signet-protocol 0.1.0

package/dist/policies.d.ts

@@ -0,0 +1,22 @@
+import type { NostrEvent, UnsignedEvent, PolicyParams, PolicyCheckResult, ParsedPolicy, SignetTier } from './types.js';
+/** Build an unsigned policy event */
+export declare function buildPolicyEvent(operatorPubkey: string, params: PolicyParams): UnsignedEvent;
+/** Create and sign a community policy */
+export declare function createPolicy(operatorPrivateKey: string, params: PolicyParams): Promise<NostrEvent>;
+/** Parse a policy event into a structured object */
+export declare function parsePolicy(event: NostrEvent): ParsedPolicy | null;
+/** Check if a user meets a policy's requirements */
+export declare function checkPolicyCompliance(policy: ParsedPolicy, userTier: SignetTier, userScore: number, opts?: {
+    isChild?: boolean;
+    isModerator?: boolean;
+}): PolicyCheckResult;
+/** Policy checker that holds a policy and checks multiple users */
+export declare class PolicyChecker {
+    private policy;
+    constructor(policyEvent: NostrEvent);
+    getPolicy(): ParsedPolicy;
+    checkAdult(tier: SignetTier, score: number): PolicyCheckResult;
+    checkChild(tier: SignetTier, score: number): PolicyCheckResult;
+    checkModerator(tier: SignetTier, score: number): PolicyCheckResult;
+}
+//# sourceMappingURL=policies.d.ts.map

package/dist/policies.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"policies.d.ts","sourceRoot":"","sources":["../src/policies.ts"],"names":[],"mappings":"AAOA,OAAO,KAAK,EACV,UAAU,EACV,aAAa,EACb,YAAY,EACZ,iBAAiB,EACjB,YAAY,EACZ,UAAU,EAGX,MAAM,YAAY,CAAC;AAEpB,qCAAqC;AACrC,wBAAgB,gBAAgB,CAC9B,cAAc,EAAE,MAAM,EACtB,MAAM,EAAE,YAAY,GACnB,aAAa,CAqBf;AAED,yCAAyC;AACzC,wBAAsB,YAAY,CAChC,kBAAkB,EAAE,MAAM,EAC1B,MAAM,EAAE,YAAY,GACnB,OAAO,CAAC,UAAU,CAAC,CAIrB;AAED,oDAAoD;AACpD,wBAAgB,WAAW,CAAC,KAAK,EAAE,UAAU,GAAG,YAAY,GAAG,IAAI,CAyBlE;AAED,oDAAoD;AACpD,wBAAgB,qBAAqB,CACnC,MAAM,EAAE,YAAY,EACpB,QAAQ,EAAE,UAAU,EACpB,SAAS,EAAE,MAAM,EACjB,IAAI,GAAE;IACJ,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,WAAW,CAAC,EAAE,OAAO,CAAC;CAClB,GACL,iBAAiB,CAkCnB;AAED,mEAAmE;AACnE,qBAAa,aAAa;IACxB,OAAO,CAAC,MAAM,CAAe;gBAEjB,WAAW,EAAE,UAAU;IAMnC,SAAS,IAAI,YAAY;IAIzB,UAAU,CAAC,IAAI,EAAE,UAAU,EAAE,KAAK,EAAE,MAAM,GAAG,iBAAiB;IAI9D,UAAU,CAAC,IAAI,EAAE,UAAU,EAAE,KAAK,EAAE,MAAM,GAAG,iBAAiB;IAI9D,cAAc,CAAC,IAAI,EAAE,UAAU,EAAE,KAAK,EAAE,MAAM,GAAG,iBAAiB;CAGnE"}

