@okxweb3/coin-stellar/dist/lib/auth.js

@ok/coin-stellar is a Stellar SDK for building Web3 wallets and applications. It supports Stellar and PI blockchains, enabling private key management, address generation, transaction signing, trustline creation, and asset transfers

"use strict";
var __importDefault = (this && this.__importDefault) || function (mod) {
    return (mod && mod.__esModule) ? mod : { "default": mod };
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.authorizeInvocation = exports.authorizeEntry = void 0;
const xdr_1 = __importDefault(require("./xdr"));
const keypair_1 = require("./keypair");
const strkey_1 = require("./strkey");
const network_1 = require("./network");
const hashing_1 = require("./hashing");
const address_1 = require("./address");
const scval_1 = require("./scval");
async function authorizeEntry(entry, signer, validUntilLedgerSeq, networkPassphrase = network_1.Networks.FUTURENET) {
    if (entry.credentials().switch().value !==
        xdr_1.default.SorobanCredentialsType.sorobanCredentialsAddress().value) {
        return entry;
    }
    const clone = xdr_1.default.SorobanAuthorizationEntry.fromXDR(entry.toXDR());
    const addrAuth = clone.credentials().address();
    addrAuth.signatureExpirationLedger(validUntilLedgerSeq);
    const networkId = (0, hashing_1.hash)(Buffer.from(networkPassphrase));
    const preimage = xdr_1.default.HashIdPreimage.envelopeTypeSorobanAuthorization(new xdr_1.default.HashIdPreimageSorobanAuthorization({
        networkId,
        nonce: addrAuth.nonce(),
        invocation: clone.rootInvocation(),
        signatureExpirationLedger: addrAuth.signatureExpirationLedger()
    }));
    const payload = (0, hashing_1.hash)(preimage.toXDR());
    let signature;
    let publicKey;
    if (typeof signer === 'function') {
        signature = Buffer.from(await signer(preimage));
        publicKey = address_1.Address.fromScAddress(addrAuth.address()).toString();
    }
    else {
        signature = Buffer.from(signer.sign(payload));
        publicKey = signer.publicKey();
    }
    if (!keypair_1.Keypair.fromPublicKey(publicKey).verify(payload, signature)) {
        throw new Error(`signature doesn't match payload`);
    }
    const sigScVal = (0, scval_1.nativeToScVal)({
        public_key: strkey_1.StrKey.decodeEd25519PublicKey(publicKey),
        signature
    }, {
        type: {
            public_key: ['symbol', null],
            signature: ['symbol', null]
        }
    });
    addrAuth.signature(xdr_1.default.ScVal.scvVec([sigScVal]));
    return clone;
}
exports.authorizeEntry = authorizeEntry;
function authorizeInvocation(signer, validUntilLedgerSeq, invocation, publicKey = '', networkPassphrase = network_1.Networks.FUTURENET) {
    const kp = keypair_1.Keypair.random().rawPublicKey();
    const nonce = new xdr_1.default.Int64(bytesToInt64(kp));
    const pk = publicKey || signer.publicKey();
    if (!pk) {
        throw new Error(`authorizeInvocation requires publicKey parameter`);
    }
    const entry = new xdr_1.default.SorobanAuthorizationEntry({
        rootInvocation: invocation,
        credentials: xdr_1.default.SorobanCredentials.sorobanCredentialsAddress(new xdr_1.default.SorobanAddressCredentials({
            address: new address_1.Address(pk).toScAddress(),
            nonce,
            signatureExpirationLedger: 0,
            signature: xdr_1.default.ScVal.scvVec([])
        }))
    });
    return authorizeEntry(entry, signer, validUntilLedgerSeq, networkPassphrase);
}
exports.authorizeInvocation = authorizeInvocation;
function bytesToInt64(bytes) {
    return bytes.subarray(0, 8).reduce((accum, b) => (accum << 8) | b, 0);
}
//# sourceMappingURL=auth.js.map