npm - quantumcoin - Versions diffs - 7.0.9 → 7.0.11 - Mend

quantumcoin 7.0.9 → 7.0.11

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (172) hide show

package/generate-sdk.js CHANGED Viewed

@@ -1269,7 +1269,6 @@ async function main() {
     nonce: nonce0,
     chainId,
     gasLimit,
-    gasPrice: 1n,
   });
   const sentDeploy = await provider.sendRawTransaction(rawDeploy);
@@ -1283,7 +1282,7 @@ async function main() {
   if (contract.populateTransaction && typeof contract.populateTransaction.approve === "function") {
     const txReq = await contract.populateTransaction.approve(from, 123, { gasLimit: 200000 });
     const nonce1 = await provider.getTransactionCount(from, "pending");
-    const raw = await wallet.signTransaction({ ...txReq, nonce: nonce1, chainId, gasPrice: 1n });
+    const raw = await wallet.signTransaction({ ...txReq, nonce: nonce1, chainId });
     const sent = await provider.sendRawTransaction(raw);
     console.log("approve tx hash:", sent.hash);
     await sent.wait(1, 600_000);
@@ -1358,7 +1357,6 @@ async function main(): Promise<void> {
     nonce: nonce0,
     chainId,
     gasLimit,
-    gasPrice: 1n,
   });
   const sentDeploy = await provider.sendRawTransaction(rawDeploy);
@@ -1371,7 +1369,7 @@ async function main(): Promise<void> {
   if (contract.populateTransaction && typeof contract.populateTransaction.approve === "function") {
     const txReq = await contract.populateTransaction.approve(from, 123, { gasLimit: 200000 });
     const nonce1 = await provider.getTransactionCount(from, "pending");
-    const raw = await wallet.signTransaction({ ...txReq, nonce: nonce1, chainId, gasPrice: 1n });
+    const raw = await wallet.signTransaction({ ...txReq, nonce: nonce1, chainId });
     const sent = await provider.sendRawTransaction(raw);
     console.log("approve tx hash:", sent.hash);
     await sent.wait(1, 600_000);
@@ -1492,7 +1490,7 @@ main().catch((e) => {
         _writeText(
           path.join(outDir, "examples", `offline-signing-${a.contractName}.js`),
-          `const { Initialize } = require("quantumcoin/config");\nconst { getProvider, Wallet, getCreateAddress } = require("quantumcoin");\nconst { TEST_WALLET_ENCRYPTED_JSON, TEST_WALLET_PASSPHRASE } = require("./_test-wallet");\nconst { ${a.contractName}__factory, ${a.contractName} } = require("..");\n\nasync function main() {\n  const rpcUrl = process.env.QC_RPC_URL;\n  if (!rpcUrl) throw new Error("QC_RPC_URL is required");\n  const chainId = process.env.QC_CHAIN_ID ? Number(process.env.QC_CHAIN_ID) : 123123;\n  await Initialize(null);\n\n  const provider = getProvider(rpcUrl, chainId);\n  const wallet = Wallet.fromEncryptedJsonSync(TEST_WALLET_ENCRYPTED_JSON, TEST_WALLET_PASSPHRASE);\n  const from = wallet.address;\n\n  const factory = new ${a.contractName}__factory(wallet);\n  const deployTxReq = factory.getDeployTransaction();\n  const nonce0 = await provider.getTransactionCount(from, \"pending\");\n  const predicted = getCreateAddress({ from, nonce: nonce0 });\n\n  const rawDeploy = await wallet.signTransaction({ ...deployTxReq, nonce: nonce0, chainId, gasLimit: 6_000_000, gasPrice: 1n });\n  const sentDeploy = await provider.sendRawTransaction(rawDeploy);\n  await sentDeploy.wait(1, 600_000);\n\n  const contract = ${a.contractName}.connect(predicted, provider);\n  console.log(\"deployed at:\", contract.target);\n}\n\nmain().catch((e) => { console.error(e); process.exitCode = 1; });\n`,
