kawasekit 0.3.0 → 0.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/index.d.cts CHANGED
@@ -8,7 +8,7 @@ export { C as ChainNotSupportedError, g as getChain, i as isSupportedChainId, s
8
8
  export { C as ConfiguredKernelClient, I as IssueSessionKeyParams, K as KAWASEKIT_SESSION_ENVELOPE_VERSION, a as KawasekitSessionEnvelope, b as KawasekitSessionEnvelopeVersion, c as KawasekitSessionPolicySummary, R as RestoreSessionAccountParams, d as RevokeSessionKeyParams, e as RevokeSessionKeyResult, f as RotateSessionKeyParams, g as RotateSessionKeyResult, S as SessionEnvelopeChainMismatchError, h as SessionEnvelopeParseError, i as SessionEnvelopeSignerMismatchError, j as SessionEnvelopeVersionError, T as TransferJpycInputError, k as TransferJpycParams, l as TransferJpycResult, m as issueSessionKey, p as parseSessionEnvelope, r as restoreSessionAccount, n as revokeSessionKey, o as rotateSessionKey, s as serializeSessionEnvelope, t as transferJpyc } from './index-DFChv_fT.cjs';
9
9
  export { CreateJpycDailyLimitPoliciesParams, ONE_DAY_SECONDS, createJpycDailyLimitPolicies } from './policy/index.cjs';
10
10
  export { C as CreateSpendingPolicyParams, P as PolicyDecision, S as SpendState, a as SpendingPolicy, b as SpendingPolicyConfigError, T as TokenLimit, c as createSpendingPolicy, e as evaluateSpendingPolicy, m as mergeSpendState } from './spending-policy-CGIaBpg-.cjs';
11
- export { CoSignConnection, CoSignFrame, CoSignRequestAuthenticator, CoSignTransport, CoSignUnavailableError, CreateLocalPolicyGatedSignerParams, Mpc2pCoSignAgent, Mpc2pSignerParams, Mpc2pStepOutcome, PolicyGatedSignerConfigError, WIRE_VERSION, WireIntent, assertNonBypassable, canonicalIntentBytes, createLocalPolicyGatedSigner, createMpc2pPolicyGatedSigner, requireNonBypassable, toWireIntent } from './signer/index.cjs';
11
+ export { CoSignConnection, CoSignFrame, CoSignRequestAuthenticator, CoSignRequestEnvelope, CoSignTransport, CoSignUnavailableError, CreateLocalPolicyGatedSignerParams, Mpc2pCoSignAgent, Mpc2pSignerParams, Mpc2pStepOutcome, PolicyGatedSignerConfigError, WIRE_VERSION, WireIntent, assertNonBypassable, canonicalRequestBytes, createLocalPolicyGatedSigner, createMpc2pPolicyGatedSigner, requireNonBypassable, toWireIntent } from './signer/index.cjs';
12
12
  export { E as EnforcementLevel, N as NonBypassableEnforcement, P as PaymentIntent, a as PolicyGatedSigner, b as PolicyRejection, S as SignResult, c as SignerDescription } from './types-BLJU67HZ.cjs';
13
13
  export { C as CancelAuthorizationMessage, E as Eip3009Domain, K as KnownAssetDomain, a as KnownAssetId, R as ReceiveWithAuthorizationMessage, b as ResolvedAsset, S as SignedAuthorization, T as TransferWithAuthorizationMessage, X as X402AssetParam, c as X402TokenDomain, d as authorizationDeadlineFromNow, e as cancelAuthorizationTypes, f as deriveAuthorizationNonce, g as generateAuthorizationNonce, h as getKnownAssetDomain, l as listKnownAssetIds, r as receiveWithAuthorizationTypes, i as resolvedAssetToEip3009Domain, s as signCancelAuthorization, j as signReceiveWithAuthorization, k as signTransferWithAuthorization, t as transferWithAuthorizationTypes } from './asset-domain-4Ioxqn28.cjs';
14
14
  export { B as BuildPaymentRequiredResponseParams, a as BuildPaymentRequirementsParams, C as CreateCoinbaseFacilitatorParams, b as CreateHttpFacilitatorParams, c as CreateSelfFacilitatorParams, d as CreateX402PaymentSignerParams, K as KawaseChain, S as SignX402PaymentParams, W as WrapFetchParams, X as X402Fetch, e as X402InvalidConfigError, f as X402InvalidPayloadError, g as X402PaymentSigner, h as X402PolicyRejectedError, i as X402_DEFAULT_AUTHORIZATION_LIFETIME_SECONDS, j as X402_DEFAULT_MAX_TIMEOUT_SECONDS, k as X402_FACILITATOR_ERROR_CODES, l as X402_HEADER_IDEMPOTENCY_KEY, m