npm - tenzro-wallet - Versions diffs - 0.1.0 - Mend

tenzro-wallet 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (471) hide show

package/LICENSE +201 -0
package/README.md +128 -0
package/dist/balance/aggregator.d.ts +16 -0
package/dist/balance/aggregator.d.ts.map +1 -0
package/dist/balance/aggregator.js +73 -0
package/dist/balance/aggregator.js.map +1 -0
package/dist/balance/index.d.ts +3 -0
package/dist/balance/index.d.ts.map +1 -0
package/dist/balance/index.js +2 -0
package/dist/balance/index.js.map +1 -0
package/dist/consent/index.d.ts +3 -0
package/dist/consent/index.d.ts.map +1 -0
package/dist/consent/index.js +2 -0
package/dist/consent/index.js.map +1 -0
package/dist/consent/policy.d.ts +27 -0
package/dist/consent/policy.d.ts.map +1 -0
package/dist/consent/policy.js +121 -0
package/dist/consent/policy.js.map +1 -0
package/dist/crypto/eip1559.d.ts +53 -0
package/dist/crypto/eip1559.d.ts.map +1 -0
package/dist/crypto/eip1559.js +79 -0
package/dist/crypto/eip1559.js.map +1 -0
package/dist/crypto/keccak256.d.ts +20 -0
package/dist/crypto/keccak256.d.ts.map +1 -0
package/dist/crypto/keccak256.js +167 -0
package/dist/crypto/keccak256.js.map +1 -0
package/dist/crypto/rlp.d.ts +30 -0
package/dist/crypto/rlp.d.ts.map +1 -0
package/dist/crypto/rlp.js +165 -0
package/dist/crypto/rlp.js.map +1 -0
package/dist/crypto/sha256.d.ts +14 -0
package/dist/crypto/sha256.d.ts.map +1 -0
package/dist/crypto/sha256.js +33 -0
package/dist/crypto/sha256.js.map +1 -0
package/dist/crypto/solana.d.ts +86 -0
package/dist/crypto/solana.d.ts.map +1 -0
package/dist/crypto/solana.js +218 -0
package/dist/crypto/solana.js.map +1 -0
package/dist/custody/frost/backend.d.ts +59 -0
package/dist/custody/frost/backend.d.ts.map +1 -0
package/dist/custody/frost/backend.js +83 -0
package/dist/custody/frost/backend.js.map +1 -0
package/dist/custody/frost/coordinator.d.ts +148 -0
package/dist/custody/frost/coordinator.d.ts.map +1 -0
package/dist/custody/frost/coordinator.js +58 -0
package/dist/custody/frost/coordinator.js.map +1 -0
package/dist/custody/frost/ed25519-driver.d.ts +30 -0
package/dist/custody/frost/ed25519-driver.d.ts.map +1 -0
package/dist/custody/frost/ed25519-driver.js +76 -0
package/dist/custody/frost/ed25519-driver.js.map +1 -0
package/dist/custody/frost/http-adapter.d.ts +77 -0
package/dist/custody/frost/http-adapter.d.ts.map +1 -0
package/dist/custody/frost/http-adapter.js +168 -0
package/dist/custody/frost/http-adapter.js.map +1 -0
package/dist/custody/frost/hybrid-driver.d.ts +37 -0
package/dist/custody/frost/hybrid-driver.d.ts.map +1 -0
package/dist/custody/frost/hybrid-driver.js +60 -0
package/dist/custody/frost/hybrid-driver.js.map +1 -0
package/dist/custody/frost/index.d.ts +12 -0
package/dist/custody/frost/index.d.ts.map +1 -0
package/dist/custody/frost/index.js +6 -0
package/dist/custody/frost/index.js.map +1 -0
package/dist/custody/frost/secp256k1-driver.d.ts +26 -0
package/dist/custody/frost/secp256k1-driver.d.ts.map +1 -0
package/dist/custody/frost/secp256k1-driver.js +78 -0
package/dist/custody/frost/secp256k1-driver.js.map +1 -0
package/dist/custody/index.d.ts +9 -0
package/dist/custody/index.d.ts.map +1 -0
package/dist/custody/index.js +11 -0
package/dist/custody/index.js.map +1 -0
package/dist/custody/internal-mpc.d.ts +14 -0
package/dist/custody/internal-mpc.d.ts.map +1 -0
package/dist/custody/internal-mpc.js +40 -0
package/dist/custody/internal-mpc.js.map +1 -0
package/dist/custody/mldsa/coordinator.d.ts +63 -0
package/dist/custody/mldsa/coordinator.d.ts.map +1 -0
package/dist/custody/mldsa/coordinator.js +44 -0
package/dist/custody/mldsa/coordinator.js.map +1 -0
package/dist/custody/mldsa/driver.d.ts +23 -0
package/dist/custody/mldsa/driver.d.ts.map +1 -0
package/dist/custody/mldsa/driver.js +43 -0
package/dist/custody/mldsa/driver.js.map +1 -0
package/dist/custody/mldsa/http-adapter.d.ts +59 -0
package/dist/custody/mldsa/http-adapter.d.ts.map +1 -0
package/dist/custody/mldsa/http-adapter.js +103 -0
package/dist/custody/mldsa/http-adapter.js.map +1 -0
package/dist/custody/mldsa/index.d.ts +7 -0
package/dist/custody/mldsa/index.d.ts.map +1 -0
package/dist/custody/mldsa/index.js +4 -0
package/dist/custody/mldsa/index.js.map +1 -0
package/dist/custody/pairing/http-adapter.d.ts +40 -0
package/dist/custody/pairing/http-adapter.d.ts.map +1 -0
package/dist/custody/pairing/http-adapter.js +113 -0
package/dist/custody/pairing/http-adapter.js.map +1 -0
package/dist/custody/pairing/index.d.ts +10 -0
package/dist/custody/pairing/index.d.ts.map +1 -0
package/dist/custody/pairing/index.js +8 -0
package/dist/custody/pairing/index.js.map +1 -0
package/dist/custody/pairing/port.d.ts +121 -0
package/dist/custody/pairing/port.d.ts.map +1 -0
package/dist/custody/pairing/port.js +40 -0
package/dist/custody/pairing/port.js.map +1 -0
package/dist/custody/passkey-share/http-adapter.d.ts +77 -0
package/dist/custody/passkey-share/http-adapter.d.ts.map +1 -0
package/dist/custody/passkey-share/http-adapter.js +125 -0
package/dist/custody/passkey-share/http-adapter.js.map +1 -0
package/dist/custody/passkey-share/index.d.ts +7 -0
package/dist/custody/passkey-share/index.d.ts.map +1 -0
package/dist/custody/passkey-share/index.js +4 -0
package/dist/custody/passkey-share/index.js.map +1 -0
package/dist/custody/passkey-share/unwrapper.d.ts +174 -0
package/dist/custody/passkey-share/unwrapper.d.ts.map +1 -0
package/dist/custody/passkey-share/unwrapper.js +132 -0
package/dist/custody/passkey-share/unwrapper.js.map +1 -0
package/dist/custody/passkey-share/webauthn-adapter.d.ts +112 -0
package/dist/custody/passkey-share/webauthn-adapter.d.ts.map +1 -0
package/dist/custody/passkey-share/webauthn-adapter.js +150 -0
package/dist/custody/passkey-share/webauthn-adapter.js.map +1 -0
package/dist/custody/surface-key-id.d.ts +15 -0
package/dist/custody/surface-key-id.d.ts.map +1 -0
package/dist/custody/surface-key-id.js +25 -0
package/dist/custody/surface-key-id.js.map +1 -0
package/dist/dapp/eip6963.d.ts +64 -0
package/dist/dapp/eip6963.d.ts.map +1 -0
package/dist/dapp/eip6963.js +55 -0
package/dist/dapp/eip6963.js.map +1 -0
package/dist/dapp/index.d.ts +21 -0
package/dist/dapp/index.d.ts.map +1 -0
package/dist/dapp/index.js +24 -0
package/dist/dapp/index.js.map +1 -0
package/dist/identity/delegate-set.d.ts +57 -0
package/dist/identity/delegate-set.d.ts.map +1 -0
package/dist/identity/delegate-set.js +85 -0
package/dist/identity/delegate-set.js.map +1 -0
package/dist/identity/did.d.ts +17 -0
package/dist/identity/did.d.ts.map +1 -0
package/dist/identity/did.js +60 -0
package/dist/identity/did.js.map +1 -0
package/dist/identity/index.d.ts +14 -0
package/dist/identity/index.d.ts.map +1 -0
package/dist/identity/index.js +8 -0
package/dist/identity/index.js.map +1 -0
package/dist/identity/provision.d.ts +13 -0
package/dist/identity/provision.d.ts.map +1 -0
package/dist/identity/provision.js +151 -0
package/dist/identity/provision.js.map +1 -0
package/dist/identity/provisioning-http-adapter.d.ts +81 -0
package/dist/identity/provisioning-http-adapter.d.ts.map +1 -0
package/dist/identity/provisioning-http-adapter.js +114 -0
package/dist/identity/provisioning-http-adapter.js.map +1 -0
package/dist/identity/recovery-http-adapter.d.ts +83 -0
package/dist/identity/recovery-http-adapter.d.ts.map +1 -0
package/dist/identity/recovery-http-adapter.js +139 -0
package/dist/identity/recovery-http-adapter.js.map +1 -0
package/dist/identity/wallet-new.d.ts +132 -0
package/dist/identity/wallet-new.d.ts.map +1 -0
package/dist/identity/wallet-new.js +94 -0
package/dist/identity/wallet-new.js.map +1 -0
package/dist/identity/wallet-recover.d.ts +116 -0
package/dist/identity/wallet-recover.d.ts.map +1 -0
package/dist/identity/wallet-recover.js +95 -0
package/dist/identity/wallet-recover.js.map +1 -0
package/dist/index.d.ts +12 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +11 -0
package/dist/index.js.map +1 -0
package/dist/kernel.d.ts +119 -0
package/dist/kernel.d.ts.map +1 -0