package/dist/policies.js

@@ -0,0 +1,123 @@
+// Community Verification Policy (kind 30078, NIP-78)
+// Create policies and check compliance
+import { APP_DATA_KIND, DEFAULT_CRYPTO_ALGORITHM } from './constants.js';
+import { signEvent, getPublicKey } from './crypto.js';
+import { getTagValue } from './validation.js';
+import { SignetValidationError } from './errors.js';
+/** Build an unsigned policy event */
+export function buildPolicyEvent(operatorPubkey, params) {
+    const tags = [
+        ['d', `signet:policy:${params.communityId}`],
+        ['adult-min-tier', String(params.adultMinTier)],
+        ['child-min-tier', String(params.childMinTier)],
+        ['enforcement', params.enforcement],
+        ['algo', DEFAULT_CRYPTO_ALGORITHM],
+    ];
+    if (params.minScore !== undefined)
+        tags.push(['min-score', String(params.minScore)]);
+    if (params.modMinTier !== undefined)
+        tags.push(['mod-min-tier', String(params.modMinTier)]);
+    if (params.verifierBond !== undefined)
+        tags.push(['verifier-bond', String(params.verifierBond)]);
+    if (params.revocationThreshold !== undefined)
+        tags.push(['revocation-threshold', String(params.revocationThreshold)]);
+    return {
+        kind: APP_DATA_KIND,
+        pubkey: operatorPubkey,
+        created_at: Math.floor(Date.now() / 1000),
+        tags,
+        content: params.description || '',
+    };
+}
+/** Create and sign a community policy */
+export async function createPolicy(operatorPrivateKey, params) {
+    const pubkey = getPublicKey(operatorPrivateKey);
+    const event = buildPolicyEvent(pubkey, params);
+    return signEvent(event, operatorPrivateKey);
+}
+/** Parse a policy event into a structured object */
+export function parsePolicy(event) {
+    if (event.kind !== APP_DATA_KIND)
+        return null;
+    // NIP-78 policy events are identified by the signet:policy: d-tag prefix
+    const dTag = getTagValue(event, 'd') || '';
+    if (!dTag.startsWith('signet:policy:'))
+        return null;
+    const adultTier = getTagValue(event, 'adult-min-tier');
+    const childTier = getTagValue(event, 'child-min-tier');
+    const algorithm = (getTagValue(event, 'algo') || DEFAULT_CRYPTO_ALGORITHM);
+    // Strip 'signet:policy:' prefix from d-tag to get community ID
+    const communityId = dTag.slice('signet:policy:'.length);
+    return {
+        communityId,
+        adultMinTier: (() => { const t = adultTier ? parseInt(adultTier, 10) : NaN; return (!isNaN(t) && t >= 1 && t <= 4 ? t : 1); })(),
+        childMinTier: (() => { const t = childTier ? parseInt(childTier, 10) : NaN; return (!isNaN(t) && t >= 1 && t <= 4 ? t : 1); })(),
+        enforcement: (getTagValue(event, 'enforcement') || 'client'),
+        minScore: (() => { const s = getTagValue(event, 'min-score'); if (!s)
+            return undefined; const v = parseInt(s, 10); return isNaN(v) ? undefined : Math.max(0, Math.min(v, 200)); })(),
+        modMinTier: (() => { const s = getTagValue(event, 'mod-min-tier'); if (!s)
+            return undefined; const t = parseInt(s, 10); if (isNaN(t) || t < 1 || t > 4)
+            return undefined; return t; })(),
+        verifierBond: (() => { const s = getTagValue(event, 'verifier-bond'); if (!s)
+            return undefined; const v = parseInt(s, 10); return isNaN(v) || v < 0 ? undefined : v; })(),
+        revocationThreshold: (() => { const s = getTagValue(event, 'revocation-threshold'); if (!s)
+            return undefined; const v = parseInt(s, 10); return isNaN(v) || v < 1 ? undefined : v; })(),
+        algorithm,
+    };
+}
+/** Check if a user meets a policy's requirements */
+export function checkPolicyCompliance(policy, userTier, userScore, opts = {}) {
+    const requiredTier = opts.isChild
+        ? policy.childMinTier
+        : opts.isModerator && policy.modMinTier
+            ? policy.modMinTier
+            : policy.adultMinTier;
+    if (userTier < requiredTier) {
+        return {
+            allowed: false,
+            reason: `Tier ${userTier} does not meet minimum tier ${requiredTier}`,
+            requiredTier,
+            actualTier: userTier,
+        };
+    }
+    if (policy.minScore !== undefined && userScore < policy.minScore) {
+        return {
+            allowed: false,
+            reason: `Score ${userScore} does not meet minimum score ${policy.minScore}`,
+            requiredTier,
+            actualTier: userTier,
+            requiredScore: policy.minScore,
+            actualScore: userScore,
+        };
+    }
+    return {
+        allowed: true,
+        requiredTier,
+        actualTier: userTier,
+        requiredScore: policy.minScore,
+        actualScore: userScore,
+    };
+}
+/** Policy checker that holds a policy and checks multiple users */
+export class PolicyChecker {
+    policy;
+    constructor(policyEvent) {
+        const parsed = parsePolicy(policyEvent);
+        if (!parsed)
+            throw new SignetValidationError('Invalid policy event');
+        this.policy = parsed;
+    }
+    getPolicy() {
+        return this.policy;
+    }
+    checkAdult(tier, score) {
+        return checkPolicyCompliance(this.policy, tier, score, { isChild: false });
+    }
+    checkChild(tier, score) {
+        return checkPolicyCompliance(this.policy, tier, score, { isChild: true });
+    }
+    checkModerator(tier, score) {
+        return checkPolicyCompliance(this.policy, tier, score, { isModerator: true });
+    }
+}
+//# sourceMappingURL=policies.js.map

