, i as isSupportedChainId, s as supportedChains } from './index-2fEOL83n.js';
8
8
  export { C as ConfiguredKernelClient, I as IssueSessionKeyParams, K as KAWASEKIT_SESSION_ENVELOPE_VERSION, a as KawasekitSessionEnvelope, b as KawasekitSessionEnvelopeVersion, c as KawasekitSessionPolicySummary, R as RestoreSessionAccountParams, d as RevokeSessionKeyParams, e as RevokeSessionKeyResult, f as RotateSessionKeyParams, g as RotateSessionKeyResult, S as SessionEnvelopeChainMismatchError, h as SessionEnvelopeParseError, i as SessionEnvelopeSignerMismatchError, j as SessionEnvelopeVersionError, T as TransferJpycInputError, k as TransferJpycParams, l as TransferJpycResult, m as issueSessionKey, p as parseSessionEnvelope, r as restoreSessionAccount, n as revokeSessionKey, o as rotateSessionKey, s as serializeSessionEnvelope, t as transferJpyc } from './index-CSpNGigO.js';
9
9
  export { CreateJpycDailyLimitPoliciesParams, ONE_DAY_SECONDS, createJpycDailyLimitPolicies } from './policy/index.js';
10
- export { C as CreateSpendingPolicyParams, P as PolicyDecision, S as SpendState, a as SpendingPolicy, b as SpendingPolicyConfigError, T as TokenLimit, c as createSpendingPolicy, e as evaluateSpendingPolicy, m as mergeSpendState } from './spending-policy-DKZN3Sg8.js';
11
- export { CreateLocalPolicyGatedSignerParams, PolicyGatedSignerConfigError, assertNonBypassable, createLocalPolicyGatedSigner, requireNonBypassable } from './signer/index.js';
12
- export { E as EnforcementLevel, N as NonBypassableEnforcement, P as PaymentIntent, a as PolicyGatedSigner, b as PolicyRejection, S as SignResult, c as SignerDescription } from './types-IEl-iOIx.js';
10
+ export { C as CreateSpendingPolicyParams, P as PolicyDecision, S as SpendState, a as SpendingPolicy, b as SpendingPolicyConfigError, T as TokenLimit, c as createSpendingPolicy, e as evaluateSpendingPolicy, m as mergeSpendState } from './spending-policy-BD2Mpm-L.js';
11
+ export { CoSignConnection, CoSignFrame, CoSignRequestAuthenticator, CoSignRequestEnvelope, CoSignTransport, CoSignUnavailableError, CreateLocalPolicyGatedSignerParams, Mpc2pCoSignAgent, Mpc2pSignerParams, Mpc2pStepOutcome, PolicyGatedSignerConfigError, WIRE_VERSION, WireIntent, assertNonBypassable, canonicalRequestBytes, createLocalPolicyGatedSigner, createMpc2pPolicyGatedSigner, requireNonBypassable, toWireIntent } from './signer/index.js';
12
+ export { E as EnforcementLevel, N as NonBypassableEnforcement, P as PaymentIntent, a as PolicyGatedSigner, b as PolicyRejection, S as SignResult, c as SignerDescription } from './types-BLJU67HZ.js';
13
13
  export { C as CancelAuthorizationMessage, E as Eip3009Domain, K as KnownAssetDomain, a as KnownAssetId, R as ReceiveWithAuthorizationMessage, b as ResolvedAsset, S as SignedAuthorization, T as TransferWithAuthorizationMessage, X as X402AssetParam, c as X402TokenDomain, d as authorizationDeadlineFromNow, e as cancelAuthorizationTypes, f as deriveAuthorizationNonce, g as generateAuthorizationNonce, h as getKnownAssetDomain, l as listKnownAssetIds, r as receiveWithAuthorizationTypes, i as resolvedAssetToEip3009Domain, s as signCancelAuthorization, j as signReceiveWithAuthorization, k as signTransferWithAuthorization, t as transferWithAuthorizationTypes } from './asset-domain-4Ioxqn28.js';
14