as X402_HEADER_PAYMENT_REQUIRED, n as X402_HEADER_PAYMENT_RESPONSE, o as X402_HEADER_PAYMENT_SIGNATURE, p as buildPaymentRequiredResponse, q as buildPaymentRequirements, r as createCoinbaseFacilitator, s as createHttpFacilitator, t as createSelfFacilitator, u as createX402PaymentSigner, v as decodePaymentRequiredHeader, w as decodePaymentResponseHeader, x as decodePaymentSignatureHeader, y as deriveReceiptTimeoutMs, z as encodePaymentRequiredHeader, A as encodePaymentResponseHeader, D as encodePaymentSignatureHeader, E as wrapFetch, F as zerodevRpcUrl } from './index-CAmTA8xR.cjs';
package/dist/index.d.ts CHANGED
@@ -8,7 +8,7 @@ export { C as ChainNotSupportedError, g as getChain, i as isSupportedChainId, s
8
8
  export { C as ConfiguredKernelClient, I as IssueSessionKeyParams, K as KAWASEKIT_SESSION_ENVELOPE_VERSION, a as KawasekitSessionEnvelope, b as KawasekitSessionEnvelopeVersion, c as KawasekitSessionPolicySummary, R as RestoreSessionAccountParams, d as RevokeSessionKeyParams, e as RevokeSessionKeyResult, f as RotateSessionKeyParams, g as RotateSessionKeyResult, S as SessionEnvelopeChainMismatchError, h as SessionEnvelopeParseError, i as SessionEnvelopeSignerMismatchError, j as SessionEnvelopeVersionError, T as TransferJpycInputError, k as TransferJpycParams, l as TransferJpycResult, m as issueSessionKey, p as parseSessionEnvelope, r as restoreSessionAccount, n as revokeSessionKey, o as rotateSessionKey, s as serializeSessionEnvelope, t as transferJpyc } from './index-CSpNGigO.js';
9
9
  export { CreateJpycDailyLimitPoliciesParams, ONE_DAY_SECONDS, createJpycDailyLimitPolicies } from './policy/index.js';
10
10
  export { C as CreateSpendingPolicyParams, P as PolicyDecision, S as SpendState, a as SpendingPolicy, b as SpendingPolicyConfigError, T as TokenLimit, c as createSpendingPolicy, e as evaluateSpendingPolicy, m as mergeSpendState } from './spending-policy-BD2Mpm-L.js';
11
- export { CoSignConnection, CoSignFrame, CoSignRequestAuthenticator, CoSignTransport, CoSignUnavailableError, CreateLocalPolicyGatedSignerParams, Mpc2pCoSignAgent, Mpc2pSignerParams, Mpc2pStepOutcome, PolicyGatedSignerConfigError, WIRE_VERSION, WireIntent, assertNonBypassable, canonicalIntentBytes, createLocalPolicyGatedSigner, createMpc2pPolicyGatedSigner, requireNonBypassable, toWireIntent } from './signer/index.js';
11
+ export { CoSignConnection, CoSignFrame, CoSignRequestAuthenticator, CoSignRequestEnvelope, CoSignTransport, CoSignUnavailableError, CreateLocalPolicyGatedSignerParams, Mpc2pCoSignAgent, Mpc2pSignerParams, Mpc2pStepOutcome, PolicyGatedSignerConfigError, WIRE_VERSION, WireIntent, assertNonBypassable, canonicalRequestBytes, createLocalPolicyGatedSigner, createMpc2pPolicyGatedSigner, requireNonBypassable, toWireIntent } from './signer/index.js';
12
12
  export { E as EnforcementLevel, N as NonBypassableEnforcement, P as PaymentIntent, a as PolicyGatedSigner, b as PolicyRejection, S as SignResult, c as SignerDescription } from './types-BLJU67HZ.js';
13
13
  export { C as CancelAuthorizationMessage, E as Eip3009Domain, K as KnownAssetDomain, a as KnownAssetId, R as ReceiveWithAuthorizationMessage, b as ResolvedAsset, S as SignedAuthorization, T as TransferWithAuthorizationMessage, X as X402AssetParam, c as X402TokenDomain, d as authorizationDeadlineFromNow, e as cancelAuthorizationTypes, f as deriveAuthorizationNonce, g as generateAuthorizationNonce, h as getKnownAssetDomain, l as listKnownAssetIds, r as receiveWithAuthorizationTypes, i as resolvedAssetToEip3009Domain, s as signCancelAuthorization, j as signReceiveWithAuthorization, k as signTransferWithAuthorization, t as transferWithAuthorizationTypes } from './asset-domain-4Ioxqn28.js';
14
14