package/dist/policies.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"policies.js","sourceRoot":"","sources":["../src/policies.ts"],"names":[],"mappings":"AAAA,qDAAqD;AACrD,uCAAuC;AAEvC,OAAO,EAAE,aAAa,EAAE,wBAAwB,EAAE,MAAM,gBAAgB,CAAC;AACzE,OAAO,EAAE,SAAS,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AACtD,OAAO,EAAE,WAAW,EAAE,MAAM,iBAAiB,CAAC;AAC9C,OAAO,EAAE,qBAAqB,EAAE,MAAM,aAAa,CAAC;AAYpD,qCAAqC;AACrC,MAAM,UAAU,gBAAgB,CAC9B,cAAsB,EACtB,MAAoB;IAEpB,MAAM,IAAI,GAAe;QACvB,CAAC,GAAG,EAAE,iBAAiB,MAAM,CAAC,WAAW,EAAE,CAAC;QAC5C,CAAC,gBAAgB,EAAE,MAAM,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;QAC/C,CAAC,gBAAgB,EAAE,MAAM,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;QAC/C,CAAC,aAAa,EAAE,MAAM,CAAC,WAAW,CAAC;QACnC,CAAC,MAAM,EAAE,wBAAwB,CAAC;KACnC,CAAC;IAEF,IAAI,MAAM,CAAC,QAAQ,KAAK,SAAS;QAAE,IAAI,CAAC,IAAI,CAAC,CAAC,WAAW,EAAE,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;IACrF,IAAI,MAAM,CAAC,UAAU,KAAK,SAAS;QAAE,IAAI,CAAC,IAAI,CAAC,CAAC,cAAc,EAAE,MAAM,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;IAC5F,IAAI,MAAM,CAAC,YAAY,KAAK,SAAS;QAAE,IAAI,CAAC,IAAI,CAAC,CAAC,eAAe,EAAE,MAAM,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;IACjG,IAAI,MAAM,CAAC,mBAAmB,KAAK,SAAS;QAAE,IAAI,CAAC,IAAI,CAAC,CAAC,sBAAsB,EAAE,MAAM,CAAC,MAAM,CAAC,mBAAmB,CAAC,CAAC,CAAC,CAAC;IAEtH,OAAO;QACL,IAAI,EAAE,aAAa;QACnB,MAAM,EAAE,cAAc;QACtB,UAAU,EAAE,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC;QACzC,IAAI;QACJ,OAAO,EAAE,MAAM,CAAC,WAAW,IAAI,EAAE;KAClC,CAAC;AACJ,CAAC;AAED,yCAAyC;AACzC,MAAM,CAAC,KAAK,UAAU,YAAY,CAChC,kBAA0B,EAC1B,MAAoB;IAEpB,MAAM,MAAM,GAAG,YAAY,CAAC,kBAAkB,CAAC,CAAC;IAChD,MAAM,KAAK,GAAG,gBAAgB,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC/C,OAAO,SAAS,CAAC,KAAK,EAAE,kBAAkB,CAAC,CAAC;AAC9C,CAAC;AAED,oDAAoD;AACpD,MAAM,UAAU,WAAW,CAAC,KAAiB;IAC3C,IAAI,KAAK,CAAC,IAAI,KAAK,aAAa;QAAE,OAAO,IAAI,CAAC;IAC9C,yEAAyE;IACzE,MAAM,IAAI,GAAG,WAAW,CAAC,KAAK,EAAE,GAAG,CAAC,IAAI,EAAE,CAAC;IAC3C,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,gBAAgB,CAAC;QAAE,OAAO,IAAI,CAAC;IAEpD,MAAM,SAAS,GAAG,WAAW,CAAC,KAAK,EAAE,gBAAgB,CAAC,CAAC;IACvD,MAAM,SAAS,GAAG,WAAW,CAAC,KAAK,EAAE,gBAAgB,CAAC,CAAC;IAEvD,MAAM,SAAS,GAAG,CAAC,WAAW,CAAC,KAAK,EAAE,MAAM,CAAC,IAAI,wBAAwB,CAAoB,CAAC;IAE9F,+DAA+D;IAC/D,MAAM,WAAW,GAAG,IAAI,CAAC,KAAK,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC;IAExD,OAAO;QACL,WAAW;QACX,YAAY,EAAE,CAAC,GAAG,EAAE,GAAG,MAAM,CAAC,GAAG,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,OAAO,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAe,CAAC,CAAC,CAAC,CAAC,EAAE;QAC9I,YAAY,EAAE,CAAC,GAAG,EAAE,GAAG,MAAM,CAAC,GAAG,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,OAAO,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAe,CAAC,CAAC,CAAC,CAAC,EAAE;QAC9I,WAAW,EAAE,CAAC,WAAW,CAAC,KAAK,EAAE,aAAa,CAAC,IAAI,QAAQ,CAAqB;QAChF,QAAQ,EAAE,CAAC,GAAG,EAAE,GAAG,MAAM,CAAC,GAAG,WAAW,CAAC,KAAK,EAAE,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;YAAE,OAAO,SAAS,CAAC,CAAC,MAAM,CAAC,GAAG,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE;QACpL,UAAU,EAAE,CAAC,GAAG,EAAE,GAAG,MAAM,CAAC,GAAG,WAAW,CAAC,KAAK,EAAE,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;YAAE,OAAO,SAAS,CAAC,CAAC,MAAM,CAAC,GAAG,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC;YAAE,OAAO,SAAS,CAAC,CAAC,OAAO,CAAe,CAAC,CAAC,CAAC,CAAC,EAAE;QACtM,YAAY,EAAE,CAAC,GAAG,EAAE,GAAG,MAAM,CAAC,GAAG,WAAW,CAAC,KAAK,EAAE,eAAe,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;YAAE,OAAO,SAAS,CAAC,CAAC,MAAM,CAAC,GAAG,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE;QACzK,mBAAmB,EAAE,CAAC,GAAG,EAAE,GAAG,MAAM,CAAC,GAAG,WAAW,CAAC,KAAK,EAAE,sBAAsB,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;YAAE,OAAO,SAAS,CAAC,CAAC,MAAM,CAAC,GAAG,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE;QACvL,SAAS;KACV,CAAC;AACJ,CAAC;AAED,oDAAoD;AACpD,MAAM,UAAU,qBAAqB,CACnC,MAAoB,EACpB,QAAoB,EACpB,SAAiB,EACjB,OAGI,EAAE;IAEN,MAAM,YAAY,GAAG,IAAI,CAAC,OAAO;QAC/B,CAAC,CAAC,MAAM,CAAC,YAAY;QACrB,CAAC,CAAC,IAAI,CAAC,WAAW,IAAI,MAAM,CAAC,UAAU;YACrC,CAAC,CAAC,MAAM,CAAC,UAAU;YACnB,CAAC,CAAC,MAAM,CAAC,YAAY,CAAC;IAE1B,IAAI,QAAQ,GAAG,YAAY,EAAE,CAAC;QAC5B,OAAO;YACL,OAAO,EAAE,KAAK;YACd,MAAM,EAAE,QAAQ,QAAQ,+BAA+B,YAAY,EAAE;YACrE,YAAY;YACZ,UAAU,EAAE,QAAQ;SACrB,CAAC;IACJ,CAAC;IAED,IAAI,MAAM,CAAC,QAAQ,KAAK,SAAS,IAAI,SAAS,GAAG,MAAM,CAAC,QAAQ,EAAE,CAAC;QACjE,OAAO;YACL,OAAO,EAAE,KAAK;YACd,MAAM,EAAE,SAAS,SAAS,gCAAgC,MAAM,CAAC,QAAQ,EAAE;YAC3E,YAAY;YACZ,UAAU,EAAE,QAAQ;YACpB,aAAa,EAAE,MAAM,CAAC,QAAQ;YAC9B,WAAW,EAAE,SAAS;SACvB,CAAC;IACJ,CAAC;IAED,OAAO;QACL,OAAO,EAAE,IAAI;QACb,YAAY;QACZ,UAAU,EAAE,QAAQ;QACpB,aAAa,EAAE,MAAM,CAAC,QAAQ;QAC9B,WAAW,EAAE,SAAS;KACvB,CAAC;AACJ,CAAC;AAED,mEAAmE;AACnE,MAAM,OAAO,aAAa;IAChB,MAAM,CAAe;IAE7B,YAAY,WAAuB;QACjC,MAAM,MAAM,GAAG,WAAW,CAAC,WAAW,CAAC,CAAC;QACxC,IAAI,CAAC,MAAM;YAAE,MAAM,IAAI,qBAAqB,CAAC,sBAAsB,CAAC,CAAC;QACrE,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;IACvB,CAAC;IAED,SAAS;QACP,OAAO,IAAI,CAAC,MAAM,CAAC;IACrB,CAAC;IAED,UAAU,CAAC,IAAgB,EAAE,KAAa;QACxC,OAAO,qBAAqB,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC,CAAC;IAC7E,CAAC;IAED,UAAU,CAAC,IAAgB,EAAE,KAAa;QACxC,OAAO,qBAAqB,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC;IAC5E,CAAC;IAED,cAAc,CAAC,IAAgB,EAAE,KAAa;QAC5C,OAAO,qBAAqB,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,WAAW,EAAE,IAAI,EAAE,CAAC,CAAC;IAChF,CAAC;CACF"}

