openttt 0.1.0 → 0.1.1

package/dist/auto_mint.d.ts

@@ -19,6 +19,7 @@ export declare class AutoMintEngine {
     private cachedSigner;
     private consecutiveFailures;
     private maxConsecutiveFailures;
+    private potSigner;
     constructor(config: AutoMintConfig);
     getEvmConnector(): EVMConnector;
     setOnMint(callback: (result: MintResult) => void): void;

package/dist/auto_mint.js

@@ -7,6 +7,7 @@ const time_synthesis_1 = require("./time_synthesis");
 const dynamic_fee_1 = require("./dynamic_fee");
 const evm_connector_1 = require("./evm_connector");
 const protocol_fee_1 = require("./protocol_fee");
+const pot_signer_1 = require("./pot_signer");
 const types_1 = require("./types");
 const logger_1 = require("./logger");
 const errors_1 = require("./errors");
@@ -29,6 +30,7 @@ class AutoMintEngine {
     cachedSigner = null;
     consecutiveFailures = 0;
     maxConsecutiveFailures = 5;
+    potSigner = null;
     constructor(config) {
         this.config = config;
         this.timeSynthesis = new time_synthesis_1.TimeSynthesis({ sources: config.timeSources });
@@ -40,6 +42,8 @@ class AutoMintEngine {
         if (config.signer) {
             this.cachedSigner = config.signer;
         }
+        // Initialize Ed25519 PoT signer for non-repudiation
+        this.potSigner = new pot_signer_1.PotSigner();
     }
     getEvmConnector() {
         return this.evmConnector;
@@ -162,6 +166,11 @@ class AutoMintEngine {
             throw new errors_1.TTTTimeSynthesisError(`[PoT] Insufficient confidence`, `Calculated confidence ${pot.confidence} is below required 0.5`, `Ensure more NTP sources are reachable or decrease uncertainty.`);
         }
         const potHash = ethers_1.ethers.keccak256(ethers_1.ethers.toUtf8Bytes(JSON.stringify(pot, (key, value) => typeof value === 'bigint' ? value.toString() : value)));
+        // 1-2. Ed25519 issuer signature for non-repudiation
+        if (this.potSigner) {
+            pot.issuerSignature = this.potSigner.signPot(potHash);
+            logger_1.logger.info(`[AutoMint] PoT signed by issuer ${this.potSigner.getPubKeyHex().substring(0, 16)}...`);
+        }
         // 2. tokenId 생성 (keccak256)
         // chainId, poolAddress, timestamp 기반 유니크 ID
         const tokenId = ethers_1.ethers.keccak256(ethers_1.ethers.AbiCoder.defaultAbiCoder().encode(["uint256", "address", "uint64"], [BigInt(this.config.chainId), this.config.poolAddress, synthesized.timestamp]));

package/dist/grg_forward.d.ts

@@ -1,6 +1,11 @@
 export declare class GrgForward {
     static golombEncode(data: Uint8Array, m?: number): Uint8Array;
     static redstuffEncode(data: Uint8Array, shards?: number, parity?: number): Uint8Array[];
-    static golayEncodeWrapper(data: Uint8Array): Uint8Array;
-    static encode(data: Uint8Array): Uint8Array[];
+    /**
+     * Derives an HMAC key from GRG payload context (chainId + poolAddress).
+     * Falls back to a static domain-separation key when no context is provided.
+     */
+    static deriveHmacKey(chainId?: number, poolAddress?: string): Buffer;
+    static golayEncodeWrapper(data: Uint8Array, hmacKey?: Buffer): Uint8Array;
+    static encode(data: Uint8Array, chainId?: number, poolAddress?: string): Uint8Array[];
 }

