From ec5d5fd1af81a8ba66702a0bd29167e7dbad559a Mon Sep 17 00:00:00 2001 From: ctrlc03 <93448202+ctrlc03@users.noreply.github.com> Date: Mon, 19 Aug 2024 14:30:43 +0100 Subject: [PATCH] feat: add session keys service --- packages/coordinator/.env.example | 3 +- packages/coordinator/.gitignore | 2 +- packages/coordinator/package.json | 10 +- packages/coordinator/ts/app.module.ts | 2 + .../ts/common/accountAbstraction.ts | 14 ++ packages/coordinator/ts/common/errors.ts | 1 + packages/coordinator/ts/file/file.service.ts | 43 +++++ .../__tests__/sessionKeys.service.test.ts | 40 +++++ .../ts/sessionKeys/__tests__/utils.ts | 82 +++++++++ .../ts/sessionKeys/sessionKeys.controller.ts | 50 ++++++ .../ts/sessionKeys/sessionKeys.module.ts | 14 ++ .../ts/sessionKeys/sessionKeys.service.ts | 129 ++++++++++++++ packages/coordinator/ts/sessionKeys/types.ts | 9 + pnpm-lock.yaml | 166 +++++++++++++++++- 14 files changed, 556 insertions(+), 9 deletions(-) create mode 100644 packages/coordinator/ts/common/accountAbstraction.ts create mode 100644 packages/coordinator/ts/sessionKeys/__tests__/sessionKeys.service.test.ts create mode 100644 packages/coordinator/ts/sessionKeys/__tests__/utils.ts create mode 100644 packages/coordinator/ts/sessionKeys/sessionKeys.controller.ts create mode 100644 packages/coordinator/ts/sessionKeys/sessionKeys.module.ts create mode 100644 packages/coordinator/ts/sessionKeys/sessionKeys.service.ts create mode 100644 packages/coordinator/ts/sessionKeys/types.ts diff --git a/packages/coordinator/.env.example b/packages/coordinator/.env.example index 067c41dc..73f84265 100644 --- a/packages/coordinator/.env.example +++ b/packages/coordinator/.env.example @@ -45,4 +45,5 @@ SUBGRAPH_DEPLOY_KEY= # Subgraph project folder SUBGRAPH_FOLDER=./node_modules/maci-subgraph - +# API Key for Pimlico RPC Bundler +PIMLICO_API_KEY="" diff --git a/packages/coordinator/.gitignore b/packages/coordinator/.gitignore index 1751988f..1e6853cb 100644 --- a/packages/coordinator/.gitignore +++ b/packages/coordinator/.gitignore @@ -3,4 +3,4 @@ zkeys/ proofs/ tally.json - +session-keys.json diff --git a/packages/coordinator/package.json b/packages/coordinator/package.json index 0b175e57..1d6f10ae 100644 --- a/packages/coordinator/package.json +++ b/packages/coordinator/package.json @@ -36,23 +36,30 @@ "@nestjs/websockets": "^10.3.10", "@nomicfoundation/hardhat-ethers": "^3.0.6", "@nomicfoundation/hardhat-toolbox": "^5.0.0", + "@zerodev/ecdsa-validator": "^5.3.1", + "@zerodev/permissions": "^5.4.3", + "@zerodev/sdk": "^5.3.8", + "@zerodev/session-key": "^5.4.2", "class-transformer": "^0.5.1", "class-validator": "^0.14.1", "dotenv": "^16.4.5", "ethers": "^6.13.1", "hardhat": "^2.22.6", "helmet": "^7.1.0", + "lowdb": "^1.0.0", "maci-circuits": "^2.1.0", "maci-cli": "^2.1.0", "maci-contracts": "^2.1.0", "maci-domainobjs": "^2.0.0", "maci-subgraph": "^2.1.0", "mustache": "^4.2.0", + "permissionless": "^0.1.44", "reflect-metadata": "^0.2.0", "rxjs": "^7.8.1", "socket.io": "^4.7.5", "tar": "^7.4.1", - "ts-node": "^10.9.1" + "ts-node": "^10.9.1", + "viem": "^2.7.15" }, "devDependencies": { "@nestjs/cli": "^10.4.2", @@ -60,6 +67,7 @@ "@nestjs/testing": "^10.3.10", "@types/express": "^4.17.17", "@types/jest": "^29.5.2", + "@types/lowdb": "^1.0.15", "@types/node": "^20.14.11", "@types/supertest": "^6.0.2", "fast-check": "^3.20.0", diff --git a/packages/coordinator/ts/app.module.ts b/packages/coordinator/ts/app.module.ts index f363afec..fdd623a5 100644 --- a/packages/coordinator/ts/app.module.ts +++ b/packages/coordinator/ts/app.module.ts @@ -4,6 +4,7 @@ import { ThrottlerModule } from "@nestjs/throttler"; import { CryptoModule } from "./crypto/crypto.module"; import { FileModule } from "./file/file.module"; import { ProofModule } from "./proof/proof.module"; +import { SessionKeysModule } from "./sessionKeys/sessionKeys.module"; import { SubgraphModule } from "./subgraph/subgraph.module"; @Module({ @@ -18,6 +19,7 @@ import { SubgraphModule } from "./subgraph/subgraph.module"; CryptoModule, SubgraphModule, ProofModule, + SessionKeysModule, ], }) export class AppModule {} diff --git a/packages/coordinator/ts/common/accountAbstraction.ts