tenzro-wallet 0.1.0

package/dist/ports/canton/canton-validator.d.ts

@@ -0,0 +1,182 @@
+/**
+ * CantonValidatorPort — narrow port for the Canton validator surface area.
+ *
+ * Two protocol surfaces hide behind one port:
+ *   1. **Ledger API** (`/v2/...`) — the JSON Ledger API every Canton
+ *      participant exposes. Interactive Submission Service for prepare/execute,
+ *      command completions tail, active-contract reads.
+ *   2. **Splice validator-app** (`/api/validator/v0/...`) — the Tenzro-hosted
+ *      validator's convenience endpoints for external-party onboarding (topology
+ *      generation, setup-proposal acceptance, preapproval lookup via Scan proxy).
+ *
+ * Both surfaces sit on the same validator deployment and share auth (Auth0
+ * JWT, audience `https://canton.network.global`). One port, one adapter,
+ * one set of auth plumbing — the kernel doesn't care that two HTTP base URLs
+ * are involved.
+ *
+ * Both `canton-internal` and `canton-external` consume this port. The
+ * synchronizerId is a parameter on every call, not a port-level concern —
+ * the same Tenzro validator hosts parties on both the Tenzro-operated
+ * synchronizer and the Global Synchronizer.
+ *
+ * **Backed by:** `LedgerApiAdapter` (browser-clean, hand-rolled fetch
+ * client over the JSON Ledger API + Splice validator-app HTTP surface).
+ * Following Splice Wallet Kernel's reference pattern — no
+ * `@canton-network/wallet-sdk` dep (that package is Node-only, pulls
+ * `@grpc/grpc-js`). CIP-0103 explicitly endorses raw Ledger API access
+ * as a canonical source of truth.
+ *
+ * Spec refs:
+ *   - DESIGN.md §4.4 (canton-internal) + §4.5 (canton-external)
+ *   - Canton OSS `interactive_submission_service.proto` for the prepare/execute
+ *     wire shape (vendored hash recomputation lives in `./hash.ts`)
+ *   - https://docs.digitalasset.com/integrate/devnet/preparing-and-signing-transactions/
+ *   - https://docs.global.canton.network.sync.global/
+ *   - Splice Wallet Kernel `core/ledger-client` (the reference HTTP client
+ *     pattern this adapter mirrors)
+ */
+/**
+ * Hashing scheme version for `preparedTransactionHash` recomputation.
+ * Pin V2 explicitly; reject V3+ until the kernel knows the V3 canonicalisation
+ * rules. Per §4.5.1 and open-question #4 in DESIGN.md.
+ */
+export type CantonHashingSchemeVersion = 'HASHING_SCHEME_VERSION_V2';
+/**
+ * Canton signing curves accepted on `PartyToKeyMapping`. Ed25519 is the
+ * recommended default; ECDSA P-256 maps cleanly to WebAuthn ES256 for
+ * passkey-direct signing of the warm leg. secp256k1 acceptance on Global
+ * Synchronizer MainNet is unverified as of 2026-04 — see DESIGN.md open
+ * question #2.
+ */
+export type CantonSigningScheme = 'ed25519' | 'ec-dsa-p256';
+export interface PrepareSubmissionRequest {
+    /** Acting party id (`<hint>::<fingerprint>`). */
+    readonly actAs: string;
+    /** Synchronizer id — `global-domain::<fp>` for MainNet, Tenzro-operated
+     *  synchronizer id for canton-internal. */
+    readonly synchronizerId: string;
+    /** Stable client-side identifier; tied to the eventual `updateId`. */
+    readonly commandId: string;
+    /** Pinned package id the wallet knows how to render. Post-2026-05-05
+     *  baseline: `splice-amulet 0.1.17`. */
+    readonly packageIdSelectionPreference: string;
+    /** Daml `Commands` payload — opaque to the kernel; the SDK adapter shapes
+     *  this from the high-level intent. M4 design phase keeps the type narrow;
+     *  the SDK adapter widens it to the Splice `wallet-sdk` Commands shape. */
+    readonly commands: ReadonlyArray<unknown>;
+}
+export interface PrepareSubmissionResponse {
+    /** Canonical wire-format `PreparedTransaction` proto bytes. The wallet
+     *  re-decodes these to verify what's being authorised. */
+    readonly preparedTransaction: Uint8Array;
+    /** SHA-256 hash with Canton hash purpose 11 prefix. The wallet recomputes
+     *  this from `preparedTransaction` and asserts equality before signing. */
+    readonly preparedTransactionHash: Uint8Array;
+    readonly hashingSchemeVersion: CantonHashingSchemeVersion;
+}
+export interface ExecuteSubmissionRequest {
+    readonly preparedTransaction: Uint8Array;
+    /** The signature(s) over `preparedTransactionHash`. M-of-N signing keys
+     *  per `PartyToKeyMapping` — array even when threshold = 1. */
