npm - soulprint-network - Versions diffs - 0.1.0 - Mend

soulprint-network 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/dist/index.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export { startValidatorNode, submitToNode, getNodeInfo, BOOTSTRAP_NODES } from "./validator.js";
2	+ export type { NodeVerifyResult } from "./validator.js";

package/dist/index.js ADDED Viewed

@@ -0,0 +1,8 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.BOOTSTRAP_NODES = exports.getNodeInfo = exports.submitToNode = exports.startValidatorNode = void 0;
+var validator_js_1 = require("./validator.js");
+Object.defineProperty(exports, "startValidatorNode", { enumerable: true, get: function () { return validator_js_1.startValidatorNode; } });
+Object.defineProperty(exports, "submitToNode", { enumerable: true, get: function () { return validator_js_1.submitToNode; } });
+Object.defineProperty(exports, "getNodeInfo", { enumerable: true, get: function () { return validator_js_1.getNodeInfo; } });
+Object.defineProperty(exports, "BOOTSTRAP_NODES", { enumerable: true, get: function () { return validator_js_1.BOOTSTRAP_NODES; } });

package/dist/server.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ #!/usr/bin/env node
2	+ export {};

package/dist/server.js ADDED Viewed

@@ -0,0 +1,7 @@
+#!/usr/bin/env node
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+// Entrypoint del nodo validador — ejecutar con: node dist/server.js
+const validator_js_1 = require("./validator.js");
+const port = parseInt(process.env.SOULPRINT_PORT ?? "4888");
+(0, validator_js_1.startValidatorNode)(port);

package/dist/validator.d.ts ADDED Viewed

@@ -0,0 +1,12 @@
+import { IncomingMessage, ServerResponse } from "node:http";
+export declare function startValidatorNode(port?: number): import("http").Server<typeof IncomingMessage, typeof ServerResponse>;
+export interface NodeVerifyResult {
+    valid: boolean;
+    co_signature: string;
+    nullifier: string;
+    node_did: string;
+    anti_sybil: "new" | "existing";
+}
+export declare function submitToNode(nodeUrl: string, spt: string, zkProof: string): Promise<NodeVerifyResult>;
+export declare function getNodeInfo(nodeUrl: string): Promise<any>;
+export declare const BOOTSTRAP_NODES: string[];