package/dist/kernel.js +144 -0
package/dist/kernel.js.map +1 -0
package/dist/ports/adapters/tenzro-identity-adapter.d.ts +44 -0
package/dist/ports/adapters/tenzro-identity-adapter.d.ts.map +1 -0
package/dist/ports/adapters/tenzro-identity-adapter.js +60 -0
package/dist/ports/adapters/tenzro-identity-adapter.js.map +1 -0
package/dist/ports/adapters/tenzro-sdk-adapter.d.ts +86 -0
package/dist/ports/adapters/tenzro-sdk-adapter.d.ts.map +1 -0
package/dist/ports/adapters/tenzro-sdk-adapter.js +100 -0
package/dist/ports/adapters/tenzro-sdk-adapter.js.map +1 -0
package/dist/ports/agent/acp.d.ts +66 -0
package/dist/ports/agent/acp.d.ts.map +1 -0
package/dist/ports/agent/acp.js +27 -0
package/dist/ports/agent/acp.js.map +1 -0
package/dist/ports/agent/adapters/acp-adapter.d.ts +67 -0
package/dist/ports/agent/adapters/acp-adapter.d.ts.map +1 -0
package/dist/ports/agent/adapters/acp-adapter.js +70 -0
package/dist/ports/agent/adapters/acp-adapter.js.map +1 -0
package/dist/ports/agent/adapters/agent-bond-adapter.d.ts +31 -0
package/dist/ports/agent/adapters/agent-bond-adapter.d.ts.map +1 -0
package/dist/ports/agent/adapters/agent-bond-adapter.js +82 -0
package/dist/ports/agent/adapters/agent-bond-adapter.js.map +1 -0
package/dist/ports/agent/adapters/agent-payment-adapter.d.ts +66 -0
package/dist/ports/agent/adapters/agent-payment-adapter.d.ts.map +1 -0
package/dist/ports/agent/adapters/agent-payment-adapter.js +75 -0
package/dist/ports/agent/adapters/agent-payment-adapter.js.map +1 -0
package/dist/ports/agent/adapters/ap2-adapter.d.ts +28 -0
package/dist/ports/agent/adapters/ap2-adapter.d.ts.map +1 -0
package/dist/ports/agent/adapters/ap2-adapter.js +97 -0
package/dist/ports/agent/adapters/ap2-adapter.js.map +1 -0
package/dist/ports/agent/adapters/auth-approval-adapter.d.ts +26 -0
package/dist/ports/agent/adapters/auth-approval-adapter.d.ts.map +1 -0
package/dist/ports/agent/adapters/auth-approval-adapter.js +37 -0
package/dist/ports/agent/adapters/auth-approval-adapter.js.map +1 -0
package/dist/ports/agent/adapters/erc7802-adapter.d.ts +30 -0
package/dist/ports/agent/adapters/erc7802-adapter.d.ts.map +1 -0
package/dist/ports/agent/adapters/erc7802-adapter.js +60 -0
package/dist/ports/agent/adapters/erc7802-adapter.js.map +1 -0
package/dist/ports/agent/adapters/erc8004-adapter.d.ts +54 -0
package/dist/ports/agent/adapters/erc8004-adapter.d.ts.map +1 -0
package/dist/ports/agent/adapters/erc8004-adapter.js +53 -0
package/dist/ports/agent/adapters/erc8004-adapter.js.map +1 -0
package/dist/ports/agent/adapters/escrow-adapter.d.ts +33 -0
package/dist/ports/agent/adapters/escrow-adapter.d.ts.map +1 -0
package/dist/ports/agent/adapters/escrow-adapter.js +109 -0
package/dist/ports/agent/adapters/escrow-adapter.js.map +1 -0
package/dist/ports/agent/adapters/fee-estimator-adapter.d.ts +31 -0
package/dist/ports/agent/adapters/fee-estimator-adapter.d.ts.map +1 -0
package/dist/ports/agent/adapters/fee-estimator-adapter.js +103 -0
package/dist/ports/agent/adapters/fee-estimator-adapter.js.map +1 -0
package/dist/ports/agent/adapters/htlc-escrow-adapter.d.ts +68 -0
package/dist/ports/agent/adapters/htlc-escrow-adapter.d.ts.map +1 -0
package/dist/ports/agent/adapters/htlc-escrow-adapter.js +131 -0
package/dist/ports/agent/adapters/htlc-escrow-adapter.js.map +1 -0
package/dist/ports/agent/adapters/insurance-adapter.d.ts +32 -0
package/dist/ports/agent/adapters/insurance-adapter.d.ts.map +1 -0
package/dist/ports/agent/adapters/insurance-adapter.js +103 -0
package/dist/ports/agent/adapters/insurance-adapter.js.map +1 -0
package/dist/ports/agent/adapters/lifecycle-adapter.d.ts +26 -0
package/dist/ports/agent/adapters/lifecycle-adapter.d.ts.map +1 -0
package/dist/ports/agent/adapters/lifecycle-adapter.js +136 -0
package/dist/ports/agent/adapters/lifecycle-adapter.js.map +1 -0
package/dist/ports/agent/adapters/nanopayment-adapter.d.ts +62 -0
package/dist/ports/agent/adapters/nanopayment-adapter.d.ts.map +1 -0
package/dist/ports/agent/adapters/nanopayment-adapter.js +76 -0
package/dist/ports/agent/adapters/nanopayment-adapter.js.map +1 -0
package/dist/ports/agent/adapters/payment-rails-adapter.d.ts +67 -0
package/dist/ports/agent/adapters/payment-rails-adapter.d.ts.map +1 -0
package/dist/ports/agent/adapters/payment-rails-adapter.js +108 -0
package/dist/ports/agent/adapters/payment-rails-adapter.js.map +1 -0
package/dist/ports/agent/adapters/principal-chain-adapter.d.ts +23 -0
package/dist/ports/agent/adapters/principal-chain-adapter.d.ts.map +1 -0
package/dist/ports/agent/adapters/principal-chain-adapter.js +156 -0
package/dist/ports/agent/adapters/principal-chain-adapter.js.map +1 -0
package/dist/ports/agent/adapters/session-key-adapter.d.ts +45 -0
package/dist/ports/agent/adapters/session-key-adapter.d.ts.map +1 -0
package/dist/ports/agent/adapters/session-key-adapter.js +80 -0
package/dist/ports/agent/adapters/session-key-adapter.js.map +1 -0
package/dist/ports/agent/adapters/tee-attestation-adapter.d.ts +32 -0
package/dist/ports/agent/adapters/tee-attestation-adapter.d.ts.map +1 -0
package/dist/ports/agent/adapters/tee-attestation-adapter.js +38 -0
package/dist/ports/agent/adapters/tee-attestation-adapter.js.map +1 -0
package/dist/ports/agent/agent-bond.d.ts +80 -0
package/dist/ports/agent/agent-bond.d.ts.map +1 -0
package/dist/ports/agent/agent-bond.js +23 -0
package/dist/ports/agent/agent-bond.js.map +1 -0
package/dist/ports/agent/agent-payment.d.ts +72 -0
package/dist/ports/agent/agent-payment.d.ts.map +1 -0
package/dist/ports/agent/agent-payment.js +17 -0
package/dist/ports/agent/agent-payment.js.map +1 -0
package/dist/ports/agent/ap2.d.ts +104 -0
package/dist/ports/agent/ap2.d.ts.map +1 -0
package/dist/ports/agent/ap2.js +22 -0
package/dist/ports/agent/ap2.js.map +1 -0
package/dist/ports/agent/auth-approval.d.ts +40 -0
package/dist/ports/agent/auth-approval.d.ts.map +1 -0
package/dist/ports/agent/auth-approval.js +23 -0
package/dist/ports/agent/auth-approval.js.map +1 -0
package/dist/ports/agent/erc7802.d.ts +94 -0
package/dist/ports/agent/erc7802.d.ts.map +1 -0
package/dist/ports/agent/erc7802.js +30 -0
package/dist/ports/agent/erc7802.js.map +1 -0
package/dist/ports/agent/erc8004.d.ts +57 -0
package/dist/ports/agent/erc8004.d.ts.map +1 -0
package/dist/ports/agent/erc8004.js +20 -0
package/dist/ports/agent/erc8004.js.map +1 -0
package/dist/ports/agent/escrow.d.ts +74 -0
package/dist/ports/agent/escrow.d.ts.map +1 -0
package/dist/ports/agent/escrow.js +18 -0
package/dist/ports/agent/escrow.js.map +1 -0
package/dist/ports/agent/fee-estimator.d.ts +71 -0
package/dist/ports/agent/fee-estimator.d.ts.map +1 -0
package/dist/ports/agent/fee-estimator.js +21 -0
package/dist/ports/agent/fee-estimator.js.map +1 -0
package/dist/ports/agent/htlc-escrow.d.ts +94 -0
package/dist/ports/agent/htlc-escrow.d.ts.map +1 -0
package/dist/ports/agent/htlc-escrow.js +25 -0
package/dist/ports/agent/htlc-escrow.js.map +1 -0
package/dist/ports/agent/index.d.ts +58 -0
package/dist/ports/agent/index.d.ts.map +1 -0
package/dist/ports/agent/index.js +24 -0
package/dist/ports/agent/index.js.map +1 -0
package/dist/ports/agent/insurance.d.ts +65 -0
package/dist/ports/agent/insurance.d.ts.map +1 -0
package/dist/ports/agent/insurance.js +18 -0
package/dist/ports/agent/insurance.js.map +1 -0
package/dist/ports/agent/lifecycle.d.ts +69 -0
package/dist/ports/agent/lifecycle.d.ts.map +1 -0
package/dist/ports/agent/lifecycle.js +17 -0
package/dist/ports/agent/lifecycle.js.map +1 -0
package/dist/ports/agent/nanopayment.d.ts +72 -0
package/dist/ports/agent/nanopayment.d.ts.map +1 -0
package/dist/ports/agent/nanopayment.js +16 -0
package/dist/ports/agent/nanopayment.js.map +1 -0
package/dist/ports/agent/payment-rails.d.ts +140 -0
package/dist/ports/agent/payment-rails.d.ts.map +1 -0
package/dist/ports/agent/payment-rails.js +25 -0
package/dist/ports/agent/payment-rails.js.map +1 -0
package/dist/ports/agent/principal-chain.d.ts +95 -0
package/dist/ports/agent/principal-chain.d.ts.map +1 -0