+    readonly partySignatures: ReadonlyArray<{
+        readonly party: string;
+        readonly signature: Uint8Array;
+        readonly scheme: CantonSigningScheme;
+        /** Fingerprint of the signing public key — Canton uses this to look up
+         *  the key in `PartyToKeyMapping` rather than carrying the pubkey on
+         *  the wire. */
+        readonly signedBy: string;
+    }>;
+    readonly hashingSchemeVersion: CantonHashingSchemeVersion;
+    /** Same `commandId` from prepare. */
+    readonly submissionId: string;
+}
+export interface CompletionFilter {
+    readonly userId: string;
+    readonly actAs: ReadonlyArray<string>;
+    /** Resume from a prior offset; omit to start from the current head. */
+    readonly beginExclusive?: string;
+}
+export interface CantonCompletion {
+    readonly commandId: string;
+    /** On-ledger update id — the closest equivalent to a tx hash. */
+    readonly updateId: string;
+    readonly completionOffset: string;
+    readonly status: 'executed' | 'failed';
+    /** Status detail when `status === 'failed'`. */
+    readonly errorMessage?: string;
+}
+export interface ActiveContractsFilter {
+    readonly party: string;
+    readonly templateIds?: ReadonlyArray<string>;
+}
+export interface CantonActiveContract {
+    readonly contractId: string;
+    readonly templateId: string;
+    /** Daml record payload, opaque to the kernel; surface modules narrow this
+     *  per template. */
+    readonly payload: unknown;
+    readonly createdAtOffset: string;
+}
+export interface TransferPreapproval {
+    readonly contractId: string;
+    readonly receiver: string;
+    readonly provider: string;
+    /** Unix ms epoch of preapproval expiry. The Tenzro validator auto-renews
+     *  when within 30 days of expiry (see §4.5.6). */
+    readonly expiresAt: number;
+}
+export interface GenerateTopologyRequest {
+    readonly partyHint: string;
+    readonly namespacePublicKey: Uint8Array;
+    readonly signingPublicKeys: ReadonlyArray<{
+        readonly publicKey: Uint8Array;
+        readonly scheme: CantonSigningScheme;
+    }>;
+    readonly threshold: number;
+}
+export interface GenerateTopologyResponse {
+    /** The three unsigned topology transactions (NamespaceDelegation,
+     *  PartyToKeyMapping, PartyToParticipant) as opaque bytes. The wallet
+     *  doesn't decode these — it signs the bundle hash. */
+    readonly topologyTransactions: ReadonlyArray<Uint8Array>;
+    /** SHA-256 over the bundle, Canton hash purpose 55. */
+    readonly bundleHash: Uint8Array;
+    /** Resulting party id once the bundle is submitted. */
+    readonly partyId: string;
+}
+export interface SubmitTopologyRequest {
+    readonly topologyTransactions: ReadonlyArray<Uint8Array>;
+    readonly namespaceSignature: Uint8Array;
+}
+export interface SetupProposalRequest {
+    readonly partyId: string;
+}
+export interface PrepareAcceptSetupRequest {
+    readonly partyId: string;
+}
+export interface PrepareAcceptSetupResponse {
+    readonly preparedTransaction: Uint8Array;
+    readonly preparedTransactionHash: Uint8Array;
+    readonly hashingSchemeVersion: CantonHashingSchemeVersion;
+}
+export interface SubmitAcceptSetupRequest {
+    readonly preparedTransaction: Uint8Array;
+    readonly signature: Uint8Array;
+    readonly hashingSchemeVersion: CantonHashingSchemeVersion;
+}
+export interface CantonValidatorPort {
+    prepareSubmission(req: PrepareSubmissionRequest): Promise<PrepareSubmissionResponse>;
+    executeSubmission(req: ExecuteSubmissionRequest): Promise<void>;
+    tailCompletions(filter: CompletionFilter): AsyncIterable<CantonCompletion>;
+    getActiveContracts(filter: ActiveContractsFilter): AsyncIterable<CantonActiveContract>;
+    lookupPreapproval(party: string): Promise<TransferPreapproval | null>;
+    /** Canton Name Service: `name.cns` → party id. Returns null when unmapped. */
+    resolveCns(name: string): Promise<string | null>;
+    generateTopology(req: GenerateTopologyRequest): Promise<GenerateTopologyResponse>;
+    submitTopology(req: SubmitTopologyRequest): Promise<void>;
+    setupProposal(req: SetupProposalRequest): Promise<void>;
+    prepareAcceptSetup(req: PrepareAcceptSetupRequest): Promise<PrepareAcceptSetupResponse>;
+    submitAcceptSetup(req: SubmitAcceptSetupRequest): Promise<void>;
+}
+//# sourceMappingURL=canton-validator.d.ts.map