package/dist/grg_forward.js

@@ -2,6 +2,7 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.GrgForward = void 0;
 const crypto_1 = require("crypto");
+const ethers_1 = require("ethers");
 const golay_1 = require("./golay");
 const reed_solomon_1 = require("./reed_solomon");
 class GrgForward {
@@ -28,18 +29,31 @@ class GrgForward {
     static redstuffEncode(data, shards = 4, parity = 2) {
         return reed_solomon_1.ReedSolomon.encode(data, shards, parity);
     }
+    /**
+     * Derives an HMAC key from GRG payload context (chainId + poolAddress).
+     * Falls back to a static domain-separation key when no context is provided.
+     */
+    static deriveHmacKey(chainId, poolAddress) {
+        if (chainId !== undefined && poolAddress) {
+            const packed = (0, ethers_1.keccak256)(ethers_1.AbiCoder.defaultAbiCoder().encode(["uint256", "address"], [chainId, poolAddress]));
+            return Buffer.from(packed.slice(2), "hex"); // 32 bytes
+        }
+        // Default domain-separation key when no context is available
+        return Buffer.from("grg-integrity-hmac-default-key-v1");
+    }
     // 3. Golay(24,12) Error Correction Encoding
-    static golayEncodeWrapper(data) {
+    static golayEncodeWrapper(data, hmacKey) {
         const encoded = (0, golay_1.golayEncode)(data);
-        // 🔱 Integrity: Append 8-byte SHA-256 hash of the encoded shard (B1-5: 4 -> 8 bytes)
-        const hash = (0, crypto_1.createHash)("sha256").update(Buffer.from(encoded)).digest();
-        const checksum = hash.subarray(0, 8);
+        // 🔱 Integrity: Append 8-byte HMAC-SHA256 of the encoded shard (keyed hash)
+        const key = hmacKey || this.deriveHmacKey();
+        const mac = (0, crypto_1.createHmac)("sha256", key).update(Buffer.from(encoded)).digest();
+        const checksum = mac.subarray(0, 8);
         const final = new Uint8Array(encoded.length + 8);
         final.set(encoded);
         final.set(checksum, encoded.length);
         return final;
     }
-    static encode(data) {
+    static encode(data, chainId, poolAddress) {
         // R3-P0-3: Reject empty input — roundtrip breaks ([] → [0])
         if (data.length === 0) {
             throw new Error("[GRG] Cannot encode empty input — roundtrip identity violation");
@@ -53,7 +67,8 @@ class GrgForward {
         withLen[3] = data.length & 0xFF;
         withLen.set(compressed, 4);
         const shards = this.redstuffEncode(withLen);
-        return shards.map(s => this.golayEncodeWrapper(s));
+        const hmacKey = this.deriveHmacKey(chainId, poolAddress);
+        return shards.map(s => this.golayEncodeWrapper(s, hmacKey));
     }
 }
 exports.GrgForward = GrgForward;

package/dist/grg_inverse.d.ts

@@ -1,7 +1,7 @@
 export declare class GrgInverse {
-    static golayDecodeWrapper(data: Uint8Array): Uint8Array;
+    static golayDecodeWrapper(data: Uint8Array, hmacKey?: Buffer): Uint8Array;
     static redstuffDecode(shards: (Uint8Array | null)[], dataShardCount?: number, parityShardCount?: number): Uint8Array;
     private static readonly MAX_GOLOMB_Q;
     static golombDecode(data: Uint8Array, m?: number): Uint8Array;
-    static verify(data: Uint8Array, originalShards: Uint8Array[]): boolean;
+    static verify(data: Uint8Array, originalShards: Uint8Array[], chainId?: number, poolAddress?: string): boolean;
 }

