npm - tenzro-wallet - Versions diffs - 0.1.0 - Mend

tenzro-wallet 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (471) hide show

package/LICENSE +201 -0
package/README.md +128 -0
package/dist/balance/aggregator.d.ts +16 -0
package/dist/balance/aggregator.d.ts.map +1 -0
package/dist/balance/aggregator.js +73 -0
package/dist/balance/aggregator.js.map +1 -0
package/dist/balance/index.d.ts +3 -0
package/dist/balance/index.d.ts.map +1 -0
package/dist/balance/index.js +2 -0
package/dist/balance/index.js.map +1 -0
package/dist/consent/index.d.ts +3 -0
package/dist/consent/index.d.ts.map +1 -0
package/dist/consent/index.js +2 -0
package/dist/consent/index.js.map +1 -0
package/dist/consent/policy.d.ts +27 -0
package/dist/consent/policy.d.ts.map +1 -0
package/dist/consent/policy.js +121 -0
package/dist/consent/policy.js.map +1 -0
package/dist/crypto/eip1559.d.ts +53 -0
package/dist/crypto/eip1559.d.ts.map +1 -0
package/dist/crypto/eip1559.js +79 -0
package/dist/crypto/eip1559.js.map +1 -0
package/dist/crypto/keccak256.d.ts +20 -0
package/dist/crypto/keccak256.d.ts.map +1 -0
package/dist/crypto/keccak256.js +167 -0
package/dist/crypto/keccak256.js.map +1 -0
package/dist/crypto/rlp.d.ts +30 -0
package/dist/crypto/rlp.d.ts.map +1 -0
package/dist/crypto/rlp.js +165 -0
package/dist/crypto/rlp.js.map +1 -0
package/dist/crypto/sha256.d.ts +14 -0
package/dist/crypto/sha256.d.ts.map +1 -0
package/dist/crypto/sha256.js +33 -0
package/dist/crypto/sha256.js.map +1 -0
package/dist/crypto/solana.d.ts +86 -0
package/dist/crypto/solana.d.ts.map +1 -0
package/dist/crypto/solana.js +218 -0
package/dist/crypto/solana.js.map +1 -0
package/dist/custody/frost/backend.d.ts +59 -0
package/dist/custody/frost/backend.d.ts.map +1 -0
package/dist/custody/frost/backend.js +83 -0
package/dist/custody/frost/backend.js.map +1 -0
package/dist/custody/frost/coordinator.d.ts +148 -0
package/dist/custody/frost/coordinator.d.ts.map +1 -0
package/dist/custody/frost/coordinator.js +58 -0
package/dist/custody/frost/coordinator.js.map +1 -0
package/dist/custody/frost/ed25519-driver.d.ts +30 -0
package/dist/custody/frost/ed25519-driver.d.ts.map +1 -0
package/dist/custody/frost/ed25519-driver.js +76 -0
package/dist/custody/frost/ed25519-driver.js.map +1 -0
package/dist/custody/frost/http-adapter.d.ts +77 -0
package/dist/custody/frost/http-adapter.d.ts.map +1 -0
package/dist/custody/frost/http-adapter.js +168 -0
package/dist/custody/frost/http-adapter.js.map +1 -0
package/dist/custody/frost/hybrid-driver.d.ts +37 -0
package/dist/custody/frost/hybrid-driver.d.ts.map +1 -0
package/dist/custody/frost/hybrid-driver.js +60 -0
package/dist/custody/frost/hybrid-driver.js.map +1 -0
package/dist/custody/frost/index.d.ts +12 -0
package/dist/custody/frost/index.d.ts.map +1 -0
package/dist/custody/frost/index.js +6 -0
package/dist/custody/frost/index.js.map +1 -0
package/dist/custody/frost/secp256k1-driver.d.ts +26 -0
package/dist/custody/frost/secp256k1-driver.d.ts.map +1 -0
package/dist/custody/frost/secp256k1-driver.js +78 -0
package/dist/custody/frost/secp256k1-driver.js.map +1 -0
package/dist/custody/index.d.ts +9 -0
package/dist/custody/index.d.ts.map +1 -0
package/dist/custody/index.js +11 -0
package/dist/custody/index.js.map +1 -0
package/dist/custody/internal-mpc.d.ts +14 -0
package/dist/custody/internal-mpc.d.ts.map +1 -0
package/dist/custody/internal-mpc.js +40 -0
package/dist/custody/internal-mpc.js.map +1 -0
package/dist/custody/mldsa/coordinator.d.ts +63 -0
package/dist/custody/mldsa/coordinator.d.ts.map +1 -0
package/dist/custody/mldsa/coordinator.js +44 -0
package/dist/custody/mldsa/coordinator.js.map +1 -0
package/dist/custody/mldsa/driver.d.ts +23 -0
package/dist/custody/mldsa/driver.d.ts.map +1 -0
package/dist/custody/mldsa/driver.js +43 -0
package/dist/custody/mldsa/driver.js.map +1 -0
package/dist/custody/mldsa/http-adapter.d.ts +59 -0
package/dist/custody/mldsa/http-adapter.d.ts.map +1 -0
package/dist/custody/mldsa/http-adapter.js +103 -0
package/dist/custody/mldsa/http-adapter.js.map +1 -0
package/dist/custody/mldsa/index.d.ts +7 -0
package/dist/custody/mldsa/index.d.ts.map +1 -0
package/dist/custody/mldsa/index.js +4 -0
package/dist/custody/mldsa/index.js.map +1 -0
package/dist/custody/pairing/http-adapter.d.ts +40 -0
package/dist/custody/pairing/http-adapter.d.ts.map +1 -0
package/dist/custody/pairing/http-adapter.js +113 -0
package/dist/custody/pairing/http-adapter.js.map +1 -0
package/dist/custody/pairing/index.d.ts +10 -0
package/dist/custody/pairing/index.d.ts.map +1 -0
package/dist/custody/pairing/index.js +8 -0
package/dist/custody/pairing/index.js.map +1 -0
package/dist/custody/pairing/port.d.ts +121 -0
package/dist/custody/pairing/port.d.ts.map +1 -0
package/dist/custody/pairing/port.js +40 -0
package/dist/custody/pairing/port.js.map +1 -0
package/dist/custody/passkey-share/http-adapter.d.ts +77 -0
package/dist/custody/passkey-share/http-adapter.d.ts.map +1 -0
package/dist/custody/passkey-share/http-adapter.js +125 -0
package/dist/custody/passkey-share/http-adapter.js.map +1 -0
package/dist/custody/passkey-share/index.d.ts +7 -0
package/dist/custody/passkey-share/index.d.ts.map +1 -0
package/dist/custody/passkey-share/index.js +4 -0
package/dist/custody/passkey-share/index.js.map +1 -0
package/dist/custody/passkey-share/unwrapper.d.ts +174 -0
package/dist/custody/passkey-share/unwrapper.d.ts.map +1 -0
package/dist/custody/passkey-share/unwrapper.js +132 -0
package/dist/custody/passkey-share/unwrapper.js.map +1 -0
package/dist/custody/passkey-share/webauthn-adapter.d.ts +112 -0
package/dist/custody/passkey-share/webauthn-adapter.d.ts.map +1 -0
package/dist/custody/passkey-share/webauthn-adapter.js +150 -0
package/dist/custody/passkey-share/webauthn-adapter.js.map +1 -0
package/dist/custody/surface-key-id.d.ts +15 -0
package/dist/custody/surface-key-id.d.ts.map +1 -0
package/dist/custody/surface-key-id.js +25 -0
package/dist/custody/surface-key-id.js.map +1 -0
package/dist/dapp/eip6963.d.ts +64 -0
package/dist/dapp/eip6963.d.ts.map +1 -0
package/dist/dapp/eip6963.js +55 -0
package/dist/dapp/eip6963.js.map +1 -0
package/dist/dapp/index.d.ts +21 -0
package/dist/dapp/index.d.ts.map +1 -0
package/dist/dapp/index.js +24 -0
package/dist/dapp/index.js.map +1 -0
package/dist/identity/delegate-set.d.ts +57 -0
package/dist/identity/delegate-set.d.ts.map +1 -0
package/dist/identity/delegate-set.js +85 -0
package/dist/identity/delegate-set.js.map +1 -0
package/dist/identity/did.d.ts +17 -0
package/dist/identity/did.d.ts.map +1 -0
package/dist/identity/did.js +60 -0
package/dist/identity/did.js.map +1 -0
package/dist/identity/index.d.ts +14 -0
package/dist/identity/index.d.ts.map +1 -0
package/dist/identity/index.js +8 -0
package/dist/identity/index.js.map +1 -0
package/dist/identity/provision.d.ts +13 -0
package/dist/identity/provision.d.ts.map +1 -0
package/dist/identity/provision.js +151 -0
package/dist/identity/provision.js.map +1 -0
package/dist/identity/provisioning-http-adapter.d.ts +81 -0
package/dist/identity/provisioning-http-adapter.d.ts.map +1 -0
package/dist/identity/provisioning-http-adapter.js +114 -0
package/dist/identity/provisioning-http-adapter.js.map +1 -0
package/dist/identity/recovery-http-adapter.d.ts +83 -0
package/dist/identity/recovery-http-adapter.d.ts.map +1 -0
package/dist/identity/recovery-http-adapter.js +139 -0
package/dist/identity/recovery-http-adapter.js.map +1 -0
package/dist/identity/wallet-new.d.ts +132 -0
package/dist/identity/wallet-new.d.ts.map +1 -0
package/dist/identity/wallet-new.js +94 -0
package/dist/identity/wallet-new.js.map +1 -0
package/dist/identity/wallet-recover.d.ts +116 -0
package/dist/identity/wallet-recover.d.ts.map +1 -0
package/dist/identity/wallet-recover.js +95 -0
package/dist/identity/wallet-recover.js.map +1 -0
package/dist/index.d.ts +12 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +11 -0
package/dist/index.js.map +1 -0
package/dist/kernel.d.ts +119 -0
package/dist/kernel.d.ts.map +1 -0