  export { B as BuildPaymentRequiredResponseParams, a as BuildPaymentRequirementsParams, C as CreateCoinbaseFacilitatorParams, b as CreateHttpFacilitatorParams, c as CreateSelfFacilitatorParams, d as CreateX402PaymentSignerParams, K as KawaseChain, S as SignX402PaymentParams, W as WrapFetchParams, X as X402Fetch, e as X402InvalidConfigError, f as X402InvalidPayloadError, g as X402PaymentSigner, h as X402PolicyRejectedError, i as X402_DEFAULT_AUTHORIZATION_LIFETIME_SECONDS, j as X402_DEFAULT_MAX_TIMEOUT_SECONDS, k as X402_FACILITATOR_ERROR_CODES, l as X402_HEADER_IDEMPOTENCY_KEY, m as X402_HEADER_PAYMENT_REQUIRED, n as X402_HEADER_PAYMENT_RESPONSE, o as X402_HEADER_PAYMENT_SIGNATURE, p as buildPaymentRequiredResponse, q as buildPaymentRequirements, r as createCoinbaseFacilitator, s as createHttpFacilitator, t as createSelfFacilitator, u as createX402PaymentSigner, v as decodePaymentRequiredHeader, w as decodePaymentResponseHeader, x as decodePaymentSignatureHeader, y as deriveReceiptTimeoutMs, z as encodePaymentRequiredHeader, A as encodePaymentResponseHeader, D as encodePaymentSignatureHeader, E as wrapFetch, F as zerodevRpcUrl } from './index-C9tbaHPF.js';
package/dist/index.js CHANGED
@@ -5,7 +5,7 @@ export { extractAcceptedNetworks, invokeHookSafely } from './chunk-LEHWRDVS.js';
5
5
  export { createIdempotencyKeyBuilder, createInMemoryIdempotencyStore, deriveIdempotencyKey, normalizeIntentText } from './chunk-TTX3RBIZ.js';
6
6
  export { IdempotencyConfigError, IdempotencyRecordParseError, IdempotencyRecordVersionError, KAWASEKIT_IDEMPOTENCY_RECORD_VERSION, X402_VERSION, chainIdToX402Network, isX402Network, parseIdempotencyRecord, serializeIdempotencyRecord, x402NetworkToChainId } from './chunk-QHUCU5YX.js';
7
7
  export { KAWASEKIT_SESSION_ENVELOPE_VERSION, SessionEnvelopeChainMismatchError, SessionEnvelopeParseError, SessionEnvelopeSignerMismatchError, SessionEnvelopeVersionError, createAgentSmartAccount, issueSessionKey, parseSessionEnvelope, restoreSessionAccount, revokeSessionKey, rotateSessionKey, serializeSessionEnvelope } from './chunk-N3CVLISJ.js';
8
- export { WIRE_VERSION, canonicalIntentBytes, createLocalPolicyGatedSigner, createMpc2pPolicyGatedSigner, toWireIntent } from './chunk-EUW7AZ4P.js';
8
+ export { WIRE_VERSION, canonicalRequestBytes, createLocalPolicyGatedSigner, createMpc2pPolicyGatedSigner, toWireIntent } from './chunk-FD6Q4NB2.js';
9
9
  export { CoSignUnavailableError, PolicyGatedSignerConfigError, assertNonBypassable, authorizationDeadlineFromNow, cancelAuthorizationTypes, deriveAuthorizationNonce, generateAuthorizationNonce, getKnownAssetDomain, listKnownAssetIds, receiveWithAuthorizationTypes, requireNonBypassable, resolvedAssetToEip3009Domain, signCancelAuthorization, signReceiveWithAuthorization, signTransferWithAuthorization, transferWithAuthorizationTypes } from './chunk-5TTOAVHE.js';
10
10
  export { X402InvalidConfigError, X402InvalidPayloadError, X402PolicyRejectedError } from './chunk-WMVJNPX2.js';
11
11
  export { ONE_DAY_SECONDS, createJpycDailyLimitPolicies } from './chunk-E47SIVFY.js';
@@ -362,7 +362,7 @@ function createLocalPolicyGatedSigner(params) {
362
362
  }
363
363
 
364
364
  // src/signer/mpc-2p-wire.ts
365
- var WIRE_VERSION = 1;
365
+ var WIRE_VERSION = 2;
366
366
  function toWireIntent(intent) {
367
367
  return {
368
368
  token: intent.token.toLowerCase(),
@@ -375,17 +375,23 @@ function toWireIntent(intent) {
375
375
  nonce: intent.nonce.toLowerCase()
376
376
  };
377
377
  }
378
- function canonicalIntentBytes(intent) {
378
+ function canonicalRequestBytes(env) {
379
+ const i = env.intent;
379
380
  const lines = [
380
- "kawasekit-mpc-2p/cosign-request/v2",
381
- `token=${intent.token.toLowerCase()}`,
382
- `chainId=${intent.chainId}`,
383
- `from=${intent.from.toLowerCase()}`,
384