package/dist/grg_inverse.js

@@ -3,21 +3,23 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.GrgInverse = void 0;
 const crypto_1 = require("crypto");
 const golay_1 = require("./golay");
+const grg_forward_1 = require("./grg_forward");
 const logger_1 = require("./logger");
 const reed_solomon_1 = require("./reed_solomon");
 class GrgInverse {
     // 1. Golay Decoding & Integrity Check 🔱
-    static golayDecodeWrapper(data) {
+    static golayDecodeWrapper(data, hmacKey) {
         if (data.length < 8)
             throw new Error("GRG shard too short for checksum");
         // Split data and checksum (last 8 bytes)
         const encoded = data.subarray(0, data.length - 8);
         const checksum = data.subarray(data.length - 8);
-        // Verify SHA-256 Checksum (B1-5: 4 -> 8 bytes)
-        const hash = (0, crypto_1.createHash)("sha256").update(Buffer.from(encoded)).digest();
-        const expected = hash.subarray(0, 8);
+        // Verify HMAC-SHA256 Checksum (keyed hash, B1-5: 8 bytes truncated)
+        const key = hmacKey || grg_forward_1.GrgForward.deriveHmacKey();
+        const mac = (0, crypto_1.createHmac)("sha256", key).update(Buffer.from(encoded)).digest();
+        const expected = mac.subarray(0, 8);
         if (!Buffer.from(checksum).equals(Buffer.from(expected))) {
-            throw new Error("GRG tamper detected: SHA-256 checksum mismatch");
+            throw new Error("GRG tamper detected: HMAC-SHA256 checksum mismatch");
         }
         // Proceed to Golay decode
         const res = (0, golay_1.golayDecode)(encoded);
@@ -62,11 +64,12 @@ class GrgInverse {
         }
         return new Uint8Array(result);
     }
-    static verify(data, originalShards) {
+    static verify(data, originalShards, chainId, poolAddress) {
         try {
+            const hmacKey = grg_forward_1.GrgForward.deriveHmacKey(chainId, poolAddress);
             const decodedShards = originalShards.map(s => {
                 try {
-                    return this.golayDecodeWrapper(s);
+                    return this.golayDecodeWrapper(s, hmacKey);
                 }
                 catch {
                     return null;

package/dist/index.d.ts

@@ -19,3 +19,4 @@ export * from "./signer";
 export * from "./networks";
 export * from "./reed_solomon";
 export * from "./errors";
+export * from "./pot_signer";

package/dist/index.js

@@ -36,3 +36,4 @@ __exportStar(require("./signer"), exports);
 __exportStar(require("./networks"), exports);
 __exportStar(require("./reed_solomon"), exports);
 __exportStar(require("./errors"), exports);
+__exportStar(require("./pot_signer"), exports);

package/dist/pot_signer.d.ts

@@ -0,0 +1,29 @@
+export interface PotSignature {
+    issuerPubKey: string;
+    signature: string;
+    issuedAt: bigint;
+}
+export declare class PotSigner {
+    private privateKey;
+    private publicKey;
+    private pubKeyHex;
+    constructor(privateKeyHex?: string);
+    /** Returns the hex-encoded SPKI DER public key */
+    getPubKeyHex(): string;
+    /** Returns the hex-encoded PKCS8 DER private key (for persistence) */
+    getPrivateKeyHex(): string;
+    /**
+     * Sign a PoT hash with Ed25519.
+     * @param potHash - hex string (with or without 0x prefix) of the PoT hash
+     * @returns PotSignature with issuerPubKey, signature, and issuedAt
+     */
+    signPot(potHash: string): PotSignature;
+    /**
+     * Verify a PotSignature against a PoT hash.
+     * @param potHash - hex string (with or without 0x prefix)
+     * @param potSig - the PotSignature to verify
+     * @param expectedPubKey - optional: reject if issuerPubKey doesn't match
+     * @returns true if signature is valid
+     */
+    static verifyPotSignature(potHash: string, potSig: PotSignature, expectedPubKey?: string): boolean;
+}

