kawasekit 0.3.0 → 0.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/{chunk-EUW7AZ4P.js → chunk-FD6Q4NB2.js} +37 -20
- package/dist/chunk-FD6Q4NB2.js.map +1 -0
- package/dist/cli/index.cjs +1 -1
- package/dist/cli/index.js +2 -2
- package/dist/index.cjs +34 -17
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.cts +1 -1
- package/dist/index.d.ts +1 -1
- package/dist/index.js +1 -1
- package/dist/signer/index.cjs +34 -17
- package/dist/signer/index.cjs.map +1 -1
- package/dist/signer/index.d.cts +40 -20
- package/dist/signer/index.d.ts +40 -20
- package/dist/signer/index.js +1 -1
- package/package.json +1 -1
- package/dist/chunk-EUW7AZ4P.js.map +0 -1
package/dist/index.d.cts
CHANGED
|
@@ -8,7 +8,7 @@ export { C as ChainNotSupportedError, g as getChain, i as isSupportedChainId, s
|
|
|
8
8
|
export { C as ConfiguredKernelClient, I as IssueSessionKeyParams, K as KAWASEKIT_SESSION_ENVELOPE_VERSION, a as KawasekitSessionEnvelope, b as KawasekitSessionEnvelopeVersion, c as KawasekitSessionPolicySummary, R as RestoreSessionAccountParams, d as RevokeSessionKeyParams, e as RevokeSessionKeyResult, f as RotateSessionKeyParams, g as RotateSessionKeyResult, S as SessionEnvelopeChainMismatchError, h as SessionEnvelopeParseError, i as SessionEnvelopeSignerMismatchError, j as SessionEnvelopeVersionError, T as TransferJpycInputError, k as TransferJpycParams, l as TransferJpycResult, m as issueSessionKey, p as parseSessionEnvelope, r as restoreSessionAccount, n as revokeSessionKey, o as rotateSessionKey, s as serializeSessionEnvelope, t as transferJpyc } from './index-DFChv_fT.cjs';
|
|
9
9
|
export { CreateJpycDailyLimitPoliciesParams, ONE_DAY_SECONDS, createJpycDailyLimitPolicies } from './policy/index.cjs';
|
|
10
10
|
export { C as CreateSpendingPolicyParams, P as PolicyDecision, S as SpendState, a as SpendingPolicy, b as SpendingPolicyConfigError, T as TokenLimit, c as createSpendingPolicy, e as evaluateSpendingPolicy, m as mergeSpendState } from './spending-policy-CGIaBpg-.cjs';
|
|
11
|
-
export { CoSignConnection, CoSignFrame, CoSignRequestAuthenticator, CoSignTransport, CoSignUnavailableError, CreateLocalPolicyGatedSignerParams, Mpc2pCoSignAgent, Mpc2pSignerParams, Mpc2pStepOutcome, PolicyGatedSignerConfigError, WIRE_VERSION, WireIntent, assertNonBypassable,
|
|
11
|
+
export { CoSignConnection, CoSignFrame, CoSignRequestAuthenticator, CoSignRequestEnvelope, CoSignTransport, CoSignUnavailableError, CreateLocalPolicyGatedSignerParams, Mpc2pCoSignAgent, Mpc2pSignerParams, Mpc2pStepOutcome, PolicyGatedSignerConfigError, WIRE_VERSION, WireIntent, assertNonBypassable, canonicalRequestBytes, createLocalPolicyGatedSigner, createMpc2pPolicyGatedSigner, requireNonBypassable, toWireIntent } from './signer/index.cjs';
|
|
12
12
|
export { E as EnforcementLevel, N as NonBypassableEnforcement, P as PaymentIntent, a as PolicyGatedSigner, b as PolicyRejection, S as SignResult, c as SignerDescription } from './types-BLJU67HZ.cjs';
|
|
13
13
|
