shogun-core 3.3.7 → 4.0.0

package/dist/types/plugins/zkproof/zkCredentials.d.ts

@@ -0,0 +1,112 @@
+import { Identity } from "@semaphore-protocol/identity";
+/**
+ * Types of verifiable credentials
+ */
+export declare enum CredentialType {
+    AGE = "age",
+    CITIZENSHIP = "citizenship",
+    EDUCATION = "education",
+    INCOME = "income",
+    EMPLOYMENT = "employment",
+    HEALTH = "health",
+    CUSTOM = "custom"
+}
+/**
+ * Credential claim data
+ */
+export interface CredentialClaim {
+    /** Type of credential */
+    type: CredentialType;
+    /** Public claim statement */
+    claim: string;
+    /** Private data that proves the claim */
+    privateData: Record<string, any>;
+    /** Issuer of the credential (optional) */
+    issuer?: string;
+    /** Expiration timestamp (optional) */
+    expiresAt?: number;
+}
+/**
+ * Verifiable credential proof
+ */
+export interface VerifiableCredentialProof {
+    /** Type of credential being proved */
+    type: CredentialType;
+    /** Public claim statement */
+    claim: string;
+    /** ZK proof data */
+    proof: {
+        merkleTreeRoot: string;
+        nullifierHash: string;
+        signal: string;
+        externalNullifier: string;
+        proof: string[];
+    };
+    /** Credential hash (for verification) */
+    credentialHash: string;
+    /** Timestamp when proof was generated */
+    timestamp: number;
+}
+/**
+ * Credential verification result
+ */
+export interface CredentialVerificationResult {
+    verified: boolean;
+    type?: CredentialType;
+    claim?: string;
+    timestamp?: number;
+    error?: string;
+}
+/**
+ * ZK Credentials Manager
+ * Extends ZK-Proof functionality to support verifiable credentials
+ */
+export declare class ZkCredentials {
+    private groups;
+    /**
+     * Create a verifiable credential from private data
+     */
+    createCredential(identity: Identity, credentialData: CredentialClaim): {
+        credential: VerifiableCredentialProof;
+        credentialHash: string;
+    };
+    /**
+     * Prove an attribute about yourself without revealing the underlying data
+     */
+    proveAttribute(identity: Identity, credentialData: CredentialClaim, groupId?: string): Promise<VerifiableCredentialProof>;
+    /**
+     * Verify a credential proof
+     */
+    verifyCredential(proof: VerifiableCredentialProof, treeDepth?: number): Promise<CredentialVerificationResult>;
+    /**
+     * Create a group for credential holders
+     */
+    private getOrCreateGroup;
+    /**
+     * Add an identity to a credentials group
+     */
+    addToCredentialGroup(identity: Identity, groupId?: string): void;
+    /**
+     * Common credential proofs
+     */
+    /**
+     * Prove age without revealing exact birthdate
+     */
+    proveAge(identity: Identity, birthDate: Date, minimumAge: number): Promise<VerifiableCredentialProof>;
+    /**
+     * Prove citizenship without revealing country
+     */
+    proveCitizenship(identity: Identity, country: string, region?: string): Promise<VerifiableCredentialProof>;
+    /**
+     * Prove education without revealing institution
+     */
+    proveEducation(identity: Identity, degree: string, university: string, year: number): Promise<VerifiableCredentialProof>;
+    /**
+     * Prove income range without revealing exact amount
+     */
+    proveIncome(identity: Identity, amount: number, minimumRequired: number, currency?: string): Promise<VerifiableCredentialProof>;
+    /**
+     * Cleanup resources
+     */
+    cleanup(): void;
+}

package/dist/types/plugins/zkproof/zkProofConnector.d.ts

@@ -0,0 +1,46 @@
+import { ISEAPair } from "gun";
+import { ZkIdentityData, ZkProofGenerationOptions, ZkProofVerificationResult, ZkProofCredential, SemaphoreProof } from "./types";
+/**
+ * Connector for ZK-Proof operations using Semaphore protocol
+ */
+export declare class ZkProofConnector {
+    private identityCache;
+    private credentialCache;
+    private groups;
+    /**
+     * Generate a new Semaphore identity
+     */
+    generateIdentity(seed?: string): Promise<ZkIdentityData>;
+    /**
+     * Restore identity from trapdoor
+     */
+    restoreIdentity(trapdoor: string): Promise<ZkIdentityData>;
+    /**
+     * Generate Gun credentials from ZK identity
+     */
+    generateCredentials(identityData: ZkIdentityData): Promise<ISEAPair>;
+    /**
+     * Get or create a Semaphore group
+     */
+    private getOrCreateGroup;
+    /**
+     * Add identity to a group
+     */
+    addToGroup(commitment: string, groupId?: string): void;
+    /**
+     * Generate a Semaphore proof
+     */
+    generateProof(identityData: ZkIdentityData, options?: ZkProofGenerationOptions): Promise<SemaphoreProof>;
+    /**
+     * Verify a Semaphore proof
+     */
+    verifyProof(proof: SemaphoreProof, treeDepth?: number): Promise<ZkProofVerificationResult>;
+    /**
+     * Get cached credential by commitment
+     */
+    getCredential(commitment: string): ZkProofCredential | undefined;
+    /**
+     * Clear all caches
+     */
+    cleanup(): void;
+}

