npm - phantasma-sdk-ts - Versions diffs - 0.9.2 → 0.10.0 - Mend

phantasma-sdk-ts 0.9.2 → 0.10.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (75) hide show

package/README.md +6 -0
package/dist/cjs/index.js +3 -1
package/dist/cjs/link/index.js +5 -0
package/dist/cjs/link/v5/capabilities.js +6 -0
package/dist/cjs/link/v5/client.js +324 -0
package/dist/cjs/link/v5/deeplink.js +123 -0
package/dist/cjs/link/v5/encoding.js +95 -0
package/dist/cjs/link/v5/envelope.js +73 -0
package/dist/cjs/link/v5/errors.js +60 -0
package/dist/cjs/link/v5/index.js +33 -0
package/dist/cjs/link/v5/loopback-transport.js +70 -0
package/dist/cjs/link/v5/methods.js +4 -0
package/dist/cjs/link/v5/pairing.js +95 -0
package/dist/cjs/link/v5/protocol.js +61 -0
package/dist/cjs/link/v5/relay-transport.js +303 -0
package/dist/cjs/link/v5/session-crypto.js +120 -0
package/dist/cjs/link/v5/transport.js +208 -0
package/dist/cjs/link/v5/web-deeplink.js +141 -0
package/dist/cjs/public.js +37 -1
package/dist/esm/index.js +2 -0
package/dist/esm/link/index.js +5 -0
package/dist/esm/link/v5/capabilities.js +5 -0
package/dist/esm/link/v5/client.js +320 -0
package/dist/esm/link/v5/deeplink.js +115 -0
package/dist/esm/link/v5/encoding.js +87 -0
package/dist/esm/link/v5/envelope.js +65 -0
package/dist/esm/link/v5/errors.js +56 -0
package/dist/esm/link/v5/index.js +17 -0
package/dist/esm/link/v5/loopback-transport.js +66 -0
package/dist/esm/link/v5/methods.js +3 -0
package/dist/esm/link/v5/pairing.js +91 -0
package/dist/esm/link/v5/protocol.js +58 -0
package/dist/esm/link/v5/relay-transport.js +299 -0
package/dist/esm/link/v5/session-crypto.js +104 -0
package/dist/esm/link/v5/transport.js +204 -0
package/dist/esm/link/v5/web-deeplink.js +133 -0
package/dist/esm/public.js +3 -0
package/dist/types/index.d.ts +1 -0
package/dist/types/index.d.ts.map +1 -1
package/dist/types/link/v5/capabilities.d.ts +80 -0
package/dist/types/link/v5/capabilities.d.ts.map +1 -0
package/dist/types/link/v5/client.d.ts +119 -0
package/dist/types/link/v5/client.d.ts.map +1 -0
package/dist/types/link/v5/deeplink.d.ts +52 -0
package/dist/types/link/v5/deeplink.d.ts.map +1 -0
package/dist/types/link/v5/encoding.d.ts +15 -0
package/dist/types/link/v5/encoding.d.ts.map +1 -0
package/dist/types/link/v5/envelope.d.ts +48 -0
package/dist/types/link/v5/envelope.d.ts.map +1 -0
package/dist/types/link/v5/errors.d.ts +39 -0
package/dist/types/link/v5/errors.d.ts.map +1 -0
package/dist/types/link/v5/index.d.ts +15 -0
package/dist/types/link/v5/index.d.ts.map +1 -0
package/dist/types/link/v5/loopback-transport.d.ts +43 -0
package/dist/types/link/v5/loopback-transport.d.ts.map +1 -0
package/dist/types/link/v5/methods.d.ts +83 -0
package/dist/types/link/v5/methods.d.ts.map +1 -0
package/dist/types/link/v5/pairing.d.ts +37 -0
package/dist/types/link/v5/pairing.d.ts.map +1 -0
package/dist/types/link/v5/protocol.d.ts +60 -0
package/dist/types/link/v5/protocol.d.ts.map +1 -0
package/dist/types/link/v5/relay-transport.d.ts +73 -0
package/dist/types/link/v5/relay-transport.d.ts.map +1 -0
package/dist/types/link/v5/session-crypto.d.ts +51 -0
package/dist/types/link/v5/session-crypto.d.ts.map +1 -0
package/dist/types/link/v5/transport.d.ts +77 -0
package/dist/types/link/v5/transport.d.ts.map +1 -0
package/dist/types/link/v5/web-deeplink.d.ts +77 -0
package/dist/types/link/v5/web-deeplink.d.ts.map +1 -0
package/dist/types/public.d.ts +1 -0
package/dist/types/public.d.ts.map +1 -1
package/examples/web-deeplink-dapp.ts +53 -0
package/package.json +8 -2
package/spec/CHANGELOG.md +9 -0
package/spec/phantasma-link-v5.md +701 -0