package/dist/range-proof.d.ts

@@ -0,0 +1,6 @@
+import { commit, verifyCommitment, createRangeProof, createAgeRangeProof, serializeRangeProof, deserializeRangeProof, type PedersenCommitment, type RangeProof } from '@forgesworn/range-proof';
+export { commit, verifyCommitment, createRangeProof, createAgeRangeProof, serializeRangeProof, deserializeRangeProof };
+export type { PedersenCommitment, RangeProof };
+export declare function verifyRangeProof(proof: RangeProof, expectedMin: number, expectedMax: number, expectedBindingContext?: string): boolean;
+export declare function verifyAgeRangeProof(proof: RangeProof, expectedAgeRange: string, expectedSubjectPubkey?: string): boolean;
+//# sourceMappingURL=range-proof.d.ts.map

package/dist/range-proof.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"range-proof.d.ts","sourceRoot":"","sources":["../src/range-proof.ts"],"names":[],"mappings":"AAIA,OAAO,EACL,MAAM,EACN,gBAAgB,EAChB,gBAAgB,EAChB,mBAAmB,EACnB,mBAAmB,EACnB,qBAAqB,EACrB,KAAK,kBAAkB,EACvB,KAAK,UAAU,EAChB,MAAM,yBAAyB,CAAC;AA4BjC,OAAO,EAAE,MAAM,EAAE,gBAAgB,EAAE,gBAAgB,EAAE,mBAAmB,EAAE,mBAAmB,EAAE,qBAAqB,EAAE,CAAC;AACvH,YAAY,EAAE,kBAAkB,EAAE,UAAU,EAAE,CAAC;AAE/C,wBAAgB,gBAAgB,CAC9B,KAAK,EAAE,UAAU,EACjB,WAAW,EAAE,MAAM,EACnB,WAAW,EAAE,MAAM,EACnB,sBAAsB,CAAC,EAAE,MAAM,GAC9B,OAAO,CAMT;AAED,wBAAgB,mBAAmB,CACjC,KAAK,EAAE,UAAU,EACjB,gBAAgB,EAAE,MAAM,EACxB,qBAAqB,CAAC,EAAE,MAAM,GAC7B,OAAO,CAIT"}

package/dist/range-proof.js

@@ -0,0 +1,45 @@
+// Pedersen Commitments + Range Proofs — compatibility wrapper over @forgesworn/range-proof
+// Proves "value is in [min, max]" without revealing the exact value.
+// Used for Tier 4 age range proofs: "child aged 8-12" without revealing exact age.
+import { commit, verifyCommitment, createRangeProof, createAgeRangeProof, serializeRangeProof, deserializeRangeProof, } from '@forgesworn/range-proof';
+import { verifyRangeProof as verifyRangeProofUpstream, } from '@forgesworn/range-proof';
+function normalizeBindingContext(bindingContext) {
+    return bindingContext === '' ? undefined : bindingContext;
+}
+function parseAgeRange(ageRange) {
+    const digitsOnly = /^\d+$/;
+    if (ageRange.endsWith('+')) {
+        const minStr = ageRange.slice(0, -1);
+        if (!digitsOnly.test(minStr))
+            return null;
+        return { min: parseInt(minStr, 10), max: 150 };
+    }
+    const parts = ageRange.split('-');
+    if (parts.length !== 2)
+        return null;
+    if (!digitsOnly.test(parts[0]) || !digitsOnly.test(parts[1]))
+        return null;
+    return {
+        min: parseInt(parts[0], 10),
+        max: parseInt(parts[1], 10),
+    };
+}
+export { commit, verifyCommitment, createRangeProof, createAgeRangeProof, serializeRangeProof, deserializeRangeProof };
+export function verifyRangeProof(proof, expectedMin, expectedMax, expectedBindingContext) {
+    if (!Number.isSafeInteger(expectedMin) || !Number.isSafeInteger(expectedMax))
+        return false;
+    if (expectedMin < 0 || expectedMax < 0 || expectedMax < expectedMin)
+        return false;
+    if (proof.min !== expectedMin || proof.max !== expectedMax)
+        return false;
+    if (normalizeBindingContext(proof.context) !== normalizeBindingContext(expectedBindingContext))
+        return false;
+    return verifyRangeProofUpstream(proof, expectedMin, expectedMax, expectedBindingContext);
+}
+export function verifyAgeRangeProof(proof, expectedAgeRange, expectedSubjectPubkey) {
+    const parsed = parseAgeRange(expectedAgeRange);
+    if (!parsed)
+        return false;
+    return verifyRangeProof(proof, parsed.min, parsed.max, expectedSubjectPubkey);
+}
+//# sourceMappingURL=range-proof.js.map