- export { B as BuildPaymentRequiredResponseParams, a as BuildPaymentRequirementsParams, C as CreateCoinbaseFacilitatorParams, b as CreateHttpFacilitatorParams, c as CreateSelfFacilitatorParams, d as CreateX402PaymentSignerParams, K as KawaseChain, S as SignX402PaymentParams, W as WrapFetchParams, X as X402Fetch, e as X402InvalidConfigError, f as X402InvalidPayloadError, g as X402PaymentSigner, h as X402PolicyRejectedError, i as X402_DEFAULT_AUTHORIZATION_LIFETIME_SECONDS, j as X402_DEFAULT_MAX_TIMEOUT_SECONDS, k as X402_FACILITATOR_ERROR_CODES, l as X402_HEADER_IDEMPOTENCY_KEY, m as X402_HEADER_PAYMENT_REQUIRED, n as X402_HEADER_PAYMENT_RESPONSE, o as X402_HEADER_PAYMENT_SIGNATURE, p as buildPaymentRequiredResponse, q as buildPaymentRequirements, r as createCoinbaseFacilitator, s as createHttpFacilitator, t as createSelfFacilitator, u as createX402PaymentSigner, v as decodePaymentRequiredHeader, w as decodePaymentResponseHeader, x as decodePaymentSignatureHeader, y as deriveReceiptTimeoutMs, z as encodePaymentRequiredHeader, A as encodePaymentResponseHeader, D as encodePaymentSignatureHeader, E as wrapFetch, F as zerodevRpcUrl } from './index-f-Xg86P9.js';
14
+ export { B as BuildPaymentRequiredResponseParams, a as BuildPaymentRequirementsParams, C as CreateCoinbaseFacilitatorParams, b as CreateHttpFacilitatorParams, c as CreateSelfFacilitatorParams, d as CreateX402PaymentSignerParams, K as KawaseChain, S as SignX402PaymentParams, W as WrapFetchParams, X as X402Fetch, e as X402InvalidConfigError, f as X402InvalidPayloadError, g as X402PaymentSigner, h as X402PolicyRejectedError, i as X402_DEFAULT_AUTHORIZATION_LIFETIME_SECONDS, j as X402_DEFAULT_MAX_TIMEOUT_SECONDS, k as X402_FACILITATOR_ERROR_CODES, l as X402_HEADER_IDEMPOTENCY_KEY, m as X402_HEADER_PAYMENT_REQUIRED, n as X402_HEADER_PAYMENT_RESPONSE, o as X402_HEADER_PAYMENT_SIGNATURE, p as buildPaymentRequiredResponse, q as buildPaymentRequirements, r as createCoinbaseFacilitator, s as createHttpFacilitator, t as createSelfFacilitator, u as createX402PaymentSigner, v as decodePaymentRequiredHeader, w as decodePaymentResponseHeader, x as decodePaymentSignatureHeader, y as deriveReceiptTimeoutMs, z as encodePaymentRequiredHeader, A as encodePaymentResponseHeader, D as encodePaymentSignatureHeader, E as wrapFetch, F as zerodevRpcUrl } from './index-C9tbaHPF.js';
15
15
  export { C as CreateX402HandlerParams, I as IdempotencyServerConfig, X as X402HandlerContext, a as X402InnerHandler, b as X402RequestHandler, c as createX402Handler } from './server-D_rZc-cW.js';
16
16
  export { F as Facilitator, X as X402AssetTransferMethod, a as X402ExactEvmAuthorization, b as X402ExactEvmExtra, c as X402ExactEvmPayload, d as X402Network, e as X402PaymentPayload, f as X402PaymentRequiredResponse, g as X402PaymentRequirements, h as X402ResourceInfo, i as X402Scheme, j as X402SettleRequest, k as X402SettleResponse, l as X402SettlementResponse, m as X402SupportedKind, n as X402SupportedResponse, o as X402VerifyRequest, p as X402VerifyResponse, q as X402Version, r as X402_VERSION, s as chainIdToX402Network, t as isX402Network, x as x402NetworkToChainId } from './types-BR9UcvJO.js';
17
17
  export { ClientPaymentEvent, HookCallback, ObservabilityEvent, ObservabilityEventBase, ObservabilityHooks, PaymentAcceptedEvent, PaymentRequiredEvent, SettleEvent, VerifyEvent, extractAcceptedNetworks, invokeHookSafely } from './observability/index.js';
package/dist/index.js CHANGED
@@ -1,12 +1,12 @@
1
- export { TransferJpycInputError, transferJpyc } from './chunk-XRSZTZVZ.js';
2
- export { X402_DEFAULT_AUTHORIZATION_LIFETIME_SECONDS, X402_FACILITATOR_ERROR_CODES, createCoinbaseFacilitator, createHttpFacilitator, createSelfFacilitator, createX402PaymentSigner, deriveReceiptTimeoutMs, wrapFetch } from './chunk-SMAZUZFO.js';
1
+ export { TransferJpycInputError, transferJpyc } from './chunk-RJLDKDWL.js';
2
+ export { X402_DEFAULT_AUTHORIZATION_LIFETIME_SECONDS, X402_FACILITATOR_ERROR_CODES, createCoinbaseFacilitator, createHttpFacilitator, createSelfFacilitator, createX402PaymentSigner, deriveReceiptTimeoutMs, wrapFetch } from './chunk-G3UC6SME.js';
