npm - twzrd-receipt-verifier - Versions diffs - 1.0.2 → 1.0.3 - Mend

twzrd-receipt-verifier 1.0.2 → 1.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/package.json +1 -6
package/verify_twzrd_receipt.js +29 -11

package/package.json CHANGED Viewed

@@ -1,14 +1,9 @@
 {
   "name": "twzrd-receipt-verifier",
-  "version": "1.0.2",
+  "version": "1.0.3",
   "description": "Standalone offline verifier for TWZRD AO-Receipt V5 (Ed25519-signed keccak256 leaf). No trust in TWZRD servers or code.",
   "keywords": ["twzrd", "x402", "solana", "ed25519", "keccak256", "receipt", "verifier", "agent", "attestation"],
   "homepage": "https://intel.twzrd.xyz",
-  "repository": {
-    "type": "git",
-    "url": "git+https://github.com/twzrd-sol/wzrd-final.git",
-    "directory": "packages/twzrd-agent-intel/verifier"
-  },
   "license": "MIT",
   "author": "TWZRD",
   "bin": {

package/verify_twzrd_receipt.js CHANGED Viewed

@@ -69,17 +69,35 @@ function recomputeLeaf(pre) {
 }
 function fetchPublishedPubkey(baseUrl) {
-  const url = baseUrl.replace(/\/+$/, '') + '/.well-known/x402';
-  return new Promise((resolve, reject) => {
-    https.get(url, { headers: { 'User-Agent': 'twzrd-receipt-verifier/1.0' } }, (res) => {
-      let body = '';
-      res.on('data', (c) => (body += c));
-      res.on('end', () => {
-        try { resolve(JSON.parse(body).receipt.signature.public_key); }
-        catch (e) { reject(e); }
-      });
-    }).on('error', reject);
-  });
+  const base = baseUrl.replace(/\/+$/, '');
+  const paths = [
+    '/.well-known/twzrd-receipt-pubkey',
+    '/v1/intel/pubkey',
+    '/.well-known/x402',
+  ];
+  const headers = { 'User-Agent': 'twzrd-receipt-verifier/1.0' };
+  function fetchPath(i) {
+    if (i >= paths.length) return Promise.reject(new Error('no pubkey endpoint responded'));
+    const path = paths[i];
+    return new Promise((resolve, reject) => {
+      https.get(base + path, { headers }, (res) => {
+        let body = '';
+        res.on('data', (c) => (body += c));
+        res.on('end', () => {
+          try {
+            const doc = JSON.parse(body);
+            resolve(path.endsWith('/x402')
+              ? doc.receipt.signature.public_key
+              : doc.public_key);
+          } catch (e) {
+            reject(e);
+          }
+        });
+      }).on('error', (err) => fetchPath(i + 1).then(resolve, reject));
+    });
+  }
+  return fetchPath(0);
 }
 function verify(receipt, trustedPubkey) {