package/dist/ports/canton/canton-validator.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"canton-validator.d.ts","sourceRoot":"","sources":["../../../src/ports/canton/canton-validator.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAoCG;AAIH;;;;GAIG;AACH,MAAM,MAAM,0BAA0B,GAAG,2BAA2B,CAAC;AAErE;;;;;;GAMG;AACH,MAAM,MAAM,mBAAmB,GAAG,SAAS,GAAG,aAAa,CAAC;AAE5D,MAAM,WAAW,wBAAwB;IACvC,iDAAiD;IACjD,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;IACvB;+CAC2C;IAC3C,QAAQ,CAAC,cAAc,EAAE,MAAM,CAAC;IAChC,sEAAsE;IACtE,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B;4CACwC;IACxC,QAAQ,CAAC,4BAA4B,EAAE,MAAM,CAAC;IAC9C;;+EAE2E;IAC3E,QAAQ,CAAC,QAAQ,EAAE,aAAa,CAAC,OAAO,CAAC,CAAC;CAC3C;AAED,MAAM,WAAW,yBAAyB;IACxC;8DAC0D;IAC1D,QAAQ,CAAC,mBAAmB,EAAE,UAAU,CAAC;IACzC;+EAC2E;IAC3E,QAAQ,CAAC,uBAAuB,EAAE,UAAU,CAAC;IAC7C,QAAQ,CAAC,oBAAoB,EAAE,0BAA0B,CAAC;CAC3D;AAED,MAAM,WAAW,wBAAwB;IACvC,QAAQ,CAAC,mBAAmB,EAAE,UAAU,CAAC;IACzC;mEAC+D;IAC/D,QAAQ,CAAC,eAAe,EAAE,aAAa,CAAC;QACtC,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;QACvB,QAAQ,CAAC,SAAS,EAAE,UAAU,CAAC;QAC/B,QAAQ,CAAC,MAAM,EAAE,mBAAmB,CAAC;QACrC;;wBAEgB;QAChB,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;KAC3B,CAAC,CAAC;IACH,QAAQ,CAAC,oBAAoB,EAAE,0BAA0B,CAAC;IAC1D,qCAAqC;IACrC,QAAQ,CAAC,YAAY,EAAE,MAAM,CAAC;CAC/B;AAID,MAAM,WAAW,gBAAgB;IAC/B,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,KAAK,EAAE,aAAa,CAAC,MAAM,CAAC,CAAC;IACtC,uEAAuE;IACvE,QAAQ,CAAC,cAAc,CAAC,EAAE,MAAM,CAAC;CAClC;AAED,MAAM,WAAW,gBAAgB;IAC/B,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,iEAAiE;IACjE,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,gBAAgB,EAAE,MAAM,CAAC;IAClC,QAAQ,CAAC,MAAM,EAAE,UAAU,GAAG,QAAQ,CAAC;IACvC,gDAAgD;IAChD,QAAQ,CAAC,YAAY,CAAC,EAAE,MAAM,CAAC;CAChC;AAID,MAAM,WAAW,qBAAqB;IACpC,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;IACvB,QAAQ,CAAC,WAAW,CAAC,EAAE,aAAa,CAAC,MAAM,CAAC,CAAC;CAC9C;AAED,MAAM,WAAW,oBAAoB;IACnC,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC;IAC5B,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC;IAC5B;wBACoB;IACpB,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC;IAC1B,QAAQ,CAAC,eAAe,EAAE,MAAM,CAAC;CAClC;AAED,MAAM,WAAW,mBAAmB;IAClC,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC;IAC5B,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B;sDACkD;IAClD,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;CAC5B;AAID,MAAM,WAAW,uBAAuB;IACtC,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,kBAAkB,EAAE,UAAU,CAAC;IACxC,QAAQ,CAAC,iBAAiB,EAAE,aAAa,CAAC;QACxC,QAAQ,CAAC,SAAS,EAAE,UAAU,CAAC;QAC/B,QAAQ,CAAC,MAAM,EAAE,mBAAmB,CAAC;KACtC,CAAC,CAAC;IACH,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;CAC5B;AAED,MAAM,WAAW,wBAAwB;IACvC;;2DAEuD;IACvD,QAAQ,CAAC,oBAAoB,EAAE,aAAa,CAAC,UAAU,CAAC,CAAC;IACzD,uDAAuD;IACvD,QAAQ,CAAC,UAAU,EAAE,UAAU,CAAC;IAChC,uDAAuD;IACvD,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;CAC1B;AAED,MAAM,WAAW,qBAAqB;IACpC,QAAQ,CAAC,oBAAoB,EAAE,aAAa,CAAC,UAAU,CAAC,CAAC;IACzD,QAAQ,CAAC,kBAAkB,EAAE,UAAU,CAAC;CACzC;AAED,MAAM,WAAW,oBAAoB;IACnC,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;CAC1B;AAED,MAAM,WAAW,yBAAyB;IACxC,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;CAC1B;AAED,MAAM,WAAW,0BAA0B;IACzC,QAAQ,CAAC,mBAAmB,EAAE,UAAU,CAAC;IACzC,QAAQ,CAAC,uBAAuB,EAAE,UAAU,CAAC;IAC7C,QAAQ,CAAC,oBAAoB,EAAE,0BAA0B,CAAC;CAC3D;AAED,MAAM,WAAW,wBAAwB;IACvC,QAAQ,CAAC,mBAAmB,EAAE,UAAU,CAAC;IACzC,QAAQ,CAAC,SAAS,EAAE,UAAU,CAAC;IAC/B,QAAQ,CAAC,oBAAoB,EAAE,0BAA0B,CAAC;CAC3D;AAID,MAAM,WAAW,mBAAmB;IAElC,iBAAiB,CAAC,GAAG,EAAE,wBAAwB,GAAG,OAAO,CAAC,yBAAyB,CAAC,CAAC;IACrF,iBAAiB,CAAC,GAAG,EAAE,wBAAwB,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAGhE,eAAe,CAAC,MAAM,EAAE,gBAAgB,GAAG,aAAa,CAAC,gBAAgB,CAAC,CAAC;IAC3E,kBAAkB,CAAC,MAAM,EAAE,qBAAqB,GAAG,aAAa,CAAC,oBAAoB,CAAC,CAAC;IAGvF,iBAAiB,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,mBAAmB,GAAG,IAAI,CAAC,CAAC;IACtE,8EAA8E;IAC9E,UAAU,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC;IAGjD,gBAAgB,CAAC,GAAG,EAAE,uBAAuB,GAAG,OAAO,CAAC,wBAAwB,CAAC,CAAC;IAClF,cAAc,CAAC,GAAG,EAAE,qBAAqB,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAC1D,aAAa,CAAC,GAAG,EAAE,oBAAoB,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IACxD,kBAAkB,CAAC,GAAG,EAAE,yBAAyB,GAAG,OAAO,CAAC,0BAA0B,CAAC,CAAC;IACxF,iBAAiB,CAAC,GAAG,EAAE,wBAAwB,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;CACjE"}