b/packages/coordinator/ts/common/accountAbstraction.ts new file mode 100644 index 00000000..95472676 --- /dev/null +++ b/packages/coordinator/ts/common/accountAbstraction.ts @@ -0,0 +1,14 @@ +/** + * Generate the RPCUrl for Pimlico based on the chain we need to interact with + * @param network - the network we want to interact with + * @returns the RPCUrl for the network + */ +export const genPimlicoRPCUrl = (network: string): string => { + const pimlicoAPIKey = process.env.PIMLICO_API_KEY; + + if (!pimlicoAPIKey) { + throw new Error("PIMLICO_API_KEY is not set"); + } + + return `https://api.pimlico.io/v2/${network}/rpc?apikey=${pimlicoAPIKey}`; +}; diff --git a/packages/coordinator/ts/common/errors.ts b/packages/coordinator/ts/common/errors.ts index 87606ae1..953000cb 100644 --- a/packages/coordinator/ts/common/errors.ts +++ b/packages/coordinator/ts/common/errors.ts @@ -10,4 +10,5 @@ export enum ErrorCodes { ENCRYPTION = "5", FILE_NOT_FOUND = "6", SUBGRAPH_DEPLOY = "7", + SESSION_KEY_NOT_FOUND = "8", } diff --git a/packages/coordinator/ts/file/file.service.ts b/packages/coordinator/ts/file/file.service.ts index d0bdff26..fd5c9b35 100644 --- a/packages/coordinator/ts/file/file.service.ts +++ b/packages/coordinator/ts/file/file.service.ts @@ -1,4 +1,6 @@ import { Injectable, Logger } from "@nestjs/common"; +import low from "lowdb"; +import FileSync from "lowdb/adapters/FileSync"; import fs from "fs"; import path from "path"; @@ -7,6 +9,12 @@ import type { IGetPrivateKeyData, IGetPublicKeyData, IGetZkeyFilePathsData } fro import { ErrorCodes } from "../common"; +/** + * Internal storage structure type. + * named: keys can be queried by name + */ +type TStorage = Record; + /** * FileService is responsible for working with local files like: * 1. RSA public/private keys @@ -19,11 +27,46 @@ export class FileService { */ private readonly logger: Logger; + /** + * Json file database instance + */ + private db: low.LowdbSync; + /** * Initialize service */ constructor() { this.logger = new Logger(FileService.name); + this.db = low(new FileSync(path.resolve(__dirname, "..", "..", "./session-keys.json"))); + } + + /** + * Store session key + * + * @param sessionKey - session key + * @param address - key address + */ + storeSessionKey(sessionKey: `0x${string}`, address: string): void { + this.db.set(address, sessionKey).write(); + } + + /** + * Delete session key + * + * @param address - key address + */ + deleteSessionKey(address: string): void { + this.db.unset(address).write(); + } + + /** + * Get session key + * + * @param address - key name + * @returns session key + */ + getSessionKey(address: string): `0x${string}` | undefined { + return this.db.get(address).value() as `0x${string}` | undefined; } /** diff --git a/packages/coordinator/ts/sessionKeys/__tests__/sessionKeys.service.test.ts b/packages/coordinator/ts/sessionKeys/__tests__/sessionKeys.service.test.ts new file mode 100644 index 00000000..6bf1d5fd --- /dev/null +++ b/packages/coordinator/ts/sessionKeys/__tests__/sessionKeys.service.test.ts @@ -0,0 +1,40 @@ +import dotenv from "dotenv"; +import { ZeroAddress } from "ethers"; + +import { CryptoService } from "../../crypto/crypto.service"; +import { FileService } from "../../file/file.service"; +import { SessionKeysService } from "../sessionKeys.service"; + +dotenv.config(); + +describe("DeployerService", () => { + afterEach(() => { + jest.clearAllMocks(); + }); + + const cryptoService = new CryptoService(); + const fileService = new FileService(); + const sessionKeysService = new SessionKeysService(cryptoService, fileService); + + test("should generate and store a session key", () => { + const sessionKeyAddress = sessionKeysService.generateSessionKey(); + expect(sessionKeyAddress).toBeDefined(); + expect(sessionKeyAddress).not.toEqual(ZeroAddress); + + const sessionKey = fileService.getSessionKey(sessionKeyAddress.sessionKeyAddress); + expect(sessionKey).toBeDefined(); + }); + + test("should delete a session key", () => { + const sessionKeyAddress = sessionKeysService.generateSessionKey(); + expect(sessionKeyAddress).toBeDefined(); + expect(sessionKeyAddress).not.toEqual(ZeroAddress); + + const