+          `const { Initialize } = require("quantumcoin/config");\nconst { getProvider, Wallet, getCreateAddress } = require("quantumcoin");\nconst { TEST_WALLET_ENCRYPTED_JSON, TEST_WALLET_PASSPHRASE } = require("./_test-wallet");\nconst { ${a.contractName}__factory, ${a.contractName} } = require("..");\n\nasync function main() {\n  const rpcUrl = process.env.QC_RPC_URL;\n  if (!rpcUrl) throw new Error("QC_RPC_URL is required");\n  const chainId = process.env.QC_CHAIN_ID ? Number(process.env.QC_CHAIN_ID) : 123123;\n  await Initialize(null);\n\n  const provider = getProvider(rpcUrl, chainId);\n  const wallet = Wallet.fromEncryptedJsonSync(TEST_WALLET_ENCRYPTED_JSON, TEST_WALLET_PASSPHRASE);\n  const from = wallet.address;\n\n  const factory = new ${a.contractName}__factory(wallet);\n  const deployTxReq = factory.getDeployTransaction();\n  const nonce0 = await provider.getTransactionCount(from, \"pending\");\n  const predicted = getCreateAddress({ from, nonce: nonce0 });\n\n  const rawDeploy = await wallet.signTransaction({ ...deployTxReq, nonce: nonce0, chainId, gasLimit: 6_000_000 });\n  const sentDeploy = await provider.sendRawTransaction(rawDeploy);\n  await sentDeploy.wait(1, 600_000);\n\n  const contract = ${a.contractName}.connect(predicted, provider);\n  console.log(\"deployed at:\", contract.target);\n}\n\nmain().catch((e) => { console.error(e); process.exitCode = 1; });\n`,
         );
         _writeText(
@@ -1514,7 +1512,7 @@ main().catch((e) => {
         );
         _writeText(
           path.join(outDir, "examples", `offline-signing-${a.contractName}.ts`),
-          `import { Initialize } from "quantumcoin/config";\nimport { getProvider, Wallet, getCreateAddress } from "quantumcoin";\nimport { TEST_WALLET_ENCRYPTED_JSON, TEST_WALLET_PASSPHRASE } from "./_test-wallet";\nimport { ${a.contractName}__factory, ${a.contractName} } from "..";\n\nasync function main(): Promise<void> {\n  const rpcUrl = process.env.QC_RPC_URL;\n  if (!rpcUrl) throw new Error("QC_RPC_URL is required");\n  const chainId = process.env.QC_CHAIN_ID ? Number(process.env.QC_CHAIN_ID) : 123123;\n  await Initialize(null);\n\n  const provider = getProvider(rpcUrl, chainId);\n  const wallet = Wallet.fromEncryptedJsonSync(TEST_WALLET_ENCRYPTED_JSON, TEST_WALLET_PASSPHRASE);\n  const from = wallet.address;\n\n  const factory = new ${a.contractName}__factory(wallet);\n  const deployTxReq = factory.getDeployTransaction();\n  const nonce0 = await provider.getTransactionCount(from, "pending");\n  const predicted = getCreateAddress({ from, nonce: nonce0 });\n\n  const rawDeploy = await wallet.signTransaction({ ...deployTxReq, nonce: nonce0, chainId, gasLimit: 6_000_000, gasPrice: 1n });\n  const sentDeploy = await provider.sendRawTransaction(rawDeploy);\n  await sentDeploy.wait(1, 600_000);\n\n  const contract = ${a.contractName}.connect(predicted, provider);\n  console.log("deployed at:", contract.target);\n}\n\nmain().catch((e) => { console.error(e); process.exitCode = 1; });\n`,
+          `import { Initialize } from "quantumcoin/config";\nimport { getProvider, Wallet, getCreateAddress } from "quantumcoin";\nimport { TEST_WALLET_ENCRYPTED_JSON, TEST_WALLET_PASSPHRASE } from "./_test-wallet";\nimport { ${a.contractName}__factory, ${a.contractName} } from "..";\n\nasync function main(): Promise<void> {\n  const rpcUrl = process.env.QC_RPC_URL;\n  if (!rpcUrl) throw new Error("QC_RPC_URL is required");\n  const chainId = process.env.QC_CHAIN_ID ? Number(process.env.QC_CHAIN_ID) : 123123;\n  await Initialize(null);\n\n  const provider = getProvider(rpcUrl, chainId);\n  const wallet = Wallet.fromEncryptedJsonSync(TEST_WALLET_ENCRYPTED_JSON, TEST_WALLET_PASSPHRASE);\n  const from = wallet.address;\n\n  const factory = new ${a.contractName}__factory(wallet);\n  const deployTxReq = factory.getDeployTransaction();\n  const nonce0 = await provider.getTransactionCount(from, "pending");\n  const predicted = getCreateAddress({ from, nonce: nonce0 });\n\n  const rawDeploy = await wallet.signTransaction({ ...deployTxReq, nonce: nonce0, chainId, gasLimit: 6_000_000 });\n  const sentDeploy = await provider.sendRawTransaction(rawDeploy);\n  await sentDeploy.wait(1, 600_000);\n\n  const contract = ${a.contractName}.connect(predicted, provider);\n  console.log("deployed at:", contract.target);\n}\n\nmain().catch((e) => { console.error(e); process.exitCode = 1; });\n`,
         );
         _writeText(
           path.join(outDir, "examples", `events-${a.contractName}.ts`),