package/dist/range-proof.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"range-proof.js","sourceRoot":"","sources":["../src/range-proof.ts"],"names":[],"mappings":"AAAA,2FAA2F;AAC3F,qEAAqE;AACrE,mFAAmF;AAEnF,OAAO,EACL,MAAM,EACN,gBAAgB,EAChB,gBAAgB,EAChB,mBAAmB,EACnB,mBAAmB,EACnB,qBAAqB,GAGtB,MAAM,yBAAyB,CAAC;AACjC,OAAO,EACL,gBAAgB,IAAI,wBAAwB,GAE7C,MAAM,yBAAyB,CAAC;AAEjC,SAAS,uBAAuB,CAAC,cAAuB;IACtD,OAAO,cAAc,KAAK,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,cAAc,CAAC;AAC5D,CAAC;AAED,SAAS,aAAa,CAAC,QAAgB;IACrC,MAAM,UAAU,GAAG,OAAO,CAAC;IAE3B,IAAI,QAAQ,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QAC3B,MAAM,MAAM,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;QACrC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC;YAAE,OAAO,IAAI,CAAC;QAC1C,OAAO,EAAE,GAAG,EAAE,QAAQ,CAAC,MAAM,EAAE,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC;IACjD,CAAC;IAED,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAClC,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC;IACpC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QAAE,OAAO,IAAI,CAAC;IAC1E,OAAO;QACL,GAAG,EAAE,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC;QAC3B,GAAG,EAAE,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC;KAC5B,CAAC;AACJ,CAAC;AAED,OAAO,EAAE,MAAM,EAAE,gBAAgB,EAAE,gBAAgB,EAAE,mBAAmB,EAAE,mBAAmB,EAAE,qBAAqB,EAAE,CAAC;AAGvH,MAAM,UAAU,gBAAgB,CAC9B,KAAiB,EACjB,WAAmB,EACnB,WAAmB,EACnB,sBAA+B;IAE/B,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,WAAW,CAAC,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,WAAW,CAAC;QAAE,OAAO,KAAK,CAAC;IAC3F,IAAI,WAAW,GAAG,CAAC,IAAI,WAAW,GAAG,CAAC,IAAI,WAAW,GAAG,WAAW;QAAE,OAAO,KAAK,CAAC;IAClF,IAAI,KAAK,CAAC,GAAG,KAAK,WAAW,IAAI,KAAK,CAAC,GAAG,KAAK,WAAW;QAAE,OAAO,KAAK,CAAC;IACzE,IAAI,uBAAuB,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,uBAAuB,CAAC,sBAAsB,CAAC;QAAE,OAAO,KAAK,CAAC;IAC7G,OAAO,wBAAwB,CAAC,KAAK,EAAE,WAAW,EAAE,WAAW,EAAE,sBAAsB,CAAC,CAAC;AAC3F,CAAC;AAED,MAAM,UAAU,mBAAmB,CACjC,KAAiB,EACjB,gBAAwB,EACxB,qBAA8B;IAE9B,MAAM,MAAM,GAAG,aAAa,CAAC,gBAAgB,CAAC,CAAC;IAC/C,IAAI,CAAC,MAAM;QAAE,OAAO,KAAK,CAAC;IAC1B,OAAO,gBAAgB,CAAC,KAAK,EAAE,MAAM,CAAC,GAAG,EAAE,MAAM,CAAC,GAAG,EAAE,qBAAqB,CAAC,CAAC;AAChF,CAAC"}