package/dist/types/plugins/zkproof/zkProofPlugin.d.ts

@@ -0,0 +1,76 @@
+import { BasePlugin } from "../base";
+import { ShogunCore } from "../../core";
+import { ZkIdentityData, ZkProofPluginInterface, ZkProofGenerationOptions, ZkProofVerificationResult, ZkProofConfig } from "./types";
+import { AuthResult, SignUpResult, PluginCategory } from "../../interfaces/shogun";
+import { ISEAPair } from "gun";
+/**
+ * Plugin for Zero-Knowledge Proof authentication using Semaphore protocol
+ *
+ * Features:
+ * - Anonymous authentication with ZK proofs
+ * - Multi-device support via trapdoor backup
+ * - Privacy-preserving identity management
+ * - Compatible with Gun decentralized storage
+ */
+export declare class ZkProofPlugin extends BasePlugin implements ZkProofPluginInterface {
+    name: string;
+    version: string;
+    description: string;
+    _category: PluginCategory;
+    private connector;
+    private config;
+    constructor(config?: ZkProofConfig);
+    /**
+     * Initialize the plugin
+     */
+    initialize(core: ShogunCore): void;
+    /**
+     * Clean up resources
+     */
+    destroy(): void;
+    /**
+     * Ensure connector is initialized
+     */
+    private assertConnector;
+    /**
+     * Generate a new ZK identity
+     */
+    generateIdentity(seed?: string): Promise<ZkIdentityData>;
+    /**
+     * Restore identity from trapdoor/seed phrase
+     */
+    restoreIdentity(trapdoor: string): Promise<ZkIdentityData>;
+    /**
+     * Generate credentials for Gun authentication
+     */
+    generateCredentials(identityData: ZkIdentityData): Promise<ISEAPair>;
+    /**
+     * Generate a zero-knowledge proof
+     */
+    generateProof(identityData: ZkIdentityData, options?: ZkProofGenerationOptions): Promise<any>;
+    /**
+     * Verify a zero-knowledge proof
+     */
+    verifyProof(proof: any, treeDepth?: number): Promise<ZkProofVerificationResult>;
+    /**
+     * Add identity to a group
+     */
+    addToGroup(commitment: string, groupId?: string): void;
+    /**
+     * Login with ZK proof
+     * @param trapdoor - User's trapdoor/seed phrase
+     * @returns Authentication result
+     */
+    login(trapdoor: string): Promise<AuthResult>;
+    /**
+     * Sign up with new ZK identity
+     * @param seed - Optional seed for deterministic generation
+     * @returns Authentication result with trapdoor for backup
+     */
+    signUp(seed?: string): Promise<SignUpResult>;
+    /**
+     * Check if ZK-Proof is available
+     */
+    isAvailable(): boolean;
+}
+export type { ZkProofPluginInterface } from "./types";