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "quantumcoin",
-  "version": "7.0.9",
+  "version": "7.0.11",
   "description": "QuantumCoin.js - a post quantum cryptography SDK for QuantumCoin",
   "main": "index.js",
   "types": "src/index.d.ts",
@@ -90,6 +90,6 @@
   },
   "dependencies": {
     "seed-words": "^1.0.2",
-    "quantum-coin-js-sdk": "1.0.32"
+    "quantum-coin-js-sdk": "1.0.35"
   }
 }

package/src/abi/interface.js CHANGED Viewed

@@ -16,12 +16,18 @@ const jsAbi = require("./js-abi-coder");
 function _requireInitialized() {
   // eslint-disable-next-line global-require
-  const { isInitialized } = require("../../config");
-  if (!isInitialized()) {
-    throw makeError("QuantumCoin SDK not initialized. Call Initialize() first.", "UNKNOWN_ERROR", {
-      operation: "abi",
-    });
-  }
+  const { isInitialized, getInitializationPromise } = require("../../config");
+  if (isInitialized()) return;
+  if (getInitializationPromise() != null) {
+    throw makeError(
+      "QuantumCoin SDK is still initializing. Await the Initialize() promise before using SDK methods.",
+      "UNKNOWN_ERROR",
+      { operation: "requireInitialized" },
+    );
+  }
+  throw makeError("QuantumCoin SDK not initialized. Call Initialize() first.", "UNKNOWN_ERROR", {
+    operation: "abi",
+  });
 }
 function _sanitizeArg(value) {
@@ -134,8 +140,8 @@ function _uint256ToFixedBytesHex(type, value) {
   if (value == null) return value;
   const bi = typeof value === "bigint" ? value : BigInt(value);
+  if (bi >= (1n << 256n)) throw makeError("value exceeds uint256", "INVALID_ARGUMENT", { value: bi.toString() });
   let hex = bi.toString(16);
-  if (hex.length > 64) hex = hex.slice(-64);
   hex = hex.padStart(64, "0");
   // bytesN is the first N bytes (right-padded in the 32-byte word).
   return normalizeHex("0x" + hex.slice(0, n * 2));

