trac-msb 0.2.4 → 0.2.6

package/rpc/handlers.mjs

@@ -1,47 +1,54 @@
 import { decodeBase64Payload, isBase64, sanitizeBulkPayloadsRequestBody, sanitizeTransferPayload, validatePayloadStructure } from "./utils/helpers.mjs"
-import { MAX_SIGNED_LENGTH } from "./constants.mjs";
+import { MAX_SIGNED_LENGTH, ZERO_WK } from "./constants.mjs";
+import { buildRequestUrl } from "./utils/url.mjs";
 import { isHexString } from "../src/utils/helpers.js";
+import {
+    getBalance,
+    getTxv,
+    getFee,
+    getConfirmedLength,
+    getUnconfirmedLength,
+    broadcastTransaction,
+    getTxHashes,
+    getTxDetails,
+    fetchBulkTxPayloads,
+    getExtendedTxDetails
+} from "./rpc_services.js";
+import { bufferToBigInt, licenseBufferToBigInt } from "../src/utils/amountSerialization.js";
+import { isAddressValid } from "../src/core/state/utils/address.js";
+import { getConfirmedParameter } from "./utils/confirmedParameter.mjs";
 
 export async function handleBalance({ req, respond, msbInstance }) {
-    const [path, queryString] = req.url.split("?");
-    const parts = path.split("/").filter(Boolean);
+    const url = buildRequestUrl(req);
+    const parts = url.pathname.split("/").filter(Boolean);
     const address = parts[2];
 
-    let confirmed = true; // default
-    if (queryString) {
-        const params = new URLSearchParams(queryString);
-        if (params.has("confirmed")) {
-            confirmed = params.get("confirmed") === "true";
-        }
-    }
+    const confirmedParam = getConfirmedParameter(url);
+    const confirmed = confirmedParam === null ? false : confirmedParam; // invalid -> fallback to unconfirmed
 
+    // TODO: VALIDATION? 
     if (!address) {
         respond(400, { error: 'Wallet address is required' });
         return;
     }
-    
-    const commandString =`/get_balance ${address} ${confirmed}`;
-    const nodeInfo = await msbInstance.handleCommand(commandString);
+
+    const nodeInfo = await getBalance(msbInstance, address, confirmed);
     const balance = nodeInfo?.balance || 0;
     respond(200, { address, balance });
 }
 
 export async function handleTxv({ msbInstance, respond }) {
-    const commandString = '/get_txv';
-    const txvRaw = await msbInstance.handleCommand(commandString);
-    const txv = txvRaw.toString('hex');
+    const txv = await getTxv(msbInstance);
     respond(200, { txv });
 }
 
 export async function handleFee({ msbInstance, respond }) {
-    const commandString = '/get_fee';
-    const fee = await msbInstance.handleCommand(commandString);
+    const fee = await getFee(msbInstance);
     respond(200, { fee });
 }
 
 export async function handleConfirmedLength({ msbInstance, respond }) {
-    const commandString = '/confirmed_length';
-    const confirmed_length = await msbInstance.handleCommand(commandString);
+    const confirmed_length = await getConfirmedLength(msbInstance);
     respond(200, { confirmed_length });
 }
 
@@ -65,20 +72,20 @@ export async function handleBroadcastTransaction({ msbInstance, respond, req })
             const decodedPayload = decodeBase64Payload(payload);
             validatePayloadStructure(decodedPayload);
             const sanitizedPayload = sanitizeTransferPayload(decodedPayload);
-            const result = await msbInstance.handleCommand('/broadcast_transaction', null, sanitizedPayload);
+            const result = await broadcastTransaction(msbInstance, sanitizedPayload);
             respond(200, { result });
         } catch (error) {
             let code = error instanceof SyntaxError ? 400 : 500;
             let errorMsg = code === 400 ? 'Invalid JSON payload.' : 'An error occurred processing the transaction.'
 