package/dist/ports/canton/canton-validator.js

@@ -0,0 +1,39 @@
+/**
+ * CantonValidatorPort — narrow port for the Canton validator surface area.
+ *
+ * Two protocol surfaces hide behind one port:
+ *   1. **Ledger API** (`/v2/...`) — the JSON Ledger API every Canton
+ *      participant exposes. Interactive Submission Service for prepare/execute,
+ *      command completions tail, active-contract reads.
+ *   2. **Splice validator-app** (`/api/validator/v0/...`) — the Tenzro-hosted
+ *      validator's convenience endpoints for external-party onboarding (topology
+ *      generation, setup-proposal acceptance, preapproval lookup via Scan proxy).
+ *
+ * Both surfaces sit on the same validator deployment and share auth (Auth0
+ * JWT, audience `https://canton.network.global`). One port, one adapter,
+ * one set of auth plumbing — the kernel doesn't care that two HTTP base URLs
+ * are involved.
+ *
+ * Both `canton-internal` and `canton-external` consume this port. The
+ * synchronizerId is a parameter on every call, not a port-level concern —
+ * the same Tenzro validator hosts parties on both the Tenzro-operated
+ * synchronizer and the Global Synchronizer.
+ *
+ * **Backed by:** `LedgerApiAdapter` (browser-clean, hand-rolled fetch
+ * client over the JSON Ledger API + Splice validator-app HTTP surface).
+ * Following Splice Wallet Kernel's reference pattern — no
+ * `@canton-network/wallet-sdk` dep (that package is Node-only, pulls
+ * `@grpc/grpc-js`). CIP-0103 explicitly endorses raw Ledger API access
+ * as a canonical source of truth.
+ *
+ * Spec refs:
+ *   - DESIGN.md §4.4 (canton-internal) + §4.5 (canton-external)
+ *   - Canton OSS `interactive_submission_service.proto` for the prepare/execute
+ *     wire shape (vendored hash recomputation lives in `./hash.ts`)
+ *   - https://docs.digitalasset.com/integrate/devnet/preparing-and-signing-transactions/
+ *   - https://docs.global.canton.network.sync.global/
+ *   - Splice Wallet Kernel `core/ledger-client` (the reference HTTP client
+ *     pattern this adapter mirrors)
+ */
+export {};
+//# sourceMappingURL=canton-validator.js.map

package/dist/ports/canton/canton-validator.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"canton-validator.js","sourceRoot":"","sources":["../../../src/ports/canton/canton-validator.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAoCG"}

package/dist/ports/canton/fingerprint.d.ts

@@ -0,0 +1,24 @@
+/**
+ * Canton key fingerprint computation.
+ *
+ * Canton identifies keys (and parties) by a `Fingerprint` string of the
+ * form `1220<lowercase-hex-sha256(publicKey)>`. The `1220` prefix is
+ * Canton's multihash header (`0x12` = sha2-256, `0x20` = 32 bytes), the
+ * same convention as multihash and IPFS CIDs.
+ *
+ * Used in two places:
+ *   1. As the `::xxxx` portion of a `PartyId` (`<hint>::<namespace-fingerprint>`).
+ *   2. As `signedBy` on every `partySignature` to `executeSubmission`, so
+ *      the validator can look the public key up in `PartyToKeyMapping`
+ *      without us carrying the bytes on the wire.
+ *
+ * Both call sites need the fingerprint to be precomputed at provision time
+ * (or at adapter-construction for an externally registered party) so the
+ * signing path stays synchronous after the SigningDriver returns.
+ */
+/**
+ * Compute the Canton fingerprint string for a public key. Async because
+ * SHA-256 is async on WebCrypto; callers cache the result on `CantonPartyKey`.
+ */
+export declare function cantonFingerprint(publicKey: Uint8Array): Promise<string>;
+//# sourceMappingURL=fingerprint.d.ts.map

package/dist/ports/canton/fingerprint.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"fingerprint.d.ts","sourceRoot":"","sources":["../../../src/ports/canton/fingerprint.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;GAiBG;AAIH;;;GAGG;AACH,wBAAsB,iBAAiB,CAAC,SAAS,EAAE,UAAU,GAAG,OAAO,CAAC,MAAM,CAAC,CAK9E"}

package/dist/ports/canton/fingerprint.js

@@ -0,0 +1,31 @@
+/**
+ * Canton key fingerprint computation.
+ *
+ * Canton identifies keys (and parties) by a `Fingerprint` string of the
+ * form `1220<lowercase-hex-sha256(publicKey)>`. The `1220` prefix is
+ * Canton's multihash header (`0x12` = sha2-256, `0x20` = 32 bytes), the
+ * same convention as multihash and IPFS CIDs.
+ *
+ * Used in two places:
+ *   1. As the `::xxxx` portion of a `PartyId` (`<hint>::<namespace-fingerprint>`).
+ *   2. As `signedBy` on every `partySignature` to `executeSubmission`, so
+ *      the validator can look the public key up in `PartyToKeyMapping`
+ *      without us carrying the bytes on the wire.
+ *
+ * Both call sites need the fingerprint to be precomputed at provision time
+ * (or at adapter-construction for an externally registered party) so the
+ * signing path stays synchronous after the SigningDriver returns.
+ */
+import { sha256 } from "../../crypto/sha256.js";
+/**
+ * Compute the Canton fingerprint string for a public key. Async because
+ * SHA-256 is async on WebCrypto; callers cache the result on `CantonPartyKey`.
+ */
+export async function cantonFingerprint(publicKey) {
+    const hash = await sha256(publicKey);
+    let hex = '1220';
+    for (const b of hash)
+        hex += b.toString(16).padStart(2, '0');
+    return hex;
+}
+//# sourceMappingURL=fingerprint.js.map

package/dist/ports/canton/fingerprint.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"fingerprint.js","sourceRoot":"","sources":["../../../src/ports/canton/fingerprint.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;GAiBG;AAEH,OAAO,EAAE,MAAM,EAAE,MAAM,wBAAwB,CAAC;AAEhD;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CAAC,SAAqB;IAC3D,MAAM,IAAI,GAAG,MAAM,MAAM,CAAC,SAAS,CAAC,CAAC;IACrC,IAAI,GAAG,GAAG,MAAM,CAAC;IACjB,KAAK,MAAM,CAAC,IAAI,IAAI;QAAE,GAAG,IAAI,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;IAC7D,OAAO,GAAG,CAAC;AACb,CAAC"}