package/src/abi/js-abi-coder.js CHANGED Viewed

@@ -13,6 +13,8 @@ const { makeError } = require("../errors");
 const { normalizeHex, strip0x, arrayify, bytesToHex, utf8ToBytes, bytesToUtf8 } = require("../internal/hex");
 const { id } = require("../utils/hashing");
+const MAX_ABI_DEPTH = 16;
 function _isArrayType(type) {
   return typeof type === "string" && type.endsWith("]");
 }
@@ -115,8 +117,8 @@ function _concat(parts) {
 function _u256ToWord(bi) {
   let x = bi;
   if (x < 0n) throw new Error("uint must be non-negative");
+  if (x >= (1n << 256n)) throw makeError("value exceeds uint256", "INVALID_ARGUMENT", { value: x.toString() });
   let hex = x.toString(16);
-  if (hex.length > 64) hex = hex.slice(-64);
   hex = hex.padStart(64, "0");
   return arrayify("0x" + hex);
 }
@@ -204,7 +206,8 @@ function _tupleValues(components, value) {
   return [];
 }
-function encodeTupleLike(params, values) {
+function encodeTupleLike(params, values, depth) {
+  if (depth == null) depth = 0;
   const ps = Array.isArray(params) ? params : [];
   const vs = Array.isArray(values) ? values : [];
@@ -221,19 +224,21 @@ function encodeTupleLike(params, values) {
     const p = ps[i];
     const v = vs[i];
     if (_isDynamicType(p)) {
-      const encTail = encodeParam(p, v);
+      const encTail = encodeParam(p, v, depth);
       headParts.push(_u256ToWord(BigInt(headSize + tailOffset)));
       tailParts.push(encTail);
       tailOffset += encTail.length;
     } else {
-      headParts.push(encodeParam(p, v));
+      headParts.push(encodeParam(p, v, depth));
     }
   }
   return _concat([...headParts, ...tailParts]);
 }
-function encodeParam(param, value) {
+function encodeParam(param, value, depth) {
+  if (depth == null) depth = 0;
+  if (depth > MAX_ABI_DEPTH) throw makeError("ABI encoding: maximum nesting depth exceeded", "INVALID_ARGUMENT", {});
   const type = String(param && param.type ? param.type : "");
   if (_isArrayType(type)) {
@@ -243,20 +248,19 @@ function encodeParam(param, value) {
     if (_isDynamicArray(type)) {
       const lenWord = _u256ToWord(BigInt(arr.length));
-      const elems = encodeTupleLike(Array.from({ length: arr.length }).map(() => innerParam), arr);
+      const elems = encodeTupleLike(Array.from({ length: arr.length }).map(() => innerParam), arr, depth + 1);
       return _concat([lenWord, elems]);
     }
-    // fixed array
     const n = _fixedArrayLength(type);
-    const elems = encodeTupleLike(Array.from({ length: n }).map(() => innerParam), arr.slice(0, n));
+    const elems = encodeTupleLike(Array.from({ length: n }).map(() => innerParam), arr.slice(0, n), depth + 1);
     return elems;
   }
   if (type === "tuple") {
     const comps = Array.isArray(param.components) ? param.components : [];
     const vals = _tupleValues(comps, value);
-    return encodeTupleLike(comps, vals);
+    return encodeTupleLike(comps, vals, depth + 1);
   }
   if (_isUint(type)) {
@@ -358,10 +362,10 @@ function _decodeString(data, baseOffset) {
   return bytesToUtf8(out);
 }
-function decodeTupleLike(params, data, baseOffset) {
+function decodeTupleLike(params, data, baseOffset, depth) {
+  if (depth == null) depth = 0;
   const ps = Array.isArray(params) ? params : [];
-  // Compute head size for this tuple-like block.
   const headWords = ps.reduce((a, p) => a + (_isDynamicType(p) ? 1 : _staticWords(p)), 0);
   const headSize = headWords * 32;
@@ -373,20 +377,21 @@ function decodeTupleLike(params, data, baseOffset) {
     const p = ps[i];
     if (_isDynamicType(p)) {
       const rel = _readWordAsNumber(data, baseOffset + headOff);
-      values.push(decodeParam(p, data, baseOffset + rel));
+      values.push(decodeParam(p, data, baseOffset + rel, depth));
       headOff += 32;
     } else {
-      values.push(decodeParam(p, data, baseOffset + headOff));
+      values.push(decodeParam(p, data, baseOffset + headOff, depth));
       headOff += _staticWords(p) * 32;
     }
   }
-  // Ignore headSize; decodeParam consumes offsets itself.
   void headSize;
   return values;
 }
-function decodeParam(param, data, offset) {
+function decodeParam(param, data, offset, depth) {
+  if (depth == null) depth = 0;
+  if (depth > MAX_ABI_DEPTH) throw makeError("ABI decoding: maximum nesting depth exceeded", "INVALID_ARGUMENT", {});
   const type = String(param && param.type ? param.type : "");
   if (_isArrayType(type)) {
@@ -395,17 +400,17 @@ function decodeParam(param, data, offset) {
     if (_isDynamicArray(type)) {
       const len = _readWordAsNumber(data, offset);
-      const elems = decodeTupleLike(Array.from({ length: len }).map(() => innerParam), data, offset + 32);
+      const elems = decodeTupleLike(Array.from({ length: len }).map(() => innerParam), data, offset + 32, depth + 1);
       return elems;
     }
     const n = _fixedArrayLength(type);
-    return decodeTupleLike(Array.from({ length: n }).map(() => innerParam), data, offset);
+    return decodeTupleLike(Array.from({ length: n }).map(() => innerParam), data, offset, depth + 1);
   }
   if (type === "tuple") {
     const comps = Array.isArray(param.components) ? param.components : [];
-    const vals = decodeTupleLike(comps, data, offset);
+    const vals = decodeTupleLike(comps, data, offset, depth + 1);
     const out = {};
     for (let i = 0; i < comps.length; i++) {
       const c = comps[i];