package/dist/validator.js ADDED Viewed

@@ -0,0 +1,238 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.BOOTSTRAP_NODES = void 0;
+exports.startValidatorNode = startValidatorNode;
+exports.submitToNode = submitToNode;
+exports.getNodeInfo = getNodeInfo;
+const node_http_1 = require("node:http");
+const node_fs_1 = require("node:fs");
+const node_path_1 = require("node:path");
+const node_os_1 = require("node:os");
+const soulprint_core_1 = require("soulprint-core");
+const soulprint_zkp_1 = require("soulprint-zkp");
+// ── Config ────────────────────────────────────────────────────────────────────
+const PORT = parseInt(process.env.SOULPRINT_PORT ?? "4888");
+const NODE_DIR = (0, node_path_1.join)((0, node_os_1.homedir)(), ".soulprint", "node");
+const KEYPAIR_FILE = (0, node_path_1.join)(NODE_DIR, "node-identity.json");
+const NULLIFIER_DB = (0, node_path_1.join)(NODE_DIR, "nullifiers.json");
+const VERSION = "0.1.0";
+const MAX_BODY_BYTES = 64 * 1024; // 64KB max
+const RATE_LIMIT_MS = 60_000; // 1 min window
+const RATE_LIMIT_MAX = 10; // 10 req/min/IP
+const CLOCK_SKEW_MAX = 300; // ±5 min
+// ── Rate limiter ──────────────────────────────────────────────────────────────
+const rateLimits = new Map();
+function checkRateLimit(ip) {
+    const now = Date.now();
+    const entry = rateLimits.get(ip);
+    if (!entry || now > entry.resetAt) {
+        rateLimits.set(ip, { count: 1, resetAt: now + RATE_LIMIT_MS });
+        return true;
+    }
+    if (entry.count >= RATE_LIMIT_MAX)
+        return false;
+    entry.count++;
+    return true;
+}
+setInterval(() => {
+    const now = Date.now();
+    for (const [ip, e] of rateLimits)
+        if (now > e.resetAt)
+            rateLimits.delete(ip);
+}, 5 * 60_000).unref();
+// ── Nullifier registry ────────────────────────────────────────────────────────
+let nullifiers = {};
+function loadNullifiers() {
+    if ((0, node_fs_1.existsSync)(NULLIFIER_DB)) {
+        try {
+            nullifiers = JSON.parse((0, node_fs_1.readFileSync)(NULLIFIER_DB, "utf8"));
+        }
+        catch {
+            nullifiers = {};
+        }
+    }
+}
+function saveNullifiers() { (0, node_fs_1.writeFileSync)(NULLIFIER_DB, JSON.stringify(nullifiers, null, 2)); }
+// ── Node keypair ──────────────────────────────────────────────────────────────
+function loadOrCreateNodeKeypair() {
+    if (!(0, node_fs_1.existsSync)(NODE_DIR))
+        (0, node_fs_1.mkdirSync)(NODE_DIR, { recursive: true, mode: 0o700 });
+    if ((0, node_fs_1.existsSync)(KEYPAIR_FILE)) {
+        try {
+            const s = JSON.parse((0, node_fs_1.readFileSync)(KEYPAIR_FILE, "utf8"));
+            return (0, soulprint_core_1.keypairFromPrivateKey)(new Uint8Array(Buffer.from(s.privateKey, "hex")));
+        }
+        catch { /* regenerar */ }
+    }
+    const kp = (0, soulprint_core_1.generateKeypair)();
+    (0, node_fs_1.writeFileSync)(KEYPAIR_FILE, JSON.stringify({ did: kp.did, privateKey: Buffer.from(kp.privateKey).toString("hex"), created: new Date().toISOString() }), { mode: 0o600 });
+    console.log(`✅ Nuevo nodo: ${kp.did}`);
+    return kp;
+}
+// ── HTTP helpers ──────────────────────────────────────────────────────────────
+const SECURITY_HEADERS = {
+    "Content-Type": "application/json",
+    "X-Soulprint-Node": VERSION,
+    "X-Content-Type-Options": "nosniff",
+    "X-Frame-Options": "DENY",
+};
+function json(res, status, body) {
+    res.writeHead(status, SECURITY_HEADERS);
+    res.end(JSON.stringify(body));
+}
+async function readBody(req) {
+    return new Promise((resolve, reject) => {
+        let data = "", size = 0;
+        req.on("data", chunk => {
+            size += chunk.length;
+            if (size > MAX_BODY_BYTES) {
+                req.destroy();
+                reject(new Error("Request too large (max 64KB)"));
+                return;
+            }
+            data += chunk;
+        });
+        req.on("end", () => { try {
+            resolve(JSON.parse(data));
+        }
+        catch {
+            reject(new Error("Invalid JSON"));
+        } });
+    });
+}
+function getIP(req) {
+    const fwd = req.headers["x-forwarded-for"];
+    return (typeof fwd === "string" ? fwd.split(",")[0].trim() : req.socket.remoteAddress) ?? "unknown";
+}
+// ── GET /info ─────────────────────────────────────────────────────────────────
+function handleInfo(res, nodeKeypair) {
+    json(res, 200, {
+        node_did: nodeKeypair.did,
+        version: VERSION,
+        protocol: "sip/0.1",
+        total_verified: Object.keys(nullifiers).length,
+        supported_countries: ["CO"],
+        capabilities: ["zk-verify", "anti-sybil", "co-sign"],
+        rate_limit: `${RATE_LIMIT_MAX} req/min per IP`,
+    });
+}
+// ── POST /verify ──────────────────────────────────────────────────────────────
+async function handleVerify(req, res, nodeKeypair, ip) {
+    if (!checkRateLimit(ip))
+        return json(res, 429, { error: "Rate limit exceeded. Try again in 1 minute." });
+    let body;
+    try {
+        body = await readBody(req);
+    }
+    catch (e) {
+        return json(res, 400, { error: e.message });
+    }
+    const { spt, zkp } = body ?? {};
+    if (!spt || !zkp)
+        return json(res, 400, { error: "Missing required fields: spt, zkp" });
+    if (typeof spt !== "string" || typeof zkp !== "string")
+        return json(res, 400, { error: "spt and zkp must be strings" });
+    // Verify SPT
+    const token = (0, soulprint_core_1.decodeToken)(spt);
+    if (!token)
+        return json(res, 401, { error: "Invalid or expired SPT" });