package/dist/pot_signer.js

@@ -0,0 +1,73 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.PotSigner = void 0;
+// sdk/src/pot_signer.ts — Ed25519 signing for Proof of Time (Non-repudiation)
+// Uses Node.js built-in crypto.sign/verify with Ed25519
+const crypto_1 = require("crypto");
+class PotSigner {
+    privateKey;
+    publicKey;
+    pubKeyHex;
+    constructor(privateKeyHex) {
+        if (privateKeyHex) {
+            // Import existing key from PKCS8 DER hex
+            const keyBuffer = Buffer.from(privateKeyHex, 'hex');
+            this.privateKey = (0, crypto_1.createPrivateKey)({ key: keyBuffer, format: 'der', type: 'pkcs8' });
+            this.publicKey = (0, crypto_1.createPublicKey)(this.privateKey);
+        }
+        else {
+            // Generate new Ed25519 keypair
+            const { privateKey, publicKey } = (0, crypto_1.generateKeyPairSync)('ed25519');
+            this.privateKey = privateKey;
+            this.publicKey = publicKey;
+        }
+        this.pubKeyHex = this.publicKey.export({ type: 'spki', format: 'der' }).toString('hex');
+    }
+    /** Returns the hex-encoded SPKI DER public key */
+    getPubKeyHex() {
+        return this.pubKeyHex;
+    }
+    /** Returns the hex-encoded PKCS8 DER private key (for persistence) */
+    getPrivateKeyHex() {
+        return this.privateKey.export({ type: 'pkcs8', format: 'der' }).toString('hex');
+    }
+    /**
+     * Sign a PoT hash with Ed25519.
+     * @param potHash - hex string (with or without 0x prefix) of the PoT hash
+     * @returns PotSignature with issuerPubKey, signature, and issuedAt
+     */
+    signPot(potHash) {
+        const data = Buffer.from(potHash.startsWith('0x') ? potHash.slice(2) : potHash, 'hex');
+        const sig = (0, crypto_1.sign)(null, data, this.privateKey);
+        return {
+            issuerPubKey: this.pubKeyHex,
+            signature: sig.toString('hex'),
+            issuedAt: BigInt(Math.floor(Date.now() / 1000)),
+        };
+    }
+    /**
+     * Verify a PotSignature against a PoT hash.
+     * @param potHash - hex string (with or without 0x prefix)
+     * @param potSig - the PotSignature to verify
+     * @param expectedPubKey - optional: reject if issuerPubKey doesn't match
+     * @returns true if signature is valid
+     */
+    static verifyPotSignature(potHash, potSig, expectedPubKey) {
+        if (expectedPubKey && potSig.issuerPubKey !== expectedPubKey)
+            return false;
+        try {
+            const data = Buffer.from(potHash.startsWith('0x') ? potHash.slice(2) : potHash, 'hex');
+            const sigBuffer = Buffer.from(potSig.signature, 'hex');
+            const pubKey = (0, crypto_1.createPublicKey)({
+                key: Buffer.from(potSig.issuerPubKey, 'hex'),
+                format: 'der',
+                type: 'spki',
+            });
+            return (0, crypto_1.verify)(null, data, pubKey, sigBuffer);
+        }
+        catch {
+            return false;
+        }
+    }
+}
+exports.PotSigner = PotSigner;

package/dist/time_synthesis.d.ts

@@ -13,6 +13,9 @@ export declare class NTPSource implements TimeSource {
 }
 export declare class TimeSynthesis {
     private sources;
+    private usedNonces;
+    private readonly MAX_NONCE_CACHE;
+    private readonly NONCE_TTL_MS;
     constructor(config?: {
         sources?: string[];
     });
@@ -24,6 +27,8 @@ export declare class TimeSynthesis {
     generateProofOfTime(): Promise<ProofOfTime>;
     /**
      * Verify Proof of Time integrity.
+     * Fix 2: Checks expiration and nonce replay.
+     * Fix 3: Uses sourceReadings (renamed from signatures).
      */
     verifyProofOfTime(pot: ProofOfTime): boolean;
     /**
@@ -40,6 +45,7 @@ export declare class TimeSynthesis {
     static deserializeFromJSON(json: string): ProofOfTime;
     /**
      * Serializes PoT to compact binary format.
+     * Layout: header(19) + nonce(1+N) + expiresAt(8) + readings(variable)
      */
     static serializeToBinary(pot: ProofOfTime): Buffer;
     /**