3
3
  export { X402_DEFAULT_MAX_TIMEOUT_SECONDS, X402_HEADER_IDEMPOTENCY_KEY, X402_HEADER_PAYMENT_REQUIRED, X402_HEADER_PAYMENT_RESPONSE, X402_HEADER_PAYMENT_SIGNATURE, buildPaymentRequiredResponse, buildPaymentRequirements, createX402Handler, decodePaymentRequiredHeader, decodePaymentResponseHeader, decodePaymentSignatureHeader, encodePaymentRequiredHeader, encodePaymentResponseHeader, encodePaymentSignatureHeader } from './chunk-PVUKX6IF.js';
4
4
  export { extractAcceptedNetworks, invokeHookSafely } from './chunk-LEHWRDVS.js';
5
5
  export { createIdempotencyKeyBuilder, createInMemoryIdempotencyStore, deriveIdempotencyKey, normalizeIntentText } from './chunk-TTX3RBIZ.js';
6
6
  export { IdempotencyConfigError, IdempotencyRecordParseError, IdempotencyRecordVersionError, KAWASEKIT_IDEMPOTENCY_RECORD_VERSION, X402_VERSION, chainIdToX402Network, isX402Network, parseIdempotencyRecord, serializeIdempotencyRecord, x402NetworkToChainId } from './chunk-QHUCU5YX.js';
7
7
  export { KAWASEKIT_SESSION_ENVELOPE_VERSION, SessionEnvelopeChainMismatchError, SessionEnvelopeParseError, SessionEnvelopeSignerMismatchError, SessionEnvelopeVersionError, createAgentSmartAccount, issueSessionKey, parseSessionEnvelope, restoreSessionAccount, revokeSessionKey, rotateSessionKey, serializeSessionEnvelope } from './chunk-N3CVLISJ.js';
8
- export { createLocalPolicyGatedSigner } from './chunk-THTVJZ2Q.js';
9
- export { PolicyGatedSignerConfigError, assertNonBypassable, authorizationDeadlineFromNow, cancelAuthorizationTypes, deriveAuthorizationNonce, generateAuthorizationNonce, getKnownAssetDomain, listKnownAssetIds, receiveWithAuthorizationTypes, requireNonBypassable, resolvedAssetToEip3009Domain, signCancelAuthorization, signReceiveWithAuthorization, signTransferWithAuthorization, transferWithAuthorizationTypes } from './chunk-VXZHS74W.js';
8
+ export { WIRE_VERSION, canonicalRequestBytes, createLocalPolicyGatedSigner, createMpc2pPolicyGatedSigner, toWireIntent } from './chunk-FD6Q4NB2.js';
9
+ export { CoSignUnavailableError, PolicyGatedSignerConfigError, assertNonBypassable, authorizationDeadlineFromNow, cancelAuthorizationTypes, deriveAuthorizationNonce, generateAuthorizationNonce, getKnownAssetDomain, listKnownAssetIds, receiveWithAuthorizationTypes, requireNonBypassable, resolvedAssetToEip3009Domain, signCancelAuthorization, signReceiveWithAuthorization, signTransferWithAuthorization, transferWithAuthorizationTypes } from './chunk-5TTOAVHE.js';
10
10
  export { X402InvalidConfigError, X402InvalidPayloadError, X402PolicyRejectedError } from './chunk-WMVJNPX2.js';
11
11
  export { ONE_DAY_SECONDS, createJpycDailyLimitPolicies } from './chunk-E47SIVFY.js';
12
12
  export { SpendingPolicyConfigError, createSpendingPolicy, evaluateSpendingPolicy, mergeSpendState } from './chunk-6CNAYQOL.js';
@@ -1,8 +1,8 @@
1
1
  import { Policy } from '@zerodev/permissions';
2
2
  import { CallPolicyVersion } from '@zerodev/permissions/policies';
3
3
  import { Address } from 'viem';
4
- export { C as CreateSpendingPolicyParams, P as PolicyDecision, S as SpendState, a as SpendingPolicy, b as SpendingPolicyConfigError, T as TokenLimit, c as createSpendingPolicy, e as evaluateSpendingPolicy, m as mergeSpendState } from '../spending-policy-DaajDg9B.cjs';
5
- import '../types-IEl-iOIx.cjs';
4
+ export { C as CreateSpendingPolicyParams, P as PolicyDecision, S as SpendState, a as SpendingPolicy, b as SpendingPolicyConfigError, T as TokenLimit, c as createSpendingPolicy, e as evaluateSpendingPolicy, m as mergeSpendState } from '../spending-policy-CGIaBpg-.cjs';
5
+ import '../types-BLJU67HZ.cjs';
6
6
 
7
7
  /**
8
8
  * Daily-limit spending policy for JPYC, built on ZeroDev's Permission System.