export { C as CancelAuthorizationMessage, E as Eip3009Domain, K as KnownAssetDomain, a as KnownAssetId, R as ReceiveWithAuthorizationMessage, b as ResolvedAsset, S as SignedAuthorization, T as TransferWithAuthorizationMessage, X as X402AssetParam, c as X402TokenDomain, d as authorizationDeadlineFromNow, e as cancelAuthorizationTypes, f as deriveAuthorizationNonce, g as generateAuthorizationNonce, h as getKnownAssetDomain, l as listKnownAssetIds, r as receiveWithAuthorizationTypes, i as resolvedAssetToEip3009Domain, s as signCancelAuthorization, j as signReceiveWithAuthorization, k as signTransferWithAuthorization, t as transferWithAuthorizationTypes } from './asset-domain-4Ioxqn28.cjs';
|
|
14
14
|
export { B as BuildPaymentRequiredResponseParams, a as BuildPaymentRequirementsParams, C as CreateCoinbaseFacilitatorParams, b as CreateHttpFacilitatorParams, c as CreateSelfFacilitatorParams, d as CreateX402PaymentSignerParams, K as KawaseChain, S as SignX402PaymentParams, W as WrapFetchParams, X as X402Fetch, e as X402InvalidConfigError, f as X402InvalidPayloadError, g as X402PaymentSigner, h as X402PolicyRejectedError, i as X402_DEFAULT_AUTHORIZATION_LIFETIME_SECONDS, j as X402_DEFAULT_MAX_TIMEOUT_SECONDS, k as X402_FACILITATOR_ERROR_CODES, l as X402_HEADER_IDEMPOTENCY_KEY, m as X402_HEADER_PAYMENT_REQUIRED, n as X402_HEADER_PAYMENT_RESPONSE, o as X402_HEADER_PAYMENT_SIGNATURE, p as buildPaymentRequiredResponse, q as buildPaymentRequirements, r as createCoinbaseFacilitator, s as createHttpFacilitator, t as createSelfFacilitator, u as createX402PaymentSigner, v as decodePaymentRequiredHeader, w as decodePaymentResponseHeader, x as decodePaymentSignatureHeader, y as deriveReceiptTimeoutMs, z as encodePaymentRequiredHeader, A as encodePaymentResponseHeader, D as encodePaymentSignatureHeader, E as wrapFetch, F as zerodevRpcUrl } from './index-CAmTA8xR.cjs';
|
package/dist/index.d.ts
CHANGED
|
@@ -8,7 +8,7 @@ export { C as ChainNotSupportedError, g as getChain, i as isSupportedChainId, s
|
|
|
8
8
|
export { C as ConfiguredKernelClient, I as IssueSessionKeyParams, K as KAWASEKIT_SESSION_ENVELOPE_VERSION, a as KawasekitSessionEnvelope, b as KawasekitSessionEnvelopeVersion, c as KawasekitSessionPolicySummary, R as RestoreSessionAccountParams, d as RevokeSessionKeyParams, e as RevokeSessionKeyResult, f as RotateSessionKeyParams, g as RotateSessionKeyResult, S as SessionEnvelopeChainMismatchError, h as SessionEnvelopeParseError, i as SessionEnvelopeSignerMismatchError, j as SessionEnvelopeVersionError, T as TransferJpycInputError, k as TransferJpycParams, l as TransferJpycResult, m as issueSessionKey, p as parseSessionEnvelope, r as restoreSessionAccount, n as revokeSessionKey, o as rotateSessionKey, s as serializeSessionEnvelope, t as transferJpyc } from './index-CSpNGigO.js';
|
|
9
9
|
export { CreateJpycDailyLimitPoliciesParams, ONE_DAY_SECONDS, createJpycDailyLimitPolicies } from './policy/index.js';
|
|
10
10
|
export { C as CreateSpendingPolicyParams, P as PolicyDecision, S as SpendState, a as SpendingPolicy, b as SpendingPolicyConfigError, T as TokenLimit, c as createSpendingPolicy, e as evaluateSpendingPolicy, m as mergeSpendState } from './spending-policy-BD2Mpm-L.js';