package/dist/kernel.js +144 -0
package/dist/kernel.js.map +1 -0
package/dist/ports/adapters/tenzro-identity-adapter.d.ts +44 -0
package/dist/ports/adapters/tenzro-identity-adapter.d.ts.map +1 -0
package/dist/ports/adapters/tenzro-identity-adapter.js +60 -0
package/dist/ports/adapters/tenzro-identity-adapter.js.map +1 -0
package/dist/ports/adapters/tenzro-sdk-adapter.d.ts +86 -0
package/dist/ports/adapters/tenzro-sdk-adapter.d.ts.map +1 -0
package/dist/ports/adapters/tenzro-sdk-adapter.js +100 -0
package/dist/ports/adapters/tenzro-sdk-adapter.js.map +1 -0
package/dist/ports/agent/acp.d.ts +66 -0
package/dist/ports/agent/acp.d.ts.map +1 -0
package/dist/ports/agent/acp.js +27 -0
package/dist/ports/agent/acp.js.map +1 -0
package/dist/ports/agent/adapters/acp-adapter.d.ts +67 -0
package/dist/ports/agent/adapters/acp-adapter.d.ts.map +1 -0
package/dist/ports/agent/adapters/acp-adapter.js +70 -0
package/dist/ports/agent/adapters/acp-adapter.js.map +1 -0
package/dist/ports/agent/adapters/agent-bond-adapter.d.ts +31 -0
package/dist/ports/agent/adapters/agent-bond-adapter.d.ts.map +1 -0
package/dist/ports/agent/adapters/agent-bond-adapter.js +82 -0
package/dist/ports/agent/adapters/agent-bond-adapter.js.map +1 -0
package/dist/ports/agent/adapters/agent-payment-adapter.d.ts +66 -0
package/dist/ports/agent/adapters/agent-payment-adapter.d.ts.map +1 -0
package/dist/ports/agent/adapters/agent-payment-adapter.js +75 -0
package/dist/ports/agent/adapters/agent-payment-adapter.js.map +1 -0
package/dist/ports/agent/adapters/ap2-adapter.d.ts +28 -0
package/dist/ports/agent/adapters/ap2-adapter.d.ts.map +1 -0
package/dist/ports/agent/adapters/ap2-adapter.js +97 -0
package/dist/ports/agent/adapters/ap2-adapter.js.map +1 -0
package/dist/ports/agent/adapters/auth-approval-adapter.d.ts +26 -0
package/dist/ports/agent/adapters/auth-approval-adapter.d.ts.map +1 -0
package/dist/ports/agent/adapters/auth-approval-adapter.js +37 -0
package/dist/ports/agent/adapters/auth-approval-adapter.js.map +1 -0
package/dist/ports/agent/adapters/erc7802-adapter.d.ts +30 -0
package/dist/ports/agent/adapters/erc7802-adapter.d.ts.map +1 -0
package/dist/ports/agent/adapters/erc7802-adapter.js +60 -0
package/dist/ports/agent/adapters/erc7802-adapter.js.map +1 -0
package/dist/ports/agent/adapters/erc8004-adapter.d.ts +54 -0
package/dist/ports/agent/adapters/erc8004-adapter.d.ts.map +1 -0
package/dist/ports/agent/adapters/erc8004-adapter.js +53 -0
package/dist/ports/agent/adapters/erc8004-adapter.js.map +1 -0
package/dist/ports/agent/adapters/escrow-adapter.d.ts +33 -0
package/dist/ports/agent/adapters/escrow-adapter.d.ts.map +1 -0
package/dist/ports/agent/adapters/escrow-adapter.js +109 -0
package/dist/ports/agent/adapters/escrow-adapter.js.map +1 -0
package/dist/ports/agent/adapters/fee-estimator-adapter.d.ts +31 -0
package/dist/ports/agent/adapters/fee-estimator-adapter.d.ts.map +1 -0
package/dist/ports/agent/adapters/fee-estimator-adapter.js +103 -0
package/dist/ports/agent/adapters/fee-estimator-adapter.js.map +1 -0
package/dist/ports/agent/adapters/htlc-escrow-adapter.d.ts +68 -0
package/dist/ports/agent/adapters/htlc-escrow-adapter.d.ts.map +1 -0
package/dist/ports/agent/adapters/htlc-escrow-adapter.js +131 -0
package/dist/ports/agent/adapters/htlc-escrow-adapter.js.map +1 -0
package/dist/ports/agent/adapters/insurance-adapter.d.ts +32 -0
package/dist/ports/agent/adapters/insurance-adapter.d.ts.map +1 -0
package/dist/ports/agent/adapters/insurance-adapter.js +103 -0
package/dist/ports/agent/adapters/insurance-adapter.js.map +1 -0
package/dist/ports/agent/adapters/lifecycle-adapter.d.ts +26 -0
package/dist/ports/agent/adapters/lifecycle-adapter.d.ts.map +1 -0
package/dist/ports/agent/adapters/lifecycle-adapter.js +136 -0
package/dist/ports/agent/adapters/lifecycle-adapter.js.map +1 -0
package/dist/ports/agent/adapters/nanopayment-adapter.d.ts +62 -0
package/dist/ports/agent/adapters/nanopayment-adapter.d.ts.map +1 -0
package/dist/ports/agent/adapters/nanopayment-adapter.js +76 -0
package/dist/ports/agent/adapters/nanopayment-adapter.js.map +1 -0
package/dist/ports/agent/adapters/payment-rails-adapter.d.ts +67 -0
package/dist/ports/agent/adapters/payment-rails-adapter.d.ts.map +1 -0
package/dist/ports/agent/adapters/payment-rails-adapter.js +108 -0
package/dist/ports/agent/adapters/payment-rails-adapter.js.map +1 -0
package/dist/ports/agent/adapters/principal-chain-adapter.d.ts +23 -0
package/dist/ports/agent/adapters/principal-chain-adapter.d.ts.map +1 -0
package/dist/ports/agent/adapters/principal-chain-adapter.js +156 -0
package/dist/ports/agent/adapters/principal-chain-adapter.js.map +1 -0
package/dist/ports/agent/adapters/session-key-adapter.d.ts +45 -0
package/dist/ports/agent/adapters/session-key-adapter.d.ts.map +1 -0
package/dist/ports/agent/adapters/session-key-adapter.js +80 -0
package/dist/ports/agent/adapters/session-key-adapter.js.map +1 -0
package/dist/ports/agent/adapters/tee-attestation-adapter.d.ts +32 -0
package/dist/ports/agent/adapters/tee-attestation-adapter.d.ts.map +1 -0
package/dist/ports/agent/adapters/tee-attestation-adapter.js +38 -0
package/dist/ports/agent/adapters/tee-attestation-adapter.js.map +1 -0
package/dist/ports/agent/agent-bond.d.ts +80 -0
package/dist/ports/agent/agent-bond.d.ts.map +1 -0
package/dist/ports/agent/agent-bond.js +23 -0
package/dist/ports/agent/agent-bond.js.map +1 -0
package/dist/ports/agent/agent-payment.d.ts +72 -0
package/dist/ports/agent/agent-payment.d.ts.map +1 -0
package/dist/ports/agent/agent-payment.js +17 -0
package/dist/ports/agent/agent-payment.js.map +1 -0
package/dist/ports/agent/ap2.d.ts +104 -0
package/dist/ports/agent/ap2.d.ts.map +1 -0
package/dist/ports/agent/ap2.js +22 -0
package/dist/ports/agent/ap2.js.map +1 -0
package/dist/ports/agent/auth-approval.d.ts +40 -0
package/dist/ports/agent/auth-approval.d.ts.map +1 -0
package/dist/ports/agent/auth-approval.js +23 -0
package/dist/ports/agent/auth-approval.js.map +1 -0
package/dist/ports/agent/erc7802.d.ts +94 -0
package/dist/ports/agent/erc7802.d.ts.map +1 -0
package/dist/ports/agent/erc7802.js +30 -0
package/dist/ports/agent/erc7802.js.map +1 -0
package/dist/ports/agent/erc8004.d.ts +57 -0
package/dist/ports/agent/erc8004.d.ts.map +1 -0
package/dist/ports/agent/erc8004.js +20 -0
package/dist/ports/agent/erc8004.js.map +1 -0
package/dist/ports/agent/escrow.d.ts +74 -0
package/dist/ports/agent/escrow.d.ts.map +1 -0
package/dist/ports/agent/escrow.js +18 -0
package/dist/ports/agent/escrow.js.map +1 -0
package/dist/ports/agent/fee-estimator.d.ts +71 -0
package/dist/ports/agent/fee-estimator.d.ts.map +1 -0
package/dist/ports/agent/fee-estimator.js +21 -0
package/dist/ports/agent/fee-estimator.js.map +1 -0
package/dist/ports/agent/htlc-escrow.d.ts +94 -0
package/dist/ports/agent/htlc-escrow.d.ts.map +1 -0
package/dist/ports/agent/htlc-escrow.js +25 -0
package/dist/ports/agent/htlc-escrow.js.map +1 -0
package/dist/ports/agent/index.d.ts +58 -0
package/dist/ports/agent/index.d.ts.map +1 -0
package/dist/ports/agent/index.js +24 -0
package/dist/ports/agent/index.js.map +1 -0
package/dist/ports/agent/insurance.d.ts +65 -0
package/dist/ports/agent/insurance.d.ts.map +1 -0
package/dist/ports/agent/insurance.js +18 -0
package/dist/ports/agent/insurance.js.map +1 -0
package/dist/ports/agent/lifecycle.d.ts +69 -0
package/dist/ports/agent/lifecycle.d.ts.map +1 -0
package/dist/ports/agent/lifecycle.js +17 -0
package/dist/ports/agent/lifecycle.js.map +1 -0
package/dist/ports/agent/nanopayment.d.ts +72 -0
package/dist/ports/agent/nanopayment.d.ts.map +1 -0
package/dist/ports/agent/nanopayment.js +16 -0
package/dist/ports/agent/nanopayment.js.map +1 -0
package/dist/ports/agent/payment-rails.d.ts +140 -0
package/dist/ports/agent/payment-rails.d.ts.map +1 -0
package/dist/ports/agent/payment-rails.js +25 -0
package/dist/ports/agent/payment-rails.js.map +1 -0
package/dist/ports/agent/principal-chain.d.ts +95 -0
package/dist/ports/agent/principal-chain.d.ts.map +1 -0