@@ -1,8 +1,8 @@
1
1
  import { Policy } from '@zerodev/permissions';
2
2
  import { CallPolicyVersion } from '@zerodev/permissions/policies';
3
3
  import { Address } from 'viem';
4
- export { C as CreateSpendingPolicyParams, P as PolicyDecision, S as SpendState, a as SpendingPolicy, b as SpendingPolicyConfigError, T as TokenLimit, c as createSpendingPolicy, e as evaluateSpendingPolicy, m as mergeSpendState } from '../spending-policy-DKZN3Sg8.js';
5
- import '../types-IEl-iOIx.js';
4
+ export { C as CreateSpendingPolicyParams, P as PolicyDecision, S as SpendState, a as SpendingPolicy, b as SpendingPolicyConfigError, T as TokenLimit, c as createSpendingPolicy, e as evaluateSpendingPolicy, m as mergeSpendState } from '../spending-policy-BD2Mpm-L.js';
5
+ import '../types-BLJU67HZ.js';
6
6
 
7
7
  /**
8
8
  * Daily-limit spending policy for JPYC, built on ZeroDev's Permission System.
@@ -16,6 +16,12 @@ var PolicyGatedSignerConfigError = class extends Error {
16
16
  this.reason = reason;
17
17
  }
18
18
  };
19
+ var CoSignUnavailableError = class extends Error {
20
+ constructor(message, options) {
21
+ super(message, options);
22
+ this.name = "CoSignUnavailableError";
23
+ }
24
+ };
19
25
 
20
26
  // src/signer/gate.ts
21
27
  function requireNonBypassable(signer) {
@@ -355,9 +361,238 @@ function createLocalPolicyGatedSigner(params) {
355
361
  };
356
362
  }
357
363
 
364
+ // src/signer/mpc-2p-wire.ts
365
+ var WIRE_VERSION = 2;
366
+ function toWireIntent(intent) {
367
+ return {
368
+ token: intent.token.toLowerCase(),
369
+ chain_id: intent.chainId,
370
+ from: intent.from.toLowerCase(),
371
+ to: intent.to.toLowerCase(),
372
+ value: intent.value.toString(),
373
+ valid_after: intent.validAfter.toString(),
374
+ valid_before: intent.validBefore.toString(),
375
+ nonce: intent.nonce.toLowerCase()
376
+ };
377
+ }
378
+ function canonicalRequestBytes(env) {
379
+ const i = env.intent;
380
+ const lines = [
381
+ "kawasekit-mpc-2p/cosign-request/v3",
382
+ "wireVersion=2",
383
+ `ceremonyId=${env.ceremonyId}`,
384
+ `ssid=${env.ssid}`,
385
+ `token=${i.token.toLowerCase()}`,
386
+ `chainId=${i.chainId}`,
387
+ `from=${i.from.toLowerCase()}`,
388
+ `to=${i.to.toLowerCase()}`,
389
+ `value=${i.value}`,
390
+ `validAfter=${i.validAfter}`,
391
+ `validBefore=${i.validBefore}`,
392
+ `nonce=${i.nonce.toLowerCase()}`,
393
+ `freshnessTs=${env.freshnessTs}`,
394
+ `freshnessNonce=${env.freshnessNonce.toLowerCase()}`
395
+ ];
396
+ return new TextEncoder().encode(lines.map((l) => `${l}
397
+ `).join(""));
398
+ }
399
+
400
+ // src/signer/mpc-2p.ts
401
+ var POLICY_REASONS = /* @__PURE__ */ new Set([
402
+ "revoked",
403
