phygital-token-sdk 0.1.0

package/dist/utils/passkey/index.js

@@ -0,0 +1,21 @@
+import { base64URLStringToBuffer, convertSignatureDERtoRS, getSecp256r1Message, parseWebAuthnClientData, } from "./internal.js";
+export { base64URLStringToBuffer, convertSignatureDERtoRS, extractAdditionalFields, getSecp256r1Message, parseWebAuthnClientData, } from "./internal.js";
+export { buildTransferChallenge, buildTransferMessageHash, } from "./secp256r1.js";
+export function buildSecp256r1VerifyInputFromWebAuthn(input) {
+    const clientData = parseWebAuthnClientData(input.response.response.clientDataJSON);
+    const signature = convertSignatureDERtoRS(base64URLStringToBuffer(input.response.response.signature));
+    const message = getSecp256r1Message(input.response);
+    return {
+        verifyInput: [
+            {
+                publicKey: input.compressedPubkey,
+                signature,
+                message,
+            },
+        ],
+        crossOrigin: clientData.crossOrigin,
+        truncatedClientDataJson: clientData.truncatedClientDataJson,
+        origin: clientData.origin,
+    };
+}
+//# sourceMappingURL=index.js.map

package/dist/utils/passkey/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/utils/passkey/index.ts"],"names":[],"mappings":"AAEA,OAAO,EACL,uBAAuB,EACvB,uBAAuB,EACvB,mBAAmB,EACnB,uBAAuB,GACxB,MAAM,YAAY,CAAC;AAEpB,OAAO,EACL,uBAAuB,EACvB,uBAAuB,EACvB,uBAAuB,EACvB,mBAAmB,EACnB,uBAAuB,GACxB,MAAM,YAAY,CAAC;AAEpB,OAAO,EACL,sBAAsB,EACtB,wBAAwB,GACzB,MAAM,aAAa,CAAC;AAGrB,MAAM,UAAU,qCAAqC,CAAC,KAGrD;IACC,MAAM,UAAU,GAAG,uBAAuB,CACxC,KAAK,CAAC,QAAQ,CAAC,QAAQ,CAAC,cAAc,CACvC,CAAC;IACF,MAAM,SAAS,GAAG,uBAAuB,CACvC,uBAAuB,CAAC,KAAK,CAAC,QAAQ,CAAC,QAAQ,CAAC,SAAS,CAAC,CAC3D,CAAC;IACF,MAAM,OAAO,GAAG,mBAAmB,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;IAEpD,OAAO;QACL,WAAW,EAAE;YACX;gBACE,SAAS,EAAE,KAAK,CAAC,gBAAgB;gBACjC,SAAS;gBACT,OAAO;aACR;SACF;QACD,WAAW,EAAE,UAAU,CAAC,WAAW;QACnC,uBAAuB,EAAE,UAAU,CAAC,uBAAuB;QAC3D,MAAM,EAAE,UAAU,CAAC,MAAM;KAC1B,CAAC;AACJ,CAAC"}

package/dist/utils/passkey/internal.d.ts

@@ -0,0 +1,11 @@
+import { type AuthenticationResponseJSON } from "@simplewebauthn/browser";
+export declare function base64URLStringToBuffer(base64URLString: string): Uint8Array;
+export declare function normalizeSignatureToLowS(signature: Uint8Array): Uint8Array;
+export declare function convertSignatureDERtoRS(signature: Uint8Array): Uint8Array;
+export declare function getSecp256r1Message(authResponse: AuthenticationResponseJSON): Uint8Array;
+export declare function parseWebAuthnClientData(clientDataJSON: string): {
+    origin: string;
+    crossOrigin: boolean;
+    truncatedClientDataJson: Uint8Array<ArrayBuffer>;
+};
+//# sourceMappingURL=internal.d.ts.map

package/dist/utils/passkey/internal.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"internal.d.ts","sourceRoot":"","sources":["../../../src/utils/passkey/internal.ts"],"names":[],"mappings":"AAEA,OAAO,EAGL,KAAK,0BAA0B,EAChC,MAAM,yBAAyB,CAAC;AA0BjC,wBAAgB,uBAAuB,CAAC,eAAe,EAAE,MAAM,GAAG,UAAU,CAW3E;AA8BD,wBAAgB,wBAAwB,CAAC,SAAS,EAAE,UAAU,GAAG,UAAU,CAoB1E;AAED,wBAAgB,uBAAuB,CAAC,SAAS,EAAE,UAAU,GAAG,UAAU,CA4CzE;AAED,wBAAgB,mBAAmB,CACjC,YAAY,EAAE,0BAA0B,GACvC,UAAU,CASZ;AAED,wBAAgB,uBAAuB,CAAC,cAAc,EAAE,MAAM;;;;EAS7D"}

package/dist/utils/passkey/internal.js

@@ -0,0 +1,115 @@
+import { p256 } from "@noble/curves/nist.js";
+import { sha256 } from "@noble/hashes/sha2.js";
+import { bufferToBase64URLString, startAuthentication, } from "@simplewebauthn/browser";
+import {} from "@solana/kit";
+import { findAssociatedTokenAddress } from "../associatedToken.js";
+import { RP_ID, TOKEN_2022_PROGRAM_ADDRESS, TRANSFER_HOOK_PROGRAM_ADDRESS, } from "../consts.js";
+import { getExecuteTransferInstructionAsync } from "../../generated/index.js";
+import {} from "../../instructions/transfer.js";
+import { buildSecp256r1VerifyInstructionFromWebAuthn } from "./secp256r1.js";
+function uint8ArrayToHex(bytes) {
+    return Array.from(bytes)
+        .map((b) => b.toString(16).padStart(2, "0"))
+        .join("");
+}
+function hexToUint8Array(hex) {
+    const bytes = new Uint8Array(hex.length / 2);
+    for (let i = 0; i < bytes.length; i += 1) {
+        bytes[i] = Number.parseInt(hex.slice(i * 2, i * 2 + 2), 16);
+    }
+    return bytes;
+}
+export function base64URLStringToBuffer(base64URLString) {
+    const base64 = base64URLString.replace(/-/g, "+").replace(/_/g, "/");
+    const padLength = (4 - (base64.length % 4)) % 4;
+    const padded = base64.padEnd(base64.length + padLength, "=");
+    const binary = atob(padded);
+    const buffer = new ArrayBuffer(binary.length);
+    const bytes = new Uint8Array(buffer);
+    for (let i = 0; i < binary.length; i += 1) {
+        bytes[i] = binary.charCodeAt(i);
+    }
+    return bytes;
+}
+function extractAdditionalFields(clientData) {
+    const knownKeys = new Set(["type", "challenge", "origin", "crossOrigin"]);
+    const remaining = {};
+    for (const key in clientData) {
+        if (!knownKeys.has(key)) {
+            remaining[key] = clientData[key];
+        }
+    }
+    if (Object.keys(remaining).length === 0) {
+        return new Uint8Array();
+    }
+    const serialized = JSON.stringify(remaining);
+    return new Uint8Array(new TextEncoder().encode(serialized.slice(1, -1)));
+}
+export function normalizeSignatureToLowS(signature) {
+    if (signature.length !== 64) {
+        throw new Error(`expected 64-byte raw r||s signature, got ${signature.length} bytes`);
+    }
+    const order = p256.Point.CURVE().n;
+    const halfOrder = order >> 1n;
+    const sBig = BigInt(`0x${uint8ArrayToHex(signature.slice(32, 64))}`);
+    if (sBig <= halfOrder) {
+        return signature;
+    }
+    const sLow = order - sBig;
+    const sPad = hexToUint8Array(sLow.toString(16).padStart(64, "0"));
+    const normalized = new Uint8Array(64);
+    normalized.set(signature.slice(0, 32), 0);
+    normalized.set(sPad, 32);
+    return normalized;
+}
+export function convertSignatureDERtoRS(signature) {
+    if (signature.length === 64) {
+        return normalizeSignatureToLowS(signature);
+    }
+    if (signature[0] !== 0x30) {
+        throw new Error("Invalid DER sequence");
+    }
+    const totalLength = signature[1];
+    let offset = 2;
+    if (totalLength > 0x80) {
+        const lengthBytes = totalLength & 0x7f;
+        offset += lengthBytes;
+    }
+    if (signature[offset] !== 0x02) {
+        throw new Error("Expected INTEGER for r");
+    }
+    const rLen = signature[offset + 1];
+    const rStart = offset + 2;
+    const r = signature.slice(rStart, rStart + rLen);
+    offset = rStart + rLen;
+    if (signature[offset] !== 0x02) {
+        throw new Error("Expected INTEGER for s");
+    }
+    const sLen = signature[offset + 1];
+    const sStart = offset + 2;
+    const s = signature.slice(sStart, sStart + sLen);
+    const rStripped = r[0] === 0x00 && r.length > 32 ? r.slice(1) : r;
+    const sStripped = s[0] === 0x00 && s.length > 32 ? s.slice(1) : s;
+    if (rStripped.length > 32 || sStripped.length > 32) {
+        throw new Error("r or s length > 32 bytes");
+    }
+    const rawSig = new Uint8Array(64);
+    rawSig.set(rStripped, 32 - rStripped.length);
+    rawSig.set(sStripped, 64 - sStripped.length);
+    return normalizeSignatureToLowS(rawSig);
+}
+export function getSecp256r1Message(authResponse) {
+    const clientDataJSON = base64URLStringToBuffer(authResponse.response.clientDataJSON);
+    const authenticatorData = base64URLStringToBuffer(authResponse.response.authenticatorData);
+    const clientDataHash = sha256(clientDataJSON);
+    return new Uint8Array([...authenticatorData, ...clientDataHash]);
+}
+export function parseWebAuthnClientData(clientDataJSON) {
+    const parsed = JSON.parse(new TextDecoder().decode(base64URLStringToBuffer(clientDataJSON)));
+    return {
+        origin: String(parsed.origin),
+        crossOrigin: Boolean(parsed.crossOrigin),
+        truncatedClientDataJson: extractAdditionalFields(parsed),
+    };
+}
+//# sourceMappingURL=internal.js.map