package/dist/cjs/link/v5/session-crypto.js ADDED Viewed

@@ -0,0 +1,120 @@
+"use strict";
+// Phantasma Link v5 - session channel cryptography (spec §8, §18).
+//
+// Construction (AGREED, FINAL): NaCl `secretbox` (XSalsa20-Poly1305) for every session
+// message, under one 32-byte session key, with a 24-byte random nonce per message
+// (XSalsa20's 192-bit nonce makes random nonces collision-safe - no counter coordination).
+// The session key is either delivered directly as a symmetric key over a safe channel
+// (universal link / QR) or derived via X25519 ECDH (NaCl `box.before`) on the
+// custom-scheme fallback. Either way the channel is uniform `secretbox` afterwards.
+//
+// These are EPHEMERAL channel keys only; they are never the account signing key
+// (Ed25519/ECDSA stay strictly for signing). All primitives are tweetnacl, already a SDK
+// dependency and wire-interoperable with crypto_box / x/crypto/nacl / libsodium / NaCl.Net.
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.SIGN_MESSAGE_RANDOM_LENGTH = exports.SIGN_MESSAGE_DOMAIN_TAG = exports.PUBLIC_KEY_LENGTH = exports.NONCE_LENGTH = exports.SESSION_KEY_LENGTH = void 0;
+exports.generateSessionKey = generateSessionKey;
+exports.randomToken = randomToken;
+exports.generateEphemeralKeyPair = generateEphemeralKeyPair;
+exports.deriveSessionKey = deriveSessionKey;
+exports.seal = seal;
+exports.open = open;
+exports.sealEnvelopeText = sealEnvelopeText;
+exports.openEnvelopeText = openEnvelopeText;
+exports.generateSignMessageRandom = generateSignMessageRandom;
+exports.buildSignMessagePayload = buildSignMessagePayload;
+const tweetnacl_1 = __importDefault(require("tweetnacl"));
+const errors_js_1 = require("./errors.js");
+const encoding_js_1 = require("./encoding.js");
+/** Session/channel key length (32 bytes). */
+exports.SESSION_KEY_LENGTH = tweetnacl_1.default.secretbox.keyLength;
+/** Per-message nonce length (24 bytes). */
+exports.NONCE_LENGTH = tweetnacl_1.default.secretbox.nonceLength;
+/** X25519 public-key length (32 bytes). */
+exports.PUBLIC_KEY_LENGTH = tweetnacl_1.default.box.publicKeyLength;
+/** Domain separator prepended before signing a message. It can never be the prefix of a
+ * valid serialized Phantasma transaction, so a `signMessage` signature can never be
+ * replayed as a transaction signature (spec §8). */
+exports.SIGN_MESSAGE_DOMAIN_TAG = (0, encoding_js_1.utf8ToBytes)('PHANTASMA_LINK_V5_MSG\n');
+/** Length of the CSPRNG random the wallet prepends in `signMessage` (spec §8). */
+exports.SIGN_MESSAGE_RANDOM_LENGTH = 32;
+/** Generate a fresh 32-byte symmetric session key (primary universal-link / QR path). */
+function generateSessionKey() {
+    return tweetnacl_1.default.randomBytes(exports.SESSION_KEY_LENGTH);
+}
+/** Generate a random url-safe token (default 16 bytes), used for request `id`s and pairing
+ * topics. Crypto-random so ids are unguessable as well as unique. */
+function randomToken(byteLength = 16) {
+    return (0, encoding_js_1.bytesToBase64Url)(tweetnacl_1.default.randomBytes(byteLength));
+}
+/** Generate an ephemeral X25519 keypair (custom-scheme ECDH fallback path). */
+function generateEphemeralKeyPair() {
+    const pair = tweetnacl_1.default.box.keyPair();
+    return { publicKey: pair.publicKey, secretKey: pair.secretKey };
+}
+/** Derive the 32-byte session key from the peer's X25519 public key and our secret key
+ * (ECDH; NaCl `box.before`). The result is directly usable as a `secretbox` key. */
+function deriveSessionKey(theirPublicKey, mySecretKey) {
+    if (theirPublicKey.length !== exports.PUBLIC_KEY_LENGTH || mySecretKey.length !== exports.PUBLIC_KEY_LENGTH) {
+        throw new errors_js_1.LinkError(errors_js_1.LinkErrorCode.InternalError, 'Invalid X25519 key length');
+    }
+    return tweetnacl_1.default.box.before(theirPublicKey, mySecretKey);
+}
+function assertKey(key) {
+    if (key.length !== exports.SESSION_KEY_LENGTH) {
+        throw new errors_js_1.LinkError(errors_js_1.LinkErrorCode.InternalError, 'Invalid session key length');
+    }
+}
+/** Encrypt arbitrary plaintext bytes into a frame with a fresh random nonce. */
+function seal(plaintext, key) {
+    assertKey(key);
+    const nonce = tweetnacl_1.default.randomBytes(exports.NONCE_LENGTH);
+    const ct = tweetnacl_1.default.secretbox(plaintext, nonce, key);
+    return { nonce: (0, encoding_js_1.bytesToBase64)(nonce), ct: (0, encoding_js_1.bytesToBase64)(ct) };
+}
+/** Decrypt a frame back to plaintext bytes. Throws on any tampering/wrong-key (authenticated
+ * encryption: `secretbox.open` returns null, which we surface as an error). */
+function open(frame, key) {
+    assertKey(key);
+    const nonce = (0, encoding_js_1.base64ToBytes)(frame.nonce);
+    if (nonce.length !== exports.NONCE_LENGTH) {
+        throw new errors_js_1.LinkError(errors_js_1.LinkErrorCode.InvalidRequest, 'Invalid frame nonce length');
+    }
+    const ct = (0, encoding_js_1.base64ToBytes)(frame.ct);
+    const plaintext = tweetnacl_1.default.secretbox.open(ct, nonce, key);
+    if (plaintext === null) {
+        throw new errors_js_1.LinkError(errors_js_1.LinkErrorCode.InvalidRequest, 'Failed to decrypt Phantasma Link frame');
+    }
+    return plaintext;
+}
+/** Encrypt an envelope's JSON text into a frame. */
+function sealEnvelopeText(json, key) {
+    return seal((0, encoding_js_1.utf8ToBytes)(json), key);
+}
+/** Decrypt a frame back into the envelope's JSON text. */
+function openEnvelopeText(frame, key) {
+    return (0, encoding_js_1.bytesToUtf8)(open(frame, key));
+}
+/** Generate the 32 random bytes a wallet prepends in `signMessage`. */
+function generateSignMessageRandom() {
+    return tweetnacl_1.default.randomBytes(exports.SIGN_MESSAGE_RANDOM_LENGTH);
+}
+/**
+ * Build the exact byte string a wallet signs for `pha_signMessage`:
+ * `DOMAIN_TAG || random || message` (spec §8). A verifier reconstructs the same bytes from
+ * the returned `random` + the original `message`. Keeping this in one place guarantees the
+ * wallet and any verifier agree on the layout.
+ */
+function buildSignMessagePayload(message, random) {
+    if (random.length !== exports.SIGN_MESSAGE_RANDOM_LENGTH) {
+        throw new errors_js_1.LinkError(errors_js_1.LinkErrorCode.InvalidParams, `signMessage random must be ${exports.SIGN_MESSAGE_RANDOM_LENGTH} bytes`);
+    }
+    const out = new Uint8Array(exports.SIGN_MESSAGE_DOMAIN_TAG.length + random.length + message.length);
+    out.set(exports.SIGN_MESSAGE_DOMAIN_TAG, 0);
+    out.set(random, exports.SIGN_MESSAGE_DOMAIN_TAG.length);
+    out.set(message, exports.SIGN_MESSAGE_DOMAIN_TAG.length + random.length);
+    return out;
+}