|
|
11
|
-
export { CoSignConnection, CoSignFrame, CoSignRequestAuthenticator, CoSignTransport, CoSignUnavailableError, CreateLocalPolicyGatedSignerParams, Mpc2pCoSignAgent, Mpc2pSignerParams, Mpc2pStepOutcome, PolicyGatedSignerConfigError, WIRE_VERSION, WireIntent, assertNonBypassable,
|
|
11
|
+
export { CoSignConnection, CoSignFrame, CoSignRequestAuthenticator, CoSignRequestEnvelope, CoSignTransport, CoSignUnavailableError, CreateLocalPolicyGatedSignerParams, Mpc2pCoSignAgent, Mpc2pSignerParams, Mpc2pStepOutcome, PolicyGatedSignerConfigError, WIRE_VERSION, WireIntent, assertNonBypassable, canonicalRequestBytes, createLocalPolicyGatedSigner, createMpc2pPolicyGatedSigner, requireNonBypassable, toWireIntent } from './signer/index.js';
|
|
12
12
|
export { E as EnforcementLevel, N as NonBypassableEnforcement, P as PaymentIntent, a as PolicyGatedSigner, b as PolicyRejection, S as SignResult, c as SignerDescription } from './types-BLJU67HZ.js';
|
|
13
13
|
export { C as CancelAuthorizationMessage, E as Eip3009Domain, K as KnownAssetDomain, a as KnownAssetId, R as ReceiveWithAuthorizationMessage, b as ResolvedAsset, S as SignedAuthorization, T as TransferWithAuthorizationMessage, X as X402AssetParam, c as X402TokenDomain, d as authorizationDeadlineFromNow, e as cancelAuthorizationTypes, f as deriveAuthorizationNonce, g as generateAuthorizationNonce, h as getKnownAssetDomain, l as listKnownAssetIds, r as receiveWithAuthorizationTypes, i as resolvedAssetToEip3009Domain, s as signCancelAuthorization, j as signReceiveWithAuthorization, k as signTransferWithAuthorization, t as transferWithAuthorizationTypes } from './asset-domain-4Ioxqn28.js';
|
|
14
14
|
export { B as BuildPaymentRequiredResponseParams, a as BuildPaymentRequirementsParams, C as CreateCoinbaseFacilitatorParams, b as CreateHttpFacilitatorParams, c as CreateSelfFacilitatorParams, d as CreateX402PaymentSignerParams, K as KawaseChain, S as SignX402PaymentParams, W as WrapFetchParams, X as X402Fetch, e as X402InvalidConfigError, f as X402InvalidPayloadError, g as X402PaymentSigner, h as X402PolicyRejectedError, i as X402_DEFAULT_AUTHORIZATION_LIFETIME_SECONDS, j as X402_DEFAULT_MAX_TIMEOUT_SECONDS, k as X402_FACILITATOR_ERROR_CODES, l as X402_HEADER_IDEMPOTENCY_KEY, m as X402_HEADER_PAYMENT_REQUIRED, n as X402_HEADER_PAYMENT_RESPONSE, o as X402_HEADER_PAYMENT_SIGNATURE, p as buildPaymentRequiredResponse, q as buildPaymentRequirements, r as createCoinbaseFacilitator, s as createHttpFacilitator, t as createSelfFacilitator, u as createX402PaymentSigner, v as decodePaymentRequiredHeader, w as decodePaymentResponseHeader, x as decodePaymentSignatureHeader, y as deriveReceiptTimeoutMs, z as encodePaymentRequiredHeader, A as encodePaymentResponseHeader, D as encodePaymentSignatureHeader, E as wrapFetch, F as zerodevRpcUrl } from './index-C9tbaHPF.js';
|
package/dist/index.js
CHANGED
|
@@ -5,7 +5,7 @@ export { extractAcceptedNetworks, invokeHookSafely } from './chunk-LEHWRDVS.js';
|
|
|
5
5
|
export { createIdempotencyKeyBuilder, createInMemoryIdempotencyStore, deriveIdempotencyKey, normalizeIntentText } from './chunk-TTX3RBIZ.js';