package/dist/types/utils/seedPhrase.d.ts

@@ -0,0 +1,50 @@
+/**
+ * Seed Phrase Utilities for Multi-Device Authentication
+ * Provides BIP39-compatible seed phrase generation and validation
+ */
+/**
+ * Generate a new 12-word BIP39 mnemonic seed phrase
+ * @returns {string} 12-word mnemonic seed phrase
+ */
+export declare function generateSeedPhrase(): string;
+/**
+ * Validate a BIP39 mnemonic seed phrase
+ * @param {string} mnemonic - The seed phrase to validate
+ * @returns {boolean} True if valid, false otherwise
+ */
+export declare function validateSeedPhrase(mnemonic: string): boolean;
+/**
+ * Derive a deterministic seed from mnemonic and username
+ * @param {string} mnemonic - The BIP39 mnemonic seed phrase
+ * @param {string} username - Username to include in derivation
+ * @returns {Uint8Array} 64-byte seed for key derivation
+ */
+export declare function mnemonicToSeed(mnemonic: string, username: string): Uint8Array;
+/**
+ * Convert seed to deterministic password for GunDB
+ * @param {Uint8Array} seed - The seed from mnemonic
+ * @returns {string} Hex-encoded password
+ */
+export declare function seedToPassword(seed: Uint8Array): string;
+/**
+ * Derive GunDB credentials from mnemonic
+ * @param {string} mnemonic - The BIP39 mnemonic
+ * @param {string} username - Username for derivation
+ * @returns {{password: string; seed: Uint8Array}} Credentials for GunDB
+ */
+export declare function deriveCredentialsFromMnemonic(mnemonic: string, username: string): {
+    password: string;
+    seed: Uint8Array;
+};
+/**
+ * Format seed phrase for display (with word numbers)
+ * @param {string} mnemonic - The seed phrase
+ * @returns {string} Formatted seed phrase with numbers
+ */
+export declare function formatSeedPhrase(mnemonic: string): string;
+/**
+ * Normalize and clean user input for seed phrase
+ * @param {string} input - User-provided seed phrase
+ * @returns {string} Normalized seed phrase
+ */
+export declare function normalizeSeedPhrase(input: string): string;

package/dist/types/utils/validation.d.ts

@@ -1,4 +1,3 @@
-import { OAuthProvider } from "../plugins/oauth/types";
 /**
  * Valida uno username secondo le regole comuni
  */
@@ -9,8 +8,9 @@ export declare function validateUsername(username: string): boolean;
 export declare function validateEmail(email: string): boolean;
 /**
  * Valida un provider OAuth supportato
+ * @deprecated OAuth has been removed from Shogun Core
  */
-export declare function validateProvider(provider: string): provider is OAuthProvider;
+export declare function validateProvider(provider: string): boolean;
 /**
  * Genera uno username uniforme a partire da provider e userInfo
  * Esempio: google_utente, github_12345, nostr_pubkey, web3_0xabc...

package/dist/utils/seedPhrase.js

@@ -0,0 +1,97 @@
+"use strict";
+/**
+ * Seed Phrase Utilities for Multi-Device Authentication
+ * Provides BIP39-compatible seed phrase generation and validation
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.generateSeedPhrase = generateSeedPhrase;
+exports.validateSeedPhrase = validateSeedPhrase;
+exports.mnemonicToSeed = mnemonicToSeed;
+exports.seedToPassword = seedToPassword;
+exports.deriveCredentialsFromMnemonic = deriveCredentialsFromMnemonic;
+exports.formatSeedPhrase = formatSeedPhrase;
+exports.normalizeSeedPhrase = normalizeSeedPhrase;
+const bip39_1 = require("@scure/bip39");
+const english_1 = require("@scure/bip39/wordlists/english");
+const sha256_1 = require("@noble/hashes/sha256");
+const utils_1 = require("@noble/hashes/utils");
+/**
+ * Generate a new 12-word BIP39 mnemonic seed phrase
+ * @returns {string} 12-word mnemonic seed phrase
+ */
+function generateSeedPhrase() {
+    return (0, bip39_1.generateMnemonic)(english_1.wordlist, 128); // 128 bits = 12 words
+}
+/**
+ * Validate a BIP39 mnemonic seed phrase
+ * @param {string} mnemonic - The seed phrase to validate
+ * @returns {boolean} True if valid, false otherwise
+ */
+function validateSeedPhrase(mnemonic) {
+    try {
+        return (0, bip39_1.validateMnemonic)(mnemonic, english_1.wordlist);
+    }
+    catch (error) {
+        return false;
+    }
+}
+/**
+ * Derive a deterministic seed from mnemonic and username
+ * @param {string} mnemonic - The BIP39 mnemonic seed phrase
+ * @param {string} username - Username to include in derivation
+ * @returns {Uint8Array} 64-byte seed for key derivation
+ */
+function mnemonicToSeed(mnemonic, username) {
+    if (!validateSeedPhrase(mnemonic)) {
+        throw new Error("Invalid mnemonic seed phrase");
+    }
+    // Use username as additional entropy in the passphrase
+    // This ensures different users with same seed phrase get different keys
+    const passphrase = `shogun-${username}`;
+    return (0, bip39_1.mnemonicToSeedSync)(mnemonic, passphrase);
+}
+/**
+ * Convert seed to deterministic password for GunDB
+ * @param {Uint8Array} seed - The seed from mnemonic
+ * @returns {string} Hex-encoded password
+ */
+function seedToPassword(seed) {
+    // Hash the seed to create a deterministic password
+    const hash = (0, sha256_1.sha256)(seed);
+    return (0, utils_1.bytesToHex)(hash);
+}
+/**
+ * Derive GunDB credentials from mnemonic
+ * @param {string} mnemonic - The BIP39 mnemonic
+ * @param {string} username - Username for derivation
+ * @returns {{password: string; seed: Uint8Array}} Credentials for GunDB
+ */
+function deriveCredentialsFromMnemonic(mnemonic, username) {
+    const seed = mnemonicToSeed(mnemonic, username);
+    const password = seedToPassword(seed);
+    return {
+        password,
+        seed,
+    };
+}
+/**
+ * Format seed phrase for display (with word numbers)
+ * @param {string} mnemonic - The seed phrase
+ * @returns {string} Formatted seed phrase with numbers
+ */
+function formatSeedPhrase(mnemonic) {
+    const words = mnemonic.split(" ");
+    return words.map((word, index) => `${index + 1}. ${word}`).join("\n");
+}
+/**
+ * Normalize and clean user input for seed phrase
+ * @param {string} input - User-provided seed phrase
+ * @returns {string} Normalized seed phrase
+ */
+function normalizeSeedPhrase(input) {
+    return input
+        .toLowerCase()
+        .trim()
+        .replace(/\s+/g, " ") // Replace multiple spaces with single space
+        .replace(/[^\w\s]/g, ""); // Remove special characters
+}