+ "expired",
404
+ "token_not_allowed",
405
+ "recipient_not_allowed",
406
+ "amount_exceeds_per_sign",
407
+ "amount_exceeds_cumulative",
408
+ "intent_digest_mismatch",
409
+ "unauthenticated",
410
+ "from_mismatch",
411
+ "nonce_reuse_conflict"
412
+ ]);
413
+ function rejection(reason, detail) {
414
+ return { ok: false, rejection: { reason, detail } };
415
+ }
416
+ function createMpc2pPolicyGatedSigner(params) {
417
+ const { agent, transport, authenticator, session } = params;
418
+ const pinned = resolveAssetParam(params.asset);
419
+ const from = viem.getAddress(params.from);
420
+ const agentEoa = viem.getAddress(agent.groupEoa());
421
+ if (agentEoa !== from) {
422
+ throw new PolicyGatedSignerConfigError(
423
+ "from",
424
+ `the agent share controls ${agentEoa} but params.from is ${from}`
425
+ );
426
+ }
427
+ return {
428
+ enforcement: "cryptographic",
429
+ from,
430
+ async sign(intent) {
431
+ if (viem.getAddress(intent.from) !== from) {
432
+ return rejection(
433
+ "from_mismatch",
434
+ `intent.from ${viem.getAddress(intent.from)} does not equal signer.from ${from}`
435
+ );
436
+ }
437
+ if (viem.getAddress(intent.token) !== pinned.verifyingContract) {
438
+ return rejection(
439
+ "token_not_allowed",
440
+ `intent.token ${viem.getAddress(intent.token)} does not equal the signer's pinned verifyingContract ${pinned.verifyingContract}`
441
+ );
442
+ }
443
+ const digest = viem.hashTypedData({
444
+ domain: resolvedAssetToEip3009Domain(pinned, intent.chainId),
445
+ types: transferWithAuthorizationTypes,
446
+ primaryType: "TransferWithAuthorization",
447
+ message: {
448
+ from,
449
+ to: intent.to,
450
+ value: intent.value,
451
+ validAfter: intent.validAfter,
452
+ validBefore: intent.validBefore,
453
+ nonce: intent.nonce
454
+ }
455
+ });
456
+ const env = {
457
+ ceremonyId: globalThis.crypto.randomUUID(),
458
+ ssid: globalThis.crypto.randomUUID(),
459
+ intent,
460
+ freshnessTs: Math.floor(Date.now() / 1e3),
461
+ freshnessNonce: viem.toHex(globalThis.crypto.getRandomValues(new Uint8Array(16)))
462
+ };
463
+ const authTag = await authenticator.tag(canonicalRequestBytes(env));
464
+ const conn = await openConnection(transport);
465
+ try {
466
+ return await runCeremony(conn, agent, session.id, env, digest, authTag);
467
+ } finally {
468
+ try {
469
+ await conn.close();
470
+ } catch {
471
+ }
472
+ }
473
+ },
474
+ describe() {
475
+ return {
476
+ enforcement: "cryptographic",
477
+ from,
478
+ policyId: session.id,
479
+ notAfter: session.notAfter,
480
+ // The backend owns authoritative revocation (a revoked session → a
481
+ // rejection at sign time); this metadata field is best-effort.