package/src/constants.d.ts CHANGED Viewed

@@ -59,8 +59,3 @@ export const EtherSymbol: string;
  * @type {bigint}
  */
 export const N: bigint;
-/**
- * EIP-191 personal sign message prefix (ethers.js compatible).
- * @type {string}
- */
-export const MessagePrefix: string;

package/src/constants.js CHANGED Viewed

@@ -77,12 +77,6 @@ const EtherSymbol = "Ξ";
  */
 const N = 0n;
-/**
- * EIP-191 personal sign message prefix (ethers.js compatible).
- * @type {string}
- */
-const MessagePrefix = "\x19Ethereum Signed Message:\n";
 module.exports = {
   version,
   ZeroAddress,
@@ -96,6 +90,5 @@ module.exports = {
   WeiPerEther,
   EtherSymbol,
   N,
-  MessagePrefix,
 };

package/src/contract/contract-factory.js CHANGED Viewed

@@ -12,10 +12,16 @@ const { getCreateAddress } = require("../utils/address");
 function _requireInitialized() {
   // eslint-disable-next-line global-require
-  const { isInitialized } = require("../../config");
-  if (!isInitialized()) {
-    throw makeError("QuantumCoin SDK not initialized. Call Initialize() first.", "UNKNOWN_ERROR", { operation: "contract-factory" });
+  const { isInitialized, getInitializationPromise } = require("../../config");
+  if (isInitialized()) return;
+  if (getInitializationPromise() != null) {
+    throw makeError(
+      "QuantumCoin SDK is still initializing. Await the Initialize() promise before using SDK methods.",
+      "UNKNOWN_ERROR",
+      { operation: "requireInitialized" },
+    );
   }
+  throw makeError("QuantumCoin SDK not initialized. Call Initialize() first.", "UNKNOWN_ERROR", { operation: "contract-factory" });
 }
 class ContractFactory {

package/src/contract/contract.js CHANGED Viewed

@@ -10,10 +10,16 @@ const { normalizeHex } = require("../internal/hex");
 function _requireInitialized() {
   // eslint-disable-next-line global-require
-  const { isInitialized } = require("../../config");
-  if (!isInitialized()) {
-    throw makeError("QuantumCoin SDK not initialized. Call Initialize() first.", "UNKNOWN_ERROR", { operation: "contract" });
+  const { isInitialized, getInitializationPromise } = require("../../config");
+  if (isInitialized()) return;
+  if (getInitializationPromise() != null) {
+    throw makeError(
+      "QuantumCoin SDK is still initializing. Await the Initialize() promise before using SDK methods.",
+      "UNKNOWN_ERROR",
+      { operation: "requireInitialized" },
+    );
   }
+  throw makeError("QuantumCoin SDK not initialized. Call Initialize() first.", "UNKNOWN_ERROR", { operation: "contract" });
 }
 function _isProvider(obj) {

package/src/errors/index.js CHANGED Viewed

@@ -124,6 +124,17 @@ function assertArgument(check, message, name, value) {
   assert(check, message, "INVALID_ARGUMENT", { argument: name, value });
 }
+/**
+ * Assert an argument constraint for sensitive material (keys, seeds, passwords).
+ * Uses "[REDACTED]" instead of the actual value to prevent leaking secrets in logs.
+ * @param {any} check
+ * @param {string} message
+ * @param {string} name
+ */
+function assertSecretArgument(check, message, name) {
+  assert(check, message, "INVALID_ARGUMENT", { argument: name, value: "[REDACTED]" });
+}
 /**
  * Provider error.
  */
@@ -181,6 +192,7 @@ module.exports = {
   makeError,
   assert,
   assertArgument,
+  assertSecretArgument,
   ProviderError,
   TransactionError,
   ContractError,