package/dist/ports/agent/principal-chain.js +16 -0
package/dist/ports/agent/principal-chain.js.map +1 -0
package/dist/ports/agent/session-key.d.ts +94 -0
package/dist/ports/agent/session-key.d.ts.map +1 -0
package/dist/ports/agent/session-key.js +31 -0
package/dist/ports/agent/session-key.js.map +1 -0
package/dist/ports/agent/tee-attestation.d.ts +51 -0
package/dist/ports/agent/tee-attestation.d.ts.map +1 -0
package/dist/ports/agent/tee-attestation.js +28 -0
package/dist/ports/agent/tee-attestation.js.map +1 -0
package/dist/ports/bridge/adapters/bridge-adapter-base.d.ts +47 -0
package/dist/ports/bridge/adapters/bridge-adapter-base.d.ts.map +1 -0
package/dist/ports/bridge/adapters/bridge-adapter-base.js +144 -0
package/dist/ports/bridge/adapters/bridge-adapter-base.js.map +1 -0
package/dist/ports/bridge/adapters/canton-bridge-adapter.d.ts +30 -0
package/dist/ports/bridge/adapters/canton-bridge-adapter.d.ts.map +1 -0
package/dist/ports/bridge/adapters/canton-bridge-adapter.js +31 -0
package/dist/ports/bridge/adapters/canton-bridge-adapter.js.map +1 -0
package/dist/ports/bridge/adapters/ccip-adapter.d.ts +30 -0
package/dist/ports/bridge/adapters/ccip-adapter.d.ts.map +1 -0
package/dist/ports/bridge/adapters/ccip-adapter.js +31 -0
package/dist/ports/bridge/adapters/ccip-adapter.js.map +1 -0
package/dist/ports/bridge/adapters/debridge-adapter.d.ts +27 -0
package/dist/ports/bridge/adapters/debridge-adapter.d.ts.map +1 -0
package/dist/ports/bridge/adapters/debridge-adapter.js +28 -0
package/dist/ports/bridge/adapters/debridge-adapter.js.map +1 -0
package/dist/ports/bridge/adapters/layerzero-adapter.d.ts +30 -0
package/dist/ports/bridge/adapters/layerzero-adapter.d.ts.map +1 -0
package/dist/ports/bridge/adapters/layerzero-adapter.js +31 -0
package/dist/ports/bridge/adapters/layerzero-adapter.js.map +1 -0
package/dist/ports/bridge/adapters/lifi-adapter.d.ts +48 -0
package/dist/ports/bridge/adapters/lifi-adapter.d.ts.map +1 -0
package/dist/ports/bridge/adapters/lifi-adapter.js +49 -0
package/dist/ports/bridge/adapters/lifi-adapter.js.map +1 -0
package/dist/ports/bridge/adapters/wormhole-adapter.d.ts +26 -0
package/dist/ports/bridge/adapters/wormhole-adapter.d.ts.map +1 -0
package/dist/ports/bridge/adapters/wormhole-adapter.js +27 -0
package/dist/ports/bridge/adapters/wormhole-adapter.js.map +1 -0
package/dist/ports/bridge/bridge.d.ts +123 -0
package/dist/ports/bridge/bridge.d.ts.map +1 -0
package/dist/ports/bridge/bridge.js +20 -0
package/dist/ports/bridge/bridge.js.map +1 -0
package/dist/ports/bridge/index.d.ts +13 -0
package/dist/ports/bridge/index.d.ts.map +1 -0
package/dist/ports/bridge/index.js +11 -0
package/dist/ports/bridge/index.js.map +1 -0
package/dist/ports/canton/adapters/ledger-api-adapter.d.ts +52 -0
package/dist/ports/canton/adapters/ledger-api-adapter.d.ts.map +1 -0
package/dist/ports/canton/adapters/ledger-api-adapter.js +232 -0
package/dist/ports/canton/adapters/ledger-api-adapter.js.map +1 -0
package/dist/ports/canton/canton-identity.d.ts +60 -0
package/dist/ports/canton/canton-identity.d.ts.map +1 -0
package/dist/ports/canton/canton-identity.js +28 -0
package/dist/ports/canton/canton-identity.js.map +1 -0
package/dist/ports/canton/canton-validator.d.ts +182 -0
package/dist/ports/canton/canton-validator.d.ts.map +1 -0
package/dist/ports/canton/canton-validator.js +39 -0
package/dist/ports/canton/canton-validator.js.map +1 -0
package/dist/ports/canton/fingerprint.d.ts +24 -0
package/dist/ports/canton/fingerprint.d.ts.map +1 -0
package/dist/ports/canton/fingerprint.js +31 -0
package/dist/ports/canton/fingerprint.js.map +1 -0
package/dist/ports/canton/hash.d.ts +37 -0
package/dist/ports/canton/hash.d.ts.map +1 -0
package/dist/ports/canton/hash.js +68 -0
package/dist/ports/canton/hash.js.map +1 -0
package/dist/ports/canton/http.d.ts +64 -0
package/dist/ports/canton/http.d.ts.map +1 -0
package/dist/ports/canton/http.js +177 -0
package/dist/ports/canton/http.js.map +1 -0
package/dist/ports/cross-vm.d.ts +79 -0
package/dist/ports/cross-vm.d.ts.map +1 -0
package/dist/ports/cross-vm.js +81 -0
package/dist/ports/cross-vm.js.map +1 -0
package/dist/ports/index.d.ts +18 -0
package/dist/ports/index.d.ts.map +1 -0
package/dist/ports/index.js +11 -0
package/dist/ports/index.js.map +1 -0
package/dist/ports/tenzro-identity.d.ts +29 -0
package/dist/ports/tenzro-identity.d.ts.map +1 -0
package/dist/ports/tenzro-identity.js +19 -0
package/dist/ports/tenzro-identity.js.map +1 -0
package/dist/ports/tenzro-rpc.d.ts +79 -0
package/dist/ports/tenzro-rpc.d.ts.map +1 -0
package/dist/ports/tenzro-rpc.js +21 -0
package/dist/ports/tenzro-rpc.js.map +1 -0
package/dist/router/index.d.ts +3 -0
package/dist/router/index.d.ts.map +1 -0
package/dist/router/index.js +2 -0
package/dist/router/index.js.map +1 -0
package/dist/router/route.d.ts +17 -0
package/dist/router/route.d.ts.map +1 -0
package/dist/router/route.js +78 -0
package/dist/router/route.js.map +1 -0
package/dist/settlement/nanopayment-flow.d.ts +48 -0
package/dist/settlement/nanopayment-flow.d.ts.map +1 -0
package/dist/settlement/nanopayment-flow.js +111 -0
package/dist/settlement/nanopayment-flow.js.map +1 -0
package/dist/surfaces/canton-external.d.ts +43 -0
package/dist/surfaces/canton-external.d.ts.map +1 -0
package/dist/surfaces/canton-external.js +252 -0
package/dist/surfaces/canton-external.js.map +1 -0
package/dist/surfaces/canton-internal.d.ts +34 -0
package/dist/surfaces/canton-internal.d.ts.map +1 -0
package/dist/surfaces/canton-internal.js +163 -0
package/dist/surfaces/canton-internal.js.map +1 -0
package/dist/surfaces/canton-onboarding.d.ts +64 -0
package/dist/surfaces/canton-onboarding.d.ts.map +1 -0
package/dist/surfaces/canton-onboarding.js +113 -0
package/dist/surfaces/canton-onboarding.js.map +1 -0
package/dist/surfaces/evm-on-tenzro.d.ts +29 -0
package/dist/surfaces/evm-on-tenzro.d.ts.map +1 -0
package/dist/surfaces/evm-on-tenzro.js +226 -0
package/dist/surfaces/evm-on-tenzro.js.map +1 -0
package/dist/surfaces/index.d.ts +13 -0
package/dist/surfaces/index.d.ts.map +1 -0
package/dist/surfaces/index.js +7 -0
package/dist/surfaces/index.js.map +1 -0
package/dist/surfaces/svm-on-tenzro.d.ts +24 -0
package/dist/surfaces/svm-on-tenzro.d.ts.map +1 -0
package/dist/surfaces/svm-on-tenzro.js +238 -0
package/dist/surfaces/svm-on-tenzro.js.map +1 -0
package/dist/surfaces/tenzro-native.d.ts +45 -0
package/dist/surfaces/tenzro-native.d.ts.map +1 -0
package/dist/surfaces/tenzro-native.js +299 -0
package/dist/surfaces/tenzro-native.js.map +1 -0
package/dist/surfaces/util.d.ts +18 -0
package/dist/surfaces/util.d.ts.map +1 -0
package/dist/surfaces/util.js +36 -0
package/dist/surfaces/util.js.map +1 -0
package/dist/types/asset.d.ts +43 -0
package/dist/types/asset.d.ts.map +1 -0
package/dist/types/asset.js +13 -0
package/dist/types/asset.js.map +1 -0
package/dist/types/consent.d.ts +46 -0
package/dist/types/consent.d.ts.map +1 -0
package/dist/types/consent.js +18 -0
package/dist/types/consent.js.map +1 -0
package/dist/types/identity.d.ts +115 -0
package/dist/types/identity.d.ts.map +1 -0
package/dist/types/identity.js +12 -0
package/dist/types/identity.js.map +1 -0
package/dist/types/index.d.ts +10 -0
package/dist/types/index.d.ts.map +1 -0
package/dist/types/index.js +3 -0
package/dist/types/index.js.map +1 -0
package/dist/types/intent.d.ts +132 -0
package/dist/types/intent.d.ts.map +1 -0
package/dist/types/intent.js +8 -0
package/dist/types/intent.js.map +1 -0
package/dist/types/signing-driver.d.ts +48 -0
package/dist/types/signing-driver.d.ts.map +1 -0
package/dist/types/signing-driver.js +9 -0
package/dist/types/signing-driver.js.map +1 -0
package/dist/types/surface-module.d.ts +38 -0
package/dist/types/surface-module.d.ts.map +1 -0
package/dist/types/surface-module.js +19 -0
package/dist/types/surface-module.js.map +1 -0
package/dist/types/surface.d.ts +17 -0
package/dist/types/surface.d.ts.map +1 -0
package/dist/types/surface.js +28 -0
package/dist/types/surface.js.map +1 -0
package/package.json +84 -0