package/dist/utils/passkey/internal.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"internal.js","sourceRoot":"","sources":["../../../src/utils/passkey/internal.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,uBAAuB,CAAC;AAC7C,OAAO,EAAE,MAAM,EAAE,MAAM,uBAAuB,CAAC;AAC/C,OAAO,EACL,uBAAuB,EACvB,mBAAmB,GAEpB,MAAM,yBAAyB,CAAC;AACjC,OAAO,EAA4C,MAAM,aAAa,CAAC;AACvE,OAAO,EAAE,0BAA0B,EAAE,MAAM,uBAAuB,CAAC;AACnE,OAAO,EACL,KAAK,EACL,0BAA0B,EAC1B,6BAA6B,GAC9B,MAAM,cAAc,CAAC;AACtB,OAAO,EAAE,kCAAkC,EAAE,MAAM,0BAA0B,CAAC;AAC9E,OAAO,EAAwB,MAAM,gCAAgC,CAAC;AACtE,OAAO,EAAE,2CAA2C,EAAE,MAAM,gBAAgB,CAAC;AAE7E,SAAS,eAAe,CAAC,KAAiB;IACxC,OAAO,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC;SACrB,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;SAC3C,IAAI,CAAC,EAAE,CAAC,CAAC;AACd,CAAC;AAED,SAAS,eAAe,CAAC,GAAW;IAClC,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IAC7C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC;QACzC,KAAK,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IAC9D,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,MAAM,UAAU,uBAAuB,CAAC,eAAuB;IAC7D,MAAM,MAAM,GAAG,eAAe,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;IACrE,MAAM,SAAS,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;IAChD,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,GAAG,SAAS,EAAE,GAAG,CAAC,CAAC;IAC7D,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC;IAC5B,MAAM,MAAM,GAAG,IAAI,WAAW,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IAC9C,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,MAAM,CAAC,CAAC;IACrC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC;QAC1C,KAAK,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;IAClC,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,SAAS,uBAAuB,CAAC,UAAmC;IAClE,MAAM,SAAS,GAAG,IAAI,GAAG,CAAC,CAAC,MAAM,EAAE,WAAW,EAAE,QAAQ,EAAE,aAAa,CAAC,CAAC,CAAC;IAE1E,MAAM,SAAS,GAA4B,EAAE,CAAC;IAC9C,KAAK,MAAM,GAAG,IAAI,UAAU,EAAE,CAAC;QAC7B,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;YACxB,SAAS,CAAC,GAAG,CAAC,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC;QACnC,CAAC;IACH,CAAC;IAED,IAAI,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACxC,OAAO,IAAI,UAAU,EAAE,CAAC;IAC1B,CAAC;IAED,MAAM,UAAU,GAAG,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;IAC7C,OAAO,IAAI,UAAU,CAAC,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AAC3E,CAAC;AAYD,MAAM,UAAU,wBAAwB,CAAC,SAAqB;IAC5D,IAAI,SAAS,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;QAC5B,MAAM,IAAI,KAAK,CACb,4CAA4C,SAAS,CAAC,MAAM,QAAQ,CACrE,CAAC;IACJ,CAAC;IAED,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;IACnC,MAAM,SAAS,GAAG,KAAK,IAAI,EAAE,CAAC;IAC9B,MAAM,IAAI,GAAG,MAAM,CAAC,KAAK,eAAe,CAAC,SAAS,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC;IACrE,IAAI,IAAI,IAAI,SAAS,EAAE,CAAC;QACtB,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,MAAM,IAAI,GAAG,KAAK,GAAG,IAAI,CAAC;IAC1B,MAAM,IAAI,GAAG,eAAe,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC;IAClE,MAAM,UAAU,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;IACtC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;IAC1C,UAAU,CAAC,GAAG,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;IACzB,OAAO,UAAU,CAAC;AACpB,CAAC;AAED,MAAM,UAAU,uBAAuB,CAAC,SAAqB;IAC3D,IAAI,SAAS,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;QAC5B,OAAO,wBAAwB,CAAC,SAAS,CAAC,CAAC;IAC7C,CAAC;IAED,IAAI,SAAS,CAAC,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;QAC1B,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;IAC1C,CAAC;IAED,MAAM,WAAW,GAAG,SAAS,CAAC,CAAC,CAAC,CAAC;IACjC,IAAI,MAAM,GAAG,CAAC,CAAC;IAEf,IAAI,WAAW,GAAG,IAAI,EAAE,CAAC;QACvB,MAAM,WAAW,GAAG,WAAW,GAAG,IAAI,CAAC;QACvC,MAAM,IAAI,WAAW,CAAC;IACxB,CAAC;IAED,IAAI,SAAS,CAAC,MAAM,CAAC,KAAK,IAAI,EAAE,CAAC;QAC/B,MAAM,IAAI,KAAK,CAAC,wBAAwB,CAAC,CAAC;IAC5C,CAAC;IACD,MAAM,IAAI,GAAG,SAAS,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IACnC,MAAM,MAAM,GAAG,MAAM,GAAG,CAAC,CAAC;IAC1B,MAAM,CAAC,GAAG,SAAS,CAAC,KAAK,CAAC,MAAM,EAAE,MAAM,GAAG,IAAI,CAAC,CAAC;IAEjD,MAAM,GAAG,MAAM,GAAG,IAAI,CAAC;IACvB,IAAI,SAAS,CAAC,MAAM,CAAC,KAAK,IAAI,EAAE,CAAC;QAC/B,MAAM,IAAI,KAAK,CAAC,wBAAwB,CAAC,CAAC;IAC5C,CAAC;IACD,MAAM,IAAI,GAAG,SAAS,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IACnC,MAAM,MAAM,GAAG,MAAM,GAAG,CAAC,CAAC;IAC1B,MAAM,CAAC,GAAG,SAAS,CAAC,KAAK,CAAC,MAAM,EAAE,MAAM,GAAG,IAAI,CAAC,CAAC;IAEjD,MAAM,SAAS,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,IAAI,IAAI,CAAC,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAClE,MAAM,SAAS,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,IAAI,IAAI,CAAC,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAElE,IAAI,SAAS,CAAC,MAAM,GAAG,EAAE,IAAI,SAAS,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;QACnD,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC;IAC9C,CAAC;IAED,MAAM,MAAM,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;IAClC,MAAM,CAAC,GAAG,CAAC,SAAS,EAAE,EAAE,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC;IAC7C,MAAM,CAAC,GAAG,CAAC,SAAS,EAAE,EAAE,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC;IAE7C,OAAO,wBAAwB,CAAC,MAAM,CAAC,CAAC;AAC1C,CAAC;AAED,MAAM,UAAU,mBAAmB,CACjC,YAAwC;IAExC,MAAM,cAAc,GAAG,uBAAuB,CAC5C,YAAY,CAAC,QAAQ,CAAC,cAAc,CACrC,CAAC;IACF,MAAM,iBAAiB,GAAG,uBAAuB,CAC/C,YAAY,CAAC,QAAQ,CAAC,iBAAiB,CACxC,CAAC;IACF,MAAM,cAAc,GAAG,MAAM,CAAC,cAAc,CAAC,CAAC;IAC9C,OAAO,IAAI,UAAU,CAAC,CAAC,GAAG,iBAAiB,EAAE,GAAG,cAAc,CAAC,CAAC,CAAC;AACnE,CAAC;AAED,MAAM,UAAU,uBAAuB,CAAC,cAAsB;IAC5D,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CACvB,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,uBAAuB,CAAC,cAAc,CAAC,CAAC,CACvC,CAAC;IAC7B,OAAO;QACL,MAAM,EAAE,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC;QAC7B,WAAW,EAAE,OAAO,CAAC,MAAM,CAAC,WAAW,CAAC;QACxC,uBAAuB,EAAE,uBAAuB,CAAC,MAAM,CAAC;KACzD,CAAC;AACJ,CAAC"}