-            if(error.message.includes("Failed to broadcast transaction after multiple attempts.")){
+            if (error.message.includes("Failed to broadcast transaction after multiple attempts.")) {
                 code = 429;
                 errorMsg = "Failed to broadcast transaction after multiple attempts."
             }
-            
+
             console.error('Error in handleBroadcastTransaction:', error);
             // Use 400 for client errors (like bad JSON), 500 for server/command errors
-            respond(code, { error:  errorMsg});
+            respond(code, { error: errorMsg });
         }
     });
 
@@ -89,8 +96,10 @@ export async function handleBroadcastTransaction({ msbInstance, respond, req })
 }
 
 export async function handleTxHashes({ msbInstance, respond, req }) {
-    const startSignedLengthStr = req.url.split('/')[3];
-    const endSignedLengthStr = req.url.split('/')[4];
+    const url = buildRequestUrl(req);
+    const pathParts = url.pathname.split('/').filter(Boolean);
+    const startSignedLengthStr = pathParts[2];
+    const endSignedLengthStr = pathParts[3];
 
     const startSignedLength = parseInt(startSignedLengthStr);
     const endSignedLength = parseInt(endSignedLengthStr);
@@ -116,27 +125,24 @@ export async function handleTxHashes({ msbInstance, respond, req }) {
     }
 
     // 4. Get current confirmed length
-    const currentConfirmedLength = await msbInstance.handleCommand('/confirmed_length');
+    const currentConfirmedLength = await getConfirmedLength(msbInstance);
 
     // 5. Adjust the end index to not exceed the confirmed length.
     const adjustedEndLength = Math.min(endSignedLength, currentConfirmedLength)
-    
+
     // 6. Fetch txs hashes for the adjusted range, assuming the command takes start and end index.
-    const commandString = `/get_txs_hashes ${startSignedLength} ${adjustedEndLength}`;
-    const { hashes } = await msbInstance.handleCommand(commandString);
+    const { hashes } = await getTxHashes(msbInstance, startSignedLength, adjustedEndLength);
     respond(200, { hashes });
 }
 
 export async function handleUnconfirmedLength({ msbInstance, respond }) {
-    const commandString = '/unconfirmed_length';
-    const unconfirmed_length = await msbInstance.handleCommand(commandString);
+    const unconfirmed_length = await getUnconfirmedLength(msbInstance);
     respond(200, { unconfirmed_length });
 }
 
 export async function handleTransactionDetails({ msbInstance, respond, req }) {
     const hash = req.url.split('/')[3];
-    const commandString = `/get_tx_details ${hash}`;
-    const txDetails = await msbInstance.handleCommand(commandString);
+    const txDetails = await getTxDetails(msbInstance, hash);
     respond(txDetails === null ? 404 : 200 , { txDetails });
 }
 
@@ -150,9 +156,9 @@ export async function handleFetchBulkTxPayloads({ msbInstance, respond, req }) {
         if (headersSent) return; // Stop processing if response has started/errored
 
         bytesRead += chunk.length;
-        if (bytesRead > limitBytes) { 
+        if (bytesRead > limitBytes) {
             respond(413, { error: 'Request body too large.' });
-            headersSent = true; 
+            headersSent = true;
             req.destroy(); // Stop receiving data (GOOD PRACTICE)
             return;
         }
@@ -164,16 +170,16 @@ export async function handleFetchBulkTxPayloads({ msbInstance, respond, req }) {
 
 
         try {
-            if (body === null || body === ''){
+            if (body === null || body === '') {
                 return respond(400, { error: 'Missing payload.' });
             }
 
             const sanitizedPayload = sanitizeBulkPayloadsRequestBody(body);
 
-            if (sanitizedPayload === null){
+            if (sanitizedPayload === null) {
                 return respond(400, { error: 'Invalid payload.' });
             }
-            
+
             const { hashes } = sanitizedPayload;
 
             if (!Array.isArray(hashes) || hashes.length === 0) {
@@ -186,11 +192,11 @@ export async function handleFetchBulkTxPayloads({ msbInstance, respond, req }) {
 
             const uniqueHashes = [...new Set(hashes)];
 
-            const commandResult = await msbInstance.handleCommand( `/get_tx_payloads_bulk`, null, uniqueHashes)
+            const commandResult = await fetchBulkTxPayloads(msbInstance, uniqueHashes);
 
             const responseString = JSON.stringify(commandResult);
             if (Buffer.byteLength(responseString, 'utf8') > 2_000_000) {
-                return respond(413, { error: 'Response too large. Reduce number of hashes.'});
+                return respond(413, { error: 'Response too large. Reduce number of hashes.' });
             }
 
             return respond(200, commandResult);
@@ -209,38 +215,26 @@ export async function handleFetchBulkTxPayloads({ msbInstance, respond, req }) {
 }
 
