npm - zattera-js - Versions diffs - 0.1.0 - Mend

zattera-js 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (57) hide show

package/LICENSE +21 -0
package/README.md +694 -0
package/dist/browser/index.js +2466 -0
package/dist/browser/index.js.map +1 -0
package/dist/node/auth/index.js +188 -0
package/dist/node/auth/index.js.map +1 -0
package/dist/node/auth/keys.js +264 -0
package/dist/node/auth/keys.js.map +1 -0
package/dist/node/auth/memo.js +79 -0
package/dist/node/auth/memo.js.map +1 -0
package/dist/node/auth/serializer.js +162 -0
package/dist/node/auth/serializer.js.map +1 -0
package/dist/node/client/index.js +838 -0
package/dist/node/client/index.js.map +1 -0
package/dist/node/index.js +30 -0
package/dist/node/index.js.map +1 -0
package/dist/node/node_modules/@noble/ciphers/aes.js +254 -0
package/dist/node/node_modules/@noble/ciphers/aes.js.map +1 -0
package/dist/node/node_modules/@noble/ciphers/utils.js +113 -0
package/dist/node/node_modules/@noble/ciphers/utils.js.map +1 -0
package/dist/node/node_modules/@noble/hashes/esm/_md.js +146 -0
package/dist/node/node_modules/@noble/hashes/esm/_md.js.map +1 -0
package/dist/node/node_modules/@noble/hashes/esm/_u64.js +51 -0
package/dist/node/node_modules/@noble/hashes/esm/_u64.js.map +1 -0
package/dist/node/node_modules/@noble/hashes/esm/legacy.js +123 -0
package/dist/node/node_modules/@noble/hashes/esm/legacy.js.map +1 -0
package/dist/node/node_modules/@noble/hashes/esm/sha2.js +346 -0
package/dist/node/node_modules/@noble/hashes/esm/sha2.js.map +1 -0
package/dist/node/node_modules/@noble/hashes/esm/utils.js +73 -0
package/dist/node/node_modules/@noble/hashes/esm/utils.js.map +1 -0
package/dist/node/node_modules/@noble/secp256k1/index.js +578 -0
package/dist/node/node_modules/@noble/secp256k1/index.js.map +1 -0
package/dist/node/node_modules/bs58/node_modules/base-x/src/esm/index.js +132 -0
package/dist/node/node_modules/bs58/node_modules/base-x/src/esm/index.js.map +1 -0
package/dist/node/node_modules/bs58/src/esm/index.js +7 -0
package/dist/node/node_modules/bs58/src/esm/index.js.map +1 -0
package/dist/node/types/index.js +48 -0
package/dist/node/types/index.js.map +1 -0
package/dist/node/utils/chain-id.js +9 -0
package/dist/node/utils/chain-id.js.map +1 -0
package/dist/types/auth/index.d.ts +134 -0
package/dist/types/auth/index.d.ts.map +1 -0
package/dist/types/auth/keys.d.ts +112 -0
package/dist/types/auth/keys.d.ts.map +1 -0
package/dist/types/auth/memo.d.ts +51 -0
package/dist/types/auth/memo.d.ts.map +1 -0
package/dist/types/auth/serializer.d.ts +57 -0
package/dist/types/auth/serializer.d.ts.map +1 -0
package/dist/types/client/index.d.ts +360 -0
package/dist/types/client/index.d.ts.map +1 -0
package/dist/types/index.d.ts +16 -0
package/dist/types/index.d.ts.map +1 -0
package/dist/types/types/index.d.ts +593 -0
package/dist/types/types/index.d.ts.map +1 -0
package/dist/types/utils/chain-id.d.ts +10 -0
package/dist/types/utils/chain-id.d.ts.map +1 -0
package/package.json +63 -0

package/dist/node/auth/index.js ADDED Viewed

@@ -0,0 +1,188 @@
+import { sha256 } from "../node_modules/@noble/hashes/esm/sha2.js";
+import { PrivateKey, Signature, generateKeys } from "./keys.js";
+import { PublicKey, isPublicKey, isWif } from "./keys.js";
+import { serializeTransaction } from "./serializer.js";
+import { TransactionSerializer, serializeSignedTransaction } from "./serializer.js";
+import "../node_modules/bs58/src/esm/index.js";
+async function signTransaction(transaction, privateKeys, chainId) {
+  const txBuffer = serializeTransaction(transaction);
+  const chainIdBytes = hexToBytes(chainId);
+  const digest = new Uint8Array(chainIdBytes.length + txBuffer.length);
+  digest.set(chainIdBytes);
+  digest.set(txBuffer, chainIdBytes.length);
+  const messageHash = sha256(digest);
+  const signatures = [];
+  for (const key of privateKeys) {
+    const privateKey = typeof key === "string" ? PrivateKey.fromWif(key) : key;
+    const signature = await privateKey.sign(messageHash);
+    signatures.push(bufferToHex(signature.toBuffer()));
+  }
+  return {
+    ...transaction,
+    signatures
+  };
+}
+async function verifyTransactionSignatures(transaction, chainId) {
+  const { signatures, ...txWithoutSigs } = transaction;
+  const txBuffer = serializeTransaction(txWithoutSigs);
+  const chainIdBytes = hexToBytes(chainId);
+  const digest = new Uint8Array(chainIdBytes.length + txBuffer.length);
+  digest.set(chainIdBytes);
+  digest.set(txBuffer, chainIdBytes.length);
+  const messageHash = sha256(digest);
+  const publicKeys = [];
+  for (const sigHex of signatures) {
+    const sigBytes = hexToBytes(sigHex);
+    const signature = new Signature(sigBytes);
+    const publicKey = await signature.recoverPublicKey(messageHash);
+    publicKeys.push(publicKey);
+  }
+  return publicKeys;
+}
+function createTransaction(refBlockNum, refBlockPrefix, expiration, operations) {
+  const expirationString = typeof expiration === "string" ? expiration : expiration.toISOString().split(".")[0] ?? "";
+  return {
+    ref_block_num: refBlockNum & 65535,
+    // Ensure it's within uint16 range
+    ref_block_prefix: refBlockPrefix >>> 0,
+    // Ensure it's uint32
+    expiration: expirationString,
+    operations,
+    extensions: []
+  };
+}
+function hexToBytes(hex) {
+  const cleanHex = hex.startsWith("0x") ? hex.slice(2) : hex;
+  const bytes = new Uint8Array(cleanHex.length / 2);
+  for (let i = 0; i < cleanHex.length; i += 2) {
+    bytes[i / 2] = parseInt(cleanHex.slice(i, i + 2), 16);
+  }
+  return bytes;
+}
+function bufferToHex(buffer) {
+  return Array.from(buffer).map((b) => b.toString(16).padStart(2, "0")).join("");
+}
+const Auth = {
+  /**
+   * Generate all role keys from account name and password
+   * @param name Account name
+   * @param password Password
+   * @param roles Array of role names (default: ['owner', 'active', 'posting', 'memo'])
+   * @returns Object mapping roles to private WIF keys and public keys
+   *
+   * @example
+   * ```typescript
+   * const keys = Auth.getPrivateKeys('alice', 'password123');
+   * console.log(keys.active); // WIF private key
+   * console.log(keys.activePubkey); // ZTR... public key
+   * ```
+   */
+  getPrivateKeys(name, password, roles = ["owner", "active", "posting", "memo"]) {
+    const result = {};
+    const keys = generateKeys(name, password, roles);
+    for (const role of roles) {
+      const roleKey = keys[role];
+      if (roleKey) {
+        result[role] = roleKey.private;
+        result[`${role}Pubkey`] = roleKey.public;
+      }
+    }
+    return result;
+  },
+  /**
+   * Generate public keys only from account name and password
+   * @param name Account name
+   * @param password Password
+   * @param roles Array of role names
+   * @returns Object mapping roles to public keys
+   */