package/dist/custody/frost/coordinator.js ADDED Viewed

@@ -0,0 +1,58 @@
+/**
+ * FrostCoordinator — wallet-side view of the FROST round-coordination
+ * protocol the node hosts at `/wallet/frost/*`. Specified in DESIGN.md
+ * §4.3.4 + §11. Wraps two parallel curves:
+ *
+ *   - FROST-Ed25519 (RFC 9591)         → driver id `frost-ed25519`
+ *   - FROST-secp256k1 (taproot-ready)  → driver id `frost-secp256k1`
+ *
+ * Both curves use the same 3-round flow. The wallet device holds one
+ * secret share (passkey-bound, unwrapped per signing). The node-TEE
+ * holds the second share. A 2-of-2 quorum signs; for 2-of-3 (post-
+ * pairing) any two of {device A, device B, node-TEE} can co-sign.
+ *
+ * Tenzro endpoints (Tenzro implements; wallet kernel only consumes):
+ *
+ *   1. `start({did, scheme, preimage, surfaceKey, purpose?})`
+ *      → `POST /wallet/frost/{scheme}/start`
+ *      Response: `{sessionId, expiresAt, participants[]}` where
+ *      `participants` is the list of co-signer identifiers (passkey
+ *      cred-ids + `node-tee`) the node will round-coordinate against.
+ *
+ *   2. `commit({sessionId, deviceCommitment})`
+ *      → `POST /wallet/frost/{scheme}/commit`
+ *      Round 1: device submits its hiding/binding commitments
+ *      (`(D_i, E_i)` per RFC 9591 §4.1). Response: `{state}`. The node
+ *      blocks the response until enough commitments are in or
+ *      `state === 'aborted'`.
+ *
+ *   3. `awaitChallenge({sessionId})`
+ *      → `POST /wallet/frost/{scheme}/await-challenge`
+ *      Round 2: device long-polls for the aggregated commitment +
+ *      Lagrange-coefficient bundle the node assembled from all
+ *      participants. Response: `{groupCommitment, signerSet, lambda}`.
+ *
+ *   4. `respond({sessionId, deviceShare})`
+ *      → `POST /wallet/frost/{scheme}/respond`
+ *      Round 3: device submits its signature share `z_i`. Response:
+ *      `{state}`. Successful responses commit the share into the round.
+ *
+ *   5. `finalize({sessionId})`
+ *      → `POST /wallet/frost/{scheme}/finalize`
+ *      Device polls for the aggregated signature. Response:
+ *      `{signature}`. Once aggregated, the round is destroyed and
+ *      cannot be replayed.
+ *
+ *   6. `abort({sessionId, reason?})`
+ *      → `POST /wallet/frost/{scheme}/abort`
+ *      Idempotent. Used when the user cancels mid-round.
+ *
+ * The port is intentionally agnostic about how device shares are
+ * unwrapped — that's the passkey-quorum custody layer. The coordinator
+ * only carries opaque commitment / share bytes that the device-side
+ * FROST library produced.
+ *
+ * Browser-clean: `fetch` only. No Node-specific globals.
+ */
+export {};
+//# sourceMappingURL=coordinator.js.map

package/dist/custody/frost/coordinator.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"coordinator.js","sourceRoot":"","sources":["../../../src/custody/frost/coordinator.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAuDG"}

package/dist/custody/frost/ed25519-driver.d.ts ADDED Viewed

@@ -0,0 +1,30 @@
+/**
+ * FROST-Ed25519 device driver. Implements `SigningDriver` by walking
+ * the FROST round protocol against a `FrostCoordinator` (Tenzro-hosted)
+ * and a `FrostDeviceShareHolder` (passkey-unwrapped, device-local).
+ *
+ * Endpoint contracts the coordinator wraps are documented on
+ * `FrostCoordinator`. This file only orchestrates the rounds; it
+ * produces *no* secret material itself.
+ *
+ * Use this driver for:
+ *   - Tenzro-native ed25519 surfaces (non-hybrid).
+ *   - SVM (Solana) surfaces.
+ *   - The Ed25519 leg of a hybrid signature (composed via
+ *     `hybrid-driver.ts`).
+ *
+ * Returns a single 64-byte Ed25519 signature.
+ */
+import type { SigningDriver, SigningRequest } from '../../types/signing-driver.js';
+import type { FrostCoordinator, FrostDeviceShareHolder } from './coordinator.js';
+export interface FrostEd25519Options {
+    readonly coordinator: FrostCoordinator;
+    /**
+     * Resolves the device-share holder for a given signing request. Lets
+     * the host plug in passkey-unwrap (PRF/largeBlob) or escrow-envelope
+     * unwrap without the driver knowing which.
+     */
+    readonly resolveShareHolder: (req: SigningRequest) => Promise<FrostDeviceShareHolder>;
+}
+export declare function frostEd25519Driver(opts: FrostEd25519Options): SigningDriver;
+//# sourceMappingURL=ed25519-driver.d.ts.map

package/dist/custody/frost/ed25519-driver.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"ed25519-driver.d.ts","sourceRoot":"","sources":["../../../src/custody/frost/ed25519-driver.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAEH,OAAO,KAAK,EAAE,aAAa,EAAE,cAAc,EAAiB,MAAM,+BAA+B,CAAC;AAElG,OAAO,KAAK,EAAE,gBAAgB,EAAE,sBAAsB,EAAE,MAAM,kBAAkB,CAAC;AAEjF,MAAM,WAAW,mBAAmB;IAClC,QAAQ,CAAC,WAAW,EAAE,gBAAgB,CAAC;IACvC;;;;OAIG;IACH,QAAQ,CAAC,kBAAkB,EAAE,CAAC,GAAG,EAAE,cAAc,KAAK,OAAO,CAAC,sBAAsB,CAAC,CAAC;CACvF;AAED,wBAAgB,kBAAkB,CAAC,IAAI,EAAE,mBAAmB,GAAG,aAAa,CA8D3E"}

package/dist/custody/frost/ed25519-driver.js ADDED Viewed

@@ -0,0 +1,76 @@
+/**
+ * FROST-Ed25519 device driver. Implements `SigningDriver` by walking
+ * the FROST round protocol against a `FrostCoordinator` (Tenzro-hosted)
+ * and a `FrostDeviceShareHolder` (passkey-unwrapped, device-local).
+ *
+ * Endpoint contracts the coordinator wraps are documented on
+ * `FrostCoordinator`. This file only orchestrates the rounds; it
+ * produces *no* secret material itself.
+ *
+ * Use this driver for:
+ *   - Tenzro-native ed25519 surfaces (non-hybrid).
+ *   - SVM (Solana) surfaces.
+ *   - The Ed25519 leg of a hybrid signature (composed via
+ *     `hybrid-driver.ts`).
+ *
+ * Returns a single 64-byte Ed25519 signature.
+ */
+import { surfaceKeyId } from "../surface-key-id.js";
+export function frostEd25519Driver(opts) {
+    return {
+        id: 'frost-ed25519',
+        async sign(req) {
+            if (req.scheme !== 'ed25519' && req.scheme !== 'ed25519+ml-dsa-65') {
+                throw new Error(`frost-ed25519 driver cannot sign scheme '${req.scheme}'`);
+            }
+            const holder = await opts.resolveShareHolder(req);
+            if (holder.scheme !== 'ed25519') {
+                throw new Error(`share-holder scheme mismatch: expected ed25519, got ${holder.scheme}`);
+            }
+            let sessionId;
+            try {
+                const started = await opts.coordinator.start({
+                    did: req.did.toString(),
+                    surfaceKey: surfaceKeyId(req.surfaceKey),
+                    scheme: 'ed25519',
+                    preimage: req.preimage,
+                    ...(req.purpose !== undefined ? { purpose: req.purpose } : {}),
+                });
+                sessionId = started.sessionId;
+                const deviceCommitment = await holder.commit();
+                await opts.coordinator.commit({ sessionId, deviceCommitment });
+                const challenge = await opts.coordinator.awaitChallenge(sessionId);
+                if (challenge.state !== 'committed') {
+                    throw new Error(`frost round in unexpected state: ${challenge.state}`);
+                }
+                const deviceShare = await holder.respond({
+                    preimage: req.preimage,
+                    groupCommitment: challenge.groupCommitment,
+                    signerSet: challenge.signerSet,
+                    lambda: challenge.lambda,
+                });
+                await opts.coordinator.respond({ sessionId, deviceShare });
+                const finalized = await opts.coordinator.finalize(sessionId);
+                if (finalized.state !== 'finalized' || !finalized.signature) {
+                    throw new Error(`frost-ed25519 finalize returned state=${finalized.state}`);
+                }
+                if (finalized.signature.length !== 64) {
+                    throw new Error(`frost-ed25519 signature has wrong length: ${finalized.signature.length}`);
+                }
+                return { signatures: [finalized.signature] };
+            }
+            catch (err) {
+                if (sessionId !== undefined) {
+                    await opts.coordinator
+                        .abort(sessionId, err instanceof Error ? err.message : 'unknown')
+                        .catch(() => undefined);
+                }
+                throw err;
+            }
+            finally {
+                holder.dispose?.();
+            }
+        },
+    };
+}
+//# sourceMappingURL=ed25519-driver.js.map