package/dist/relay.d.ts

@@ -0,0 +1,106 @@
+import type { NostrEvent } from './types.js';
+/** Nostr relay message types (relay → client) */
+export type RelayMessage = ['EVENT', string, NostrEvent] | ['OK', string, boolean, string] | ['EOSE', string] | ['NOTICE', string] | ['AUTH', string];
+/** Nostr subscription filter */
+export interface NostrFilter {
+    ids?: string[];
+    authors?: string[];
+    kinds?: number[];
+    '#d'?: string[];
+    '#p'?: string[];
+    '#L'?: string[];
+    '#l'?: string[];
+    since?: number;
+    until?: number;
+    limit?: number;
+}
+/** Subscription callback */
+export type SubscriptionCallback = (event: NostrEvent) => void;
+/** Relay connection state */
+export type RelayState = 'connecting' | 'connected' | 'disconnected' | 'error';
+/** Options for the relay client */
+export interface RelayOptions {
+    /** Private key for NIP-42 AUTH (hex) */
+    authPrivateKey?: string;
+    /** Connection timeout in ms (default: 5000) */
+    connectTimeout?: number;
+    /** Auto-reconnect on disconnect (default: true) */
+    autoReconnect?: boolean;
+    /** Reconnect delay in ms (default: 3000) */
+    reconnectDelay?: number;
+    /** Max reconnect attempts (default: 5) */
+    maxReconnectAttempts?: number;
+    /** Verify event signatures before delivering to callbacks (default: true).
+     *  Events that fail verification are silently dropped. */
+    verifyEvents?: boolean;
+    /** Callback for rejected events (signature or ID verification failed) */
+    onEventRejected?: (event: NostrEvent, reason: string) => void;
+}
+/**
+ * Nostr relay client with NIP-42 AUTH support.
+ * Handles publishing events, subscribing to filters, and authentication.
+ */
+export declare class RelayClient {
+    private url;
+    private options;
+    private ws;
+    private state;
+    private subscriptions;
+    private pendingPublishes;
+    private subCounter;
+    private reconnectAttempts;
+    private reconnectTimer;
+    private disconnectRequested;
+    private onStateChange?;
+    constructor(url: string, options?: RelayOptions);
+    /** Get current connection state */
+    getState(): RelayState;
+    /** Set a state change listener */
+    onStateChanged(callback: (state: RelayState) => void): void;
+    private setState;
+    /** Connect to the relay */
+    connect(): Promise<void>;
+    /** Disconnect from the relay */
+    disconnect(): void;
+    /** Publish an event to the relay */
+    publish(event: NostrEvent): Promise<{
+        ok: boolean;
+        message: string;
+    }>;
+    /**
+     * Subscribe to events matching the given filters.
+     * @returns Subscription ID (use to close the subscription)
+     */
+    subscribe(filters: NostrFilter[], onEvent: SubscriptionCallback, onEose?: () => void): string;
+    /** Close a subscription */
+    closeSubscription(subId: string): void;
+    /**
+     * Fetch events matching filters (returns after EOSE).
+     * Convenience method that subscribes, collects events, and closes.
+     */
+    fetch(filters: NostrFilter[], timeoutMs?: number): Promise<NostrEvent[]>;
+    private sendSubscription;
+    private handleMessage;
+    /** Handle NIP-42 AUTH challenge */
+    private handleAuth;
+    private handleReconnect;
+}
+/**
+ * Publish a Signet event to multiple relays.
+ *
+ * WARNING: Relay URLs are accepted as-is. Callers are responsible for
+ * validating that URLs come from trusted sources and do not encode credentials.
+ * The RelayClient constructor enforces wss:// for non-localhost connections.
+ */
+export declare function publishToRelays(event: NostrEvent, relayUrls: string[]): Promise<Map<string, {
+    ok: boolean;
+    message: string;
+}>>;
+/**
+ * Fetch Signet events from a relay by kind and optional filters.
+ *
+ * WARNING: Relay URL is accepted as-is. Callers are responsible for
+ * validating that URLs come from trusted sources and do not encode credentials.
+ */
+export declare function fetchFromRelay(relayUrl: string, filters: NostrFilter[]): Promise<NostrEvent[]>;
+//# sourceMappingURL=relay.d.ts.map

