UNPKG

@opendatalabs/vana-sdk

Version:

A TypeScript library for interacting with Vana Network smart contracts.

github.com/vana-com/vana-sdk

vana-com/vana-sdk

244 lines 8.37 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
import { ECIESError, isECIESEncrypted } from "./interface.js"; import { CURVE, CIPHER, KDF } from "./constants.js"; import { constantTimeEqual } from "./utils.js"; import { concat } from "viem"; class BaseECIESUint8 { // Cache for validated public keys to avoid repeated validation static validatedKeys = /* @__PURE__ */ new WeakMap(); /** * Normalizes a public key to uncompressed format. * * @param publicKey - Public key in any format. * @returns Uncompressed public key (65 bytes). * @throws {ECIESError} If key format is invalid. */ normalizePublicKey(publicKey) { if (BaseECIESUint8.validatedKeys.get(publicKey)) { return publicKey; } if (publicKey.length === CURVE.UNCOMPRESSED_PUBLIC_KEY_LENGTH) { if (publicKey[0] !== CURVE.PREFIX.UNCOMPRESSED) { throw new ECIESError( "Invalid uncompressed public key prefix", "INVALID_KEY" ); } if (!this.validatePublicKey(publicKey)) { throw new ECIESError("Invalid public key", "INVALID_KEY"); } BaseECIESUint8.validatedKeys.set(publicKey, true); return publicKey; } if (publicKey.length === CURVE.COMPRESSED_PUBLIC_KEY_LENGTH) { if (publicKey[0] === CURVE.PREFIX.COMPRESSED_EVEN || publicKey[0] === CURVE.PREFIX.COMPRESSED_ODD) { const decompressed = this.decompressPublicKey(publicKey); if (!decompressed) { throw new ECIESError( "Failed to decompress public key", "INVALID_KEY" ); } BaseECIESUint8.validatedKeys.set(decompressed, true); return decompressed; } throw new ECIESError( `Invalid compressed public key prefix: expected 0x02 or 0x03, got 0x${publicKey[0].toString(16).padStart(2, "0")}`, "INVALID_KEY" ); } throw new ECIESError( `Invalid public key length: ${publicKey.length}`, "INVALID_KEY" ); } /** * Encrypts data using ECIES. * * @param publicKey - The recipient's public key (compressed or uncompressed) * @param message - The data to encrypt * @returns Promise resolving to encrypted data structure */ async encrypt(publicKey, message) { let ephemeralPrivateKey; let sharedSecret; let kdf; let encryptionKey; let macKey; try { if (!(publicKey instanceof Uint8Array)) { throw new ECIESError("Public key must be a Uint8Array", "INVALID_KEY"); } if (!(message instanceof Uint8Array)) { throw new ECIESError( "Message must be a Uint8Array", "ENCRYPTION_FAILED" ); } if (publicKey.length === 0) { throw new ECIESError("Public key cannot be empty", "INVALID_KEY"); } const pubKey = this.normalizePublicKey(publicKey); do { ephemeralPrivateKey = this.generateRandomBytes( CURVE.PRIVATE_KEY_LENGTH ); } while (!this.verifyPrivateKey(ephemeralPrivateKey)); const ephemeralPublicKey = this.createPublicKey( ephemeralPrivateKey, false ); if (!ephemeralPublicKey) { throw new ECIESError( "Failed to generate ephemeral public key", "ENCRYPTION_FAILED" ); } sharedSecret = this.performECDH(pubKey, ephemeralPrivateKey); kdf = this.sha512(sharedSecret); encryptionKey = kdf.slice( KDF.ENCRYPTION_KEY_OFFSET, KDF.ENCRYPTION_KEY_OFFSET + KDF.ENCRYPTION_KEY_LENGTH ); macKey = kdf.slice( KDF.MAC_KEY_OFFSET, KDF.MAC_KEY_OFFSET + KDF.MAC_KEY_LENGTH ); const iv = this.generateRandomBytes(CIPHER.IV_LENGTH); const ciphertext = await this.aesEncrypt(encryptionKey, iv, message); const macData = concat([iv, ephemeralPublicKey, ciphertext]); const mac = this.hmacSha256(macKey, macData); return { iv, ephemPublicKey: ephemeralPublicKey, ciphertext, mac }; } catch (error) { if (error instanceof ECIESError) throw error; throw