package/dist/custody/frost/ed25519-driver.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"ed25519-driver.js","sourceRoot":"","sources":["../../../src/custody/frost/ed25519-driver.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAGH,OAAO,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AAapD,MAAM,UAAU,kBAAkB,CAAC,IAAyB;IAC1D,OAAO;QACL,EAAE,EAAE,eAAe;QACnB,KAAK,CAAC,IAAI,CAAC,GAAmB;YAC5B,IAAI,GAAG,CAAC,MAAM,KAAK,SAAS,IAAI,GAAG,CAAC,MAAM,KAAK,mBAAmB,EAAE,CAAC;gBACnE,MAAM,IAAI,KAAK,CAAC,4CAA4C,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC;YAC7E,CAAC;YAED,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,GAAG,CAAC,CAAC;YAClD,IAAI,MAAM,CAAC,MAAM,KAAK,SAAS,EAAE,CAAC;gBAChC,MAAM,IAAI,KAAK,CAAC,uDAAuD,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC;YAC1F,CAAC;YAED,IAAI,SAA6B,CAAC;YAClC,IAAI,CAAC;gBACH,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC;oBAC3C,GAAG,EAAE,GAAG,CAAC,GAAG,CAAC,QAAQ,EAAE;oBACvB,UAAU,EAAE,YAAY,CAAC,GAAG,CAAC,UAAU,CAAC;oBACxC,MAAM,EAAE,SAAS;oBACjB,QAAQ,EAAE,GAAG,CAAC,QAAQ;oBACtB,GAAG,CAAC,GAAG,CAAC,OAAO,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;iBAC/D,CAAC,CAAC;gBACH,SAAS,GAAG,OAAO,CAAC,SAAS,CAAC;gBAE9B,MAAM,gBAAgB,GAAG,MAAM,MAAM,CAAC,MAAM,EAAE,CAAC;gBAC/C,MAAM,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,EAAE,SAAS,EAAE,gBAAgB,EAAE,CAAC,CAAC;gBAE/D,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,cAAc,CAAC,SAAS,CAAC,CAAC;gBACnE,IAAI,SAAS,CAAC,KAAK,KAAK,WAAW,EAAE,CAAC;oBACpC,MAAM,IAAI,KAAK,CAAC,oCAAoC,SAAS,CAAC,KAAK,EAAE,CAAC,CAAC;gBACzE,CAAC;gBAED,MAAM,WAAW,GAAG,MAAM,MAAM,CAAC,OAAO,CAAC;oBACvC,QAAQ,EAAE,GAAG,CAAC,QAAQ;oBACtB,eAAe,EAAE,SAAS,CAAC,eAAe;oBAC1C,SAAS,EAAE,SAAS,CAAC,SAAS;oBAC9B,MAAM,EAAE,SAAS,CAAC,MAAM;iBACzB,CAAC,CAAC;gBACH,MAAM,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,EAAE,SAAS,EAAE,WAAW,EAAE,CAAC,CAAC;gBAE3D,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC;gBAC7D,IAAI,SAAS,CAAC,KAAK,KAAK,WAAW,IAAI,CAAC,SAAS,CAAC,SAAS,EAAE,CAAC;oBAC5D,MAAM,IAAI,KAAK,CAAC,yCAAyC,SAAS,CAAC,KAAK,EAAE,CAAC,CAAC;gBAC9E,CAAC;gBACD,IAAI,SAAS,CAAC,SAAS,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;oBACtC,MAAM,IAAI,KAAK,CACb,6CAA6C,SAAS,CAAC,SAAS,CAAC,MAAM,EAAE,CAC1E,CAAC;gBACJ,CAAC;gBACD,OAAO,EAAE,UAAU,EAAE,CAAC,SAAS,CAAC,SAAS,CAAC,EAAE,CAAC;YAC/C,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,IAAI,SAAS,KAAK,SAAS,EAAE,CAAC;oBAC5B,MAAM,IAAI,CAAC,WAAW;yBACnB,KAAK,CAAC,SAAS,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;yBAChE,KAAK,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,CAAC;gBAC5B,CAAC;gBACD,MAAM,GAAG,CAAC;YACZ,CAAC;oBAAS,CAAC;gBACT,MAAM,CAAC,OAAO,EAAE,EAAE,CAAC;YACrB,CAAC;QACH,CAAC;KACF,CAAC;AACJ,CAAC"}

package/dist/custody/frost/http-adapter.d.ts ADDED Viewed

@@ -0,0 +1,77 @@
+/**
+ * FrostHttpAdapter — fetch-based driver against a Tenzro RPC node's
+ * `/wallet/frost/{ed25519,secp256k1}/*` endpoints. Implements the
+ * `FrostCoordinator` port; mirrors `PairingHttpAdapter` for shape.
+ *
+ * Wire shape per `coordinator.ts` header + DESIGN.md §10.2:
+ *
+ *   POST /wallet/frost/{ed25519|secp256k1}/start
+ *     body  = { did, surface_key, scheme, preimage_b64, purpose? }
+ *     reply = { session_id, expires_at, participants[] }
+ *
+ *   POST /wallet/frost/{ed25519|secp256k1}/commit
+ *     body  = { session_id, device_commitment_b64 }
+ *     reply = { session_id, state }
+ *
+ *   POST /wallet/frost/{ed25519|secp256k1}/await-challenge
+ *     body  = { session_id }            (long-poll)
+ *     reply = { session_id, state, group_commitment_b64,
+ *               signer_set[], lambda_b64 }
+ *
+ *   POST /wallet/frost/{ed25519|secp256k1}/respond
+ *     body  = { session_id, device_share_b64 }
+ *     reply = { session_id, state }
+ *
+ *   POST /wallet/frost/{ed25519|secp256k1}/finalize
+ *     body  = { session_id }
+ *     reply = { session_id, state, signature_b64? }
+ *
+ *   POST /wallet/frost/{ed25519|secp256k1}/abort
+ *     body  = { session_id, reason? }
+ *     reply = 204 No Content (idempotent)
+ *
+ * Bytes on the wire are standard base64 (RFC 4648 §4) — same convention
+ * the Canton ledger HTTP layer uses. The `_b64` suffix on field names is
+ * load-bearing: it tells reviewers and the node what to expect without
+ * having to read the schema. Decoding/encoding happens at this boundary
+ * only; the port surface is `Uint8Array`.
+ *
+ * The `/wallet/*` endpoints are pre-auth: the FROST round itself is
+ * authenticated by the device share + node-TEE quorum, not by an
+ * `Authorization` header. Auth on `/wallet/frost/start` is by the
+ * caller's session (DPoP-bound bearer for M2-style sessions, passkey
+ * assertion for M5). Threading that auth is the host app's job — the
+ * adapter accepts an optional `headers` callback for it.
+ *
+ * Browser-clean: `fetch` only. No Node-specific globals.
+ */
+import type { FrostChallenge, FrostCommitRequest, FrostCommitResult, FrostCoordinator, FrostFinalizeResult, FrostRespondRequest, FrostRespondResult, FrostStartRequest, FrostStartResult } from './coordinator.js';
+export interface FrostHttpConfig {
+    /** Base URL of the Tenzro RPC node, e.g. `https://rpc.tenzro.network`. */
+    readonly baseUrl: string;
+    /** Optional `fetch` override for tests. */
+    readonly fetch?: typeof fetch;
+    /**
+     * Per-request headers (e.g. `{ Authorization: 'DPoP …', DPoP: '…' }`).
+     * Called for every request — let the host rotate proofs as needed.
+     * Returning `{}` is fine; the adapter always sets `content-type`.
+     */
+    readonly headers?: () => Promise<Record<string, string>> | Record<string, string>;
+}
+export declare class FrostHttpError extends Error {
+    readonly status: number;
+    readonly url: string;
+    readonly body: string;
+    constructor(status: number, url: string, body: string);
+}
+export declare class FrostHttpAdapter implements FrostCoordinator {
+    #private;
+    constructor(cfg: FrostHttpConfig);
+    start(req: FrostStartRequest): Promise<FrostStartResult>;
+    commit(req: FrostCommitRequest): Promise<FrostCommitResult>;
+    awaitChallenge(sessionId: string): Promise<FrostChallenge>;
+    respond(req: FrostRespondRequest): Promise<FrostRespondResult>;
+    finalize(sessionId: string): Promise<FrostFinalizeResult>;
+    abort(sessionId: string, reason?: string): Promise<void>;
+}
+//# sourceMappingURL=http-adapter.d.ts.map