package/dist/ports/canton/hash.d.ts

@@ -0,0 +1,37 @@
+/**
+ * Canton hash recomputation. The Interactive Submission Service returns a
+ * `preparedTransactionHash` alongside the `preparedTransaction` proto bytes;
+ * the wallet recomputes the hash locally and asserts equality before
+ * signing. Otherwise the wallet would be trusting the validator on what
+ * it's authorising — defeats the entire point of external signing.
+ *
+ * Canon (per Canton OSS `community/util-internal/src/main/scala/com/digitalasset/canton/crypto/HashPurpose.scala` and
+ * `HashAlgorithm.scala`):
+ *
+ *   hashed = SHA-256( hash_purpose_be_u32 || hash_algorithm_byte || payload )
+ *
+ *   - **hash_purpose** is a fixed 4-byte big-endian integer identifying what
+ *     is being hashed. `PreparedTransaction = 11`.
+ *   - **hash_algorithm_byte** identifies the SHA variant. `Sha256 = 0`.
+ *   - **payload** is the canonical proto bytes returned in
+ *     `preparedTransaction`.
+ *
+ * Hashing scheme version V2 is what 0.5.16 ships. V3 will change the
+ * canonicalisation rules; we reject V3 explicitly until the kernel
+ * implements them (see DESIGN.md §11 open question #4).
+ */
+/**
+ * Recompute the `preparedTransactionHash` from the proto bytes the validator
+ * returned. The wallet calls this in `sign()` and asserts equality before
+ * handing the hash to the SigningDriver.
+ */
+export declare function preparedTransactionHash(preparedTransaction: Uint8Array): Promise<Uint8Array>;
+/**
+ * Recompute the topology bundle hash from the three onboarding txs the
+ * validator returned. The user signs *this* hash with the namespace key.
+ */
+export declare function topologyBundleHash(bundle: ReadonlyArray<Uint8Array>): Promise<Uint8Array>;
+/** Constant-time byte equality. Used after recomputing the hash so a
+ *  mismatched validator can't leak information via timing. */
+export declare function bytesEqualConstantTime(a: Uint8Array, b: Uint8Array): boolean;
+//# sourceMappingURL=hash.d.ts.map

package/dist/ports/canton/hash.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"hash.d.ts","sourceRoot":"","sources":["../../../src/ports/canton/hash.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;GAqBG;AAaH;;;;GAIG;AACH,wBAAsB,uBAAuB,CAC3C,mBAAmB,EAAE,UAAU,GAC9B,OAAO,CAAC,UAAU,CAAC,CAErB;AAED;;;GAGG;AACH,wBAAsB,kBAAkB,CAAC,MAAM,EAAE,aAAa,CAAC,UAAU,CAAC,GAAG,OAAO,CAAC,UAAU,CAAC,CAK/F;AAaD;8DAC8D;AAC9D,wBAAgB,sBAAsB,CAAC,CAAC,EAAE,UAAU,EAAE,CAAC,EAAE,UAAU,GAAG,OAAO,CAK5E"}

package/dist/ports/canton/hash.js

@@ -0,0 +1,68 @@
+/**
+ * Canton hash recomputation. The Interactive Submission Service returns a
+ * `preparedTransactionHash` alongside the `preparedTransaction` proto bytes;
+ * the wallet recomputes the hash locally and asserts equality before
+ * signing. Otherwise the wallet would be trusting the validator on what
+ * it's authorising — defeats the entire point of external signing.
+ *
+ * Canon (per Canton OSS `community/util-internal/src/main/scala/com/digitalasset/canton/crypto/HashPurpose.scala` and
+ * `HashAlgorithm.scala`):
+ *
+ *   hashed = SHA-256( hash_purpose_be_u32 || hash_algorithm_byte || payload )
+ *
+ *   - **hash_purpose** is a fixed 4-byte big-endian integer identifying what
+ *     is being hashed. `PreparedTransaction = 11`.
+ *   - **hash_algorithm_byte** identifies the SHA variant. `Sha256 = 0`.
+ *   - **payload** is the canonical proto bytes returned in
+ *     `preparedTransaction`.
+ *
+ * Hashing scheme version V2 is what 0.5.16 ships. V3 will change the
+ * canonicalisation rules; we reject V3 explicitly until the kernel
+ * implements them (see DESIGN.md §11 open question #4).
+ */
+import { concatBytes, sha256 } from "../../crypto/sha256.js";
+/** `PreparedTransaction` per Canton's `HashPurpose`. */
+const HASH_PURPOSE_PREPARED_TRANSACTION = 11;
+/** `Sha256` per Canton's `HashAlgorithm`. */
+const HASH_ALGORITHM_SHA256 = 0;
+/** Canton bundle hash for multi-tx topology submissions (onboarding). */
+const HASH_PURPOSE_TOPOLOGY_TRANSACTION_BUNDLE = 55;
+/**
+ * Recompute the `preparedTransactionHash` from the proto bytes the validator
+ * returned. The wallet calls this in `sign()` and asserts equality before
+ * handing the hash to the SigningDriver.
+ */
+export async function preparedTransactionHash(preparedTransaction) {
+    return cantonHash(HASH_PURPOSE_PREPARED_TRANSACTION, preparedTransaction);
+}
+/**
+ * Recompute the topology bundle hash from the three onboarding txs the
+ * validator returned. The user signs *this* hash with the namespace key.
+ */
+export async function topologyBundleHash(bundle) {
+    // The bundle hash inputs are concatenated in their wire order. Canton
+    // doesn't length-prefix them at the hash layer — the proto's outer
+    // structure already disambiguates.
+    return cantonHash(HASH_PURPOSE_TOPOLOGY_TRANSACTION_BUNDLE, concatBytes(...bundle));
+}
+async function cantonHash(purpose, payload) {
+    const purposeBytes = new Uint8Array(4);
+    // Big-endian u32.
+    purposeBytes[0] = (purpose >>> 24) & 0xff;
+    purposeBytes[1] = (purpose >>> 16) & 0xff;
+    purposeBytes[2] = (purpose >>> 8) & 0xff;
+    purposeBytes[3] = purpose & 0xff;
+    const algoByte = new Uint8Array([HASH_ALGORITHM_SHA256]);
+    return sha256(concatBytes(purposeBytes, algoByte, payload));
+}
+/** Constant-time byte equality. Used after recomputing the hash so a
+ *  mismatched validator can't leak information via timing. */
+export function bytesEqualConstantTime(a, b) {
+    if (a.length !== b.length)
+        return false;
+    let diff = 0;
+    for (let i = 0; i < a.length; i++)
+        diff |= a[i] ^ b[i];
+    return diff === 0;
+}
+//# sourceMappingURL=hash.js.map