new ECIESError( `Encryption failed: ${error instanceof Error ? error.message : "Unknown error"}`, "ENCRYPTION_FAILED", error instanceof Error ? error : void 0 ); } finally { if (ephemeralPrivateKey) this.clearBuffer(ephemeralPrivateKey); if (sharedSecret) this.clearBuffer(sharedSecret); if (kdf) this.clearBuffer(kdf); if (encryptionKey) this.clearBuffer(encryptionKey); if (macKey) this.clearBuffer(macKey); } } /** * Decrypts ECIES encrypted data. * * @param privateKey - The recipient's private key (32 bytes) * @param encrypted - The encrypted data structure from encrypt() * @returns Promise resolving to the original plaintext */ async decrypt(privateKey, encrypted) { let sharedSecret; let kdf; let encryptionKey; let macKey; try { if (!(privateKey instanceof Uint8Array)) { throw new ECIESError("Private key must be a Uint8Array", "INVALID_KEY"); } if (!isECIESEncrypted(encrypted)) { throw new ECIESError( "Invalid encrypted data structure", "DECRYPTION_FAILED" ); } if (privateKey.length !== CURVE.PRIVATE_KEY_LENGTH) { throw new ECIESError( `Invalid private key length: ${privateKey.length}`, "INVALID_KEY" ); } if (!this.verifyPrivateKey(privateKey)) { throw new ECIESError("Invalid private key", "INVALID_KEY"); } if (encrypted.ephemPublicKey.length !== CURVE.UNCOMPRESSED_PUBLIC_KEY_LENGTH) { throw new ECIESError( `Invalid ephemeral public key: expected ${CURVE.UNCOMPRESSED_PUBLIC_KEY_LENGTH} bytes (uncompressed), got ${encrypted.ephemPublicKey.length} bytes`, "INVALID_KEY" ); } if (encrypted.ephemPublicKey[0] !== CURVE.PREFIX.UNCOMPRESSED) { throw new ECIESError( "Invalid ephemeral public key: must be uncompressed format with 0x04 prefix (eccrypto standard)", "INVALID_KEY" ); } if (!this.validatePublicKey(encrypted.ephemPublicKey)) { throw new ECIESError("Invalid ephemeral public key", "INVALID_KEY"); } const ephemeralPublicKey = encrypted.ephemPublicKey; sharedSecret = this.performECDH(ephemeralPublicKey, privateKey); kdf = this.sha512(sharedSecret); encryptionKey = kdf.slice( KDF.ENCRYPTION_KEY_OFFSET, KDF.ENCRYPTION_KEY_OFFSET + KDF.ENCRYPTION_KEY_LENGTH ); macKey = kdf.slice( KDF.MAC_KEY_OFFSET, KDF.MAC_KEY_OFFSET + KDF.MAC_KEY_LENGTH ); const macData = concat([ encrypted.iv, encrypted.ephemPublicKey, encrypted.ciphertext ]); const expectedMac = this.hmacSha256(macKey, macData); if (!constantTimeEqual(encrypted.mac, expectedMac)) { throw new ECIESError("MAC verification failed", "MAC_MISMATCH"); } const decrypted = await this.aesDecrypt( encryptionKey, encrypted.iv, encrypted.ciphertext ); return decrypted; } catch (error) { if (error instanceof ECIESError) throw error; throw new ECIESError( `Decryption failed: ${error instanceof Error ? error.message : "Unknown error"}`, "DECRYPTION_FAILED", error instanceof Error ? error : void 0 ); } finally { if (sharedSecret) this.clearBuffer(sharedSecret); if (kdf) this.clearBuffer(kdf); if (encryptionKey) this.clearBuffer(encryptionKey); if (macKey) this.clearBuffer(macKey); } } /** * Clears sensitive data from memory using multi-pass overwrite. * * @remarks * Uses multiple passes with different patterns to make it harder * for JIT compilers to optimize away the operation. While not * guaranteed in JavaScript, this is a best-effort approach to * clear sensitive data from memory. * * @param buffer - The buffer to clear */ clearBuffer(buffer) { if (buffer && buffer.length > 0) { buffer.fill(0); buffer.fill(255); buffer.fill(170); buffer.fill(0); for (let i = 0; i < buffer.length; i++) { buffer[i] = i & 255 ^ 90; } buffer.fill(0); } } } export { BaseECIESUint8 }; //# sourceMappingURL=base.js.map