package/src/index.d.ts CHANGED Viewed

@@ -23,7 +23,6 @@ declare const _exports: {
     encodeRlp(value: any): string;
     decodeRlp(data: string): any;
     keccak256(data: string | Uint8Array): string;
-    hashMessage(message: string | Uint8Array): string;
     sha256(data: string | Uint8Array): string;
     sha512(data: string | Uint8Array): string;
     ripemd160(data: string | Uint8Array): string;
@@ -70,8 +69,6 @@ declare const _exports: {
     }): string;
     getCreate2Address(from: string, salt: string, initCodeHash: string): string;
     computeAddress(key: string | Uint8Array): string;
-    verifyMessage(message: string | Uint8Array, signature: string): string;
-    recoverAddress(message: string | Uint8Array, signature: string): string;
     Interface: typeof import("./abi/interface").Interface;
     AbiCoder: typeof import("./abi/interface").AbiCoder;
     Fragment: typeof import("./abi/fragments").Fragment;

package/src/providers/extra-providers.js CHANGED Viewed

@@ -12,8 +12,12 @@ const net = require("node:net");
 const { JsonRpcSigner } = require("../wallet/wallet");
 const { normalizeHex, isHexString } = require("../internal/hex");
-let _wsRpcId = 1;
-let _ipcRpcId = 1;
+const MAX_RESPONSE_SIZE = 16 * 1024 * 1024;
+const MAX_IPC_BUFFER = 16 * 1024 * 1024;
+function _bigIntReplacer(_key, value) {
+  return typeof value === "bigint" ? "0x" + value.toString(16) : value;
+}
 /**
  * Extract the first complete JSON object from a stream buffer.
@@ -85,6 +89,7 @@ class WebSocketProvider extends AbstractProvider {
     }
     this.url = url.trim();
     this.chainId = chainId == null ? 123123 : chainId;
+    this._wsRpcId = 1;
     /** @type {any|null} */
     this._ws = null;
@@ -168,6 +173,7 @@ class WebSocketProvider extends AbstractProvider {
       const onMessage = (event) => {
         const data = event && event.data != null ? event.data : "";
         const text = typeof data === "string" ? data : data.toString();
+        if (text.length > MAX_RESPONSE_SIZE) return;
         let msg;
         try {
           msg = JSON.parse(text);
@@ -224,8 +230,8 @@ class WebSocketProvider extends AbstractProvider {
       throw makeError("WebSocket not connected", "UNKNOWN_ERROR", { url: this.url, method });
     }
-    const id = _wsRpcId++;
-    const body = JSON.stringify({ jsonrpc: "2.0", id, method, params: params || [] });
+    const id = this._wsRpcId++;
+    const body = JSON.stringify({ jsonrpc: "2.0", id, method, params: params || [] }, _bigIntReplacer);
     return new Promise((resolve, reject) => {
       const timer = setTimeout(() => {
@@ -267,6 +273,7 @@ class IpcSocketProvider extends AbstractProvider {
       throw makeError("missing IPC path", "INVALID_ARGUMENT", { path });
     }
     this.path = path;
+    this._ipcRpcId = 1;
   }
   /**
@@ -275,14 +282,14 @@ class IpcSocketProvider extends AbstractProvider {
    * @returns {Promise<any>}
    */
   async _perform(method, params) {
-    const id = _ipcRpcId++;
+    const id = this._ipcRpcId++;
     const body =
       JSON.stringify({
         jsonrpc: "2.0",
         id,
         method,
         params: params || [],
-      }) + "\n";
+      }, _bigIntReplacer) + "\n";
     return new Promise((resolve, reject) => {
       /** @type {boolean} */
@@ -337,6 +344,13 @@ class IpcSocketProvider extends AbstractProvider {
       socket.on("data", (chunk) => {
         buffer += String(chunk);
+        if (buffer.length > MAX_IPC_BUFFER) {
+          finish(makeError("IPC response too large", "UNKNOWN_ERROR", {
+            method, path: this.path, size: buffer.length, limit: MAX_IPC_BUFFER,
+          }));
+          return;
+        }
         // Fast path: newline-delimited JSON responses.
         while (buffer.includes("\n")) {
           const idx = buffer.indexOf("\n");