package/dist/custody/frost/http-adapter.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"http-adapter.d.ts","sourceRoot":"","sources":["../../../src/custody/frost/http-adapter.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA8CG;AAEH,OAAO,KAAK,EACV,cAAc,EACd,kBAAkB,EAClB,iBAAiB,EACjB,gBAAgB,EAChB,mBAAmB,EAEnB,mBAAmB,EACnB,kBAAkB,EAGlB,iBAAiB,EACjB,gBAAgB,EACjB,MAAM,kBAAkB,CAAC;AAE1B,MAAM,WAAW,eAAe;IAC9B,0EAA0E;IAC1E,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;IACzB,2CAA2C;IAC3C,QAAQ,CAAC,KAAK,CAAC,EAAE,OAAO,KAAK,CAAC;IAC9B;;;;OAIG;IACH,QAAQ,CAAC,OAAO,CAAC,EAAE,MAAM,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CACnF;AAED,qBAAa,cAAe,SAAQ,KAAK;IAErC,QAAQ,CAAC,MAAM,EAAE,MAAM;IACvB,QAAQ,CAAC,GAAG,EAAE,MAAM;IACpB,QAAQ,CAAC,IAAI,EAAE,MAAM;gBAFZ,MAAM,EAAE,MAAM,EACd,GAAG,EAAE,MAAM,EACX,IAAI,EAAE,MAAM;CAKxB;AAoBD,qBAAa,gBAAiB,YAAW,gBAAgB;;gBAK3C,GAAG,EAAE,eAAe;IAI1B,KAAK,CAAC,GAAG,EAAE,iBAAiB,GAAG,OAAO,CAAC,gBAAgB,CAAC;IAgBxD,MAAM,CAAC,GAAG,EAAE,kBAAkB,GAAG,OAAO,CAAC,iBAAiB,CAAC;IAQ3D,cAAc,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,cAAc,CAAC;IAa1D,OAAO,CAAC,GAAG,EAAE,mBAAmB,GAAG,OAAO,CAAC,kBAAkB,CAAC;IAQ9D,QAAQ,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,mBAAmB,CAAC;IAWzD,KAAK,CAAC,SAAS,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;CAiC/D"}

package/dist/custody/frost/http-adapter.js ADDED Viewed

@@ -0,0 +1,168 @@
+/**
+ * FrostHttpAdapter — fetch-based driver against a Tenzro RPC node's
+ * `/wallet/frost/{ed25519,secp256k1}/*` endpoints. Implements the
+ * `FrostCoordinator` port; mirrors `PairingHttpAdapter` for shape.
+ *
+ * Wire shape per `coordinator.ts` header + DESIGN.md §10.2:
+ *
+ *   POST /wallet/frost/{ed25519|secp256k1}/start
+ *     body  = { did, surface_key, scheme, preimage_b64, purpose? }
+ *     reply = { session_id, expires_at, participants[] }
+ *
+ *   POST /wallet/frost/{ed25519|secp256k1}/commit
+ *     body  = { session_id, device_commitment_b64 }
+ *     reply = { session_id, state }
+ *
+ *   POST /wallet/frost/{ed25519|secp256k1}/await-challenge
+ *     body  = { session_id }            (long-poll)
+ *     reply = { session_id, state, group_commitment_b64,
+ *               signer_set[], lambda_b64 }
+ *
+ *   POST /wallet/frost/{ed25519|secp256k1}/respond
+ *     body  = { session_id, device_share_b64 }
+ *     reply = { session_id, state }
+ *
+ *   POST /wallet/frost/{ed25519|secp256k1}/finalize
+ *     body  = { session_id }
+ *     reply = { session_id, state, signature_b64? }
+ *
+ *   POST /wallet/frost/{ed25519|secp256k1}/abort
+ *     body  = { session_id, reason? }
+ *     reply = 204 No Content (idempotent)
+ *
+ * Bytes on the wire are standard base64 (RFC 4648 §4) — same convention
+ * the Canton ledger HTTP layer uses. The `_b64` suffix on field names is
+ * load-bearing: it tells reviewers and the node what to expect without
+ * having to read the schema. Decoding/encoding happens at this boundary
+ * only; the port surface is `Uint8Array`.
+ *
+ * The `/wallet/*` endpoints are pre-auth: the FROST round itself is
+ * authenticated by the device share + node-TEE quorum, not by an
+ * `Authorization` header. Auth on `/wallet/frost/start` is by the
+ * caller's session (DPoP-bound bearer for M2-style sessions, passkey
+ * assertion for M5). Threading that auth is the host app's job — the
+ * adapter accepts an optional `headers` callback for it.
+ *
+ * Browser-clean: `fetch` only. No Node-specific globals.
+ */
+export class FrostHttpError extends Error {
+    status;
+    url;
+    body;
+    constructor(status, url, body) {
+        super(`frost http ${status} on ${url}: ${body.length > 200 ? body.slice(0, 200) + '…' : body}`);
+        this.status = status;
+        this.url = url;
+        this.body = body;
+        this.name = 'FrostHttpError';
+    }
+}
+export class FrostHttpAdapter {
+    #cfg;
+    /** Pinned at `start()` so subsequent calls hit the right curve path. */
+    #scheme;
+    constructor(cfg) {
+        this.#cfg = cfg;
+    }
+    async start(req) {
+        this.#scheme = req.scheme;
+        const raw = await this.#post('start', {
+            did: req.did,
+            surface_key: req.surfaceKey,
+            scheme: req.scheme,
+            preimage_b64: bytesToBase64(req.preimage),
+            ...(req.purpose !== undefined ? { purpose: req.purpose } : {}),
+        });
+        return {
+            sessionId: raw.session_id,
+            expiresAt: raw.expires_at,
+            participants: raw.participants,
+        };
+    }
+    async commit(req) {
+        const raw = await this.#post('commit', {
+            session_id: req.sessionId,
+            device_commitment_b64: bytesToBase64(req.deviceCommitment),
+        });
+        return { sessionId: raw.session_id, state: raw.state };
+    }
+    async awaitChallenge(sessionId) {
+        const raw = await this.#post('await-challenge', {
+            session_id: sessionId,
+        });
+        return {
+            sessionId: raw.session_id,
+            state: raw.state,
+            groupCommitment: base64ToBytes(raw.group_commitment_b64),
+            signerSet: raw.signer_set,
+            lambda: base64ToBytes(raw.lambda_b64),
+        };
+    }
+    async respond(req) {
+        const raw = await this.#post('respond', {
+            session_id: req.sessionId,
+            device_share_b64: bytesToBase64(req.deviceShare),
+        });
+        return { sessionId: raw.session_id, state: raw.state };
+    }
+    async finalize(sessionId) {
+        const raw = await this.#post('finalize', {
+            session_id: sessionId,
+        });
+        return {
+            sessionId: raw.session_id,
+            state: raw.state,
+            ...(raw.signature_b64 !== undefined ? { signature: base64ToBytes(raw.signature_b64) } : {}),
+        };
+    }
+    async abort(sessionId, reason) {
+        await this.#post('abort', {
+            session_id: sessionId,
+            ...(reason !== undefined ? { reason } : {}),
+        });
+    }
+    // --- internals ---
+    /**
+     * The curve segment of the path is selected by the scheme pinned at
+     * `start()`. Calling any other method before `start()` is a programmer
+     * error — the FROST drivers always start before commit/respond.
+     */
+    async #post(action, body) {
+        if (!this.#scheme) {
+            throw new Error(`FrostHttpAdapter: cannot call ${action} before start() pins the scheme`);
+        }
+        const f = this.#cfg.fetch ?? globalThis.fetch;
+        const url = this.#cfg.baseUrl.replace(/\/+$/, '') + `/wallet/frost/${this.#scheme}/${action}`;
+        const extraHeaders = this.#cfg.headers ? await this.#cfg.headers() : {};
+        const res = await f(url, {
+            method: 'POST',
+            headers: { 'content-type': 'application/json', ...extraHeaders },
+            body: JSON.stringify(body),
+        });
+        if (!res.ok) {
+            const text = await res.text().catch(() => '');
+            throw new FrostHttpError(res.status, url, text);
+        }
+        if (res.status === 204)
+            return undefined;
+        return (await res.json());
+    }
+}
+// ─── base64 helpers ───────────────────────────────────────────────────────
+// Local to this file (matches the htlc-escrow-adapter pattern). Standard
+// base64, not base64url — the Tenzro RPC layer uses the same encoding the
+// Canton JSON Ledger API does.
+function bytesToBase64(bytes) {
+    let s = '';
+    for (let i = 0; i < bytes.length; i++)
+        s += String.fromCharCode(bytes[i]);
+    return btoa(s);
+}
+function base64ToBytes(b64) {
+    const bin = atob(b64);
+    const out = new Uint8Array(bin.length);
+    for (let i = 0; i < bin.length; i++)
+        out[i] = bin.charCodeAt(i);
+    return out;
+}
+//# sourceMappingURL=http-adapter.js.map