package/dist/ports/canton/hash.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"hash.js","sourceRoot":"","sources":["../../../src/ports/canton/hash.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;GAqBG;AAEH,OAAO,EAAE,WAAW,EAAE,MAAM,EAAE,MAAM,wBAAwB,CAAC;AAE7D,wDAAwD;AACxD,MAAM,iCAAiC,GAAG,EAAE,CAAC;AAE7C,6CAA6C;AAC7C,MAAM,qBAAqB,GAAG,CAAC,CAAC;AAEhC,yEAAyE;AACzE,MAAM,wCAAwC,GAAG,EAAE,CAAC;AAEpD;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,uBAAuB,CAC3C,mBAA+B;IAE/B,OAAO,UAAU,CAAC,iCAAiC,EAAE,mBAAmB,CAAC,CAAC;AAC5E,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CAAC,MAAiC;IACxE,sEAAsE;IACtE,mEAAmE;IACnE,mCAAmC;IACnC,OAAO,UAAU,CAAC,wCAAwC,EAAE,WAAW,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC;AACtF,CAAC;AAED,KAAK,UAAU,UAAU,CAAC,OAAe,EAAE,OAAmB;IAC5D,MAAM,YAAY,GAAG,IAAI,UAAU,CAAC,CAAC,CAAC,CAAC;IACvC,kBAAkB;IAClB,YAAY,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,KAAK,EAAE,CAAC,GAAG,IAAI,CAAC;IAC1C,YAAY,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,KAAK,EAAE,CAAC,GAAG,IAAI,CAAC;IAC1C,YAAY,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,KAAK,CAAC,CAAC,GAAG,IAAI,CAAC;IACzC,YAAY,CAAC,CAAC,CAAC,GAAG,OAAO,GAAG,IAAI,CAAC;IACjC,MAAM,QAAQ,GAAG,IAAI,UAAU,CAAC,CAAC,qBAAqB,CAAC,CAAC,CAAC;IACzD,OAAO,MAAM,CAAC,WAAW,CAAC,YAAY,EAAE,QAAQ,EAAE,OAAO,CAAC,CAAC,CAAC;AAC9D,CAAC;AAED;8DAC8D;AAC9D,MAAM,UAAU,sBAAsB,CAAC,CAAa,EAAE,CAAa;IACjE,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC,CAAC,MAAM;QAAE,OAAO,KAAK,CAAC;IACxC,IAAI,IAAI,GAAG,CAAC,CAAC;IACb,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE;QAAE,IAAI,IAAI,CAAC,CAAC,CAAC,CAAE,GAAG,CAAC,CAAC,CAAC,CAAE,CAAC;IACzD,OAAO,IAAI,KAAK,CAAC,CAAC;AACpB,CAAC"}

package/dist/ports/canton/http.d.ts

@@ -0,0 +1,64 @@
+/**
+ * Minimal `fetch`-based HTTP helpers for the Canton adapter. Browser-clean —
+ * uses only the platform `fetch` API. No openapi-fetch dep, no Buffer
+ * polyfills, no Node-only globals.
+ *
+ * Two distinct base URLs talk to one Canton validator deployment:
+ *   - Ledger API (`/v2/...`) — port 7575 by default; the JSON Ledger API
+ *     every Canton participant exposes.
+ *   - Splice validator-app (`/api/validator/v0/...`) — port 5003 by default;
+ *     the convenience endpoints for external-party onboarding and Scan
+ *     proxying.
+ *
+ * Both share an Auth0 JWT (audience `https://canton.network.global`,
+ * client_credentials grant). The token provider is injected — the kernel
+ * doesn't manage the OAuth dance, that lives in the host app or the node-
+ * side `/wallet/*` endpoints.
+ */
+export interface CantonHttpConfig {
+    /** Base URL for the JSON Ledger API, e.g. `https://canton.example:7575`. */
+    readonly ledgerBaseUrl: string;
+    /** Base URL for the Splice validator-app, e.g. `https://canton.example:5003`. */
+    readonly validatorBaseUrl: string;
+    /**
+     * Async token getter. Called per-request — the implementation can cache
+     * and refresh as it likes. Throwing here surfaces as a request failure.
+     */
+    readonly token: () => Promise<string>;
+    /**
+     * Optional `fetch` override. Defaults to `globalThis.fetch`. Tests inject
+     * a mock; real builds typically leave it unset.
+     */
+    readonly fetch?: typeof fetch;
+}
+export declare class CantonHttpError extends Error {
+    readonly status: number;
+    readonly url: string;
+    readonly body: string;
+    constructor(status: number, url: string, body: string);
+}
+/**
+ * POST a JSON body to either base URL and parse the JSON response. Throws
+ * `CantonHttpError` on non-2xx; the surface modules let those propagate.
+ *
+ * `base` selects the URL prefix. The path argument is the suffix
+ * (e.g. `/v2/interactive-submission/prepare`).
+ */
+export declare function postJson<TReq, TRes>(cfg: CantonHttpConfig, base: 'ledger' | 'validator', path: string, body: TReq): Promise<TRes>;
+/** GET a JSON resource. Same auth + error model as `postJson`. */
+export declare function getJson<TRes>(cfg: CantonHttpConfig, base: 'ledger' | 'validator', path: string): Promise<TRes>;
+/**
+ * Open a streaming response (Server-Sent Events shape used by
+ * `/v2/commands/completions` and `/v2/updates/flats`). Yields parsed JSON
+ * objects line-by-line.
+ *
+ * Canton's Ledger API streaming format: newline-delimited JSON over a
+ * keep-alive HTTP/1.1 connection. No SSE `data:` prefix on the JSON Ledger
+ * API path — that's the gRPC bridge's territory.
+ */
+export declare function streamNdjson<T>(cfg: CantonHttpConfig, base: 'ledger' | 'validator', path: string, body: unknown, signal?: AbortSignal): AsyncIterable<T>;
+/** Standard base64 (not base64url). Browser-clean, no Buffer dep. */
+export declare function base64Encode(bytes: Uint8Array): string;
+/** Standard base64 decode. */
+export declare function base64Decode(s: string): Uint8Array;
+//# sourceMappingURL=http.d.ts.map