+  generateKeys(name, password, roles = ["owner", "active", "posting", "memo"]) {
+    const keys = generateKeys(name, password, roles);
+    const result = {};
+    for (const role of roles) {
+      const roleKey = keys[role];
+      if (roleKey) {
+        result[role] = roleKey.public;
+      }
+    }
+    return result;
+  },
+  /**
+   * Convert account credentials to WIF format for a specific role
+   * @param name Account name
+   * @param password Password
+   * @param role Role name (e.g., 'active', 'posting')
+   * @returns WIF private key
+   */
+  toWif(name, password, role = "active") {
+    const privateKey = PrivateKey.fromLogin(name, password, role);
+    return privateKey.toWif();
+  },
+  /**
+   * Convert WIF private key to public key
+   * @param privateWif WIF format private key
+   * @param addressPrefix Address prefix (default: 'ZTR')
+   * @returns Public key string
+   */
+  wifToPublic(privateWif, addressPrefix = "ZTR") {
+    const privateKey = PrivateKey.fromWif(privateWif);
+    const publicKey = privateKey.toPublic();
+    return publicKey.toString(addressPrefix);
+  },
+  /**
+   * Check if a WIF key is valid
+   * @param privateWif WIF format private key
+   * @returns true if valid, false otherwise
+   */
+  isWif(privateWif) {
+    try {
+      PrivateKey.fromWif(privateWif);
+      return true;
+    } catch {
+      return false;
+    }
+  },
+  /**
+   * Sign a transaction with private keys
+   * @param tx Transaction to sign
+   * @param keys Array of WIF private keys
+   * @param chainId Chain ID
+   * @returns Signed transaction
+   */
+  signTransaction(tx, keys, chainId) {
+    return signTransaction(tx, keys, chainId);
+  },
+  /**
+   * Verify account credentials against authorities
+   * @param name Account name
+   * @param password Password
+   * @param auths Authority public keys to verify against
+   * @param role Role to check (default: 'active')
+   * @returns true if credentials match, false otherwise
+   */
+  verify(name, password, auths, role = "active") {
+    const privateKey = PrivateKey.fromLogin(name, password, role);
+    const publicKey = privateKey.toPublic().toString("ZTR");
+    const roleAuths = auths[role];
+    if (!roleAuths) {
+      return false;
+    }
+    return roleAuths.includes(publicKey);
+  }
+};
+export {
+  Auth,
+  PrivateKey,
+  PublicKey,
+  Signature,
+  TransactionSerializer,
+  createTransaction,
+  generateKeys,
+  isPublicKey,
+  isWif,
+  serializeSignedTransaction,
+  serializeTransaction,
+  signTransaction,
+  verifyTransactionSignatures
+};
+//# sourceMappingURL=index.js.map

package/dist/node/auth/index.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index.js","sources":["../../../src/auth/index.ts"],"sourcesContent":["/**\n * Authentication and transaction signing for Zattera blockchain\n */\n\nimport { sha256 } from '@noble/hashes/sha2';\nimport { PrivateKey, PublicKey, Signature, generateKeys as genKeys } from './keys.js';\nimport { serializeTransaction } from './serializer.js';\nimport type { Transaction, SignedTransaction, Operation } from '../types/index.js';\n\nexport * from './keys.js';\nexport * from './serializer.js';\nexport * from './memo.js';\n\n/**\n * Configuration for signing\n */\nexport interface SignConfig {\n chainId: string;\n addressPrefix?: string;\n}\n\n/**\n * Sign a transaction with one or more private keys\n *\n * @param transaction The transaction to sign\n * @param privateKeys Array of private keys (WIF format) or PrivateKey instances\n * @param chainId Chain ID (hex string without 0x prefix)\n * @returns Signed transaction with signatures\n *\n * @example\n * ```typescript\n * const signedTx = await signTransaction(\n * transaction,\n * ['5KQwrPbwdL6PhXujxW37FSSQZ1JiwsST4cqQzDeyXtP79zkvFD3'],\n * '0000000000000000000000000000000000000000000000000000000000000000'\n * );\n * ```\n */\nexport async function signTransaction(\n transaction: Transaction,\n privateKeys: (string | PrivateKey)[],\n chainId: string\n): Promise<SignedTransaction> {\n // Serialize the transaction (without signatures)\n const txBuffer = serializeTransaction(transaction);\n\n // Convert chain ID from hex to bytes\n const chainIdBytes = hexToBytes(chainId);\n\n // Create the digest: chainId + serialized transaction\n const digest = new Uint8Array(chainIdBytes.length + txBuffer.length);\n digest.set(chainIdBytes);\n digest.set(txBuffer, chainIdBytes.length);\n\n // Hash the digest with SHA-256\n const messageHash = sha256(digest);\n\n // Sign with each private key\n const signatures: string[] = [];\n\n for (const key of privateKeys) {\n const privateKey = typeof key === 'string' ? PrivateKey.fromWif(key) : key;\n const signature = await privateKey.sign(messageHash);\n signatures.push(bufferToHex(signature.toBuffer()));\n }\n\n // Return signed transaction\n return {\n ...transaction,\n signatures,\n };\n}\n\n/**\n * Verify a transaction signature\n *\n * @param transaction The signed transaction\n * @param chainId Chain ID (hex string without 0x prefix)\n * @returns Array of public keys that signed the transaction\n */\nexport async function verifyTransactionSignatures(\n transaction: SignedTransaction,\n chainId: string\n): Promise<PublicKey[]> {\n // Serialize the transaction (without signatures)\n const { signatures, ...txWithoutSigs } = transaction;\n const txBuffer = serializeTransaction(txWithoutSigs);\n\n // Create the digest\n const chainIdBytes = hexToBytes(chainId);\n const digest = new Uint8Array(chainIdBytes.length + txBuffer.length);\n digest.set(chainIdBytes);\n digest.set(txBuffer, chainIdBytes.length);\n\n // Hash the digest\n const messageHash = sha256(digest);\n\n // Recover public keys from signatures\n const publicKeys: PublicKey[] = [];\n\n for (const sigHex of signatures) {\n const sigBytes = hexToBytes(sigHex);\n const signature = new Signature(sigBytes);\n const publicKey = await signature.recoverPublicKey(messageHash);\n publicKeys.push(publicKey);\n }\n\n return publicKeys;\n}\n\n/**\n * Create a transaction ready for signing\n *\n * @param refBlockNum Reference block number (from head_block_number & 0xFFFF)\n * @param refBlockPrefix Reference block prefix (from block header)\n * @param expiration Expiration date (ISO 8601 string or Date)\n * @param operations Array of operations\n * @returns Transaction object ready for signing\n *\n * @example\n * ```typescript\n * const tx = createTransaction(\n * 12345,\n * 4567890,\n * new Date(Date.now() + 60000),\n * [\n * ['vote', { voter: 'alice', author: 'bob', permlink: 'test', weight: 10000 }]\n * ]\n * );\n * ```\n */\nexport function createTransaction(\n refBlockNum: number,\n refBlockPrefix: number,\n expiration: string | Date,\n operations: unknown[]\n): Transaction {\n const expirationString = typeof expiration === 'string'\n ? expiration\n : (expiration.toISOString().split('.')