+    // Clock skew check
+    const now = Math.floor(Date.now() / 1000);
+    if (Math.abs(token.issued - now) > CLOCK_SKEW_MAX) {
+        return json(res, 400, { error: "Clock skew too large", max_skew_seconds: CLOCK_SKEW_MAX });
+    }
+    // Verify ZK proof
+    let zkResult;
+    try {
+        const proof = (0, soulprint_zkp_1.deserializeProof)(zkp);
+        zkResult = await (0, soulprint_zkp_1.verifyProof)(proof);
+    }
+    catch (e) {
+        return json(res, 400, { error: `ZK proof error: ${e.message?.slice(0, 100)}` });
+    }
+    if (!zkResult.valid)
+        return json(res, 403, { error: "ZK proof is not valid" });
+    if (!zkResult.nullifier)
+        return json(res, 400, { error: "No nullifier in ZK proof" });
+    // Anti-Sybil
+    const existing = nullifiers[zkResult.nullifier];
+    let antiSybil = "new";
+    if (existing) {
+        if (existing.did !== token.did) {
+            return json(res, 409, {
+                error: "Anti-Sybil: this nullifier is already registered with a different DID",
+            });
+        }
+        antiSybil = "existing";
+    }
+    else {
+        nullifiers[zkResult.nullifier] = { did: token.did, verified_at: now };
+        saveNullifiers();
+    }
+    const coSig = (0, soulprint_core_1.sign)({ nullifier: zkResult.nullifier, did: token.did, timestamp: now }, nodeKeypair.privateKey);
+    json(res, 200, {
+        valid: true,
+        anti_sybil: antiSybil,
+        nullifier: zkResult.nullifier,
+        node_did: nodeKeypair.did,
+        co_signature: coSig,
+        verified_at: now,
+    });
+}
+// ── GET /nullifier/:hash ──────────────────────────────────────────────────────
+function handleNullifierCheck(res, nullifier) {
+    if (!/^(0x)?[0-9a-fA-F]{1,128}$/.test(nullifier))
+        return json(res, 400, { error: "Invalid nullifier format" });
+    const entry = nullifiers[nullifier];
+    if (!entry)
+        return json(res, 404, { registered: false });
+    json(res, 200, { registered: true, verified_at: entry.verified_at });
+}
+// ── Server ────────────────────────────────────────────────────────────────────
+function startValidatorNode(port = PORT) {
+    loadNullifiers();
+    const nodeKeypair = loadOrCreateNodeKeypair();
+    const server = (0, node_http_1.createServer)(async (req, res) => {
+        const ip = getIP(req);
+        const url = req.url ?? "/";
+        res.setHeader("Access-Control-Allow-Origin", "*");
+        res.setHeader("Access-Control-Allow-Methods", "GET, POST, OPTIONS");
+        res.setHeader("Access-Control-Allow-Headers", "Content-Type");
+        if (req.method === "OPTIONS") {
+            res.writeHead(204);
+            res.end();
+            return;
+        }
+        if (url === "/info" && req.method === "GET")
+            return handleInfo(res, nodeKeypair);
+        if (url === "/verify" && req.method === "POST")
+            return handleVerify(req, res, nodeKeypair, ip);
+        if (url.startsWith("/nullifier/") && req.method === "GET")
+            return handleNullifierCheck(res, decodeURIComponent(url.replace("/nullifier/", "")));
+        json(res, 404, { error: "Not found" });
+    });
+    server.listen(port, () => {
+        console.log(`🌐 Soulprint Validator Node v${VERSION}`);
+        console.log(`   Node DID: ${nodeKeypair.did}`);
+        console.log(`   Listening on http://0.0.0.0:${port}`);
+        console.log(`   Nullifiers registered: ${Object.keys(nullifiers).length}`);
+        console.log(`   Rate limit: ${RATE_LIMIT_MAX} req/min per IP`);
+        console.log(`\n   POST /verify        verify ZK proof + co-sign SPT`);
+        console.log(`   GET  /info          node info`);
+        console.log(`   GET  /nullifier/:n  check nullifier`);
+        console.log(`\n   Anyone can run a Soulprint node. More nodes = more security.`);
+    });
+    return server;
+}
+async function submitToNode(nodeUrl, spt, zkProof) {
+    const res = await fetch(`${nodeUrl}/verify`, { method: "POST", headers: { "Content-Type": "application/json" }, body: JSON.stringify({ spt, zkp: zkProof }) });
+    const data = await res.json();
+    if (!res.ok)
+        throw new Error(data.error ?? `HTTP ${res.status}`);
+    return data;
+}
+async function getNodeInfo(nodeUrl) {
+    return (await fetch(`${nodeUrl}/info`)).json();
+}
+// Bootstrap nodes — add yours via PR: https://github.com/manuelariasfz/soulprint
+exports.BOOTSTRAP_NODES = [];

package/package.json ADDED Viewed

@@ -0,0 +1,47 @@
+{
+  "name": "soulprint-network",
+  "version": "0.1.0",
+  "description": "Soulprint validator node — HTTP server that verifies ZK proofs, co-signs SPTs, anti-Sybil registry",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "bin": {
+    "soulprint-node": "dist/server.js"
+  },
+  "files": [
+    "dist",
+    "README.md"
+  ],
+  "publishConfig": {
+    "access": "public"
+  },
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/manuelariasfz/soulprint",
+    "directory": "packages/network"
+  },
+  "homepage": "https://github.com/manuelariasfz/soulprint#readme",
+  "keywords": [
+    "soulprint",
+    "validator-node",
+    "kyc",
+    "anti-sybil",
+    "zero-knowledge",
+    "decentralized"
+  ],
+  "license": "MIT",
+  "dependencies": {
+    "soulprint-core": "0.1.0",
+    "soulprint-zkp": "0.1.0"
+  },
+  "devDependencies": {
+    "typescript": "^5.4.0",
+    "@types/node": "^20.0.0"
+  },
+  "engines": {
+    "node": ">=18.0.0"
+  },
+  "scripts": {
+    "build": "tsc",
+    "start": "node dist/server.js"
+  }
+}