 export async function handleTransactionExtendedDetails({ msbInstance, respond, req }) {
-    const [path, queryString] = req.url.split("?");
-    const pathParts = path.split('/');
-    const hash = pathParts[4];
-    
+    const url = buildRequestUrl(req);
+    const pathParts = url.pathname.split('/').filter(Boolean);
+    const hash = pathParts[3];
+
     if (!hash) {
         return respond(400, { error: "Transaction hash is required" });
     }
-    
+
     if (isHexString(hash) === false || hash.length !== 64) {
         return respond(400, { error: "Invalid transaction hash format" });
     }
-    let confirmed = true; // default
-    if (queryString) {
-        const params = new URLSearchParams(queryString);
-        if (params.has("confirmed")) {
-            const confirmedParam = params.get("confirmed");
-            if (confirmedParam !== "true" && confirmedParam !== "false") {
-                return respond(400, { error: 'Parameter "confirmed" must be exactly "true" or "false"' });
-            }
-            confirmed = confirmedParam === "true";
-        }
+
+    const confirmed = getConfirmedParameter(url);
+    if (confirmed === null) {
+        return respond(400, { error: 'Parameter "confirmed" must be exactly "true" or "false"' });
     }
-    
+
     try {
-        let txDetails;
-        const commandString = `/get_extended_tx_details ${hash} ${confirmed}`;
-        txDetails = await msbInstance.handleCommand(commandString);
-        if (txDetails === null) {
-            respond(404, { error: `No payload found for tx hash: ${hash}` });
-        } else {
-            respond(200, txDetails);
-        }
+        const details = await getExtendedTxDetails(msbInstance, hash, confirmed);
+        respond(200, details);
     } catch (error) {
         if (error.message?.includes('No payload found for tx hash')) {
             respond(404, { error: error.message });
@@ -249,4 +243,53 @@ export async function handleTransactionExtendedDetails({ msbInstance, respond, r
             respond(500, { error: 'An error occurred processing the request.' });
         }
     }
-}
+}
+
+export async function handleAccountDetails({ msbInstance, respond, req }) {
+    const url = buildRequestUrl(req);
+    const address = url.pathname.split('/').filter(Boolean)[2];
+
+    if (!address) {
+        return respond(400, { error: "Account address is required" });
+    }
+
+    const confirmed = getConfirmedParameter(url);
+    if (confirmed === null) {
+        return respond(400, { error: 'Parameter "confirmed" must be exactly "true" or "false"' });
+    }
+
+    if (!isAddressValid(address)) {
+        return respond(400, { error: "Invalid account address format" });
+    }
+
+    const defaultAccountState = {
+        address,
+        writingKey: ZERO_WK.toString('hex'),
+        isWhitelisted: false,
+        isValidator: false,
+        isIndexer: false,
+        license: null,
+        balance: '0',
+        stakedBalance: '0',
+    };
+
+    const nodeEntry = confirmed
+        ? await msbInstance.state.getNodeEntry(address)
+        : await msbInstance.state.getNodeEntryUnsigned(address);
+    if (!nodeEntry) {
+        return respond(200, defaultAccountState);
+    }
+
+    const licenseValue = licenseBufferToBigInt(nodeEntry.license);
+
+    return respond(200, {
+        ...defaultAccountState,
+        writingKey: nodeEntry.wk.toString('hex'),
+        isWhitelisted: nodeEntry.isWhitelisted,
+        isValidator: nodeEntry.isWriter,
+        isIndexer: nodeEntry.isIndexer,
+        license: licenseValue === 0n ? null : licenseValue.toString(),
+        balance: bufferToBigInt(nodeEntry.balance).toString(),
+        stakedBalance: bufferToBigInt(nodeEntry.stakedBalance).toString(),
+    });
+}

package/rpc/routes/v1.mjs

@@ -8,7 +8,8 @@ import {
     handleUnconfirmedLength,
     handleTransactionDetails,
     handleFetchBulkTxPayloads,
-    handleTransactionExtendedDetails
+    handleTransactionExtendedDetails,
+    handleAccountDetails
 } from '../handlers.mjs';
 
 export const v1Routes = [
@@ -22,4 +23,5 @@ export const v1Routes = [
     { method: 'GET', path: '/tx', handler: handleTransactionDetails },
     { method: 'POST', path: '/tx-payloads-bulk', handler: handleFetchBulkTxPayloads },
     { method: 'GET', path: '/tx/details', handler: handleTransactionExtendedDetails },
+    { method: 'GET', path: '/account', handler: handleAccountDetails },
 ];