[0] ?? ''); // Remove milliseconds\n\n return {\n ref_block_num: refBlockNum & 0xffff, // Ensure it's within uint16 range\n ref_block_prefix: refBlockPrefix >>> 0, // Ensure it's uint32\n expiration: expirationString,\n operations: operations as Operation[],\n extensions: [],\n };\n}\n\n/**\n * Helper: Convert hex string to Uint8Array\n */\nfunction hexToBytes(hex: string): Uint8Array {\n // Remove '0x' prefix if present\n const cleanHex = hex.startsWith('0x') ? hex.slice(2) : hex;\n\n const bytes = new Uint8Array(cleanHex.length / 2);\n for (let i = 0; i < cleanHex.length; i += 2) {\n bytes[i / 2] = parseInt(cleanHex.slice(i, i + 2), 16);\n }\n return bytes;\n}\n\n/**\n * Helper: Convert Uint8Array to hex string\n */\nfunction bufferToHex(buffer: Uint8Array): string {\n return Array.from(buffer)\n .map(b => b.toString(16).padStart(2, '0'))\n .join('');\n}\n\n/**\n * Auth API - Comprehensive authentication utilities\n */\nexport const Auth = {\n /**\n * Generate all role keys from account name and password\n * @param name Account name\n * @param password Password\n * @param roles Array of role names (default: ['owner', 'active', 'posting', 'memo'])\n * @returns Object mapping roles to private WIF keys and public keys\n *\n * @example\n * ```typescript\n * const keys = Auth.getPrivateKeys('alice', 'password123');\n * console.log(keys.active); // WIF private key\n * console.log(keys.activePubkey); // ZTR... public key\n * ```\n */\n getPrivateKeys(\n name: string,\n password: string,\n roles: string[] = ['owner', 'active', 'posting', 'memo']\n ): Record<string, string> {\n const result: Record<string, string> = {};\n const keys = genKeys(name, password, roles);\n\n for (const role of roles) {\n const roleKey = keys[role];\n if (roleKey) {\n result[role] = roleKey.private;\n result[`${role}Pubkey`] = roleKey.public;\n }\n }\n\n return result;\n },\n\n /**\n * Generate public keys only from account name and password\n * @param name Account name\n * @param password Password\n * @param roles Array of role names\n * @returns Object mapping roles to public keys\n */\n generateKeys(\n name: string,\n password: string,\n roles: string[] = ['owner', 'active', 'posting', 'memo']\n ): Record<string, string> {\n const keys = genKeys(name, password, roles);\n const result: Record<string, string> = {};\n\n for (const role of roles) {\n const roleKey = keys[role];\n if (roleKey) {\n result[role] = roleKey.public;\n }\n }\n\n return result;\n },\n\n /**\n * Convert account credentials to WIF format for a specific role\n * @param name Account name\n * @param password Password\n * @param role Role name (e.g., 'active', 'posting')\n * @returns WIF private key\n */\n toWif(name: string, password: string, role: string = 'active'): string {\n const privateKey = PrivateKey.fromLogin(name, password, role);\n return privateKey.toWif();\n },\n\n /**\n * Convert WIF private key to public key\n * @param privateWif WIF format private key\n * @param addressPrefix Address prefix (default: 'ZTR')\n * @returns Public key string\n */\n wifToPublic(privateWif: string, addressPrefix: string = 'ZTR'): string {\n const privateKey = PrivateKey.fromWif(privateWif);\n const publicKey = privateKey.toPublic();\n return publicKey.toString(addressPrefix);\n },\n\n /**\n * Check if a WIF key is valid\n * @param privateWif WIF format private key\n * @returns true if valid, false otherwise\n */\n isWif(privateWif: string): boolean {\n try {\n PrivateKey.fromWif(privateWif);\n return true;\n } catch {\n return false;\n }\n },\n\n /**\n * Sign a transaction with private keys\n * @param tx Transaction to sign\n * @param keys Array of WIF private keys\n * @param chainId Chain ID\n * @returns Signed transaction\n */\n signTransaction(\n tx: Transaction,\n keys: string[],\n chainId: string\n ): Promise<SignedTransaction> {\n return signTransaction(tx, keys, chainId);\n },\n\n /**\n * Verify account credentials against authorities\n * @param name Account name\n * @param password Password\n * @param auths Authority public keys to verify against\n * @param role Role to check (default: 'active')\n * @returns true if credentials match, false otherwise\n */\n verify(\n name: string,\n password: string,\n auths: { owner?: string[]; active?: string[]; posting?: string[] },\n role: string = 'active'\n ): boolean {\n const privateKey = PrivateKey.fromLogin(name, password, role);\n const publicKey = privateKey.toPublic().toString('ZTR');\n\n const roleAuths = auths[role as keyof typeof auths];\n if (!roleAuths) {\n return false;\n }\n\n return roleAuths.includes(publicKey);\n },\n};\n"],"names":["genKeys"],"mappings":";;;;;;AAsCA,eAAsB,gBACpB,aACA,aACA,SAC4B;AAE5B,QAAM,WAAW,qBAAqB,WAAW;AAGjD,QAAM,eAAe,WAAW,OAAO;AAGvC,QAAM,SAAS,IAAI,WAAW,aAAa,SAAS,SAAS,MAAM;AACnE,SAAO,IAAI,YAAY;AACvB,SAAO,IAAI,UAAU,aAAa,MAAM;AAGxC,QAAM,cAAc,OAAO,MAAM;AAGjC,QAAM,aAAuB,CAAA;AAE7B,aAAW,OAAO,aAAa;AAC7B,UAAM,aAAa,OAAO,QAAQ,WAAW,WAAW,QAAQ,GAAG,IAAI;AACvE,UAAM,YAAY,MAAM,WAAW,KAAK,WAAW;AACnD,eAAW,KAAK,YAAY,UAAU,SAAA,CAAU,CAAC;AAAA,EACnD;AAGA,SAAO;AAAA,IACL,GAAG;AAAA,IACH;AAAA,EAAA;AAEJ;AASA,eAAsB,4BACpB,aACA,SACsB;AAEtB,QAAM,EAAE,YAAY,GAAG,cAAA,IAAkB;AACzC,QAAM,WAAW,qBAAqB,aAAa;AAGnD,QAAM,eAAe,WAAW,OAAO;AACvC,QAAM,SAAS,IAAI,WAAW,aAAa,SAAS,SAAS,MAAM;AACnE,SAAO,IAAI,YAAY;AACvB,SAAO,IAAI,UAAU,aAAa,MAAM;AAGxC,QAAM,cAAc,OAAO,MAAM;AAGjC,QAAM,aAA0B,CAAA;AAEhC,aAAW,UAAU,YAAY;AAC/B,UAAM,WAAW,WAAW,MAAM;AAClC,UAAM,YAAY,IAAI,UAAU,QAAQ;AACxC,UAAM,YAAY,MAAM,UAAU,iBAAiB,WAAW;AAC9D,eAAW,KAAK,SAAS;AAAA,EAC3B;AAEA,SAAO;AACT;AAuBO,SAAS,kBACd,aACA,gBACA,YACA,YACa;AACb,QAAM,mBAAmB,OAAO,eAAe,WAC3C,aACC,WAAW,YAAA,EAAc,MAAM,GAAG,EAAE,CAAC,KAAK;AAE/C,SAAO;AAAA,IACL,eAAe,cAAc;AAAA;AAAA,IAC7B,kBAAkB,mBAAmB;AAAA;AAAA,IACrC,YAAY;AAAA,IACZ;AAAA,IACA,YAAY,CAAA;AAAA,EAAC;AAEjB;AAKA,SAAS,WAAW,KAAyB;AAE3C,QAAM,WAAW,IAAI,WAAW,IAAI,IAAI,IAAI,MAAM,CAAC,IAAI;AAEvD,QAAM,QAAQ,IAAI,WAAW,SAAS,SAAS,CAAC;AAChD,WAAS,IAAI,GAAG,IAAI,SAAS,QAAQ,KAAK,GAAG;AAC3C,UAAM,IAAI,CAAC,IAAI,SAAS,SAAS,MAAM,GAAG,IAAI,CAAC,GAAG,EAAE;AAAA,EACtD;AACA,SAAO;AACT;AAKA,SAAS,YAAY,QAA4B;AAC/C,SAAO,MAAM,KAAK,MAAM,EACrB,IAAI,OAAK,EAAE,SAAS,EAAE,EAAE,SAAS,GAAG,GAAG,CAAC,EACxC,KAAK,EAAE;AACZ;AAKO,MAAM,OAAO;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAelB,eACE,MACA,UACA,QAAkB,CAAC,SAAS,UAAU,WAAW,MAAM,GAC/B;AACxB,UAAM,SAAiC,CAAA;AACvC,UAAM,OAAOA,aAAQ,MAAM,UAAU,KAAK;AAE1C,eAAW,QAAQ,OAAO;AACxB,YAAM,UAAU,KAAK,IAAI;AACzB,UAAI,SAAS;AACX,eAAO,IAAI,IAAI,QAAQ;AACvB,eAAO,GAAG,IAAI,QAAQ,IAAI,QAAQ;AAAA,MACpC;AAAA,IACF;AAEA,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASA,aACE,MACA,UACA,QAAkB,CAAC,SAAS,UAAU,WAAW,MAAM,GAC/B;AACxB,UAAM,OAAOA,aAAQ,MAAM,UAAU,KAAK;AAC1C,UAAM,SAAiC,CAAA;AAEvC,eAAW,QAAQ,OAAO;AACxB,YAAM,UAAU,KAAK,IAAI;AACzB,UAAI,SAAS;AACX,eAAO,IAAI,IAAI,QAAQ;AAAA,MACzB;AAAA,IACF;AAEA,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASA,MAAM,MAAc,UAAkB,OAAe,UAAkB;AACrE,UAAM,aAAa,WAAW,UAAU,MAAM,UAAU,IAAI;AAC5D,WAAO,WAAW,MAAA;AAAA,EACpB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,YAAY,YAAoB,gBAAwB,OAAe;AACrE,UAAM,aAAa,WAAW,QAAQ,UAAU;AAChD,UAAM,YAAY,WAAW,SAAA;AAC7B,WAAO,UAAU,SAAS,aAAa;AAAA,EACzC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,YAA6B;AACjC,QAAI;AACF,iBAAW,QAAQ,UAAU;AAC7B,aAAO;AAAA,IACT,QAAQ;AACN,aAAO;AAAA,IACT;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASA,gBACE,IACA,MACA,SAC4B;AAC5B,WAAO,gBAAgB,IAAI,MAAM,OAAO;AAAA,EAC1C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUA,OACE,MACA,UACA,OACA,OAAe,UACN;AACT,UAAM,aAAa,WAAW,UAAU,MAAM,UAAU,IAAI;AAC5D,UAAM,YAAY,WAAW,SAAA,EAAW,SAAS,KAAK;AAEtD,UAAM,YAAY,MAAM,IAA0B;AAClD,QAAI,CAAC,WAAW;AACd,aAAO;AAAA,IACT;AAEA,WAAO,UAAU,SAAS,SAAS;AAAA,EACrC;AACF;"}