package/dist/utils/passkey/secp256r1.d.ts

@@ -0,0 +1,26 @@
+import type { AuthenticationResponseJSON } from "@simplewebauthn/browser";
+import { type Address, type Instruction } from "@solana/kit";
+import { SECP256R1_PROGRAM_ADDRESS } from "../consts.js";
+import { type TransferSession } from "../../instructions/transfer.js";
+export declare function buildTransferMessageHash(input: {
+    asset: Address;
+    sender: Address;
+}): Promise<Uint8Array>;
+export declare function buildTransferChallenge(input: {
+    tokenProgram: Address;
+    asset: Address;
+    sender: Address;
+    slotHash: Uint8Array;
+}): Promise<Uint8Array>;
+export type WebAuthnSecp256r1Verification = {
+    secp256r1Verify: Instruction<typeof SECP256R1_PROGRAM_ADDRESS>;
+    origin: string;
+    crossOrigin: boolean;
+    truncatedClientDataJson: Uint8Array;
+    domainConfig: Address;
+};
+export declare function buildSecp256r1VerifyInstructionFromWebAuthn(input: {
+    session: TransferSession;
+    response: AuthenticationResponseJSON;
+}): Promise<WebAuthnSecp256r1Verification>;
+//# sourceMappingURL=secp256r1.d.ts.map

package/dist/utils/passkey/secp256r1.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"secp256r1.d.ts","sourceRoot":"","sources":["../../../src/utils/passkey/secp256r1.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,0BAA0B,EAAE,MAAM,yBAAyB,CAAC;AAC1E,OAAO,EAAqB,KAAK,OAAO,EAAE,KAAK,WAAW,EAAE,MAAM,aAAa,CAAC;AAEhF,OAAO,EAAE,yBAAyB,EAAyB,MAAM,cAAc,CAAC;AAOhF,OAAO,EAAE,KAAK,eAAe,EAAE,MAAM,gCAAgC,CAAC;AA8CtE,wBAAsB,wBAAwB,CAAC,KAAK,EAAE;IACpD,KAAK,EAAE,OAAO,CAAC;IACf,MAAM,EAAE,OAAO,CAAC;CACjB,GAAG,OAAO,CAAC,UAAU,CAAC,CAItB;AAED,wBAAsB,sBAAsB,CAAC,KAAK,EAAE;IAClD,YAAY,EAAE,OAAO,CAAC;IACtB,KAAK,EAAE,OAAO,CAAC;IACf,MAAM,EAAE,OAAO,CAAC;IAChB,QAAQ,EAAE,UAAU,CAAC;CACtB,GAAG,OAAO,CAAC,UAAU,CAAC,CActB;AAED,MAAM,MAAM,6BAA6B,GAAG;IAC1C,eAAe,EAAE,WAAW,CAAC,OAAO,yBAAyB,CAAC,CAAC;IAC/D,MAAM,EAAE,MAAM,CAAC;IACf,WAAW,EAAE,OAAO,CAAC;IACrB,uBAAuB,EAAE,UAAU,CAAC;IACpC,YAAY,EAAE,OAAO,CAAC;CACvB,CAAC;AAEF,wBAAsB,2CAA2C,CAAC,KAAK,EAAE;IACvE,OAAO,EAAE,eAAe,CAAC;IACzB,QAAQ,EAAE,0BAA0B,CAAC;CACtC,GAAG,OAAO,CAAC,6BAA6B,CAAC,CAUzC"}