package/rpc/rpc_services.js

@@ -0,0 +1,126 @@
+import { bufferToBigInt } from "../src/utils/amountSerialization.js";
+import { normalizeDecodedPayloadForJson } from "../src/utils/normalizers.js";
+import { get_confirmed_tx_info, get_unconfirmed_tx_info } from "../src/utils/cli.js";
+
+export async function getBalance(msbInstance, address, confirmed) {
+    const state = msbInstance.state;
+    const useUnconfirmed = confirmed === false;
+
+    const nodeEntry = useUnconfirmed
+        ? await state.getNodeEntryUnsigned(address)
+        : await state.getNodeEntry(address);
+
+    if (!nodeEntry) return undefined;
+
+    return {
+        address,
+        balance: bufferToBigInt(nodeEntry.balance).toString(),
+    };
+}
+
+export async function getTxv(msbInstance) {
+    const txv = await msbInstance.state.getIndexerSequenceState();
+    return txv.toString("hex");
+}
+
+export async function getFee(msbInstance) {
+    const feeBuffer = msbInstance.state.getFee();
+    return bufferToBigInt(feeBuffer).toString();
+}
+
+export async function getConfirmedLength(msbInstance) {
+    return msbInstance.state.getSignedLength();
+}
+
+export async function getUnconfirmedLength(msbInstance) {
+    return msbInstance.state.getUnsignedLength();
+}
+
+export async function broadcastTransaction(msbInstance, payload) {
+    return msbInstance.broadcastTransactionCommand(payload);
+}
+
+export async function getTxHashes(msbInstance, start, end) {
+    const hashes = await msbInstance.state.confirmedTransactionsBetween(start, end);
+    return { hashes };
+}
+
+export async function getTxDetails(msbInstance, hash) {
+    const rawPayload = await get_confirmed_tx_info(msbInstance.state, hash);
+    if (!rawPayload) {
+        return null;
+    }
+
+    return normalizeDecodedPayloadForJson(rawPayload.decoded);
+}
+
+export async function fetchBulkTxPayloads(msbInstance, hashes) {
+    if (!Array.isArray(hashes) || hashes.length === 0) {
+        throw new Error("Missing hash list.");
+    }
+
+    if (hashes.length > 1500) {
+        throw new Error("Length of input tx hashes exceeded.");
+    }
+
+    const res = { results: [], missing: [] };
+
+    const promises = hashes.map((hash) => get_confirmed_tx_info(msbInstance.state, hash));
+    const results = await Promise.all(promises);
+
+    results.forEach((result, index) => {
+        const hash = hashes[index];
+        if (result === null || result === undefined) {
+            res.missing.push(hash);
+        } else {
+            const decodedResult = normalizeDecodedPayloadForJson(result.decoded);
+            res.results.push({ hash, payload: decodedResult });
+        }
+    });
+
+    return res;
+}
+
+export async function getExtendedTxDetails(msbInstance, hash, confirmed) {
+    const state = msbInstance.state;
+
+    if (confirmed) {
+        const rawPayload = await get_confirmed_tx_info(state, hash);
+        if (!rawPayload) {
+            throw new Error(`No payload found for tx hash: ${hash}`);
+        }
+        const confirmedLength = await state.getTransactionConfirmedLength(hash);
+        if (confirmedLength === null) {
+            throw new Error(`No confirmed length found for tx hash: ${hash} in confirmed mode`);
+        }
+        const normalizedPayload = normalizeDecodedPayloadForJson(rawPayload.decoded, true);
+        const feeBuffer = state.getFee();
+        return {
+            txDetails: normalizedPayload,
+            confirmed_length: confirmedLength,
+            fee: bufferToBigInt(feeBuffer).toString(),
+        };
+    }
+
+    const rawPayload = await get_unconfirmed_tx_info(state, hash);
+    if (!rawPayload) {
+        throw new Error(`No payload found for tx hash: ${hash}`);
+    }
+
+    const normalizedPayload = normalizeDecodedPayloadForJson(rawPayload.decoded, true);
+    const length = await state.getTransactionConfirmedLength(hash);
+    if (length === null) {
+        return {
+            txDetails: normalizedPayload,
+            confirmed_length: 0,
+            fee: "0",
+        };
+    }
+
+    const feeBuffer = state.getFee();
+    return {
+        txDetails: normalizedPayload,
+        confirmed_length: length,
+        fee: bufferToBigInt(feeBuffer).toString(),
+    };
+}

package/rpc/utils/confirmedParameter.mjs

@@ -0,0 +1,17 @@
+export function getConfirmedParameter(url, { defaultValue = true } = {}) {
+    const confirmedParam = url.searchParams.get("confirmed");
+
+    if (confirmedParam === null) {
+        return defaultValue;
+    }
+
+    if (confirmedParam === "true") {
+        return true;
+    }
+
+    if (confirmedParam === "false") {
+        return false;
+    }
+
+    return null;
+}