package/dist/node/auth/keys.js ADDED Viewed

@@ -0,0 +1,264 @@
+import { getPublicKey, signAsync, getSharedSecret, verify, Signature as Signature$1 } from "../node_modules/@noble/secp256k1/index.js";
+import { sha256 } from "../node_modules/@noble/hashes/esm/sha2.js";
+import { ripemd160 } from "../node_modules/@noble/hashes/esm/legacy.js";
+import bs58 from "../node_modules/bs58/src/esm/index.js";
+class PrivateKey {
+  key;
+  constructor(key) {
+    if (key.length !== 32) {
+      throw new Error("Private key must be 32 bytes");
+    }
+    this.key = key;
+  }
+  /**
+   * Create PrivateKey from WIF (Wallet Import Format) string
+   */
+  static fromWif(wif) {
+    const decoded = bs58.decode(wif);
+    if (decoded[0] !== 128) {
+      throw new Error("Invalid WIF version byte");
+    }
+    const privateKey = decoded.slice(1, 33);
+    const checksum = decoded.slice(33, 37);
+    const hash1 = sha256(decoded.slice(0, 33));
+    const hash2 = sha256(hash1);
+    const expectedChecksum = hash2.slice(0, 4);
+    if (!arraysEqual(checksum, expectedChecksum)) {
+      throw new Error("Invalid WIF checksum");
+    }
+    return new PrivateKey(privateKey);
+  }
+  /**
+   * Create PrivateKey from seed string
+   */
+  static fromSeed(seed) {
+    const hash = sha256(new TextEncoder().encode(seed));
+    return new PrivateKey(hash);
+  }
+  /**
+   * Generate PrivateKey from account name, password and role
+   */
+  static fromLogin(accountName, password, role = "active") {
+    const seed = accountName + role + password;
+    const normalized = seed.trim().replace(/\s+/g, " ");
+    return PrivateKey.fromSeed(normalized);
+  }
+  /**
+   * Convert to WIF format
+   */
+  toWif() {
+    const versioned = new Uint8Array(33);
+    versioned[0] = 128;
+    versioned.set(this.key, 1);
+    const hash1 = sha256(versioned);
+    const hash2 = sha256(hash1);
+    const checksum = hash2.slice(0, 4);
+    const result = new Uint8Array(37);
+    result.set(versioned);
+    result.set(checksum, 33);
+    return bs58.encode(result);
+  }
+  /**
+   * Get the public key
+   */
+  toPublic() {
+    const publicKeyBytes = getPublicKey(this.key, true);
+    return new PublicKey(publicKeyBytes);
+  }
+  /**
+   * Get raw bytes
+   */
+  toBytes() {
+    return this.key;
+  }
+  /**
+   * Sign a message hash
+   * @param messageHash The message hash to sign
+   * @returns Signature with recovery parameter
+   */
+  async sign(messageHash) {
+    const sig = await signAsync(messageHash, this.key, {
+      lowS: true
+      // Enforce canonical signatures (prevents malleability)
+    });
+    return new Signature({ signature: sig.toCompactRawBytes(), recovery: sig.recovery ?? 0 });
+  }
+  /**
+   * Get shared secret with a public key (for ECIES encryption)
+   * @param publicKey The public key to generate shared secret with
+   * @returns Shared secret as Uint8Array
+   */
+  getSharedSecret(publicKey) {
+    const sharedPoint = getSharedSecret(this.key, publicKey.toBytes(), true);
+    return sharedPoint.slice(1);
+  }
+  /**
+   * Derive child key from offset (hierarchical key derivation)
+   * @param offset Offset string for derivation
+   * @returns New derived PrivateKey
+   */
+  child(offset) {
+    const offsetHash = sha256(new TextEncoder().encode(offset));
+    const offsetBigInt = BigInt("0x" + Array.from(offsetHash).map((b) => b.toString(16).padStart(2, "0")).join(""));
+    const keyBigInt = BigInt("0x" + Array.from(this.key).map((b) => b.toString(16).padStart(2, "0")).join(""));
+    const n = BigInt("0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141");
+    const childKeyBigInt = (keyBigInt + offsetBigInt) % n;
+    const childKeyHex = childKeyBigInt.toString(16).padStart(64, "0");
+    const childKeyBytes = new Uint8Array(32);
+    for (let i = 0; i < 32; i++) {
+      childKeyBytes[i] = parseInt(childKeyHex.slice(i * 2, i * 2 + 2), 16);
+    }
+    return new PrivateKey(childKeyBytes);
+  }
+}
+class PublicKey {
+  key;
+  constructor(key) {
+    if (key.length !== 33) {
+      throw new Error("Compressed public key must be 33 bytes");
+    }
+    this.key = key;
+  }
+  /**
+   * Create PublicKey from string (e.g., "ZTR...")
+   */
+  static fromString(publicKeyString, prefix = "ZTR") {
+    if (!publicKeyString.startsWith(prefix)) {
+      throw new Error(`Public key must start with ${prefix}`);
+    }
+    const keyString = publicKeyString.substring(prefix.length);
+    const decoded = bs58.decode(keyString);
+    const publicKey = decoded.slice(0, 33);
+    const checksum = decoded.slice(33);
+    const hash = ripemd160(publicKey);
+    const expectedChecksum = hash.slice(0, 4);
+    if (!arraysEqual(checksum, expectedChecksum)) {
+      throw new Error("Invalid public key checksum");
+    }
+    return new PublicKey(publicKey);
+  }
+  /**
+   * Convert to string format (e.g., "ZTR...")
+   */
+  toString(prefix = "ZTR") {
+    const checksum = ripemd160(this.key).slice(0, 4);
+    const result = new Uint8Array(37);
+    result.set(this.key);
+    result.set(checksum, 33);
+    return prefix + bs58.encode(result);
+  }
+  /**
+   * Get raw bytes
+   */
+  toBytes() {
+    return this.key;
+  }
+  /**
+   * Verify a signature
+   */
+  async verify(messageHash, signature) {
+    try {
+      return verify(signature.toCompact(), messageHash, this.key);
+    } catch {
+      return false;
+    }
+  }
+  /**
+   * Derive child key from offset (hierarchical key derivation)
+   * Note: This is not implemented for public keys alone, derive from private key instead
+   * @param _offset Offset string for derivation (unused)
+   * @returns Never - throws error
+   */
+  child(_offset) {
+    throw new Error("PublicKey.child() requires private key derivation");
+  }
+}
+class Signature {
+  sig;
+  recovery;
+  constructor(sig) {
+    if (sig instanceof Uint8Array) {
+      if (sig.length !== 65) {
+        throw new Error("Signature must be 65 bytes");
+      }