package/dist/time_synthesis.js

@@ -34,6 +34,7 @@ var __importStar = (this && this.__importStar) || (function () {
 })();
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.TimeSynthesis = exports.NTPSource = void 0;
+const crypto = __importStar(require("crypto"));
 const dgram = __importStar(require("dgram"));
 const buffer_1 = require("buffer");
 const ethers_1 = require("ethers");
@@ -132,6 +133,10 @@ class NTPSource {
 exports.NTPSource = NTPSource;
 class TimeSynthesis {
     sources = [];
+    // Fix 2: Bounded nonce replay cache (max 10K entries, 60s TTL) — same pattern as protocol_fee.ts
+    usedNonces = new Map();
+    MAX_NONCE_CACHE = 10000;
+    NONCE_TTL_MS = 60000; // 60 seconds
     constructor(config) {
         const sourceNames = config?.sources || ['nist', 'kriss', 'google'];
         for (const s of sourceNames) {
@@ -233,18 +238,23 @@ class TimeSynthesis {
             finalUncertainty = readings[mid].uncertainty;
             finalStratum = readings[mid].stratum;
         }
-        const signatures = readings.map(r => ({
+        const sourceReadings = readings.map(r => ({
             source: r.source,
             timestamp: r.timestamp,
             uncertainty: r.uncertainty
         }));
+        // Fix 2: PoT nonce + expiration for replay protection
+        const nonce = crypto.randomBytes(16).toString("hex");
+        const expiresAt = BigInt(Date.now()) + 60000n; // +60 seconds
         const pot = {
             timestamp: finalTimestamp,
             uncertainty: finalUncertainty,
             sources: readings.length,
             stratum: finalStratum,
             confidence: readings.length / this.sources.length,
-            signatures
+            sourceReadings,
+            nonce,
+            expiresAt,
         };
         // Verification Logic: Ensure all source timestamps are within tolerance of synthesized median
         if (!this.verifyProofOfTime(pot)) {
@@ -254,17 +264,44 @@ class TimeSynthesis {
     }
     /**
      * Verify Proof of Time integrity.
+     * Fix 2: Checks expiration and nonce replay.
+     * Fix 3: Uses sourceReadings (renamed from signatures).
      */
     verifyProofOfTime(pot) {
         const TOLERANCE_NS = 100000000n; // 100ms
-        if (pot.signatures.length === 0)
+        if (pot.sourceReadings.length === 0)
             return false;
         if (pot.confidence <= 0)
             return false;
-        for (const sig of pot.signatures) {
+        // Fix 2: Expiration check
+        if (BigInt(Date.now()) > pot.expiresAt) {
+            logger_1.logger.warn(`[TimeSynthesis] PoT expired at ${pot.expiresAt}`);
+            return false;
+        }
+        // Fix 2: Nonce replay protection with bounded cache + TTL cleanup
+        const now = Date.now();
+        // TTL cleanup pass (evict expired entries)
+        if (this.usedNonces.size > this.MAX_NONCE_CACHE / 2) {
+            for (const [k, ts] of this.usedNonces) {
+                if (now - ts > this.NONCE_TTL_MS)
+                    this.usedNonces.delete(k);
+            }
+        }
+        if (this.usedNonces.has(pot.nonce)) {
+            logger_1.logger.warn(`[TimeSynthesis] Duplicate nonce detected: ${pot.nonce}`);
+            return false;
+        }
+        if (this.usedNonces.size >= this.MAX_NONCE_CACHE) {
+            // Evict oldest entry
+            const oldest = this.usedNonces.keys().next().value;
+            if (oldest !== undefined)
+                this.usedNonces.delete(oldest);
+        }
+        this.usedNonces.set(pot.nonce, now);
+        for (const sig of pot.sourceReadings) {
             const diff = sig.timestamp > pot.timestamp ? sig.timestamp - pot.timestamp : pot.timestamp - sig.timestamp;
             if (diff > TOLERANCE_NS) {
-                logger_1.logger.warn(`[TimeSynthesis] Signature from ${sig.source} outside tolerance: ${diff}ns`);
+                logger_1.logger.warn(`[TimeSynthesis] Reading from ${sig.source} outside tolerance: ${diff}ns`);
                 return false;
             }
         }
@@ -296,7 +333,8 @@ class TimeSynthesis {
         return {
             ...data,