package/rpc/utils/url.mjs

@@ -0,0 +1,38 @@
+const HOST_HEADER_PATTERN = /^[\[\]A-Za-z0-9:.-]+(:\d{1,5})?$/;
+
+const isValidHostHeader = (hostHeader) => {
+    if (!hostHeader) return false;
+    if (hostHeader.length > 255) return false;
+    const trimmed = hostHeader.trim();
+
+    if (/[\/\\\s]/.test(trimmed)) return false;
+
+    return HOST_HEADER_PATTERN.test(trimmed);
+};
+
+const socketAddressToHost = (address, port) => {
+    if (!address) return null;
+    const needsBrackets = address.includes(':') && !address.startsWith('[');
+    const host = needsBrackets ? `[${address}]` : address;
+    return port ? `${host}:${port}` : host;
+};
+
+const detectProtocol = (req) => {
+    const forwardedProto = req?.headers?.['x-forwarded-proto'];
+    if (forwardedProto === 'https') return 'https';
+    if (forwardedProto === 'http') return 'http';
+
+    if (req?.socket?.encrypted) return 'https';
+
+    return 'http';
+};
+
+export const buildRequestUrl = (req) => {
+    const safeHost = isValidHostHeader(req?.headers?.host)
+        ? req.headers.host.trim()
+        : socketAddressToHost(req?.socket?.localAddress, req?.socket?.localPort);
+
+    const protocol = detectProtocol(req);
+    const base = safeHost ? `${protocol}://${safeHost}` : `${protocol}://localhost`;
+    return new URL(req?.url || '/', base);
+};

package/src/core/network/Network.js

@@ -17,7 +17,7 @@ import {
     DHT_BOOTSTRAPS
 } from '../../utils/constants.js';
 import ConnectionManager from './services/ConnectionManager.js';
-
+import NetworkWalletFactory from './identity/NetworkWalletFactory.js';
 const wakeup = new w();
 
 class Network extends ReadyResource {
@@ -29,15 +29,18 @@ class Network extends ReadyResource {
     #transactionPoolService;
     #validatorObserverService;
     #validatorConnectionManager;
+    #options;
+    #identityProvider = null;
 
     constructor(state, channel, address = null, options = {}) {
         super();
+        this.#options = options;
         this.#enable_wallet = options.enable_wallet !== false;
         this.#channel = channel;
         this.#transactionPoolService = new TransactionPoolService(state, address, options);
-        this.#validatorObserverService = new ValidatorObserverService(this, state, address, options)
+        this.#validatorObserverService = new ValidatorObserverService(this, state, address, options);
         this.#networkMessages = new NetworkMessages(this, options);
-        this.#validatorConnectionManager = new ConnectionManager({ maxValidators: options.max_validators })
+        this.#validatorConnectionManager = new ConnectionManager({ maxValidators: options.max_validators });
         this.admin_stream = null;
         this.admin = null;
         this.validator = null;
@@ -90,6 +93,7 @@ class Network extends ReadyResource {
     ) {
         if (!this.#swarm) {
             const keyPair = await this.initializeNetworkingKeyPair(store, wallet);
+            const wrappedWallet = this.#getNetworkWalletWrapper(wallet, keyPair);
             this.#swarm = new Hyperswarm({
                 keyPair,
                 bootstrap: this.#dht_bootstrap,
@@ -100,7 +104,7 @@ class Network extends ReadyResource {
             });
 
             console.log(`Channel: ${b4a.toString(this.#channel)}`);
-            this.#networkMessages.initializeMessageRouter(state, wallet);
+            this.#networkMessages.initializeMessageRouter(state, wrappedWallet);
 
             this.#swarm.on('connection', async (connection) => {
                 const { message_channel, message } = await this.#networkMessages.setupProtomuxMessages(connection);
@@ -120,7 +124,7 @@ class Network extends ReadyResource {
                         this.custom_stream = null;
                         this.custom_node = null;
                     }
-                    try{ message_channel.close() }catch(e){}
+                    try { message_channel.close() } catch (e) { }
 
                 });
 