+      const recoveryByte = sig[0];
+      if (recoveryByte === void 0) {
+        throw new Error("Invalid signature: missing recovery byte");
+      }
+      this.recovery = recoveryByte - 27;
+      this.sig = sig.slice(1);
+    } else {
+      this.sig = sig.signature;
+      this.recovery = sig.recovery ?? 0;
+    }
+  }
+  /**
+   * Get compact signature (65 bytes: recovery + r + s)
+   */
+  toCompact() {
+    return this.sig;
+  }
+  /**
+   * Get full signature with recovery parameter (65 bytes)
+   */
+  toBuffer() {
+    const result = new Uint8Array(65);
+    result[0] = this.recovery + 27;
+    result.set(this.sig, 1);
+    return result;
+  }
+  /**
+   * Recover public key from signature and message hash
+   */
+  async recoverPublicKey(messageHash) {
+    const sig = Signature$1.fromCompact(this.sig);
+    const recoveredSig = sig.addRecoveryBit(this.recovery);
+    const point = recoveredSig.recoverPublicKey(messageHash);
+    const publicKeyBytes = point.toRawBytes(true);
+    return new PublicKey(publicKeyBytes);
+  }
+}
+function arraysEqual(a, b) {
+  if (a.length !== b.length) return false;
+  for (let i = 0; i < a.length; i++) {
+    if (a[i] !== b[i]) return false;
+  }
+  return true;
+}
+function generateKeys(accountName, password, roles = ["owner", "active", "posting", "memo"]) {
+  const keys = {};
+  for (const role of roles) {
+    const privateKey = PrivateKey.fromLogin(accountName, password, role);
+    const publicKey = privateKey.toPublic();
+    keys[role] = {
+      private: privateKey.toWif(),
+      public: publicKey.toString()
+    };
+  }
+  return keys;
+}
+function isWif(wif) {
+  try {
+    PrivateKey.fromWif(wif);
+    return true;
+  } catch {
+    return false;
+  }
+}
+function isPublicKey(publicKey, prefix = "ZTR") {
+  try {
+    PublicKey.fromString(publicKey, prefix);
+    return true;
+  } catch {
+    return false;
+  }
+}
+export {
+  PrivateKey,
+  PublicKey,
+  Signature,
+  generateKeys,
+  isPublicKey,
+  isWif
+};
+//# sourceMappingURL=keys.js.map

package/dist/node/auth/keys.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"keys.js","sources":["../../../src/auth/keys.ts"],"sourcesContent":["/**\n * Cryptographic key utilities for Zattera blockchain\n */\n\nimport * as secp256k1 from '@noble/secp256k1';\nimport { sha256 } from '@noble/hashes/sha2';\nimport { ripemd160 } from '@noble/hashes/legacy';\nimport bs58 from 'bs58';\n\nexport class PrivateKey {\n private key: Uint8Array;\n\n constructor(key: Uint8Array) {\n if (key.length !== 32) {\n throw new Error('Private key must be 32 bytes');\n }\n this.key = key;\n }\n\n /**\n * Create PrivateKey from WIF (Wallet Import Format) string\n */\n static fromWif(wif: string): PrivateKey {\n const decoded = bs58.decode(wif);\n\n // Check version byte (0x80)\n if (decoded[0] !== 0x80) {\n throw new Error('Invalid WIF version byte');\n }\n\n // Extract private key (remove version byte and checksum)\n const privateKey = decoded.slice(1, 33);\n const checksum = decoded.slice(33, 37);\n\n // Verify checksum\n const hash1 = sha256(decoded.slice(0, 33));\n const hash2 = sha256(hash1);\n const expectedChecksum = hash2.slice(0, 4);\n\n if (!arraysEqual(checksum, expectedChecksum)) {\n throw new Error('Invalid WIF checksum');\n }\n\n return new PrivateKey(privateKey);\n }\n\n /**\n * Create PrivateKey from seed string\n */\n static fromSeed(seed: string): PrivateKey {\n const hash = sha256(new TextEncoder().encode(seed));\n return new PrivateKey(hash);\n }\n\n /**\n * Generate PrivateKey from account name, password and role\n */\n static fromLogin(\n accountName: string,\n password: string,\n role: string = 'active'\n ): PrivateKey {\n const seed = accountName + role + password;\n const normalized = seed.trim().replace(/\\s+/g, ' ');\n return PrivateKey.fromSeed(normalized);\n }\n\n /**\n * Convert to WIF format\n */\n toWif(): string {\n // Add version byte (0x80)\n const versioned = new Uint8Array(33);\n versioned[0] = 0x80;\n versioned.set(this.key, 1);\n\n // Calculate checksum\n const hash1 = sha256(versioned);\n const hash2 = sha256(hash1);\n const checksum = hash2.slice(0, 4);\n\n // Concatenate and encode\n const result = new Uint8Array(37);\n result.set(versioned);\n result.set(checksum, 33);\n\n return bs58.encode(result);\n }\n\n /**\n * Get the public key\n */\n toPublic(): PublicKey {\n const publicKeyBytes = secp256k1.getPublicKey(this.key, true);\n return new PublicKey(publicKeyBytes);\n }\n\n /**\n * Get raw bytes\n */\n toBytes(): Uint8Array {\n return this.key;\n }\n\n /**\n * Sign a message hash\n * @param messageHash The message hash to sign\n * @returns Signature with recovery parameter\n */\n async sign(messageHash: Uint8Array): Promise<Signature> {\n // signAsync returns RecoveredSignature which has r, s, and recovery properties\n const sig = await secp256k1.signAsync(messageHash, this.key, {\n lowS: true, // Enforce canonical signatures (prevents malleability)\n });\n\n return new Signature({ signature: sig.toCompactRawBytes(), recovery: sig.recovery ?? 0 });\n }\n\n /**\n * Get shared secret with a public key (for ECIES encryption)\n * @param publicKey The public key to generate shared secret with\n * @returns Shared secret as Uint8Array\n */\n getSharedSecret(publicKey: PublicKey): Uint8Array {\n const sharedPoint = secp256k1.getSharedSecret(this.key, publicKey.toBytes(), true);\n // Remove the prefix byte (0x02 or 0x03) to get the 32-byte shared secret\n return sharedPoint.slice(1);\n }\n\n /**\n * Derive child key from offset (hierarchical key derivation)\n * @param offset Offset string for derivation\n * @returns New derived PrivateKey\n */\n child(offset: string): PrivateKey {\n const offsetHash = sha256(new TextEncoder().encode(offset));\n const offsetBigInt = BigInt('0x' + Array.from(offsetHash).map(b => b.toString(16).padStart(2, '0')).join(''));\n const keyBigInt = BigInt('0x' + Array.from(this.key).map(b => b.toString(16).padStart(2, '0')).join(''));\n\n // secp256k1 curve order\n const n = BigInt('0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141');\n const childKeyBigInt = (keyBigInt + offsetBigInt) % n;\n\n // Convert back to 32-byte array\n const childKeyHex = childKeyBigInt.toString(16).padStart(64, '0');\n const childKeyBytes = new Uint8Array(32);\n for (let i = 0; i < 32; i++) {\n childKeyBytes[i] = parseInt(childKeyHex.slice(i * 2, i * 2 + 2), 16);\n }\n\n return new PrivateKey(childKeyBytes);\n }\n}\n\nexport class PublicKey {\n private key: Uint8Array;\n\n constructor(key: Uint8Array) {\n if (key.length !== 33) {\n throw new Error('Compressed public key must be 33 bytes');\n }\n this.key = key;\n }\n\n /**\n * Create PublicKey from string (e.g., \"ZTR...