package/dist/custody/frost/http-adapter.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"http-adapter.js","sourceRoot":"","sources":["../../../src/custody/frost/http-adapter.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA8CG;AA8BH,MAAM,OAAO,cAAe,SAAQ,KAAK;IAE5B;IACA;IACA;IAHX,YACW,MAAc,EACd,GAAW,EACX,IAAY;QAErB,KAAK,CAAC,cAAc,MAAM,OAAO,GAAG,KAAK,IAAI,CAAC,MAAM,GAAG,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;QAJvF,WAAM,GAAN,MAAM,CAAQ;QACd,QAAG,GAAH,GAAG,CAAQ;QACX,SAAI,GAAJ,IAAI,CAAQ;QAGrB,IAAI,CAAC,IAAI,GAAG,gBAAgB,CAAC;IAC/B,CAAC;CACF;AAoBD,MAAM,OAAO,gBAAgB;IAClB,IAAI,CAAkB;IAC/B,wEAAwE;IACxE,OAAO,CAA0B;IAEjC,YAAY,GAAoB;QAC9B,IAAI,CAAC,IAAI,GAAG,GAAG,CAAC;IAClB,CAAC;IAED,KAAK,CAAC,KAAK,CAAC,GAAsB;QAChC,IAAI,CAAC,OAAO,GAAG,GAAG,CAAC,MAAM,CAAC;QAC1B,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,KAAK,CAAW,OAAO,EAAE;YAC9C,GAAG,EAAE,GAAG,CAAC,GAAG;YACZ,WAAW,EAAE,GAAG,CAAC,UAAU;YAC3B,MAAM,EAAE,GAAG,CAAC,MAAM;YAClB,YAAY,EAAE,aAAa,CAAC,GAAG,CAAC,QAAQ,CAAC;YACzC,GAAG,CAAC,GAAG,CAAC,OAAO,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SAC/D,CAAC,CAAC;QACH,OAAO;YACL,SAAS,EAAE,GAAG,CAAC,UAAU;YACzB,SAAS,EAAE,GAAG,CAAC,UAAU;YACzB,YAAY,EAAE,GAAG,CAAC,YAAY;SAC/B,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,GAAuB;QAClC,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,KAAK,CAAa,QAAQ,EAAE;YACjD,UAAU,EAAE,GAAG,CAAC,SAAS;YACzB,qBAAqB,EAAE,aAAa,CAAC,GAAG,CAAC,gBAAgB,CAAC;SAC3D,CAAC,CAAC;QACH,OAAO,EAAE,SAAS,EAAE,GAAG,CAAC,UAAU,EAAE,KAAK,EAAE,GAAG,CAAC,KAAK,EAAE,CAAC;IACzD,CAAC;IAED,KAAK,CAAC,cAAc,CAAC,SAAiB;QACpC,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,KAAK,CAAe,iBAAiB,EAAE;YAC5D,UAAU,EAAE,SAAS;SACtB,CAAC,CAAC;QACH,OAAO;YACL,SAAS,EAAE,GAAG,CAAC,UAAU;YACzB,KAAK,EAAE,GAAG,CAAC,KAAK;YAChB,eAAe,EAAE,aAAa,CAAC,GAAG,CAAC,oBAAoB,CAAC;YACxD,SAAS,EAAE,GAAG,CAAC,UAAU;YACzB,MAAM,EAAE,aAAa,CAAC,GAAG,CAAC,UAAU,CAAC;SACtC,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,OAAO,CAAC,GAAwB;QACpC,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,KAAK,CAAa,SAAS,EAAE;YAClD,UAAU,EAAE,GAAG,CAAC,SAAS;YACzB,gBAAgB,EAAE,aAAa,CAAC,GAAG,CAAC,WAAW,CAAC;SACjD,CAAC,CAAC;QACH,OAAO,EAAE,SAAS,EAAE,GAAG,CAAC,UAAU,EAAE,KAAK,EAAE,GAAG,CAAC,KAAK,EAAE,CAAC;IACzD,CAAC;IAED,KAAK,CAAC,QAAQ,CAAC,SAAiB;QAC9B,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,KAAK,CAAc,UAAU,EAAE;YACpD,UAAU,EAAE,SAAS;SACtB,CAAC,CAAC;QACH,OAAO;YACL,SAAS,EAAE,GAAG,CAAC,UAAU;YACzB,KAAK,EAAE,GAAG,CAAC,KAAK;YAChB,GAAG,CAAC,GAAG,CAAC,aAAa,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,SAAS,EAAE,aAAa,CAAC,GAAG,CAAC,aAAa,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SAC5F,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,KAAK,CAAC,SAAiB,EAAE,MAAe;QAC5C,MAAM,IAAI,CAAC,KAAK,CAAU,OAAO,EAAE;YACjC,UAAU,EAAE,SAAS;YACrB,GAAG,CAAC,MAAM,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SAC5C,CAAC,CAAC;IACL,CAAC;IAED,oBAAoB;IAEpB;;;;OAIG;IACH,KAAK,CAAC,KAAK,CAAO,MAAc,EAAE,IAAa;QAC7C,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;YAClB,MAAM,IAAI,KAAK,CAAC,iCAAiC,MAAM,iCAAiC,CAAC,CAAC;QAC5F,CAAC;QACD,MAAM,CAAC,GAAG,IAAI,CAAC,IAAI,CAAC,KAAK,IAAI,UAAU,CAAC,KAAK,CAAC;QAC9C,MAAM,GAAG,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,GAAG,iBAAiB,IAAI,CAAC,OAAO,IAAI,MAAM,EAAE,CAAC;QAC9F,MAAM,YAAY,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QACxE,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,GAAG,EAAE;YACvB,MAAM,EAAE,MAAM;YACd,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,GAAG,YAAY,EAAE;YAChE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC;SAC3B,CAAC,CAAC;QACH,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;YACZ,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC;YAC9C,MAAM,IAAI,cAAc,CAAC,GAAG,CAAC,MAAM,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC;QAClD,CAAC;QACD,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG;YAAE,OAAO,SAAiB,CAAC;QACjD,OAAO,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAAS,CAAC;IACpC,CAAC;CACF;AAED,6EAA6E;AAC7E,yEAAyE;AACzE,0EAA0E;AAC1E,+BAA+B;AAE/B,SAAS,aAAa,CAAC,KAAiB;IACtC,IAAI,CAAC,GAAG,EAAE,CAAC;IACX,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE;QAAE,CAAC,IAAI,MAAM,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC,CAAE,CAAC,CAAC;IAC3E,OAAO,IAAI,CAAC,CAAC,CAAC,CAAC;AACjB,CAAC;AAED,SAAS,aAAa,CAAC,GAAW;IAChC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC;IACtB,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IACvC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC,EAAE;QAAE,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;IAChE,OAAO,GAAG,CAAC;AACb,CAAC"}

package/dist/custody/frost/hybrid-driver.d.ts ADDED Viewed

@@ -0,0 +1,37 @@
+/**
+ * Hybrid (Ed25519 + ML-DSA-65) signing driver for Tenzro-native
+ * surfaces. Per DESIGN.md §4.3.4 + §11, the Ed25519 leg is
+ * threshold-signed across the passkey quorum (FROST-Ed25519); the
+ * ML-DSA-65 leg is supplied by the node TEE alone — there is no
+ * audited threshold ML-DSA implementation as of 2026-04, so the leg
+ * is single-party until NIST IR 8214B + FROST-PQ mature.
+ *
+ * Tenzro endpoints:
+ *
+ *   - The Ed25519 leg uses `FrostCoordinator` against
+ *     `/wallet/frost/ed25519/*` (see `coordinator.ts`).
+ *   - The ML-DSA-65 leg uses `MlDsaCoordinator` against
+ *     `/wallet/mldsa/*` (see `../mldsa/coordinator.ts`).
+ *
+ * Returns a 2-element `signatures` array:
+ *   [0] = 64-byte FROST-Ed25519 signature
+ *   [1] = 3293-byte ML-DSA-65 signature
+ *
+ * The hybrid driver stitches the two legs in parallel — the Ed25519
+ * threshold round and the ML-DSA TEE call run concurrently, so
+ * latency is `max(frost, mldsa)`, not the sum.
+ *
+ * When the underlying ML-DSA coordinator advertises threshold
+ * capability (see DESIGN.md §11), this driver swaps over without the
+ * caller noticing, as long as the response stays a single 3293-byte
+ * signature.
+ */
+import type { SigningDriver } from '../../types/signing-driver.js';
+import type { MlDsaCoordinator } from '../mldsa/coordinator.js';
+import { type FrostEd25519Options } from './ed25519-driver.js';
+export interface HybridDriverOptions extends FrostEd25519Options {
+    /** ML-DSA-65 coordinator. Today: TEE-only. Future: threshold. */
+    readonly mlDsaCoordinator: MlDsaCoordinator;
+}
+export declare function hybridEd25519MlDsaDriver(opts: HybridDriverOptions): SigningDriver;
+//# sourceMappingURL=hybrid-driver.d.ts.map

package/dist/custody/frost/hybrid-driver.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"hybrid-driver.d.ts","sourceRoot":"","sources":["../../../src/custody/frost/hybrid-driver.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;GA2BG;AAEH,OAAO,KAAK,EAAE,aAAa,EAAiC,MAAM,+BAA+B,CAAC;AAClG,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAEhE,OAAO,EAAE,KAAK,mBAAmB,EAAsB,MAAM,qBAAqB,CAAC;AAEnF,MAAM,WAAW,mBAAoB,SAAQ,mBAAmB;IAC9D,iEAAiE;IACjE,QAAQ,CAAC,gBAAgB,EAAE,gBAAgB,CAAC;CAC7C;AAED,wBAAgB,wBAAwB,CAAC,IAAI,EAAE,mBAAmB,GAAG,aAAa,CAkCjF"}

package/dist/custody/frost/hybrid-driver.js ADDED Viewed

@@ -0,0 +1,60 @@
+/**
+ * Hybrid (Ed25519 + ML-DSA-65) signing driver for Tenzro-native
+ * surfaces. Per DESIGN.md §4.3.4 + §11, the Ed25519 leg is
+ * threshold-signed across the passkey quorum (FROST-Ed25519); the
+ * ML-DSA-65 leg is supplied by the node TEE alone — there is no
+ * audited threshold ML-DSA implementation as of 2026-04, so the leg
+ * is single-party until NIST IR 8214B + FROST-PQ mature.
+ *
+ * Tenzro endpoints:
+ *
+ *   - The Ed25519 leg uses `FrostCoordinator` against
+ *     `/wallet/frost/ed25519/*` (see `coordinator.ts`).
+ *   - The ML-DSA-65 leg uses `MlDsaCoordinator` against
+ *     `/wallet/mldsa/*` (see `../mldsa/coordinator.ts`).
+ *
+ * Returns a 2-element `signatures` array:
+ *   [0] = 64-byte FROST-Ed25519 signature
+ *   [1] = 3293-byte ML-DSA-65 signature
+ *
+ * The hybrid driver stitches the two legs in parallel — the Ed25519
+ * threshold round and the ML-DSA TEE call run concurrently, so
+ * latency is `max(frost, mldsa)`, not the sum.
+ *
+ * When the underlying ML-DSA coordinator advertises threshold
+ * capability (see DESIGN.md §11), this driver swaps over without the
+ * caller noticing, as long as the response stays a single 3293-byte
+ * signature.
+ */
+import { surfaceKeyId } from "../surface-key-id.js";
+import { frostEd25519Driver } from "./ed25519-driver.js";
+export function hybridEd25519MlDsaDriver(opts) {
+    const ed25519 = frostEd25519Driver(opts);
+    return {
+        id: 'hybrid-ed25519-mldsa',
+        async sign(req) {
+            if (req.scheme !== 'ed25519+ml-dsa-65') {
+                throw new Error(`hybrid driver cannot sign scheme '${req.scheme}'`);
+            }
+            // Run both legs in parallel — neither depends on the other.
+            const [ed, ml] = await Promise.all([
+                ed25519.sign(req),
+                opts.mlDsaCoordinator.sign({
+                    did: req.did.toString(),
+                    surfaceKey: surfaceKeyId(req.surfaceKey),
+                    preimage: req.preimage,
+                    ...(req.purpose !== undefined ? { purpose: req.purpose } : {}),
+                }),
+            ]);
+            const edSig = ed.signatures[0];
+            if (!edSig || edSig.length !== 64) {
+                throw new Error('hybrid: ed25519 leg returned wrong-length signature');
+            }
+            if (ml.signature.length !== 3293) {
+                throw new Error(`hybrid: ml-dsa leg returned wrong-length signature: ${ml.signature.length}`);
+            }
+            return { signatures: [edSig, ml.signature] };
+        },
+    };
+}
+//# sourceMappingURL=hybrid-driver.js.map