package/dist/utils/passkey/secp256r1.js

@@ -0,0 +1,59 @@
+import { getAddressEncoder } from "@solana/kit";
+import { getSecp256r1VerifyInstruction } from "../../instructions/internal/secp256r1Verify.js";
+import { SECP256R1_PROGRAM_ADDRESS, TRANSFER_ACTION_BYTES } from "../consts.js";
+import { base64URLStringToBuffer, convertSignatureDERtoRS, getSecp256r1Message, parseWebAuthnClientData, } from "./internal.js";
+import {} from "../../instructions/transfer.js";
+import { findDomainConfigPda } from "../pdas/domainConfig.js";
+import { sha256 } from "@noble/hashes/sha2.js";
+function concatBytes(...parts) {
+    const total = parts.reduce((sum, part) => sum + part.length, 0);
+    const out = new Uint8Array(total);
+    let offset = 0;
+    for (const part of parts) {
+        out.set(part, offset);
+        offset += part.length;
+    }
+    return out;
+}
+function encodeAddress(addressValue) {
+    return new Uint8Array(getAddressEncoder().encode(addressValue));
+}
+function buildSecp256r1VerifyInputFromWebAuthn(input) {
+    const clientData = parseWebAuthnClientData(input.response.response.clientDataJSON);
+    const signature = convertSignatureDERtoRS(base64URLStringToBuffer(input.response.response.signature));
+    const message = getSecp256r1Message(input.response);
+    return {
+        verifyInput: [
+            {
+                publicKey: base64URLStringToBuffer(input.session.displayInfo.publicKey),
+                signature,
+                message,
+            },
+        ],
+        crossOrigin: clientData.crossOrigin,
+        truncatedClientDataJson: clientData.truncatedClientDataJson,
+        origin: clientData.origin,
+        rpIdHash: message.subarray(0, 32),
+    };
+}
+export async function buildTransferMessageHash(input) {
+    return sha256(concatBytes(encodeAddress(input.asset), encodeAddress(input.sender)));
+}
+export async function buildTransferChallenge(input) {
+    const messageHash = await buildTransferMessageHash({
+        asset: input.asset,
+        sender: input.sender,
+    });
+    return sha256(concatBytes(TRANSFER_ACTION_BYTES, encodeAddress(input.tokenProgram), messageHash, new Uint8Array(input.slotHash)));
+}
+export async function buildSecp256r1VerifyInstructionFromWebAuthn(input) {
+    const parsed = buildSecp256r1VerifyInputFromWebAuthn(input);
+    return {
+        secp256r1Verify: getSecp256r1VerifyInstruction(parsed.verifyInput),
+        origin: parsed.origin,
+        crossOrigin: parsed.crossOrigin,
+        truncatedClientDataJson: parsed.truncatedClientDataJson,
+        domainConfig: await findDomainConfigPda(undefined, parsed.rpIdHash),
+    };
+}
+//# sourceMappingURL=secp256r1.js.map

package/dist/utils/passkey/secp256r1.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"secp256r1.js","sourceRoot":"","sources":["../../../src/utils/passkey/secp256r1.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,iBAAiB,EAAkC,MAAM,aAAa,CAAC;AAChF,OAAO,EAAE,6BAA6B,EAAE,MAAM,gDAAgD,CAAC;AAC/F,OAAO,EAAE,yBAAyB,EAAE,qBAAqB,EAAE,MAAM,cAAc,CAAC;AAChF,OAAO,EACL,uBAAuB,EACvB,uBAAuB,EACvB,mBAAmB,EACnB,uBAAuB,GACxB,MAAM,eAAe,CAAC;AACvB,OAAO,EAAwB,MAAM,gCAAgC,CAAC;AACtE,OAAO,EAAE,mBAAmB,EAAE,MAAM,yBAAyB,CAAC;AAC9D,OAAO,EAAE,MAAM,EAAE,MAAM,uBAAuB,CAAC;AAE/C,SAAS,WAAW,CAAC,GAAG,KAAmB;IACzC,MAAM,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,IAAI,EAAE,EAAE,CAAC,GAAG,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;IAChE,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,KAAK,CAAC,CAAC;IAClC,IAAI,MAAM,GAAG,CAAC,CAAC;IACf,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,GAAG,CAAC,GAAG,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QACtB,MAAM,IAAI,IAAI,CAAC,MAAM,CAAC;IACxB,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,SAAS,aAAa,CAAC,YAAqB;IAC1C,OAAO,IAAI,UAAU,CAAC,iBAAiB,EAAE,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,CAAC;AAClE,CAAC;AAED,SAAS,qCAAqC,CAAC,KAG9C;IACC,MAAM,UAAU,GAAG,uBAAuB,CACxC,KAAK,CAAC,QAAQ,CAAC,QAAQ,CAAC,cAAc,CACvC,CAAC;IACF,MAAM,SAAS,GAAG,uBAAuB,CACvC,uBAAuB,CAAC,KAAK,CAAC,QAAQ,CAAC,QAAQ,CAAC,SAAS,CAAC,CAC3D,CAAC;IACF,MAAM,OAAO,GAAG,mBAAmB,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;IAEpD,OAAO;QACL,WAAW,EAAE;YACX;gBACE,SAAS,EAAE,uBAAuB,CAAC,KAAK,CAAC,OAAO,CAAC,WAAW,CAAC,SAAS,CAAC;gBACvE,SAAS;gBACT,OAAO;aACR;SACF;QACD,WAAW,EAAE,UAAU,CAAC,WAAW;QACnC,uBAAuB,EAAE,UAAU,CAAC,uBAAuB;QAC3D,MAAM,EAAE,UAAU,CAAC,MAAM;QACzB,QAAQ,EAAE,OAAO,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC;KAClC,CAAC;AACJ,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,wBAAwB,CAAC,KAG9C;IACC,OAAO,MAAM,CACX,WAAW,CAAC,aAAa,CAAC,KAAK,CAAC,KAAK,CAAC,EAAE,aAAa,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CACrE,CAAC;AACJ,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,sBAAsB,CAAC,KAK5C;IACC,MAAM,WAAW,GAAG,MAAM,wBAAwB,CAAC;QACjD,KAAK,EAAE,KAAK,CAAC,KAAK;QAClB,MAAM,EAAE,KAAK,CAAC,MAAM;KACrB,CAAC,CAAC;IAEH,OAAO,MAAM,CACX,WAAW,CACT,qBAAqB,EACrB,aAAa,CAAC,KAAK,CAAC,YAAY,CAAC,EACjC,WAAW,EACX,IAAI,UAAU,CAAC,KAAK,CAAC,QAAQ,CAAC,CAC/B,CACF,CAAC;AACJ,CAAC;AAUD,MAAM,CAAC,KAAK,UAAU,2CAA2C,CAAC,KAGjE;IACC,MAAM,MAAM,GAAG,qCAAqC,CAAC,KAAK,CAAC,CAAC;IAE5D,OAAO;QACL,eAAe,EAAE,6BAA6B,CAAC,MAAM,CAAC,WAAW,CAAC;QAClE,MAAM,EAAE,MAAM,CAAC,MAAM;QACrB,WAAW,EAAE,MAAM,CAAC,WAAW;QAC/B,uBAAuB,EAAE,MAAM,CAAC,uBAAuB;QACvD,YAAY,EAAE,MAAM,mBAAmB,CAAC,SAAS,EAAE,MAAM,CAAC,QAAQ,CAAC;KACpE,CAAC;AACJ,CAAC"}

package/dist/utils/pdas/asset.d.ts

@@ -0,0 +1,4 @@
+import { type Address } from "@solana/kit";
+import { type Secp256r1Pubkey } from "../../generated/index.js";
+export declare function findAssetPda(secp256r1Pubkey: Secp256r1Pubkey): Promise<Address>;
+//# sourceMappingURL=asset.d.ts.map

package/dist/utils/pdas/asset.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"asset.d.ts","sourceRoot":"","sources":["../../../src/utils/pdas/asset.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,KAAK,OAAO,EAGb,MAAM,aAAa,CAAC;AACrB,OAAO,EAAE,KAAK,eAAe,EAAkC,MAAM,0BAA0B,CAAC;AAGhG,wBAAsB,YAAY,CAChC,eAAe,EAAE,eAAe,GAC/B,OAAO,CAAC,OAAO,CAAC,CAUlB"}

package/dist/utils/pdas/asset.js

@@ -0,0 +1,14 @@
+import { getProgramDerivedAddress, getBytesEncoder, } from "@solana/kit";
+import { PHYGITAL_TOKEN_PROGRAM_ADDRESS } from "../../generated/index.js";
+const ASSET_SEED = new TextEncoder().encode("asset");
+export async function findAssetPda(secp256r1Pubkey) {
+    const [asset] = await getProgramDerivedAddress({
+        programAddress: PHYGITAL_TOKEN_PROGRAM_ADDRESS,
+        seeds: [
+            getBytesEncoder().encode(ASSET_SEED),
+            getBytesEncoder().encode(secp256r1Pubkey[0].slice(1)),
+        ],
+    });
+    return asset;
+}
+//# sourceMappingURL=asset.js.map