\")\n */\n static fromString(publicKeyString: string, prefix: string = 'ZTR'): PublicKey {\n if (!publicKeyString.startsWith(prefix)) {\n throw new Error(`Public key must start with ${prefix}`);\n }\n\n const keyString = publicKeyString.substring(prefix.length);\n const decoded = bs58.decode(keyString);\n\n // Extract public key (remove checksum)\n const publicKey = decoded.slice(0, 33);\n const checksum = decoded.slice(33);\n\n // Verify checksum\n const hash = ripemd160(publicKey);\n const expectedChecksum = hash.slice(0, 4);\n\n if (!arraysEqual(checksum, expectedChecksum)) {\n throw new Error('Invalid public key checksum');\n }\n\n return new PublicKey(publicKey);\n }\n\n /**\n * Convert to string format (e.g., \"ZTR...\")\n */\n toString(prefix: string = 'ZTR'): string {\n const checksum = ripemd160(this.key).slice(0, 4);\n const result = new Uint8Array(37);\n result.set(this.key);\n result.set(checksum, 33);\n\n return prefix + bs58.encode(result);\n }\n\n /**\n * Get raw bytes\n */\n toBytes(): Uint8Array {\n return this.key;\n }\n\n /**\n * Verify a signature\n */\n async verify(messageHash: Uint8Array, signature: Signature): Promise<boolean> {\n try {\n return secp256k1.verify(signature.toCompact(), messageHash, this.key);\n } catch {\n return false;\n }\n }\n\n /**\n * Derive child key from offset (hierarchical key derivation)\n * Note: This is not implemented for public keys alone, derive from private key instead\n * @param _offset Offset string for derivation (unused)\n * @returns Never - throws error\n */\n child(_offset: string): PublicKey {\n // This would require point addition which is complex\n // For now, we'll derive from private key if available\n throw new Error('PublicKey.child() requires private key derivation');\n }\n}\n\nexport class Signature {\n private sig: Uint8Array;\n private recovery: number;\n\n constructor(sig: Uint8Array | { signature: Uint8Array; recovery: number }) {\n if (sig instanceof Uint8Array) {\n // Compact format: 65 bytes (recovery + r + s)\n if (sig.length !== 65) {\n throw new Error('Signature must be 65 bytes');\n }\n const recoveryByte = sig[0];\n if (recoveryByte === undefined) {\n throw new Error('Invalid signature: missing recovery byte');\n }\n this.recovery = recoveryByte - 27;\n this.sig = sig.slice(1);\n } else {\n // From secp256k1.signAsync result\n this.sig = sig.signature;\n this.recovery = sig.recovery ?? 0;\n }\n }\n\n /**\n * Get compact signature (65 bytes: recovery + r + s)\n */\n toCompact(): Uint8Array {\n return this.sig;\n }\n\n /**\n * Get full signature with recovery parameter (65 bytes)\n */\n toBuffer(): Uint8Array {\n const result = new Uint8Array(65);\n result[0] = this.recovery + 27;\n result.set(this.sig, 1);\n return result;\n }\n\n /**\n * Recover public key from signature and message hash\n */\n async recoverPublicKey(messageHash: Uint8Array): Promise<PublicKey> {\n // Create a Signature instance from the compact bytes\n const sig = secp256k1.Signature.fromCompact(this.sig);\n\n // Add recovery bit\n const recoveredSig = sig.addRecoveryBit(this.recovery);\n\n // Recover the public key point\n const point = recoveredSig.recoverPublicKey(messageHash);\n\n // Convert to compressed bytes\n const publicKeyBytes = point.toRawBytes(true);\n\n return new PublicKey(publicKeyBytes);\n }\n}\n\n/**\n * Helper function to compare two Uint8Arrays\n */\nfunction arraysEqual(a: Uint8Array, b: Uint8Array): boolean {\n if (a.length !== b.length) return false;\n for (let i = 0; i < a.length; i++) {\n if (a[i] !== b[i]) return false;\n }\n return true;\n}\n\n/**\n * Generate all account keys from account name and password\n */\nexport function generateKeys(\n accountName: string,\n password: string,\n roles: string[] = ['owner', 'active', 'posting', 'memo']\n): Record<string, { private: string; public: string }> {\n const keys: Record<string, { private: string; public: string }> = {};\n\n for (const role of roles) {\n const privateKey = PrivateKey.fromLogin(accountName, password, role);\n const publicKey = privateKey.toPublic();\n\n keys[role] = {\n private: privateKey.toWif(),\n public: publicKey.toString(),\n };\n }\n\n return keys;\n}\n\n/**\n * Check if a string is a valid WIF private key\n */\nexport function isWif(wif: string): boolean {\n try {\n PrivateKey.fromWif(wif);\n return true;\n } catch {\n return false;\n }\n}\n\n/**\n * Check if a string is a valid public key\n */\nexport function isPublicKey(publicKey: string, prefix: string = 'ZTR'): boolean {\n try {\n PublicKey.fromString(publicKey, prefix);\n return true;\n } catch {\n return false;\n }\n}\n"],"names":["secp256k1.getPublicKey","secp256k1.signAsync","secp256k1.getSharedSecret","secp256k1.verify","secp256k1.Signature"],"mappings":";;;;AASO,MAAM,WAAW;AAAA,EACd;AAAA,EAER,YAAY,KAAiB;AAC3B,QAAI,IAAI,WAAW,IAAI;AACrB,YAAM,IAAI,MAAM,8BAA8B;AAAA,IAChD;AACA,SAAK,MAAM;AAAA,EACb;AAAA;AAAA;AAAA;AAAA,EAKA,OAAO,QAAQ,KAAyB;AACtC,UAAM,UAAU,KAAK,OAAO,GAAG;AAG/B,QAAI,QAAQ,CAAC,MAAM,KAAM;AACvB,YAAM,IAAI,MAAM,0BAA0B;AAAA,IAC5C;AAGA,UAAM,aAAa,QAAQ,MAAM,GAAG,EAAE;AACtC,UAAM,WAAW,QAAQ,MAAM,IAAI,EAAE;AAGrC,UAAM,QAAQ,OAAO,QAAQ,MAAM,GAAG,EAAE,CAAC;AACzC,UAAM,QAAQ,OAAO,KAAK;AAC1B,UAAM,mBAAmB,MAAM,MAAM,GAAG,CAAC;AAEzC,QAAI,CAAC,YAAY,UAAU,gBAAgB,GAAG;AAC5C,YAAM,IAAI,MAAM,sBAAsB;AAAA,IACxC;AAEA,WAAO,IAAI,WAAW,UAAU;AAAA,EAClC;AAAA;AAAA;AAAA;AAAA,EAKA,OAAO,SAAS,MAA0B;AACxC,UAAM,OAAO,OAAO,IAAI,cAAc,OAAO,IAAI,CAAC;AAClD,WAAO,IAAI,WAAW,IAAI;AAAA,EAC5B;AAAA;AAAA;AAAA;AAAA,EAKA,OAAO,UACL,aACA,UACA,OAAe,UACH;AACZ,UAAM,OAAO,cAAc,OAAO;AAClC,UAAM,aAAa,KAAK,KAAA,EAAO,QAAQ,QAAQ,GAAG;AAClD,WAAO,WAAW,SAAS,UAAU;AAAA,EACvC;AAAA;AAAA;AAAA;AAAA,EAKA,QAAgB;AAEd,UAAM,YAAY,IAAI,WAAW,EAAE;AACnC,cAAU,CAAC,IAAI;AACf,cAAU,IAAI,KAAK,KAAK,CAAC;AAGzB,UAAM,QAAQ,OAAO,SAAS;AAC9B,UAAM,QAAQ,OAAO,KAAK;AAC1B,UAAM,WAAW,MAAM,MAAM,GAAG,CAAC;AAGjC,UAAM,SAAS,IAAI,WAAW,EAAE;AAChC,WAAO,IAAI,SAAS;AACpB,WAAO,IAAI,UAAU,EAAE;AAEvB,WAAO,KAAK,OAAO,MAAM;AAAA,EAC3B;AAAA;AAAA;AAAA;AAAA,EAKA,WAAsB;AACpB,UAAM,iBAAiBA,aAAuB,KAAK,KAAK,IAAI;AAC5D,WAAO,IAAI,UAAU,cAAc;AAAA,EACrC;AAAA;AAAA;AAAA;AAAA,EAKA,UAAsB;AACpB,WAAO,KAAK;AAAA,EACd;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,KAAK,aAA6C;AAEtD,UAAM,MAAM,MAAMC,UAAoB,aAAa,KAAK,KAAK;AAAA,MAC3D,MAAM;AAAA;AAAA,IAAA,CACP;AAED,WAAO,IAAI,UAAU,EAAE,WAAW,IAAI,qBAAqB,UAAU,IAAI,YAAY,GAAG;AAAA,EAC1F;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,gBAAgB,WAAkC;AAChD,UAAM,cAAcC,gBAA0B,KAAK,KAAK,UAAU,QAAA,GAAW,IAAI;AAEjF,WAAO,YAAY,MAAM,CAAC;AAAA,EAC5B;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,QAA4B;AAChC,UAAM,aAAa,OAAO,IAAI,cAAc,OAAO,MAAM,CAAC;AAC1D,UAAM,eAAe,OAAO,OAAO,MAAM,KAAK,UAAU,EAAE,IAAI,CAAA,MAAK,EAAE,SAAS,EAAE,EAAE,SAAS,GAAG,GAAG,CAAC,EAAE,KAAK,EAAE,CAAC;AAC5G,UAAM,YAAY,OAAO,OAAO,MAAM,KAAK,KAAK,GAAG,EAAE,IAAI,CAAA,MAAK,EAAE,SAAS,EAAE,EAAE,SAAS,GAAG,GAAG,CAAC,EAAE,KAAK,EAAE,CAAC;AAGvG,UAAM,IAAI,OAAO,oEAAoE;AACrF,UAAM,kBAAkB,YAAY,gBAAgB;AAGpD,UAAM,cAAc,eAAe,SAAS,EAAE,EAAE,SAAS,IAAI,GAAG;AAChE,UAAM,gBAAgB,IAAI,WAAW,EAAE;AACvC,aAAS,IAAI,GAAG,IAAI,IAAI,KAAK;AAC3B,oBAAc,CAAC,IAAI,SAAS,YAAY,MAAM,IAAI,GAAG,IAAI,IAAI,CAAC,GAAG,EAAE;AAAA,IACrE;AAEA,WAAO,IAAI,WAAW,aAAa;AAAA,EACrC;AACF;AAEO,MAAM,UAAU;AAAA,EACb;AAAA,EAER,YAAY,KAAiB;AAC3B,QAAI,IAAI,WAAW,IAAI;AACrB,YAAM,IAAI,MAAM,wCAAwC;AAAA,IAC1D;AACA,SAAK,MAAM;AAAA,EACb;AAAA;AAAA;AAAA;AAAA,EAKA,OAAO,WAAW,iBAAyB,SAAiB,OAAkB;AAC5E,QAAI,CAAC,gBAAgB,WAAW,MAAM,GAAG;AACvC,YAAM,IAAI,MAAM,8BAA8B,MAAM,EAAE;AAAA,IACxD;AAEA,UAAM,YAAY,gBAAgB,UAAU,OAAO,MAAM;AACzD,UAAM,UAAU,KAAK,OAAO,SAAS;AAGrC,UAAM,YAAY,QAAQ,MAAM,GAAG,EAAE;AACrC,UAAM,WAAW,QAAQ,MAAM,EAAE;AAGjC,UAAM,OAAO,UAAU,SAAS;AAChC,UAAM,mBAAmB,KAAK,MAAM,GAAG,CAAC;AAExC,QAAI,CAAC,YAAY,UAAU,gBAAgB,GAAG;AAC5C,YAAM,IAAI,MAAM,6BAA6B;AAAA,IAC/C;AAEA,WAAO,IAAI,UAAU,SAAS;AAAA,EAChC;AAAA;AAAA;AAAA;AAAA,EAKA,SAAS,SAAiB,OAAe;AACvC,UAAM,WAAW,UAAU,KAAK,GAAG,EAAE,MAAM,GAAG,CAAC;AAC/C,UAAM,SAAS,IAAI,WAAW,EAAE;AAChC,WAAO,IAAI,KAAK,GAAG;AACnB,WAAO,IAAI,UAAU,EAAE;AAEvB,WAAO,SAAS,KAAK,OAAO,MAAM;AAAA,EACpC;AAAA;AAAA;AAAA;AAAA,EAKA,UAAsB;AACpB,WAAO,KAAK;AAAA,EACd;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,OAAO,aAAyB,WAAwC;AAC5E,QAAI;AACF,aAAOC,OAAiB,UAAU,aAAa,aAAa,KAAK,GAAG;AAAA,IACtE,QAAQ;AACN,aAAO;AAAA,IACT;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,SAA4B;AAGhC,UAAM,IAAI,MAAM,mDAAmD;AAAA,EACrE;AACF;AAEO,MAAM,UAAU;AAAA,EACb;AAAA,EACA;AAAA,EAER,YAAY,KAA+D;AACzE,QAAI,eAAe,YAAY;AAE7B,UAAI,IAAI,WAAW,IAAI;AACrB,cAAM,IAAI,MAAM,4BAA4B;AAAA,MAC9C;AACA,YAAM,eAAe,IAAI,CAAC;AAC1B,UAAI,iBAAiB,QAAW;AAC9B,cAAM,IAAI,MAAM,0CAA0C;AAAA,MAC5D;AACA,WAAK,WAAW,eAAe;AAC/B,WAAK,MAAM,IAAI,MAAM,CAAC;AAAA,IACxB,OAAO;AAEL,WAAK,MAAM,IAAI;AACf,WAAK,WAAW,IAAI,YAAY;AAAA,IAClC;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,YAAwB;AACtB,WAAO,KAAK;AAAA,EACd;AAAA;AAAA;AAAA;AAAA,EAKA,WAAuB;AACrB,UAAM,SAAS,IAAI,WAAW,EAAE;AAChC,WAAO,CAAC,IAAI,KAAK,WAAW;AAC5B,WAAO,IAAI,KAAK,KAAK,CAAC;AACtB,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,iBAAiB,aAA6C;AAElE,UAAM,MAAMC,YAAoB,YAAY,KAAK,GAAG;AAGpD,UAAM,eAAe,IAAI,eAAe,KAAK,QAAQ;AAGrD,UAAM,QAAQ,aAAa,iBAAiB,WAAW;AAGvD,UAAM,iBAAiB,MAAM,WAAW,IAAI;AAE5C,WAAO,IAAI,UAAU,cAAc;AAAA,EACrC;AACF;AAKA,SAAS,YAAY,GAAe,GAAwB;AAC1D,MAAI,EAAE,WAAW,EAAE,OAAQ,QAAO;AAClC,WAAS,IAAI,GAAG,IAAI,EAAE,QAAQ,KAAK;AACjC,QAAI,EAAE,CAAC,MAAM,EAAE,CAAC,EAAG,QAAO;AAAA,EAC5B;AACA,SAAO;AACT;AAKO,SAAS,aACd,aACA,UACA,QAAkB,CAAC,SAAS,UAAU,WAAW,MAAM,GACF;AACrD,QAAM,OAA4D,CAAA;AAElE,aAAW,QAAQ,OAAO;AACxB,UAAM,aAAa,WAAW,UAAU,aAAa,UAAU,IAAI;AACnE,UAAM,YAAY,WAAW,SAAA;AAE7B,SAAK,IAAI,IAAI;AAAA,MACX,SAAS,WAAW,MAAA;AAAA,MACpB,QAAQ,UAAU,SAAA;AAAA,IAAS;AAAA,EAE/B;AAEA,SAAO;AACT;AAKO,SAAS,MAAM,KAAsB;AAC1C,MAAI;AACF,eAAW,QAAQ,GAAG;AACtB,WAAO;AAAA,EACT,QAAQ;AACN,WAAO;AAAA,EACT;AACF;AAKO,SAAS,YAAY,WAAmB,SAAiB,OAAgB;AAC9E,MAAI;AACF,cAAU,WAAW,WAAW,MAAM;AACtC,WAAO;AAAA,EACT,QAAQ;AACN,WAAO;AAAA,EACT;AACF;"}

package/dist/node/auth/memo.js ADDED Viewed

@@ -0,0 +1,79 @@
+import { sha512, sha256 } from "../node_modules/@noble/hashes/esm/sha2.js";
+import { cbc } from "../node_modules/@noble/ciphers/aes.js";
+import { randomBytes } from "../node_modules/@noble/ciphers/utils.js";
+import bs58 from "../node_modules/bs58/src/esm/index.js";
+function generateNonce(size = 8) {
+  return randomBytes(size);
+}
+function encodeMemo(privateKey, publicKey, memo, nonce) {
+  if (!memo.startsWith("#")) {
+    memo = "#" + memo;
+  }
+  const message = memo.slice(1);
+  const messageBytes = new TextEncoder().encode(message);
+  const nonceBytes = nonce ?? generateNonce(8);
+  const sharedSecret = privateKey.getSharedSecret(publicKey);
+  const combined = new Uint8Array(nonceBytes.length + sharedSecret.length);
+  combined.set(nonceBytes);
+  combined.set(sharedSecret, nonceBytes.length);
+  const hash = sha512(combined);
+  const iv = hash.slice(0, 16);
+  const encryptionKey = hash.slice(16, 48);
+  const cipher = cbc(encryptionKey, iv);
+  const encrypted = cipher.encrypt(messageBytes);
+  const checksumHash = sha256(encryptionKey);
+  const checksum = checksumHash.slice(0, 4);
+  const serialized = new Uint8Array(nonceBytes.length + checksum.length + encrypted.length);
+  serialized.set(nonceBytes, 0);
+  serialized.set(checksum, nonceBytes.length);
+  serialized.set(encrypted, nonceBytes.length + checksum.length);
+  return "#" + bs58.encode(serialized);
+}
+function decodeMemo(_privateKey, memo) {
+  if (!memo.startsWith("#")) {
+    return memo;
+  }
+  throw new Error("decodeMemo requires sender public key - use decodeMemoWithKey instead");
+}
+function decodeMemoWithKey(privateKey, publicKey, memo) {
+  if (!memo.startsWith("#")) {
+    return memo;
+  }
+  try {
+    const decoded = bs58.decode(memo.slice(1));
+    const nonce = decoded.slice(0, 8);
+    const checksum = decoded.slice(8, 12);
+    const encrypted = decoded.slice(12);
+    const sharedSecret = privateKey.getSharedSecret(publicKey);
+    const combined = new Uint8Array(nonce.length + sharedSecret.length);
+    combined.set(nonce);
+    combined.set(sharedSecret, nonce.length);
+    const hash = sha512(combined);
+    const iv = hash.slice(0, 16);
+    const encryptionKey = hash.slice(16, 48);
+    const checksumHash = sha256(encryptionKey);
+    const expectedChecksum = checksumHash.slice(0, 4);
+    let checksumValid = true;
+    for (let i = 0; i < 4; i++) {
+      if (checksum[i] !== expectedChecksum[i]) {
+        checksumValid = false;
+        break;
+      }
+    }
+    if (!checksumValid) {
+      throw new Error("Invalid memo checksum");
+    }
+    const decipher = cbc(encryptionKey, iv);
+    const decrypted = decipher.decrypt(encrypted);
+    const message = new TextDecoder().decode(decrypted);
+    return "#" + message;
+  } catch (error) {
+    throw new Error(`Failed to decode memo: ${error instanceof Error ? error.message : String(error)}`);
+  }
+}
+export {
+  decodeMemo,
+  decodeMemoWithKey,
+  encodeMemo
+};
+//# sourceMappingURL=memo.js.map