@@ -129,7 +133,7 @@ class Network extends ReadyResource {
                         error && error.message && (
                             error.message.includes('connection reset by peer') ||
                             error.message.includes('Duplicate connection') ||
-                            error.message.includes('connection timed out')                        )
+                            error.message.includes('connection timed out'))
                     ) {
                         // TODO: decide if we want to handle this error in a specific way. It generates a lot of logs.
                         return;
@@ -168,11 +172,11 @@ class Network extends ReadyResource {
                 cnt += 1;
             }
         }
-        
+
         if (this.#swarm.peers.has(publicKey)) {
             let stream;
             const peerInfo = this.#swarm.peers.get(publicKey)
-            stream = this.#swarm._allConnections.get(peerInfo.publicKey)            
+            stream = this.#swarm._allConnections.get(peerInfo.publicKey)
             if (stream !== undefined && stream.messenger !== undefined) {
                 if (type === 'validator') {
                     this.#validatorConnectionManager.addValidator(b4a.from(publicKey, 'hex'), stream)
@@ -183,8 +187,8 @@ class Network extends ReadyResource {
     }
 
     async isConnected(publicKey) {
-        return this.#swarm.peers.has(publicKey) && 
-                this.#swarm.peers.get(publicKey).connectedTime != -1
+        return this.#swarm.peers.has(publicKey) &&
+            this.#swarm.peers.get(publicKey).connectedTime != -1
     }
 
     async #sendRequestByType(stream, type) {
@@ -239,6 +243,19 @@ class Network extends ReadyResource {
             console.log(e)
         }
     }
+
+    #getNetworkWalletWrapper(wallet, keyPair) {
+        if (!this.#identityProvider) {
+            this.#identityProvider = NetworkWalletFactory.provide({
+                enableWallet: this.#enable_wallet,
+                wallet,
+                keyPair,
+                networkPrefix: this.#options?.networkPrefix
+            });
+        }
+        return this.#identityProvider;
+    }
+
 }
 
 export default Network;

package/src/core/network/identity/NetworkWalletFactory.js

@@ -0,0 +1,78 @@
+import PeerWallet from 'trac-wallet';
+import { TRAC_NETWORK_MSB_MAINNET_PREFIX } from 'trac-wallet/constants.js';
+import b4a from 'b4a';
+
+export class NetworkWalletFactory {
+    static provide(options = {}) {
+        const {
+            enableWallet = true,
+            wallet,
+            keyPair,
+            networkPrefix = TRAC_NETWORK_MSB_MAINNET_PREFIX
+        } = options;
+
+        if (enableWallet) {
+            if (!wallet) {
+                throw new Error('NetworkingWalletFactory: wallet instance is required when wallet is enabled');
+            }
+            return wallet;
+        }
+
+        if (!keyPair) {
+            throw new Error('NetworkingWalletFactory: keyPair must be provided when wallet is disabled');
+        }
+
+        return new EphemeralWallet(keyPair, networkPrefix);
+    }
+}
+
+// TODO: Once Wallet class in trac-wallet exposes a constructor/factory that accepts an existing keyPair
+// (e.g. Wallet.fromKeyPair({ publicKey, secretKey }, networkPrefix)), replace EphemeralWallet
+// with a thin wrapper around that functionality instead of duplicating signing/verification logic.
+class EphemeralWallet {
+    #publicKey;
+    #secretKey;
+    #address;
+
+    constructor(keyPair, networkPrefix = TRAC_NETWORK_MSB_MAINNET_PREFIX) {
+        
+        if (!keyPair?.publicKey || !keyPair?.secretKey) {
+            throw new Error('NetworkIdentityProvider: keyPair with publicKey and secretKey is required');
+        }
+        this.#assertBuffer(keyPair.publicKey);
+        this.#assertBuffer(keyPair.secretKey);
+
+        const address = PeerWallet.encodeBech32m(networkPrefix, keyPair.publicKey);
+        if (!address) {
+            throw new Error('NetworkIdentityProvider: failed to derive address from networking key pair');
+        }
+
+        this.#publicKey = keyPair.publicKey;
+        this.#secretKey = keyPair.secretKey;
+        this.#address = address;
+    }
+
+    get publicKey() {
+        return this.#publicKey;
+    }
+
+    get address() {
+        return this.#address;
+    }
+
+    sign(message) {
+        return PeerWallet.sign(message, this.#secretKey);
+    }
+
+    verify(signature, message, publicKey = this.#publicKey) {
+        return PeerWallet.verify(signature, message, publicKey);
+    }
+
+    #assertBuffer(value) {
+        if (!b4a.isBuffer(value)) {
+            throw new Error(`NetworkIdentityProvider: value must be a Buffer`);
+        }
+    }
+}
+
+export default NetworkWalletFactory;