package/dist/utils/pdas/asset.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"asset.js","sourceRoot":"","sources":["../../../src/utils/pdas/asset.ts"],"names":[],"mappings":"AAAA,OAAO,EAEL,wBAAwB,EACxB,eAAe,GAChB,MAAM,aAAa,CAAC;AACrB,OAAO,EAAwB,8BAA8B,EAAE,MAAM,0BAA0B,CAAC;AAEhG,MAAM,UAAU,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;AACrD,MAAM,CAAC,KAAK,UAAU,YAAY,CAChC,eAAgC;IAEhC,MAAM,CAAC,KAAK,CAAC,GAAG,MAAM,wBAAwB,CAAC;QAC7C,cAAc,EAAE,8BAA8B;QAC9C,KAAK,EAAE;YACL,eAAe,EAAE,CAAC,MAAM,CAAC,UAAU,CAAC;YACpC,eAAe,EAAE,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;SACtD;KACF,CAAC,CAAC;IAEH,OAAO,KAAK,CAAC;AACf,CAAC"}

package/dist/utils/pdas/domainConfig.d.ts

@@ -0,0 +1,3 @@
+import { type Address } from "@solana/kit";
+export declare function findDomainConfigPda(rpId?: string, rpIdHash?: Uint8Array): Promise<Address>;
+//# sourceMappingURL=domainConfig.d.ts.map

package/dist/utils/pdas/domainConfig.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"domainConfig.d.ts","sourceRoot":"","sources":["../../../src/utils/pdas/domainConfig.ts"],"names":[],"mappings":"AACA,OAAO,EACL,KAAK,OAAO,EAGb,MAAM,aAAa,CAAC;AAIrB,wBAAsB,mBAAmB,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAC,UAAU,GAAG,OAAO,CAAC,OAAO,CAAC,CAU/F"}

package/dist/utils/pdas/domainConfig.js

@@ -0,0 +1,15 @@
+import { sha256 } from "@noble/hashes/sha2.js";
+import { getProgramDerivedAddress, getBytesEncoder, } from "@solana/kit";
+import { PHYGITAL_TOKEN_PROGRAM_ADDRESS } from "../../generated/index.js";
+const DOMAIN_CONFIG_SEED = new TextEncoder().encode("domain_config");
+export async function findDomainConfigPda(rpId, rpIdHash) {
+    const [domainConfig] = await getProgramDerivedAddress({
+        programAddress: PHYGITAL_TOKEN_PROGRAM_ADDRESS,
+        seeds: [
+            getBytesEncoder().encode(DOMAIN_CONFIG_SEED),
+            getBytesEncoder().encode(rpIdHash ?? sha256(new TextEncoder().encode(rpId))),
+        ],
+    });
+    return domainConfig;
+}
+//# sourceMappingURL=domainConfig.js.map

package/dist/utils/pdas/domainConfig.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"domainConfig.js","sourceRoot":"","sources":["../../../src/utils/pdas/domainConfig.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,uBAAuB,CAAC;AAC/C,OAAO,EAEL,wBAAwB,EACxB,eAAe,GAChB,MAAM,aAAa,CAAC;AACrB,OAAO,EAAE,8BAA8B,EAAE,MAAM,0BAA0B,CAAC;AAC1E,MAAM,kBAAkB,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC;AAErE,MAAM,CAAC,KAAK,UAAU,mBAAmB,CAAC,IAAa,EAAE,QAAoB;IAC3E,MAAM,CAAC,YAAY,CAAC,GAAG,MAAM,wBAAwB,CAAC;QACpD,cAAc,EAAE,8BAA8B;QAC9C,KAAK,EAAE;YACL,eAAe,EAAE,CAAC,MAAM,CAAC,kBAAkB,CAAC;YAC5C,eAAe,EAAE,CAAC,MAAM,CAAC,QAAQ,IAAI,MAAM,CAAC,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;SAC7E;KACF,CAAC,CAAC;IAEH,OAAO,YAAY,CAAC;AACtB,CAAC"}

package/dist/utils/pdas/index.d.ts

@@ -0,0 +1,3 @@
+export * from "./asset.js";
+export * from "./domainConfig.js";
+//# sourceMappingURL=index.d.ts.map

package/dist/utils/pdas/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/utils/pdas/index.ts"],"names":[],"mappings":"AAAA,cAAc,YAAY,CAAA;AAC1B,cAAc,mBAAmB,CAAA"}

package/dist/utils/pdas/index.js

@@ -0,0 +1,3 @@
+export * from "./asset.js";
+export * from "./domainConfig.js";
+//# sourceMappingURL=index.js.map

package/dist/utils/pdas/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/utils/pdas/index.ts"],"names":[],"mappings":"AAAA,cAAc,YAAY,CAAA;AAC1B,cAAc,mBAAmB,CAAA"}

package/dist/utils/slotHash.d.ts

@@ -0,0 +1,9 @@
+import { type Address, type Rpc, type SolanaRpcApi } from "@solana/kit";
+export declare function decodeBase64AccountData(data: string | [string, string] | Uint8Array): Uint8Array;
+export declare function getLatestSlotHash(rpc: Rpc<SolanaRpcApi>): Promise<{
+    slotHash: Uint8Array<ArrayBufferLike>;
+    slotNumber: bigint;
+    estimatedSlotHashExpiry: number;
+}>;
+export declare function fetchAccountData(rpc: Rpc<SolanaRpcApi>, account: Address): Promise<Uint8Array>;
+//# sourceMappingURL=slotHash.d.ts.map

package/dist/utils/slotHash.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"slotHash.d.ts","sourceRoot":"","sources":["../../src/utils/slotHash.ts"],"names":[],"mappings":"AAAA,OAAO,EAGL,KAAK,OAAO,EACZ,KAAK,GAAG,EACR,KAAK,YAAY,EAClB,MAAM,aAAa,CAAC;AAGrB,wBAAgB,uBAAuB,CACrC,IAAI,EAAE,MAAM,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,GAAG,UAAU,GAC3C,UAAU,CAMZ;AAED,wBAAsB,iBAAiB,CAAC,GAAG,EAAE,GAAG,CAAC,YAAY,CAAC;;;;GAqB7D;AAED,wBAAsB,gBAAgB,CACpC,GAAG,EAAE,GAAG,CAAC,YAAY,CAAC,EACtB,OAAO,EAAE,OAAO,GACf,OAAO,CAAC,UAAU,CAAC,CAarB"}

package/dist/utils/slotHash.js

@@ -0,0 +1,39 @@
+import { getBase64Encoder, getU64Decoder, } from "@solana/kit";
+import { SLOT_HASHES_SYSVAR_ADDRESS } from "./consts.js";
+export function decodeBase64AccountData(data) {
+    if (data instanceof Uint8Array) {
+        return data;
+    }
+    const base64 = Array.isArray(data) ? data[0] : data;
+    return new Uint8Array(getBase64Encoder().encode(base64));
+}
+export async function getLatestSlotHash(rpc) {
+    const slotSysvarData = (await rpc
+        .getAccountInfo(SLOT_HASHES_SYSVAR_ADDRESS, {
+        encoding: "base64",
+        commitment: "confirmed",
+        dataSlice: { offset: 8, length: 40 },
+    })
+        .send()).value?.data;
+    if (!slotSysvarData) {
+        throw new Error("Unable to fetch slot hashes sysvar");
+    }
+    const slotHashData = decodeBase64AccountData(slotSysvarData);
+    const slotNumber = getU64Decoder().decode(slotHashData.subarray(0, 8));
+    const slotHash = slotHashData.subarray(8, 40);
+    const estimatedSlotHashExpiry = Date.now() + 512 * 400;
+    return { slotHash, slotNumber, estimatedSlotHashExpiry };
+}
+export async function fetchAccountData(rpc, account) {
+    const response = await rpc
+        .getAccountInfo(account, {
+        encoding: "base64",
+        commitment: "confirmed",
+    })
+        .send();
+    if (!response.value?.data) {
+        throw new Error(`Account not found: ${account}`);
+    }
+    return decodeBase64AccountData(response.value.data);
+}
+//# sourceMappingURL=slotHash.js.map