package/dist/node/auth/memo.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"memo.js","sources":["../../../src/auth/memo.ts"],"sourcesContent":["/**\n * Memo encryption/decryption for Zattera blockchain\n * Based on ECIES (Elliptic Curve Integrated Encryption Scheme)\n */\n\nimport { sha256, sha512 } from '@noble/hashes/sha2';\nimport * as aes from '@noble/ciphers/aes.js';\nimport { randomBytes } from '@noble/ciphers/utils.js';\nimport bs58 from 'bs58';\nimport { PrivateKey, PublicKey } from './keys.js';\n\n/**\n * Generate a random nonce\n * @param size Size of nonce in bytes (default: 8)\n * @returns Random nonce\n */\nfunction generateNonce(size: number = 8): Uint8Array {\n return randomBytes(size);\n}\n\n/**\n * Encode a memo for encryption\n * @param privateKey Sender's private key\n * @param publicKey Recipient's public key\n * @param memo Memo text (will be prefixed with # if not already)\n * @param nonce Optional nonce for testing (default: random)\n * @returns Encrypted memo string with # prefix\n *\n * @example\n * ```typescript\n * const senderKey = PrivateKey.fromSeed('sender seed');\n * const recipientPubKey = PrivateKey.fromSeed('recipient seed').toPublic();\n * const encrypted = await encodeMemo(senderKey, recipientPubKey, 'Hello!');\n * // Returns: \"#<base58_encoded_encrypted_data>\"\n * ```\n */\nexport function encodeMemo(\n privateKey: PrivateKey,\n publicKey: PublicKey,\n memo: string,\n nonce?: Uint8Array\n): string {\n // If memo doesn't start with #, it's not encrypted\n if (!memo.startsWith('#')) {\n memo = '#' + memo;\n }\n\n // Remove the # prefix for encryption\n const message = memo.slice(1);\n const messageBytes = new TextEncoder().encode(message);\n\n // Generate or use provided nonce\n const nonceBytes = nonce ?? generateNonce(8);\n\n // Get shared secret using ECDH\n const sharedSecret = privateKey.getSharedSecret(publicKey);\n\n // Derive encryption key and IV from shared secret and nonce\n // Key derivation: SHA512(nonce || shared_secret)\n const combined = new Uint8Array(nonceBytes.length + sharedSecret.length);\n combined.set(nonceBytes);\n combined.set(sharedSecret, nonceBytes.length);\n\n const hash = sha512(combined);\n\n // Split hash into IV (first 16 bytes) and key (next 32 bytes)\n const iv = hash.slice(0, 16);\n const encryptionKey = hash.slice(16, 48);\n\n // Encrypt the message\n const cipher = aes.cbc(encryptionKey, iv);\n const encrypted = cipher.encrypt(messageBytes);\n\n // Calculate checksum (first 4 bytes of SHA256 of encryption key)\n const checksumHash = sha256(encryptionKey);\n const checksum = checksumHash.slice(0, 4);\n\n // Serialize: nonce (8 bytes) + checksum (4 bytes) + encrypted data\n const serialized = new Uint8Array(nonceBytes.length + checksum.length + encrypted.length);\n serialized.set(nonceBytes, 0);\n serialized.set(checksum, nonceBytes.length);\n serialized.set(encrypted, nonceBytes.length + checksum.length);\n\n // Encode to base58 and add # prefix\n return '#' + bs58.encode(serialized);\n}\n\n/**\n * Decode an encrypted memo\n *\n * Note: This function is deprecated. Use decodeMemoWithKey instead, as it requires\n * the sender's public key to properly decrypt the memo.\n *\n * @param _privateKey Recipient's private key (unused)\n * @param memo Encrypted memo string (must start with #)\n * @returns Never - throws error directing to use decodeMemoWithKey\n * @deprecated Use decodeMemoWithKey instead\n */\nexport function decodeMemo(_privateKey: PrivateKey, memo: string): string {\n // If memo doesn't start with #, it's not encrypted\n if (!memo.startsWith('#')) {\n return memo;\n }\n\n throw new Error('decodeMemo requires sender public key - use decodeMemoWithKey instead');\n}\n\n/**\n * Decode an encrypted memo with explicit public key\n * @param privateKey Recipient's private key\n * @param publicKey Sender's public key\n * @param memo Encrypted memo string (must start with #)\n * @returns Decrypted memo text (with # prefix)\n *\n * @example\n * ```typescript\n * const recipientKey = PrivateKey.fromSeed('recipient seed');\n * const senderPubKey = PrivateKey.fromSeed('sender seed').toPublic();\n * const decrypted = await decodeMemoWithKey(recipientKey, senderPubKey, encryptedMemo);\n * // Returns: \"#Hello!\"\n * ```\n */\nexport function decodeMemoWithKey(\n privateKey: PrivateKey,\n publicKey: PublicKey,\n memo: string\n): string {\n // If memo doesn't start with #, it's not encrypted\n if (!memo.startsWith('#')) {\n return memo;\n }\n\n try {\n // Remove # prefix and decode from base58\n const decoded = bs58.decode(memo.slice(1));\n\n // Extract components\n const nonce = decoded.slice(0, 8);\n const checksum = decoded.slice(8, 12);\n const encrypted = decoded.slice(12);\n\n // Get shared secret using ECDH\n const sharedSecret = privateKey.getSharedSecret(publicKey);\n\n // Derive encryption key and IV\n const combined = new Uint8Array(nonce.length + sharedSecret.length);\n combined.set(nonce);\n combined.set(sharedSecret, nonce.length);\n\n const hash = sha512(combined);\n const iv = hash.slice(0, 16);\n const encryptionKey = hash.slice(16, 48);\n\n // Verify checksum\n const checksumHash = sha256(encryptionKey);\n const expectedChecksum = checksumHash.slice(0, 4);\n\n let checksumValid = true;\n for (let i = 0; i < 4; i++) {\n if (checksum[i] !== expectedChecksum[i]) {\n checksumValid = false;\n break;\n }\n }\n\n if (!checksumValid) {\n throw new Error('Invalid memo checksum');\n }\n\n // Decrypt the message\n const decipher = aes.cbc(encryptionKey, iv);\n const decrypted = decipher.decrypt(encrypted);\n\n // Convert to string and add # prefix\n const message = new TextDecoder().decode(decrypted);\n return '#' + message;\n } catch (error) {\n throw new Error(`Failed to decode memo: ${error instanceof Error ? error.message : String(error)}`);\n }\n}\n"],"names":["aes.cbc"],"mappings":";;;;AAgBA,SAAS,cAAc,OAAe,GAAe;AACnD,SAAO,YAAY,IAAI;AACzB;AAkBO,SAAS,WACd,YACA,WACA,MACA,OACQ;AAER,MAAI,CAAC,KAAK,WAAW,GAAG,GAAG;AACzB,WAAO,MAAM;AAAA,EACf;AAGA,QAAM,UAAU,KAAK,MAAM,CAAC;AAC5B,QAAM,eAAe,IAAI,cAAc,OAAO,OAAO;AAGrD,QAAM,aAAa,SAAS,cAAc,CAAC;AAG3C,QAAM,eAAe,WAAW,gBAAgB,SAAS;AAIzD,QAAM,WAAW,IAAI,WAAW,WAAW,SAAS,aAAa,MAAM;AACvE,WAAS,IAAI,UAAU;AACvB,WAAS,IAAI,cAAc,WAAW,MAAM;AAE5C,QAAM,OAAO,OAAO,QAAQ;AAG5B,QAAM,KAAK,KAAK,MAAM,GAAG,EAAE;AAC3B,QAAM,gBAAgB,KAAK,MAAM,IAAI,EAAE;AAGvC,QAAM,SAASA,IAAQ,eAAe,EAAE;AACxC,QAAM,YAAY,OAAO,QAAQ,YAAY;AAG7C,QAAM,eAAe,OAAO,aAAa;AACzC,QAAM,WAAW,aAAa,MAAM,GAAG,CAAC;AAGxC,QAAM,aAAa,IAAI,WAAW,WAAW,SAAS,SAAS,SAAS,UAAU,MAAM;AACxF,aAAW,IAAI,YAAY,CAAC;AAC5B,aAAW,IAAI,UAAU,WAAW,MAAM;AAC1C,aAAW,IAAI,WAAW,WAAW,SAAS,SAAS,MAAM;AAG7D,SAAO,MAAM,KAAK,OAAO,UAAU;AACrC;AAaO,SAAS,WAAW,aAAyB,MAAsB;AAExE,MAAI,CAAC,KAAK,WAAW,GAAG,GAAG;AACzB,WAAO;AAAA,EACT;AAEA,QAAM,IAAI,MAAM,uEAAuE;AACzF;AAiBO,SAAS,kBACd,YACA,WACA,MACQ;AAER,MAAI,CAAC,KAAK,WAAW,GAAG,GAAG;AACzB,WAAO;AAAA,EACT;AAEA,MAAI;AAEF,UAAM,UAAU,KAAK,OAAO,KAAK,MAAM,CAAC,CAAC;AAGzC,UAAM,QAAQ,QAAQ,MAAM,GAAG,CAAC;AAChC,UAAM,WAAW,QAAQ,MAAM,GAAG,EAAE;AACpC,UAAM,YAAY,QAAQ,MAAM,EAAE;AAGlC,UAAM,eAAe,WAAW,gBAAgB,SAAS;AAGzD,UAAM,WAAW,IAAI,WAAW,MAAM,SAAS,aAAa,MAAM;AAClE,aAAS,IAAI,KAAK;AAClB,aAAS,IAAI,cAAc,MAAM,MAAM;AAEvC,UAAM,OAAO,OAAO,QAAQ;AAC5B,UAAM,KAAK,KAAK,MAAM,GAAG,EAAE;AAC3B,UAAM,gBAAgB,KAAK,MAAM,IAAI,EAAE;AAGvC,UAAM,eAAe,OAAO,aAAa;AACzC,UAAM,mBAAmB,aAAa,MAAM,GAAG,CAAC;AAEhD,QAAI,gBAAgB;AACpB,aAAS,IAAI,GAAG,IAAI,GAAG,KAAK;AAC1B,UAAI,SAAS,CAAC,MAAM,iBAAiB,CAAC,GAAG;AACvC,wBAAgB;AAChB;AAAA,MACF;AAAA,IACF;AAEA,QAAI,CAAC,eAAe;AAClB,YAAM,IAAI,MAAM,uBAAuB;AAAA,IACzC;AAGA,UAAM,WAAWA,IAAQ,eAAe,EAAE;AAC1C,UAAM,YAAY,SAAS,QAAQ,SAAS;AAG5C,UAAM,UAAU,IAAI,cAAc,OAAO,SAAS;AAClD,WAAO,MAAM;AAAA,EACf,SAAS,OAAO;AACd,UAAM,IAAI,MAAM,0BAA0B,iBAAiB,QAAQ,MAAM,UAAU,OAAO,KAAK,CAAC,EAAE;AAAA,EACpG;AACF;"}