sessionKey = fileService.getSessionKey(sessionKeyAddress.sessionKeyAddress); + expect(sessionKey).toBeDefined(); + + sessionKeysService.deactivateSessionKey(sessionKeyAddress.sessionKeyAddress); + const sessionKeyDeleted = fileService.getSessionKey(sessionKeyAddress.sessionKeyAddress); + expect(sessionKeyDeleted).toBeUndefined(); + }); +}); diff --git a/packages/coordinator/ts/sessionKeys/__tests__/utils.ts b/packages/coordinator/ts/sessionKeys/__tests__/utils.ts new file mode 100644 index 00000000..56476c7f --- /dev/null +++ b/packages/coordinator/ts/sessionKeys/__tests__/utils.ts @@ -0,0 +1,82 @@ +import { signerToEcdsaValidator } from "@zerodev/ecdsa-validator"; +import { type Policy, serializePermissionAccount, toPermissionValidator } from "@zerodev/permissions"; +import { toTimestampPolicy } from "@zerodev/permissions/policies"; +import { toECDSASigner } from "@zerodev/permissions/signers"; +import { addressToEmptyAccount, createKernelAccount } from "@zerodev/sdk"; +import { KERNEL_V3_1 } from "@zerodev/sdk/constants"; +import { ENTRYPOINT_ADDRESS_V07 } from "permissionless"; +import { createPublicClient, http } from "viem"; +import { generatePrivateKey, privateKeyToAccount } from "viem/accounts"; +import { localhost } from "viem/chains"; + +// use the latest kernel version +const kernelVersion = KERNEL_V3_1; +// we use the most recent entrypoint +const entryPoint = ENTRYPOINT_ADDRESS_V07; + +/** + * Generate a timestamp policy + * @param endTime - The end time of the policy + * @param start - The start time of the policy + * @returns The timestamp policy + */ +export const generateTimestampPolicy = (endTime: number, start?: number): Policy => + toTimestampPolicy({ + validAfter: start, + validUntil: endTime, + }); + +/** + * Mock a session key approval + * @dev This will fail in hardhat with: + * "InvalidEntryPointError: The entry point address + * (`entryPoint` = 0x0000000071727De22E5E9d8BAf0edAc6f37da032) + * is not a valid entry point. getSenderAddress did not revert with + * a SenderAddressResult error." + * + * @param sessionKeyAddress - The address of the session key + * @returns The approval string + */ +export const mockSessionKeyApproval = async (sessionKeyAddress: `0x${string}`): Promise => { + const policies = [generateTimestampPolicy(Math.floor(Date.now() / 1000) + 1000)]; + + const publicClient = createPublicClient({ + chain: localhost, + transport: http(), + }); + + const sessionPrivateKey = generatePrivateKey(); + + const signer = privateKeyToAccount(sessionPrivateKey); + + const ecdsaValidator = await signerToEcdsaValidator(publicClient, { + signer, + entryPoint, + kernelVersion, + }); + + // Create an "empty account" as the signer -- you only need the public + // key (address) to do this. + const emptyAccount = addressToEmptyAccount(sessionKeyAddress); + const emptySessionKeySigner = toECDSASigner({ signer: emptyAccount }); + + const permissionPlugin = await toPermissionValidator(publicClient, { + entryPoint, + kernelVersion, + signer: emptySessionKeySigner, + policies, + }); + + const sessionKeyAccount = await createKernelAccount(publicClient, { + entryPoint, + kernelVersion, + plugins: { + sudo: ecdsaValidator, + regular: permissionPlugin, + }, + }); + + const approval = await serializePermissionAccount(sessionKeyAccount); + + return approval; +}; diff --git a/packages/coordinator/ts/sessionKeys/sessionKeys.controller.ts b/packages/coordinator/ts/sessionKeys/sessionKeys.controller.ts new file mode 100644 index 00000000..664d1c91 --- /dev/null +++ b/packages/coordinator/ts/sessionKeys/sessionKeys.controller.ts @@ -0,0 +1,50 @@ +/* eslint-disable @typescript-eslint/no-shadow */ +import { Controller, Delete, Get, HttpStatus, Param, UseGuards } from "@nestjs/common"; +import { ApiBearerAuth, ApiResponse, ApiTags } from "@nestjs/swagger"; + +import type { IGenerateSessionKeyReturn } from "./types"; + +import { AccountSignatureGuard } from "../auth/AccountSignatureGuard.service"; + +import { SessionKeysService } from "./sessionKeys.service"; + +@ApiTags("v1/session-keys") +@ApiBearerAuth() +@Controller("v1/session-keys") +@UseGuards(AccountSignatureGuard) +export class