package/dist/utils/slotHash.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"slotHash.js","sourceRoot":"","sources":["../../src/utils/slotHash.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,gBAAgB,EAChB,aAAa,GAId,MAAM,aAAa,CAAC;AACrB,OAAO,EAAE,0BAA0B,EAAE,MAAM,aAAa,CAAC;AAEzD,MAAM,UAAU,uBAAuB,CACrC,IAA4C;IAE5C,IAAI,IAAI,YAAY,UAAU,EAAE,CAAC;QAC/B,OAAO,IAAI,CAAC;IACd,CAAC;IACD,MAAM,MAAM,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;IACpD,OAAO,IAAI,UAAU,CAAC,gBAAgB,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC;AAC3D,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,iBAAiB,CAAC,GAAsB;IAC5D,MAAM,cAAc,GAAG,CACrB,MAAM,GAAG;SACN,cAAc,CAAC,0BAA0B,EAAE;QAC1C,QAAQ,EAAE,QAAQ;QAClB,UAAU,EAAE,WAAW;QACvB,SAAS,EAAE,EAAE,MAAM,EAAE,CAAC,EAAE,MAAM,EAAE,EAAE,EAAE;KACrC,CAAC;SACD,IAAI,EAAE,CACV,CAAC,KAAK,EAAE,IAAI,CAAC;IAEd,IAAI,CAAC,cAAc,EAAE,CAAC;QACpB,MAAM,IAAI,KAAK,CAAC,oCAAoC,CAAC,CAAC;IACxD,CAAC;IAED,MAAM,YAAY,GAAG,uBAAuB,CAAC,cAAc,CAAC,CAAC;IAC7D,MAAM,UAAU,GAAG,aAAa,EAAE,CAAC,MAAM,CAAC,YAAY,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;IACvE,MAAM,QAAQ,GAAG,YAAY,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IAC9C,MAAM,uBAAuB,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,GAAG,GAAG,GAAG,CAAC;IAEvD,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,uBAAuB,EAAE,CAAC;AAC3D,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,gBAAgB,CACpC,GAAsB,EACtB,OAAgB;IAEhB,MAAM,QAAQ,GAAG,MAAM,GAAG;SACvB,cAAc,CAAC,OAAO,EAAE;QACvB,QAAQ,EAAE,QAAQ;QAClB,UAAU,EAAE,WAAW;KACxB,CAAC;SACD,IAAI,EAAE,CAAC;IAEV,IAAI,CAAC,QAAQ,CAAC,KAAK,EAAE,IAAI,EAAE,CAAC;QAC1B,MAAM,IAAI,KAAK,CAAC,sBAAsB,OAAO,EAAE,CAAC,CAAC;IACnD,CAAC;IAED,OAAO,uBAAuB,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;AACtD,CAAC"}

package/dist/utils/tokenOwner.d.ts

@@ -0,0 +1,7 @@
+import { type Address, type Rpc, type SolanaRpcApi } from "@solana/kit";
+/**
+ * Returns the wallet that currently holds the NFT (amount === 1).
+ * Uses `getTokenLargestAccounts` then reads the owner field from the token account.
+ */
+export declare function getCurrentOwner(rpc: Rpc<SolanaRpcApi>, mint: Address): Promise<Address>;
+//# sourceMappingURL=tokenOwner.d.ts.map

package/dist/utils/tokenOwner.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"tokenOwner.d.ts","sourceRoot":"","sources":["../../src/utils/tokenOwner.ts"],"names":[],"mappings":"AAAA,OAAO,EAEL,KAAK,OAAO,EACZ,KAAK,GAAG,EACR,KAAK,YAAY,EAClB,MAAM,aAAa,CAAC;AAMrB;;;GAGG;AACH,wBAAsB,eAAe,CACnC,GAAG,EAAE,GAAG,CAAC,YAAY,CAAC,EACtB,IAAI,EAAE,OAAO,GACZ,OAAO,CAAC,OAAO,CAAC,CA0BlB"}

package/dist/utils/tokenOwner.js

@@ -0,0 +1,24 @@
+import { getAddressDecoder, } from "@solana/kit";
+import { fetchAccountData } from "./slotHash.js";
+const TOKEN_ACCOUNT_OWNER_OFFSET = 32;
+const TOKEN_ACCOUNT_OWNER_SIZE = 32;
+/**
+ * Returns the wallet that currently holds the NFT (amount === 1).
+ * Uses `getTokenLargestAccounts` then reads the owner field from the token account.
+ */
+export async function getCurrentOwner(rpc, mint) {
+    const largestAccounts = (await rpc
+        .getTokenLargestAccounts(mint, { commitment: "confirmed" })
+        .send()).value;
+    if (!largestAccounts?.length) {
+        throw new Error(`No token accounts found for mint ${mint}`);
+    }
+    const holderEntry = largestAccounts.find((entry) => entry.amount === "1") ??
+        largestAccounts.find((entry) => entry.amount !== "0");
+    if (!holderEntry) {
+        throw new Error(`No current holder found for mint ${mint}`);
+    }
+    const tokenAccountData = await fetchAccountData(rpc, holderEntry.address);
+    return getAddressDecoder().decode(tokenAccountData.subarray(TOKEN_ACCOUNT_OWNER_OFFSET, TOKEN_ACCOUNT_OWNER_OFFSET + TOKEN_ACCOUNT_OWNER_SIZE));
+}
+//# sourceMappingURL=tokenOwner.js.map

package/dist/utils/tokenOwner.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"tokenOwner.js","sourceRoot":"","sources":["../../src/utils/tokenOwner.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,iBAAiB,GAIlB,MAAM,aAAa,CAAC;AACrB,OAAO,EAAE,gBAAgB,EAAE,MAAM,YAAY,CAAC;AAE9C,MAAM,0BAA0B,GAAG,EAAE,CAAC;AACtC,MAAM,wBAAwB,GAAG,EAAE,CAAC;AAEpC;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CACnC,GAAsB,EACtB,IAAa;IAEb,MAAM,eAAe,GAAG,CACtB,MAAM,GAAG;SACN,uBAAuB,CAAC,IAAI,EAAE,EAAE,UAAU,EAAE,WAAW,EAAE,CAAC;SAC1D,IAAI,EAAE,CACV,CAAC,KAAK,CAAC;IAER,IAAI,CAAC,eAAe,EAAE,MAAM,EAAE,CAAC;QAC7B,MAAM,IAAI,KAAK,CAAC,oCAAoC,IAAI,EAAE,CAAC,CAAC;IAC9D,CAAC;IAED,MAAM,WAAW,GACf,eAAe,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,MAAM,KAAK,GAAG,CAAC;QACrD,eAAe,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,MAAM,KAAK,GAAG,CAAC,CAAC;IAExD,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,MAAM,IAAI,KAAK,CAAC,oCAAoC,IAAI,EAAE,CAAC,CAAC;IAC9D,CAAC;IAED,MAAM,gBAAgB,GAAG,MAAM,gBAAgB,CAAC,GAAG,EAAE,WAAW,CAAC,OAAO,CAAC,CAAC;IAC1E,OAAO,iBAAiB,EAAE,CAAC,MAAM,CAC/B,gBAAgB,CAAC,QAAQ,CACvB,0BAA0B,EAC1B,0BAA0B,GAAG,wBAAwB,CACtD,CACF,CAAC;AACJ,CAAC"}