package/dist/ports/canton/http.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"http.d.ts","sourceRoot":"","sources":["../../../src/ports/canton/http.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAEH,MAAM,WAAW,gBAAgB;IAC/B,4EAA4E;IAC5E,QAAQ,CAAC,aAAa,EAAE,MAAM,CAAC;IAC/B,iFAAiF;IACjF,QAAQ,CAAC,gBAAgB,EAAE,MAAM,CAAC;IAClC;;;OAGG;IACH,QAAQ,CAAC,KAAK,EAAE,MAAM,OAAO,CAAC,MAAM,CAAC,CAAC;IACtC;;;OAGG;IACH,QAAQ,CAAC,KAAK,CAAC,EAAE,OAAO,KAAK,CAAC;CAC/B;AAED,qBAAa,eAAgB,SAAQ,KAAK;IAEtC,QAAQ,CAAC,MAAM,EAAE,MAAM;IACvB,QAAQ,CAAC,GAAG,EAAE,MAAM;IACpB,QAAQ,CAAC,IAAI,EAAE,MAAM;gBAFZ,MAAM,EAAE,MAAM,EACd,GAAG,EAAE,MAAM,EACX,IAAI,EAAE,MAAM;CAKxB;AAED;;;;;;GAMG;AACH,wBAAsB,QAAQ,CAAC,IAAI,EAAE,IAAI,EACvC,GAAG,EAAE,gBAAgB,EACrB,IAAI,EAAE,QAAQ,GAAG,WAAW,EAC5B,IAAI,EAAE,MAAM,EACZ,IAAI,EAAE,IAAI,GACT,OAAO,CAAC,IAAI,CAAC,CAmBf;AAED,kEAAkE;AAClE,wBAAsB,OAAO,CAAC,IAAI,EAChC,GAAG,EAAE,gBAAgB,EACrB,IAAI,EAAE,QAAQ,GAAG,WAAW,EAC5B,IAAI,EAAE,MAAM,GACX,OAAO,CAAC,IAAI,CAAC,CAef;AAED;;;;;;;;GAQG;AACH,wBAAuB,YAAY,CAAC,CAAC,EACnC,GAAG,EAAE,gBAAgB,EACrB,IAAI,EAAE,QAAQ,GAAG,WAAW,EAC5B,IAAI,EAAE,MAAM,EACZ,IAAI,EAAE,OAAO,EACb,MAAM,CAAC,EAAE,WAAW,GACnB,aAAa,CAAC,CAAC,CAAC,CA2ClB;AAiCD,qEAAqE;AACrE,wBAAgB,YAAY,CAAC,KAAK,EAAE,UAAU,GAAG,MAAM,CAKtD;AAED,8BAA8B;AAC9B,wBAAgB,YAAY,CAAC,CAAC,EAAE,MAAM,GAAG,UAAU,CAKlD"}