package/dist/cjs/link/v5/transport.js ADDED Viewed

@@ -0,0 +1,208 @@
+"use strict";
+// Phantasma Link v5 - transport abstraction + session client (spec §6). The SAME envelope
+// rides over any transport (injected / loopback / deeplink / relay); a transport only moves
+// opaque frame strings. The session client owns request/response correlation by `id`, event
+// dispatch, optional channel encryption, and timeouts - so each concrete transport stays
+// tiny. Concrete transports are implemented in later phases.
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.LinkSessionClient = void 0;
+const protocol_js_1 = require("./protocol.js");
+const errors_js_1 = require("./errors.js");
+const envelope_js_1 = require("./envelope.js");
+const session_crypto_js_1 = require("./session-crypto.js");
+/**
+ * Drives a v5 session over a {@link LinkTransport}. `request()` sends a typed envelope and
+ * resolves with the wallet's `result` (or rejects with a {@link LinkError}); incoming events
+ * are dispatched to {@link onEvent} handlers. Encryption is transparent: when a session key
+ * is set, every outgoing envelope is sealed and every incoming frame is opened.
+ */
+class LinkSessionClient {
+    constructor(transport, options = {}) {
+        this.pending = new Map();
+        this.eventHandlers = new Set();
+        this.closed = false;
+        this.transport = transport;
+        this.sessionKey = options.sessionKey;
+        this.requireSessionKey = options.requireSessionKey ?? false;
+        this.sessionId = options.sessionId;
+        this.requestTimeoutMs = options.requestTimeoutMs ?? 60000;
+        this.onUnmatchedResponse = options.onUnmatchedResponse;
+        transport.onMessage((frame) => this.handleFrame(frame));
+        transport.onClose?.((reason) => this.handleClose(reason));
+    }
+    /** Set/refresh the session id sent on subsequent requests (e.g. after `pha_connect`),
+     * or clear it with `undefined` (e.g. after `pha_disconnect`). */
+    setSessionId(id) {
+        this.sessionId = id;
+    }
+    /** The current session id, if a session is established. */
+    getSessionId() {
+        return this.sessionId;
+    }
+    /** Install the channel key once it is established (ecdh pairing derives it only after
+     * the wallet's ephemeral public key arrives, spec §18.1). From here on every frame is
+     * sealed/opened with it, exactly as if it had been passed at construction. */
+    setSessionKey(key) {
+        if (key.length !== 32) {
+            throw new errors_js_1.LinkError(errors_js_1.LinkErrorCode.InternalError, 'Invalid session key length');
+        }
+        this.sessionKey = key;
+    }
+    /** Subscribe to wallet->dApp events; returns an unsubscribe function. */
+    onEvent(handler) {
+        this.eventHandlers.add(handler);
+        return () => {
+            this.eventHandlers.delete(handler);
+        };
+    }
+    /** Send a request and await its result. Rejects with {@link LinkError}. */
+    request(method, params) {
+        if (this.closed) {
+            return Promise.reject(new errors_js_1.LinkError(errors_js_1.LinkErrorCode.Disconnected, 'Phantasma Link transport is closed'));
+        }
+        // The ecdh flow forbids plaintext: until the wallet's key hop arrives there is no
+        // channel key, and nothing may be sent (spec §8: relay payloads are always sealed).
+        if (this.requireSessionKey && !this.sessionKey) {
+            return Promise.reject(new errors_js_1.LinkError(errors_js_1.LinkErrorCode.Unauthorized, 'Channel key not established yet; complete the pairing first'));
+        }
+        const id = (0, session_crypto_js_1.randomToken)();
+        const envelope = {
+            plv: protocol_js_1.PLV,
+            id,
+            method,
+            ...(this.sessionId ? { session: this.sessionId } : {}),
+            ...(params ? { params } : {}),
+        };
+        const promise = new Promise((resolve, reject) => {
+            const pending = { resolve, reject };
+            if (this.requestTimeoutMs > 0) {
+                pending.timer = setTimeout(() => {
+                    this.pending.delete(id);
+                    reject(new errors_js_1.LinkError(errors_js_1.LinkErrorCode.InternalError, `Phantasma Link request "${method}" timed out`));
+                }, this.requestTimeoutMs);
+            }
+            this.pending.set(id, pending);
+        });
+        // Send after registering the pending entry so a synchronous transport error settles it.
+        Promise.resolve(this.transport.send(this.encodeOutgoing(envelope))).catch((err) => {