package/dist/utils/verify.d.ts

@@ -0,0 +1,8 @@
+import { type VerifyMetadataCallback } from "./metadata.js";
+export declare function verifyWithServerCheck(params: URLSearchParams, verifyMetadataCallback?: VerifyMetadataCallback): Promise<import("./metadata.js").VerifyMetadataResult>;
+export declare function verifyLocal(params: URLSearchParams): {
+    isVerified: boolean;
+    publicKey: string;
+    counter: number;
+};
+//# sourceMappingURL=verify.d.ts.map

package/dist/utils/verify.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"verify.d.ts","sourceRoot":"","sources":["../../src/utils/verify.ts"],"names":[],"mappings":"AASA,OAAO,EAGL,KAAK,sBAAsB,EAC5B,MAAM,eAAe,CAAC;AASvB,wBAAsB,qBAAqB,CACzC,MAAM,EAAE,eAAe,EACvB,sBAAsB,GAAE,sBACuC,yDAGhE;AAED,wBAAgB,WAAW,CAAC,MAAM,EAAE,eAAe;;;;EAoDlD"}

package/dist/utils/verify.js

@@ -0,0 +1,45 @@
+import { Endian, getU32Encoder, } from "@solana/kit";
+import { base64URLStringToBuffer, normalizeSignatureToLowS, } from "./passkey/internal.js";
+import { p256 } from "@noble/curves/nist.js";
+import { DEFAULT_VERIFY_METADATA_ENDPOINT, verifyMetadata, } from "./metadata.js";
+export async function verifyWithServerCheck(params, verifyMetadataCallback = (queryParams) => verifyMetadata(DEFAULT_VERIFY_METADATA_ENDPOINT, queryParams)) {
+    return verifyMetadataCallback(params);
+}
+export function verifyLocal(params) {
+    const publicKey = params.get("pk");
+    const signature = params.get("s");
+    const counter = params.get("c");
+    const nonce = params.get("n");
+    if (!publicKey || !signature || !counter || !nonce)
+        throw new Error("Missing query params");
+    const compressedPk = base64URLStringToBuffer(publicKey);
+    if (compressedPk.length !== 33) {
+        throw new Error(`pk must be 33-byte compressed P-256 key, got ${compressedPk.length} bytes`);
+    }
+    const randomBytes = base64URLStringToBuffer(nonce);
+    if (randomBytes.length !== 8) {
+        throw new Error(`n must be 8 bytes, got ${randomBytes.length} bytes`);
+    }
+    const rawSig = base64URLStringToBuffer(signature);
+    if (rawSig.length !== 64) {
+        throw new Error(`s must be 64-byte raw ECDSA signature, got ${rawSig.length} bytes`);
+    }
+    const currentCounter = Number.parseInt(counter, 10);
+    if (!Number.isInteger(currentCounter) ||
+        currentCounter < 0 ||
+        currentCounter > 0xffffffff) {
+        throw new Error(`counter out of uint32 range: ${currentCounter}`);
+    }
+    const counterBytes = getU32Encoder({ endian: Endian.Big }).encode(currentCounter);
+    const message = new Uint8Array(12);
+    message.set(counterBytes, 0);
+    message.set(randomBytes, 4);
+    const normalizedSig = normalizeSignatureToLowS(rawSig);
+    const isVerified = p256.verify(normalizedSig, message, compressedPk);
+    return {
+        isVerified,
+        publicKey,
+        counter: currentCounter
+    };
+}
+//# sourceMappingURL=verify.js.map

package/dist/utils/verify.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"verify.js","sourceRoot":"","sources":["../../src/utils/verify.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,MAAM,EACN,aAAa,GACd,MAAM,aAAa,CAAC;AACrB,OAAO,EACL,uBAAuB,EACvB,wBAAwB,GACzB,MAAM,uBAAuB,CAAC;AAC/B,OAAO,EAAE,IAAI,EAAE,MAAM,uBAAuB,CAAC;AAC7C,OAAO,EACL,gCAAgC,EAChC,cAAc,GAEf,MAAM,eAAe,CAAC;AASvB,MAAM,CAAC,KAAK,UAAU,qBAAqB,CACzC,MAAuB,EACvB,yBAAiD,CAAC,WAAW,EAAE,EAAE,CAC/D,cAAc,CAAC,gCAAgC,EAAE,WAAW,CAAC;IAE/D,OAAO,sBAAsB,CAAC,MAAM,CAAC,CAAC;AACxC,CAAC;AAED,MAAM,UAAU,WAAW,CAAC,MAAuB;IACjD,MAAM,SAAS,GAAG,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;IACnC,MAAM,SAAS,GAAG,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IAClC,MAAM,OAAO,GAAG,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IAChC,MAAM,KAAK,GAAG,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IAC9B,IAAI,CAAC,SAAS,IAAI,CAAC,SAAS,IAAI,CAAC,OAAO,IAAI,CAAC,KAAK;QAChD,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;IAE1C,MAAM,YAAY,GAAG,uBAAuB,CAAC,SAAS,CAAC,CAAC;IACxD,IAAI,YAAY,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;QAC/B,MAAM,IAAI,KAAK,CACb,gDAAgD,YAAY,CAAC,MAAM,QAAQ,CAC5E,CAAC;IACJ,CAAC;IAED,MAAM,WAAW,GAAG,uBAAuB,CAAC,KAAK,CAAC,CAAC;IACnD,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC7B,MAAM,IAAI,KAAK,CAAC,0BAA0B,WAAW,CAAC,MAAM,QAAQ,CAAC,CAAC;IACxE,CAAC;IAED,MAAM,MAAM,GAAG,uBAAuB,CAAC,SAAS,CAAC,CAAC;IAClD,IAAI,MAAM,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;QACzB,MAAM,IAAI,KAAK,CACb,8CAA8C,MAAM,CAAC,MAAM,QAAQ,CACpE,CAAC;IACJ,CAAC;IAED,MAAM,cAAc,GAAG,MAAM,CAAC,QAAQ,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;IACpD,IACE,CAAC,MAAM,CAAC,SAAS,CAAC,cAAc,CAAC;QACjC,cAAc,GAAG,CAAC;QAClB,cAAc,GAAG,UAAU,EAC3B,CAAC;QACD,MAAM,IAAI,KAAK,CAAC,gCAAgC,cAAc,EAAE,CAAC,CAAC;IACpE,CAAC;IAED,MAAM,YAAY,GAAG,aAAa,CAAC,EAAE,MAAM,EAAE,MAAM,CAAC,GAAG,EAAE,CAAC,CAAC,MAAM,CAC/D,cAAc,CACf,CAAC;IAEF,MAAM,OAAO,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;IACnC,OAAO,CAAC,GAAG,CAAC,YAAY,EAAE,CAAC,CAAC,CAAC;IAC7B,OAAO,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC;IAE5B,MAAM,aAAa,GAAG,wBAAwB,CAAC,MAAM,CAAC,CAAC;IACvD,MAAM,UAAU,GAAG,IAAI,CAAC,MAAM,CAAC,aAAa,EAAE,OAAO,EAAE,YAAY,CAAC,CAAC;IAErE,OAAO;QACL,UAAU;QACV,SAAS;QACT,OAAO,EAAE,cAAc;KACxB,CAAC;AACJ,CAAC"}