package/dist/ports/canton/http.js

@@ -0,0 +1,177 @@
+/**
+ * Minimal `fetch`-based HTTP helpers for the Canton adapter. Browser-clean —
+ * uses only the platform `fetch` API. No openapi-fetch dep, no Buffer
+ * polyfills, no Node-only globals.
+ *
+ * Two distinct base URLs talk to one Canton validator deployment:
+ *   - Ledger API (`/v2/...`) — port 7575 by default; the JSON Ledger API
+ *     every Canton participant exposes.
+ *   - Splice validator-app (`/api/validator/v0/...`) — port 5003 by default;
+ *     the convenience endpoints for external-party onboarding and Scan
+ *     proxying.
+ *
+ * Both share an Auth0 JWT (audience `https://canton.network.global`,
+ * client_credentials grant). The token provider is injected — the kernel
+ * doesn't manage the OAuth dance, that lives in the host app or the node-
+ * side `/wallet/*` endpoints.
+ */
+export class CantonHttpError extends Error {
+    status;
+    url;
+    body;
+    constructor(status, url, body) {
+        super(`canton http ${status} on ${url}: ${truncate(body, 200)}`);
+        this.status = status;
+        this.url = url;
+        this.body = body;
+        this.name = 'CantonHttpError';
+    }
+}
+/**
+ * POST a JSON body to either base URL and parse the JSON response. Throws
+ * `CantonHttpError` on non-2xx; the surface modules let those propagate.
+ *
+ * `base` selects the URL prefix. The path argument is the suffix
+ * (e.g. `/v2/interactive-submission/prepare`).
+ */
+export async function postJson(cfg, base, path, body) {
+    const baseUrl = base === 'ledger' ? cfg.ledgerBaseUrl : cfg.validatorBaseUrl;
+    const url = `${stripTrailingSlash(baseUrl)}${path}`;
+    const token = await cfg.token();
+    const f = cfg.fetch ?? globalThis.fetch;
+    if (!f)
+        throw new Error('canton http: no fetch implementation available');
+    const res = await f(url, {
+        method: 'POST',
+        headers: {
+            'content-type': 'application/json',
+            authorization: `Bearer ${token}`,
+        },
+        body: JSON.stringify(body, replacer),
+    });
+    if (!res.ok) {
+        const text = await safeText(res);
+        throw new CantonHttpError(res.status, url, text);
+    }
+    return (await res.json());
+}
+/** GET a JSON resource. Same auth + error model as `postJson`. */
+export async function getJson(cfg, base, path) {
+    const baseUrl = base === 'ledger' ? cfg.ledgerBaseUrl : cfg.validatorBaseUrl;
+    const url = `${stripTrailingSlash(baseUrl)}${path}`;
+    const token = await cfg.token();
+    const f = cfg.fetch ?? globalThis.fetch;
+    if (!f)
+        throw new Error('canton http: no fetch implementation available');
+    const res = await f(url, {
+        method: 'GET',
+        headers: { authorization: `Bearer ${token}` },
+    });
+    if (!res.ok) {
+        const text = await safeText(res);
+        throw new CantonHttpError(res.status, url, text);
+    }
+    return (await res.json());
+}
+/**
+ * Open a streaming response (Server-Sent Events shape used by
+ * `/v2/commands/completions` and `/v2/updates/flats`). Yields parsed JSON
+ * objects line-by-line.
+ *
+ * Canton's Ledger API streaming format: newline-delimited JSON over a
+ * keep-alive HTTP/1.1 connection. No SSE `data:` prefix on the JSON Ledger
+ * API path — that's the gRPC bridge's territory.
+ */
+export async function* streamNdjson(cfg, base, path, body, signal) {
+    const baseUrl = base === 'ledger' ? cfg.ledgerBaseUrl : cfg.validatorBaseUrl;
+    const url = `${stripTrailingSlash(baseUrl)}${path}`;
+    const token = await cfg.token();
+    const f = cfg.fetch ?? globalThis.fetch;
+    if (!f)
+        throw new Error('canton http: no fetch implementation available');
+    const init = {
+        method: 'POST',
+        headers: {
+            'content-type': 'application/json',
+            accept: 'application/x-ndjson, application/json',
+            authorization: `Bearer ${token}`,
+        },
+        body: JSON.stringify(body, replacer),
+        ...(signal !== undefined ? { signal } : {}),
+    };
+    const res = await f(url, init);
+    if (!res.ok) {
+        const text = await safeText(res);
+        throw new CantonHttpError(res.status, url, text);
+    }
+    if (!res.body)
+        throw new Error('canton http: streaming response has no body');
+    const reader = res.body.getReader();
+    const decoder = new TextDecoder();
+    let buffer = '';
+    while (true) {
+        const { done, value } = await reader.read();
+        if (done) {
+            // Flush a trailing line if present.
+            const trimmed = buffer.trim();
+            if (trimmed.length > 0)
+                yield JSON.parse(trimmed);
+            return;
+        }
+        buffer += decoder.decode(value, { stream: true });
+        let nl = buffer.indexOf('\n');
+        while (nl >= 0) {
+            const line = buffer.slice(0, nl).trim();
+            buffer = buffer.slice(nl + 1);
+            if (line.length > 0)
+                yield JSON.parse(line);
+            nl = buffer.indexOf('\n');
+        }
+    }
+}
+// ─────────────────────────── helpers ───────────────────────────
+/**
+ * JSON.stringify replacer that handles bigint and Uint8Array — both common
+ * in Canton wire payloads (amounts as bigint kernel-side; proto bytes as
+ * Uint8Array). Bigint serialises as a decimal string; bytes serialise as
+ * standard base64. Canton's JSON Ledger API expects base64 for `bytes`
+ * fields per its OpenAPI spec.
+ */
+function replacer(_k, v) {
+    if (typeof v === 'bigint')
+        return v.toString();
+    if (v instanceof Uint8Array)
+        return base64Encode(v);
+    return v;
+}
+function stripTrailingSlash(s) {
+    return s.endsWith('/') ? s.slice(0, -1) : s;
+}
+async function safeText(res) {
+    try {
+        return await res.text();
+    }
+    catch {
+        return '<unreadable body>';
+    }
+}
+function truncate(s, n) {
+    return s.length > n ? `${s.slice(0, n)}…` : s;
+}
+/** Standard base64 (not base64url). Browser-clean, no Buffer dep. */
+export function base64Encode(bytes) {
+    let s = '';
+    for (let i = 0; i < bytes.length; i++)
+        s += String.fromCharCode(bytes[i]);
+    // btoa is universal in browsers and Node 16+.
+    return btoa(s);
+}
+/** Standard base64 decode. */
+export function base64Decode(s) {
+    const bin = atob(s);
+    const out = new Uint8Array(bin.length);
+    for (let i = 0; i < bin.length; i++)
+        out[i] = bin.charCodeAt(i);
+    return out;
+}
+//# sourceMappingURL=http.js.map