package/src/providers/json-rpc-provider.js CHANGED Viewed

@@ -6,7 +6,11 @@ const { AbstractProvider } = require("./provider");
 const { makeError } = require("../errors");
 const { Config, getConfig, isInitialized } = require("../../config");
-let _rpcId = 1;
+const MAX_RESPONSE_SIZE = 16 * 1024 * 1024;
+function _bigIntReplacer(_key, value) {
+  return typeof value === "bigint" ? "0x" + value.toString(16) : value;
+}
 class JsonRpcProvider extends AbstractProvider {
   /**
@@ -15,11 +19,11 @@ class JsonRpcProvider extends AbstractProvider {
    */
   constructor(url, chainId) {
     super();
-    // If not provided, attempt to use initialized config.js defaults.
     const active = isInitialized() ? getConfig() : null;
     const cfg = active || new Config();
     this.url = url || cfg.rpcEndpoint;
     this.chainId = chainId == null ? cfg.chainId : chainId;
+    this._rpcId = 1;
   }
   /**
@@ -29,13 +33,13 @@ class JsonRpcProvider extends AbstractProvider {
    * @returns {Promise<any>}
    */
   async _perform(method, params) {
-    const id = _rpcId++;
+    const id = this._rpcId++;
     const body = JSON.stringify({
       jsonrpc: "2.0",
       id,
       method,
       params: params || [],
-    });
+    }, _bigIntReplacer);
     const controller = new AbortController();
     const timeout = setTimeout(() => controller.abort(), 30_000);
@@ -46,7 +50,13 @@ class JsonRpcProvider extends AbstractProvider {
         body,
         signal: controller.signal,
       });
-      const json = await resp.json().catch(() => null);
+      const text = await resp.text().catch(() => null);
+      if (text && text.length > MAX_RESPONSE_SIZE) {
+        throw makeError("JSON-RPC response too large", "UNKNOWN_ERROR", {
+          method, url: this.url, size: text.length, limit: MAX_RESPONSE_SIZE,
+        });
+      }
+      const json = text ? (() => { try { return JSON.parse(text); } catch { return null; } })() : null;
       if (!resp.ok) {
         throw makeError("JSON-RPC HTTP error", "UNKNOWN_ERROR", {
           status: resp.status,

package/src/providers/provider.d.ts CHANGED Viewed

@@ -5,7 +5,6 @@ export type TransactionRequest = {
     value?: (bigint | string | number) | undefined;
     data?: string | undefined;
     gasLimit?: (bigint | string | number) | undefined;
-    gasPrice?: (bigint | string | number) | undefined;
     nonce?: number | undefined;
     chainId?: number | undefined;
     /**
@@ -149,7 +148,6 @@ export class TransactionResponse {
     data: any;
     value: any;
     gasLimit: any;
-    gasPrice: any;
     chainId: number;
     blockNumber: number;
     txType: number | null;

package/src/providers/provider.js CHANGED Viewed

@@ -20,7 +20,6 @@ const { normalizeHex, isHexString } = require("../internal/hex");
  * @property {bigint|string|number=} value
  * @property {string=} data
  * @property {bigint|string|number=} gasLimit
- * @property {bigint|string|number=} gasPrice
  * @property {number=} nonce
  * @property {number=} chainId
  * @property {string=} remarks Optional remark field (hex, max 32 bytes)
@@ -39,7 +38,7 @@ const { normalizeHex, isHexString } = require("../internal/hex");
 function _hexToBigInt(hex) {
   if (typeof hex === "bigint") return hex;
   if (typeof hex === "number") return BigInt(hex);
-  // JSON-RPC "quantity" values may be odd-length (e.g. "0x0", "0x1").
+  if (hex === "0x" || hex === "0X") return 0n;
   assertArgument(typeof hex === "string" && /^0x[0-9a-fA-F]+$/.test(hex), "invalid hex quantity", "hex", hex);
   return BigInt(hex);
 }
@@ -139,7 +138,6 @@ class TransactionResponse {
     this.data = tx.input || tx.data || "0x";
     this.value = tx.value != null ? _hexToBigInt(tx.value) : 0n;
     this.gasLimit = tx.gas != null ? _hexToBigInt(tx.gas) : null;
-    this.gasPrice = tx.gasPrice != null ? _hexToBigInt(tx.gasPrice) : null;
     this.chainId = tx.chainId != null ? _hexToNumber(tx.chainId) : null;
     this.blockNumber = tx.blockNumber != null ? _hexToNumber(tx.blockNumber) : null;
     this.txType = tx.type != null ? _hexToNumber(tx.type) : null;