package/dist/relay.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"relay.d.ts","sourceRoot":"","sources":["../src/relay.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAE,UAAU,EAAiB,MAAM,YAAY,CAAC;AAU5D,iDAAiD;AACjD,MAAM,MAAM,YAAY,GACpB,CAAC,OAAO,EAAE,MAAM,EAAE,UAAU,CAAC,GAC7B,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,CAAC,GAC/B,CAAC,MAAM,EAAE,MAAM,CAAC,GAChB,CAAC,QAAQ,EAAE,MAAM,CAAC,GAClB,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;AAErB,gCAAgC;AAChC,MAAM,WAAW,WAAW;IAC1B,GAAG,CAAC,EAAE,MAAM,EAAE,CAAC;IACf,OAAO,CAAC,EAAE,MAAM,EAAE,CAAC;IACnB,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;IACjB,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC;IAChB,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC;IAChB,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC;IAChB,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC;IAChB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,4BAA4B;AAC5B,MAAM,MAAM,oBAAoB,GAAG,CAAC,KAAK,EAAE,UAAU,KAAK,IAAI,CAAC;AAE/D,6BAA6B;AAC7B,MAAM,MAAM,UAAU,GAAG,YAAY,GAAG,WAAW,GAAG,cAAc,GAAG,OAAO,CAAC;AAE/E,mCAAmC;AACnC,MAAM,WAAW,YAAY;IAC3B,wCAAwC;IACxC,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,+CAA+C;IAC/C,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,mDAAmD;IACnD,aAAa,CAAC,EAAE,OAAO,CAAC;IACxB,4CAA4C;IAC5C,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,0CAA0C;IAC1C,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B;8DAC0D;IAC1D,YAAY,CAAC,EAAE,OAAO,CAAC;IACvB,yEAAyE;IACzE,eAAe,CAAC,EAAE,CAAC,KAAK,EAAE,UAAU,EAAE,MAAM,EAAE,MAAM,KAAK,IAAI,CAAC;CAC/D;AAaD;;;GAGG;AACH,qBAAa,WAAW;IAYpB,OAAO,CAAC,GAAG;IACX,OAAO,CAAC,OAAO;IAZjB,OAAO,CAAC,EAAE,CAA0B;IACpC,OAAO,CAAC,KAAK,CAA8B;IAC3C,OAAO,CAAC,aAAa,CAA0C;IAC/D,OAAO,CAAC,gBAAgB,CAAqC;IAC7D,OAAO,CAAC,UAAU,CAAK;IACvB,OAAO,CAAC,iBAAiB,CAAK;IAC9B,OAAO,CAAC,cAAc,CAA8C;IACpE,OAAO,CAAC,mBAAmB,CAAS;IACpC,OAAO,CAAC,aAAa,CAAC,CAA8B;gBAG1C,GAAG,EAAE,MAAM,EACX,OAAO,GAAE,YAAiB;IAmBpC,mCAAmC;IACnC,QAAQ,IAAI,UAAU;IAItB,kCAAkC;IAClC,cAAc,CAAC,QAAQ,EAAE,CAAC,KAAK,EAAE,UAAU,KAAK,IAAI,GAAG,IAAI;IAI3D,OAAO,CAAC,QAAQ;IAKhB,2BAA2B;IAC3B,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC;IA8CxB,gCAAgC;IAChC,UAAU,IAAI,IAAI;IAkBlB,oCAAoC;IAC9B,OAAO,CAAC,KAAK,EAAE,UAAU,GAAG,OAAO,CAAC;QAAE,EAAE,EAAE,OAAO,CAAC;QAAC,OAAO,EAAE,MAAM,CAAA;KAAE,CAAC;IAmB3E;;;OAGG;IACH,SAAS,CACP,OAAO,EAAE,WAAW,EAAE,EACtB,OAAO,EAAE,oBAAoB,EAC7B,MAAM,CAAC,EAAE,MAAM,IAAI,GAClB,MAAM;IAgBT,2BAA2B;IAC3B,iBAAiB,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI;IAOtC;;;OAGG;IACH,KAAK,CAAC,OAAO,EAAE,WAAW,EAAE,EAAE,SAAS,GAAE,MAAc,GAAG,OAAO,CAAC,UAAU,EAAE,CAAC;IAyB/E,OAAO,CAAC,gBAAgB;IAMxB,OAAO,CAAC,aAAa;IA4ErB,mCAAmC;YACrB,UAAU;IAmBxB,OAAO,CAAC,eAAe;CAWxB;AAED;;;;;;GAMG;AACH,wBAAsB,eAAe,CACnC,KAAK,EAAE,UAAU,EACjB,SAAS,EAAE,MAAM,EAAE,GAClB,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE;IAAE,EAAE,EAAE,OAAO,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,CAAC,CAAC,CAkBxD;AAED;;;;;GAKG;AACH,wBAAsB,cAAc,CAClC,QAAQ,EAAE,MAAM,EAChB,OAAO,EAAE,WAAW,EAAE,GACrB,OAAO,CAAC,UAAU,EAAE,CAAC,CAQvB"}