package/dist/utils/validation.js

@@ -30,9 +30,11 @@ function validateEmail(email) {
 }
 /**
  * Valida un provider OAuth supportato
+ * @deprecated OAuth has been removed from Shogun Core
  */
 function validateProvider(provider) {
-    return ["google", "github", "discord", "twitter", "custom"].includes(provider);
+    console.warn("[validation] OAuth has been removed from Shogun Core");
+    return false;
 }
 // --- GENERAZIONE USERNAME ---
 /**

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "shogun-core",
-  "version": "3.3.7",
+  "version": "4.0.0",
   "description": "SHOGUN CORE - Core library for Shogun Ecosystem",
   "main": "./dist/index.js",
   "module": "./dist/index.js",
@@ -32,6 +32,9 @@
     "format": "prettier --write \"src/**/*.ts\"",
     "docs": "yarn typedoc --options typedoc.json",
     "prebuild": "rimraf dist",
+    "setup:zkproof": "node scripts/setup-zkproof.js",
+    "zkproof:example": "yarn build && yarn tsx src/examples/zkproof-example.ts",
+    "zkproof:credentials": "yarn build && yarn tsx src/examples/zkproof-credentials-example.ts",
     "test": "jest",
     "test:watch": "jest --watch",
     "test:coverage": "jest --coverage",
@@ -50,22 +53,22 @@
   "author": "Scobru",
   "license": "MIT",
   "dependencies": {
-    "@fluidkey/stealth-account-kit": "^1.1.0",
     "@noble/curves": "^1.9.1",
-    "@scure/bip32": "^2.0.1",
+    "@noble/hashes": "^1.5.0",
+    "@scure/bip39": "^1.5.0",
+    "@semaphore-protocol/group": "^3.15.0",
+    "@semaphore-protocol/identity": "^3.15.0",
+    "@semaphore-protocol/proof": "^3.15.0",
     "assert": "^2.1.0",
-    "base64url": "^3.0.1",
     "buffer": "^6.0.3",
     "constants-browserify": "^1.0.0",
     "crypto-browserify": "^3.12.0",
     "ethers": "^6.13.5",
     "gun": "git+https://github.com/amark/gun.git",
-    "keccak256": "^1.0.6",
+    "gun-relays": "git+https://github.com/scobru/shogun-relays.git",
     "nostr-tools": "^2.15.0",
-    "qs": "^6.14.0",
     "rxjs": "^7.8.2",
-    "ts-node": "^10.9.2",
-    "url": "^0.11.4",
+    "shogun-relays": "git+https://github.com/scobru/shogun-relays.git",
     "uuid": "^11.1.0",
     "vm-browserify": "^1.1.2"
   },
@@ -122,6 +125,9 @@
     "transform": {
       "^.+\\.ts$": "ts-jest"
     },
+    "transformIgnorePatterns": [
+      "node_modules/(?!(@zk-kit|@semaphore-protocol|ffjavascript)/)"
+    ],
     "collectCoverageFrom": [
       "src/**/*.ts",
       "!src/**/*.d.ts",