- `to=${intent.to.toLowerCase()}`,
385
- `value=${intent.value}`,
386
- `validAfter=${intent.validAfter}`,
387
- `validBefore=${intent.validBefore}`,
388
- `nonce=${intent.nonce.toLowerCase()}`
381
+ "kawasekit-mpc-2p/cosign-request/v3",
382
+ "wireVersion=2",
383
+ `ceremonyId=${env.ceremonyId}`,
384
+ `ssid=${env.ssid}`,
385
+ `token=${i.token.toLowerCase()}`,
386
+ `chainId=${i.chainId}`,
387
+ `from=${i.from.toLowerCase()}`,
388
+ `to=${i.to.toLowerCase()}`,
389
+ `value=${i.value}`,
390
+ `validAfter=${i.validAfter}`,
391
+ `validBefore=${i.validBefore}`,
392
+ `nonce=${i.nonce.toLowerCase()}`,
393
+ `freshnessTs=${env.freshnessTs}`,
394
+ `freshnessNonce=${env.freshnessNonce.toLowerCase()}`
389
395
  ];
390
396
  return new TextEncoder().encode(lines.map((l) => `${l}
391
397
  `).join(""));
@@ -447,10 +453,17 @@ function createMpc2pPolicyGatedSigner(params) {
447
453
  nonce: intent.nonce
448
454
  }
449
455
  });
450
- const authTag = await authenticator.tag(canonicalIntentBytes(intent));
456
+ const env = {
457
+ ceremonyId: globalThis.crypto.randomUUID(),
458
+ ssid: globalThis.crypto.randomUUID(),
459
+ intent,
460
+ freshnessTs: Math.floor(Date.now() / 1e3),
461
+ freshnessNonce: viem.toHex(globalThis.crypto.getRandomValues(new Uint8Array(16)))
462
+ };
463
+ const authTag = await authenticator.tag(canonicalRequestBytes(env));
451
464
  const conn = await openConnection(transport);
452
465
  try {
453
- return await runCeremony(conn, agent, session.id, intent, digest, authTag);
466
+ return await runCeremony(conn, agent, session.id, env, digest, authTag);
454
467
  } finally {
455
468
  try {
456
469
  await conn.close();
@@ -478,7 +491,7 @@ async function openConnection(transport) {
478
491
  throw new CoSignUnavailableError("co-signer connection failed", { cause });
479
492
  }
480
493
  }
481
- async function runCeremony(conn, agent, sessionId, intent, digest, authTag) {
494
+ async function runCeremony(conn, agent, sessionId, env, digest, authTag) {
482
495
  const send = async (frame) => {
483
496
  try {
484
497
  await conn.send(frame);
@@ -504,7 +517,11 @@ async function runCeremony(conn, agent, sessionId, intent, digest, authTag) {
504
517
  wire_version: WIRE_VERSION,
505
518
  kind: "request",
506
519
  session_id: sessionId,
507
- intent: toWireIntent(intent),
520
+ ceremony_id: env.ceremonyId,
521
+ ssid: env.ssid,
522
+ intent: toWireIntent(env.intent),
523
+ freshness_ts: env.freshnessTs,
524
+ freshness_nonce: env.freshnessNonce,
508
525
  auth_tag: authTag
509
526
  });
510
527
  let first;
@@ -541,7 +558,7 @@ async function runCeremony(conn, agent, sessionId, intent, digest, authTag) {
541
558
  if (frame.r.toLowerCase() !== agentSig.r.toLowerCase() || frame.s.toLowerCase() !== agentSig.s.toLowerCase() || frame.v !== agentSig.v) {
542
559
  throw new CoSignUnavailableError("the backend and agent derived different signatures");
543
560
  }
544
- return { ok: true, signature: assembleSignature(agentSig), intent };
561
+ return { ok: true, signature: assembleSignature(agentSig), intent: env.intent };
545
562
  }
546
563
  case "rejection": {
547
564
  if (POLICY_REASONS.has(frame.reason)) {
@@ -572,7 +589,7 @@ exports.CoSignUnavailableError = CoSignUnavailableError;
572
589
  exports.PolicyGatedSignerConfigError = PolicyGatedSignerConfigError;
573
590
  exports.WIRE_VERSION = WIRE_VERSION;
574
591
  exports.assertNonBypassable = assertNonBypassable;
575
- exports.canonicalIntentBytes = canonicalIntentBytes;
592
+ exports.canonicalRequestBytes = canonicalRequestBytes;
576
593
  exports.createLocalPolicyGatedSigner = createLocalPolicyGatedSigner;
577
594
  exports.createMpc2pPolicyGatedSigner = createMpc2pPolicyGatedSigner;
578
595
  exports.requireNonBypassable = requireNonBypassable;