package/dist/ports/agent/principal-chain.js +16 -0
package/dist/ports/agent/principal-chain.js.map +1 -0
package/dist/ports/agent/session-key.d.ts +94 -0
package/dist/ports/agent/session-key.d.ts.map +1 -0
package/dist/ports/agent/session-key.js +31 -0
package/dist/ports/agent/session-key.js.map +1 -0
package/dist/ports/agent/tee-attestation.d.ts +51 -0
package/dist/ports/agent/tee-attestation.d.ts.map +1 -0
package/dist/ports/agent/tee-attestation.js +28 -0
package/dist/ports/agent/tee-attestation.js.map +1 -0
package/dist/ports/bridge/adapters/bridge-adapter-base.d.ts +47 -0
package/dist/ports/bridge/adapters/bridge-adapter-base.d.ts.map +1 -0
package/dist/ports/bridge/adapters/bridge-adapter-base.js +144 -0
package/dist/ports/bridge/adapters/bridge-adapter-base.js.map +1 -0
package/dist/ports/bridge/adapters/canton-bridge-adapter.d.ts +30 -0
package/dist/ports/bridge/adapters/canton-bridge-adapter.d.ts.map +1 -0
package/dist/ports/bridge/adapters/canton-bridge-adapter.js +31 -0
package/dist/ports/bridge/adapters/canton-bridge-adapter.js.map +1 -0
package/dist/ports/bridge/adapters/ccip-adapter.d.ts +30 -0
package/dist/ports/bridge/adapters/ccip-adapter.d.ts.map +1 -0
package/dist/ports/bridge/adapters/ccip-adapter.js +31 -0
package/dist/ports/bridge/adapters/ccip-adapter.js.map +1 -0
package/dist/ports/bridge/adapters/debridge-adapter.d.ts +27 -0
package/dist/ports/bridge/adapters/debridge-adapter.d.ts.map +1 -0
package/dist/ports/bridge/adapters/debridge-adapter.js +28 -0
package/dist/ports/bridge/adapters/debridge-adapter.js.map +1 -0
package/dist/ports/bridge/adapters/layerzero-adapter.d.ts +30 -0
package/dist/ports/bridge/adapters/layerzero-adapter.d.ts.map +1 -0
package/dist/ports/bridge/adapters/layerzero-adapter.js +31 -0
package/dist/ports/bridge/adapters/layerzero-adapter.js.map +1 -0
package/dist/ports/bridge/adapters/lifi-adapter.d.ts +48 -0
package/dist/ports/bridge/adapters/lifi-adapter.d.ts.map +1 -0
package/dist/ports/bridge/adapters/lifi-adapter.js +49 -0
package/dist/ports/bridge/adapters/lifi-adapter.js.map +1 -0
package/dist/ports/bridge/adapters/wormhole-adapter.d.ts +26 -0
package/dist/ports/bridge/adapters/wormhole-adapter.d.ts.map +1 -0
package/dist/ports/bridge/adapters/wormhole-adapter.js +27 -0
package/dist/ports/bridge/adapters/wormhole-adapter.js.map +1 -0
package/dist/ports/bridge/bridge.d.ts +123 -0
package/dist/ports/bridge/bridge.d.ts.map +1 -0
package/dist/ports/bridge/bridge.js +20 -0
package/dist/ports/bridge/bridge.js.map +1 -0
package/dist/ports/bridge/index.d.ts +13 -0
package/dist/ports/bridge/index.d.ts.map +1 -0
package/dist/ports/bridge/index.js +11 -0
package/dist/ports/bridge/index.js.map +1 -0
package/dist/ports/canton/adapters/ledger-api-adapter.d.ts +52 -0
package/dist/ports/canton/adapters/ledger-api-adapter.d.ts.map +1 -0
package/dist/ports/canton/adapters/ledger-api-adapter.js +232 -0
package/dist/ports/canton/adapters/ledger-api-adapter.js.map +1 -0
package/dist/ports/canton/canton-identity.d.ts +60 -0
package/dist/ports/canton/canton-identity.d.ts.map +1 -0
package/dist/ports/canton/canton-identity.js +28 -0
package/dist/ports/canton/canton-identity.js.map +1 -0
package/dist/ports/canton/canton-validator.d.ts +182 -0
package/dist/ports/canton/canton-validator.d.ts.map +1 -0
package/dist/ports/canton/canton-validator.js +39 -0
package/dist/ports/canton/canton-validator.js.map +1 -0
package/dist/ports/canton/fingerprint.d.ts +24 -0
package/dist/ports/canton/fingerprint.d.ts.map +1 -0
package/dist/ports/canton/fingerprint.js +31 -0
package/dist/ports/canton/fingerprint.js.map +1 -0
package/dist/ports/canton/hash.d.ts +37 -0
package/dist/ports/canton/hash.d.ts.map +1 -0
package/dist/ports/canton/hash.js +68 -0
package/dist/ports/canton/hash.js.map +1 -0
package/dist/ports/canton/http.d.ts +64 -0
package/dist/ports/canton/http.d.ts.map +1 -0
package/dist/ports/canton/http.js +177 -0
package/dist/ports/canton/http.js.map +1 -0
package/dist/ports/cross-vm.d.ts +79 -0
package/dist/ports/cross-vm.d.ts.map +1 -0
package/dist/ports/cross-vm.js +81 -0
package/dist/ports/cross-vm.js.map +1 -0
package/dist/ports/index.d.ts +18 -0
package/dist/ports/index.d.ts.map +1 -0
package/dist/ports/index.js +11 -0
package/dist/ports/index.js.map +1 -0
package/dist/ports/tenzro-identity.d.ts +29 -0
package/dist/ports/tenzro-identity.d.ts.map +1 -0
package/dist/ports/tenzro-identity.js +19 -0
package/dist/ports/tenzro-identity.js.map +1 -0
package/dist/ports/tenzro-rpc.d.ts +79 -0
package/dist/ports/tenzro-rpc.d.ts.map +1 -0
package/dist/ports/tenzro-rpc.js +21 -0
package/dist/ports/tenzro-rpc.js.map +1 -0
package/dist/router/index.d.ts +3 -0
package/dist/router/index.d.ts.map +1 -0
package/dist/router/index.js +2 -0
package/dist/router/index.js.map +1 -0
package/dist/router/route.d.ts +17 -0
package/dist/router/route.d.ts.map +1 -0
package/dist/router/route.js +78 -0
package/dist/router/route.js.map +1 -0
package/dist/settlement/nanopayment-flow.d.ts +48 -0
package/dist/settlement/nanopayment-flow.d.ts.map +1 -0
package/dist/settlement/nanopayment-flow.js +111 -0
package/dist/settlement/nanopayment-flow.js.map +1 -0
package/dist/surfaces/canton-external.d.ts +43 -0
package/dist/surfaces/canton-external.d.ts.map +1 -0
package/dist/surfaces/canton-external.js +252 -0
package/dist/surfaces/canton-external.js.map +1 -0
package/dist/surfaces/canton-internal.d.ts +34 -0
package/dist/surfaces/canton-internal.d.ts.map +1 -0
package/dist/surfaces/canton-internal.js +163 -0
package/dist/surfaces/canton-internal.js.map +1 -0
package/dist/surfaces/canton-onboarding.d.ts +64 -0
package/dist/surfaces/canton-onboarding.d.ts.map +1 -0
package/dist/surfaces/canton-onboarding.js +113 -0
package/dist/surfaces/canton-onboarding.js.map +1 -0
package/dist/surfaces/evm-on-tenzro.d.ts +29 -0
package/dist/surfaces/evm-on-tenzro.d.ts.map +1 -0
package/dist/surfaces/evm-on-tenzro.js +226 -0
package/dist/surfaces/evm-on-tenzro.js.map +1 -0
package/dist/surfaces/index.d.ts +13 -0
package/dist/surfaces/index.d.ts.map +1 -0
package/dist/surfaces/index.js +7 -0
package/dist/surfaces/index.js.map +1 -0
package/dist/surfaces/svm-on-tenzro.d.ts +24 -0
package/dist/surfaces/svm-on-tenzro.d.ts.map +1 -0
package/dist/surfaces/svm-on-tenzro.js +238 -0
package/dist/surfaces/svm-on-tenzro.js.map +1 -0
package/dist/surfaces/tenzro-native.d.ts +45 -0
package/dist/surfaces/tenzro-native.d.ts.map +1 -0
package/dist/surfaces/tenzro-native.js +299 -0
package/dist/surfaces/tenzro-native.js.map +1 -0
package/dist/surfaces/util.d.ts +18 -0
package/dist/surfaces/util.d.ts.map +1 -0
package/dist/surfaces/util.js +36 -0
package/dist/surfaces/util.js.map +1 -0
package/dist/types/asset.d.ts +43 -0
package/dist/types/asset.d.ts.map +1 -0
package/dist/types/asset.js +13 -0
package/dist/types/asset.js.map +1 -0
package/dist/types/consent.d.ts +46 -0
package/dist/types/consent.d.ts.map +1 -0
package/dist/types/consent.js +18 -0
package/dist/types/consent.js.map +1 -0
package/dist/types/identity.d.ts +115 -0
package/dist/types/identity.d.ts.map +1 -0
package/dist/types/identity.js +12 -0
package/dist/types/identity.js.map +1 -0
package/dist/types/index.d.ts +10 -0
package/dist/types/index.d.ts.map +1 -0
package/dist/types/index.js +3 -0
package/dist/types/index.js.map +1 -0
package/dist/types/intent.d.ts +132 -0
package/dist/types/intent.d.ts.map +1 -0
package/dist/types/intent.js +8 -0
package/dist/types/intent.js.map +1 -0
package/dist/types/signing-driver.d.ts +48 -0
package/dist/types/signing-driver.d.ts.map +1 -0
package/dist/types/signing-driver.js +9 -0
package/dist/types/signing-driver.js.map +1 -0
package/dist/types/surface-module.d.ts +38 -0
package/dist/types/surface-module.d.ts.map +1 -0
package/dist/types/surface-module.js +19 -0
package/dist/types/surface-module.js.map +1 -0
package/dist/types/surface.d.ts +17 -0
package/dist/types/surface.d.ts.map +1 -0
package/dist/types/surface.js +28 -0
package/dist/types/surface.js.map +1 -0
package/package.json +84 -0