|
|
6
6
|
export { IdempotencyConfigError, IdempotencyRecordParseError, IdempotencyRecordVersionError, KAWASEKIT_IDEMPOTENCY_RECORD_VERSION, X402_VERSION, chainIdToX402Network, isX402Network, parseIdempotencyRecord, serializeIdempotencyRecord, x402NetworkToChainId } from './chunk-QHUCU5YX.js';
|
|
7
7
|
export { KAWASEKIT_SESSION_ENVELOPE_VERSION, SessionEnvelopeChainMismatchError, SessionEnvelopeParseError, SessionEnvelopeSignerMismatchError, SessionEnvelopeVersionError, createAgentSmartAccount, issueSessionKey, parseSessionEnvelope, restoreSessionAccount, revokeSessionKey, rotateSessionKey, serializeSessionEnvelope } from './chunk-N3CVLISJ.js';
|
|
8
|
-
export { WIRE_VERSION,
|
|
8
|
+
export { WIRE_VERSION, canonicalRequestBytes, createLocalPolicyGatedSigner, createMpc2pPolicyGatedSigner, toWireIntent } from './chunk-FD6Q4NB2.js';
|
|
9
9
|
export { CoSignUnavailableError, PolicyGatedSignerConfigError, assertNonBypassable, authorizationDeadlineFromNow, cancelAuthorizationTypes, deriveAuthorizationNonce, generateAuthorizationNonce, getKnownAssetDomain, listKnownAssetIds, receiveWithAuthorizationTypes, requireNonBypassable, resolvedAssetToEip3009Domain, signCancelAuthorization, signReceiveWithAuthorization, signTransferWithAuthorization, transferWithAuthorizationTypes } from './chunk-5TTOAVHE.js';
|
|
10
10
|
export { X402InvalidConfigError, X402InvalidPayloadError, X402PolicyRejectedError } from './chunk-WMVJNPX2.js';
|
|
11
11
|
export { ONE_DAY_SECONDS, createJpycDailyLimitPolicies } from './chunk-E47SIVFY.js';
|
package/dist/signer/index.cjs
CHANGED
|
@@ -362,7 +362,7 @@ function createLocalPolicyGatedSigner(params) {
|
|
|
362
362
|
}
|
|
363
363
|
|
|
364
364
|
// src/signer/mpc-2p-wire.ts
|
|
365
|
-
var WIRE_VERSION =
|
|
365
|
+
var WIRE_VERSION = 2;
|
|
366
366
|
function toWireIntent(intent) {
|
|
367
367
|
return {
|
|
368
368
|
token: intent.token.toLowerCase(),
|
|
@@ -375,17 +375,23 @@ function toWireIntent(intent) {
|
|
|
375
375
|
nonce: intent.nonce.toLowerCase()
|
|
376
376
|
};
|
|
377
377
|
}
|
|
378
|
-
function
|
|
378
|
+
function canonicalRequestBytes(env) {
|
|
379
|
+
const i = env.intent;
|
|
379
380
|
const lines = [
|
|
380
|
-
"kawasekit-mpc-2p/cosign-request/
|
|
381
|
-
|
|
382
|
-
`
|
|
383
|
-
`
|
|
384
|
-
`
|
|
385
|
-
`
|
|
386
|
-
`
|
|
387
|
-
`
|
|
388
|
-
`
|
|
381
|
+
"kawasekit-mpc-2p/cosign-request/v3",
|
|
382
|
+
"wireVersion=2",
|
|
383
|
+
`ceremonyId=${env.ceremonyId}`,
|
|
384
|
+
`ssid=${env.ssid}`,
|
|
385
|
+
`token=${i.token.toLowerCase()}`,
|
|
386
|
+
`chainId=${i.chainId}`,
|
|
387
|
+
`from=${i.from.toLowerCase()}`,
|
|
388
|
+
`to=${i.to.toLowerCase()}`,
|
|
389
|
+
`value=${i.value}`,
|
|
390
|
+
`validAfter=${i.validAfter}`,
|
|
391
|
+
`validBefore=${i.validBefore}`,
|
|
392
|
+
`nonce=${i.nonce.toLowerCase()}`,
|
|
393
|
+
`freshnessTs=${env.freshnessTs}`,
|
|
394
|
+
`freshnessNonce=${env.freshnessNonce.toLowerCase()}`
|
|
389
395
|
];
|
|
390
396
|
return new TextEncoder().encode(lines.map((l) => `${l}
|
|
391
397