package/src/utils/address.d.ts CHANGED Viewed

@@ -56,17 +56,3 @@ export function getCreate2Address(from: string, salt: string, initCodeHash: stri
  * @returns {string}
  */
 export function computeAddress(key: string | Uint8Array): string;
-/**
- * Verifies a message signature and recovers the address.
- * @param {string|Uint8Array} message
- * @param {string} signature Hex string signature
- * @returns {string}
- */
-export function verifyMessage(message: string | Uint8Array, signature: string): string;
-/**
- * Recovers the address from a message signature.
- * @param {string|Uint8Array} message
- * @param {string} signature Hex string signature
- * @returns {string}
- */
-export function recoverAddress(message: string | Uint8Array, signature: string): string;

package/src/utils/address.js CHANGED Viewed

@@ -8,18 +8,22 @@
 const qcsdk = require("quantum-coin-js-sdk");
 const { assertArgument, makeError } = require("../errors");
 const { arrayify, bytesToHex, hexToBytes, isHexString, normalizeHex } = require("../internal/hex");
-const { hashMessage } = require("./hashing");
 function _requireInitialized() {
-  // The spec requires Initialize() to be called before using the SDK.
-  // config.js tracks initialization state for this package.
   // eslint-disable-next-line global-require
-  const { isInitialized } = require("../../config");
-  if (!isInitialized()) {
-    throw makeError("QuantumCoin SDK not initialized. Call Initialize() first.", "UNKNOWN_ERROR", {
-      operation: "address-utils",
-    });
+  const { isInitialized, getInitializationPromise } = require("../../config");
+  if (isInitialized()) return;
+  if (getInitializationPromise() != null) {
+    throw makeError(
+      "QuantumCoin SDK is still initializing. Await the Initialize() promise before using SDK methods.",
+      "UNKNOWN_ERROR",
+      { operation: "requireInitialized" },
+    );
   }
+  throw makeError("QuantumCoin SDK not initialized. Call Initialize() first.", "UNKNOWN_ERROR", {
+    operation: "address-utils",
+  });
 }
 /**
@@ -127,45 +131,6 @@ function computeAddress(key) {
   return normalizeHex(out);
 }
-function _digestMessage(message) {
-  const digestHex = hashMessage(message);
-  const digest = Array.from(hexToBytes(digestHex));
-  assertArgument(digest.length === 32, "invalid digest length", "digest", digest.length);
-  return digest;
-}
-function _signatureToBytes(signature) {
-  assertArgument(typeof signature === "string", "signature must be a hex string", "signature", signature);
-  assertArgument(isHexString(signature), "invalid signature hex", "signature", signature);
-  return Array.from(hexToBytes(signature));
-}
-/**
- * Verifies a message signature and recovers the address.
- * @param {string|Uint8Array} message
- * @param {string} signature Hex string signature
- * @returns {string}
- */
-function verifyMessage(message, signature) {
-  return recoverAddress(message, signature);
-}
-/**
- * Recovers the address from a message signature.
- * @param {string|Uint8Array} message
- * @param {string} signature Hex string signature
- * @returns {string}
- */
-function recoverAddress(message, signature) {
-  _requireInitialized();
-  const digest = _digestMessage(message);
-  const sigBytes = _signatureToBytes(signature);
-  const pubHex = qcsdk.publicKeyFromSignature(digest, sigBytes);
-  if (typeof pubHex !== "string") throw makeError("publicKeyFromSignature failed", "UNKNOWN_ERROR", {});
-  const addr = computeAddress(pubHex);
-  return addr;
-}
 module.exports = {
   isAddress,
   getAddress,
@@ -175,7 +140,5 @@ module.exports = {
   getCreateAddress,
   getCreate2Address,
   computeAddress,
-  verifyMessage,
-  recoverAddress,
 };

package/src/utils/hashing.d.ts CHANGED Viewed

@@ -4,12 +4,6 @@
  * @returns {string}
  */
 export function keccak256(data: string | Uint8Array): string;
-/**
- * EIP-191 personal-sign message digest (ethers.js hashMessage pattern).
- * @param {string|Uint8Array} message
- * @returns {string}
- */
-export function hashMessage(message: string | Uint8Array): string;
 /**
  * sha256 hash of BytesLike.
  * @param {string|Uint8Array} data