+            this.settleError(id, new errors_js_1.LinkError(errors_js_1.LinkErrorCode.Disconnected, err instanceof Error ? err.message : 'Failed to send request to wallet'));
+        });
+        return promise;
+    }
+    /** Close the session, rejecting all in-flight requests. */
+    close() {
+        if (this.closed) {
+            return;
+        }
+        this.closed = true;
+        this.transport.close();
+        this.rejectAll('Phantasma Link transport closed');
+    }
+    encodeOutgoing(message) {
+        const json = (0, envelope_js_1.encodeEnvelope)(message);
+        if (!this.sessionKey) {
+            return json;
+        }
+        return JSON.stringify((0, session_crypto_js_1.sealEnvelopeText)(json, this.sessionKey));
+    }
+    decodeIncoming(frame) {
+        if (!this.sessionKey) {
+            // Mirror of the sending guard: a key-requiring channel must not accept plaintext
+            // either - anything arriving before the key hop is forged by definition.
+            if (this.requireSessionKey) {
+                throw new errors_js_1.LinkError(errors_js_1.LinkErrorCode.Unauthorized, 'Channel key not established yet');
+            }
+            return (0, envelope_js_1.decodeEnvelope)(frame);
+        }
+        let parsed;
+        try {
+            parsed = JSON.parse(frame);
+        }
+        catch {
+            throw new errors_js_1.LinkError(errors_js_1.LinkErrorCode.ParseError, 'Encrypted frame is not valid JSON');
+        }
+        return (0, envelope_js_1.decodeEnvelope)((0, session_crypto_js_1.openEnvelopeText)(parsed, this.sessionKey));
+    }
+    handleFrame(frame) {
+        let message;
+        try {
+            message = this.decodeIncoming(frame);
+        }
+        catch {
+            // Drop undecodable/forged frames; a real authenticated peer never sends these.
+            return;
+        }
+        if ((0, envelope_js_1.isLinkEvent)(message)) {
+            this.emitEvent(message);
+            return;
+        }
+        const id = message.id;
+        if (typeof id !== 'string') {
+            return;
+        }
+        const pending = this.pending.get(id);
+        if (!pending) {
+            // No in-flight request matches this id. On deeplink this means the page reloaded while
+            // the wallet was open, so the original request promise was lost with the old page. Hand
+            // the answer to the optional sink instead of dropping it; same-page flows always have a
+            // pending entry, so this path is reload-only.
+            if (this.onUnmatchedResponse) {
+                if ((0, envelope_js_1.isLinkErrorResponse)(message)) {
+                    this.onUnmatchedResponse({ id, ok: false, error: message.error });
+                }
+                else if ((0, envelope_js_1.isLinkSuccessResponse)(message)) {
+                    this.onUnmatchedResponse({ id, ok: true, result: message.result });
+                }
+            }
+            return;
+        }
+        this.pending.delete(id);
+        if (pending.timer) {
+            clearTimeout(pending.timer);
+        }
+        if ((0, envelope_js_1.isLinkErrorResponse)(message)) {
+            pending.reject(errors_js_1.LinkError.fromObject(message.error));
+        }
+        else if ((0, envelope_js_1.isLinkSuccessResponse)(message)) {
+            pending.resolve(message.result);
+        }
+        else {
+            pending.reject(new errors_js_1.LinkError(errors_js_1.LinkErrorCode.InternalError, 'Malformed Phantasma Link response'));
+        }
+    }
+    emitEvent(message) {
+        for (const handler of this.eventHandlers) {
+            try {
+                handler(message.event, message.data, message.session);
+            }
+            catch {
+                // Isolate handler exceptions so one bad listener can't break dispatch.
+            }
+        }
+    }
+    handleClose(reason) {
+        this.closed = true;
+        this.rejectAll(reason ?? 'Phantasma Link transport closed');
+    }
+    settleError(id, err) {
+        const pending = this.pending.get(id);
+        if (!pending) {
+            return;
+        }
+        this.pending.delete(id);
+        if (pending.timer) {
+            clearTimeout(pending.timer);
+        }
+        pending.reject(err);
+    }
+    rejectAll(reason) {
+        for (const [id, pending] of this.pending) {
+            if (pending.timer) {
+                clearTimeout(pending.timer);
+            }
+            pending.reject(new errors_js_1.LinkError(errors_js_1.LinkErrorCode.Disconnected, reason));
+            this.pending.delete(id);
+        }
+    }
+}
+exports.LinkSessionClient = LinkSessionClient;