package/dist/custody/frost/hybrid-driver.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"hybrid-driver.js","sourceRoot":"","sources":["../../../src/custody/frost/hybrid-driver.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;GA2BG;AAIH,OAAO,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AACpD,OAAO,EAA4B,kBAAkB,EAAE,MAAM,qBAAqB,CAAC;AAOnF,MAAM,UAAU,wBAAwB,CAAC,IAAyB;IAChE,MAAM,OAAO,GAAG,kBAAkB,CAAC,IAAI,CAAC,CAAC;IAEzC,OAAO;QACL,EAAE,EAAE,sBAAsB;QAC1B,KAAK,CAAC,IAAI,CAAC,GAAmB;YAC5B,IAAI,GAAG,CAAC,MAAM,KAAK,mBAAmB,EAAE,CAAC;gBACvC,MAAM,IAAI,KAAK,CAAC,qCAAqC,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC;YACtE,CAAC;YAED,4DAA4D;YAC5D,MAAM,CAAC,EAAE,EAAE,EAAE,CAAC,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC;gBACjC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC;gBACjB,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC;oBACzB,GAAG,EAAE,GAAG,CAAC,GAAG,CAAC,QAAQ,EAAE;oBACvB,UAAU,EAAE,YAAY,CAAC,GAAG,CAAC,UAAU,CAAC;oBACxC,QAAQ,EAAE,GAAG,CAAC,QAAQ;oBACtB,GAAG,CAAC,GAAG,CAAC,OAAO,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;iBAC/D,CAAC;aACH,CAAC,CAAC;YAEH,MAAM,KAAK,GAAG,EAAE,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;YAC/B,IAAI,CAAC,KAAK,IAAI,KAAK,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;gBAClC,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAC;YACzE,CAAC;YACD,IAAI,EAAE,CAAC,SAAS,CAAC,MAAM,KAAK,IAAI,EAAE,CAAC;gBACjC,MAAM,IAAI,KAAK,CACb,uDAAuD,EAAE,CAAC,SAAS,CAAC,MAAM,EAAE,CAC7E,CAAC;YACJ,CAAC;YAED,OAAO,EAAE,UAAU,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,SAAS,CAAC,EAAE,CAAC;QAC/C,CAAC;KACF,CAAC;AACJ,CAAC"}

package/dist/custody/frost/index.d.ts ADDED Viewed

@@ -0,0 +1,12 @@
+export type { FrostCoordinator, FrostScheme, FrostSessionState, FrostParticipantId, FrostStartRequest, FrostStartResult, FrostCommitRequest, FrostCommitResult, FrostChallenge, FrostRespondRequest, FrostRespondResult, FrostFinalizeResult, FrostDeviceShareHolder, } from './coordinator.js';
+export { frostEd25519Driver } from './ed25519-driver.js';
+export type { FrostEd25519Options } from './ed25519-driver.js';
+export { frostSecp256k1Driver } from './secp256k1-driver.js';
+export type { FrostSecp256k1Options } from './secp256k1-driver.js';
+export { hybridEd25519MlDsaDriver } from './hybrid-driver.js';
+export type { HybridDriverOptions } from './hybrid-driver.js';
+export { FrostHttpAdapter, FrostHttpError } from './http-adapter.js';
+export type { FrostHttpConfig } from './http-adapter.js';
+export { FrostBackendUnavailable, composeFrostBackend, frostBackendUnavailable, } from './backend.js';
+export type { FrostBackend } from './backend.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/custody/frost/index.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/custody/frost/index.ts"],"names":[],"mappings":"AAAA,YAAY,EACV,gBAAgB,EAChB,WAAW,EACX,iBAAiB,EACjB,kBAAkB,EAClB,iBAAiB,EACjB,gBAAgB,EAChB,kBAAkB,EAClB,iBAAiB,EACjB,cAAc,EACd,mBAAmB,EACnB,kBAAkB,EAClB,mBAAmB,EACnB,sBAAsB,GACvB,MAAM,kBAAkB,CAAC;AAC1B,OAAO,EAAE,kBAAkB,EAAE,MAAM,qBAAqB,CAAC;AACzD,YAAY,EAAE,mBAAmB,EAAE,MAAM,qBAAqB,CAAC;AAC/D,OAAO,EAAE,oBAAoB,EAAE,MAAM,uBAAuB,CAAC;AAC7D,YAAY,EAAE,qBAAqB,EAAE,MAAM,uBAAuB,CAAC;AACnE,OAAO,EAAE,wBAAwB,EAAE,MAAM,oBAAoB,CAAC;AAC9D,YAAY,EAAE,mBAAmB,EAAE,MAAM,oBAAoB,CAAC;AAC9D,OAAO,EAAE,gBAAgB,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AACrE,YAAY,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AACzD,OAAO,EACL,uBAAuB,EACvB,mBAAmB,EACnB,uBAAuB,GACxB,MAAM,cAAc,CAAC;AACtB,YAAY,EAAE,YAAY,EAAE,MAAM,cAAc,CAAC"}

package/dist/custody/frost/index.js ADDED Viewed

@@ -0,0 +1,6 @@
+export { frostEd25519Driver } from "./ed25519-driver.js";
+export { frostSecp256k1Driver } from "./secp256k1-driver.js";
+export { hybridEd25519MlDsaDriver } from "./hybrid-driver.js";
+export { FrostHttpAdapter, FrostHttpError } from "./http-adapter.js";
+export { FrostBackendUnavailable, composeFrostBackend, frostBackendUnavailable, } from "./backend.js";
+//# sourceMappingURL=index.js.map

package/dist/custody/frost/index.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/custody/frost/index.ts"],"names":[],"mappings":"AAeA,OAAO,EAAE,kBAAkB,EAAE,MAAM,qBAAqB,CAAC;AAEzD,OAAO,EAAE,oBAAoB,EAAE,MAAM,uBAAuB,CAAC;AAE7D,OAAO,EAAE,wBAAwB,EAAE,MAAM,oBAAoB,CAAC;AAE9D,OAAO,EAAE,gBAAgB,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AAErE,OAAO,EACL,uBAAuB,EACvB,mBAAmB,EACnB,uBAAuB,GACxB,MAAM,cAAc,CAAC"}

package/dist/custody/frost/secp256k1-driver.d.ts ADDED Viewed

@@ -0,0 +1,26 @@
+/**
+ * FROST-secp256k1 device driver. Implements `SigningDriver` by walking
+ * the FROST round protocol against a `FrostCoordinator` (Tenzro-hosted)
+ * and a `FrostDeviceShareHolder` (passkey-unwrapped, device-local).
+ *
+ * Endpoint contracts the coordinator wraps are documented on
+ * `FrostCoordinator`. This file only orchestrates the rounds; it
+ * produces *no* secret material itself.
+ *
+ * Use this driver for EVM surfaces (ECDSA over secp256k1). The node
+ * returns a 64-byte `r||s` aggregate; the EVM surface module is
+ * responsible for recovering or appending the `v` byte to make a
+ * 65-byte tx signature. This is consistent with how internal-mpc
+ * stubs the curve today.
+ *
+ * Returns a single signature (64 or 65 bytes — see DESIGN.md §4.3.4
+ * for the convention each surface uses).
+ */
+import type { SigningDriver, SigningRequest } from '../../types/signing-driver.js';
+import type { FrostCoordinator, FrostDeviceShareHolder } from './coordinator.js';
+export interface FrostSecp256k1Options {
+    readonly coordinator: FrostCoordinator;
+    readonly resolveShareHolder: (req: SigningRequest) => Promise<FrostDeviceShareHolder>;
+}
+export declare function frostSecp256k1Driver(opts: FrostSecp256k1Options): SigningDriver;
+//# sourceMappingURL=secp256k1-driver.d.ts.map

package/dist/custody/frost/secp256k1-driver.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"secp256k1-driver.d.ts","sourceRoot":"","sources":["../../../src/custody/frost/secp256k1-driver.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;GAiBG;AAEH,OAAO,KAAK,EAAE,aAAa,EAAE,cAAc,EAAiB,MAAM,+BAA+B,CAAC;AAElG,OAAO,KAAK,EAAE,gBAAgB,EAAE,sBAAsB,EAAE,MAAM,kBAAkB,CAAC;AAEjF,MAAM,WAAW,qBAAqB;IACpC,QAAQ,CAAC,WAAW,EAAE,gBAAgB,CAAC;IACvC,QAAQ,CAAC,kBAAkB,EAAE,CAAC,GAAG,EAAE,cAAc,KAAK,OAAO,CAAC,sBAAsB,CAAC,CAAC;CACvF;AAED,wBAAgB,oBAAoB,CAAC,IAAI,EAAE,qBAAqB,GAAG,aAAa,CA6D/E"}