|
`).join(""));
|
|
@@ -447,10 +453,17 @@ function createMpc2pPolicyGatedSigner(params) {
|
|
|
447
453
|
nonce: intent.nonce
|
|
448
454
|
}
|
|
449
455
|
});
|
|
450
|
-
const
|
|
456
|
+
const env = {
|
|
457
|
+
ceremonyId: globalThis.crypto.randomUUID(),
|
|
458
|
+
ssid: globalThis.crypto.randomUUID(),
|
|
459
|
+
intent,
|
|
460
|
+
freshnessTs: Math.floor(Date.now() / 1e3),
|
|
461
|
+
freshnessNonce: viem.toHex(globalThis.crypto.getRandomValues(new Uint8Array(16)))
|
|
462
|
+
};
|
|
463
|
+
const authTag = await authenticator.tag(canonicalRequestBytes(env));
|
|
451
464
|
const conn = await openConnection(transport);
|
|
452
465
|
try {
|
|
453
|
-
return await runCeremony(conn, agent, session.id,
|
|
466
|
+
return await runCeremony(conn, agent, session.id, env, digest, authTag);
|
|
454
467
|
} finally {
|
|
455
468
|
try {
|
|
456
469
|
await conn.close();
|
|
@@ -478,7 +491,7 @@ async function openConnection(transport) {
|
|
|
478
491
|
throw new CoSignUnavailableError("co-signer connection failed", { cause });
|
|
479
492
|
}
|
|
480
493
|
}
|
|
481
|
-
async function runCeremony(conn, agent, sessionId,
|
|
494
|
+
async function runCeremony(conn, agent, sessionId, env, digest, authTag) {
|
|
482
495
|
const send = async (frame) => {
|
|
483
496
|
try {
|
|
484
497
|
await conn.send(frame);
|
|
@@ -504,7 +517,11 @@ async function runCeremony(conn, agent, sessionId, intent, digest, authTag) {
|
|
|
504
517
|
wire_version: WIRE_VERSION,
|
|
505
518
|
kind: "request",
|
|
506
519
|
session_id: sessionId,
|
|
507
|
-
|
|
520
|
+
ceremony_id: env.ceremonyId,
|
|
521
|
+
ssid: env.ssid,
|
|
522
|
+
intent: toWireIntent(env.intent),
|
|
523
|
+
freshness_ts: env.freshnessTs,
|
|
524
|
+
freshness_nonce: env.freshnessNonce,
|
|
508
525
|
auth_tag: authTag
|
|
509
526
|
});
|
|
510
527
|
let first;
|
|
@@ -541,7 +558,7 @@ async function runCeremony(conn, agent, sessionId, intent, digest, authTag) {
|
|
|
541
558
|
if (frame.r.toLowerCase() !== agentSig.r.toLowerCase() || frame.s.toLowerCase() !== agentSig.s.toLowerCase() || frame.v !== agentSig.v) {
|
|
542
559
|
throw new CoSignUnavailableError("the backend and agent derived different signatures");
|
|
543
560
|
}
|
|
544
|
-
return { ok: true, signature: assembleSignature(agentSig), intent };
|
|
561
|
+
return { ok: true, signature: assembleSignature(agentSig), intent: env.intent };
|
|
545
562
|
}
|
|
546
563
|
case "rejection": {
|
|
547
564
|
if (POLICY_REASONS.has(frame.reason)) {
|
|
@@ -572,7 +589,7 @@ exports.CoSignUnavailableError = CoSignUnavailableError;
|
|
|
572
589
|
exports.PolicyGatedSignerConfigError = PolicyGatedSignerConfigError;
|
|
573
590
|
exports.WIRE_VERSION = WIRE_VERSION;
|
|
574
591
|
exports.assertNonBypassable = assertNonBypassable;
|
|
575
|
-
exports.
|
|
592
|
+
exports.canonicalRequestBytes = canonicalRequestBytes;
|
|
576
593
|
exports.createLocalPolicyGatedSigner = createLocalPolicyGatedSigner;
|
|
577
594
|
exports.createMpc2pPolicyGatedSigner = createMpc2pPolicyGatedSigner;
|
|
578
595
|
exports.requireNonBypassable = requireNonBypassable;
|