             timestamp: BigInt(data.timestamp),
-            signatures: data.signatures.map((s) => ({
+            expiresAt: BigInt(data.expiresAt),
+            sourceReadings: data.sourceReadings.map((s) => ({
                 ...s,
                 timestamp: BigInt(s.timestamp)
             }))
@@ -304,11 +342,14 @@ class TimeSynthesis {
     }
     /**
      * Serializes PoT to compact binary format.
+     * Layout: header(19) + nonce(1+N) + expiresAt(8) + readings(variable)
      */
     static serializeToBinary(pot) {
-        // Header: timestamp(8), uncertainty(4), sources(1), stratum(1), confidence(4), sigCount(1) = 19 bytes
-        let size = 19;
-        for (const sig of pot.signatures) {
+        const nonceBytes = buffer_1.Buffer.from(pot.nonce, "utf8");
+        // Header: timestamp(8) + uncertainty(4) + sources(1) + stratum(1) + confidence(4) + readingCount(1) = 19
+        // + nonceLen(1) + nonce(N) + expiresAt(8)
+        let size = 19 + 1 + nonceBytes.length + 8;
+        for (const sig of pot.sourceReadings) {
             size += 1 + sig.source.length + 8 + 4; // nameLen(1) + name(N) + ts(8) + unc(4)
         }
         const buf = buffer_1.Buffer.alloc(size);
@@ -323,9 +364,17 @@ class TimeSynthesis {
         offset += 1;
         buf.writeFloatBE(pot.confidence, offset);
         offset += 4;
-        buf.writeUInt8(pot.signatures.length, offset);
+        buf.writeUInt8(pot.sourceReadings.length, offset);
+        offset += 1;
+        // Nonce
+        buf.writeUInt8(nonceBytes.length, offset);
         offset += 1;
-        for (const sig of pot.signatures) {
+        nonceBytes.copy(buf, offset);
+        offset += nonceBytes.length;
+        // ExpiresAt
+        buf.writeBigUInt64BE(pot.expiresAt, offset);
+        offset += 8;
+        for (const sig of pot.sourceReadings) {
             buf.writeUInt8(sig.source.length, offset);
             offset += 1;
             buf.write(sig.source, offset);
@@ -354,7 +403,15 @@ class TimeSynthesis {
         offset += 4;
         const sigCount = buf.readUInt8(offset);
         offset += 1;
-        const signatures = [];
+        // Nonce
+        const nonceLen = buf.readUInt8(offset);
+        offset += 1;
+        const nonce = buf.toString('utf8', offset, offset + nonceLen);
+        offset += nonceLen;
+        // ExpiresAt
+        const expiresAt = buf.readBigUInt64BE(offset);
+        offset += 8;
+        const sourceReadings = [];
         for (let i = 0; i < sigCount; i++) {
             const nameLen = buf.readUInt8(offset);
             offset += 1;
@@ -364,9 +421,9 @@ class TimeSynthesis {
             offset += 8;
             const unc = buf.readFloatBE(offset);
             offset += 4;
-            signatures.push({ source, timestamp: ts, uncertainty: unc });
+            sourceReadings.push({ source, timestamp: ts, uncertainty: unc });
         }
-        return { timestamp, uncertainty, sources, stratum, confidence, signatures };
+        return { timestamp, uncertainty, sources, stratum, confidence, sourceReadings, nonce, expiresAt };
     }
 }
 exports.TimeSynthesis = TimeSynthesis;

package/dist/types.d.ts

@@ -1,6 +1,7 @@
 import { Signer } from "ethers";
 import { SignerConfig } from "./signer";
 import { NetworkConfig } from "./networks";
+import { PotSignature } from "./pot_signer";
 export type TierType = "T0_epoch" | "T1_block" | "T2_slot" | "T3_micro";
 export declare const TierIntervals: Record<TierType, number>;
 /**
@@ -133,9 +134,13 @@ export interface ProofOfTime {
     sources: number;
     stratum: number;
     confidence: number;
-    signatures: {
+    sourceReadings: {
         source: string;
         timestamp: bigint;
         uncertainty: number;
     }[];
+    nonce: string;
+    expiresAt: bigint;
+    issuerSignature?: PotSignature;
 }
+export type { PotSignature } from "./pot_signer";

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "openttt",
-  "version": "0.1.0",
+  "version": "0.1.1",
   "description": "OpenTTT — TLS-grade transaction ordering for DeFi. Time + Logic + Sync.",
   "license": "BSL-1.1",
   "repository": {