package/dist/utils.d.ts

@@ -0,0 +1,10 @@
+import { type Address, type Rpc, type SolanaRpcApi } from "@solana/kit";
+export declare function decodeBase64AccountData(data: string | [string, string] | Uint8Array): Uint8Array;
+export declare function getLatestSlotHash(rpc: Rpc<SolanaRpcApi>): Promise<{
+    slotHash: Uint8Array<ArrayBufferLike>;
+    slotNumber: bigint;
+    estimatedSlotHashExpiry: number;
+}>;
+export declare function fetchAccountData(rpc: Rpc<SolanaRpcApi>, account: Address): Promise<Uint8Array>;
+export declare function encodeAddress(addressValue: Address): Uint8Array;
+//# sourceMappingURL=utils.d.ts.map

package/dist/utils.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../src/utils.ts"],"names":[],"mappings":"AAAA,OAAO,EAIL,KAAK,OAAO,EACZ,KAAK,GAAG,EACR,KAAK,YAAY,EAClB,MAAM,aAAa,CAAC;AAGrB,wBAAgB,uBAAuB,CACrC,IAAI,EAAE,MAAM,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,GAAG,UAAU,GAC3C,UAAU,CAMZ;AAED,wBAAsB,iBAAiB,CAAC,GAAG,EAAE,GAAG,CAAC,YAAY,CAAC;;;;GAqB7D;AAED,wBAAsB,gBAAgB,CACpC,GAAG,EAAE,GAAG,CAAC,YAAY,CAAC,EACtB,OAAO,EAAE,OAAO,GACf,OAAO,CAAC,UAAU,CAAC,CAarB;AAED,wBAAgB,aAAa,CAAC,YAAY,EAAE,OAAO,GAAG,UAAU,CAE/D"}

package/dist/utils.js

@@ -0,0 +1,42 @@
+import { getAddressEncoder, getBase64Encoder, getU64Decoder, } from "@solana/kit";
+import { SLOT_HASHES_SYSVAR_ADDRESS } from "././consts.js";
+export function decodeBase64AccountData(data) {
+    if (data instanceof Uint8Array) {
+        return data;
+    }
+    const base64 = Array.isArray(data) ? data[0] : data;
+    return new Uint8Array(getBase64Encoder().encode(base64));
+}
+export async function getLatestSlotHash(rpc) {
+    const slotSysvarData = (await rpc
+        .getAccountInfo(SLOT_HASHES_SYSVAR_ADDRESS, {
+        encoding: "base64",
+        commitment: "confirmed",
+        dataSlice: { offset: 8, length: 40 },
+    })
+        .send()).value?.data;
+    if (!slotSysvarData) {
+        throw new Error("Unable to fetch slot hashes sysvar");
+    }
+    const slotHashData = decodeBase64AccountData(slotSysvarData);
+    const slotNumber = getU64Decoder().decode(slotHashData.subarray(0, 8));
+    const slotHash = slotHashData.subarray(8, 40);
+    const estimatedSlotHashExpiry = Date.now() + 512 * 400;
+    return { slotHash, slotNumber, estimatedSlotHashExpiry };
+}
+export async function fetchAccountData(rpc, account) {
+    const response = await rpc
+        .getAccountInfo(account, {
+        encoding: "base64",
+        commitment: "confirmed",
+    })
+        .send();
+    if (!response.value?.data) {
+        throw new Error(`Account not found: ${account}`);
+    }
+    return decodeBase64AccountData(response.value.data);
+}
+export function encodeAddress(addressValue) {
+    return new Uint8Array(getAddressEncoder().encode(addressValue));
+}
+//# sourceMappingURL=utils.js.map

package/dist/utils.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"utils.js","sourceRoot":"","sources":["../src/utils.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,iBAAiB,EACjB,gBAAgB,EAChB,aAAa,GAId,MAAM,aAAa,CAAC;AACrB,OAAO,EAAE,0BAA0B,EAAE,MAAM,UAAU,CAAC;AAEtD,MAAM,UAAU,uBAAuB,CACrC,IAA4C;IAE5C,IAAI,IAAI,YAAY,UAAU,EAAE,CAAC;QAC/B,OAAO,IAAI,CAAC;IACd,CAAC;IACD,MAAM,MAAM,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;IACpD,OAAO,IAAI,UAAU,CAAC,gBAAgB,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC;AAC3D,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,iBAAiB,CAAC,GAAsB;IAC5D,MAAM,cAAc,GAAG,CACrB,MAAM,GAAG;SACN,cAAc,CAAC,0BAA0B,EAAE;QAC1C,QAAQ,EAAE,QAAQ;QAClB,UAAU,EAAE,WAAW;QACvB,SAAS,EAAE,EAAE,MAAM,EAAE,CAAC,EAAE,MAAM,EAAE,EAAE,EAAE;KACrC,CAAC;SACD,IAAI,EAAE,CACV,CAAC,KAAK,EAAE,IAAI,CAAC;IAEd,IAAI,CAAC,cAAc,EAAE,CAAC;QACpB,MAAM,IAAI,KAAK,CAAC,oCAAoC,CAAC,CAAC;IACxD,CAAC;IAED,MAAM,YAAY,GAAG,uBAAuB,CAAC,cAAc,CAAC,CAAC;IAC7D,MAAM,UAAU,GAAG,aAAa,EAAE,CAAC,MAAM,CAAC,YAAY,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;IACvE,MAAM,QAAQ,GAAG,YAAY,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IAC9C,MAAM,uBAAuB,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,GAAG,GAAG,GAAG,CAAC;IAEvD,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,uBAAuB,EAAE,CAAC;AAC3D,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,gBAAgB,CACpC,GAAsB,EACtB,OAAgB;IAEhB,MAAM,QAAQ,GAAG,MAAM,GAAG;SACvB,cAAc,CAAC,OAAO,EAAE;QACvB,QAAQ,EAAE,QAAQ;QAClB,UAAU,EAAE,WAAW;KACxB,CAAC;SACD,IAAI,EAAE,CAAC;IAEV,IAAI,CAAC,QAAQ,CAAC,KAAK,EAAE,IAAI,EAAE,CAAC;QAC1B,MAAM,IAAI,KAAK,CAAC,sBAAsB,OAAO,EAAE,CAAC,CAAC;IACnD,CAAC;IAED,OAAO,uBAAuB,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;AACtD,CAAC;AAED,MAAM,UAAU,aAAa,CAAC,YAAqB;IACjD,OAAO,IAAI,UAAU,CAAC,iBAAiB,EAAE,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,CAAC;AAClE,CAAC"}

package/package.json

@@ -0,0 +1,41 @@
+{
+  "name": "phygital-token-sdk",
+  "version": "0.1.0",
+  "description": "TypeScript client for the Phygital Token Solana program (generated via Codama)",
+  "license": "ISC",
+  "type": "module",
+  "main": "./dist/index.js",
+  "module": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.js"
+    }
+  },
+  "files": [
+    "dist"
+  ],
+  "scripts": {
+    "build": "tsc -p tsconfig.json",
+    "test": "vitest run",
+    "prepublishOnly": "yarn build"
+  },
+  "peerDependencies": {
+    "@solana/kit": "^6.4.0"
+  },
+  "devDependencies": {
+    "@solana/kit": "^6.4.0",
+    "typescript": "^5.7.3",
+    "vitest": "^3.2.4"
+  },
+  "dependencies": {
+    "@noble/curves": "^2.0.1",
+    "@noble/hashes": "^2.0.1",
+    "@simplewebauthn/browser": "^13.3.0",
+    "@solana-program/system": "^0.12.2",
+    "@solana-program/token-2022": "^0.11.0",
+    "@solana/program-client-core": "^6.4.0",
+    "@solana/signers": "^6.4.0"
+  }
+}