package/dist/cjs/link/v5/web-deeplink.js ADDED Viewed

@@ -0,0 +1,141 @@
+"use strict";
+// Phantasma Link v5 - web-dApp deeplink glue (spec §15/§17). A web page that talks to the
+// wallet over deeplink needs the same few pieces every time: pairing material (topic +
+// session key), a pairing URI to show, persistence that survives the page being unloaded
+// while the wallet is in the foreground, and intake of the response URLs the wallet opens
+// back at the page. This module holds those pieces; the orchestration is the
+// `PhantasmaLink5.webDeeplink()` factory (client.ts), NOT a separate wrapper class.
+//
+// Everything platform-specific is injectable so the flow is fully testable without a
+// browser; the defaults bind to the real browser surface (localStorage, location.href,
+// hashchange, history.replaceState).
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.WEB_DEEPLINK_STORAGE_KEY = void 0;
+exports.resolveWebDeeplinkHooks = resolveWebDeeplinkHooks;
+exports.stripUrlFragment = stripUrlFragment;
+exports.createWebDeeplinkRecord = createWebDeeplinkRecord;
+exports.loadWebDeeplinkRecord = loadWebDeeplinkRecord;
+exports.saveWebDeeplinkRecord = saveWebDeeplinkRecord;
+const errors_js_1 = require("./errors.js");
+const encoding_js_1 = require("./encoding.js");
+const session_crypto_js_1 = require("./session-crypto.js");
+/** Default storage key for the persisted {@link WebDeeplinkRecord}. */
+exports.WEB_DEEPLINK_STORAGE_KEY = 'phantasma.link.v5.webdeeplink';
+/** Merge options with browser defaults; throw a clear error when a required hook has no
+ * default in the current environment (e.g. running outside a browser without injection). */
+function resolveWebDeeplinkHooks(options) {
+    const browser = globalThis;
+    // Reading `localStorage` itself can throw in some privacy modes; treat that as absent.
+    let defaultStorage;
+    try {
+        defaultStorage = browser.localStorage;
+    }
+    catch {
+        defaultStorage = undefined;
+    }
+    const storage = options.storage ?? defaultStorage;
+    if (!storage) {
+        throw new errors_js_1.LinkError(errors_js_1.LinkErrorCode.InvalidParams, 'webDeeplink requires `storage` when localStorage is unavailable');
+    }
+    const location = browser.location;
+    const opener = options.opener ??
+        (location
+            ? (url) => {
+                location.href = url;
+            }
+            : undefined);
+    if (!opener) {
+        throw new errors_js_1.LinkError(errors_js_1.LinkErrorCode.InvalidParams, 'webDeeplink requires `opener` when location is unavailable');
+    }
+    const pageUrl = options.pageUrl ?? (location ? () => location.href : undefined);
+    if (!pageUrl) {
+        throw new errors_js_1.LinkError(errors_js_1.LinkErrorCode.InvalidParams, 'webDeeplink requires `pageUrl` when location is unavailable');
+    }
+    // Optional hooks: missing defaults degrade features (no automatic intake / no URL
+    // cleanup) instead of failing - a non-browser embedder can drive deliverUrl() manually.
+    let onUrlChange = options.onUrlChange;
+    if (!onUrlChange && browser.addEventListener && browser.removeEventListener) {
+        const add = browser.addEventListener.bind(globalThis);
+        const remove = browser.removeEventListener.bind(globalThis);
+        onUrlChange = (handler) => {
+            add('hashchange', handler);
+            return () => remove('hashchange', handler);
+        };
+    }
+    let replaceUrl = options.replaceUrl;
+    const history = browser.history;
+    if (!replaceUrl && history) {
+        replaceUrl = (url) => history.replaceState(null, '', url);
+    }
+    return {
+        storage,
+        storageKey: options.storageKey ?? exports.WEB_DEEPLINK_STORAGE_KEY,
+        opener,
+        pageUrl,
+        onUrlChange,
+        replaceUrl,
+    };
+}
+/** A URL with its fragment removed (the callback base / the cleaned page URL). */
+function stripUrlFragment(url) {
+    const hashIndex = url.indexOf('#');
+    return hashIndex < 0 ? url : url.slice(0, hashIndex);
+}
+/** Generate fresh pairing material for a new channel (spec §15: 32-byte topic + key). */
+function createWebDeeplinkRecord(callback) {
+    return {
+        v: 1,
+        topic: (0, session_crypto_js_1.randomToken)(32),
+        key: (0, encoding_js_1.bytesToBase64Url)((0, session_crypto_js_1.generateSessionKey)()),
+        callback,
+    };
+}
+/** Load and validate the persisted record; any malformed/corrupt state is discarded (the
+ * caller re-pairs fresh) rather than surfaced as an error - storage is self-healing. */
+function loadWebDeeplinkRecord(storage, storageKey) {
+    const raw = storage.getItem(storageKey);
+    if (!raw) {
+        return null;
+    }
+    let parsed;
+    try {
+        parsed = JSON.parse(raw);
+    }
+    catch {
+        return null;
+    }
+    if (typeof parsed !== 'object' || parsed === null) {
+        return null;
+    }
+    const record = parsed;
+    if (record.v !== 1) {
+        return null;
+    }
+    if (typeof record.topic !== 'string' || record.topic.length === 0) {
+        return null;
+    }
+    if (typeof record.callback !== 'string' || record.callback.length === 0) {
+        return null;
+    }
+    if (record.sessionId !== undefined && typeof record.sessionId !== 'string') {
+        return null;
+    }
+    // The key must decode to exactly one secretbox key, or nothing sealed with it could
+    // ever be opened - regenerating the pairing is the only way forward.
+    if (typeof record.key !== 'string') {
+        return null;
+    }
+    try {
+        if ((0, encoding_js_1.base64UrlToBytes)(record.key).length !== session_crypto_js_1.SESSION_KEY_LENGTH) {
+            return null;
+        }
+    }
+    catch {
+        return null;
+    }
+    return record;
+}
+/** Persist the record (single JSON blob under the storage key). */
+function saveWebDeeplinkRecord(storage, storageKey, record) {
+    storage.setItem(storageKey, JSON.stringify(record));
+}