482
+ revoked: false
483
+ };
484
+ }
485
+ };
486
+ }
487
+ async function openConnection(transport) {
488
+ try {
489
+ return await transport.connect();
490
+ } catch (cause) {
491
+ throw new CoSignUnavailableError("co-signer connection failed", { cause });
492
+ }
493
+ }
494
+ async function runCeremony(conn, agent, sessionId, env, digest, authTag) {
495
+ const send = async (frame) => {
496
+ try {
497
+ await conn.send(frame);
498
+ } catch (cause) {
499
+ throw new CoSignUnavailableError("co-sign connection dropped while sending", { cause });
500
+ }
501
+ };
502
+ const recv = async () => {
503
+ let frame;
504
+ try {
505
+ frame = await conn.recv();
506
+ } catch (cause) {
507
+ throw new CoSignUnavailableError("co-sign connection dropped mid-ceremony", { cause });
508
+ }
509
+ if (frame.wire_version !== WIRE_VERSION) {
510
+ throw new CoSignUnavailableError(
511
+ `co-signer spoke wire_version ${frame.wire_version}, expected ${WIRE_VERSION}`
512
+ );
513
+ }
514
+ return frame;
515
+ };
516
+ await send({
517
+ wire_version: WIRE_VERSION,
518
+ kind: "request",
519
+ session_id: sessionId,
520
+ ceremony_id: env.ceremonyId,
521
+ ssid: env.ssid,
522
+ intent: toWireIntent(env.intent),
523
+ freshness_ts: env.freshnessTs,
524
+ freshness_nonce: env.freshnessNonce,
525
+ auth_tag: authTag
526
+ });
527
+ let first;
528
+ try {
529
+ first = agent.start(digest);
530
+ } catch (cause) {
531
+ throw new CoSignUnavailableError("the agent failed to start the ceremony", { cause });
532
+ }
533
+ await send({ wire_version: WIRE_VERSION, kind: "round", payload: first });
534
+ let agentSig = null;
535
+ for (; ; ) {
536
+ const frame = await recv();
537
+ switch (frame.kind) {
538
+ case "round": {
539
+ let step;
540
+ try {
541
+ step = agent.step(frame.payload);
542
+ } catch (cause) {
543
+ throw new CoSignUnavailableError("the agent rejected a round frame", { cause });
544
+ }
545
+ if ("outbound" in step) {
546
+ await send({ wire_version: WIRE_VERSION, kind: "round", payload: step.outbound });
547
+ } else {
548
+ agentSig = step.signature;
549
+ }
550
+ break;
551
+ }
552
+ case "result": {
553
+ if (agentSig === null) {
554
+ throw new CoSignUnavailableError(
555
+ "the backend returned a result before the agent derived a signature"
556
+ );
557
+ }
558
+ if (frame.r.toLowerCase() !== agentSig.r.toLowerCase() || frame.s.toLowerCase() !== agentSig.s.toLowerCase() || frame.v !== agentSig.v) {
559
+ throw new CoSignUnavailableError("the backend and agent derived different signatures");
560
+ }
561
+ return { ok: true, signature: assembleSignature(agentSig), intent: env.intent };
562
+ }
563
+ case "rejection": {
564
+ if (POLICY_REASONS.has(frame.reason)) {
565
+ return rejection(frame.reason, frame.detail);
566
+ }
567
+ throw new CoSignUnavailableError(
568
+ `co-signer returned a non-policy rejection (${frame.reason}): ${frame.detail}`
569
+ );
570
+ }
571
+ case "error": {
572
+ throw new CoSignUnavailableError(`co-signer error: ${frame.message}`);
573
+ }
574
+ default: {
575
+ throw new CoSignUnavailableError("co-signer sent an unexpected frame");
576
+ }
577
+ }
578
+ }
579
+ }
580
+ function assembleSignature(sig) {
581
+ const yParity = sig.v - 27;
582
+ if (yParity !== 0 && yParity !== 1) {
583
+ throw new CoSignUnavailableError(`malformed recovery id v=${sig.v} (expected 27 or 28)`);
584
+ }
585
+ return viem.serializeSignature({ r: sig.r, s: sig.s, yParity });
586
+ }
587
+
588
+ exports.CoSignUnavailableError = CoSignUnavailableError;
358
589
  exports.PolicyGatedSignerConfigError = PolicyGatedSignerConfigError;
590
+ exports.WIRE_VERSION = WIRE_VERSION;
359
591
  exports.assertNonBypassable = assertNonBypassable;
592
+ exports.canonicalRequestBytes = canonicalRequestBytes;
360
593
  exports.createLocalPolicyGatedSigner = createLocalPolicyGatedSigner;
594
+ exports.createMpc2pPolicyGatedSigner = createMpc2pPolicyGatedSigner;
361
595
  exports.requireNonBypassable = requireNonBypassable;
596
+ exports.toWireIntent = toWireIntent;
362
597
  //# sourceMappingURL=index.cjs.map
363
598
  //# sourceMappingURL=index.cjs.map