package/dist/custody/frost/secp256k1-driver.js ADDED Viewed

@@ -0,0 +1,78 @@
+/**
+ * FROST-secp256k1 device driver. Implements `SigningDriver` by walking
+ * the FROST round protocol against a `FrostCoordinator` (Tenzro-hosted)
+ * and a `FrostDeviceShareHolder` (passkey-unwrapped, device-local).
+ *
+ * Endpoint contracts the coordinator wraps are documented on
+ * `FrostCoordinator`. This file only orchestrates the rounds; it
+ * produces *no* secret material itself.
+ *
+ * Use this driver for EVM surfaces (ECDSA over secp256k1). The node
+ * returns a 64-byte `r||s` aggregate; the EVM surface module is
+ * responsible for recovering or appending the `v` byte to make a
+ * 65-byte tx signature. This is consistent with how internal-mpc
+ * stubs the curve today.
+ *
+ * Returns a single signature (64 or 65 bytes — see DESIGN.md §4.3.4
+ * for the convention each surface uses).
+ */
+import { surfaceKeyId } from "../surface-key-id.js";
+export function frostSecp256k1Driver(opts) {
+    return {
+        id: 'frost-secp256k1',
+        async sign(req) {
+            if (req.scheme !== 'secp256k1') {
+                throw new Error(`frost-secp256k1 driver cannot sign scheme '${req.scheme}'`);
+            }
+            const holder = await opts.resolveShareHolder(req);
+            if (holder.scheme !== 'secp256k1') {
+                throw new Error(`share-holder scheme mismatch: expected secp256k1, got ${holder.scheme}`);
+            }
+            let sessionId;
+            try {
+                const started = await opts.coordinator.start({
+                    did: req.did.toString(),
+                    surfaceKey: surfaceKeyId(req.surfaceKey),
+                    scheme: 'secp256k1',
+                    preimage: req.preimage,
+                    ...(req.purpose !== undefined ? { purpose: req.purpose } : {}),
+                });
+                sessionId = started.sessionId;
+                const deviceCommitment = await holder.commit();
+                await opts.coordinator.commit({ sessionId, deviceCommitment });
+                const challenge = await opts.coordinator.awaitChallenge(sessionId);
+                if (challenge.state !== 'committed') {
+                    throw new Error(`frost round in unexpected state: ${challenge.state}`);
+                }
+                const deviceShare = await holder.respond({
+                    preimage: req.preimage,
+                    groupCommitment: challenge.groupCommitment,
+                    signerSet: challenge.signerSet,
+                    lambda: challenge.lambda,
+                });
+                await opts.coordinator.respond({ sessionId, deviceShare });
+                const finalized = await opts.coordinator.finalize(sessionId);
+                if (finalized.state !== 'finalized' || !finalized.signature) {
+                    throw new Error(`frost-secp256k1 finalize returned state=${finalized.state}`);
+                }
+                const len = finalized.signature.length;
+                if (len !== 64 && len !== 65) {
+                    throw new Error(`frost-secp256k1 signature has wrong length: ${len}`);
+                }
+                return { signatures: [finalized.signature] };
+            }
+            catch (err) {
+                if (sessionId !== undefined) {
+                    await opts.coordinator
+                        .abort(sessionId, err instanceof Error ? err.message : 'unknown')
+                        .catch(() => undefined);
+                }
+                throw err;
+            }
+            finally {
+                holder.dispose?.();
+            }
+        },
+    };
+}
+//# sourceMappingURL=secp256k1-driver.js.map

package/dist/custody/frost/secp256k1-driver.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"secp256k1-driver.js","sourceRoot":"","sources":["../../../src/custody/frost/secp256k1-driver.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;GAiBG;AAGH,OAAO,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AAQpD,MAAM,UAAU,oBAAoB,CAAC,IAA2B;IAC9D,OAAO;QACL,EAAE,EAAE,iBAAiB;QACrB,KAAK,CAAC,IAAI,CAAC,GAAmB;YAC5B,IAAI,GAAG,CAAC,MAAM,KAAK,WAAW,EAAE,CAAC;gBAC/B,MAAM,IAAI,KAAK,CAAC,8CAA8C,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC;YAC/E,CAAC;YAED,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,GAAG,CAAC,CAAC;YAClD,IAAI,MAAM,CAAC,MAAM,KAAK,WAAW,EAAE,CAAC;gBAClC,MAAM,IAAI,KAAK,CAAC,yDAAyD,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC;YAC5F,CAAC;YAED,IAAI,SAA6B,CAAC;YAClC,IAAI,CAAC;gBACH,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC;oBAC3C,GAAG,EAAE,GAAG,CAAC,GAAG,CAAC,QAAQ,EAAE;oBACvB,UAAU,EAAE,YAAY,CAAC,GAAG,CAAC,UAAU,CAAC;oBACxC,MAAM,EAAE,WAAW;oBACnB,QAAQ,EAAE,GAAG,CAAC,QAAQ;oBACtB,GAAG,CAAC,GAAG,CAAC,OAAO,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;iBAC/D,CAAC,CAAC;gBACH,SAAS,GAAG,OAAO,CAAC,SAAS,CAAC;gBAE9B,MAAM,gBAAgB,GAAG,MAAM,MAAM,CAAC,MAAM,EAAE,CAAC;gBAC/C,MAAM,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,EAAE,SAAS,EAAE,gBAAgB,EAAE,CAAC,CAAC;gBAE/D,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,cAAc,CAAC,SAAS,CAAC,CAAC;gBACnE,IAAI,SAAS,CAAC,KAAK,KAAK,WAAW,EAAE,CAAC;oBACpC,MAAM,IAAI,KAAK,CAAC,oCAAoC,SAAS,CAAC,KAAK,EAAE,CAAC,CAAC;gBACzE,CAAC;gBAED,MAAM,WAAW,GAAG,MAAM,MAAM,CAAC,OAAO,CAAC;oBACvC,QAAQ,EAAE,GAAG,CAAC,QAAQ;oBACtB,eAAe,EAAE,SAAS,CAAC,eAAe;oBAC1C,SAAS,EAAE,SAAS,CAAC,SAAS;oBAC9B,MAAM,EAAE,SAAS,CAAC,MAAM;iBACzB,CAAC,CAAC;gBACH,MAAM,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,EAAE,SAAS,EAAE,WAAW,EAAE,CAAC,CAAC;gBAE3D,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC;gBAC7D,IAAI,SAAS,CAAC,KAAK,KAAK,WAAW,IAAI,CAAC,SAAS,CAAC,SAAS,EAAE,CAAC;oBAC5D,MAAM,IAAI,KAAK,CAAC,2CAA2C,SAAS,CAAC,KAAK,EAAE,CAAC,CAAC;gBAChF,CAAC;gBACD,MAAM,GAAG,GAAG,SAAS,CAAC,SAAS,CAAC,MAAM,CAAC;gBACvC,IAAI,GAAG,KAAK,EAAE,IAAI,GAAG,KAAK,EAAE,EAAE,CAAC;oBAC7B,MAAM,IAAI,KAAK,CAAC,+CAA+C,GAAG,EAAE,CAAC,CAAC;gBACxE,CAAC;gBACD,OAAO,EAAE,UAAU,EAAE,CAAC,SAAS,CAAC,SAAS,CAAC,EAAE,CAAC;YAC/C,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,IAAI,SAAS,KAAK,SAAS,EAAE,CAAC;oBAC5B,MAAM,IAAI,CAAC,WAAW;yBACnB,KAAK,CAAC,SAAS,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;yBAChE,KAAK,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,CAAC;gBAC5B,CAAC;gBACD,MAAM,GAAG,CAAC;YACZ,CAAC;oBAAS,CAAC;gBACT,MAAM,CAAC,OAAO,EAAE,EAAE,CAAC;YACrB,CAAC;QACH,CAAC;KACF,CAAC;AACJ,CAAC"}

package/dist/custody/index.d.ts ADDED Viewed

@@ -0,0 +1,9 @@
+export { internalMpcDriver } from './internal-mpc.js';
+export type { InternalMpcOptions } from './internal-mpc.js';
+export * from './frost/index.js';
+export * from './mldsa/index.js';
+export * from './passkey-share/index.js';
+export { surfaceKeyId } from './surface-key-id.js';
+export type { PairingPort, PairingState, PairingStartRequest, PairingStartResult, PairingPollResult, PairingClaimRequest, PairingClaimResult, PairingFinalizeRequest, PairingFinalizeResult, PasskeyAssertion, VerificationMethod, PairingHttpConfig, } from './pairing/index.js';
+export { PairingHttpAdapter, PairingHttpError } from './pairing/index.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/custody/index.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/custody/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAC;AACtD,YAAY,EAAE,kBAAkB,EAAE,MAAM,mBAAmB,CAAC;AAG5D,cAAc,kBAAkB,CAAC;AAGjC,cAAc,kBAAkB,CAAC;AAGjC,cAAc,0BAA0B,CAAC;AAGzC,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AAEnD,YAAY,EACV,WAAW,EACX,YAAY,EACZ,mBAAmB,EACnB,kBAAkB,EAClB,iBAAiB,EACjB,mBAAmB,EACnB,kBAAkB,EAClB,sBAAsB,EACtB,qBAAqB,EACrB,gBAAgB,EAChB,kBAAkB,EAClB,iBAAiB,GAClB,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EAAE,kBAAkB,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC"}

package/dist/custody/index.js ADDED Viewed

@@ -0,0 +1,11 @@
+export { internalMpcDriver } from "./internal-mpc.js";
+// ── FROST device drivers (M5) ──
+export * from "./frost/index.js";
+// ── ML-DSA-65 driver + coordinator (M5) ──
+export * from "./mldsa/index.js";
+// ── Passkey share-unwrap (M5) ──
+export * from "./passkey-share/index.js";
+// ── SurfaceKey wire identifier ──
+export { surfaceKeyId } from "./surface-key-id.js";
+export { PairingHttpAdapter, PairingHttpError } from "./pairing/index.js";
+//# sourceMappingURL=index.js.map

package/dist/custody/index.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/custody/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAC;AAGtD,kCAAkC;AAClC,cAAc,kBAAkB,CAAC;AAEjC,4CAA4C;AAC5C,cAAc,kBAAkB,CAAC;AAEjC,kCAAkC;AAClC,cAAc,0BAA0B,CAAC;AAEzC,mCAAmC;AACnC,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AAgBnD,OAAO,EAAE,kBAAkB,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC"}

package/dist/custody/internal-mpc.d.ts ADDED Viewed

@@ -0,0 +1,14 @@
+/**
+ * In-memory 2-of-3 MPC stub. Stand-in for the real Shamir/threshold
+ * implementation that lands in M2 alongside the Tenzro Cortex TEE driver.
+ *
+ * Returns deterministic mock signatures so tests can assert behavior without
+ * pulling in real crypto in M1.
+ */
+import type { SigningDriver } from '../types/signing-driver.js';
+export interface InternalMpcOptions {
+    /** Fail every signing call; used in tests. */
+    readonly failAll?: boolean;
+}
+export declare function internalMpcDriver(opts?: InternalMpcOptions): SigningDriver;
+//# sourceMappingURL=internal-mpc.d.ts.map

package/dist/custody/internal-mpc.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"internal-mpc.d.ts","sourceRoot":"","sources":["../../src/custody/internal-mpc.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,KAAK,EAAE,aAAa,EAAiC,MAAM,4BAA4B,CAAC;AAE/F,MAAM,WAAW,kBAAkB;IACjC,8CAA8C;IAC9C,QAAQ,CAAC,OAAO,CAAC,EAAE,OAAO,CAAC;CAC5B;AAED,wBAAgB,iBAAiB,CAAC,IAAI,GAAE,kBAAuB,GAAG,aAAa,CAa9E"}

package/dist/custody/internal-mpc.js ADDED Viewed

@@ -0,0 +1,40 @@
+/**
+ * In-memory 2-of-3 MPC stub. Stand-in for the real Shamir/threshold
+ * implementation that lands in M2 alongside the Tenzro Cortex TEE driver.
+ *
+ * Returns deterministic mock signatures so tests can assert behavior without
+ * pulling in real crypto in M1.
+ */
+export function internalMpcDriver(opts = {}) {
+    return {
+        id: 'internal-mpc',
+        async sign(req) {
+            if (opts.failAll)
+                throw new Error('signing rejected by policy');
+            const sigCount = req.scheme === 'ed25519+ml-dsa-65' ? 2 : 1;
+            const signatures = [];
+            for (let i = 0; i < sigCount; i++) {
+                signatures.push(deterministic(req.preimage, req.scheme, i));
+            }
+            return { signatures };
+        },
+    };
+}
+function deterministic(preimage, scheme, leg) {
+    // secp256k1 sigs are 65 bytes on the wire (r||s||v). Ed25519 sigs are 64.
+    // ML-DSA-65 sigs are 3293 bytes. The mock matches these shapes so the
+    // surface modules can do real wire-format serialization in tests.
+    const len = scheme === 'ed25519+ml-dsa-65' && leg === 1 ? 3293 : scheme === 'secp256k1' ? 65 : 64;
+    const out = new Uint8Array(len);
+    const tag = new TextEncoder().encode(`${scheme}:${leg}:`);
+    for (let i = 0; i < len; i++) {
+        out[i] =
+            ((preimage[i % preimage.length] ?? 0) ^ (tag[i % tag.length] ?? 0) ^ ((i + leg) * 17)) & 0xff;
+    }
+    // Force a valid yParity (0 or 1) on the trailing v byte for secp256k1, so
+    // the EVM surface's `splitSignature` accepts it.
+    if (scheme === 'secp256k1')
+        out[64] = leg & 0x01;
+    return out;
+}
+//# sourceMappingURL=internal-mpc.js.map

package/dist/custody/internal-mpc.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"internal-mpc.js","sourceRoot":"","sources":["../../src/custody/internal-mpc.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AASH,MAAM,UAAU,iBAAiB,CAAC,OAA2B,EAAE;IAC7D,OAAO;QACL,EAAE,EAAE,cAAc;QAClB,KAAK,CAAC,IAAI,CAAC,GAAmB;YAC5B,IAAI,IAAI,CAAC,OAAO;gBAAE,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC;YAChE,MAAM,QAAQ,GAAG,GAAG,CAAC,MAAM,KAAK,mBAAmB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YAC5D,MAAM,UAAU,GAAiB,EAAE,CAAC;YACpC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,EAAE,CAAC,EAAE,EAAE,CAAC;gBAClC,UAAU,CAAC,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,QAAQ,EAAE,GAAG,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,CAAC;YAC9D,CAAC;YACD,OAAO,EAAE,UAAU,EAAE,CAAC;QACxB,CAAC;KACF,CAAC;AACJ,CAAC;AAED,SAAS,aAAa,CAAC,QAAoB,EAAE,MAAc,EAAE,GAAW;IACtE,0EAA0E;IAC1E,sEAAsE;IACtE,kEAAkE;IAClE,MAAM,GAAG,GAAG,MAAM,KAAK,mBAAmB,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,KAAK,WAAW,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;IAClG,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,GAAG,CAAC,CAAC;IAChC,MAAM,GAAG,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,GAAG,MAAM,IAAI,GAAG,GAAG,CAAC,CAAC;IAC1D,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;QAC7B,GAAG,CAAC,CAAC,CAAC;YACJ,CAAC,CAAC,QAAQ,CAAC,CAAC,GAAG,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC;IAClG,CAAC;IACD,0EAA0E;IAC1E,iDAAiD;IACjD,IAAI,MAAM,KAAK,WAAW;QAAE,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,GAAG,IAAI,CAAC;IACjD,OAAO,GAAG,CAAC;AACb,CAAC"}

package/dist/custody/mldsa/coordinator.d.ts ADDED Viewed

@@ -0,0 +1,63 @@
+/**
+ * MlDsaCoordinator — wallet-side view of ML-DSA-65 (FIPS 204 / Dilithium)
+ * signing the node hosts at `/wallet/mldsa/*`. As of 2026-04, the leg is
+ * single-party in the node TEE (DESIGN.md §4.3.4 + §11). Once threshold
+ * ML-DSA matures (NIST IR 8214B / FROST-PQ), the same port surface
+ * gains a round-coordinated mode and `capabilities()` advertises
+ * `'threshold'`.
+ *
+ * Tenzro endpoints (Tenzro implements; wallet kernel only consumes):
+ *
+ *   1. `capabilities()`
+ *      → `GET  /wallet/mldsa/capabilities`
+ *      Response: `{mode: 'tee-only' | 'threshold', publicKey?}` —
+ *      lets the wallet know whether device round-coordination is
+ *      required. While `mode === 'tee-only'`, the device sends only
+ *      the preimage and receives the full signature.
+ *
+ *   2. `sign({did, surfaceKey, preimage, purpose?})`
+ *      → `POST /wallet/mldsa/sign`
+ *      TEE-only path. Response: `{signature}` — 3293 bytes wire-format.
+ *      Latency: dominated by ML-DSA-65 sign cost in the TEE (~ ms).
+ *
+ *   3. `startRound({did, surfaceKey, preimage, purpose?})`
+ *      → `POST /wallet/mldsa/start-round`        (threshold mode only)
+ *      `commit({sessionId, deviceCommitment})`
+ *      → `POST /wallet/mldsa/commit`             (threshold mode only)
+ *      `respond({sessionId, deviceShare})`
+ *      → `POST /wallet/mldsa/respond`            (threshold mode only)
+ *      `finalize({sessionId})`
+ *      → `POST /wallet/mldsa/finalize`           (threshold mode only)
+ *
+ *      These mirror the FROST coordinator surface and only become
+ *      callable once `capabilities().mode === 'threshold'`. Until
+ *      then, calling them must throw `MlDsaThresholdUnavailable`.
+ *
+ * Browser-clean: `fetch` only.
+ */
+export type MlDsaMode = 'tee-only' | 'threshold';
+export interface MlDsaCapabilities {
+    readonly mode: MlDsaMode;
+    /** Multibase-encoded ML-DSA-65 public key, when bound to a DID. */
+    readonly publicKey?: string;
+}
+export interface MlDsaSignRequest {
+    readonly did: string;
+    readonly surfaceKey: string;
+    readonly preimage: Uint8Array;
+    readonly purpose?: string;
+}
+export interface MlDsaSignResult {
+    /** ML-DSA-65 signature, 3293 bytes wire-format. */
+    readonly signature: Uint8Array;
+}
+export declare class MlDsaThresholdUnavailable extends Error {
+    constructor();
+}
+export interface MlDsaCoordinator {
+    /** Read which mode the node is operating in. Cheap; cache-friendly. */
+    capabilities(): Promise<MlDsaCapabilities>;
+    /** TEE-only sign. Mode-agnostic — the node hosts both internally. */
+    sign(req: MlDsaSignRequest): Promise<MlDsaSignResult>;
+}
+//# sourceMappingURL=coordinator.d.ts.map