SessionKeysController { + /** + * Initialize SessionKeysController + * + * @param sessionKeysService - session keys service + */ + constructor(private readonly sessionKeysService: SessionKeysService) {} + + /** + * Generate a session key api method + * + * @param args - generate session key dto + * @returns generated session key address + */ + @ApiResponse({ status: HttpStatus.CREATED, description: "The session key was successfully generated" }) + @ApiResponse({ status: HttpStatus.FORBIDDEN, description: "Forbidden" }) + @ApiResponse({ status: HttpStatus.BAD_REQUEST, description: "BadRequest" }) + @Get("generate") + generateSessionKey(): IGenerateSessionKeyReturn { + return this.sessionKeysService.generateSessionKey(); + } + + /** + * Delete a session key api method + * + * @param args - delete session key dto + * @returns deleted session key address + */ + @ApiResponse({ status: HttpStatus.CREATED, description: "The session key was successfully deactivated" }) + @ApiResponse({ status: HttpStatus.FORBIDDEN, description: "Forbidden" }) + @ApiResponse({ status: HttpStatus.BAD_REQUEST, description: "BadRequest" }) + @Delete(":sessionKeyAddress") + deactivateSessionKey(@Param("sessionKeyAddress") sessionKeyAddress: `0x${string}`): void { + this.sessionKeysService.deactivateSessionKey(sessionKeyAddress); + } +} diff --git a/packages/coordinator/ts/sessionKeys/sessionKeys.module.ts b/packages/coordinator/ts/sessionKeys/sessionKeys.module.ts new file mode 100644 index 00000000..fdc40cb3 --- /dev/null +++ b/packages/coordinator/ts/sessionKeys/sessionKeys.module.ts @@ -0,0 +1,14 @@ +import { Module } from "@nestjs/common"; + +import { CryptoModule } from "../crypto/crypto.module"; +import { FileModule } from "../file/file.module"; + +import { SessionKeysController } from "./sessionKeys.controller"; +import { SessionKeysService } from "./sessionKeys.service"; + +@Module({ + imports: [FileModule, CryptoModule], + controllers: [SessionKeysController], + providers: [SessionKeysService], +}) +export class SessionKeysModule {} diff --git a/packages/coordinator/ts/sessionKeys/sessionKeys.service.ts b/packages/coordinator/ts/sessionKeys/sessionKeys.service.ts new file mode 100644 index 00000000..e9a3d43d --- /dev/null +++ b/packages/coordinator/ts/sessionKeys/sessionKeys.service.ts @@ -0,0 +1,129 @@ +import { Injectable, Logger } from "@nestjs/common"; +import { deserializePermissionAccount } from "@zerodev/permissions"; +import { toECDSASigner } from "@zerodev/permissions/signers"; +import { createKernelAccountClient, KernelAccountClient, KernelSmartAccount } from "@zerodev/sdk"; +import { KERNEL_V3_1 } from "@zerodev/sdk/constants"; +import { ENTRYPOINT_ADDRESS_V07 } from "permissionless"; +import { ENTRYPOINT_ADDRESS_V07_TYPE } from "permissionless/types"; +import { type Chain, createPublicClient, http, HttpTransport, Transport } from "viem"; +import { generatePrivateKey, privateKeyToAccount } from "viem/accounts"; + +import { ErrorCodes } from "../common"; +import { genPimlicoRPCUrl } from "../common/accountAbstraction"; +import { CryptoService } from "../crypto/crypto.service"; +import { FileService } from "../file/file.service"; + +import { IGenerateSessionKeyReturn } from "./types"; + +/** + * SessionKeysService is responsible for generating and managing session keys. + */ +@Injectable() +export class SessionKeysService { + /** + * Logger + */ + private readonly logger: Logger; + + /** + * Create a new instance of DeployerService + * @param fileService + */ + constructor( + private readonly cryptoService: CryptoService, + private readonly fileService: FileService, + ) { + this.fileService = fileService; + this.logger = new Logger(SessionKeysService.name); + } + + /** + * Generate a session key + * + * @returns session key address + */ + generateSessionKey(): IGenerateSessionKeyReturn { + const sessionPrivateKey = generatePrivateKey(); + + const sessionKeySigner = toECDSASigner({ + signer: privateKeyToAccount(sessionPrivateKey), + }); + + const sessionKeyAddress = sessionKeySigner.account.address; + + // save the key + this.fileService.storeSessionKey(sessionPrivateKey, sessionKeyAddress); + + return { + sessionKeyAddress, + }; + } + + /** + * Generate a KernelClient from a session key and an approval + * + * @param sessionKeyAddress - the address of the session key + * @param approval - the approval string + * @param chain - the chain to use + * @returns + */ + async generateClientFromSessionKey( + sessionKeyAddress: `0x${string}`, + encryptedApproval: string, + chain: Chain, + ): Promise< + KernelAccountClient< + ENTRYPOINT_ADDRESS_V07_TYPE, + Transport, + undefined, + KernelSmartAccount + > + > { + // the approval will have been encrypted so we need to decrypt it + const { privateKey } = await this.fileService.getPrivateKey(); + const approval = this.cryptoService.decrypt(privateKey, encryptedApproval); + + // retrieve the session key from the file service + const sessionKey = this.fileService.getSessionKey(sessionKeyAddress); + + if (!sessionKey) { + this.logger.error(`Session key not found: ${sessionKeyAddress}`); + throw new Error(ErrorCodes.SESSION_KEY_NOT_FOUND); + } + + // get the bundler url and create a public client + const bundlerUrl = genPimlicoRPCUrl(chain.name); + const publicClient = createPublicClient({ + transport: http(bundlerUrl), + }); + + // Using a stored private key + const sessionKeySigner = toECDSASigner({ + signer: privateKeyToAccount(sessionKey), + }); + + // deserialize the permission account using approval and session key + const sessionKeyAccount = await deserializePermissionAccount( + publicClient, + ENTRYPOINT_ADDRESS_V07, + KERNEL_V3_1, + approval, + sessionKeySigner, + ); + + return createKernelAccountClient({ + bundlerTransport: http(bundlerUrl), + entryPoint: ENTRYPOINT_ADDRESS_V07, + account: sessionKeyAccount, + }); + } + + /** + * Deactivate a session key + * + * @param sessionKeyAddress - key address + */ + deactivateSessionKey(sessionKeyAddress: `0x${string}`): void { + this.fileService.deleteSessionKey(sessionKeyAddress); + } +} diff --git a/packages/coordinator/ts/sessionKeys/types.ts b/packages/coordinator/ts/sessionKeys/types.ts new file mode 100644 index 00000000..70a69614 --- /dev/null +++ b/packages/coordinator/ts/sessionKeys/types.ts @@ -0,0 +1,9 @@ +/** + * Generate session key return type + */ +export interface IGenerateSessionKeyReturn { + /** + * Session key address + */ + sessionKeyAddress: `0x${string}`; +} diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index d57b289e..3b6d52ec 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -183,6 +183,18 @@ importers: '@nomicfoundation/hardhat-toolbox': specifier: ^5.0.0 version: 5.0.0(qc2x6fg2hvcwib2hi3ibxymkay) + '@zerodev/ecdsa-validator': + specifier: ^5.3.1 + version: 5.3.1(@zerodev/sdk@5.3.9(permissionless@0.1.44(viem@2.19.1(bufferutil@4.0.8)(typescript@5.5.4)(utf-8-validate@5.0.10)(zod@3.22.4)))(viem@2.19.1(bufferutil@4.0.8)(typescript@5.5.4)(utf-8-validate@5.0.10)(zod@3.22.4)))(permissionless@0.1.44(viem@2.19.1(bufferutil@4.0.8)(typescript@5.5.4)(utf-8-validate@5.0.10)(zod@3.22.4)))(viem@2.19.1(bufferutil@4.0.8)(typescript@5.5.4)(utf-8-validate@5.0.10)(zod@3.22.4)) + '@zerodev/permissions': + specifier: ^5.4.3 + version: 5.4.3(@zerodev/sdk@5.3.9(permissionless@0.1.44(viem@2.19.1(bufferutil@4.0.8)(typescript@5.5.4)(utf-8-validate@5.0.10)(zod@3.22.4)))(viem@2.19.1(bufferutil@4.0.8)(typescript@5.5.4)(utf-8-validate@5.0.10)(zod@3.22.4)))(@zerodev/webauthn-key@5.3.1(viem@2.19.1(bufferutil@4.0.8)(typescript@5.5.4)(utf-8-validate@5.0.10)(zod@3.22.4)))(permissionless@0.1.44(viem@2.19.1(bufferutil@4.0.8)(typescript@5.5.4)(utf-8-validate@5.0.10)(zod@3.22.4)))(viem@2.19.1(bufferutil@4.0.8)(typescript@5.5.4)(utf-8-validate@5.0.10)(zod@3.22.4)) + '@zerodev/sdk': + specifier: ^5.3.8 + version: 5.3.9(permissionless@0.1.44(viem@2.19.1(bufferutil@4.0.8)(typescript@5.5.4)(utf-8-validate@5.0.10)(zod@3.22.4)))(viem@2.19.1(bufferutil@4.0.8)(typescript@5.5.4)(utf-8-validate@5.0.10)(zod@3.22.4)) + '@zerodev/session-key': + specifier: ^5.4.2 + version: 5.4.2(@zerodev/sdk@5.3.9(permissionless@0.1.44(viem@2.19.1(bufferutil@4.0.8)(typescript@5.5.4)(utf-8-validate@5.0.10)(zod@3.22.4)))(viem@2.19.1(bufferutil@4.0.8)(typescript@5.5.4)(utf-8-validate@5.0.10)(zod@3.22.4)))(permissionless@0.1.44(viem@2.19.1(bufferutil@4.0.8)(typescript@5.5.4)(utf-8-validate@5.0.10)(zod@3.22.4)))(viem@2.19.1(bufferutil@4.0.8)(typescript@5.5.4)(utf-8-validate@5.0.10)(zod@3.22.4)) class-transformer: specifier: ^0.5.1 version: 0.5.1 @@ -201,6 +213,9 @@ importers: helmet: specifier: ^7.1.0 version: 7.1.0 + lowdb: + specifier: ^1.0.0 + version: 1.0.0 maci-circuits: specifier: ^2.1.0 version: 2.1.0(@types/snarkjs@0.7.8)(bufferutil@4.0.8)(utf-8-validate@5.0.10) @@ -219,6 +234,9 @@ importers: mustache: specifier: ^4.2.0 version: 4.2.0 + permissionless: + specifier: ^0.1.44 + version: 0.1.44(viem@2.19.1(bufferutil@4.0.8)(typescript@5.5.4)(utf-8-validate@5.0.10)(zod@3.22.4)) reflect-metadata: specifier: ^0.2.0 version: 0.2.2 @@ -234,6 +252,9 @@ importers: ts-node: specifier: ^10.9.1 version: 10.9.2(@types/node@20.14.14)(typescript@5.5.4) + viem: + specifier: ^2.7.15 + version: 2.19.1(bufferutil@4.0.8)(typescript@5.5.4)(utf-8-validate@5.0.10)(zod@3.22.4) devDependencies: '@nestjs/cli': specifier: ^10.4.2 @@ -250,6 +271,9 @@ importers: '@types/jest': specifier: ^29.5.2 version: 29.5.12 + '@types/lowdb': + specifier: ^1.0.15 + version: 1.0.15 '@types/node': specifier: ^20.14.11 version: 20.14.14 @@ -3506,6 +3530,19 @@ packages: resolution: {integrity: sha512-8iKx79/F73DKbGfRf7+t4dqrc0bRr0thdPrxAtCKWRm/F0tG71i6O1rvlnScncJLLBZHn3h8M3c1BSUAb9yu8g==} engines: {node: ^16.14.0 || >=18.0.0} + '@simplewebauthn/browser@8.3.7': + resolution: {integrity: sha512-ZtRf+pUEgOCvjrYsbMsJfiHOdKcrSZt2zrAnIIpfmA06r0FxBovFYq0rJ171soZbe13KmWzAoLKjSxVW7KxCdQ==} + + '@simplewebauthn/browser@9.0.1': + resolution: {integrity: sha512-wD2WpbkaEP4170s13/HUxPcAV5y4ZXaKo1TfNklS5zDefPinIgXOpgz1kpEvobAsaLPa2KeH7AKKX/od1mrBJw==} + + '@simplewebauthn/types@9.0.1': + resolution: {integrity: sha512-tGSRP1QvsAvsJmnOlRQyw/mvK9gnPtjEc5fg2+m8n+QUa+D7rvrKkOYyfpy42GTs90X3RDOnqJgfHt+qO67/+w==} + + '@simplewebauthn/typescript-types@8.3.4': + resolution: {integrity: sha512-38xtca0OqfRVNloKBrFB5LEM6PN5vzFbJG6rAutPVrtGHFYxPdiV3btYWq0eAZAZmP+dqFPYJxJWeJrGfmYHng==} + deprecated: This package has been renamed to @simplewebauthn/types. Please install @simplewebauthn/types instead to ensure you receive future updates. + '@sinclair/typebox@0.27.8': resolution: {integrity: sha512-+Fj43pSMwJs4KRrH/938Uf+uAELIgVBmQzg/q1YG10djyfA3TnrU8N8XzqCh/okZdszqBQTZf96idMfE5lnwTA==} @@ -4431,6 +4468,39 @@ packages: resolution: {integrity: sha512-aiATs7pSutzda/rq8fnuPwTglyVwjM22bNnK2ZgjrpAjQHSSl3lztd2f9evst1W/qnC58DRz7T7QndUDumAR4Q==} engines: {node: '>=14.15.0'} + '@zerodev/ecdsa-validator@5.3.1': + resolution: {integrity: sha512-4xg/uBgjQLyO5GoE9TkQqO7HRwSPVbchd6UXit+R3excN1fC27k7UcjLmm5rTrM2JxbgncIodGcNQMxYKNejsA==} + peerDependencies: + '@zerodev/sdk': ^5.2.1 + permissionless: ^0.1.18 + viem: ^2.16.3 + + '@zerodev/permissions@5.4.3': + resolution: {integrity: sha512-rC5npYPRQO8lwhMXO6h2MXO3DGgRSDqAEVh9E2pRnlYPhaMDHRVd+nPqLIsx1OubRT0jSXrPFTQJd2MqeKcJ6w==} + peerDependencies: + '@zerodev/sdk': ^5.2.13 + '@zerodev/webauthn-key': ^5.3.0 + permissionless: ^0.1.18 + viem: ^2.16.3 + + '@zerodev/sdk@5.3.9': + resolution: {integrity: sha512-5SEgVTV8RFNp8sXdP8ew7MFhTXVunKn7X2jEOnEMN4+BKxN5V794VNk1hHdBaYCRhcRLlyxjlp4f1wrLhbNQqw==} + peerDependencies: + permissionless: ^0.1.18 + viem: ^2.16.3 + + '@zerodev/session-key@5.4.2': + resolution: {integrity: sha512-/u2/m2BFEe2L3GAIs6DaTfFJVRufnVMZlr+0F3J6GEXNqW3cSM0JcO2jetgFRRGF9Ir6MGnPzgUME3JPNtK9TA==} + peerDependencies: + '@zerodev/sdk': ^5.2.1 + permissionless: ^0.1.18 + viem: ^2.16.3 + + '@zerodev/webauthn-key@5.3.1': + resolution: {integrity: sha512-8s/gdKppXgh15wrER50nAIhaD/QTEwecN288RbXI+TWVmdwzuLOpbMuzfgBvisfiE1kNJlfYEl9qos7aKm6EkQ==} + peerDependencies: + viem: ^2.16.3 + '@zk-kit/artifacts@1.8.0': resolution: {integrity: sha512-G2rQ1BxYt9CuVyU4Egc4ceSLLWx9BRrtFGZWS0RWwHhAMfSV/Fq9Qz6OX02leFzTbi7Tr3bTP6DgDSqr28OQnw==} @@ -5022,6 +5092,9 @@ packages: big.js@5.2.2: resolution: {integrity: sha512-vyL2OymJxmarO8gxMr0mhChsO9QGwhynfuu4+MHTAW6czfq9humCB7rKpUjDd9YUiDPU4mzpyupFSvOClAwbmQ==} + bignumber.js@9.1.2: + resolution: {integrity: sha512-2/mKyZH9K85bzOEfhXDBFZTGd1CTs+5IHpeFQo9luiBG7hghdC851Pj2WAhb6E3R6b9tZj/XKhbg4fum+Kepug==} + bin-links@4.0.4: resolution: {integrity: sha512-cMtq4W5ZsEwcutJrVId+a/tjt8GSbS+h0oNkdl6+6rBuEv8Ot33Bevj5KPm40t309zuhVic8NjpuL42QCiJWWA==} engines: {node: ^14.17.0 || ^16.13.0 || >=18.0.0} @@ -5154,6 +5227,9 @@ packages: buffer-from@1.1.2: resolution: {integrity: sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ==} + buffer-reverse@1.0.1: + resolution: {integrity: sha512-M87YIUBsZ6N924W57vDwT/aOu8hw7ZgdByz6ijksLjmHJELBASmYTTlNHRgjE+pTsT9oJXGaDSgqqwfdHotDUg==} + buffer-xor@1.0.3: resolution: {integrity: sha512-571s0T7nZWK6vB67HI5dyUF7wXiNcfaPPPTl6zYCNApANjIvYJTg7hlud/+cJpdAhS7dVzqMLmfhfHR3rAcOjQ==} @@ -5890,6 +5966,9 @@ packages: crypt@0.0.2: resolution: {integrity: sha512-mCxBlsHFYh9C+HVpiEacem8FEBnMXgU9gy4zmNC+SXAZNB/1idgp/aulFJ4FgCi7GPEVbfyng092GqL2k2rmow==} + crypto-js@4.2.0: + resolution: {integrity: sha512-KALDyEYgpY+Rlob/iriUtjV6d5Eq+Y191A5g4UqLAi8CyGP9N1+FdVbkc1SxKc2r4YAYqG8JzO2KGL+AizD70Q==} + css-in-js-utils@3.1.0: resolution: {integrity: sha512-fJAcud6B3rRu+KHYk+Bwf+WFL2MDCJJ1XG9x137tJQ0xYxor7XziQtuGFbWNdqrvF4Tk26O3H73nfVqXt/fW1A==} @@ -9328,6 +9407,10 @@ packages: merge@2.1.1: resolution: {integrity: sha512-jz+Cfrg9GWOZbQAnDQ4hlVnQky+341Yk5ru8bZSe6sIDTCIg8n9i/u7hSQGSVOF3C7lH6mGtqjkiT9G4wFLL0w==} + merkletreejs@0.3.11: + resolution: {integrity: sha512-LJKTl4iVNTndhL+3Uz/tfkjD0klIWsHlUzgtuNnNrsf7bAlXR30m+xYB7lHr5Z/l6e/yAIsr26Dabx6Buo4VGQ==} + engines: {node: '>= 7.6.0'} + methods@1.1.2: resolution: {integrity: sha512-iclAHeNqNm68zFtnZ0e+1L2yUIdvzNoauKU4WBA3VvH/vPFieF7qfRlwUZU+DA9P9bPXIS90ulxoUoCH23sV2w==} engines: {node: '>= 0.6'} @@ -10378,6 +10461,11 @@ packages: performance-now@2.1.0: resolution: {integrity: sha512-7EAHlyLHI56VEIdK57uwHdHKIaAGbnXPiw0yWbarQZOKaKpvUIgW0jWRVLiatnM+XXlSwsanIBH/hzGMJulMow==} + permissionless@0.1.44: + resolution: {integrity: sha512-NQBATmG4Fp3Zqy1IjjBihfp2huV6sTzUUzZzuSQ7xBnRNABOyIm8d+q76gy2B0LnFfu47RA/aW+fNfZjnbzl4Q==} + peerDependencies: + viem: '>=2.14.1 <2.18.0' + picocolors@1.0.1: resolution: {integrity: sha512-anP1Z8qwhkbmu7MFP5iTt+wQKXgwzf7zTyGlcdzabySa9vd0Xt392U0rVmz9poOaBj0uHJKyyo9/upk0HrEQew==} @@ -12144,6 +12232,10 @@ packages: resolution: {integrity: sha512-L0Orpi8qGpRG//Nd+H90vFB+3iHnue1zSSGmNOOCh1GLJ7rUKVwV2HvijphGQS2UmhUZewS9VgvxYIdgr+fG1A==} hasBin: true + treeify@1.1.0: + resolution: {integrity: sha512-1m4RA7xVAJrSGrrXGs0L3YTwyvBs2S8PbRHaLZAkFw7JR8oIFwYtysxlBZhYIa7xSyiYJKZ3iGrrk55cGA3i9A==} + engines: {node: '>=0.6'} + treeverse@3.0.0: resolution: {integrity: sha512-gcANaAnd2QDZFmHFEOF4k7uc1J/6a6z3DJMd/QwEyxLoKGiptJRwid582r7QIsFlFMIZ3SnxfS52S4hm2DHkuQ==} engines: {node: ^14.17.0 || ^16.13.0 || >=18.0.0} @@ -17559,6 +17651,18 @@ snapshots: '@sigstore/core': 1.1.0 '@sigstore/protobuf-specs': 0.3.2 + '@simplewebauthn/browser@8.3.7': + dependencies: + '@simplewebauthn/typescript-types': 8.3.4 + + '@simplewebauthn/browser@9.0.1': + dependencies: + '@simplewebauthn/types': 9.0.1 + + '@simplewebauthn/types@9.0.1': {} + + '@simplewebauthn/typescript-types@8.3.4': {} + '@sinclair/typebox@0.27.8': {} '@sindresorhus/is@0.7.0': {} @@ -18990,6 +19094,40 @@ snapshots: js-yaml: 3.14.1 tslib: 2.6.3 + '@zerodev/ecdsa-validator@5.3.1(@zerodev/sdk@5.3.9(permissionless@0.1.44(viem@2.19.1(bufferutil@4.0.8)(typescript@5.5.4)(utf-8-validate@5.0.10)(zod@3.22.4)))(viem@2.19.1(bufferutil@4.0.8)(typescript@5.5.4)(utf-8-validate@5.0.10)(zod@3.22.4)))(permissionless@0.1.44(viem@2.19.1(bufferutil@4.0.8)(typescript@5.5.4)(utf-8-validate@5.0.10)(zod@3.22.4)))(viem@2.19.1(bufferutil@4.0.8)(typescript@5.5.4)(utf-8-validate@5.0.10)(zod@3.22.4))': + dependencies: + '@zerodev/sdk': 5.3.9(permissionless@0.1.44(viem@2.19.1(bufferutil@4.0.8)(typescript@5.5.4)(utf-8-validate@5.0.10)(zod@3.22.4)))(viem@2.19.1(bufferutil@4.0.8)(typescript@5.5.4)(utf-8-validate@5.0.10)(zod@3.22.4)) + permissionless: 0.1.44(viem@2.19.1(bufferutil@4.0.8)(typescript@5.5.4)(utf-8-validate@5.0.10)(zod@3.22.4)) + viem: 2.19.1(bufferutil@4.0.8)(typescript@5.5.4)(utf-8-validate@5.0.10)(zod@3.22.4) + + '@zerodev/permissions@5.4.3(@zerodev/sdk@5.3.9(permissionless@0.1.44(viem@2.19.1(bufferutil@4.0.8)(typescript@5.5.4)(utf-8-validate@5.0.10)(zod@3.22.4)))(viem@2.19.1(bufferutil@4.0.8)(typescript@5.5.4)(utf-8-validate@5.0.10)(zod@3.22.4)))(@zerodev/webauthn-key@5.3.1(viem@2.19.1(bufferutil@4.0.8)(typescript@5.5.4)(utf-8-validate@5.0.10)(zod@3.22.4)))(permissionless@0.1.44(viem@2.19.1(bufferutil@4.0.8)(typescript@5.5.4)(utf-8-validate@5.0.10)(zod@3.22.4)))(viem@2.19.1(bufferutil@4.0.8)(typescript@5.5.4)(utf-8-validate@5.0.10)(zod@3.22.4))': + dependencies: + '@simplewebauthn/browser': 9.0.1 + '@zerodev/sdk': 5.3.9(permissionless@0.1.44(viem@2.19.1(bufferutil@4.0.8)(typescript@5.5.4)(utf-8-validate@5.0.10)(zod@3.22.4)))(viem@2.19.1(bufferutil@4.0.8)(typescript@5.5.4)(utf-8-validate@5.0.10)(zod@3.22.4)) + '@zerodev/webauthn-key': 5.3.1(viem@2.19.1(bufferutil@4.0.8)(typescript@5.5.4)(utf-8-validate@5.0.10)(zod@3.22.4)) + merkletreejs: 0.3.11 + permissionless: 0.1.44(viem@2.19.1(bufferutil@4.0.8)(typescript@5.5.4)(utf-8-validate@5.0.10)(zod@3.22.4)) + viem: 2.19.1(bufferutil@4.0.8)(typescript@5.5.4)(utf-8-validate@5.0.10)(zod@3.22.4) + + '@zerodev/sdk@5.3.9(permissionless@0.1.44(viem@2.19.1(bufferutil@4.0.8)(typescript@5.5.4)(utf-8-validate@5.0.10)(zod@3.22.4)))(viem@2.19.1(bufferutil@4.0.8)(typescript@5.5.4)(utf-8-validate@5.0.10)(zod@3.22.4))': + dependencies: + permissionless: 0.1.44(viem@2.19.1(bufferutil@4.0.8)(typescript@5.5.4)(utf-8-validate@5.0.10)(zod@3.22.4)) + semver: 7.6.3 + viem: 2.19.1(bufferutil@4.0.8)(typescript@5.5.4)(utf-8-validate@5.0.10)(zod@3.22.4) + + '@zerodev/session-key@5.4.2(@zerodev/sdk@5.3.9(permissionless@0.1.44(viem@2.19.1(bufferutil@4.0.8)(typescript@5.5.4)(utf-8-validate@5.0.10)(zod@3.22.4)))(viem@2.19.1(bufferutil@4.0.8)(typescript@5.5.4)(utf-8-validate@5.0.10)(zod@3.22.4)))(permissionless@0.1.44(viem@2.19.1(bufferutil@4.0.8)(typescript@5.5.4)(utf-8-validate@5.0.10)(zod@3.22.4)))(viem@2.19.1(bufferutil@4.0.8)(typescript@5.5.4)(utf-8-validate@5.0.10)(zod@3.22.4))': + dependencies: + '@zerodev/sdk': 5.3.9(permissionless@0.1.44(viem@2.19.1(bufferutil@4.0.8)(typescript@5.5.4)(utf-8-validate@5.0.10)(zod@3.22.4)))(viem@2.19.1(bufferutil@4.0.8)(typescript@5.5.4)(utf-8-validate@5.0.10)(zod@3.22.4)) + merkletreejs: 0.3.11 + permissionless: 0.1.44(viem@2.19.1(bufferutil@4.0.8)(typescript@5.5.4)(utf-8-validate@5.0.10)(zod@3.22.4)) + viem: 2.19.1(bufferutil@4.0.8)(typescript@5.5.4)(utf-8-validate@5.0.10)(zod@3.22.4) + + '@zerodev/webauthn-key@5.3.1(viem@2.19.1(bufferutil@4.0.8)(typescript@5.5.4)(utf-8-validate@5.0.10)(zod@3.22.4))': + dependencies: + '@noble/curves': 1.4.2 + '@simplewebauthn/browser': 8.3.7 + viem: 2.19.1(bufferutil@4.0.8)(typescript@5.5.4)(utf-8-validate@5.0.10)(zod@3.22.4) + '@zk-kit/artifacts@1.8.0': {} '@zk-kit/baby-jubjub@1.0.1': @@ -19647,6 +19785,8 @@ snapshots: big.js@5.2.2: {} + bignumber.js@9.1.2: {} + bin-links@4.0.4: dependencies: cmd-shim: 6.0.3 @@ -19816,6 +19956,8 @@ snapshots: buffer-from@1.1.2: {} + buffer-reverse@1.0.1: {} + buffer-xor@1.0.3: {} buffer@5.7.1: @@ -20628,6 +20770,8 @@ snapshots: crypt@0.0.2: {} + crypto-js@4.2.0: {} + css-in-js-utils@3.1.0: dependencies: hyphenate-style-name: 1.1.0 @@ -20827,10 +20971,6 @@ snapshots: dependencies: ms: 2.0.0 - debug@3.2.7: - dependencies: - ms: 2.1.3 - debug@3.2.7(supports-color@8.1.1): dependencies: ms: 2.1.3 @@ -21068,7 +21208,7 @@ snapshots: docker-modem@1.0.9: dependencies: JSONStream: 1.3.2 - debug: 3.2.7 + debug: 3.2.7(supports-color@8.1.1) readable-stream: 1.0.34 split-ca: 1.0.1 transitivePeerDependencies: @@ -25579,6 +25719,14 @@ snapshots: merge@2.1.1: {} + merkletreejs@0.3.11: + dependencies: + bignumber.js: 9.1.2 + buffer-reverse: 1.0.1 + crypto-js: 4.2.0 + treeify: 1.1.0 + web3-utils: 1.10.4 + methods@1.1.2: {} metro-babel-transformer@0.80.9: @@ -26933,6 +27081,10 @@ snapshots: performance-now@2.1.0: {} + permissionless@0.1.44(viem@2.19.1(bufferutil@4.0.8)(typescript@5.5.4)(utf-8-validate@5.0.10)(zod@3.22.4)): + dependencies: + viem: 2.19.1(bufferutil@4.0.8)(typescript@5.5.4)(utf-8-validate@5.0.10)(zod@3.22.4) + picocolors@1.0.1: {} picomatch@2.3.1: {} @@ -28998,6 +29150,8 @@ snapshots: tree-kill@1.2.2: {} + treeify@1.1.0: {} + treeverse@3.0.0: {} trim-lines@3.0.1: {} @@ -29681,7 +29835,7 @@ snapshots: webauthn-p256@0.0.5: dependencies: - '@noble/curves': 1.4.0 + '@noble/curves': 1.4.2 '@noble/hashes': 1.4.0 webcrypto-core@1.8.0: