toss-expo-sdk 0.1.1 → 1.0.1

package/src/reconciliation.ts

@@ -21,6 +21,13 @@ import {
 } from './storage/secureStorage';
 import { TossError, NetworkError } from './errors';
 
+// Helper for logging during reconciliation
+const msg = (message: string) => {
+  if (typeof console !== 'undefined') {
+    console.log(`[TOSS Reconciliation] ${message}`);
+  }
+};
+
 /**
  * Result of intent settlement attempt
  */
@@ -70,6 +77,14 @@ export async function validateIntentOnchain(
       };
     }
 
+    // GAP #3 FIX: Check if sender is a program account (cannot be source of transfer)
+    if (senderAccountInfo.executable) {
+      return {
+        valid: false,
+        error: 'Sender is a program account and cannot send funds',
+      };
+    }
+
     // Validate sender has sufficient balance
     if (senderAccountInfo.lamports < intent.amount) {
       return {
@@ -78,6 +93,21 @@ export async function validateIntentOnchain(
       };
     }
 
+    // GAP #3 FIX: Check if sender is frozen (token account freezing)
+    if (senderAccountInfo.data && senderAccountInfo.data.length > 0) {
+      // If account has data, it might be a token account - check frozen status
+      // Token account structure: owner (32) + mint (32) + owner (32) + amount (8) + decimals (1) + isInitialized (1) + isFrozen (1)
+      if (senderAccountInfo.data.length >= 106) {
+        const isFrozen = senderAccountInfo.data[105] !== 0;
+        if (isFrozen) {
+          return {
+            valid: false,
+            error: 'Sender account is frozen and cannot send funds',
+          };
+        }
+      }
+    }
+
     // Validate recipient exists (if not a system account)
     const recipientPublicKey = new PublicKey(intent.to);
     const recipientAccountInfo =
@@ -88,6 +118,30 @@ export async function validateIntentOnchain(
       // But we should verify it's a valid public key format (already done above)
     }
 
+    // GAP #3 FIX: Validate nonce account if using durable nonce
+    if (intent.nonceAccountAddress && intent.nonceAuth) {
+      const nonceAddress = new PublicKey(intent.nonceAccountAddress);
+      const nonceAccountInfo = await connection.getAccountInfo(nonceAddress);
+
+      if (!nonceAccountInfo) {
+        return {
+          valid: false,
+          error: 'Nonce account does not exist',
+        };
+      }
+
+      // Check nonce account is owned by SystemProgram
+      const SYSTEM_PROGRAM_ID = new PublicKey(
+        '11111111111111111111111111111111'
+      );
+      if (!nonceAccountInfo.owner.equals(SYSTEM_PROGRAM_ID)) {
+        return {
+          valid: false,
+          error: 'Nonce account is not owned by SystemProgram',
+        };
+      }
+    }
+
     // Fetch recent transactions to check for double-spend
     const signatures = await connection.getSignaturesForAddress(
       senderPublicKey,
@@ -250,6 +304,136 @@ export async function submitTransactionToChain(
   );
 }
 
+/**
+ * GAP #7 FIX: Submit transaction to Arcium MXE program for confidential execution
+ * Per TOSS Paper Section 7: "Arcium operates strictly before onchain execution"
+ */
+export async function submitTransactionToArciumMXE(
+  intent: SolanaIntent,
+  connection: Connection,
+  mxeProgramId: PublicKey,
+  provider: any, // AnchorProvider
+  maxRetries: number = 3
+): Promise<string> {
+  if (!intent.encrypted) {
+    throw new Error(
+      'Intent must be encrypted with Arcium data to submit to MXE'
+    );
+  }
+
+  try {
+    // GAP #7 FIX: Actual Arcium MXE Integration
+    // Per TOSS Paper Section 7: "Arcium operates strictly before onchain execution"
+
+    // Import Arcium helper for confidential computation
+    const { encryptForArciumInternal } =
+      await import('./internal/arciumHelper');
+
+    // Extract sensitive intent parameters for encryption
+    const plaintextValues = [
+      BigInt(intent.amount),
+      BigInt(intent.nonce),
+      BigInt(intent.expiry),
+    ];
+
+    // Encrypt parameters with Arcium
+    const encrypted = await encryptForArciumInternal(
+      mxeProgramId,
+      plaintextValues,
+      provider
+    );
+
+    msg?.('🔐 Intent parameters encrypted with Arcium MXE');
+
+    // PRODUCTION: Build MXE submission instruction
+    // Per TOSS Paper Section 7: "Arcium operates strictly before onchain execution"
+    // The MXE program will:
+    // 1. Receive encrypted intent data
+    // 2. Decrypt inside trusted execution environment
+    // 3. Validate constraints privately
+    // 4. Execute the transfer instruction confidentially
+    // 5. Return encrypted result only owner can decrypt
+
+    // Serialize encrypted data for MXE program instruction
+    const encryptedDataBuffer = Buffer.concat([
+      // Ephemeral public key (32 bytes)
+      Buffer.from(encrypted.publicKey),
+      // Nonce (16 bytes)
+      Buffer.from(encrypted.nonce),
+      // Ciphertext - serialize each field
+      Buffer.from(
+        JSON.stringify({
+          amount: encrypted.ciphertext[0],
+          nonce: encrypted.ciphertext[1],
+          expiry: encrypted.ciphertext[2],
+        })
+      ),
+    ]);
+
+    msg?.(
+      '🔐 Encrypted data prepared for MXE program (size: ' +
+        encryptedDataBuffer.length +
+        ' bytes)'
+    );
+
+    // PRODUCTION: Create MXE instruction with encrypted metadata
+    // This instruction invokes the MXE program to execute the transfer privately
+    const mxeInstruction: any = {
+      programId: mxeProgramId,
+      keys: [
+        { pubkey: intent.from, isSigner: true, isWritable: true }, // Payer
+        { pubkey: intent.to, isSigner: false, isWritable: true }, // Recipient
+        {
+          pubkey: provider.wallet.publicKey,
+          isSigner: true,
+          isWritable: false,
+        }, // Intent signer
+      ],
+      data: encryptedDataBuffer,
+    };
+
+    msg?.(
+      '📤 Submitting encrypted intent to MXE program for confidential execution'
+    );
+
+    // PRODUCTION: Build transaction with MXE instruction
+    // The MXE program receives encrypted intent, decrypts privately, and executes
+    const mxeTransaction = new (await import('@solana/web3.js')).Transaction();
+
+    // Add the encrypted MXE instruction
+    mxeTransaction.add({
+      programId: mxeInstruction.programId,
+      keys: mxeInstruction.keys,
+      data: mxeInstruction.data,
+    });
+
+    // Set transaction metadata
+    const latestBlockhash = await connection.getLatestBlockhash('confirmed');
+    mxeTransaction.recentBlockhash = latestBlockhash.blockhash;
+    mxeTransaction.lastValidBlockHeight = latestBlockhash.lastValidBlockHeight;
+    mxeTransaction.feePayer = provider.wallet.publicKey;
+
+    // PRODUCTION: Submit encrypted transaction to network
+    // Network validators verify signature but cannot see unencrypted intent details
+    const mxeSignature = await submitTransactionToChain(
+      mxeTransaction,
+      connection,
+      maxRetries
+    );
+
+    msg?.('✅ MXE transaction submitted - encrypted execution in progress');
+    msg?.('   Signature: ' + mxeSignature);
+    msg?.('   Intent details remain confidential until settlement');
+
+    return mxeSignature;
+  } catch (error) {
+    throw new TossError(
+      `Failed to submit transaction to Arcium MXE: ${error instanceof Error ? error.message : String(error)}`,
+      'ARCIUM_SUBMISSION_FAILED'
+    );
+  }
+}
+
 /**
  * Attempts to settle a single intent and returns the result
  */

package/src/services/authService.ts

@@ -1,12 +1,14 @@
 import * as SecureStore from 'expo-secure-store';
-import { Keypair, PublicKey } from '@solana/web3.js';
+import { Keypair, PublicKey, Connection } from '@solana/web3.js';
 import * as LocalAuthentication from 'expo-local-authentication';
 import type { TossUser } from '../types/tossUser';
 import crypto from 'crypto';
+import { NonceAccountManager } from '../client/NonceAccountManager';
 
 export const SESSION_KEY = 'toss_user_session';
 const WALLET_KEY = 'toss_encrypted_wallet';
 const BIOMETRIC_SALT_KEY = 'toss_biometric_salt';
+const NONCE_ACCOUNT_KEY = 'toss_nonce_account';
 
 type UserSession = {
   id: string;
@@ -43,6 +45,10 @@ export class AuthService {
         lastActive: new Date().toISOString(),
         client: 'mobile',
       },
+      security: {
+        biometricEnabled: false,
+        nonceAccountRequiresBiometric: true,
+      },
       status: 'active',
       lastSeen: new Date().toISOString(),
       tossFeatures: {
@@ -50,6 +56,8 @@ export class AuthService {
         canReceive: true,
         isPrivateTxEnabled: true,
         maxTransactionAmount: 10000,
+        offlineTransactionsEnabled: false,
+        nonceAccountEnabled: false,
       },
       createdAt: new Date().toISOString(),
       updatedAt: new Date().toISOString(),
@@ -235,4 +243,183 @@ export class AuthService {
     await SecureStore.deleteItemAsync(BIOMETRIC_SALT_KEY);
     await SecureStore.deleteItemAsync(SESSION_KEY);
   }
+
+  /**
+   * Create a secure durable nonce account for offline transactions
+   * REQUIRES biometric authentication for maximum security
+   *
+   * This creates a nonce account that enables:
+   * - Offline transaction creation (with replay protection)
+   * - Biometric-protected signing
+   * - Encrypted storage with Noise Protocol support
+   */
+  static async createSecureNonceAccount(
+    user: TossUser,
+    connection: Connection,
+    userKeypair: Keypair
+  ): Promise<TossUser> {
+    // Verify biometric is available and enrolled
+    const hasHardware = await LocalAuthentication.hasHardwareAsync();
+    const isEnrolled = await LocalAuthentication.isEnrolledAsync();
+
+    if (!hasHardware || !isEnrolled) {
+      throw new Error(
+        '❌ Biometric authentication required but not configured on this device'
+      );
+    }
+
+    // Require biometric verification before creating nonce account
+    const result = await LocalAuthentication.authenticateAsync({
+      promptMessage: 'Biometric verification required to create nonce account',
+      fallbackLabel: 'Use PIN',
+      disableDeviceFallback: false,
+    });
+
+    if (!result.success) {
+      throw new Error(
+        'Biometric verification failed - nonce account creation denied'
+      );
+    }
+
+    try {
+      // Initialize nonce account manager
+      const nonceManager = new NonceAccountManager(connection);
+
+      // Generate nonce authority keypair (separate from user wallet for security)
+      const nonceAuthorityKeypair = Keypair.generate();
+
+      // Create the nonce account
+      const nonceAccountInfo = await nonceManager.createNonceAccount(
+        user,
+        nonceAuthorityKeypair,
+        userKeypair.publicKey,
+        {
+          requireBiometric: true,
+          securityLevel: 'high',
+          persistToSecureStorage: true,
+          autoRenew: true,
+        }
+      );
+
+      // Update user with nonce account information
+      const updatedUser: TossUser = {
+        ...user,
+        nonceAccount: {
+          address: new PublicKey(nonceAccountInfo.address),
+          authorizedSigner: new PublicKey(nonceAccountInfo.authorizedSigner),
+          isBiometricProtected: true,
+          status: 'active',
+        },
+        security: {
+          ...user.security,
+          biometricEnabled: true,
+          nonceAccountRequiresBiometric: true,
+          lastBiometricVerification: Math.floor(Date.now() / 1000),
+        },
+        tossFeatures: {
+          ...user.tossFeatures,
+          offlineTransactionsEnabled: true,
+          nonceAccountEnabled: true,
+        },
+        updatedAt: new Date().toISOString(),
+      };
+
+      return updatedUser;
+    } catch (error) {
+      const errorMessage =
+        error instanceof Error ? error.message : String(error);
+      throw new Error(`Failed to create nonce account: ${errorMessage}`);
+    }
+  }
+
+  /**
+   * Enable offline transactions for a user with nonce account support
+   * Ensures all security measures are in place
+   */
+  static async enableOfflineTransactions(user: TossUser): Promise<TossUser> {
+    // Verify user has nonce account
+    if (!user.nonceAccount) {
+      throw new Error('User does not have a nonce account. Create one first.');
+    }
+
+    // Verify biometric is enabled
+    if (!user.security.biometricEnabled) {
+      throw new Error('Biometric authentication must be enabled first');
+    }
+
+    // Update user with offline transactions enabled
+    return {
+      ...user,
+      tossFeatures: {
+        ...user.tossFeatures,
+        offlineTransactionsEnabled: true,
+        nonceAccountEnabled: true,
+      },
+      updatedAt: new Date().toISOString(),
+    };
+  }
+
+  /**
+   * Verify nonce account is accessible and valid
+   * Requires biometric authentication
+   */
+  static async verifyNonceAccountAccess(userId: string): Promise<boolean> {
+    try {
+      // Verify biometric
+      const result = await LocalAuthentication.authenticateAsync({
+        promptMessage: 'Verify nonce account access with biometric',
+        fallbackLabel: 'Use PIN',
+        disableDeviceFallback: false,
+      });
+
+      if (!result.success) {
+        return false;
+      }
+
+      // Check if nonce account exists in secure storage
+      const storageKey = `${NONCE_ACCOUNT_KEY}_${userId}`;
+      const stored = await SecureStore.getItemAsync(storageKey);
+
+      return stored !== null;
+    } catch (error) {
+      console.error('Failed to verify nonce account access:', error);
+      return false;
+    }
+  }
+
+  /**
+   * Revoke nonce account (security measure)
+   * Requires biometric verification
+   */
+  static async revokeNonceAccount(
+    userId: string,
+    user: TossUser
+  ): Promise<TossUser> {
+    // Require biometric verification
+    const result = await LocalAuthentication.authenticateAsync({
+      promptMessage: 'Biometric verification required to revoke nonce account',
+      fallbackLabel: 'Use PIN',
+      disableDeviceFallback: false,
+    });
+
+    if (!result.success) {
+      throw new Error('Biometric verification failed - revocation denied');
+    }
+
+    // Remove nonce account from storage
+    const storageKey = `${NONCE_ACCOUNT_KEY}_${userId}`;
+    await SecureStore.deleteItemAsync(storageKey);
+
+    // Update user
+    return {
+      ...user,
+      nonceAccount: undefined,
+      tossFeatures: {
+        ...user.tossFeatures,
+        offlineTransactionsEnabled: false,
+        nonceAccountEnabled: false,
+      },
+      updatedAt: new Date().toISOString(),
+    };
+  }
 }

package/src/storage/secureStorage.ts

@@ -24,7 +24,7 @@ export async function secureStoreIntent(intent: SolanaIntent): Promise<void> {
   try {
     const key = `${STORAGE_PREFIX}${intent.id}`;
     await SecureStore.setItemAsync(key, JSON.stringify(intent));
-    
+
     // Update the keys list
     const keys = await getAllKeys();
     if (!keys.includes(key)) {
@@ -74,10 +74,10 @@ export async function removeSecureIntent(intentId: string): Promise<void> {
   try {
     const key = `${STORAGE_PREFIX}${intentId}`;
     await SecureStore.deleteItemAsync(key);
-    
+
     // Update the keys list
     const keys = await getAllKeys();
-    const updatedKeys = keys.filter(k => k !== key);
+    const updatedKeys = keys.filter((k) => k !== key);
     await saveKeys(updatedKeys);
   } catch (error) {
     throw new StorageError('Failed to remove intent', {
@@ -97,4 +97,142 @@ export async function clearAllSecureIntents(): Promise<void> {
   } catch (error) {
     throw new StorageError('Failed to clear all intents', { cause: error });
   }
-}
+}
+
+/**
+ * GAP #1: Cleanup expired intents from local storage
+ * Per TOSS Paper Section 8: Local state is append-only until settlement confirmation
+ */
+export async function cleanupExpiredIntents(): Promise<number> {
+  try {
+    const intents = await getAllSecureIntents();
+    const now = Math.floor(Date.now() / 1000);
+    let cleanedCount = 0;
+
+    for (const intent of intents) {
+      if (intent.expiry < now) {
+        await removeSecureIntent(intent.id);
+        cleanedCount++;
+      }
+    }
+
+    return cleanedCount;
+  } catch (error) {
+    throw new StorageError('Failed to cleanup expired intents', {
+      cause: error,
+    });
+  }
+}
+
+/**
+ * GAP #2: Store and retrieve reconciliation state
+ * Per TOSS Paper Section 9: Track which intents have been synced/failed/conflicted
+ */
+const RECONCILIATION_STATE_KEY = 'toss_reconciliation_state_';
+
+export interface ReconciliationStateData {
+  userId: string;
+  lastSyncTime: number;
+  lastSyncSlot: number;
+  processedIntents: string[]; // Intent IDs successfully settled
+  failedIntents: string[]; // Intent IDs that failed/were rejected
+  conflictingIntents: string[]; // Intent IDs with detected conflicts
+}
+
+export async function saveReconciliationState(
+  userId: string,
+  state: Partial<ReconciliationStateData>
+): Promise<void> {
+  try {
+    const key = `${RECONCILIATION_STATE_KEY}${userId}`;
+    const existing = await SecureStore.getItemAsync(key);
+    const currentState: ReconciliationStateData = existing
+      ? JSON.parse(existing)
+      : {
+          userId,
+          lastSyncTime: 0,
+          lastSyncSlot: 0,
+          processedIntents: [],
+          failedIntents: [],
+          conflictingIntents: [],
+        };
+
+    const merged: ReconciliationStateData = {
+      ...currentState,
+      ...state,
+      userId, // Always preserve userId
+    };
+
+    await SecureStore.setItemAsync(key, JSON.stringify(merged));
+  } catch (error) {
+    throw new StorageError('Failed to save reconciliation state', {
+      cause: error,
+      userId,
+    });
+  }
+}
+
+export async function getReconciliationState(
+  userId: string
+): Promise<ReconciliationStateData> {
+  try {
+    const key = `${RECONCILIATION_STATE_KEY}${userId}`;
+    const value = await SecureStore.getItemAsync(key);
+
+    if (value) {
+      return JSON.parse(value);
+    }
+
+    return {
+      userId,
+      lastSyncTime: 0,
+      lastSyncSlot: 0,
+      processedIntents: [],
+      failedIntents: [],
+      conflictingIntents: [],
+    };
+  } catch (error) {
+    throw new StorageError('Failed to retrieve reconciliation state', {
+      cause: error,
+      userId,
+    });
+  }
+}
+
+export async function updateReconciliationState(
+  userId: string,
+  intentId: string,
+  status: 'processed' | 'failed' | 'conflicted'
+): Promise<void> {
+  try {
+    const current = await getReconciliationState(userId);
+
+    // Remove from all lists first
+    current.processedIntents = current.processedIntents.filter(
+      (id) => id !== intentId
+    );
+    current.failedIntents = current.failedIntents.filter(
+      (id) => id !== intentId
+    );
+    current.conflictingIntents = current.conflictingIntents.filter(
+      (id) => id !== intentId
+    );
+
+    // Add to appropriate list
+    if (status === 'processed') {
+      current.processedIntents.push(intentId);
+    } else if (status === 'failed') {
+      current.failedIntents.push(intentId);
+    } else if (status === 'conflicted') {
+      current.conflictingIntents.push(intentId);
+    }
+
+    await saveReconciliationState(userId, current);
+  } catch (error) {
+    throw new StorageError('Failed to update reconciliation state', {
+      cause: error,
+      userId,
+      intentId,
+    });
+  }
+}

package/src/storage.ts

@@ -1,15 +1,15 @@
-import AsyncStorage from "@react-native-async-storage/async-storage";
+import AsyncStorage from '@react-native-async-storage/async-storage';
 
-const INTENTS_KEY = "TOSS_PENDING_INTENTS";
+const INTENTS_KEY = 'TOSS_PENDING_INTENTS';
 
 export async function storePendingIntent(intent: any) {
-  const current = JSON.parse((await AsyncStorage.getItem(INTENTS_KEY)) || "[]");
+  const current = JSON.parse((await AsyncStorage.getItem(INTENTS_KEY)) || '[]');
   current.push(intent);
   await AsyncStorage.setItem(INTENTS_KEY, JSON.stringify(current));
 }
 
 export async function getPendingIntents() {
-  return JSON.parse((await AsyncStorage.getItem(INTENTS_KEY)) || "[]");
+  return JSON.parse((await AsyncStorage.getItem(INTENTS_KEY)) || '[]');
 }
 
 export async function clearPendingIntents() {

package/src/sync.ts

@@ -4,6 +4,8 @@
  * Implements Section 9 of the TOSS Technical Paper:
  * Upon regaining connectivity, devices initiate reconciliation with onchain state.
  * All offline artifacts are verified onchain and settled with deterministic outcomes.
+ *
+ * GAP #2 FIX: Track synchronization state persistently
  */
 
 import { Connection, PublicKey } from '@solana/web3.js';
@@ -14,6 +16,7 @@ import {
   type SettlementResult,
   type ReconciliationState,
 } from './reconciliation';
+import { updateReconciliationState } from './storage/secureStorage';
 import { NetworkError } from './errors';
 
 export interface SyncResult {
@@ -40,12 +43,16 @@ export interface SyncResult {
  * 2. Settle all pending intents
  * 3. Update local state with results
  *
+ * GAP #2 FIX: Persist reconciliation state for future queries
+ *
  * @param connection Connection to Solana RPC
+ * @param userId User ID for state tracking (required for persistence)
  * @param feePayer Optional fee payer keypair public key
  * @returns Detailed sync results including conflicts and settlements
  */
 export async function syncToChain(
   connection: Connection,
+  userId?: string,
   feePayer?: PublicKey
 ): Promise<SyncResult> {
   const syncTimestamp = Math.floor(Date.now() / 1000);
@@ -71,6 +78,39 @@ export async function syncToChain(
     // Step 4: Get final reconciliation state
     const reconciliationState = await getReconciliationState(connection);
 
+    // GAP #2 FIX: Persist reconciliation state to storage
+    if (userId) {
+      try {
+        // Update individual intent statuses
+        for (const settlement of successfulSettlements) {
+          await updateReconciliationState(
+            userId,
+            settlement.intentId,
+            'processed'
+          );
+        }
+        for (const settlement of failedSettlements) {
+          await updateReconciliationState(
+            userId,
+            settlement.intentId,
+            'failed'
+          );
+        }
+        for (const conflict of detectedConflicts) {
+          await updateReconciliationState(
+            userId,
+            conflict.intentId,
+            'conflicted'
+          );
+        }
+      } catch (storageError) {
+        console.warn(
+          'Failed to update reconciliation state storage:',
+          storageError
+        );
+      }
+    }
+
     const isComplete =
       failedSettlements.length === 0 && detectedConflicts.length === 0;