package/dist/custody/mldsa/coordinator.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"coordinator.d.ts","sourceRoot":"","sources":["../../../src/custody/mldsa/coordinator.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAoCG;AAEH,MAAM,MAAM,SAAS,GAAG,UAAU,GAAG,WAAW,CAAC;AAEjD,MAAM,WAAW,iBAAiB;IAChC,QAAQ,CAAC,IAAI,EAAE,SAAS,CAAC;IACzB,mEAAmE;IACnE,QAAQ,CAAC,SAAS,CAAC,EAAE,MAAM,CAAC;CAC7B;AAED,MAAM,WAAW,gBAAgB;IAC/B,QAAQ,CAAC,GAAG,EAAE,MAAM,CAAC;IACrB,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC;IAC5B,QAAQ,CAAC,QAAQ,EAAE,UAAU,CAAC;IAC9B,QAAQ,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC;CAC3B;AAED,MAAM,WAAW,eAAe;IAC9B,mDAAmD;IACnD,QAAQ,CAAC,SAAS,EAAE,UAAU,CAAC;CAChC;AAED,qBAAa,yBAA0B,SAAQ,KAAK;;CAKnD;AAED,MAAM,WAAW,gBAAgB;IAC/B,uEAAuE;IACvE,YAAY,IAAI,OAAO,CAAC,iBAAiB,CAAC,CAAC;IAC3C,qEAAqE;IACrE,IAAI,CAAC,GAAG,EAAE,gBAAgB,GAAG,OAAO,CAAC,eAAe,CAAC,CAAC;CACvD"}

package/dist/custody/mldsa/coordinator.js ADDED Viewed

@@ -0,0 +1,44 @@
+/**
+ * MlDsaCoordinator — wallet-side view of ML-DSA-65 (FIPS 204 / Dilithium)
+ * signing the node hosts at `/wallet/mldsa/*`. As of 2026-04, the leg is
+ * single-party in the node TEE (DESIGN.md §4.3.4 + §11). Once threshold
+ * ML-DSA matures (NIST IR 8214B / FROST-PQ), the same port surface
+ * gains a round-coordinated mode and `capabilities()` advertises
+ * `'threshold'`.
+ *
+ * Tenzro endpoints (Tenzro implements; wallet kernel only consumes):
+ *
+ *   1. `capabilities()`
+ *      → `GET  /wallet/mldsa/capabilities`
+ *      Response: `{mode: 'tee-only' | 'threshold', publicKey?}` —
+ *      lets the wallet know whether device round-coordination is
+ *      required. While `mode === 'tee-only'`, the device sends only
+ *      the preimage and receives the full signature.
+ *
+ *   2. `sign({did, surfaceKey, preimage, purpose?})`
+ *      → `POST /wallet/mldsa/sign`
+ *      TEE-only path. Response: `{signature}` — 3293 bytes wire-format.
+ *      Latency: dominated by ML-DSA-65 sign cost in the TEE (~ ms).
+ *
+ *   3. `startRound({did, surfaceKey, preimage, purpose?})`
+ *      → `POST /wallet/mldsa/start-round`        (threshold mode only)
+ *      `commit({sessionId, deviceCommitment})`
+ *      → `POST /wallet/mldsa/commit`             (threshold mode only)
+ *      `respond({sessionId, deviceShare})`
+ *      → `POST /wallet/mldsa/respond`            (threshold mode only)
+ *      `finalize({sessionId})`
+ *      → `POST /wallet/mldsa/finalize`           (threshold mode only)
+ *
+ *      These mirror the FROST coordinator surface and only become
+ *      callable once `capabilities().mode === 'threshold'`. Until
+ *      then, calling them must throw `MlDsaThresholdUnavailable`.
+ *
+ * Browser-clean: `fetch` only.
+ */
+export class MlDsaThresholdUnavailable extends Error {
+    constructor() {
+        super('threshold ML-DSA-65 unavailable: node advertises tee-only mode (DESIGN.md §11)');
+        this.name = 'MlDsaThresholdUnavailable';
+    }
+}
+//# sourceMappingURL=coordinator.js.map

package/dist/custody/mldsa/coordinator.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"coordinator.js","sourceRoot":"","sources":["../../../src/custody/mldsa/coordinator.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAoCG;AAsBH,MAAM,OAAO,yBAA0B,SAAQ,KAAK;IAClD;QACE,KAAK,CAAC,gFAAgF,CAAC,CAAC;QACxF,IAAI,CAAC,IAAI,GAAG,2BAA2B,CAAC;IAC1C,CAAC;CACF"}

package/dist/custody/mldsa/driver.d.ts ADDED Viewed

@@ -0,0 +1,23 @@
+/**
+ * Threshold-aware ML-DSA-65 driver.
+ *
+ * As of 2026-04 this is functionally TEE-only (single party at the
+ * node), since no audited threshold ML-DSA-65 exists. The driver
+ * exposes the eventual-threshold shape today so callers don't have
+ * to re-wire when the node flips `capabilities().mode` to
+ * `'threshold'`.
+ *
+ * Use directly only for *non-hybrid* ML-DSA surfaces (rare; reserved
+ * for ML-DSA-only audit attestations). For Tenzro-native txs use
+ * `hybridEd25519MlDsaDriver` which composes this with the FROST-Ed25519
+ * leg.
+ *
+ * Returns one 3293-byte ML-DSA-65 signature.
+ */
+import type { SigningDriver } from '../../types/signing-driver.js';
+import type { MlDsaCoordinator } from './coordinator.js';
+export interface ThresholdMlDsaOptions {
+    readonly coordinator: MlDsaCoordinator;
+}
+export declare function thresholdMlDsaDriver(opts: ThresholdMlDsaOptions): SigningDriver;
+//# sourceMappingURL=driver.d.ts.map

package/dist/custody/mldsa/driver.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"driver.d.ts","sourceRoot":"","sources":["../../../src/custody/mldsa/driver.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AAEH,OAAO,KAAK,EAAE,aAAa,EAAiC,MAAM,+BAA+B,CAAC;AAElG,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,kBAAkB,CAAC;AAEzD,MAAM,WAAW,qBAAqB;IACpC,QAAQ,CAAC,WAAW,EAAE,gBAAgB,CAAC;CACxC;AAED,wBAAgB,oBAAoB,CAAC,IAAI,EAAE,qBAAqB,GAAG,aAAa,CA0B/E"}

package/dist/custody/mldsa/driver.js ADDED Viewed

@@ -0,0 +1,43 @@
+/**
+ * Threshold-aware ML-DSA-65 driver.
+ *
+ * As of 2026-04 this is functionally TEE-only (single party at the
+ * node), since no audited threshold ML-DSA-65 exists. The driver
+ * exposes the eventual-threshold shape today so callers don't have
+ * to re-wire when the node flips `capabilities().mode` to
+ * `'threshold'`.
+ *
+ * Use directly only for *non-hybrid* ML-DSA surfaces (rare; reserved
+ * for ML-DSA-only audit attestations). For Tenzro-native txs use
+ * `hybridEd25519MlDsaDriver` which composes this with the FROST-Ed25519
+ * leg.
+ *
+ * Returns one 3293-byte ML-DSA-65 signature.
+ */
+import { surfaceKeyId } from "../surface-key-id.js";
+export function thresholdMlDsaDriver(opts) {
+    return {
+        // Reuse `tenzro-tee` until the node flips to threshold mode; the
+        // surface modules already classify this id as "node-attested".
+        id: 'tenzro-tee',
+        async sign(req) {
+            // Standalone ML-DSA-65 isn't a `SigningScheme` value today, but
+            // the hybrid driver invokes the coordinator directly — so reach
+            // this driver only via misconfiguration. Guard explicitly.
+            if (req.scheme !== 'ed25519+ml-dsa-65') {
+                throw new Error(`threshold-mldsa driver expected scheme ed25519+ml-dsa-65, got '${req.scheme}'`);
+            }
+            const { signature } = await opts.coordinator.sign({
+                did: req.did.toString(),
+                surfaceKey: surfaceKeyId(req.surfaceKey),
+                preimage: req.preimage,
+                ...(req.purpose !== undefined ? { purpose: req.purpose } : {}),
+            });
+            if (signature.length !== 3293) {
+                throw new Error(`ml-dsa-65 signature wrong length: ${signature.length}`);
+            }
+            return { signatures: [signature] };
+        },
+    };
+}
+//# sourceMappingURL=driver.js.map

package/dist/custody/mldsa/driver.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"driver.js","sourceRoot":"","sources":["../../../src/custody/mldsa/driver.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AAGH,OAAO,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AAOpD,MAAM,UAAU,oBAAoB,CAAC,IAA2B;IAC9D,OAAO;QACL,iEAAiE;QACjE,+DAA+D;QAC/D,EAAE,EAAE,YAAY;QAChB,KAAK,CAAC,IAAI,CAAC,GAAmB;YAC5B,gEAAgE;YAChE,gEAAgE;YAChE,2DAA2D;YAC3D,IAAI,GAAG,CAAC,MAAM,KAAK,mBAAmB,EAAE,CAAC;gBACvC,MAAM,IAAI,KAAK,CACb,kEAAkE,GAAG,CAAC,MAAM,GAAG,CAChF,CAAC;YACJ,CAAC;YACD,MAAM,EAAE,SAAS,EAAE,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC;gBAChD,GAAG,EAAE,GAAG,CAAC,GAAG,CAAC,QAAQ,EAAE;gBACvB,UAAU,EAAE,YAAY,CAAC,GAAG,CAAC,UAAU,CAAC;gBACxC,QAAQ,EAAE,GAAG,CAAC,QAAQ;gBACtB,GAAG,CAAC,GAAG,CAAC,OAAO,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;aAC/D,CAAC,CAAC;YACH,IAAI,SAAS,CAAC,MAAM,KAAK,IAAI,EAAE,CAAC;gBAC9B,MAAM,IAAI,KAAK,CAAC,qCAAqC,SAAS,CAAC,MAAM,EAAE,CAAC,CAAC;YAC3E,CAAC;YACD,OAAO,EAAE,UAAU,EAAE,CAAC,SAAS,CAAC,EAAE,CAAC;QACrC,CAAC;KACF,CAAC;AACJ,CAAC"}

package/dist/custody/mldsa/http-adapter.d.ts ADDED Viewed

@@ -0,0 +1,59 @@
+/**
+ * MlDsaHttpAdapter — fetch-based driver against a Tenzro RPC node's
+ * `/wallet/mldsa/*` endpoints. Implements the `MlDsaCoordinator` port;
+ * mirrors `FrostHttpAdapter` and `PairingHttpAdapter` for shape.
+ *
+ * Wire shape per `coordinator.ts` header + DESIGN.md §4.3.4 / §11:
+ *
+ *   GET  /wallet/mldsa/capabilities
+ *     reply = { mode: 'tee-only' | 'threshold', public_key? }
+ *
+ *   POST /wallet/mldsa/sign
+ *     body  = { did, surface_key, preimage_b64, purpose? }
+ *     reply = { signature_b64 }   // 3293-byte ML-DSA-65 signature
+ *
+ * As of 2026-05, the node operates in `tee-only` mode (NIST IR 8214C —
+ * no audited threshold ML-DSA-65 yet). The threshold-mode round-coord
+ * endpoints (`start-round` / `commit` / `respond` / `finalize`) are not
+ * surfaced through this adapter because the `MlDsaCoordinator` port
+ * itself doesn't expose them yet — they'll land alongside the port
+ * extension when threshold ML-DSA matures.
+ *
+ * Bytes on the wire are standard base64 (RFC 4648 §4) — same convention
+ * the FROST + Canton adapters use. The `_b64` suffix on field names is
+ * load-bearing.
+ *
+ * The `/wallet/mldsa/*` endpoints are pre-auth in the same sense as the
+ * other `/wallet/*` routes: ML-DSA signing is authenticated by the
+ * caller's session (DPoP-bound bearer for M2-style sessions, passkey
+ * assertion for M5). Threading auth is the host app's job — the adapter
+ * accepts an optional `headers` callback for it.
+ *
+ * Browser-clean: `fetch` only.
+ */
+import type { MlDsaCapabilities, MlDsaCoordinator, MlDsaSignRequest, MlDsaSignResult } from './coordinator.js';
+export interface MlDsaHttpConfig {
+    /** Base URL of the Tenzro RPC node, e.g. `https://rpc.tenzro.network`. */
+    readonly baseUrl: string;
+    /** Optional `fetch` override for tests. */
+    readonly fetch?: typeof fetch;
+    /**
+     * Per-request headers (e.g. `{ Authorization: 'DPoP …', DPoP: '…' }`).
+     * Called for every request — let the host rotate proofs as needed.
+     * Returning `{}` is fine; the adapter sets `content-type` on writes.
+     */
+    readonly headers?: () => Promise<Record<string, string>> | Record<string, string>;
+}
+export declare class MlDsaHttpError extends Error {
+    readonly status: number;
+    readonly url: string;
+    readonly body: string;
+    constructor(status: number, url: string, body: string);
+}
+export declare class MlDsaHttpAdapter implements MlDsaCoordinator {
+    #private;
+    constructor(cfg: MlDsaHttpConfig);
+    capabilities(): Promise<MlDsaCapabilities>;
+    sign(req: MlDsaSignRequest): Promise<MlDsaSignResult>;
+}
+//# sourceMappingURL=http-adapter.d.ts.map

package/dist/custody/mldsa/http-adapter.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"http-adapter.d.ts","sourceRoot":"","sources":["../../../src/custody/mldsa/http-adapter.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAgCG;AAEH,OAAO,KAAK,EACV,iBAAiB,EACjB,gBAAgB,EAEhB,gBAAgB,EAChB,eAAe,EAChB,MAAM,kBAAkB,CAAC;AAE1B,MAAM,WAAW,eAAe;IAC9B,0EAA0E;IAC1E,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;IACzB,2CAA2C;IAC3C,QAAQ,CAAC,KAAK,CAAC,EAAE,OAAO,KAAK,CAAC;IAC9B;;;;OAIG;IACH,QAAQ,CAAC,OAAO,CAAC,EAAE,MAAM,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CACnF;AAED,qBAAa,cAAe,SAAQ,KAAK;IAErC,QAAQ,CAAC,MAAM,EAAE,MAAM;IACvB,QAAQ,CAAC,GAAG,EAAE,MAAM;IACpB,QAAQ,CAAC,IAAI,EAAE,MAAM;gBAFZ,MAAM,EAAE,MAAM,EACd,GAAG,EAAE,MAAM,EACX,IAAI,EAAE,MAAM;CAKxB;AAWD,qBAAa,gBAAiB,YAAW,gBAAgB;;gBAG3C,GAAG,EAAE,eAAe;IAI1B,YAAY,IAAI,OAAO,CAAC,iBAAiB,CAAC;IAQ1C,IAAI,CAAC,GAAG,EAAE,gBAAgB,GAAG,OAAO,CAAC,eAAe,CAAC;CA8B5D"}

package/dist/custody/mldsa/http-adapter.js ADDED Viewed

@@ -0,0 +1,103 @@
+/**
+ * MlDsaHttpAdapter — fetch-based driver against a Tenzro RPC node's
+ * `/wallet/mldsa/*` endpoints. Implements the `MlDsaCoordinator` port;
+ * mirrors `FrostHttpAdapter` and `PairingHttpAdapter` for shape.
+ *
+ * Wire shape per `coordinator.ts` header + DESIGN.md §4.3.4 / §11:
+ *
+ *   GET  /wallet/mldsa/capabilities
+ *     reply = { mode: 'tee-only' | 'threshold', public_key? }
+ *
+ *   POST /wallet/mldsa/sign
+ *     body  = { did, surface_key, preimage_b64, purpose? }
+ *     reply = { signature_b64 }   // 3293-byte ML-DSA-65 signature
+ *
+ * As of 2026-05, the node operates in `tee-only` mode (NIST IR 8214C —
+ * no audited threshold ML-DSA-65 yet). The threshold-mode round-coord
+ * endpoints (`start-round` / `commit` / `respond` / `finalize`) are not
+ * surfaced through this adapter because the `MlDsaCoordinator` port
+ * itself doesn't expose them yet — they'll land alongside the port
+ * extension when threshold ML-DSA matures.
+ *
+ * Bytes on the wire are standard base64 (RFC 4648 §4) — same convention
+ * the FROST + Canton adapters use. The `_b64` suffix on field names is
+ * load-bearing.
+ *
+ * The `/wallet/mldsa/*` endpoints are pre-auth in the same sense as the
+ * other `/wallet/*` routes: ML-DSA signing is authenticated by the
+ * caller's session (DPoP-bound bearer for M2-style sessions, passkey
+ * assertion for M5). Threading auth is the host app's job — the adapter
+ * accepts an optional `headers` callback for it.
+ *
+ * Browser-clean: `fetch` only.
+ */
+export class MlDsaHttpError extends Error {
+    status;
+    url;
+    body;
+    constructor(status, url, body) {
+        super(`mldsa http ${status} on ${url}: ${body.length > 200 ? body.slice(0, 200) + '…' : body}`);
+        this.status = status;
+        this.url = url;
+        this.body = body;
+        this.name = 'MlDsaHttpError';
+    }
+}
+export class MlDsaHttpAdapter {
+    #cfg;
+    constructor(cfg) {
+        this.#cfg = cfg;
+    }
+    async capabilities() {
+        const raw = await this.#request('GET', 'capabilities');
+        return {
+            mode: raw.mode,
+            ...(raw.public_key !== undefined ? { publicKey: raw.public_key } : {}),
+        };
+    }
+    async sign(req) {
+        const raw = await this.#request('POST', 'sign', {
+            did: req.did,
+            surface_key: req.surfaceKey,
+            preimage_b64: bytesToBase64(req.preimage),
+            ...(req.purpose !== undefined ? { purpose: req.purpose } : {}),
+        });
+        return { signature: base64ToBytes(raw.signature_b64) };
+    }
+    // --- internals ---
+    async #request(method, action, body) {
+        const f = this.#cfg.fetch ?? globalThis.fetch;
+        const url = this.#cfg.baseUrl.replace(/\/+$/, '') + `/wallet/mldsa/${action}`;
+        const extraHeaders = this.#cfg.headers ? await this.#cfg.headers() : {};
+        const headers = { ...extraHeaders };
+        if (method === 'POST')
+            headers['content-type'] = 'application/json';
+        const res = await f(url, {
+            method,
+            headers,
+            ...(method === 'POST' ? { body: JSON.stringify(body ?? {}) } : {}),
+        });
+        if (!res.ok) {
+            const text = await res.text().catch(() => '');
+            throw new MlDsaHttpError(res.status, url, text);
+        }
+        if (res.status === 204)
+            return undefined;
+        return (await res.json());
+    }
+}
+// ─── base64 helpers ───────────────────────────────────────────────────────
+function bytesToBase64(bytes) {
+    let s = '';
+    for (let i = 0; i < bytes.length; i++)
+        s += String.fromCharCode(bytes[i]);
+    return btoa(s);
+}
+function base64ToBytes(b64) {
+    const bin = atob(b64);
+    const out = new Uint8Array(bin.length);
+    for (let i = 0; i < bin.length; i++)
+        out[i] = bin.charCodeAt(i);
+    return out;
+}
+//# sourceMappingURL=http-adapter.js.map