package/dist/cjs/public.js CHANGED Viewed

@@ -1,9 +1,42 @@
 "use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.PollChoice = exports.PhantasmaKeys = exports.PBinaryWriter = exports.PBinaryReader = exports.OrganizationTrigger = exports.Entropy = exports.Ed25519Signature = exports.DomainSettings = exports.Describer = exports.CustomSerializer = exports.ContractParameter = exports.ContractMethod = exports.ContractInterface = exports.ContractEvent = exports.ConsensusMode = exports.CarbonBinaryWriter = exports.CarbonBinaryReader = exports.Base16 = exports.AddressKind = exports.Address = exports.AccountTrigger = exports.getTransactionSettleEventData = exports.getTokenEventData = exports.getString = exports.getMarketEventData = exports.getInfusionEventData = exports.getGasEventData = exports.getChainValueEventData = exports.decodeVMObject = exports.VMType = exports.VMObject = exports.TypeAuction = exports.ScriptBuilder = exports.Opcode = exports.EventKind = exports.Decoder = exports.Contracts = exports.Transaction = exports.ExecutionState = exports.normalizeContractName = exports.coerceContractBytes = exports.buildContractArtifactManifest = exports.buildContractArtifactBundle = exports.ContractTxHelper = exports.vmVariableSchemaFromRpcResult = exports.vmStructSchemaFromRpcResult = exports.unwrapRpcResult = exports.isRpcErrorResult = exports.getRpcErrorMessage = exports.PhantasmaAPI = void 0;
 exports.TxMsgBurnNonFungibleGasPayer = exports.TxMsgBurnNonFungible = exports.TxMsgBurnFungibleGasPayer = exports.TxMsgBurnFungible = exports.TxMsg = exports.TokenSeriesMetadataBuilder = exports.TokenSchemasJson = exports.TokenSchemasBuilder = exports.TokenSchemas = exports.TokenMetadataBuilder = exports.TokenInfoBuilder = exports.TokenInfo = exports.TokenHelper = exports.TokenContractMethods = exports.StandardMeta = exports.SmallString = exports.SignedTxMsg = exports.SeriesInfoBuilder = exports.SeriesInfo = exports.PhantasmaNftMintResult = exports.PhantasmaNftMintInfo = exports.PhantasmaNftRomBuilder = exports.NftRomBuilder = exports.ModuleId = exports.MintPhantasmaNonFungibleTxHelper = exports.MintNonFungibleTxHelper = exports.MetadataField = exports.IntX = exports.FieldType = exports.CreateTokenTxHelper = exports.CreateTokenSeriesTxHelper = exports.CarbonTokenFlags = exports.CarbonBlob = exports.Bytes64 = exports.Bytes32 = exports.Bytes16 = exports.writeBlob = exports.twosComplementLEToBigInt = exports.readBlob = exports.bigIntToTwosComplementLE = exports.TriggerResult = exports.TokenTrigger = exports.Timestamp = exports.StakeReward = exports.Stack = exports.Serialization = exports.PollVote = exports.PollValue = exports.PollState = exports.PollPresence = void 0;
 exports.reverseHex = exports.numberToByteArray = exports.isValidTicker = exports.isValidIdentifier = exports.isReservedIdentifier = exports.hexToBytes = exports.hexStringToUint8Array = exports.getDifficulty = exports.encodeBase16 = exports.decodeBase16 = exports.bytesToHex = exports.bigIntToByteArray = exports.arrayNumberToUint8Array = exports.NULL_NAME = exports.GENESIS_NAME = exports.ENTRY_CONTEXT_NAME = exports.ANONYMOUS_NAME = exports.standardMetadataFields = exports.seriesDefaultMetadataFields = exports.pushMetadataField = exports.parseTokenSchemasJson = exports.nftDefaultMetadataFields = exports.findMetadataField = exports.Witness = exports.VmVariableSchema = exports.VmType = exports.VmStructSchema = exports.VmStructFlags = exports.VmStructArray = exports.VmNamedVariableSchema = exports.VmNamedDynamicVariable = exports.VmDynamicVariable = exports.VmDynamicStruct = exports.TokenListing = exports.TxTypes = exports.TxMsgTransferNonFungibleSingleGasPayer = exports.TxMsgTransferNonFungibleSingle = exports.TxMsgTransferNonFungibleMultiGasPayer = exports.TxMsgTransferNonFungibleMulti = exports.TxMsgTransferFungibleGasPayer = exports.TxMsgTransferFungible = exports.TxMsgTrade = exports.TxMsgSpecialResolution = exports.TxMsgSigner = exports.TxMsgPhantasmaRaw = exports.TxMsgPhantasma = exports.TxMsgMintNonFungible = exports.TxMsgMintFungible = exports.TxMsgCallMulti = exports.TxMsgCall = void 0;
-exports.getAddressPublicKeyFromPublicKey = exports.getAddressFromPublicKey = exports.getAddressFromPrivateKey = exports.getAddressFromLedger = exports.TokenSeriesMode = exports.TokenFlags = exports.NativeContractKind = exports.SignatureKind = exports.Signature = exports.ProofOfWork = exports.PhantasmaLink = exports.Nexus = exports.EasyScript = exports.EasyConnect = exports.verifyData = exports.signData = exports.getWifFromPrivateKey = exports.getPublicKeyFromPrivateKey = exports.getPrivateKeyFromWif = exports.getAddressFromWif = exports.generateNewWif = exports.generateNewSeedWords = exports.generateNewSeed = exports.uint8ArrayToStringDefault = exports.uint8ArrayToString = exports.uint8ArrayToNumberArray = exports.uint8ArrayToBytes = exports.stringToUint8Array = exports.setLogger = void 0;
+exports.getAddressPublicKeyFromPublicKey = exports.getAddressFromPublicKey = exports.getAddressFromPrivateKey = exports.getAddressFromLedger = exports.TokenSeriesMode = exports.TokenFlags = exports.NativeContractKind = exports.SignatureKind = exports.Signature = exports.PhantasmaLinkV5 = exports.ProofOfWork = exports.PhantasmaLink = exports.Nexus = exports.EasyScript = exports.EasyConnect = exports.verifyData = exports.signData = exports.getWifFromPrivateKey = exports.getPublicKeyFromPrivateKey = exports.getPrivateKeyFromWif = exports.getAddressFromWif = exports.generateNewWif = exports.generateNewSeedWords = exports.generateNewSeed = exports.uint8ArrayToStringDefault = exports.uint8ArrayToString = exports.uint8ArrayToNumberArray = exports.uint8ArrayToBytes = exports.stringToUint8Array = exports.setLogger = void 0;
 var phantasma_js_1 = require("./rpc/phantasma.js");
 Object.defineProperty(exports, "PhantasmaAPI", { enumerable: true, get: function () { return phantasma_js_1.PhantasmaAPI; } });
 var rpc_result_js_1 = require("./rpc/rpc-result.js");
@@ -187,6 +220,9 @@ var phantasma_link_js_1 = require("./link/phantasma-link.js");
 Object.defineProperty(exports, "PhantasmaLink", { enumerable: true, get: function () { return phantasma_link_js_1.PhantasmaLink; } });
 var proof_of_work_js_1 = require("./link/interfaces/proof-of-work.js");
 Object.defineProperty(exports, "ProofOfWork", { enumerable: true, get: function () { return proof_of_work_js_1.ProofOfWork; } });
+// Phantasma Link v5 (new generation). Namespaced because v5 defines its own `SignatureKind`
+// (string union) distinct from the contract `SignatureKind` enum exported flatly above.
+exports.PhantasmaLinkV5 = __importStar(require("./link/v5/index.js"));
 var signature_js_1 = require("./interfaces/signature.js");
 Object.defineProperty(exports, "Signature", { enumerable: true, get: function () { return signature_js_1.Signature; } });
 Object.defineProperty(exports, "SignatureKind", { enumerable: true, get: function () { return signature_js_1.SignatureKind; } });

package/dist/esm/index.js CHANGED Viewed

@@ -2,4 +2,6 @@ export * from './core/index.js';
 export * as PhantasmaTS from './core/index.js';
 export { PhantasmaLink } from './link/phantasma-link.js';
 export { EasyConnect } from './link/easy-connect.js';
+// Phantasma Link v5 (new generation), namespaced to avoid flat-name collisions.
+export * as PhantasmaLinkV5 from './link/v5/index.js';
 //const TransportWebUSB = require('@ledgerhq/hw-transport-webusb').default;

package/dist/esm/link/index.js CHANGED Viewed

@@ -1 +1,6 @@
 export * from './interfaces/index.js';
+// Phantasma Link v5 (new generation; parallel to the legacy v1–v4 `PhantasmaLink`).
+// NOT re-exported flatly here: v5 defines its own `SignatureKind` (string union) that
+// would clash with the contract `SignatureKind` enum aggregated by `src/core/index.ts`.
+// Import v5 via the `phantasma-sdk-ts/link/v5` subpath or the `PhantasmaLinkV5` namespace
+// (exported from the package root and `phantasma-sdk-ts/public`).

package/dist/esm/link/v5/capabilities.js ADDED Viewed

@@ -0,0 +1,5 @@
+// Phantasma Link v5 - capability handshake + session/account/chain types (spec §5, §7, §9).
+// Capability negotiation replaces the v1-v4 "magic version int": a dApp learns up front
+// which methods, chains, tx formats, signature kinds, and payload sizes the wallet
+// supports, instead of guessing from a single number.
+export {};