package/dist/custody/mldsa/http-adapter.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"http-adapter.js","sourceRoot":"","sources":["../../../src/custody/mldsa/http-adapter.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAgCG;AAuBH,MAAM,OAAO,cAAe,SAAQ,KAAK;IAE5B;IACA;IACA;IAHX,YACW,MAAc,EACd,GAAW,EACX,IAAY;QAErB,KAAK,CAAC,cAAc,MAAM,OAAO,GAAG,KAAK,IAAI,CAAC,MAAM,GAAG,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;QAJvF,WAAM,GAAN,MAAM,CAAQ;QACd,QAAG,GAAH,GAAG,CAAQ;QACX,SAAI,GAAJ,IAAI,CAAQ;QAGrB,IAAI,CAAC,IAAI,GAAG,gBAAgB,CAAC;IAC/B,CAAC;CACF;AAWD,MAAM,OAAO,gBAAgB;IAClB,IAAI,CAAkB;IAE/B,YAAY,GAAoB;QAC9B,IAAI,CAAC,IAAI,GAAG,GAAG,CAAC;IAClB,CAAC;IAED,KAAK,CAAC,YAAY;QAChB,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAkB,KAAK,EAAE,cAAc,CAAC,CAAC;QACxE,OAAO;YACL,IAAI,EAAE,GAAG,CAAC,IAAI;YACd,GAAG,CAAC,GAAG,CAAC,UAAU,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,SAAS,EAAE,GAAG,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SACvE,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,GAAqB;QAC9B,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAU,MAAM,EAAE,MAAM,EAAE;YACvD,GAAG,EAAE,GAAG,CAAC,GAAG;YACZ,WAAW,EAAE,GAAG,CAAC,UAAU;YAC3B,YAAY,EAAE,aAAa,CAAC,GAAG,CAAC,QAAQ,CAAC;YACzC,GAAG,CAAC,GAAG,CAAC,OAAO,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SAC/D,CAAC,CAAC;QACH,OAAO,EAAE,SAAS,EAAE,aAAa,CAAC,GAAG,CAAC,aAAa,CAAC,EAAE,CAAC;IACzD,CAAC;IAED,oBAAoB;IAEpB,KAAK,CAAC,QAAQ,CAAO,MAAsB,EAAE,MAAc,EAAE,IAAc;QACzE,MAAM,CAAC,GAAG,IAAI,CAAC,IAAI,CAAC,KAAK,IAAI,UAAU,CAAC,KAAK,CAAC;QAC9C,MAAM,GAAG,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,GAAG,iBAAiB,MAAM,EAAE,CAAC;QAC9E,MAAM,YAAY,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QACxE,MAAM,OAAO,GAA2B,EAAE,GAAG,YAAY,EAAE,CAAC;QAC5D,IAAI,MAAM,KAAK,MAAM;YAAE,OAAO,CAAC,cAAc,CAAC,GAAG,kBAAkB,CAAC;QACpE,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,GAAG,EAAE;YACvB,MAAM;YACN,OAAO;YACP,GAAG,CAAC,MAAM,KAAK,MAAM,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,IAAI,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SACnE,CAAC,CAAC;QACH,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;YACZ,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC;YAC9C,MAAM,IAAI,cAAc,CAAC,GAAG,CAAC,MAAM,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC;QAClD,CAAC;QACD,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG;YAAE,OAAO,SAAiB,CAAC;QACjD,OAAO,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAAS,CAAC;IACpC,CAAC;CACF;AAED,6EAA6E;AAE7E,SAAS,aAAa,CAAC,KAAiB;IACtC,IAAI,CAAC,GAAG,EAAE,CAAC;IACX,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE;QAAE,CAAC,IAAI,MAAM,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC,CAAE,CAAC,CAAC;IAC3E,OAAO,IAAI,CAAC,CAAC,CAAC,CAAC;AACjB,CAAC;AAED,SAAS,aAAa,CAAC,GAAW;IAChC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC;IACtB,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IACvC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC,EAAE;QAAE,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;IAChE,OAAO,GAAG,CAAC;AACb,CAAC"}

package/dist/custody/mldsa/index.d.ts ADDED Viewed

@@ -0,0 +1,7 @@
+export type { MlDsaCoordinator, MlDsaCapabilities, MlDsaMode, MlDsaSignRequest, MlDsaSignResult, } from './coordinator.js';
+export { MlDsaThresholdUnavailable } from './coordinator.js';
+export { thresholdMlDsaDriver } from './driver.js';
+export type { ThresholdMlDsaOptions } from './driver.js';
+export { MlDsaHttpAdapter, MlDsaHttpError } from './http-adapter.js';
+export type { MlDsaHttpConfig } from './http-adapter.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/custody/mldsa/index.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/custody/mldsa/index.ts"],"names":[],"mappings":"AAAA,YAAY,EACV,gBAAgB,EAChB,iBAAiB,EACjB,SAAS,EACT,gBAAgB,EAChB,eAAe,GAChB,MAAM,kBAAkB,CAAC;AAC1B,OAAO,EAAE,yBAAyB,EAAE,MAAM,kBAAkB,CAAC;AAC7D,OAAO,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAC;AACnD,YAAY,EAAE,qBAAqB,EAAE,MAAM,aAAa,CAAC;AACzD,OAAO,EAAE,gBAAgB,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AACrE,YAAY,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC"}

package/dist/custody/mldsa/index.js ADDED Viewed

@@ -0,0 +1,4 @@
+export { MlDsaThresholdUnavailable } from "./coordinator.js";
+export { thresholdMlDsaDriver } from "./driver.js";
+export { MlDsaHttpAdapter, MlDsaHttpError } from "./http-adapter.js";
+//# sourceMappingURL=index.js.map

package/dist/custody/mldsa/index.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/custody/mldsa/index.ts"],"names":[],"mappings":"AAOA,OAAO,EAAE,yBAAyB,EAAE,MAAM,kBAAkB,CAAC;AAC7D,OAAO,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAC;AAEnD,OAAO,EAAE,gBAAgB,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC"}

package/dist/custody/pairing/http-adapter.d.ts ADDED Viewed

@@ -0,0 +1,40 @@
+/**
+ * PairingHttpAdapter — fetch-based driver against a Tenzro RPC node's
+ * `/wallet/pairing/*` endpoints. Browser-clean (fetch + JSON only).
+ *
+ * The `/wallet/*` endpoints are pre-auth: the QR pairing flow runs before
+ * the new device has any session, and the originally-paired device's auth
+ * is asserted by the passkey assertion in the body, not by an
+ * `Authorization` header. So unlike the Canton HTTP helpers, no token
+ * provider is threaded through.
+ *
+ * Wire shape per DESIGN.md §4.3.6:
+ *   POST /wallet/pairing/start    → { session_id, pairing_url, expires_at }
+ *   POST /wallet/pairing/claim    → { session_id, state }
+ *   POST /wallet/pairing/poll     → { session_id, state, claimed_public_key?, reason? }
+ *   POST /wallet/pairing/finalize → { session_id, verification_methods, threshold }
+ *   POST /wallet/pairing/cancel   → 204 No Content
+ */
+import type { PairingClaimRequest, PairingClaimResult, PairingFinalizeRequest, PairingFinalizeResult, PairingPollResult, PairingPort, PairingStartRequest, PairingStartResult } from './port.js';
+export interface PairingHttpConfig {
+    /** Base URL of the Tenzro RPC node, e.g. `https://rpc.tenzro.network`. */
+    readonly baseUrl: string;
+    /** Optional `fetch` override for tests. */
+    readonly fetch?: typeof fetch;
+}
+export declare class PairingHttpError extends Error {
+    readonly status: number;
+    readonly url: string;
+    readonly body: string;
+    constructor(status: number, url: string, body: string);
+}
+export declare class PairingHttpAdapter implements PairingPort {
+    #private;
+    constructor(cfg: PairingHttpConfig);
+    start(req: PairingStartRequest): Promise<PairingStartResult>;
+    claim(req: PairingClaimRequest): Promise<PairingClaimResult>;
+    poll(sessionId: string): Promise<PairingPollResult>;
+    finalize(req: PairingFinalizeRequest): Promise<PairingFinalizeResult>;
+    cancel(sessionId: string): Promise<void>;
+}
+//# sourceMappingURL=http-adapter.d.ts.map

package/dist/custody/pairing/http-adapter.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"http-adapter.d.ts","sourceRoot":"","sources":["../../../src/custody/pairing/http-adapter.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAEH,OAAO,KAAK,EACV,mBAAmB,EACnB,kBAAkB,EAClB,sBAAsB,EACtB,qBAAqB,EACrB,iBAAiB,EACjB,WAAW,EACX,mBAAmB,EACnB,kBAAkB,EAGnB,MAAM,WAAW,CAAC;AAEnB,MAAM,WAAW,iBAAiB;IAChC,0EAA0E;IAC1E,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;IACzB,2CAA2C;IAC3C,QAAQ,CAAC,KAAK,CAAC,EAAE,OAAO,KAAK,CAAC;CAC/B;AAED,qBAAa,gBAAiB,SAAQ,KAAK;IAEvC,QAAQ,CAAC,MAAM,EAAE,MAAM;IACvB,QAAQ,CAAC,GAAG,EAAE,MAAM;IACpB,QAAQ,CAAC,IAAI,EAAE,MAAM;gBAFZ,MAAM,EAAE,MAAM,EACd,GAAG,EAAE,MAAM,EACX,IAAI,EAAE,MAAM;CAOxB;AA0BD,qBAAa,kBAAmB,YAAW,WAAW;;gBAGxC,GAAG,EAAE,iBAAiB;IAI5B,KAAK,CAAC,GAAG,EAAE,mBAAmB,GAAG,OAAO,CAAC,kBAAkB,CAAC;IAY5D,KAAK,CAAC,GAAG,EAAE,mBAAmB,GAAG,OAAO,CAAC,kBAAkB,CAAC;IAiB5D,IAAI,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,iBAAiB,CAAC;IAYnD,QAAQ,CAAC,GAAG,EAAE,sBAAsB,GAAG,OAAO,CAAC,qBAAqB,CAAC;IAuBrE,MAAM,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;CAqB/C"}